2/25/2021 February 26, 2021February 26, 2021 ~ The Cyber Beat ~ Leave a comment Microsoft Failed to Shore up Defenses That Could Have Limited SolarWinds Hack: U.S. SenatorMicrosoft Shares CodeQL Queries to Scan Code for SolarWinds-Like ImplantsAmazon’s Lack of Public Disclosure on SolarWinds Hack Angers LawmakersNorth Korean Hackers Target Defense Industry With Custom MalwareChinese Hackers Using Firefox Extension to Spy On Tibetan OrganizationsDHS Secretary Mayorkas Announces New Initiative to Fight ‘Epidemic’ of CyberattacksFrench Minister: Mafia-Type Gangs Likely Behind Cyber Attacks on HospitalsInsider Cloud Data Theft Plagues Healthcare SectorIraqi MP Suffers Online ExtortionFacebook Takes Out Myanmar Military After Bloody CoupKrebs: How $100M in Jobless Claims Went to InmatesByteDance Agrees to $92 Million Privacy Settlement With U.S. TikTok TeensSteris Touted as Latest Accellion Hack VictimDutch Research Council (NWO) Confirms Ransomware Attack, Data LeakGore Medical Management (GA) Has 79,100 Patients’ Data on Unauthorized ComputerFBI, State Police Probing Cyber Hack on Saginaw (MI) Township SchoolsRansomware Attack: Network Outage Forces Affton School District (MO) to VirtualStudents’ Information Compromised by Data Breach at Harvard Business SchoolRMIT University (Australia) Races to Recover From Cyber Attack Before Students ReturnFlorida Studio Theatre Endures Ransomware AttackBengal Health Website Leaks 8 Million COVID-19 Test ResultsOxford University Says Research Not Affected After Expert Flags COVID Lab HackMalicious Mozilla Firefox Extension Allows Gmail Takeover
2/24/2021 February 25, 2021February 25, 2021 ~ The Cyber Beat ~ Leave a comment Ukraine Says Russian Hackers Attack Web-Based State Document SystemCrowdStrike Slams Microsoft Over SolarWinds Hack…NASA and the FAA Were Also Breached by the SolarWinds Hackers…More SolarWinds Hack Victims Yet to Be Publicly Identified, Tech Executives SayCongress Looks Towards New Data Breach Laws as Russian Hack Scope Remains UnknownBiden Signs Supply Chain Order After ‘Positive’ Meeting With LawmakersBiden CIA Pick Pledges to Confront China if Confirmed, Speak ‘Truth to Power’Tax Season Ushers in Quickbooks Data-Theft SpikeMicrosoft Lures Populate Half of Credential-Swiping Phishing EmailsPoor Remote Working Behaviors and Procedures Putting Orgs at RiskKroger Data Breach Highlights Urgent Need to Replace Legacy, End-of-Life ToolsUniversities Face Double Threat of Ransomware, Data BreachesGoogle Funds Linux Maintainers to Boost Linux Kernel SecurityIT Security Firm Kaseya Acquires SOC Platform RocketCyberMedical Data of 500,000 French Residents Leaked OnlineFive Eyes Members Warn of Accellion FTA Extortion AttacksClop Ransomware Gang Extorts Jet Maker Bombardier After Accellion BreachCyberpunk 2077 Patch 1.2 Delayed by CD Projekt Ransomware AttackLazyScripter Hackers Target Airlines With Remote Access TrojansAround 45k Patients Impacted in Covenant Healthcare Data Breach (MI)Kentucky Unemployment Office Warns of Potential Cyber-AttackCobb Schools (GA) Code Red Alert Investigated as Cyber AttackNvidia’s Anti-Cryptomining GPU Chip May Not Discourage AttacksHeavily Used Node.js Package Has a Code Injection VulnerabilityMozilla Patches Bugs in Firefox, Now Blocks Cross-Site Cookie TrackingVMWare Patches Critical RCE Flaw in vCenter ServerCisco Fixes Maximum Severity MSO Auth Bypass Vulnerability
2/23/2021 February 24, 2021February 24, 2021 ~ The Cyber Beat ~ Leave a comment Microsoft President: The Only Reason We Know About SolarWinds Hack Is Because FireEye Told Us…SolarWinds, Microsoft, FireEye, CrowdStrike Defend Actions in Major Hack – U.S. Senate Hearing…Tech Executives Call for Improved Public-Private Coordination After SolarWinds Hack…Biden Administration to Respond to Russian Hacking, Poisoning in ‘Weeks Not Months’Vietnam APT32 State Hackers Target Human Rights Defenders With SpywareKrebs: Checkout Skimmers Powered by Chip CardsShadow Attacks Let Attackers Replace Content in Digitally Signed PDFsExperts Find a Way to Learn What You’re Typing During Video CallsTwitter Removes Accounts of Russian Government-Backed ActorsFacebook to Restore Australia News, Pay Media Companies in Compromise With LawmakersLouisiana College Cyber-Thief SentencedFinnish IT Giant TietoEVRY Hit with Ransomware AttackFilipino Credit App Cashalo Suffers Data BreachClubhouse Confirms Data Spillage of Its Audio Streams10K Microsoft Email Users Hit in FedEx Phishing AttackClop Ransomware Gang Leaks Possible Stolen Bombardier Blueprints of GlobalEye Radar Snoop JetFlorida Man Discovers Personal Information on the Side of RoadJamaica’s Amber Group Fixes Second JamCOVID Security LapseFlash Version Distributed in China After EOL Is Installing AdwareVMware Warns of Critical Remote Code Execution Flaw in vSphere HTML5 ClientIBM Squashes Critical Remote Code-Execution FlawKeybase Patches Bug That Kept Pictures in Cleartext Storage on Mac, Windows ClientsGoogle Adds Password Checkup Support to Android Autofill
2/22/2021 February 23, 2021February 23, 2021 ~ The Cyber Beat ~ Leave a comment Chinese Spyware Code Was Copied From America’s NSA: ResearchersUkraine Accuses Russian Networks of New Massive Cyber AttacksDHS Announces New Measures to Boost Nation’s CybersecurityU.S. House Committees to Hold Feb 26 Hearing on ‘SolarWinds’ HackTexas Electric Company Warns of Scammers Threatening to Cut PowerToledo Public School Students Seeing Effects of Last Year’s Massive Data BreachGoogle Lifting Ban on Political Ads Instituted After Capitol RiotsWatchdog Questions Legality of Using Cellphone Data Without WarrantsFormer Employee Behind Earthquakes Stadium HackFrench Boat Maker Beneteau to Suspend Some Production After CyberattackSilicon Valley VC Firm Sequoia Capital PhishedBBC Reports Theft of 105 Electrical DevicesServiceNow Admin Credentials Exposed in Cloud Security BlunderAssume Clubhouse Conversations Are Being Recorded, Researchers WarnPowerhouse VPN Products Can Be Abused for Large-Scale DDoS AttacksAccellion FTA Zero-Day Attacks Show Ties to Clop Ransomware, FIN11Stored XSS Bug in Apple iCloud Domain Disclosed by Bug Bounty HunterSHAREit Fixes Security Bugs in App With 1 Billion Downloads
2/19-21/2021 February 22, 2021February 23, 2021 ~ The Cyber Beat ~ Leave a comment Biden Calls for Creating ‘Rules’ on Cyber, Tech to Combat China and Russia ThreatsKrebs: Mexican Politician Removed Over Alleged Ties to Romanian ATM Skimmer GangNorthern Ireland Customers Warned Over ‘Royal Mail’ Scam MessagesGoogle Alerts Abused to Push Fake Adobe Flash UpdaterCIS Now Offers Free Ransomware Protection to All U.S. HospitalsMicrosoft Edge Is Crowdsourcing Whether to Show Notification PromptsSonicWall Releases Additional Update for SMA 100 VulnerabilityTim Berners-Lee Says Australian Law Would Make Internet ‘Unworkable’EU Decision Frees U.K. to Handle Europeans’ Personal DataKaspersky: Decline in DDoS Attacks Linked to Surge in Cryptocurrency Value…Crypto Price Surge Invites a Torrent of Crypto CrimeTech Industry Is Looking to Replace the Smartphone — What Will Apple Come up With?Hungary Says Vaccine Registration Website Under Cyber AttackKroger Data Breach Exposes Pharmacy and Employee Data (Accellion Vuln)Underwriters Laboratories (UL) Certification Giant Hit by RansomwareMore U.S. Cities Disclose Data Breaches after AFTS’s Ransomware AttackYuba County (CA) Focuses on Recovery After Ransomware AttackKia Denies Ransomware AttackParents Alerted to NurseryCam Security BreachNew Hack Lets Attackers Bypass MasterCard PIN by Using Them As Visa CardNew Silver Sparrow Malware Found on 30,000 Macs Has Security Pros StumpedPrivacy Bug in Brave Browser Exposes Dark-Web Browsing History of Its UsersRecently Fixed Windows Zero-Day Actively Exploited Since Mid-2020Chrome for iOS Will Let You Lock Incognito Mode With Face ID
2/18/2021 February 19, 2021February 19, 2021 ~ The Cyber Beat ~ Leave a comment SolarWinds Hackers Studied Microsoft Source Code for Authentication and Email…White House Now Says 100 Companies Hit by SolarWinds Hack, but More May Be Impacted…Senate Intelligence Panel to Hold Hearing on SolarWinds Breach Next WeekCongress Faces News Showdown With Facebook, GoogleStates Push Internet Privacy Rules in Lieu of Federal Standards Op-Ed: Hackers Are Targeting COVID-19 Vaccinations. Here’s How to Stop ThemFBI: Telephony Denial-of-Service Attacks Can Lead to Loss of LivesApple Adds ‘BlastDoor’ Security Feature to Fight iMessage Hacks…Apple Outlines 2021 Security, Privacy RoadmapIBM Explores Sale of IBM Watson HealthSoftware Firm Owner Admits Fraud and CSAM PossessionU.S. Jails Celebrated Nigerian Entrepreneur for Cyber-FraudRIPE NCC Internet Registry Discloses SSO Credential Stuffing Attack34,000 Patients Potentially Impacted by Grand River Medical Group (IA) Data BreachCalifornia DMV Halts Data Transfers After Vendor Breach (AFTS)Cryptopia Got Hacked While in Liquidation Due to a Hack‘Secure’ Daycare Video Monitoring Product Beamed DVR Admin Creds to All UsersHackers Abuse Google Apps Script to Steal Credit Cards, Bypass CSPHalf of Apps Contain at Least One Serious Exploitable VulnerabilityMac Malware Targets Apple’s In-House M1 ProcessorU.S. Shares Info on North Korean Malware Used to Steal CryptocurrencySDK Bug Lets Attackers Spy on User’s Video Calls Across Dating, Healthcare AppsExploit Details Emerge for Unpatched Microsoft Bug
2/17/2021 February 18, 2021February 18, 2021 ~ The Cyber Beat ~ Leave a comment U.S. Says Threat Posed by North Korea Cyber Activity Part of Policy Review…Krebs: U.S. Indicts North Korean Hackers in Theft of $200 MillionBiden to Take ‘Executive Action’ to Address SolarWinds Breach…White House Cyber Adviser Says It Will Take Months to Investigate Russian HackSenate Intel Leader Demands Answers on Florida Water Treatment Center BreachStolen Jones Day Law Firm Files Posted on Dark Web…Jones Day Denies Network BreachChina Requiring Bloggers to Obtain Government CredentialsFacebook to Restrict News Content in Australia in Response to Proposed LawBlack and LGBT Edinburgh University students attacked in Zoom meetingRising Healthcare Breaches Driven by Hacking and Unsecured ServersPhishing: These Are the Tricks Crooks Use to Make You Open Malware Email AttachmentsKia Motors America Suffers Ransomware Attack, $20 Million RansomJamaica’s Immigration Website Exposed Thousands of Travelers’ Data15,600 Patients’ Health Info Exposed in Ransomware Attack on Granite Wellness Centers (CA)Reliant Federal Credit Union (WY) Reports Data BreachECU Suffering Customer Dissatisfaction as Confusion Reigns Over Cyber AttackRussian Sandworm Hackers Only Hit Orgs With Old Centreon SoftwareResearchers Unmask Hackers Behind APOMacroSploit Malware BuilderWindows, Linux Devices Hijacked In Two-Year WatchDog Cryptojacking CampaignMasslogger Swipes Microsoft Outlook, Google Chrome CredentialsAgora SDK Bug Left Several Video Calling Apps Vulnerable to SnoopingNinja Forms WordPress Plugin Bug Opens Websites to HacksQNAP Patches Critical Vulnerability in Surveillance Station NAS App
2/16/2021 February 17, 2021February 17, 2021 ~ The Cyber Beat ~ Leave a comment North Korea Accused of Hacking Pfizer for COVID-19 Vaccine DataHacker Claims to Have Stolen Files Belonging to Prominent Law Firm Jones Day – Firm Has Ties with TrumpSpace Force Starts Transitioning Cybersecurity Professionals Into Its RanksIndustry Groups Urge Congress to Include Cybersecurity Funding in Coronavirus Relief PackageFirms Patch Greater Number of Systems, but Still SlowlyUnder Attack: Hosting & Internet Service ProvidersTikTok Hit With European Regulatory Complaints Over Child Safety, Data PrivacyChina Blocked Jack Ma’s Ant IPO After Investigation Revealed Likely BeneficiariesParler Announces Official Relaunch, Says It Is Back OnlineMicrosoft Edge Is Getting a New Child-Friendly Kids ModeLet’s Encrypt Gears Up to Replace 200M Certificates a DayLastPass to Limit Fans of Free Password Manager to One Device Type Only – Computer or MobileKia Motors America Experiences Massive IT Outage across the U.S.Omnicom Media Group Reportedly Falls Prey to Cyber AttackHoffman Construction Shores up Its Defense Systems After Employee Healthcare Data BreachStudent Data Breached in Cyber Attack on Simon Fraser University (BC)Lakehead University (ON) Victim of Cyber AttackFrench IT Monitoring Firm Centreon Says No Customers Affected by Hacking CampaignMalvertisers Exploited Browser Zero-Day to Redirect Users to ScamsUnpatched Android App SHAREit with 1 Billion Downloads Threatens Spying, MalwareMisconfigured Baby Monitors Allow Unauthorized ViewingMicrosoft Pulls Bad Windows Update After Patch Tuesday HeadachesWindows 10 Secure Boot Update Triggers BitLocker Key RecoveryMicrosoft Releases Azure Firewall Premium in Public Preview
2/15/2021 February 16, 2021February 16, 2021 ~ The Cyber Beat ~ Leave a comment Langevin Hopeful New Armed Services Panel Will Shine New Spotlight on CybersecurityMicrosoft: SolarWinds Attack Took More Than 1,000 Engineers to CreateFrench IT Monitoring Company Centreon’s Software Targeted by Russian ‘Sandworm’ Hackers: Cyber AgencyMercedes Issues eCall RecallKrebs: Bluetooth Overlay Skimmer That Blocks ChipThis Phishing Email Promises You a Bonus, but Actually Delivers This Windows Trojan MalwareWorkforce Opportunity Services Hits the Cybersecurity Skills Gap Head-OnCyberattack on Dutch Research Council (NWO) Suspends Research GrantsDDoS Attack Takes Down EXMO Cryptocurrency Exchange ServersDax-Côte d’Argent Hospital in France Hit by Ransomware AttackRecent Campbell County Health (WY) Data Breach Affects 900 PatientsApple Will Proxy Safe Browsing Requests to Hide iOS Users’ IP From GoogleMicrosoft Will Alert Office 365 Admins of Forms Phishing Attempts
2/12-14/2021 February 15, 2021February 15, 2021 ~ The Cyber Beat ~ Leave a comment Facebook Meets Apple in Clash of the Tech Titans—‘We Need to Inflict Pain’Microsoft President: SolarWinds Hack Was ‘Largest and Most Sophisticated Attack’ EverSolarWinds: How They Did ItCopycats Imitate Novel Supply Chain Attack That Hit Tech Giants‘Annoyingly Believable’ Tax Scam Targets Mobile Users…Scammers Target U.S. Tax Pros in Ongoing IRS Phishing AttacksIt Can Happen to You: Kansas Teen Loses Everything in Ransomware AttackThree Charged Over Fraudulent Vaccine WebsiteEgregor Ransomware Members Arrested by Ukrainian, French PoliceYears Later, Bloomberg Doubles Down on Disputed Supermicro Supply Chain Hack StoryPro-India Hackers Use Android Spyware to Spy on Pakistani MilitarymHealth Apps Expose Millions to CyberattacksYandex Data Breach Exposes 4K+ Email AccountsCanadian Discount Car and Truck Rentals Hit by DarkSide RansomwareBig Huge Games Hit By Cyber AttackFBI Investigating After Cyber Attack on Central Piedmont Community College (NC)CD Projekt’s Stolen Source Code Allegedly Sold by Ransomware GangSecret Chat in Telegram Left Self-Destructing Media Files On DevicesGoogle Chrome, Microsoft Edge Getting This Intel Security Feature
2/11/2021 February 11, 2021February 11, 2021 ~ The Cyber Beat ~ Leave a comment White House Names Anne Neuberger to Lead Response to SolarWinds HackBiden to Sign Executive Order Addressing Chip ShortageLawmakers Introduce Bipartisan Bill to Allow for Increased Use of Internet-Connected DevicesMilitary, Nuclear Entities Under Target By Novel Android MalwareU.N. Members Plan New Cyber Group as States Suffer Large-Scale HacksIllinois Is State Hit Hardest by CybercrimeHackers Ask Only $1,500 for Access to Breached Company NetworksPre-Valentine’s Day Malware Attack Mimics Flower, Lingerie StoresIndia Calls Out Twitter for Differential TreatmentFacebook Tries to Seize Websites Set up for Staff Security TrainingSingtel, QIMR Berghofer Report Accellion-Related Data BreachesBannock County (ID) Notifies Citizens of Data BreachVarious Malware Lurks in Discord App to Target GamersTrickBot’s BazarBackdoor Malware Is Now Coded in Nim to Evade AntivirusBuggy WordPress Plugin Exposes 100k Sites to Takeover Attacks12-Year-Old Windows Defender Bug Gives Hackers Admin RightsMicrosoft Warns of an Increasing Number of Web Shell AttacksInternet Explorer 11 Zero-Day Vulnerability Gets a Free MicropatchIntel Fixes Vulnerabilities in Windows, Linux Graphics DriversApax to Acquire Herjavec Group
2/10/2021 February 11, 2021February 11, 2021 ~ The Cyber Beat ~ Leave a comment Biden Holds 1st Call As President With China’s Xi As Trade, Security Issues Loom…TikTok Sale to Oracle, Walmart Is Shelved as Biden Reviews Security…Tencent Executive Held by China Over Links to Corruption CaseBiden Announces U.S. Sanctions against Leaders of Myanmar Military CoupIran Has Started Producing Uranium Metal, in Violation of 2015 Accords, IAEA SaysU.N. Experts Point Finger at North Korea for $281 Million Cyber Theft, KuCoin Likely VictimEuropol: 10 Held for Alleged $100m Cryptocurrency Theft From Celebs, OthersElection Commission Approves New Guidelines to Secure, Update Voting EquipmentU.S. Coast Guard Orders Maritime Facilities to Report SolarWinds BreachesTwitter Complies With Indian Government Orders to Block Hundreds of AccountsHybrid, Older Users Most-Targeted by Gmail AttackersKrebs: What’s Most Interesting About the Florida Water System Hack? That We Heard About It at All.French Health Insurance Co. Mutuelle Nationale des Hospitaliers (MNH) Hit by RansomExxSyracuse University Data Breach Exposes Nearly 10,000 Names, Social Security NumbersBritish Columbia Real Estate Agency Sustains Unusual Ransomware AttackRansomware Group Posts Stolen Chatham County (NC) Health Data OnlineHacker Sets Alleged Auction for Witcher 3, CyberPunk 2077 Source CodeRomance Fraud Surges in Lockdown Following Shift to Online DatingHacker Admits Stealing College Girls’ Nude SnapsFollowing Oldsmar Attack, FBI Warns About Using Teamviewer and Windows 7Raspberry PIs Running Ubuntu Added to IoT Patching Service KernelCareSAP Commerce Critical Security Bug Allows RCEIntel Squashes High-Severity Graphics Driver FlawsMicrosoft Now Forces Secure RPC to Block Windows Zerologon Attacks
2/9/2021 February 10, 2021February 10, 2021 ~ The Cyber Beat ~ Leave a comment Huawei Wants Appeals Court to Overturn FCC’s National Security Ban…CEO Says He’d Welcome Phone Call from Biden in First Remarks on New U.S. PresidentSenators Ask Federal Officials to Designate Leader in ‘Disorganized’ SolarWinds Response…Op-Ed: The SolarWinds Hack Is a Blow: the U.S. Must Prioritize Cybersecurity NowCybersecurity Experts Say Oldsmar Water System Attack Highlights Larger VulnerabilitiesNew BendyBear APT Malware Gets Linked to Chinese Hacking GroupGoogle Expands Election Security Offerings for Federal and State CampaignsOffice 365 Will Help Admins Find Impersonation Attack TargetsHackers Targeted Financial Sector in Mass Extortion CampaignGaming Industry Is Fraudsters’ Prime TargetMicrosoft: Recent Windows 10 Gaming Issues Caused by Discord BugBig Data Is Booming in the U.S., but Other Countries Are Making the RulesKrebs: Arrest, Raids Tied to ‘U-Admin’ Phishing KitCyberpunk 2077 Makers CD Projekt Hit by Ransomware Hack…HelloKitty Ransomware Behind AttackWeb Hosting Provider No Support Linux Hosting Shuts Down After CyberattackHackley Community Care (MI) Notifies Affected Patients of Data BreachKokomo-Howard Public Library (IN) Hit With Ransomware AttackResearcher Hacks Microsoft, Apple, More in Novel Supply Chain AttackAndroid Devices Hunted by LodaRAT Windows MalwareGoogle Play Boots Barcode Scanner App After Ad ExplosionActively Exploited Windows Kernel EoP Bug Allows TakeoverAttackers Exploit Critical Adobe Flaw to Target Windows UsersAdobe Fixes Critical Reader Vulnerability Exploited in the WildApple Fixes SUDO Root Privilege Escalation Flaw in macOSKrebs: Microsoft Patch Tuesday, February 2021 Edition
2/8/2021 February 9, 2021February 9, 2021 ~ The Cyber Beat ~ Leave a comment Iran ‘Hides Spyware in Wallpaper, Restaurant and Games Apps’Hackers Try to Contaminate Florida Town’s Water Supply Through Computer BreachBillions of Passwords Offered for $2 in Cyber-UndergroundEmotet Takedown: Short-Term Celebration, Long-Term ConcernsiPhone 12 Magnet Array Can Disrupt Implantable Medical DevicesFacebook to Take Down Posts With False Claims About VaccinesVirginia Lawmakers Poised to Pass New Rules for Internet PrivacyParalegal’s Pal Admits Outing WitnessesCrypto Fund Founder Pleads Guilty to $100m Fraud SchemeHackers Hit Nebraska Medical Center, U of Nebraska With Malware, Steal Patient and Employee RecordsSeattle-based Automatic Funds Transfer Services Hit With Data BreachEmsisoft Suffers System BreachCannabis Cultivator Cann Group Loses $3.6 Million in Cyber AttackWestRock January Ransomware Attack Hinders Packaging ProductionExperian Investigating Whether Serasa Involved in Brazil Data BreachAndroid App Barcode Scanner Joins the Dark Side, Sends Malware Update to MillionsCritical WordPress Plugin Flaw Allows Site TakeoverMicrosoft to Alert Office 365 Users of Nation-State Hacking Activity
2/5-7/2021 February 8, 2021February 8, 2021 ~ The Cyber Beat ~ Leave a comment Cruz Blocks Vote on Biden Commerce Secretary Nominee Over Huawei ConcernsFormer U.S. Cyber Chief Chris Krebs Calls for Military to Attack HackersIndustrial Networks See Sharp Uptick in Hackable Security HolesFirst Eletrobras, Now Copel Energy Companies Hit by Ransomware AttacksSeveral .LK Domains Crashed Due to Cyber AttackZiggy Ransomware Shuts Down and Releases Victims’ Decryption KeysNew Phishing Attack Uses Morse Code to Hide Malicious URLsDon’t Post Your Coronavirus Vaccination Card Selfie on Social MediaSignal Ignores Proxy Censorship Vulnerability, Bans ResearchersTemporary Restrictions on GameStop, Other Stocks Lifted by RobinhoodSouth Carolina Plans Cyber-EcosystemSitePoint Discloses Data Breach After Stolen Info Used in AttacksSN Servicing Corporation Discloses Ransomware Attack to Multiple StatesHackers Post Patient Medical Records From Florida and Texas Hospital Chains36,000+ UPMC Patients May Have Had Personal Data Accessed Due to BreachWinthrop (MA) Public Schools, Town Offices Targeted in Cyber AttackChrome Users Have Faced 3 Security Concerns Over the Past 24 HoursMicrosoft Warns of Increasing OAuth Office 365 Phishing AttacksUnpatched WordPress Plugin Code-Injection Bug Afflicts 50K SitesFortinet Fixes Critical Vulnerabilities in SSL VPN and Web FirewallMozilla Fixes Windows 10 NTFS Corruption Bug in Firefox‘Cyberpunk 2077’ Update Fixes a Save File Exploit on PC
2/4/2021 February 5, 2021February 5, 2021 ~ The Cyber Beat ~ Leave a comment Biden: U.S. Taking ‘Urgent’ Steps to Improve CybersecurityHouse Democrat Warns Big Tech to ‘Step up in Big Way’ or Risk Section 230 ChangesKrebs: Facebook, Instagram, TikTok and Twitter Target Resellers of Hacked AccountsIsraeli Hackers Breach KKK-Affiliated WebsiteAutomated Tools Increasingly Used to Launch Cyber-AttacksRansomware Attacks Increasingly Destroy Victims’ Data by MistakeHackers Steal StormShield Firewall Source Code in Data BreachHacking Group Also Used an IE Zero-Day Against Security ResearchersClearview AI Raises Disquiet at Privacy RegulatorsData Drought Slows Advance of AI in CybersecurityIBM Announces $3M Cybersecurity Grants for US SchoolsBrazil’s Eletrobras Says Nuclear Unit Hit With CyberattackOxfam Australia Investigates Data Breach After Database Sold OnlineSpotify Suffers Second Credential-Stuffing Cyberattack in 3 MonthsVictor Central School District (NY) Hit with Ransomware AttackWoodland Trust Hit by Cyber Attack in DecemberNespresso Smart Cards Hacked to Provide Infinite CoffeePlex Media Servers Actively Abused to Amplify DDoS AttacksMicrosoft Office 365 Attacks Sparked from Google FirebaseAndroid Devices Prone to Botnet’s DDoS OnslaughtCritical Bugs Found in Popular Realtek Wi-Fi Module for Embedded DevicesGoogle Fixes Chrome Zero-Day Actively Exploited in the Wild
2/3/2021 February 4, 2021February 4, 2021 ~ The Cyber Beat ~ Leave a comment Hackers Lurked in SolarWinds Email System for at Least 9 Months, CEO SaysOp-Ed: The Best Way for Biden to Go on the Cyber CounterattackSolarWinds Orion Bug Allows Easy Remote-Code Execution and TakeoverFederal Cyber Agency Reevaluating Its Role in Countering Election DisinformationParler CEO John Matze Says He’s Been Terminated by Board: ‘I Did Not Participate in This Decision’Myanmar’s New Military Government Bans FacebookTulsa Mayor’s Cyber-stalker JailedOwners of Fertility App Premom Sued Over Non-Consensual Data SharingEscortReviews.com Data Breach Affects 470,000 MembersOver a Dozen Chrome Extensions Caught Hijacking Google Search Results for MillionsNew Malware Hijacks Kubernetes Clusters to Mine MoneroLatest acOS Big Sur Also Has SUDO Root Privilege Escalation FlawMicrosoft Defender ATP Detects Chrome Updates as PHP BackdoorsCisco Fixes Critical Code Execution Bugs in SMB VPN RoutersFive Critical Android Bugs Patched, Part of Feb. Security BulletinSonicWall Fixes Actively Exploited SMA 100 Zero-Day Vulnerability
2/2/2021 February 3, 2021February 3, 2021 ~ The Cyber Beat ~ Leave a comment Suspected Chinese Hackers Used SolarWinds Bug to Spy on U.S. Payroll AgencyU.S. Court System Ditches Electronic Filing, Goes Paper-Only for Sensitive Docs Following SolarWinds HackOfficials Applaud Confirmation of Mayorkas as DHS Secretary for CybersecurityHospitals Suffer New Wave of Hacking AttemptsBabyk Ransomware Won’t Hit Charities, Unless They Support LGBT, BLMRansomware Gangs Made at Least $350 Million in 2020…Average Ransom Payments Declined Last QuarterInterview With a Russian Ransomware CybercriminalKrebs: ‘ValidCC,’ a Major Payment Card Bazaar and Looter of E-Commerce Sites, ShutteredCrypto Crook Hired Steven Seagal to Promote Scam, Now Faces ChargesMedical Researcher Jailed for Selling Secrets to ChinaGoogle Funds Project to Secure Apache Web Server With New Rust ComponentNetgain Ransomware Incident Impacts Local GovernmentsRotterdam (NY) Alerts Residents of Data BreachData on 3.2 Million DriveSure Clients Exposed on Hacking ForumVermont Labor Commissioner Apologizes for Tax Data BreachGoodwin Procter Law Firm Says It Was Hit by Data Breach of VendorBaldwin Wallace University (OH) Was Targeted for Cyber AttackOklahoma State Tourism Department Reports Data Breach, No Social Security, Financial Data CompromisedMagento Web Skimmers Piggyback in Ongoing Costway Website CompromiseTiny Kobalos Malware Bedevils Supercomputers to Steal LoginsAgent Tesla Trojan ‘Kneecaps’ Microsoft’s Anti-Malware InterfaceTrickbot Malware Now Maps Victims’ Networks Using MasscanMicrosoft Defender Now Detects macOS System, App VulnerabilitiesApple Pulls iCloud 12 for Windows 10 With Keychain Sync Feature
2/1/2021 February 2, 2021February 2, 2021 ~ The Cyber Beat ~ Leave a comment Intel Agency Warns of Threats From China Collecting Sensitive U.S. Health Data…May Have Personal Data of 80% of U.S. AdultsEU Aims to Seal Data-Flow Deals With U.S. and BritainU.S. Gov’t: Number of Identity Theft Reports Doubled Last YearScammers Posing as FBI Agents Threaten Targets With Jail TimePhishing Campaign Lures U.S. Businesses With Fake PPP LoansGlobal Gov’t Outsourcer Serco That Runs Part of the UK COVID-19 Test & Trace Program Hit by RansomwareKrebs: UK Arrest in ‘SMS Bandits’ Phishing ServiceGreek Police to Introduce Live Facial Recognition6 Cybersecurity Start-Up Trends to TrackPersonal Data of 1.4 Million Washington Unemployment Claimants Exposed in State Auditor HackWind River Security Incident Affects SSNs, Passport NumbersEuropean Volleyball Org’s Azure Bucket Exposed Reporter PassportsWestlake Police Department (OH) Hit by Ransomware That Made Some Evidence DisappearFlorida Healthy Kids Data Hacked, Dating Back to 2013Alleged Gaming Software Supply-Chain Attack Installs Spyware on NoxPlayerSonicWall SMA 100 Zero-Day Exploit Actively Used in the WildTrickbot Trojan Back from the Dead in New CampaignCritical Libgcrypt Crypto Bug Opens Machines to Arbitrary Code
1/29-31/2021 February 1, 2021February 1, 2021 ~ The Cyber Beat ~ Leave a comment New State Department Cyber Bureau Stirs OppositionLawmakers Grill NSA on Years-Old Breach in the Wake of Massive Russian HackXiaomi Sues U.S. in Bid to Remove Itself From Communist Chinese Military Company ListKrebs: The Taxman Cometh for ID Theft VictimsHome Working Increases Cyber-Security FearsFonix Ransomware Shuts Down and Releases Master Decryption KeyVovalex Is Likely the First Ransomware Written in DHere’s How Law Enforcement’s Emotet Malware Module WorksCisco’s SpamCop Anti-Spam Service Suffers an Outage After Its Domain ExpiredIndustrial Gear at Risk from Fuji Code-Execution BugsCar Makers Seek Ways to Secure Data Needed to Build Connected ServicesMiss England Social Media Accounts Held to Ransom by Cyber-AttackersFacebook Said to Consider Suing Apple Over App Store PracticesRetired Nevada Cyber-Cop Charged with Forgery and BigamyMalicious ‘Home Depot’ Ad Gets Top Spot in Google SearchFlorida Medicaid Website Hacked for 7 Years, Hundreds of Thousands AffectedUK Research and Innovation (UKRI) Suffers Ransomware AttackAsian Delivery Biz Bykea Exposes 400 Million Records in Privacy SnafuPerl.com Domain Stolen, Now Using Ip Address Tied to MalwareWashington State Auditor’s Office Breached in Software ‘Security Incident’Ramsey County (MN) Ransomware Attack Exposes Personal Data of ThousandsLassen Community College (CA) Victim of Cyber Attack; Feather River College Fine Thus FarPoor Password Security at the British Branch of Mensa?New Pro-Ocean Malware Worms Through Apache, Oracle, Redis ServersWordPress Pop-Up Builder Plugin Flaw Plagues 200K SitesMicrosoft 365 Becomes Haven for BEC InnovationWindows Installer Zero-Day Vulnerability Gets Free MicropatchApple iOS 14 Thwarts iMessage Attacks With BlastDoor System