3/30/2021 March 31, 2021March 31, 2021 ~ The Cyber Beat ~ Leave a comment Officials Say Executive Order With ‘a Dozen’ Actions Forthcoming After SolarWinds, Microsoft BreachesYounger Ransomware Victims More Likely to Pay Up‘We Have Your Porn Collection’: The Rise of ExtortionwareBrowser Tracking Protections Won’t Stop Tracking, Warns DuckDuckGoIntel Sued Under Wiretapping Laws for Tracking User Activity on its WebsiteEpic Games Submits Apple Complaint to UK WatchdogU.S. Gov’t Warns That Buying Fake COVID-19 Vaccine Cards Is a CrimeMobiKwik Suffers Major Breach — KYC Data of 3.5 Million Users Exposed…100 Million Records…MobiKwik DeniesWhistleblower: Ubiquiti Breach “Catastrophic” (Krebs)Scammers Target Universities in Ongoing IRS Phishing AttacksMicrosoft Exchange Attacks Increase While WannaCry Gets a RestartVMware Fixes Bug Allowing Attackers to Steal Admin Credentials
3/29/2021 March 30, 2021March 30, 2021 ~ The Cyber Beat ~ Leave a comment SolarWinds Hack Got Emails of Top DHS OfficialsWhite House Weighs ‘Seen and Unseen’ Responses to Major HackCybersecurity Needs a New Alert SystemFormer Google Executive Launches Left-Leaning Tech CoalitionFlaws in Ovarro TBox RTUs Could Open Industrial Systems to Remote AttacksManufacturing Firms Learn Cybersecurity the Hard WayStaff Unable to Access Patient Files After Eastern Health Cyber AttackZiggy Ransomware Admin Is Refunding Victims Their Ransom PaymentsPair of Apex Legends Players Banned for DDoS Server AttacksU.S. Imprisons BEC ScammerHarris Federation School Cyber-Attack Affects 40,000 Pupils’ EmailOil Giant Shell Workers’ Visas Dumped Online in Clop Ransomware Extortion AttemptFatFace Pays $2 Million Ransom to Conti GangWake Forest Baptist Hospital Patients’ Records Exposed in Healthgrades Data BreachDeKalb Schools (GA) Address Data Breach From Vendor PCS Revenue Control Systems…Austin, TX …Polk County, FLPHP Infiltrated with Backdoor MalwareDocker Hub Images Downloaded 20M Times Come With CryptominersHades Ransomware Gang Exhibits Connections to HafniumNew Bugs Could Let Hackers Bypass Spectre Attack Mitigations On Linux SystemsPoland’s CD Projekt Releases Patch for Cyberpunk 2077
3/26-28/2021 March 28, 2021March 28, 2021 ~ The Cyber Beat ~ Leave a comment Russian Hackers Target German Parliament AgainUK ‘Must Be Clear-Eyed’ on China Tech AmbitionsNSA Chief Says Recent Hacks Expose Limits of U.S. Cyber Protections‘Time Is Not on Our Side’ — Biden Navigates Cyber Attacks Without a Cyber CzarKrebs: No, I Did Not Hack Your MS Exchange ServerBurned Out Employees Put Corporate Security at RiskRansomware Gang Urges Victims’ Customers to Demand a Ransom PaymentWarner Presses Zuckerberg to Tackle Vaccine Misinformation on Facebook, Instagram…Parler Says It Alerted FBI to Threats Before Capitol Riot…Trump in Talks With Upstart Apps About New Social NetworkPhished Healthcare Provider Takes Legal Action Against AmazonChannel Nine Cyber-Attack Disrupts Live Broadcasts in AustraliaPossible Cyber Attack Targets U.S. Virgin Islands GovernmentCalviva Health Warns Members of Data BreachTown of Didsbury Victimized by Ransomware AttackBedfordshire: Cyber-Attack Destroys School Pupils’ CourseworkCompuCom MSP Expects Over $20m in Losses After Ransomware AttackFBI Issues Mamba AlertWatch Out! That Android System Update May Contain A Powerful SpywareCritical Netmask Networking Bug Impacts Thousands of ApplicationsApple Releases Emergency Update for iPhones, iPads, and Apple WatchSolarWinds Patches Critical Code Execution Bug in Orion Platform
3/25/2021 March 25, 2021March 25, 2021 ~ The Cyber Beat ~ Leave a comment Cyber Command Chief Says Dozens of Cyber Operations Carried Out to Defend 2020 ElectionsSoftware Vendors Would Have to Disclose Breaches to U.S. Government Users under New Order DraftTrust No One Becomes Mantra After Massive Cyber-AttacksIn Secure Silicon We TrustManufacturing’s Cloud Migration Opens Door to Major Cyber-RiskFleeceware Apps Bank $400M in RevenueEngineer Reports Data Leak to Nonprofit, Hears From the PoliceBackBlaze Mistakenly Shared Backup Metadata With FacebookMicrosoft Offers Up To $30K For Teams BugsDay Before Election: Hacked Details of Millions of Israeli Voters Exposed OnlineInsurance Giant CNA Hit by New Phoenix CryptoLocker RansomwareMobile Anesthesiologists (IL) Tech Misstep Exposes 65,000 Patient FilesQNAP Warns of Ongoing Brute-Force Attacks Against NAS DevicesEvil Corp Switches to Hades Ransomware to Evade SanctionsSevere Vulnerabilities Patched in Facebook for WordPress PluginOpenSSL Shuts Down Two High-Severity Bugs: Flaws Enable Cert Shenanigans, Denial-of-Service AttacksCloudflare Launches Page Shield to Thwart Magecart Card Skimming Attacks
3/24/2021 March 24, 2021March 24, 2021 ~ The Cyber Beat ~ Leave a comment Chinese Hackers Used Facebook to Target Uighurs Abroad, Company SaysProtonVPN CEO Blasts Apple for ‘Aiding Tyrants’ in MyanmarFacebook’s Zuckerberg Proposes Conditional Section 230 ReformsPopular Privacy Extension ClearURLs Removed From Chrome Web StoreGoogle Chrome Will Use HTTPS as Default Navigation ProtocolCOVID-Related Fraud Has Cost Americans $382 MillionRansomware Incidents Continue to Dominate Threat LandscapeResentful Employee Deletes 1,200 Microsoft Office 365 Accounts, Gets PrisonForex Broker Leaks Billions of Customer Records OnlineFatFace: We’ve Been Hacked. Please Don’t Tell AnyoneCity of Frankfort (KY) Has IT Network HackedStudent Data May Be Part of Polk County (FL) Cyber HackSalusCare (FL) Experiences Cyber Attack on Patient, Employee DataActive Exploits Hit WordPress Sites Vulnerable to Thrive Themes FlawsSaltStack Revises Partial Patch for Command Injection, Privilege Escalation VulnerabilityMicrosoft Fixes Windows PSExec Privilege Elevation VulnerabilityCisco Addresses Critical Bug in Windows, macOS Jabber Clients
3/23/2021 March 24, 2021March 24, 2021 ~ The Cyber Beat ~ Leave a comment DHS Cyber Chief Says Hacks Slowed Progress on Public-Private CollaborationDark Web Bursting With COVID-19 Vaccines, Vaccine PassportsMicrosoft Warns of Phishing Attacks Bypassing Email GatewaysMicrosoft: 92% of Exchange Servers Safe From ProxyLogon AttacksRansomware Operators Are Piling on Already Hacked Exchange ServersPrince Harry Is Taking on a New Job Title: Chief Impact Officer at BetterUpSecurity Analysis Clears TikTok of Censorship, Privacy Accusations Parler Co-Founder Sues Company Over His FiringOffice 365 Cyberattack Lands Disgruntled IT Contractor in JailCNA Insurance Firm Hit by a Cyberattack, Operations ImpactedHigh-Availability Server Maker Stratus Hit by RansomwareRansomware Attack Shuts Down Sierra Wireless IoT MakerKrebs: Phish Leads to Breach at Calif. State ControllerHackers Claim Attack on Oklahoma Company, State AgencyTwo Large Government Conference Organizers Suffer Data BreachUniversity of Northampton Hit by Cyber-AttackRansomware Gang Leaks Data Stolen From University of Colorado, University of MiamiPurple Fox Malware Worms Its Way Into Exposed Windows Systems
3/22/2021 March 22, 2021March 22, 2021 ~ The Cyber Beat ~ Leave a comment Cyberterrorism Tops List of 11 Potential Threats to U.S.CISA Warns of Security Flaws in GE Power Management DevicesUK Gov’t Department Loses 306 Mobiles and Laptops in Two YearsNew Coalition Launches Against ‘Surveillance Advertising’Top 3 Cybersecurity Lessons Learned From the PandemicThe Cybersecurity Problem We Should Really Worry AboutKrebs: RedTorch Formed from Ashes of Norse Corp.Delhi Police Bust Call Center Scammers Duping Americans, Canadians, and BritsFraudsters Impersonating Tesco In New Phone ScamRussia’s Darknet Criminals Have Novel Crypto Cash-Out System: ‘Buried Treasure’Hobby Lobby Exposed 138GB of Data28,000+ Mendelson Kornblum Orthopedic and Spine (MI) Patients’ Info ExposedRansomware’d Flagstar Bank (MI) Tells Customers It Lost Their SSNsMangaDex Manga Site Temporarily Shut Down After CyberattackClasses Canceled Monday for All Park Hill (MO) Students Due to Malware AttackMicrosoft Exchange Servers Now Targeted by Black Kingdom RansomwareCritical RCE Vulnerability Found in Apache OFBiz ERP SoftwareCritical Security Bugs Fixed in Netop Vision Pro Virtual Learning SoftwareAdobe Fixes Critical ColdFusion Flaw in Emergency Update
3/19-21/2021 March 22, 2021March 22, 2021 ~ The Cyber Beat ~ Leave a comment Biden Under Growing Pressure to Nominate Cyber CzarPutin Challenges Biden to Debate After President Calls Him a ‘Killer’Chinese Military Reportedly Restricts Use of Tesla Cars Among Personnel…Elon Musk Denies Cars Were Used to Spy in China: Tesla Would Be ‘Shut Down…Elon Musk Says Tesla Won’t Share Data From Its Cars With China or U.S.NHS Boss Helen Bevan’s Twitter Accounts Hacked by PS5 Scammers…Twitter Says Marjorie Taylor Greene’s Account Suspended in ErrorOffice 365 Phishing Attack Targets Financial ExecsFBI Warns of BEC Attacks Increasingly Targeting U.S. Gov’t OrgsUK Police Warn Students to Avoid ‘Science Website’Russian Pleads Guilty to Tesla Ransomware PlotJustice Department Indicts Hacker Connected to Massive Surveillance Camera BreachComputer Giant Acer Hit by $50 Million Ransomware AttackMaricopa Community Colleges (AZ) Investigating Possible Cyber Attack After Network Outage23 South Gloucestershire Schools Hit by Ransomware AttackOttawa Warns of Possible Ransomware Attack on Firm That Provides Services Nationally and WorldwideBogus Android Clubhouse App Drops Credential-Swiping BlackRock MalwareDDoS Booters Now Abuse DTLS Servers to Amplify AttacksREvil Ransomware Has a New ‘Windows Safe Mode’ Encryption ModeHacking Group Used 11 Zero-Days to Attack Windows, iOS, Android UsersCritical F5 BIG-IP Flaw Now Under Active AttackMicrosoft Defender Adds Automatic Exchange ProxyLogon Mitigation
3/18/2021 March 19, 2021 ~ The Cyber Beat ~ Leave a comment China Regulators Held Talks With Alibaba, Tencent, Nine Others on ‘Deepfake’ TechChinese Nation State Hackers Linked to Finnish Parliament HackCISA Releases New SolarWinds Malicious Activity Detection ToolU.S. Grid at Rising Risk to Cyberattack, Says GAONew Alert Warns of Tax Season CyberscamFacebook Rolls Out Physical Keys to Guard Against Hacking Mobile AccountsGoogle Reveals What Personal Data Chrome and Its Apps Collect On YouItaly’s Leonardo Eyes More Cyber Security Deals With EU Institutions After Parliament ContractPindrop Security Buys Device-Verification FirmMom Charged in Deepfake Cheerleading PlotZoom Screen-Sharing Glitch ‘Briefly’ Leaks Sensitive DataData Breach Reported at Atascadero State Hospital (CA)PII of a ‘Handful’ Compromised in Millersville University (PA) Cyber AttackTrojanized Xcode Project Slips MacOS Malware to Apple DevelopersNew CopperStealer Malware Steals Google, Apple, Facebook AccountsTutor LMS for WordPress Open to Info-Stealing Security HolesCritical RCE Flaw Reported in MyBB Forum Software—Patch Your Sites
3/17/2021 March 18, 2021March 18, 2021 ~ The Cyber Beat ~ Leave a comment China Plans to Ask U.S. to Roll Back Trump Policies in Alaska Meeting…U.S. Subpoenas Multiple Chinese Communications Providers in Security ReviewMicrosoft Breach Ramps up Pressure on Biden to Tackle Cyber Vulnerabilities…White House Forms Public-Private Task Force to Tackle Microsoft Exchange HackBiden Vows Russia’s Putin Will ‘Pay a Price’ for Election Meddling…Kremlin: ”Baseless”$4,000 COVID-19 ‘Relief Checks’ Cloak Dridex MalwareScammers Are Promising to Get Your Student Loans ForgivenKrebs: Fintech Giant Fiserv Used Unclaimed DomainDropbox to Make Password Manager Feature Free for All UsersFlorida Mom & Daughter Duo Hack Homecoming CrownSouth and City College Birmingham (UK) to Shift Teaching Online After Ransomware AttackElective Surgeries Postponed at Melbourne’s Eastern Health After Suspected Cyber AttackTri County Sheriff Dispatch (NY) Hit With Ransomware AttackJapan Line Users’ Data Exposed to China AffiliateCyber-Attack Hits Shell’s Data Transfer SystemCybercriminals Say Georgetown County (SC) Employees’ Info Stolen in Ransomware AttackChile’s Bank Regulator Shares IOCs After Microsoft Exchange HackTwitter Images Can Be Abused to Hide ZIP, MP3 FilesMicrosoft’s Azure SDK Site Tricked Into Listing Fake PackageCisco Plugs Security Hole in Small Business RoutersApple May Start Delivering Security Patches Separately From Other OS Updates
3/16/2021 March 16, 2021March 16, 2021 ~ The Cyber Beat ~ Leave a comment Russia’s Putin Likely Directed 2020 Election Meddling, U.S. Finds…U.S. Expected to Sanction Russia Over Alleged Election MeddlingMicrosoft Could Reap More Than $150 Million in New U.S. Cyber Spending, Upsetting Some Lawmakers…Exchange Cyberattacks Escalate as Microsoft Rolls One-Click FixAdvocates Press Facebook to Combat Spanish-Language DisinformationEncrypted Messaging App Signal Appears to Be Blocked in ChinaFBI Warns of Escalating Pysa Ransomware Attacks on Education OrgsHackers Are Targeting Telecoms Companies to Steal 5G Secrets401(k) Investors Vulnerable to Cyber Hacks, Watchdog WarnsKrebs: Can We Stop Pretending SMS Is Secure Now?Companies Turn to Fusion Centers to Deal With Cyber Intelligence OverloadTeen Responsible for Major Twitter Hack to Serve Three Years in PrisonChina Suspected of Cyber Attack on Western Australia’s Parliament During State ElectionUkraine Accuses Russian Hackers of New Cyber AttackMimecast: SolarWinds Hackers Stole Some of Our Source CodeUK Ministry of Defence Information Exposed Through Personal Email Accounts$5.7M Stolen in Roll Crypto Heist After Hot Wallet HackedColorado Retina Associates Phishing Incident Exposes Personal Info of 26,000Ransomware Attack Knocks Newberry County Memorial Hospital (SC) Computer Systems OfflineLeon County Schools (FL) Confirm Website HackMagecart Attackers Save Stolen Credit-Card Data in .JPG FileLatest Mirai Variant Targets SonicWall, D-Link and IoT DevicesNew Botnet Targets Network Security Devices With Critical ExploitsDuckDuckGo Browser Extension Vulnerability Leaves Edge Users Open to Potential Cyber-Snooping
3/15/2021 March 15, 2021March 15, 2021 ~ The Cyber Beat ~ Leave a comment Biden Admin Reveals Probe Into Gov’t Security Has Found Holes: Need More Private Sector CollaborationCyberattacks See Fundamental Changes, A Year into COVID-19Facebook to Label All Posts That Discuss Coronavirus VaccinesTwitter Now Supports Multiple 2FA Security Keys on Mobile and WebCybersecurity Bug-Hunting Sparks Enterprise ConfidenceWave of Legal Appeals Challenges How European Regulators Enforce Privacy RulesI’m Planning to Retire Early — and Rich — Thanks to NFTsKrebs: WeLeakInfo Leaked Customer Payment InfoBlender Website in Maintenance Mode After Hacking AttemptVulnerable Australian Kids Impacted by Data BreachHackers Steal Health Data of 50,000 Patients From PeakTPAWisconsin Health Department Accidentally Exposes Email Addresses of 907 COVID-19 Vaccine RegistrantsPhishing Sites Now Detect Virtual Machines to Bypass DetectionFlorida International Claims Breakthrough in ‘Cryptojacking’ Detection
3/12-14/2021 March 15, 2021March 15, 2021 ~ The Cyber Beat ~ Leave a comment Microsoft Probes Whether Leak Played Role in Suspected Chinese Hack…Warns of New ‘DearCry’ Ransomware Threat to ‘Unpatched’ Networks…Cryptomining Malware…New PoC for Microsoft Exchange Bugs Puts Attacks in Reach of Anyone…UK Urges Organisations to Install Microsoft Updates UrgentlyChina Blasts Biden Administration Over New Restrictions on HuaweiU.S. Federal Judge Issues Injunction to Temporarily Remove Xiaomi BanAnt Group CEO Simon Hu Resigns Amid Heightened Scrutiny Over the Chinese Financial-Technology BehemothFBI Alert Warns of Russian, Chinese Use of Deepfake ContentAustralia, India, Japan, and USA Create Joint Critical Tech Working GroupGoogle Slams Microsoft for ‘Naked Corporate Opportunism’Apple Sues Employee for Stealing Trade SecretsEuropol Credits Sweeping Arrests to Cracked Sky ECC Comms …Encrypted Comms Firm Denies Police Cracked User MessagesCEO of Sky Global Encrypted Chat Platform Indicted by U.S.A Hacker Who Exposed Verkada’s Surveillance Camera Snafu Has Been RaidedNetflix Introduces Measures to Prevent Password SharingUtah Company Premier Diagnostics Stored Passport Scans on Unsecured ServerBroward School District (FL) Conducting Cybersecurity Investigation Into What Caused Online Learning OutageBuffalo Public Schools (NY) Hit With Ransomware Attack on FridayTotal Life Healthcare (AR) Data Breached in ‘Ransomware Attack’REvil Group Claims Slew of Ransomware AttacksScammers Promote Fake Cryptocurrency Giveaways via Twitter AdsOVH Data Center Fire Likely Caused by Faulty UPS Power SupplyResearchers Hacked Indian Gov’t Sites via Exposed Git and Env FilesMetamorfo Banking Trojan Abuses AutoHotKey to Avoid DetectionNew ZHtrap Botnet Malware Deploys Honeypots to Find More TargetsCritical Security Hole Can Knock Smart Meters OfflineAnother Google Chrome 0-Day Bug Found Actively Exploited In-the-WildGoogle Fixes Second Actively Exploited Chrome Zero-Day This MonthGoogle Emits Data-Leaking Proof-of-Concept Spectre Exploit for Intel CPUs15-Year-Old Linux Kernel Bugs Let Attackers Gain Root PrivilegesA New Critical Vulnerability Has Been Discovered in Apple M1
3/11/2021 March 12, 2021March 12, 2021 ~ The Cyber Beat ~ Leave a comment Microsoft Exchange Servers Face APT Attack TsunamiMicrosoft Exchange Email Hack: Hundreds of UK Firms CompromisedCISA: No Federal Civilian Agency Hacked in Exchange Attacks, So FarProxyLogon PoC Exploit Released; Likely to Fuel More Disruptive Cyber AttacksLawmakers Roll Out Bill to Protect Critical Infrastructure After Florida Water HackChina Lays Plans to Tame Tech Giant AlibabaTrickBot Takes Over, After Cops Kneecap EmotetSchools Have Become the Leading Targets of Ransomware AttacksCyberattack Takes Down Systems at Molson CoorsThousands of Irish Shoppers Personal Data Stolen in Fastway Couriers BreachCovington (LA) Police, Fire and City Employees Locked Out of Computer Systems After Hack34,000 Affected in New London Hospital (NH) Data BreachTwo-Hundred Affected by Petersburg Medical Center (AK) Data BreachLinux Systems Under Attack By New Chinese RedXOR MalwareNimzaLoader Was Written in an Unusual Programming Language to Stop It From Being DetectedNanoCore RAT Scurries Past Email Defenses with .ZIPX TacticSmart Sex Toys Come With Bluetooth and Remote Access Weaknesses
3/10/2021 March 11, 2021March 11, 2021 ~ The Cyber Beat ~ Leave a comment Norway’s Parliament Hit by New Hack Attack…Federal Agencies Warn Microsoft Vulnerabilities Pose ‘Serious Risk’ to Government, Private Sector…At Least 10 Hacking Groups Using Microsoft Software Flaw: Researchers…Up to 60,000 Computer Systems Exposed in Germany to Microsoft FlawResearchers Unveil New Linux Malware Linked to Chinese HackersTop U.S., China Officials to Meet Next Week in Alaska on Range of IssuesSolving Data-Transfer Impasse May Require Diplomatic Agreements on EspionageSuperstar K-Pop Band’s TikTok HackedOVH Data Center Burns Down Knocking Major Sites OfflineCOVID: White Hat Bounty Hackers Become MillionairesLinux Foundation Unveils Sigstore — a Let’s Encrypt for Code SigningEuropol ‘Unlocks’ Encrypted Sky ECC Chat Service to Make ArrestsFacebook Files to Dismiss Antitrust LawsuitsCyberattack Impacts 200,000 People Connected to Multicare Health SystemsUniversity of Central Lancashire Among Three Hit by Cyber-AttacksHospital in Southwest France Hit by Cyber-Attack Demanding $50,000 RansomApple’s Device Location-Tracking System Could Expose User IdentitiesiPhone Call Recorder Bug Gave Access to Other People’s ConversationsFIN8 Hackers Return With More Powerful Version of BADHATCH PoS MalwareNim-Based Malware Loader Spreads Via Spear-Phishing EmailsFake Ad Blocker Delivers Hybrid Cryptominer/Ransomware InfectionCyberattackers Exploiting Critical WordPress Plugin BugF5 Urges Customers to Patch Critical BIG-IP Pre-Auth RCE BugSAP Stomps Out Critical RCE Flaw in Manufacturing SoftwareKrebs: Microsoft Patch Tuesday, March 2021 Edition
3/9/2021 March 9, 2021March 9, 2021 ~ The Cyber Beat ~ Leave a comment Krebs: Warning the World of a Ticking Time BombMicrosoft Releases ProxyLogon Updates for Unsupported Exchange ServersKremlin Calls NYT Report on Planned U.S. Cyberstrikes on Russia ‘Alarming’Biden Appoints Clare Martorana as Federal CIOU.S. Seizes More Domains Used in COVID-19 Vaccine Phishing AttacksSecurity Bug Hunters Focus on Misconfigured Services, Earn Big RewardsDark Web Markets for Stolen Data See Banner SalesGandCrab Ransomware Affiliate Arrested for Phishing AttacksSurveillance Concerns Could Hold Up European-U.S. Data Agreement for YearsGab, a Haven for Pro-Trump Conspiracy Theories, Has Been Hacked AgainArkansas Bill Addresses “Unfair” Social Media CensorshipTwitter Sues Texas AG, Alleging Retaliation for Banning TrumpWest Ham Supporters’ Personal Details Leaked on Club WebsiteHackers Access Surveillance Cameras at Tesla, Cloudflare, Banks, MoreSpanish Labor Agency Suffers Ransomware Attack, Union SaysGoogle Play Harbors Malware-Laced Apps Delivering Spy TrojanszoMiner Botnet Hunts for Unpatched ElasticSearch, Jenkins ServersAdobe Critical Code-Execution Flaws Plague Windows UsersAdobe Fixes Critical Creative Cloud, Adobe Connect VulnerabilitiesGitHub Fixes Bug Causing Users to Log Into Other AccountsMicrosoft Shares Detection, Mitigation Advice for Azure LoLBinsApple Plugs Severe WebKit Remote Code-Execution HoleMicrosoft Patch Tuesday Updates Fix 14 Critical Bugs
3/8/2021 March 9, 2021March 9, 2021 ~ The Cyber Beat ~ Leave a comment Krebs: A Basic Timeline of the Exchange Mass-Hack…Microsoft Email Server Hacks Put Biden in a Bind…European Banking Authority Hit by Microsoft Exchange HackU.S. Reportedly Prepares Action against Russia after Major Cyberattack…Hackers Hiding Supernova Malware in SolarWinds Orion Linked to ChinaIranian Hackers Using Remote Utilities Software to Spy On Its TargetsNew Sarbloh Ransomware Supports Indian Farmers’ ProtestCISA Takes Over .GOV Top-Level Domain (TLD) AdministrationPayPal Is Acquiring Crypto Security Company Curv, for Less Than $200 MillionMcAfee to Offload Enterprise Business for $4bn, Focus on Consumer SecurityVirginia Passes New Data Protection LawFlagstar Bank Hit by Data Breach Exposing Customer, Employee DataData Breach at Healthcare Provider Elara Caring Exposes 100,000 Patients’ InformationCosco Shipping Hacked AgainHackers Target University of Texas at El Paso (UTEP)University of the Highlands and Islands Shuts Down During ‘Ongoing Cyber Incident’Melton School Responds to Serious Cyber AttackFake Google reCAPTCHA Phishing Attack Swipes Office 365 PasswordsCrypto-Miner Campaign Targets Unpatched QNAP NAS DevicesNewest Intel Side-Channel Attack Sniffs Out Sensitive DataGoogle Chrome to Block Port 554 to Stop NAT Slipstreaming Attacks
3/5-7/2021 March 8, 2021March 8, 2021 ~ The Cyber Beat ~ Leave a comment Krebs: At Least 30,000 U.S. Organizations Newly Hacked Via Holes in Microsoft’s Email Software…FireEye Finds Evidence Chinese Hackers Exploited Microsoft Email App Flaw Since January…White House Cites ‘Active Threat,’ Urges Action Despite Microsoft Patch…New Microsoft Tool Checks Exchange Servers for ProxyLogon Hacks…Microsoft’s MSERT Tool Now Finds Web Shells From Exchange Server Attacks…Microsoft: Exchange Updates Can Install Without Fixing VulnerabilitiesIn Battle with U.S., China to Focus on 7 ‘Frontier’ Technologies from Chips to Brain-Computer Fusion…Spending on Research and Development to Rise 7% per Year in Push for Major Tech BreakthroughsU.S. DoD Weapons Programs Lack ‘Key’ Cybersecurity MeasuresRussian, Chinese Hackers Targeted Europe Drug RegulatorRussian Disinformation Campaign Aims to Undermine Confidence in Pfizer, Other Covid-19 Vaccines, U.S. Officials SayVirus Tech Draws Scrutiny From European Privacy AdvocatesNew iPhone Feature Reveals if Someone Is Stalking Your Exact MovementsBug in Apple’s Find My Feature Could’ve Exposed Users’ Location HistoriesCritics Blast Google’s Aim to Replace Browser Cookie with ‘FLoC’‘Impossible to Trace’ Tech Savvy Dad May Be Holding Daughter Captive in WA, Cops SayU.S. Indicts John McAfee for Cryptocurrency Fraud, Money LaunderingEffective Cybersecurity Needs Quantum CommunicationCompanies Are Doing a Terrible Job of Reporting Cybersecurity Risks to InvestorsQueen’s University in Belfast Takes ‘Precautions’ After Cyber-Attack AttemptCzech Capital Prague, Labour Ministry Face Cyber AttacksSaint Agnes Medical Center (CA) Data Breach Exposed Personal InfoSandhills Medical (SC) Foundation Patient Info Accessed in Cyber AttackHumana Notifying 65,000 Health Plan Members Information Was ExposedTwo Medical Practices in the Richmond Region Report Cybersecurity IncidentsSITA: Airline IT Provider Confirms Passenger Data Leaked After Major ‘Cyber-Attack’Docker Hub and Bitbucket Resources Hijacked for Crypto-MiningOngoing Phishing Attacks Target U.S. Brokers With Fake FINRA AuditsNottinghamshire Schools Suspend Online Learning Following Cyber AttackD-Link, IoT Devices Under Attack By Tor-Based Gafgyt VariantWordPress Injection Anchors Widespread Malware CampaignREvil Ransomware Gang Plans to Call Victim’s Business Partners About AttacksNew ‘Hog’ Ransomware Only Decrypts Victims Who Join Their Discord Server…Two Unusual Versions of Ransomware Tell Us a Lot About How Attacks Are EvolvingSupermicro, Pulse Secure Release Fixes for ‘TrickBoot’ AttacksSamsung Fixes Critical Android Bugs in March 2021 UpdatesMicrosoft Office 365 Gets Protection Against Malicious XLM Macros
3/4/2021 March 5, 2021March 5, 2021 ~ The Cyber Beat ~ Leave a comment Krebs: Three Top Russian Cybercrime Forums HackedMicrosoft, FireEye Unmask More Malware Linked to SolarWinds AttackersCISA Issues Emergency Directive on In-the-Wild Microsoft Exchange FlawsSenate Includes Nearly $2 Billion in Cyber, Tech Funds to COVID-19 BillResearcher Bitsquats Microsoft’s windows.com to Steal TrafficThousands of Android and iOS Apps Leak Data From the CloudNational Surveillance Camera Rollout Roils Privacy ActivistsSamsung and Mastercard to Pilot Biometric Payments Card in South KoreaCryptocurrency Fraudster Steals $16mSingapore Airlines Frequent Flyer Members Hit in Third-Party SITA Data Security BreachIndian State Government Website Exposed COVID-19 Lab Test ResultsRansomware Attack on Cochise Eye and Laser (AZ)8-Day Cyber Attack: Hackers Demanded Millions From Allergy Partners (NC)34,000 Affected in AllyAlign Health (VA) Data BreachHacked SendGrid Accounts Used in Phishing Attacks to Steal LoginsCompuCom MSP Hit by DarkSide Ransomware CyberattackWindows DNS SIGRed Bug Gets First Public RCE PoC ExploitVMware Releases Fix for Severe View Planner RCE Vulnerability
3/3/2021 March 4, 2021March 4, 2021 ~ The Cyber Beat ~ Leave a comment Workers at Canadian Spy and Cyber Agency Threaten to StrikeState-Sponsored Hackers Rush to Exploit Unpatched Microsoft Exchange ServersWhy Some Governments Are Getting Cyber Crime Gangs to Do Their Hacking for ThemHigh Alert as New QAnon Date Approaches ThursdayGoogle to Stop Selling Ads Based on Your Specific Web BrowsingParler Drops Federal Lawsuit Against Amazon, Files in State CourtBEC Scammers Are Targeting Investors for Massive PayoutsU.S. Government Warns of Social Security Scams Using Fake Federal IDsHome-Office Photos: A Ripe Cyberattack VectorHackers Share Methods to Bypass 3D Secure for Payment CardsQualys Hit With Ransomware: Customer Invoices Leaked on Extortionists’ Tor BlogNavajo Nation Hospital Targeted by Large-Scale Ransomware HackUniversity of Memphis Hit with Second Cyber Attack In Six MonthsHollywood’s Elite Private Schools Hacked CompuCom MSP Confirms Ongoing Outage Following Malware IncidentCyber Attack Affecting Hanover Area School District and Others (PA)Telemarketing Biz CallX Exposes 114,000 in Cloud Config ErrorCash App Phishing Kit Deployed in the Wild, Courtesy of 16ShopGRUB2 Boot Loader Reveals Multiple High Severity VulnerabilitiesUnpatched Bug in WiFi Mouse App Opens PCs to Attack
3/2/2021 March 3, 2021March 3, 2021 ~ The Cyber Beat ~ Leave a comment Microsoft: Chinese Cyberspies Used 4 Exchange Server Flaws to Plunder Emails (Krebs)Chinese Cyber Attack: U.S. Congressman Urges Biden to Stand by IndiaSolarWinds Reports $3.5 Million in Expenses From Supply-Chain AttackWray Hints at Federal Response to SolarWinds HackMicrosoft Warns of Chinese Hackers ‘Hafnium’ Targeting Email ProductMicrosoft Shares More on What’s Coming in Windows Server 2022Microsoft Teams Adds End-to-End Encryption (E2EE) to One-on-One CallsMicrosoft 365 Defender Threat Analytics Enters Public PreviewGamer Sues Microsoft Over CyberbullyingGoogle Teams up With Allianz, Munich Re to Insure Its Cloud UsersJailbreak Tool Works on iPhones Up to iOS 14.3Medal of Honor Holders’ Identities Stolen‘Fake Accounts Used My Pictures to Sell Sex’Satanic Temple Loses Cyber-squatting LawsuitAlarming Cybersecurity Stats: What You Need To Know For 2021Krebs: Payroll/HR Giant PrismHR Hit by Ransomware?Malaysia Airlines Discloses a Nine-Year-Long Data BreachAsian Food Distribution Giant JFC International Hit by RansomwareZee5 Once Again Caught In Data Breach; Info Of 9 Mn Users ExposedCSX Probes ‘Security Incident’ as Hackers Leak DataOxfam Australia Confirms Data Breach After Stolen Info Sold OnlineMillersville University (PA) Says Network Outage Was the Result of an ‘External Attack’Ransomware Attack Shuts Down Altona Clinic (MB)Rookie Coding Mistake Prior to Gab Hack Came From Site’s CTOResearchers Unearth Links Between SunCrypt and QNAPCrypt RansomwareMalicious NPM Packages Target Amazon, Slack With New Dependency AttacksCompromised Website Images Camouflage ObliqueRAT MalwareMicrosoft Fixes Actively Exploited Exchange Zero-Day Bugs, Patch NowGoogle Fixes Second Actively Exploited Chrome Zero-Day Bug This Year
3/1/2021 March 1, 2021March 1, 2021 ~ The Cyber Beat ~ Leave a comment Chinese Hackers Targeted India’s Power Grid Amid Geopolitical Tensions…Chinese Businessman Plotted With GE Insider to Steal Transistor Secrets, Say FedsU.S. ‘Unprepared’ to Defend against New AI Threats, Report FindsNew York Group Urges Action on Cyber CoordinationFree Cybersecurity Tool Aims to Help Smaller Businesses Stay Safer OnlineScientists Have Built This Ultrafast Laser-Powered Random Number GeneratorKrebs: Is Your Browser Extension a Botnet Backdoor?Cybercrime ‘Help Wanted’: Job Hunting on the Dark WebUniversal Health Services Lost $67 Million Due to Ryuk Ransomware AttackTether Cryptocurrency Firm Says Docs in $24 Million Ransom Are ‘Forged’…We Are ‘Not Paying’Facebook Photo-tagging Lawsuit Settled for $650mFlorida Police Arrest 12 Alleged Online PredatorsPasswords, Private Posts Exposed in Hack of Gab Social NetworkHurtigruten Reports Passenger Data Exposed in CyberattackEuropean E-Ticketing Platform Ticketcounter Extorted in Data BreachWorld’s Leading Dairy Group Lactalis Hit by CyberattackKaman Hit by Ransomware Attack, Biden Foreign Policy ChangeNew South Wales Transport Agency Extorted by Ransomware Gang After Accellion AttackCyber Attack on the Ministry of Finance of KosovoCity of Kingman (AZ) Government Computer System Hit by CyberattackMalware Loader Abuses Google SEO to Expand Payload DeliveryWorking Windows and Linux Spectre Exploits Found on VirusTotalCritical Vulnerability Found in Snow Software’s Inventory AgentFirewall Vendor Genua Patches Critical Auth Bypass Flaw
2/26-28/2021 March 1, 2021March 1, 2021 ~ The Cyber Beat ~ Leave a comment Congress Has New Appetite for Breach Law Following SolarWinds Hack: LawmakerSolarWinds Officials Throw Intern Under the Bus for ‘solarwinds123’ Password FailLawmakers Blame SolarWinds Hack on ‘Collective Failure’ to Prioritize CybersecurityHuawei Backs Supply Chain Security Standards in Wake of SolarWinds BreachNSA, Microsoft Promote a Zero Trust Approach to CybersecurityPits Microsoft Against Dell, IBM Over How Companies Store DataU.S. Energy Department Floats Solution to Illicit Crypto Mining MalwareForeign Perpetrators Among Fraudsters Shamming State’s Unemployment SystemsCyberattacks Cost Hospitals Millions During Covid-19Amazon Dismisses Claims Alexa ‘Skills’ Can Bypass Security Vetting ProcessWhat Are These Suspicious Google GVT1.Com URLs?T-Mobile Discloses Data Breach After Sim Swapping AttacksRansomware Gang Hits Ecuador’s Largest Private Bank Banco Pichincha, Ministry of FinanceUK’s Npower Shuts Down Mobile App Following Data BreachSome San Diegans’ Personal Information Provided to Jewish Family Service Exposed OnlineBeware: AOL Phishing Email States Your Account Will Be ClosedStalkerware Volumes Remain Concerningly High, Despite BansYeezy Fans Face Sneaker-Bot Armies for Boost ‘Sun’ ReleaseRyuk Ransomware Now Self-Spreads to Other Windows LAN DevicesGoogle Shares PoC Exploit for Critical Windows 10 Graphics RCE BugMicrosoft Fixes Windows 10 Drive Corruption Bug — What You Need to KnowGerman Prosecutors Are Building AI In-HouseCybersecurity Firm Axonius Raises $100 Million at $1.2 Billion Valuation