U.S. Government Probes VPN Hack within Federal Agencies, Races to Find Clues

Biden Prepping Cybersecurity Executive Order in Response to SolarWinds Attack

Krebs: Task Force Seeks to Disrupt Ransomware Payments

Asks for Increased Crypto Regulation

DoppelPaymer Gang Leaks Files from Illinois AG After Ransom Negotiations Break Down

Babuk Ransomware Readies ‘Shut Down’ Post, Plans to Open Source Malware

Don’t Ignore Ransomware. It’s Bad.

Your Digital Identity’s Evil Shadow

Massachusetts Expanding K-12 Cybersecurity Training

Anti-Vaxxer Hijacks QR Codes at COVID-19 Check-In Sites

China Warns Large Tech Firms as Industry Faces Rising Oversight

Accenture to Acquire Openminded
First Horizon Bank Customers Have Account Funds Drained

LuckyMouse Hackers Target Banks, Companies and Governments in 2020

Whistler Resort Municipality Hit by New Ransomware Operation

New Ransomware Group ‘FiveHands’ Uses SonicWall Zero-Day to Breach Networks

QNAP Finds Evidence of AgeLocker Ransomware Activity in the Wild

Paleohacks Data Leak Exposes Customer Records, Password Reset Tokens

Catholic Charities North Dakota Target of Data Breach

Uxbridge Residents Learn of Cyber Attack One Month After Breach

A New PHP Composer Bug Could Enable Widespread Supply-Chain Attacks

Microsoft Finds Critical Code Execution Bugs in IoT, OT Devices

F5 Big-IP Vulnerable to Security-Bypass Bug


Cyberspies Target Military Organizations With New Nebulae Backdoor

Government, Industry Push Bitcoin Regulation to Fight Ransomware Scourge

Lawmakers Introduce Legislation to Create Civilian Reserve Program to Fight Hackers

Five Things You Need to Know About Ransomware Attacks

Microsoft Office SharePoint Targeted With High-Risk Phish, Ransomware Attacks

Cybercriminals Widely Abusing Excel 4.0 Macro to Distribute Malware

Passwordstate Hackers Phish for More Victims With Updated Malware

Parler App Risks Charges of Selling Out With Apple Return

Supreme Court to Hear Cheerleader’s Snapchat First Amendment Case

U.S. Arrests Alleged Crypto Mixer
Krebs: Experian API Exposed Credit Scores of Most Americans

Elekta Cyber Attack Disrupts Cancer Care

Brisbane’s Wesley Hospital Cyber Attack Leaves Staff Struggling to Communicate, Patient Says

DigitalOcean Data Breach Exposes Customer Billing Information

Ransomware Crooks Who Broke Into Merseyrail Used Director’s Email Address to Brag About It

Fourth Time’s a Charm – OGUsers Hacking Forum Hacked Again

BSC Protocol Uranium Finance Hacked for $50 Million

SMS Phishing Scam Lures Rogers Customers With Outage Refunds

New Stealthy Linux Malware Used to Backdoor Systems for Years

Google Chrome V8 Bug Allows Remote Code-Execution

GitHub Disables Google Floc User Tracking On Its Website


Russian-Speaking ‘Babuk’ Group Claims Responsibility Washington D.C. Police Server Hack

Cyber-Attack Hackers Threaten to Share U.S. Police Informant Data

CISA: Here’s What Russia’s SVR Spy Agency Does When It Breaks Into Your Network

FBI Shares 4 Million Email Addresses Used by Emotet With Have I Been Pwned

Senate Intelligence Panel Working On Legislation Around Mandatory Cyber Breach Notification

Ant IPO-Approval Process Under Investigation by Beijing
Data Breach Exposed Information of 1 in 4 Wyomingites, Health Department Reports

MangaDex Discloses Data Breach After Stolen Database Shared Online

Logansport Schools (IN) Investigating Network Hack

Threat Actors Impersonate Chase Bank

Linux Kernel Bug Opens Door to Wider Cyberattacks

Microsoft Edge to Add Automatic HTTPS Option for All Domains


U.S. Warns of Russian State Hackers Still Targeting U.S., Foreign Orgs

Lawmakers Call For Increasing the Budget of Key Federal Cybersecurity Agency

Space Command to Launch Dedicated Cyber Center

SolarWinds, Microsoft Hacks Prompt Focus on Zero-Trust Security

iOS 14.5 Is Here: Everything We Know About Apple’s New OS, Available to Download Now

To Be Tracked or Not?

Escalates Feud With Facebook

Ransomware Gang Now Warns They Will Leak New Apple Logos, iPad Plans

Apple Hit With German Antitrust Complaint

Nintendo Sues (Gary) Bowser

Scam Victims Find Same Fraudulent Ads Lurking On Facebook and Google Even After Flagging Them Up

University of Minnesota Apologizes for Contributing Malicious Code to the Linux Project

Krebs: Experian’s Credit Freeze Security is Still a Joke

Thoma Bravo’s $12.3 Billion Purchase of Proofpoint Is the Largest Private Equity Cloud Deal
Reverb Discloses Data Breach Exposing Musicians’ Personal Info

U.S. Drilling Giant Gyrodata Reveals Employee Data Breach

Guilderland Central School District (NY) Suffers Cyber Attack, Moves to Remote Learning

Ransomware Gang Publishes Files Stolen from D.C. Police Department

Burglary, Possible Data Breach Could Have Exposed 3k Peak Vista (CO) Patients’ Health Information

Sapphire Community Health (MT) Locked Out of Patient Files While Attackers Demanded Ransom

UnitingCare Queensland Hit by Cyber Attack

Avaddon Ransomware Group Hit the Small Italian Municipality of Villafranca d’Asti

Accellion Data Breaches Drive up Average Ransom Price

Nvidia Warns: Severe Security Bugs in GPU Driver, vGPU Software

Apple AirDrop Bug Could Leak Your Personal Info to Anyone Nearby

Apple Fixes macOS Zero-Day Bug Exploited by Shlayer Malware

Microsoft Defender Now Blocks Cryptojacking Malware Using Intel TDT


China Could Rule World’s Technology, UK Cyber Spy Chief Says

‘Quantum Computing Is Closer but Beware the Risk’

Facebook, Twitter, YouTube Execs to Testify at Senate Hearing On Algorithms

Five Big Players to Watch in Big Tech’s Antitrust Fight

Twitter Accidentally Sends Suspicious Emails Asking to Confirm Accounts

Phishing Impersonates Global Recruitment Firm to Push Malware

Axis of REvil: What We Know About the Hacker Collective Taunting Apple

REvil’s Big Apple Ransomware Gambit Looks to Pay Off

Emotet Malware Nukes Itself Today From All Infected Computers Worldwide

A Ransomware Gang Made $260,000 in 5 Days Using the 7zip Utility

Turkish Crypto Exchange Boss Goes Missing, Reportedly Taking $2 Billion of Investors’ Funds With Him

Turkey Blocks Bank Accounts of a Crypto Exchange Even as It Hunts For the CEO of Another

Supreme Court Clips FTC’s Power to Police Privacy Violations

California Woman Charged with Cyberstalking Teenage Boys

Computer Security World in Mourning Over Death of Dan Kaminsky, Aged 42
Hacker Leaks 20 Million Alleged BigBasket User Records for Free

HashiCorp Is the Latest Victim of Codecov Supply-Chain Attack

Passwordstate Password Manager Update Hijacked to Install Backdoor on Thousands of PCs

French Champagne Group Laurent Perrier Has Been Victim of Cyber Attack

Scottish Election 2021: Alba Party Website Hit by Potential Cyber Attack After ‘Unusual Activity’

Yale New Haven Health Says At Least 200 Patients Were Impacted by Data Breach

Flubot: Warning Over Major Android ‘Package Delivery’ Scam

Fake Microsoft DirectX 12 Site Pushes Crypto-Stealing Malware

Oscar-Bait, Literally: Hackers Abuse Nominated Films for Phishing, Malware

Prometei Botnet Could Fire Up APT-Style Attacks

New Cryptomining Malware ‘Sysrv-hello’ Builds an Army of Windows, Linux Bots

A Clubhouse Bug Let People Lurk In Rooms Invisibly

Critical RCE Bug Found in Homebrew Package Manager for macOS and Linux


Researchers Find Additional Infrastructure Used By SolarWinds Hackers

West Faces a Moment of Reckoning Over Technology, UK Top Cyber Spy Says

Seven House Republicans Vow to Reject Donations From Big Tech

Taiwan Authorities Look Into Apple Supplier Hack

Google Ordered by Canadian Court to Provide Info on Alleged Cyber-bullies

Police Technology Under Scrutiny Following Chicago Shooting

Malware and Ransomware Gangs Have Found This New Way to Cover Their Tracks

Stanford Student Finds Glitch in Ransomware Payment System to Save Victims $27,000
Costco Issues Scam Warning

Hackers Target Tokyo-Based Glassmaker Hoya With Ransomware

Hundreds of Co-Ops and Condos Suffer Data Breach

Attackers Can Hide ‘External Sender’ Email Warnings With HTML and CSS

Telegram Platform Abused in ‘ToxicEye’ Malware Campaigns

Mount Locker Ransomware Aggressively Changes Up Tactics

Botnet Backdoors Microsoft Exchange Servers, Mines Cryptocurrency

QNAP Removes Backdoor Account in NAS Backup, Disaster Recovery App


Justice Department Convenes Task Force to Tackle Wave Of Ransomware Attacks

Lawmakers Reintroduce Bill to Invest Billions to Compete With China in Tech

Hackers Reportedly Stole Apple Product Plans From Supplier Quanta

Hackers Threaten to Leak Stolen Apple Blueprints If $50 Million Ransom Isn’t Paid

Facebook Says Palestinian Spies Behind Hacking Campaign

Facebook Leaks Strategy to Numb Reaction to Data Scraping Incidents

TikTok Loophole Sees Users Post Pornographic and Violent Videos

TikTok Sued Over Use of Minors’ Data

Artificial Intelligence, Facial Recognition Face Curbs in New EU Proposal

In Epic Hack, Signal Developer Turns the Tables on Forensics Firm Cellebrite

‘Rocky’ a Password Favorite
Logins for 1.3 Million Windows RDP Servers Collected From Hacker Market

Phone House Spain Hit By Major Ransomware Attack

Business Email Compromise Costs Businesses More Than Ransomware

Novel Email-Based Campaign Targets Bloomberg Clients with RATs

Massive Qlocker Ransomware Attack Uses 7zip to Encrypt QNAP Devices

WhatsApp Pink Malware Can Now Auto-Reply to Your Signal, Telegram Texts

QR Codes Offer Easy Cyberattack Avenues as Usage Spikes

Linux Bans University of Minnesota for Committing Malicious Code

Google Fixes Exploited Chrome Zero-Day Dropped On Twitter Last Week

CISA Orders Federal Orgs to Mitigate Pulse Secure VPN Bug by Friday

Rapid7 Acquires Open-Source Project Velociraptor


Biden Administration Kicks Off 100-Day Effort to Strengthen Cybersecurity of Power Grid

China-Linked Hackers Used VPN Flaw to Target U.S. Defense Industry

Multiple Agencies Breached By Hackers Using Pulse Secure Vulnerabilities

MI5 Warns Of Spies Using LinkedIn to Trick Staff Into Spilling Secrets

Hundreds of Networks Reportedly Hacked In Codecov Supply-Chain Attack

Hackers Use Previously Unknown Vulnerability to Target SonicWall Customers

SonicWall Warns Customers to Patch 3 Zero-Days Exploited in the Wild

North Korean Hackers Adapt Web Skimming For Stealing Bitcoin

REvil Gang Tries to Extort Apple, Threatens to Sell Stolen Blueprints

Note to Self: Create Non-Exhaustive List of Competitors (Krebs)
Threat Actor Claims to Have Hacked Domino’s Indian Branch

DeFi Protocol EasyFi Reports Hack, Loss of Over $80M in Funds

Broward County School District’s Files Leaked in $40m Ransomware Attack

Eversource Energy Data Breach Caused by Unsecured Cloud Storage

Lazarus Hacking Group Now Hides Payloads in BMP Image Files

Over 750,000 Users Downloaded New Billing Fraud Apps From Google Play Store

Fake Microsoft Store, Spotify Sites Spread Info-Stealing Malware

Microsoft Partially Fixes Windows 7, Server 2008 Vulnerability

Mozilla Fixes Firefox Flaw That Allowed Spoofing of HTTPS Browser Padlock


White House ‘Standing Down’ Emergency Response Groups to SolarWinds, Microsoft Hacks

UK Digital Secretary Oliver Dowden Starts National Security Probe Into Proposed Arm-Nvidia Merger

Social-Media Data Leaks Draw Scrutiny From European Regulators

Mastercard to Acquire Digital Identity Verification Company Ekata

Apple to Reinstate Parler, the App at Center of Online-Speech Debate

Flying On Mars Fueled With Open-Source Software

Hackers Used to Be Humans. Soon, AIs Will Hack Humanity
Geico Data Breach Exposed Customers’ Driver’s License Numbers for More Than a Month

Vermont State Health Insurance Website Exposed Other Users’ Info When Logging In

Matthew Clark Bibendum Hit By Cyber Attack

The Dixie Group Has Ransomware Attack

Malta Nationalist Party Says It Suffered Cyber-Attack; Info Could Have Been Leaked

Google Alerts Continues to Be a Hotbed of Scams and Malware

Malware That Spreads Via Xcode Projects Now Targeting Apple’s M1-based Macs


Russia to Expel 10 Diplomats from Embassy in Moscow in Response to U.S. Measures

U.S. Sanctions Cryptocurrency Addresses Linked to Russian Cyberactivities

How the Kremlin Provides a Safe Harbor for Ransomware

Krebs: Did Someone at the Commerce Dept. Find a SolarWinds Backdoor in Aug. 2020?

U.S. Investigators Probing Breach at Code Testing Company Codecov

NSA: 5 Security Bugs Under Active Nation-State Cyberattack

‘Simple Photoshop’: How a Pakistani Counterfeiter May Have Aided Russian Trolls

Facebook Oversight Board to Rule On Trump Ban in ‘Coming Weeks’

Facebook Faces ‘Mass Action’ Lawsuit in Europe Over 2019 Breach

U.S. Indicts SecondEye Operators

SysAdmin of Billion-Dollar Hacking Group FIN7 Gets 10-Year Sentence
Major BGP Leak Disrupts Thousands of Networks Globally

Philadelphia’s MeterUp Parking App Hacked, Personal Information Accessed

Swinburne University Sorry Over Personal Data Breach

iOS Kids Game ‘Jungle Run’ Morphs into Underground Crypto Casino

HackBoss Malware Poses As Hacker Tools on Telegram to Steal Digital Coins

Discord Nitro Gift Codes Now Demanded As Ransomware Payments

BazarLoader Malware Abuses Slack, BaseCamp Clouds

Ryuk Ransomware Operation Updates Hacking Techniques

WordPress to Automatically Disable Google FLoC on Websites

Microsoft Fixes Windows 10 Bug That Can Corrupt NTFS Drives

Medtronic Partners With Cybersecurity Startup Sternum to Protect Its Pacemakers From Hackers

Google Project Zero Cuts Bug Disclosure Timeline to a 30-Day Grace Period


U.S. Puts Fresh Sanctions on Russia Over Hacking, Election Interference

White House Blames Russian Spy Agency SVR for SolarWinds Hack

Russia’s SVR Spy Agency Calls Allegations ‘Nonsense’

US. Says Russian Cyber Firm Pozitiv Teknolodzhiz AO and 5 Others Provided Venue for Recruiting Spies

Intelligence Leaders Face Sharp Questions During House Worldwide Threats Hearing

Biden Races to Shore Up Power Grid Against Hack

Arrest Made Over Huntington Park (CA) Data Breach

Florida Man Gets 10 Years for Multimillion-Dollar Medicare Fraud Scheme
University of Hertfordshire Suffers Cyber-Attack That Takes Down its Entire IT Network

Gay Dating App Manhunt Hacked, Users’ Data Exposed

Australian Casinos Wrest Point and Country Club In Tasmania Suffers Ransomware Attack

Celsius Email System Breach Leads to Phishing Attack On Customers

Popular NFT Marketplace Rarible Targeted by Scammers and Malware

Gafgyt Botnet Lifts DDoS Tricks from Mirai

Mozilla Drops Firefox Support On Amazon Fire TV


IBM Flags More Cyber Attacks On COVID Vaccine Infrastructure

House Republicans Raise Concerns About New Chinese Tech Companies

Wray: FBI Opens Investigation Into China Every 10 Hours

FBI Launches Operation to Remove ProxyLogon Web Shells Malware From Computers in U.S.

Aussie Biz Azimuth Cracked San Bernardino Shooter’s iPhone, Ending Apple-FBI Privacy Standoff?

Intelligence Leaders Push For Mandatory Breach Notification Law

Cash-Strapped Local Governments Turn to Students for Cybersecurity Help

Vivaldi, Brave, DuckDuckGo Reject Google’s Floc Ad Tracking Tech

Coinbase’s Public Listing Is a Cryptocurrency Coming-Out Party

184 Years In: Ag Giant John Deere Awaits Its First Software Vulnerability

100 Million More IoT Devices Are Exposed—and They Won’t Be the Last

Nigerian Email Scammer Sent Down for 40 Months in the U.S., Ordered to Pay Back $2.7m to Victims
Grocery Startup Mercato Spilled Years of Data, but Didn’t Tell Its Customers

NBA’s Houston Rockets Face Cyber-Attack by Ransomware Group

Berkeley Hack – City Hall, Police Department Computer Systems Down

Chattanooga Public Library Warns Patrons About Potential Data Exposure Through Website

Somerset County School Districts (NJ) Investigate Cyber-Attacks

Cyber Criminals Are Installing Cryptojacking Malware on Unpatched Microsoft Exchange Servers

100,000 Google Sites Used to Install SolarMarket RAT

Second Google Chrome Zero-Day Exploit Dropped On Twitter This Week

Security Bug Allows Attackers to Brick Kubernetes Clusters

New WhatsApp Bugs Could’ve Let Attackers Hack Your Phone Remotely

SAP Fixes Critical Bugs in Business Client, Commerce, and NetWeaver

Krebs: Microsoft Patch Tuesday, April 2021 Edition


China’s Message to America: We’re an Equal Now

Intel Assessment Warns Of Increasing Threats From China, Russia

Government Agencies Must Update Microsoft Exchange as Feds Warn Of ‘Unacceptable’ Cybersecurity Risk

Gmail ‘Safer Than Parliament’s Email System’ Says Tory MP

SolarWinds Says Dealing With Hack Fallout Cost at Least $18 Million

Experts See ‘Unprecedented’ Increase In Hackers Targeting Electric Grid

Tax Phish Swims Past Google Workspace Email Security

Cybersecurity: Victims Are Spotting Cyber Attacks Much More Quickly, but There’s a Catch

Samsung’s New Galaxy Quantum 2 Uses Quantum Cryptography to Secure Apps

Adobe Patches Slew of Critical Security Bugs in Bridge, Photoshop

Microsoft April 2021 Patch Tuesday Fixes 108 Flaws, 5 Zero-Days
Cyber-Attack Shutters Half of Tasmania’s Casinos

Risk Startup LogicGate Confirms Data Breach

Illinois Attorney General Investigates Hack of Office’s Computer System

University of Portsmouth Closes Campus Due to ‘Ransomware Attack’ on It Services Causing ‘Ongoing Disruption’

Ransomware Attacks Hit IT System at Tallaght Campus

QBot Malware Is Back Replacing IcedID in Malspam Campaigns

New Linux, macOS Malware Hidden In Fake Browserify NPM Package

How the NAME:WRECK Bugs Impact Consumers, Businesses

Capcom: Ransomware Gang Used Old VPN Device to Breach the Network

Chrome Zero-Day Exploit Posted on Twitter

Microsoft Edge Too


Biden Makes Nominations for Top Cyber Posts

Lawmakers, Industry Call On Biden to Fund Semiconductor Production Amid Shortage

Federal Reserve Chairman Says Cyber-Risk a Top Threat to National Economy

Jack Ma’s Ant Group Bows to Beijing With Company Overhaul

Trans-Atlantic Data Talks May Move at a Quicker Clip

Microsoft Bulks Up With $16 Billion Deal for Nuance Communications

Cybersecurity Start-up Darktrace Plans to Go Public in London Despite Deliveroo’s IPO Flop

Cybersecurity Training Startup Hack the Box Raises $10.6m Series a LED By Paladin Capital

Pulse Secure VPN Users Can’t Login Due to Expired Certificate
Krebs: ParkMobile Breach Exposes License Plate Data, Mobile Numbers of 21M Users

Indian Brokerage Firm Upstox Suffers Data Breach Leaking 2.5 Millions Users’ Data

1.3M Clubhouse Users’ Data Dumped in Hacker Forum for Free

Dutch Supermarkets Run Out of Cheese After Ransomware Attack

Accellion Breach Exposed 300,000 Records, University of Colorado Says

TriHealth (OH) Reports Patient and Employee Data Breach Through Law Firm

Criminals Spread IcedID Malware Using Website Contact Forms With Google URLs

Counter Strike: Global Offensive (CS:GO), Valve Source Games Vulnerable to Hacking Using Steam Invites


Iran Says Key Natanz Nuclear Facility Hit By ‘Sabotage’ / Israeli Media: Israeli Cyber Attack

Biden Budget Request Calls for Major Investments in Cybersecurity, Emerging Technologies

CISA Launches New Threat Detection Dashboard

China Launches Hotline for Netizens to Report ‘Illegal’ History Comments

Alibaba Hit With Record $2.8 Billion Antitrust Fine in China

Amazon Wins Union Election — Says ‘Our Employees Made the Choice’

Facebook Removes 16k Groups for Trading Fake Reviews

Mozilla Flooded With Requests After Apple Privacy Changes Hit Facebook

Critical Zoom Vulnerability Triggers Remote Code Execution Without User Input

U.K., EU Face Privacy Criticism for Covid-19 Passport Plans

DOJ: Creep Coach Finagles Nude Athlete Photos

U.S. Jails Florida Man Stalker Who Targeted Attack Survivor

FBI Arrests Texas Man for Plan to Kill “70% Of Internet” in AWS Bomb Attack

Pets’ Names Used As Passwords by Millions, Study Finds

8 Security & Privacy Apps to Share With Family and Friends
Data from 500M LinkedIn Users Posted for Sale Online

LinkedIn Denies Data Breach

Leading Cosmetics Group Pierre Fabre Hit With $25 Million Ransomware Attack

American Society for Clinical Pathology (ASCP) Discloses Credit Card Incident

Washington State Educational Organizations Targeted In Cryptojacking Spree

Ontario Regional Government Victim of Third-Party Cyberattack

Trinity Health (MA) Notifying Patients of Possible Data Breach

Tipp City (OH) Student Records Exposed During Law Firm Data Breach

Evidence Suggests REvil Behind Harris Federation Ransomware Attack

Hackers Tampered With APKPure Store to Distribute Malware Apps

Joker Malware Infects Over 500,000 Huawei Android Devices

New ‘Saint Bot’ Malware Out There Snatching Users’ Passwords

Cisco Will Not Patch Critical RCE Flaw Affecting End-of-Life Business Routers

Zerodium Triples WordPress Remote Code Execution Exploit Payout


P&G Worked With China Trade Group on Tech to Sidestep Apple Privacy Rules

Commerce Blacklists Seven Chinese Supercomputing Groups

Indian Defense Chief Admits China’s Cyber-Weapons Would ‘Disrupt Large Number of Systems’ Whenever Beijing Presses the Button

Researchers Uncover a New Iranian Malware Used In Recent Cyberattacks

North Korean Hackers Use New Vyveva Malware to Attack Freighters

Federal Watchdog Investigating State Department Cybersecurity Practices

Should Firms Be More Worried About Firmware Cyber-Attacks?

Facebook Does Not Plan to Notify Half-Billion Users Affected By Data Leak

Redcar Cyber-Attack: UK Government to Help Cover Costs

U.S. Stimulus Stimulates Unemployment Scams

Tech Support Scammers Lure Victims With Fake Antivirus Billing Emails

Belgian Police Seize 28 Tons of Cocaine After ‘Cracking’ Sky ECC’s Chat App Encryption

Americans Avoid Sites After Forgetting Passwords
CareFirst BlueCross BlueShield’s Community Health Plan District Of Columbia (CHPDC) Hacked By ‘Foreign Cybercriminals’

Indian Steel Giant Tata Steel Hit By Windows REvil Ransomware

Belden Says Health Benefits Data Stolen In 2020 Cyberattack

Over 600,000 Stolen Credit Cards Leaked After Swarmshop Hack

Education Nonprofit Edraak Ignored a Student Data Leak for Two Months

Ransomware Attack Shuts Down Entire Haverhill School District (MA)

IcedID Banking Trojan Surges: The New Emotet?

Microsoft Office 365 Phishing Evades Detection With HTML Lego Pieces

Azure Functions Weakness Allows Privilege Escalation

Google Chrome Blocks a New Port to Stop NAT Slipstreaming Attacks

CISA Releases Tool to Review Microsoft 365 Post-Compromise Activity

Microsoft Releases a Cyberattack Simulator – Shall We Play a Game?

Windows 10 Hacked Again at Pwn2Own, Chrome and Zoom Also Fall


Suspected China Hack of Microsoft Shows Signs of Prior Reconnaissance

Commerce Dept. Still Weighing Approach to Huawei, TikTok

Key House Leader to Press For Inclusion of Cybersecurity in Infrastructure Bill

Facebook Attributes 533 Million Users’ Data Leak to “Scraping” Not Hacking

How a VPN Vulnerability Allowed Ransomware to Disrupt Two Manufacturing Plants

Did 4 Major Ransomware Groups Truly Form a Cartel?

Phishing Emails Most Commonly Originate from Eastern Europe

Google Forms and Telegram Abused to Collect Phished Credentials

Visa: Hackers Increasingly Using Web Shells to Steal Credit Cards

IT Pros Share Work Devices with Household

Microsoft’s Windows 10, Exchange, and Teams Hacked At Pwn2Own
Office Depot Configuration Error Exposes One Million Records

Consulting Firm Data Breach Included Case Information Affecting 300+ at Michigan State University

Clearfield County (PA) Cyber Attack Update

Update On PHP Source Code Compromise: User Database Leak Suspected

Fake Netflix App on Google Play Spreads Malware Via WhatsApp

Attackers Blowing Up Discord, Slack with Malware

REvil Ransomware Now Changes Password to Auto-Login in Safe Mode

New Cring Ransomware Hits Unpatched Fortinet VPN Devices

Pre-Installed Malware Dropper Found On German Gigaset Android Phones

Android to Support Rust Programming Language to Prevent Memory Flaws

Cisco Fixes Bug Allowing Remote Code Execution With Root Privileges


Intel Heads to Resume Worldwide Threats Hearing Scrapped Under Trump

Senators Call for Update on Investigations Into SolarWinds, Microsoft Hacks

EU Institutions Experienced Hack Attempt in March: Spokesman

Krebs: Are You One of the 533M People Who Got Facebooked?

Facebook Removes Over 1,100 Accounts Spreading Deceptive Content

The Extortion Economy: Inside the Shadowy World of Ransomware Payouts

TikTok Privacy Settlement Standoff Puts Focus on Value of Personal Data

Australia Considers Social Media ID Requirement

Chinese Hackers Selling Intimate Stolen Camera Footage
Ransomware Hits TU Dublin and National College of Ireland

Hacker Sells $38m Worth of Gift Cards From Thousands of Shops

Adult Content From Hundreds of OnlyFans Creators Leaked Online

Cyber Attack Targeting Connecticut’s DMV Disrupted Emissions Testing

‘Anomalous Surge in DNS Queries’ Knocked Microsoft’s Cloud off the Web Last Week

EtterSilent Maldoc Builder Used by Top Cybercriminal Gangs

SAP Bugs Under Active Cyberattack, Causing Widespread Compromise

Critical Cloud Bug in VMWare Carbon Black Allows Takeover

Windows XP Makes Ransomware Gangs Work Harder for Their Money


Spy Operations Target Vietnam with Sophisticated RAT

The U.S. Already Has a Cybersecurity Warning System

Krebs: Ransom Gangs Emailing Victim Customers for Leverage

Paid Millions to Get Their Data Back, but Forgot to Do One Thing. The Hackers Came Back Again

LinkedIn Spear-Phishing Campaign Targets Job Hunters

15 Cybersecurity Pitfalls and Fixes for SMBs

How To Train Remote-Working Employees On Cybersecurity

Active Learning: Adding a Human Element to Artificial Intelligence, Machine Learning & Cybersecurity

Facebook Leak: Irish Regulator Probes ‘Old’ Data Dump
Ransomware Attack Affects 750,000 Personal Touch Patients, Employees across U.S.

BioTel Heart Vendor Breach Left Patients’ Information Public for Nearly a Year

Wieden+Kennedy (OR) Employees Exposed to a Data Breach

Additional Personal Information Part of Data Breach at Atascadero State Hospital (CA)

CNA Website Finally Back Online After ‘Sophisticated Cybersecurity Attack’

Apple Mail Zero-Click Security Vulnerability Allows Email Snooping

Microsoft Defender for Endpoint Now Supports Windows 10 Arm Devices


Lack of Cyber Funds in Biden Infrastructure Plan Raises Eyebrows

FBI: APTs Actively Exploiting Fortinet VPN Security Holes

Robinhood Warns Customers of Tax-Season Phishing Scams

Most Loved Programming Language Rust Sparks Privacy Concerns

Leaker Says They Are Offering Private Details of 500 Million Facebook Users

How to Check if Your Info Was Exposed in the Facebook Data Leak

Mark Zuckerberg’s Cellphone Number Goes Online

Popular Twitch Adblock Shuts Down After Twitch Breaks Extension

Russia Fines Twitter for Not Removing Posts

Intelligence Analyst Fed Secrets to Reporter

Capital One Notifies More Clients of SSNs Exposed in 2019 Data Breach

Ransomware Gang Wanted $40 Million in Broward County Schools Cyberattack

MacKenzie Scott Grant Scam More Widespread Than Initially Thought
Clop Ransomware Gang Leaks Also Data From Stanford Medicine

Brown University Experiencing IT Security Threat, Temporary System Outage

Malware Attack on Applus Technologies Is Preventing Car Inspections in Eight U.S. States

Asteelflash Electronics Maker Hit by REvil Ransomware Attack

Qualys Says Accellion Hackers Did Not Breach Production Systems

Sierra Wireless Resumes Production After Ransomware Recovery

CNA Website Still Down Nearly Two Weeks After ‘Sophisticated Ransomware Attack’

Krebs: Ubiquiti All But Confirms Breach Response Iniquity

GitHub Arctic Vault Likely Contains Leaked MedData Patient Records

GitHub Actions Being Actively Abused to Mine Cryptocurrency on GitHub Servers

Call of Duty Cheats Expose Gamers to Malware, Takeover

Google Limits Which Apps Can Access the List of Installed Apps on Your Device


U.S. DOJ: Phishing Attacks Use Vaccine Surveys to Steal Personal Info

ACLU Files AI FOIA Request

22-Year-Old Charged With Hacking Water System and Endangering Lives

DeepDotWeb Admin Pleads Guilty to Money Laundering Charges

Dutch Watchdog Fines Booking.com €475k after It Kept Customer Data Thefts Quiet for More Than 3 Weeks

7 Security Strategies as Employees Return to the Office

Bring CISOs Into the C-Suite to Bake Cybersecurity Into Company Culture

Coinhive Domain Repurposed to Warn Visitors of Hacked Sites, Routers

New KrebsOnSecurity Mobile-Friendly Site
Microsoft Cloud Services Are Down for Some Users

Florida Keys Gov’t Data Breach Exposes County and City Private Emails & Search Histories

Broward County Public Schools (FL) Hit by Ransomware Attack

Memorial Hermann (TX) Patients’ Personal Information May Have Been Compromised in Data Breach

J&B Importers Falls Victim to a Ransomware Attack

University of Maryland, Baltimore Says Private Data Was Published Online Following Ransomware Attack

University of California Targeted in Accellion Cyber Attack; People Urged to Beware of Threatening Emails

Legacy QNAP NAS Devices Vulnerable to Zero-Day Attack

VMware Fixes Authentication Bypass in Data Center Security Software


Iranian APT ‘Charming Kitten’ Hackers Targeting U.S., Israeli Medical Researchers: Analysis

NKorea Hackers Target Security Researchers Again With Fake Twitter and LinkedIn Accounts

Ransomware Tops U.S. Cyber Priorities, Homeland Secretary Says

U.S. Launches Cyber ‘Sprints’ in the Wake of Nation-State Hacks

CISA Gives Federal Agencies 5 Days to Find Hacked Exchange Servers

Child Tweets Gibberish from U.S. Nuke Account

Facebook Removed Donald Trump Interview Video With Lara Trump, Cites Indefinite Ban

Apple, Google Both Track Mobile Telemetry Data, Despite Users Opting Out

Court Rulings Spur Debate on How European Privacy Law Regulates AI Decisions

Battle Rages Over Vaccine Passports
APT Hackers Are Implanting Multiple Backdoors at Industrial Targets in Japan

Scammers Steal New Yorkers’ Private Info for Benefits Fraud

Hackers Hit Italian Menswear Brand Boggi Milano With Ransomware

800Gbps DDoS Extortion Attack Hits Gambling Company

Student, Staff Data Exposed In Heartland Community College (IL) Cyberattack

‘Cart Crasher’ Fraud Ring Launders Money Via Fake Charity Donations

Malware Hidden in Game Cheats and Mods Used to Target Gamers

BazarCall Malware Uses Malicious Call Centers to Infect Victims

Fake jQuery Files Infect WordPress Sites With Malware

Google Chrome for Linux Is Getting DNS-Over-HTTPS, but There’s a Catch