7/22/2021

NSO Group: Blame Our Customers, Not Us, For Hacking

Macron Changing Phone

Chinese Hackers Stole Mekong Data From Cambodian Foreign Ministry

Widespread Outage Disrupts Major Retail, Financial, Travel, Olympic Websites Worldwide

FedEx, UPS, Airbnb, and Delta Airlines Websites All Reporting Outages as ‘911 Lines Down’ Along East Coast

The Internet Outage That Took Down Several Major Websites Seems to Be Fixed

Akamai DNS Global Outage

Kaseya Obtains Key to Decrypt Systems Weeks After Ransomware Attack

Democrats Introduce Bill to Hold Platforms Accountable for Misinformation During Health Crises
APT Hackers ‘StrongPity’ aka ‘Promethium’ Distributed Android Trojan via Syrian e-Government Portal

South Africa’s Transnet Hit by Cyber Attack

Guntrader.uk Data Breach

1,000 GB of Local Government Data Exposed by Software Company PeopleGIS

Ransomware Gang Breached CNA’s Network via Fake Browser Update

Phish Swims Past Email Security With Milanote Pages

Critical Jira Flaw in Atlassian Could Lead to RCE

Apple Issues Urgent iPhone Updates; None for Pegasus Zero-Day

MITRE Updates List of Top 25 Most Dangerous Software Bugs

7/21/2021

French Cybersecurity Agency Warns Of China-Linked APT 31 Attacks On French Organizations

Biden to Convene Private Sector Leaders for Cybersecurity Talks in August

Officials Warn Of Cybersecurity Vulnerabilities in Water Systems

Pegasus Scandal: Are We All Becoming Unknowing Spies?

Israel Appoints Task Force to Assess NSO Spyware Allegations

Saudi Official Denies the Kingdom Used Spyware to Track Communications

Elon Musk Says Tesla Will Likely Start Accepting Bitcoin Again

Call for Online Abusers to Be Reported to Employers

Microsoft Acquires Security Start-up CloudKnox

Massachusetts Couple Sues eBay Over ‘Unrelenting’ Harassment Campaign

Spanish Cops Nab Brit Accused of Playing Role in 2020 Celeb Twitter Hijacking

Krebs: Serial Swatter Who Caused Death Gets Five Years in Prison
CISA Warns Of Stealthy Malware Found On Hacked Pulse Secure Devices

U.S. House Terminates Deal With iConstituent After Company Waited to Raise Ransomware Alarm

Brockton Police Department (MA) Under Cyberattack, Police and Fire Forced to Go Old School

Clearfield (UT) Target of Ransomware Attack; Official Says City Now ‘up and Running’

Ransomware Hackers Attack Sunset Beach (NC) For More Than a Month

MacOS Being Picked Apart by $49 XLoader Data Stealer

NPM Package Steals Passwords via Chrome’s Account-Recovery Tool

Kubernetes Cloud Clusters Face Cyberattacks via Argo Workflows

Several New Critical Flaws Affect CODESYS Industrial Automation Software

Microsoft Shares Workaround for Windows 10 SeriousSAM Vulnerability

Google Chrome Now Comes With up to 50x Faster Phishing Detection

7/20/2021

China Says Microsoft Hacking Accusations Fabricated by U.S. and Allies

Accuses U.S. of Hacking

Federal Agencies Say Dozens of Pipeline Companies Breached By Chinese Hackers in 2011

On the Pegasus List: Ten Prime Ministers, Three Presidents and a King

FBI: Threat Actors May Be Targeting the 2020 Tokyo Summer Olympics

Bitcoin Mining Isn’t Nearly as Bad for the Environment as It Used to Be, New Data Shows

Krebs: Spam Kingpin Peter Levashov Gets Time Served

Robinhood Expects $30 Million Fine in Cyber, Money-Laundering Probe of Crypto Arm
Northern Train’s Ticketing System Out to Lunch as Ransomware Attack Shuts Down Servers

Geneva (OH) Hit by New Strain Of Ransomware ‘AvosLocker’

Aruba Notified Customers Regarding a Data Breach After Two Months

MosaicLoader Malware Delivers Facebook Stealers, RATs

Nasty Linux Systemd Security Bug Revealed

Fortinet’s Security Appliances Hit By Remote Code Execution Vulnerability

16-Year-Old HP Printer-Driver Bug Impacts Millions of Windows Machines

DuckDuckGo’s New Email Privacy Service Forwards Tracker-Free Messages

7/16-19/2021

U.S., Others Accuse China of Abetting Ransomware Attack

U.S. Charges Four Chinese Nationals Charged in Global Hacking Campaign

Biden Opens New Cyber Battle with China

Norway Says Cyber Attack on Parliament Carried Out From China

China Sends State Security, Police Officials to Didi for Cybersecurity Probe

Pegasus: Who Are the Alleged Victims of Spyware Targeting?

Protecting Phones From Pegasus-Like Spyware Attacks

Israel Says NSO Group Spyware Exports Are For Lawful Use Only

When Ransomware Comes to (Your) Town

Krebs: Don’t Wanna Pay Ransom Gangs? Test Your Backups.

Hacker Is Stealing the Identities of Victims, Surfside Mayor Says

How Criminals Siphoned Off Unemployment Payments Directly From Recipients’ Accounts

Microsoft Takes Down Domains Used to Scam Office 365 Users

Amazon Asked Apple to Remove an App That Spots Fake Reviews, and Apple Agreed

Global Data Restrictions on the Rise Amid Privacy and Security Fears
Law Firm for Ford, Boeing, Exxon, Marriott, Walgreens and More Hacked In Ransomware Attack

Ecuador’s State-Run CNT Telco Hit By RansomEXX Ransomware

Hackers Hit Florida Blue With Cyber-Spoofing Attack, Expose 30,000+ Members’ Info

Comparis Customers Targeted by Scammers After Ransomware Attack

Cyberattack on Moldova’s Court of Accounts Destroyed Public Audits

Saudi Aramco Data Breach Sees 1 TB Stolen Data for Sale

Insurtech Startup BackNine Exposed Thousands of Sensitive Insurance Applications

Artwork Archive Cloud Storage Misconfiguration Exposed User Data

HelloKitty Ransomware Is Targeting Vulnerable SonicWall Devices

Unpatched iPhone Bug Allows Remote Device Takeover

CloudFlare CDNJS Bug Could Have Led to Widespread Supply-Chain Attacks

New Windows Print Spooler Zero Day Exploitable via Remote Print Servers

Critical Juniper Bug Allows DoS, RCE Against Carrier Networks

Google Patches 8th Chrome Zero-Day Exploited in the Wild This Year

D-Link Issues Hotfix for Hard-Coded Password Router Vulnerabilities

7/15/2021

U.S. Launches Online Hub to Help Ransomware Victims

Offers $10 Million for Tips on Foreign Hackers

Cybersecurity Bills Gain New Urgency After Rash of Attacks

…Companies May Be Flagging Themselves For Hackers By Buying Cybersecurity Insurance

Phishing Continues to Be One of the Easiest Paths for Ransomware

Facebook Disrupts Iranian Hackers Using Platform to Target U.S. Military Personnel

Microsoft Says Israeli Company Candiru Is Behind Malware That Affected Windows PCs

The U.S. Surgeon General Is Calling COVID-19 Misinformation An ‘Urgent Threat’
Nottingham City Transport: Bus Operator Hit By Cyber-Attack

Linux Version of HelloKitty Ransomware Targets VMware ESXi Servers

Safari Zero-Day Used in Malicious LinkedIn Campaign

Attackers Exploited 4 Zero-Day Flaws in Chrome, Safari & IE

Zero-Day Attacks on Critical WooCommerce Bug Threaten Databases

Windows Print Nightmare Continues With Malicious Driver Packages

For Years, A Backdoor in Popular KiwiSDR Product Gave Root to Project Developer

7/14/2021

Southeast Asia Seeks Greater Tech Cooperation as U.S.-China Rivalry Grows

Chinese Cyberspies’ Wide-Scale APT Campaign Hits Asian Gov’t Entities

Chinese Hackers Use New SolarWinds Zero-Day in Targeted Attacks

Hong Kong Working to Share Its Digital IDs With Mainland China

COVID Scams Cost Americans Nearly $500 Million — and Criminals Are Now Eyeing the Child Tax Credit

10 Mistakes Companies Make In Their Ransomware Responses

Does Cybercrime Impact Cryptocurrency Prices?

Facebook Seeks FTC Chair Lina Khan’s Recusal in Antitrust Case

16 Cybercriminals Behind Mekotio and Grandoreiro Banking Trojan Arrested in Spain
Russian SVR Hackers Targeted LinkedIn Users With Safari Zero-Day

Linux-Focused Cryptojacking Gang ‘Diicot brute’ Tracked to Romania

Updated Joker Malware Floods into Android Apps

Trickbot Malware Rebounds with Virtual-Desktop Espionage Module ‘vncDll’

BazarBackdoor Sneaks In Through Nested RAR and ZIP Archives

SonicWall Warns Of ‘Critical’ Ransomware Risk to EOL SMA 100 VPN Appliances

Windows Hello Bypass Fools Biometrics Safeguards in PCs

Google Chrome Will Add HTTPS-First Mode to Keep Your Data Safe

How a Small Dutch IT Company Caught Up in the Kaseya Attack Stepped Up for Customers

7/13/2021

Hackers Used SolarWinds Zero-Day Bug to Target U.S. Defense Orgs

FCC Finalizes Program to Rip and Replace Huawei, ZTE Telecom Equipment in the U.S.

China Issues Notice on Cyber Security Loophole Management

‘Charming Kitten’ APT Siphons Intel From Mid-East Scholars

REvil Ransomware Gang Websites Disappear From Internet

Cyberattacks and Ransomware: How Can We Protect Our Energy Infrastructure?

Ransomware: Only Half of Organisations Can Effectively Defend Against Attacks

Amazon Rolls Out Encryption for Ring Doorbells

U.S. Indicts Dark Web User ‘the Bull’ for Insider Trading
Oklahoma Heart Hospital Employee Donates Notes With Patient Info to Charity

Patient Information Potentially Accessed in Florida Heart Associates Hack

Unpatched Critical ‘ModiPwn’ RCE Bug Allows Industrial, Utility Takeovers

Critical Flaws Reported in Etherpad — a Popular Google Docs Alternative

Krebs: Microsoft Patch Tuesday, July 2021 Edition

Adobe Patches 11 Critical Bugs in Popular Acrobat PDF Reader

Firefox 90 Adds Enhanced Tracker Blocking to Private Browsing

Facebook Announces Time Bonus Payouts for Bug Hunters

7/12/2021

Interpol Urges Police to Unite Against ‘Potential Ransomware Pandemic

Chris Inglis Formally Sworn in as National Cyber Director

Senate Unanimously Approves Jen Easterly to Lead DHS Cyber Agency

Voice Cloning Of Growing Interest to Actors and Cybercriminals

ByteDance Shelved IPO Intentions After Chinese Regulators Warned About Data Security

China Drafts New Cyber-Security Industry Plan

Tech’s Next Wave of Development Will Happen in Asia, Singapore’s IMDA Chief Predicts

WhatsApp Privacy Update Sparks Complaint From EU Consumer Groups

Microsoft to Acquire Cybersecurity Firm RiskIQ as Cyber Threats Mount
SolarWinds Says Unknown Hackers Exploited Newly Discovered Software Flaw

SolarWinds Patches Critical Serv-U Vulnerability Exploited in the Wild

Fashion Retailer Guess Discloses Data Breach After Ransomware Attack

200K Patients Exposed After Hackers Tried to Wire Money From ClearBalance Funds

Famous Smoke Shop (PA) Website, Store & Lounge Shut Down Due to Ransomware

BIOPASS RAT Uses Live Streaming Steal Victims’ Data

Critical RCE Vulnerability in ForgeRock OpenAM Under Active Attack

WordPress File Management Plugin Riddled with Critical Bugs

7/9-11/2021

Biden Presses Putin to Disrupt Cybercriminals in Russia as U.S. Grapples With Latest Ransomware Attacks

Biden ‘Optimistic’ After Call

Ukraine Says Russian Hackers Hit Its Navy Website

Iran Transport Ministry Hit By Second Apparent Cyberattack in Days

Kaseya Delays SAAS Restore to Sunday

Kaseya Patches VSA Vulnerabilities Used in REvil Ransomware Attack

CISA Analysis Reveals Successful Attack Techniques of FY 2020

North Korean APT Lazarus Targets Job-Seeking Engineers with Malicious Documents

FBI Warns Cryptocurrency Owners, Exchanges of Ongoing Attacks

Krebs: Spike in “Chain Gang” Destructive Attacks on ATMs

Faces Are the Next Target for Fraudsters

Company Sells Passports to Americans Looking For a Tax Break On Their Bitcoin Profits

Biden Signs Sweeping Order to Bolster U.S. Competition, Target Big Business

U.S. Offers Julian Assange Australian Prison Time Instead of American Supermax if He Loses Extradition Fight

Authorities Seize Thousands Of PS4s Used In Crypto Mining
Ransomware Attack Hits Swiss Consumer Outlet Comparis

Mint Mobile Hit By a Data Breach After Numbers Ported, Data Accessed

Insurance Giant CNA Reports Data Breach After Earlier Ransomware Attack

More From Elekta Breach: Northwestern Urges Cancer Patients to Check Statements After Data Breach

Rural German District Anhalt-Bitterfeld Declares Disaster After Cyberattack

Massena School (NY) Servers Back to Normal After Cyber Attack

Cyberattack at Bank of Oak Ridge (NC), Customer Data Exposed

March Data Breach Exposed Peoples Community Health Clinic (IA) Patient Information

Classic Football Shirts Warns Customers of Scam

Magecart Hackers Hide Stolen Credit Card Data Into Images for Evasive Exfiltration

Critical Flaws Reported in Philips Vue PACS Medical Imaging Systems

Cisco BPA, WSA Bugs Allow Remote Cyberattacks

Microsoft Office Users Warned on New Malware-Protection Bypass

Microsoft: PrintNightmare Security Updates Work, Start Patching!

7/8/2021

Krebs: Kaseya Left Customer Portal Vulnerable to 2015 Flaw in its Own Software

REvil Victims Are Refusing to Pay After Flawed Kaseya Ransomware Attack

Cyber Command Lawyer Calls for Military Operations Against Hackers

Letting Businesses ‘Hack Back’ Against Hackers Is a Terrible Idea, Cyber Veterans Say

Oil & Gas Targeted in Year-Long Cyber-Espionage Campaign

Experts Uncover ‘Bandidos’ Malware Attacks Targeting Corporate Networks in Latin America

China’s Cyber Watchdog to Police Chinese Overseas Listings
New South Wales Department of Education Struck by Cyber Attack

Whitehouse Independent School District (TX) Employee, Info Compromised by Ransomware

Morgan Stanley Faces Data Breach, Corporate Client Info Stolen in Vendor Hack

Accellion Data Breach Continues to Get Messier

Marvel Movie ‘Black Widow’ Malware Detected

Coursera Flunks API Security Test in Researchers’ Exam

Windows Security Update KB5004945 Breaks Printing On Zebra Printers

Mozilla Firefox to Roll Out DNS Over HTTPS for Canadian Users

7/7/2021

New Cyberattacks Ramp up Tensions With Russia

Biden Says He Will Know More on Thursday About Attempted RNC Hack

Kremlin Says Russian State Had Nothing to Do With U.S. RNC Hack

Code in Huge Ransomware Attack Written to Avoid Computers That Use Russian

Cybersecurity Researchers Say They Warned Kaseya of Flaw in April

Fake Kaseya VSA Security Update Drops Cobalt Strike

White House Urges Mayors to Review Local Govts’ Cybersecurity Posture

Huawei Hires Three New Lobbying Firms

Dozens of States Sue Google Over App Store Fees

Trump Sues Facebook, Twitter, Google to Restore Social-Media Accounts

Robinhood Crypto Unit Expects $10 Million Fine in Cyber, Anti-Money Laundering Inquiry

Suspected ‘Dr HeX’ Hacker Busted for 9 Years of Phishing
Hackers Attack Websites of Ukraine’s President and Security Service

Coastal Family Health Center (MS) Falls Victim to Hacker, Phi Exposed

Cyber Attack Shuts Down City of Joplin’s Online Services

MacOS Targeted in WildPressure APT Malware Campaign

Tens of Thousands Scammed Using Fake Android Cryptomining Apps

Critical Sage X3 RCE Bug Allows Full System Takeovers

Dozens of Vulnerable NuGet Packages Allow Attackers to Target .NET Platform

Krebs: Microsoft Issues Emergency Patch for Windows Flaw

Fails to Fix?

Tor Browser Adds New Anti-Censorship Feature, V2 Onion Warnings

7/6/2021

Cybersecurity CEO: Hackers Demanding $70 Million in Global Ransomware Attack Won’t Get That Much

Hackers Reportedly Lower Ransom Demand to Restore Data to $50M

U.S. Warns of Action Against Ransomware Gangs if Russia Refuses

Biden Says Ransomware Attack Caused ‘Minimal Damage’ to U.S. Companies

Cybersecurity in Focus for Companies as Online Threats Surge

Pentagon Scraps JEDI in Win for Amazon at Microsoft’s Expense
RNC Says Contractor Breached in Hack, GOP Data Secure

Russian APT 29 aka ‘Cozy Bear’

Hacker Dumps Private Info of Pro-Trump Gettr Social Network Members

Microsoft Pushes Emergency Update for Windows PrintNightmare Zero-Day

Microsoft 365 to Let SecOps Lock Hacked Active Directory Accounts

Kaspersky Password Manager’s Random Password Generator Was About as Random as Your Wall Clock

7/5/2021

Chinese Regulators Suggested Didi Delay Its U.S. IPO

After Crackdown on Didi, China Opens Cybersecurity Probes Into 3 More Tech Firms

China’s Tech Crackdown Has a New Battleground — Data

Facebook, Twitter, Google Threaten to Quit Hong Kong Over Proposed Data Laws

The Food Industry May Be Finally Paying Attention To Its Weakness To Cyberattacks

How to Get a Lucrative Job in Cybersecurity

5 Mistakes That Impact a Security Team’s Success
Hackers Behind Holiday Crime Spree Demand $70 Million, Say They Locked 1 Million Devices

Up to 1,500 Businesses Affected by Ransomware Attack, U.S. Firm’s CEO Says

CISA, FBI Share Guidance for Victims of Kaseya Ransomware Attack

No Contact From Washington Over Latest Ransomware Attack, Kremlin Says

Pro-Trump Social Media Site Gettr Hacked

QNAP Fixes Critical Bug in NAS Backup, Disaster Recovery App

7/2-4/2021

Ransomware Attack on Software Manager Kaseya Hits 200 Companies

REvil Ransomware Attack Affecting Likely Thousands of Targets Drags On

Kaseya Urges Customers to Immediately Shut Down VSA Servers After Ransomware Attack

Biden Orders Probe

Kaseya Was Fixing Zero-Day Just as REvil Ransomware Sprung Their Attack

Biden: ‘Initial Thinking’ Recent Ransomware Attack Not by Russian Government

White House Reaching Out With Assistance to Latest Ransomware Victims

REvil Is Increasing Ransoms for Kaseya Ransomware Attack Victims

Russia Denies Recent U.S., UK Hacking Allegations

Hackers Zero in on Tokyo Olympics

China Orders Ride-Hailing Firm Didi’s App Removed From App Stores

FTC Vote Could Pave Way for New Privacy Rules
Swedish Coop Supermarkets Shut Due to U.S. Ransomware Cyber-Attack

U.S. Insurance Giant AJG Reports Data Breach After Ransomware Attack

F1 Confirms ‘Targeted Attack’ LED to App Hack

Mongolian Certificate Authority Hacked to Distribute Backdoored CA Software

Wiregrass Electric Cooperative (AL): No Data Compromised in Ransomware Attack

U.S. Chemical Distributor Brenntag Shares Info on DarkSide Ransomware Data Theft

Android Apps with 5.8 million Installs Caught Stealing Users’ Facebook Passwords

Microsoft Warns of Critical PowerShell 7 Code Execution Vulnerability

Krebs: Another 0-Day Looms for Many Western Digital Users

Blackbaud Must Face Data Breach Claims Over 2020 Ransomware Attack

7/1/2021

U.S. and UK Agencies Accuse Russia of Political Cyber-Campaign

Russian Hackers Are Abusing VPNs to Hijack Accounts

Researchers Uncover Effort by Chinese-Speaking IndigoZebra APT to Target Afghan Gov’t

Krebs: Intuit to Share Payroll Data from 1.4M Small Businesses With Equifax

VirusTotal Ordered by Irish Court to Reveal Private Info of Stolen HSE Data Downloaders

FTC Votes to Expand Antitrust Enforcement Powers

Trump Allies Launch New Social Media Platform Gettr

Putin Orders Twitter to Open Russian Office

Twitter Now Lets You Use Security Keys as the Only 2FA Method

Barracuda Acquires Skout Cybersecurity to Enter the XDR Market
LinkedIn’s 1.2B Data-Scrape Victims Already Being Targeted by Attackers

Hacked Data for 69K LimeVPN Users Up for Sale on Dark Web

Hundreds of One Medical Patients’ Emails Exposed

Trickbot Cybercrime Group Linked to New Diavol Ransomware

Babuk Ransomware Is Back, Uses New Version on Corporate Networks

Microsoft Adds Second CVE for PrintNightmare Remote Code Execution

CISA: Disable Windows Print Spooler on Servers Not Used for Printing

Google Chrome Will Get an HTTPS-Only Mode for Secure Browsing

Infosec Community Posts Solidarity Bikini Pics After Twitter Troll Outburst

6/30/2021

White House Sees Electric Grid as Blueprint for Post-Colonial Pipeline Cyber Push

New Bipartisan Cybersecurity Bill Aims to Attract Top Talent Into Government, Co-Authors Say

Feds Told to Better Manage Facial Recognition, Amid Privacy Concerns

Amazon Requests FTC Chair Recuse Herself From Antitrust Investigations

Facebook Sues Hackers Who Hijacked Advertising Agencies’ Accounts

Krebs: We Infiltrated a Counterfeit Check Ring! Now What?

CISA Releases New Ransomware Self-Assessment Security Audit Tool

What Do Most Companies Think When Hackers Demand Ransom? Time to Pay

Lorenz Ransomware Decryptor Recovers Victims’ Files for Free

Israeli Charged in Global Hacker-for-Hire Scheme Wants Plea Deal

Police Bust $15 Million European Fraud Ring

Analyst Steals Millions by Spoofing Director

SentinelOne Closes up 21% In NYSE Debut as Highest-Valued Cybersecurity IPO Ever
UK Arm of International Charity the Salvation Army Hit by Ransomware Attack

University Medical Center (NV) Hit in Cyberattack, Data Stolen

Indian Tech Startup Exposed Byju’s Student Data

Germany Thwarts Cyberattack, Denies Impact on Banking System

LinkedIn Denies Exposure of 700 Million User Records Is a Data Breach

Penn Foundation Says Ransom Not Paid in Cyber Attack; No Indication PII Misused

Indexsinas SMB Worm Campaign Infests Whole Enterprises

Leaked Babuk Locker Ransomware Builder Used in New Attacks

PoC Exploit Circulating for Critical Windows Print Spooler Bug

Microsoft Finds Netgear Router Bugs Enabling Corporate Breaches

Major Linux RPM Problem Uncovered

Windows 11 Makes TPM Diagnostics Tool Its First Optional Feature

Four in Ten Americans Use Embarrassing Passwords