8/30/2021

Biden Administration Establishes Program to Recruit Tech Professionals to Serve in Government

Rights Group Advises Afghans to Delete Data

CISA: Don’t Use Single-Factor Auth on Internet-Exposed Systems

CISA to Host Third Annual President’s Cup Cybersecurity Competition

SEC Sanctions Brokerages Over Email Break-Ins

Army Testing Facial Recognition in Child-Care Centers

China Limits Online Video Games to Three Hours a Week for Young People

Chinese A.I. Firm SenseTime Files for Hong Kong IPO despite Tech Crackdown and U.S. Blacklist

Elon Musk’s Loop Gets Autopilot — And an Intruder

Microsoft Azure Cosmos DB Incident Underscores the Need to Closely Watch Cloud Data
LockBit Gang to Publish 103GB of Bangkok Air Customer Data

DeFi Protocol Cream Finance Hacked for Second Time This Year

DuPage Medical Group (IL) Notifying 600,000 Patients About a Data Breach

Passport & Healthcare Info and Leaked From Indonesia’s COVID-19 Test-and-Trace App for Traveler

Northern Ontario Police Force Recovering From Ransomware Attack

Ransomware Attack on Swiss City Rolle Exposed Citizens’ Data

HPE Warns Sudo Bug Gives Attackers Root Privileges to Aruba Platform

Microsoft Exchange ‘ProxyToken’ Bug Allows Email Snooping

AMD Zen+, Zen 2 CPUs Vulnerable to Attack

QNAP Works on Patches for OpenSSL Bugs Impacting Its NAS Devices

8/27-29/2021

British Embassy Exposed Details of Afghan Workers during Rush to Evacuate

White House Rallies Private Industry in Cyber Battle

China Plans to Ban U.S. IPOs for Data-Heavy Tech Firms

Justice Department Establishes Program to Train Prosecutors to Handle Cyber Cases

Fake DMCA Complaints, DDoS Threats Lead To BazaLoader Malware

Amazon Disables Website Used for ISIS Propaganda

Amazon Web Services Will Give Free USB Security Keys to Some Employees of U.S.-Based Customers

Ragnarok Ransomware Gang Bites the Dust, Releases Decryptor

Ethereum’s Blockchain Just Split in Two
Boston Public Library Discloses Cyberattack, System-Wide Technical Outage

Bangkok Airways Suffers Cyber Attack

Bilaxy Exchange Reports Hot Wallet Hacked, Amount Lost Still Unknown

T-Mobile Confident No Ongoing Risks to User Data from Recent Hack

CEO: Hacker Brute-Force

Microsoft Warns of Widespread Phishing Attacks Using Open Redirects

Critical Azure Cosmos DB Bug Allows Full Cloud Account Takeover

Parallels Offers ‘Inconvenient’ Fix for High-Severity Bug

8/26/2021

UK Plans New Post-Brexit Privacy Rules to Ease Data Sharing

China’s Microsoft Hack May Have Had A Bigger Purpose Than Just Spying

T-Mobile Hacker Who Stole Data on 50 Million Customers: ‘Their Security Is Awful’

The Real Victims of Mass Crypto-Hacks That Keep Happening

FBI Shares Technical Details for Hive Ransomware

Angry Birds Developer Accused of Illegal Child Data Collection

Surveillance Tech Company Excession Technologies Ltd Sues Police Digital Service over ‘Flawed’ Scoring of Bids on £18m Contract
171,000 Patients Exposed after Hackers Breach Illinois Physician Group Emails

Website For Cook County Clerk Of The Circuit County Down For Maintenance After Servers Breached

Chinese Developers Expose Data Belonging to Android Gamers

Synology: Multiple Products Impacted by OpenSSL RCE Vulnerability

Atlassian Warns of Critical Confluence Flaw

VMware Issues Patches to Fix New Flaws Affecting Multiple Products

8/25/2021

White House Gathers Tech, Education, Banking Leaders for Cyber Meeting

Biden: Cybersecurity Is the ‘Core National Security Challenge’

Google, Microsoft Plan to Spend Billions on Cybersecurity after Meeting with Biden

U.S. Media, Retailers Targeted by New SparklingGoblin APT

FIN8 Cybercrime Gang Backdoors U.S. Orgs with New Sardonic Malware

Krebs: Man Robbed of 16 Bitcoin Sues Young Thieves’ Parents

Drug Dealers Get 27 Years After Police Crack EncroChat Comms

Australia Passes Identify and Disrupt Bill
73,000 Patients’ Data Affected in Ransomware Attack on Singapore Eye Clinic

Atlanta Allergy & Asthma Sends Notice of Healthcare Data Breach to 9,800 Patients

California State University, Chico Data Breach Exposes Student Requests for Vaccine Exemptions

Mirai-Style IoT Botnet Is Now Scanning for Router-Pwning Critical Vuln in Realtek Kit

Critical F5 BIG-IP Bug Impacts Customers in Sensitive Sectors

Ethereum Urges Go Devs to Fix Severe Chain-Split Vulnerability

Microsoft: ProxyShell Bugs “Might Be Exploited,” Patch Servers Now!

Microsoft Will Add Secure Preview for Office 365 Quarantined Emails

8/24/2021

Amazon, Apple, Microsoft & Other CEOs Reportedly to Attend White House Cybersecurity Meeting

Bahraini Activists Targeted Using a New iPhone Zero-Day Exploit From NSO Group

New Zero-Click iPhone Exploit Used to Deploy NSO Spyware

Chinese Auto-Maker Accused of Altering Data after Fatal Autonomous Car Accident

HYCU Initiative Offers Free Evaluation for Ransomware Recovery Prospects

Over a Third of Smart Device Owners Do Not Take Security Measures

Samsung Can Remotely Disable Their TVs Worldwide Using TV Block

Coinbase Slammed for What Users Say Is Terrible Customer Service after Hackers Drain Their Accounts
Cyber-thieves Scam Town of Peterborough (NH) Out of $2.3M

CarePointe Ear, Nose and Throat (IN) Targeted in Ransomware Attack

Fake OpenSea Support Staff Are Stealing Cryptowallets and NFTS

Fake Apple Rep Amasses 620,000+ Stolen iCloud Pics, Vids in Hunt for Images of Nude Women to Trade

Pysa Ransomware Gang’s Script Shows Exactly the Files They’re After

Custom WhatsApp Build Delivers Triada Malware

SteelSeries Bug Gives Windows 10 Admin Rights by Plugging in a Device

B. Braun Updates Faulty IV Pump after McAfee Discovers Vuln Allowing Attackers to Change Doses

8/23/2021

UN-Backed Tech Group Adds Taliban to List of Terrorist Organizations

Singapore, U.S. Pledge Deeper Collaboration in Cybersecurity

Hackers Leak Footage of Iranian Prison

Company Data Hoards Create Tempting Targets for Hackers

FBI: OnePercent Group Ransomware Targeted U.S. Orgs since Nov 2020

CISA Warns Admins to Urgently Patch Exchange ProxyShell Bugs

Hacker Behind $600 Million Crypto Heist Returns Final Slice of Stolen Funds

Gets 500k Reward
New Research Finds 38 Million Records Exposed Online Earlier This Year

Nokia Subsidiary SAC Wireless Discloses Data Breach after Conti Ransomware Attack

Phishing Attack Exposes Medical Information for 12,000 Patients at Revere Health (UT)

Researchers Detail Modus Operandi of ShinyHunters Cyber Crime Group

Phishing Campaign Uses UPS.com XSS Vuln to Distribute Malware

Attackers Actively Exploiting Realtek SDK Flaws

Razer to Fix Windows Installer That Grants Admin Powers If You Plug in a Mouse

8/20-22/2021

China Passes Major Data Protection Law as Regulatory Scrutiny on Tech Sector Intensifies

Jack Ma’s Costliest Business Lesson: China Has Only One Leader

State Department Hit by Cyber Attack, Source Says

US Census Bureau Failed Breach Response, Watchdog Says

Schools, Colleges Brace for Cyberattacks as Students Return

Inside Afghanistan’s Cryptocurrency Underground as the Country Plunges into Turmoil

Cybersecurity Jobs: This Is What We’re Getting Wrong When Hiring – And Here’s How to Fix It

“Cybersecurity Is the New Seat Belt” Says STX Next

SynAck Ransomware Decryptor Lets Victims Recover Files for Free

Web Censorship Systems Can Facilitate Massive DDoS Attacks

Why Phone Scams Are So Difficult to Tackle

Key QAnon Influencer ‘GhostEzra’ Identified

New York Man Gets Three Years for Stealing Nude Photos from College Victims
T-Mobile Data Breach Just Got Worse — Now at 54 Million Customers

AT&T Denies Data Breach after Hacker Auctions 70 Million User Database

NYC Teachers’ Social Security Numbers Exposed

Twin Falls County (ID) Identifies Ransomware as Source of Computer Problems

Personal Data Breached in Rockwood School District (MO) Ransomware Attack

Mozi IoT Botnet Now Also Targets Netgear, Huawei, and ZTE Network Gateways

Microsoft Exchange Servers Being Hacked by New LockFile Ransomware

LockFile Ransomware Uses PetitPotam Attack to Hijack Windows Domains

Cloudflare Mitigated One of the Largest DDoS Attack Involving 17.2 Million RPS

Pegasus iPhone Hacks Used as Lure in Extortion Scheme

Razer Bug Lets You Become a Windows 10 Admin by Plugging in a Mouse

Microsoft Shares Guidance on Securing Windows 365 Cloud PCs

8/19/2021

North Korea Linked APT InkySquid Exploiting Known IE Bugs

The Pandemic Revealed the Health Risks of Hospital Ransomware Attacks

COVID-19 Contact-Tracing Data Exposed, Fake Vax Cards Circulate

You Can Post LinkedIn Jobs as Any Employer — So Can Attackers

Wanted: Disgruntled Employees to Deploy Ransomware (Krebs)

CISA Shares Guidance on How to Prevent Ransomware Data Breaches

Facebook Hit With New Antitrust Suit From Federal Trade Commission

Woman’s Facebook Account Hacked, Loses More than a Decade’s Worth of Friends

CEO Tried Funding His Startup by Asking Insiders to Deploy Ransomware

Florida Women Charged Over Sexually Exploitative Child Modeling Sites
More than $90 Million in Cryptocurrency Stolen from Japanese Exchange Liquid

JPMorgan Chase Notifies Montana Customers of Data Breach

Brazil’s Clothing Chain Renner Suffers Ransomware Attack and Systems Are Down

Data Stolen as Social Housing Group Suffers Ransomware Attack

Attempted Marion County (IN) Cyberattack Delaying Some Death Certificates

What To Do If You Think You’re Affected by the T-Mobile Breach

Ransomware: Amateur Attack Shows How Clueless Criminals Are Trying to Get In on the Action

Critical Cisco Bug in Small Business Routers to Remain Unpatched

Hackers Can Bypass Cisco Security Products in Data Theft Attacks

New Unofficial Windows Patch Fixes More PetitPotam Attack Vectors

8/18/2021

Census Bureau Computer Servers Target of January 2020 Cyberattack

Hacks Rank Among Top Power Grid Risks, Watchdog Says

China Orders Annual Security Reviews for All Critical Information Infrastructure Operators

Facebook Shares AI Advancements Improving Content Moderation

Feds Expected to Reveal New Strategy in Facebook Antitrust Fight

Bitcoin Mixer Owner Pleads Guilty to Laundering over $300 Million

Airline Employee Jailed for Spending Passengers’ Money
Krebs: T-Mobile Breach Exposed SSN/DOB of 40M+ People

U.S. Telecoms Agency to Probe T-Mobile Data Breach

Pine Labs Faces Alleged Data Breach; 50,000 Unique Records Exposed

Bogus Cryptomining Apps Infest Google Play

HolesWarm Malware Exploits Unpatched Windows, Linux Servers

Diavol Ransomware Sample Shows Stronger Connection to TrickBot Gang

GitHub Urges Users to Enable 2FA after Going Passwordless

8/17/2021

Rubio Reiterates Calls for TikTok Ban after China’s Reported Ownership Stake

Facebook Says It Will Keep Ban on Taliban Content

WhatsApp Can’t Ban the Taliban Because It Can’t Read Their Texts

Iranian APT Hackers Impersonate HR Employees to Hit Israeli Targets

Brazilian Government Discloses National Treasury Ransomware Attack

Conti Ransomware Prioritizes Revenue and Cyberinsurance Data Theft

LockBit 2.0 Ransomware Proliferates Globally

Phishing Costs Reach New High of $14.8M for Large Companies

Crypto Platform Hit by $600 Million Heist Asks Hacker to Become Its Chief Security Advisor

Chicago Pharmacist Arrested After Selling CDC COVID-19 Vaccination Cards On eBay

Apple: CSAM Image-Detection Backdoor ‘Narrow’ in Scope
Chase Bank Accidentally Leaked Customer Info to Other Customers

Records Missing from Illinois Vaccination Portal

Indiana Contact Tracing Data Breached

Japan’s Tokio Marine Is the Latest Insurer to Be Victimized by Ransomware

Krebs: T-Mobile Investigating Claims of Massive Data Breach

Malicious Ads Target Cryptocurrency Users With Cinobi Banking Trojan

Malware Campaign Uses Clever ‘CAPTCHA’ to Bypass Browser Warning

Bug in Millions of Flawed IoT Devices Lets Attackers Eavesdrop

CISA Releases Alert on BadAlloc Vulnerability in BlackBerry Products

If You Haven’t Updated ThroughTek DVR since 2018 Do So Now, Warns Mandiant of Critical Vuln

Fortinet Delays Patching Zero-Day Allowing Remote Server Takeover

8/16/2021

Afghan Broadcasters for U.S. Government Radio Fear Taliban Backlash

Secret Terrorist Watchlist with 2 Million Records Exposed Online

Colonial Pipeline Reports Data Breach after May Ransomware Attack

Tech Hack Notification Delays Can Leave Corporate Customers in the Lurch

Anonymous Messaging App Yik Yak Returns after 4-Year Shutdown

Tesla Autopilot Faces U.S. Safety Regulator’s Scrutiny after Crashes with Emergency Vehicles

Education Giant Pearson Fined $1M for Downplaying Data Breach

Sim Swap Scammer Pleads Guilty to Instagram Account Hijacks, Crypto Theft
T-Mobile Confirms Servers Were Hacked, Investigates Data Breach

Dallas Cops Lost 8TB of Criminal Case Data during Bungled Migration

SUNY Research Foundation Breach Potentially Affects 47,000

Malware Dev Infects Own PC and Data Ends up on Intel Platform

Troubling New Disk-Level Encryption Ransomware ‘DeepBlueMagic’ Surfaces

XSS Bug in SEOPress WordPress Plugin Allows Site Takeover

Dozens of STARTTLS Related Flaws Found Affecting Popular Email Clients

Critical Valve Bug Lets Gamers Add Unlimited Funds to Steam Wallets

8/13-15/2021

Crypto Hacker Offered Reward After $600m Heist

How Hackers Stole and Returned $600M in Tokens From Poly Network

UN Calls for Moratorium on Sale of Surveillance Tech Like NSO Group’s Pegasus

Krebs: New Anti Anti-Money Laundering Services for Crooks

SynAck Ransomware Releases Decryption Keys After El_Cometa Rebrand

Mysterious Hacker Group Suspected in July Cyberattack on Iranian Trains

Cost of Cyberattacks Significantly Higher for Smaller Healthcare Organizations

App Store Competition Targeted by Bipartisan Senate Bill

Senators Want Answers About Amazon’s Biometric Data Collection

Amazon’s Plan to Track Worker Keystrokes: A Sign of Controls to Come?

Facebook Adds End-to-End Encryption for Audio and Video Calls in Messenger

Microsoft Teams Will Alert Users of Incoming Spam Calls
Hacker Claims to Steal Data of 100 Million T-Mobile Customers

Ford Bug Exposed Customer and Employee Records From Internal Systems

Emails From Lithuanian Ministry of Foreign Affairs for Sale on Data-Trading Forum

Cyberattack Hits Israel’s Bar Ilan University: ‘Data Is Being Erased Right Now’

Memorial Health Systems (OH) Experiences Cyber Attack

U.S. Brokers Warned of Ongoing Phishing Attacks Impersonating FINRA

WordPress Sites Abused in Aggah Spear-Phishing Campaign

Cyberattackers Embrace CAPTCHAs to Hide Phishing, Malware

Hackers Spotted Using Morse Code in Phishing Attacks to Evade Detection

Vice Society Ransomware Joins Ongoing PrintNightmare Attacks

Researchers Find Vulns in Wodify Gym Management Web App Used With CrossFit

Windows 365 Exposes Microsoft Azure Credentials in Plaintext

8/12/2021

Report Finds U.S. Government Has Made Progress on Cybersecurity, More Work Remains

Huawei Stole Our Tech and Created a ‘Backdoor’ to Spy on Pakistan, Claims CA IT Biz

Businesses Push to Shape Federal Rules for Disclosing Hacks

A Cybersecurity Stop Sign: CISA Introduces Bad Practices

Covid-19 Vaccine Scammers Target Authorities in Dozens of Countries Including Italy and Colombia

Suspected Hacker Behind $600 Million Poly Network Crypto Heist Did It ‘for Fun’

Rogue Marketplace AlphaBay Reboots

Ukraine Shuts Down Money Laundering Cryptocurrency Exchanges

Google Search Led to Arrest of Cleared Campaigner
Chanel Apologizes for Data Breach

QR Code Scammers Get Creative with Bitcoin ATMs

Hackers Now Backdoor Microsoft Exchange Using ProxyShell Exploits

Microsoft: Evasive Office 365 Phishing Campaign Active Since July 2020

Ransomware Gang Uses PrintNightmare to Breach Windows Servers

Cornell University Researchers Discover ‘Code-Poisoning’ Attack

Brooklyn Tech Students Uncovered a NYC Schools Data Breach: Here’s How They Took Action

GitHub Picks Friday 13th to Kill off Password-Based Git Authentication

8/11/2021

China Sentences Canadian Citizen to 11 Years for Espionage in Case at Heart of Diplomatic Standoff

Lawmakers Raise Concerns Over Federal Division of Cybersecurity Responsibilities

Kaseya’s ‘Master Key’ to REvil Attack Leaked Online

Hackers Return Nearly Half of the $600 Million They Stole in One of the Biggest Crypto Heists

Crypto Industry Seeks to Build Momentum After Losing Senate Fight

The Family That Bet Everything on Bitcoin When It Was $900 Is Now Storing It in Secret Vaults on Four Different Continents

Cyberfraud Shifts to Gaming, Travel and Leisure, Report Finds

Attacks Leveraging Open Redirects on Google Meet, DoubleClick Surge

Norton LifeLock to Acquire Security Rival Avast in $8b Deal

Apple Settles Copyright Lawsuit With Virtual iOS Software Company
Accenture Restores Affected Systems After Reported Ransomware Attack

Accenture Says LockBit Ransomware Attack Caused ‘No Impact’

Millions of Seniors Hit by SeniorAdvisor Data Breach

Patient Information May Have Been Stolen in St. Joseph’s/Candler (GA) Ransomware Attack

Scripps Health (CA) Cyber Attack Cost the Company $113 Million

Charlotte Mecklenburg Schools (NC) Says Release Of Confidential Student Data Was Human Error, Not Hack

‘Friends’ Reunion Anchors Video Swindle

New AdLoad Malware Variant Slips Through Apple’s XProtect Defenses

Microsoft Confirms Another Windows Print Spooler Zero-Day Bug

SAP Patches Nine Critical & High-Severity Bugs

8/10/2021

Senate Includes Over $1.9 Billion for Cybersecurity in Infrastructure Bill

Amazon Awarded Secret $10B NSA Cloud Computing Contract

Chinese Espionage Group UNC215 Targeted Israeli Government Networks

Tucker Carlson’s Spying Allegations Being Investigated by National Security Agency Watchdog

Mike Lindell’s 2020 Election Symposium Delayed by ‘Hacked’ Livestream

Connected Farms Easy Pickings for Global Food Supply-Chain Hack

An Escalating Threat: How Smart Buildings Can Fall Victim to a Cyber Attack

Main Street Overconfidence: America’s Small Businesses Aren’t Worried About Hacking

Remote Workers Duck Security Rules

Cybercrime Victims Reluctant to Call Cops

Tech-Savvy Teens Falling Prey to Online Scams Faster Than Their Grandparents

Hackers Netting Average of Nearly $10,000 for Stolen Network Access

Boffins Propose Pretty Good Phone Privacy to End Pretty Invasive Location Data Harvesting by Telcos
$600M in Cryptocurrencies Swiped From Poly Network Servers After Security Snafu

Crytek Confirms Egregor Ransomware Attack, Customer Data Theft

Electromed Reveals Data Breach, Offers Identity Theft Protection to Customers

Fraudsters Impersonate DPD in “Convincing” New Smishing Scam

Chaos Malware Walks Line Between Ransomware and Wiper

eCh0raix Ransomware Variant Targets QNAP, Synology NAS Devices

Krebs: Microsoft Patch Tuesday, August 2021 Edition

Microsoft Fixes Windows Print Spooler PrintNightmare Vulnerability

Windows Security Update Blocks PetitPotam NTLM Relay Attacks

Microsoft Revives Deprecated RDCMan After Fixing Security Flaw

Adobe Fixes Critical Preauth Vulnerabilities in Magento

Firefox Adds Enhanced Cookie Clearing, HTTPS by Default in Private Browsing

8/6-9/2021

Krebs: Phishing Sites Targeting Scammers and Thieves

House of Commons (HoC) Beefs up Cyber Training Following Matt Hancock CCTV Leak Scandal

Why Understanding Cybersecurity Is No Longer Optional For Businesses

Ransomware Poses Threat to Vulnerable Local Governments

Putin Is Crushing Biden’s Room to Negotiate on Ransomware

White House Backs Senators Pushing for Stricter Crypto Reporting Rules

FTC Hits Facebook Over ‘Inaccurate’ Explanation for Banning Researchers

Thousands Sign Open Letter Arguing Against Apple Plan to Scan U.S. iPhones for Child Sexual Abuse Images

Virtual Vaccination Card Prompts Cybersecurity Fears

Yelp to Allow Users to Filter Businesses Based on Vaccination Requirements

Florida Martial Arts Instructor Accused of Spying on Students

U.S. Imprisons Drone Whistleblower

Microsoft Adds Fusion Ransomware Attack Detection to Azure Sentinel

Google Drops Bluetooth Titan Security Keys in Favor of Nfc Versions

Pulse Secure VPNs Get New Urgent Update for Poorly Patched Critical Flaw

Microsoft Exchange Servers Scanned for ProxyShell Vulnerability, Patch Now

Windows PetitPotam Vulnerability Gets an Unofficial Free Patch
Computer Hardware Giant GIGABYTE Hit by RansomEXX Ransomware

One Million Stolen Credit Cards Leaked to Promote Carding Market

162,000 Patients Exposed in Ransomware Attack on Gastroenterology Consultants (TX)

Illinois’ FOID Card System Hit by Cyber Attack

StarHub Suffers Data Breach, but Says No System Was Compromised

Android Malware ‘FlyTrap’ Hijacks Facebook Accounts

Australian Gov’t Warns of Escalating LockBit Ransomware Attacks

‘Glowworm’ Attack Turns Power Light Flickers into Audio

Synology Warns of Malware Infecting NAS Devices With Ransomware

Golang Cryptomining Worm Offers 15% Speed Boost

Auth Bypass Bug Exploited, Affecting Millions of Routers

Go, Rust “Net” Library Affected by Critical IP Address Validation Vulnerability

Amazon Kindle Vulnerable to Malicious EBooks

India’s Koo, a Twitter-like Service, Found Vulnerable to Critical Worm Attacks

Cisco: Firewall Manager RCE Bug Is a Zero-Day, Patch Incoming

8/5/2021

Senators Introduce Bipartisan Bill to Sanction Nations Involved in Ransomware Attacks

Amazon, Google and Other Tech Companies Join Government Effort to Fight Ransomware

Russian Group Releases Stolen Credit Cards on Dark Web. Here’s How to Protect Your Credit From Criminals

New Hacking Group Shows Similarities to Gang That Attacked Colonial Pipeline

Angry Conti Ransomware Affiliate Leaks Gang’s Attack Playbook

Krebs: Ransomware Gangs and the Name Game Distraction

Microsoft Edge Just Got a ‘Super Duper Secure Mode’ Upgrade

Google Expects Delays in Enforcing 2FA for Chrome Extension Devs

Apple Is About to Start Scanning iPhone Users’ Devices for Banned Content, Warns Professor
University of Kentucky Data Breach Exposes Email Addresses of 355k Students, Teachers

Judson ISD (TX) Confirms $547,000 Ransomware Payment in Taxpayer Funds

A Wide Range of Cyber Attacks Leveraging Prometheus TDS Malware Service

Linux Version of BlackMatter Ransomware Targets VMware ESXi Servers

MacOS Flaw in Telegram Retrieves Deleted Messages

New DNS Vulnerability Allows ‘Nation-State Level Spying’ on Companies

Unpatched Security Flaws Expose Mitsubishi Safety PLCs to Remote Attacks

Black Hat: Microsoft’s Patch for Windows Hello Bypass Bug is Faulty, Researchers Say

New Windows PrintNightmare Zero-Days Get Free Unofficial Patch

8/4/2021

Senators Highlight National Security Threats From China During Rare Public Hearing

NSA and CISA Share Kubernetes Security Recommendations

Some Cyber Experts Want to Investigate Hacks Like Plane Crashes

LockBit Ransomware Recruiting Insiders to Breach Corporate Networks

‘I’m Calling About Your Car Warranty’, aka PII Hijinx

Personal Data Breach Reports Fall Despite Rising Attacks

The Graph Foundation Launches Bug Bounty Program

Facebook Suspends Accounts of NYU Researchers Who’ve Criticized Platform

SolarWinds Urges U.S. Judge to Toss Suit: We Got Hit by Russia, Give Us a Break

Cybersecurity Trainer HackerU Acquires Cybint for $50m
Italy’s ERG Says Only Minor Disruption From Cyber Breach

Ransomware Attack Forces Eskenazi Health (IN) To Divert Patients

Sanford Health Target of Attempted Cyber Attack

Isle of Wight Schools (TX) Hit by Ransomware

Russian Federal Agencies Were Attacked With Chinese Webdav-O Virus

Phishing Campaign Dangles SharePoint File-Shares

New Cobalt Strike Bugs Allow Takedown of Attackers’ Servers

Black Hat: Security Bugs Allow Takeover of Capsule Hotel Rooms

INFRA:HALT Security Bugs Impact Critical Industrial Control Devices

Cisco Fixes Critical, High Severity Pre-Auth Flaws in VPN Routers

8/3/2021

Senate Report Finds Major Cybersecurity Shortcomings Among Federal Agencies

Russia Tells UN It Wants Vast Expansion of Cybercrime Offenses, Plus Network Backdoors & Online Censorship

Kaseya Ransomware Attack Sets off Race to Hack Service Providers: Researchers

Average Cost to Buy Access to a Compromised Company: $1,000

Bugs in Chrome’s Javascript Engine Can Lead To Powerful Exploits: This Project Aims to Stop Them

Coming Soon: America’s Own Social Credit System
Lehigh Valley Health Network (PA) Patients’ Info Hacked in 3rd Party Guidehouse Cyber Attack

Reindeer Leaked the Sensitive Data of More Than 300,000 People

Silicon Valley VC Firm Advanced Technology Ventures Hit by Ransomware

Raccoon Stealer Bundles Malware, Propagates Via Google SEO

‘DeadRinger’ Targeted Exchange Servers Long Before Discovery

Popular Technology That Hospitals Use to Send Lab Samples Is Vulnerable: Researchers

8/2/2021

White House Cyber Chief Backs New Federal Bureau to Track Threats

Huawei to America: You’re Not Taking Cyber-Security Seriously Until You Let China Vouch for Us

Google Chrome to No Longer Show Secure Website Indicators

Your Facebook Account Was Hacked: Getting Help May Take Weeks — Or $299

Industrial Cyber Security Startup Nozomi Networks Raises $100m

CDW Acquires Cybersecurity Company Focal Point Data Risk
Wisconsin Institute of Urology Patient Health Data Exposed After Email Hacking Incident

New APT Hacking Group Targets Microsoft IIS Servers with ASP.NET Exploits

Reports Point to Uptick in HTML Smuggling Attacks

‘PwnedPiper’: Devastating Bugs in >80% of Hospital Pneumatics

Windows PetitPotam Attacks Can Be Blocked Using New Method

Bot Protection Now Generally Available in Azure Web Application Firewall

7/30-8/1/2021

SolarWinds Hackers Accessed Over Two Dozen Federal Prosecutors’ Offices: DOJ

French Finance Minister’s Phone Investigated in Pegasus Spyware Case

NSA Warns Public Networks are Hacker Hotbeds

Unusual Malware Attack Can Go From First Contact to Ransomware in Just 48 Hours

DarkSide Ransomware Gang Returns as New BlackMatter Operation

‘COVID Vaccine Scammers Nearly Got Me’

FBI Warns Investors of Fraudsters Posing as Brokers and Advisers

CISA Launches Vulnerability Disclosure Platform for Federal Agencies

Google to Block Logins on Old Android Devices Starting September

Amazon Fined $886m by EU Regulators

Zoom Settles U.S. Class Action Privacy Lawsuit for $86m
Coghlin Electrical Co. (MA) Hit With Ransomware Attack

Carolina Panthers Apologize to Fans for Sending Personal Info to Other Fans

Hackers Attack Rome Region Vaccine Sign-up Site

New Bank-Fraud Malware Called Vultur Infects Thousands of Devices

PyPI Packages Caught Stealing Credit Card Numbers, Discord Tokens

Novel Meteor Wiper Used in Attack that Crippled Iranian Train System

Experts Uncover Several C&C Servers Linked to WellMess Malware

Linux eBPF Bug Gets Root Privileges on Ubuntu – Exploit Released

Remote Print Server Gives Anyone Windows Admin Privileges on a PC

Node.js Fixes Severe HTTP Bug That Could Let Attackers Crash Apps