3/30/2022

Russian Hackers Targeted NATO, Eastern European Militaries – Google

Viasat Spills on the Russian Attack, Warns of Continued Risks

MSHTML Flaw Exploited to Attack Russian Dissidents

Lapsus$ And SolarWinds Hackers Both Use the Same Old Trick to Bypass MFA

Two-Factor Authentication Is a Great Idea, But Not Nearly Enough People Are Using It

U.S. National Emergency From 2015 Extended by Biden Due to Elevated Malicious Cyber Activity

House Sends Bipartisan Cyber Crime Bill to Biden

New Research Claims Biden’s Disclosure Deadlines Are Unrealistic

FBI Disrupts BEC Cybercrime Gangs Targeting Victims Worldwide

Ubiquiti Sues Krebs on Security for Defamation
Lapsus$ Gang Claims New Hack With Data From Apple Health Partner

Globant Confirms Hack After Lapsus$ Leaks 70gb of Stolen Data

Bradley Int’l Airport (CT) Website Hit by DDoS Cyber Attack; No Breach Reported

13 Apps Removed After Researchers Uncover Trojan Crypto Wallet Scheme

Hive Ransomware Uses New ‘IPfuscation’ Trick to Hide Payload

This New Ransomware Targets Data Visualization Tool Jupyter Notebook

RCE Bug in Spring Cloud Could Be Next Log4Shell, Researchers Warn: ‘Spring4Shell’

QNAP Warns Severe OpenSSL Bug Affects Most of Its NAS Devices

3/29/2022

Russia Accuses U.S. of Leading Massive Cyber Campaign

Personal Data of 620 FSB Officers Published Online

Data-Harvesting Code in Yandex Mobile Apps Sends User Data to “Russia’s Google”

More Must Reconsider Russian Tech, Anti-virus Software Use, UK Warns

FBI Warns Election Officials of Credential Phishing Attacks

CISA Warns of Attacks Targeting Internet-Connected UPS Devices

Hackers Are Getting Faster at Exploiting Zero Day Flaws: That’s a Problem for Everyone

Krebs: Hackers Gaining Power of Subpoena Via Fake “Emergency Data Requests”

European Police Bust Multimillion-Dollar Investment Fraud Gang

Mnuchin’s Private Equity Firm Buys Security Startup Zimperium for $525M
Shutterfly Discloses Data Breach After Conti Ransomware Attack

$620 Million in Crypto Stolen From Axie Infinity’s Ronin Bridge

Hive Ransomware Group Claims to Steal California Health Plan Patient Data

Oklahoma City Indian Clinic Suffers Cyber Attack

New Hacking Campaign by Transparent Tribe Hackers Targeting Indian Officials

Mars Stealer Malware Pushed via OpenOffice Ads on Google

New Malware Loader ‘Verblecon’ Infects Hacked PCs with Cryptocurrency Miners

Wyze Cam Flaw Lets Hackers Remotely Access Your Saved Videos

Log4JShell Used to Swarm VMware Servers with Miners, Backdoors

3/28/2022

Ukraine War: Major Internet Provider Ukrtelecom Suffers Cyber-Attack

Ukraine Dismantles 5 Disinformation Bot Farms, Seizes 10,000 SIM Cards

Hacked WordPress Sites Force Visitors to DDoS Ukrainian Targets

China APT Group ‘Mustang Panda’ Using Russia Invasion, COVID-19 in Phishing Attacks

New Lapsus$ Hack Documents Make Okta’s Response Look More Bizarre

Secret World of Pro-Russia Hacking Group TrickBot Exposed in Leak

Security Experts Say New EU Rules Will Damage WhatsApp Encryption

Satoshi Island: ‘Crypto Paradise’ Where Citizenship Costs $130,000
Spokane Regional Health District (WA) Suffers Another Data Breach

Maldives STELCO Hit with Ransomware Attack

‘Purple Fox’ Hackers Spotted Using New Variant of FatalRAT in Recent Malware Attacks

Muhstik Botnet Targeting Redis Servers Using Recently Disclosed Vulnerability

SunCrypt Ransomware Is Still Alive and Kicking In 2022

Hackers Hijack Email Reply Chains on Unpatched Exchange Servers to Spread IcedID Malware

Critical SonicWall Firewall Patch Not Released for All Devices

Sophos Fixes Critical Hijack Flaw in Firewall Offering

CISA Warns Orgs to Patch Actively Exploited Chrome, Redis Bugs

3/25-27/2022

Russia Hacked Ukrainian Satellite Communications, Officials Believe

The Hard Truth Behind Biden’s Cyber Warnings

Another Chinese Hacking Group ‘Scarab’ Spotted Targeting Ukraine Amid Russia Invasion

Experts Seek Cyberwarfare Definition Following Recent Cyber Warnings

Indictment of Russian National Offers Glimpse Into Methodical Targeting of Energy Firm

FCC Adds Kaspersky to Its List of National Security Threats

HackerOne Kicks Kaspersky’s Bug Bounty Program off Its Platform

Racoon Stealer Malware Suspends Operations Due to War in Ukraine

‘Precursor Malware’ Infection May Be Sign You’re About to Get Ransomware, Says Startup

Phishing Kits Constantly Evolve to Evade Security Software

Krebs: Estonian Tied to 13 Ransomware Attacks Gets 66 Months in Prison

U.S., EU Reach Preliminary Deal on Data Privacy

Okta: “We Made a Mistake” Delaying the Lapsus$ Hack Disclosure

CISA Adds 66 Vulnerabilities to List of Bugs Exploited in Attacks
Personal Data of 820,000 NYC Students Compromised in Hack

Major League Baseball Players’ Personal Data Stolen

Morgan Stanley Client Accounts Breached in Social Engineering Attacks

Cheyenne Regional Payroll (WY) Impacted by Ransomware Attack

Among Us DDoS Attack Brings Servers Offline All Weekend

URL Rendering Trick Enabled WhatsApp, Signal, iMessage Phishing

Experts Uncover Campaign Stealing Cryptocurrency from Android and iPhone Users

Hive Ransomware Ports Its Linux VMware ESXI Encryptor to Rust

Public Redis Exploit Used by Malware Gang to Grow Botnet

Honda Bug Lets a Hacker Unlock and Start Your Car via Replay Attack

Critical Sophos Firewall Vulnerability Allows Remote Code Execution

Google Issues Urgent Chrome Update to Patch Actively Exploited Zero-Day Vulnerability

Western Digital Fixes Critical Bug Giving Root on My Cloud NAS Devices

3/24/2022

U.S. Charges Russian Gov’t Hackers With Campaign of Global Energy Cyberattacks

FBI Adds Russian Cybercrime Market Owner to Most Wanted List

Chinese APT ‘Operation Dragon Castling’ Targeting Betting Companies in Southeast Asia

Tax-Season Scammers Spoof Fintechs, Including Stash, Public

South Africa Wants to Fight SIM Swapping With Biometric Checks

Okta Under Fire Over Handling of Security Incident

Krebs: A Closer Look at the LAPSUS$ Data Extortion Group

7 Teenagers Arrested in Connection With Lapsus$ Hacking Group for Nvidia, Okta Hacks
IT Outage at Scotland’s Heriot-Watt University Enters Second Week

North Korean APT Hackers Exploit Chrome Zero-Day Weeks Before Patch

Just-Released Dark Souls Game, Elden Ring, Includes Killer Bug

Malicious Microsoft Excel Add-Ins Used to Deliver Rat Malware

Microsoft Help Files Disguise Vidar Malware

Microsoft Azure Developers Awash in PII-Stealing npm Packages

Western Digital My Cloud OS Update Fixes Critical Vulnerability

Pandemic Leaves Firms Scrambling for Cybersecurity Specialists

3/23/2022

Hackers Are Targeting European Refugee Charities -Ukrainian Official

Ukrainian Coders Are Splitting Their Time Between Work and Cyber Warfare

West Blocks Russia’s Access to Weather Data

Chinese ‘Mustang Panda’ Hackers Spotted Deploying New ‘Hodur’ Malware

Hackers Steal From Hackers by Pushing Fake Malware on Forums

U.S. and Canada Collaborate to Tackle Cybercrime

Ten Ransomware Strains Put To the Encryption Speed Test

How Much the Average Conti Hacking Group Member Earns a Month: $1,800
Italy’s State Railway May Have Been Target of Cyber Attack

Medical Service Doctors Me Leaks 12,000 Sensitive Patient Images

UMass Memorial Health Care Files Notice of Recent Data Breach

Rawlins Hospital (WY) Hit With Ransomware Attack Over Weekend

Nestlé Says It Leaked Its Own Test Data, Not Anonymous

DeadBolt Ransomware Resurfaces to Hit QNAP Again

Hackers Exploit New WPS Office Flaw to Breach Betting Firms

3/22/2022

Kremlin Dismisses U.S. Warning of Potential Russian Cyber Attacks

White House Shares Checklist to Counter Russian Cyberattacks

Microsoft Confirms Lapsus$ Hackers Stole Source Code via ‘Limited’ Access

Okta ‘Hack’ Puts Thousands of Businesses on High Alert

Lapsus$ Gang Claims Okta Hack

Okta: Lapsus$ Attackers Had Access to Support Engineer’s Laptop

The Metaverse May Bring New Cyber Risks: Here’s What Companies Can Do

Surveillance Risks Shape How Central Banks Test Digital Currencies

Krebs: ‘Spam Nation’ Villain Vrublevsky Charged With Fraud
Greece’s Public Postal Service Offline Due to Ransomware Attack

Russian Meat Producer Miratorg Agribusiness Holding Hit by BitLocker

Scottish Association for Mental Health Disrupted by ‘Sophisticated’ Cyber-Attack

Bexar County Appraisal District (TX) Hit With Ransomware Attack Shutting Down Email

Custom macOS Malware of Chinese Hackers ‘Storm Cloud’ Exposed

New Dell BIOS Bugs Affect Millions of Inspiron, Vostro, XPS, Alienware Systems

Hundreds of HP Printer Models Vulnerable to Remote Code Execution

Tech Leaders Must Raise Awareness And Build Trust To Close The Cybersecurity Gap

3/21/2022

Russia Is Exploring Options for Cyberattacks and Companies Must Be Ready, Says Biden

After ‘Protestware’ Attacks, a Russian Bank Has Advised Clients to Stop Updating Software

Code-Sabotage Incident in Protest of Ukraine War Exposed Open Source Risks

Conti Ransomware V. 3, Including Decryptor, Leaked

Microsoft Investigating Claims of Hacked Source Code Repositories

Microsoft Investigating Potential LAPSUS$ Hack After Sensitive Screenshot Leak

Apple Services Including Maps, App Store and iCloud Go Down for 4+ Hours in Major Global Outage
JDC Healthcare Management LLC (TX) Data Breach May Impact 1 Million

Over 40,000 London Voters Have Data Leaked to Strangers

HubSpot Hack Leads to Data Breaches at BlockFi, Swan Bitcoin, NYDIG and Circle

Facestealer Trojan Hidden in Google Play Plunders Facebook Accounts

BitRAT Malware Now Spreading as a Windows 10 License Activator

Serpent Malware Campaign Abuses Chocolatey Windows Package Manager

Windows Zero-Day Flaw Giving Admin Rights Gets Unofficial Patch, Again

3/18-20/2022

Google: Chinese State Hackers Target Ukraine’s Government

Leaked Ransomware Docs Show Conti Helping Putin From the Shadows

Russian Hackers Allegedly Compromise Ukrainian News Sites, Displaying ‘Z’ Symbol

Sandworm APT Hunts for ASUS Routers With Cyclops Blink Botnet

Krebs: Pro-Ukraine ‘Protestware’ Pushes Antiwar Ads, Geo-Targeted Malware

New Phishing Toolkit Lets Anyone Create Fake Chrome Browser Windows

Free Decryptor Released for TrickBot Gang’s Diavol Ransomware

Clandestine Finance System Helped Iran Withstand Sanctions Crush, Documents Show

Cybersecurity Stocks Could See Huge Growth as Russia-Ukraine War Spurs More Cyberattacks
DarkHotel APT Targets Wynn, Macao Hotels to Rip Off Guest Data

BlockFi Confirms Unauthorized Access to Client Data Hosted on Hubspot

Wheeling Health (WV) Right Victim of a Cyberattack

Bitcoin Miners Breached Land Information NZ Cloud Service

A Security Lapse Exposed India’s CISF Personnel Files and Health Records

Hackers Claim to Breach TransUnion South Africa With ‘Password’ Password

NRA Confirms Last Year’s Ransomware Attack

FBI: AvosLocker Ransomware Targets U.S. Critical Infrastructure

Western Digital App Bug Gives Elevated Privileges in Windows, macOS

3/17/2022

Russia Gets Triggered by Ukraine Joining NATO Cyberdefense Hub

Russian Ministry Says It’s ‘Recording Unprecedented Attacks’ on Government Websites

Russian Pipeline Company Transneft Hit by Data Leak Dedicated to Hillary Clinton

Dev Sabotages Popular NPM Package to Protest Russian Invasion

Crypto an Unlikely Route for Russian Sanctions Evasion, Experts Say

Europe Warns of Aircraft GPS Outages Tied to Russian Invasion

How CAPTCHAs Can Cloak Phishing URLs in Emails

A Big Bet to Kill the Password for Good

Google Exposes Tactics of a Conti Ransomware Access Broker
CISA, FBI Warn U.S. Critical Orgs of Threats to SATCOM Networks

Misconfigured Firebase Databases Exposing Data in Mobile Apps

Schuylkill (PA) Counters Data Breach; Begins to Notify People

New Unix Rootkit Used to Steal ATM Banking Data

Unsecured Microsoft SQL, MySQL Servers Hit by Gh0stCringe Malware

ASUS Warns of Cyclops Blink Malware Attacks Targeting Routers

DirtyMoe Botnet Gains New Exploits in Wormable Module to Spread Rapidly

TrickBot Malware Abusing MikroTik Routers as Proxies for Command-and-Control

3/16/2022

Zelenskyy Invokes 9/11 in Pressing Congress for Help

U.S. Has ‘Significant’ Cyber Vulnerabilities, but a Sweeping Russian Cyberattack Is Unlikely

Anonymous Declared a ‘Cyber War’ Against Russia. Here Are the Results

Bad Deepfake of Zelenskyy Shared on Ukraine News Site in Reported Hack

The Workaday Life of the World’s Most Dangerous Ransomware Gang

Microsoft Defender Tags Office Updates as Ransomware Activity

Researcher Uses 379-Year-Old Algorithm to Crack Crypto Keys Found in the Wild

Emotet Malware Campaign Impersonates the IRS for 2022 Tax Season

U.S. Bars Ex-spies From Becoming ‘Mercenaries’

Krebs: Lawmakers Probe Early Release of Top RU Cybercrook
Hundreds of GoDaddy-Hosted Sites Backdoored in a Single Day

East Tennessee Children’s Hospital Responding to Cyber Incident

Phony Instagram ‘Support Staff’ Emails Hit Insurance Company

SolarWinds Warns of Attacks Targeting Web Help Desk Instances

‘CryptoRom’ Crypto-Scam is Back via Side-Loaded Apps

LokiLocker Ransomware Family Includes Wiper Function

OpenSSL Cert Parsing Bug Causes Infinite Denial of Service Loop

CISA Adds 15 Vulnerabilities to List of Flaws Exploited in Attacks

Australia’s Big Four Banks Tackling Cybersecurity With a Team Sport Mentality

Irish Watchdog Fines Meta $19m Over Data Breach

3/15/2022

Germany Warns Against Russian Anti-virus Use

Russia Faces IT Crisis With Just Two Months of Data Storage Left

A Phone Relay Capture May Be the Latest of Russia’s Comms Woes in Ukraine

Satellite Outage Caused ‘Huge Loss in Communications’ at War’s Outset: Ukrainian Official

Cyberattacks Rising as Hackers Use Russia-Ukraine War as a Distraction: CrowdStrike CEO

HackerOne Apologizes to Ukrainian Hackers for Mistakenly Blocking Payouts

The Lapsus$ Hacking Group Is Off to a Chaotic Start

Staff Think Conti Group Is a Legit Employer

Nearly 34 Ransomware Variants Observed in Hundreds of Cyberattacks in Q4 2021

UK Blocks Assange’s Extradition Appeal
Massive Phishing Campaign Uses 500+ Domains to Steal Credentials

Labette Health (KS), Capital Region Medical Center (MO) Confirm Data Breaches

Nuna Baby Essentials Data Breach

Android Trojan Persists on the Google Play Store Since January

Mobile App Developers Leave Behind 2,100 Open Databases

FBI Warns of MFA Flaw Used by State Hackers for Lateral Movement

New Linux Botnet Exploits Log4J, Uses DNS Tunneling for Comms

Intel’s AMD Bug Find Proves That Spectre Is Still Looming Over Us

OpenSSL Patches Crash-Me Bug Triggered by Rogue Certs

Cyber Firm SentinelOne to Buy Attivo Networks for $616.5 Million

FTC to Fine CafePress for Cover up of Massive Data Breach

3/14/2022

Intel Chair ‘Amazed’ Russia Hasn’t Launched Full-Scale Cyberwarfare

Bipartisan Group of Senators Press Mayorkas on U.S. Readiness for Russian Cyberthreat

U.S., EU Cyber Investments in Ukraine Pay Off Amid War

Russian Ransomware Gang Retool Custom Hacking Tools of Other APT Groups

Researchers Find New Destructive Wiper Malware ‘CaddyWiper’ in Ukraine

Fake Antivirus Updates Used to Deploy Cobalt Strike in Ukraine

Cybercrooks’ Political In-Fighting Threatens the West

Ukraine War Has Insurers Worried About Cyber Policies

China Thrilled It Captured Already-Leaked NSA Cyber-Weapon NOPEN
Israel Says Its Government Websites Were Hit by Cyber Attack

Personal Info From 287K Patients Compromised in Hack of South Denver Cardiology

Lake Shore Savings Bank (NY) Reports Data Breach

Trinity Home Care (MA) Reports Hack Exposed Patient Records

City of Amarillo (TX) Prevents Attempted Data Breach, Email Down Until Further Notice

QNAP Warns Severe Linux Bug Affects Most of Its NAS Devices

2021 Mobile Security: Android More Vulnerabilities, iOS More Zero-Days

Canada Cops Arrests Teen Cyber-Attack Suspect

3/11-13/2022

Russian Prosecutors Warn Western Companies of Arrests, Asset Seizures

VPN Use in Russia Is Surging as Citizens Try to Bypass Government’s Tightening Internet Control

Russia Issues Its Own TLS Certs

Russia Wants to Label Meta an ‘Extremist Organization’

WHO, U.S. Worry Ukrainian Biological Lab Samples Could Spill, Go to Russians

Report: Recent 10x Increase in Cyberattacks on Ukraine (Krebs)

Russian Defense Firm Rostec Shuts Down Website After DDoS Attack

Anonymous Claims to Have Leaked Over 360,000 Files From Russian Federal Agency

DuckDuckGo Down-Ranks Sites Spreading Russian Propaganda

Google-Facebook Ad Deal Is Investigated by EU, UK

Spending Bill Includes Large Funding Increase to Boost Cybersecurity

VPN Provider Bans BitTorrent After Getting Sued by Film Studios
Ubisoft Says It Experienced a ‘Cyber Security Incident’, Purported Nvidia Hackers Take Credit

Wightlink Customers’ Details Stolen in Cyber Attack

Rosneft’s German Unit Reports Cyber Attack

Japan’s Denso Hit by Apparent Ransomware Attack

Bridgestone Americas Confirms Ransomware Attack, LockBit Leaks Data

New ONE PIECE Anime Episodes Delayed After Toei Cyberattack

Fake Valorant Cheats on YouTube Infect You With RedLine Stealer

Raccoon Stealer Crawls Into Telegram

Android Malware Escobar Steals Your Google Authenticator MFA Codes

Singapore Uncovers Four Critical Vulnerabilities in Riverbed Software

Multiple Security Flaws Discovered in Popular Software Package Managers

How to Combat the No. 1 Cause of Security Breaches: Complexity

3/10/2022

Malware Posing as Russia DDoS Tool Bites Pro-Ukraine Hackers

Iranian Hackers Targeting Turkey and Arabian Peninsula in New Malware Campaign

Most Orgs Would Take Security Bugs Over Ethical Hacking Help

Over 40% of Log4j Downloads Are Vulnerable Versions of the Software

Ex-Canadian Government Official Extradited to Face Charges Over ‘NetWalker’ Ransomware Attacks

Colorado Elections Clerk Charged with Identity Theft
Vodafone Investigating Threat From Hackers Behind Samsung Breach to Leak Source Code

Montrose Regional Health (CO) Email Breach Exposed 52,632 Patients’ Protected Information

Corporate Website Contact Forms Used to Spread BazarBackdoor Malware

Qakbot Botnet Sprouts Fangs, Injects Malware into Email Threads

CISA Updates Conti Ransomware Alert With Nearly 100 Domain Names

WhatsApp Emits Extension to Detect Tampering With Desktop Web Apps

3/9/2022

The Secret U.S. Mission to Bolster Ukraine’s Cyber Defenses Ahead of Russia’s Invasion

Russian APTs Furiously Phish Ukraine – Google

Russian Government Sites Hacked in Supply Chain Attack

Krebs: Internet Backbone Giant Lumen Shuns .RU

U.S. Treasury: Russia May Bypass Sanctions Using Ransomware Payments

SEC to Vote on New Cybersecurity Disclosure Rules as Ukraine Crisis Gives Them ‘Special Relevance’

Ukrainian Man Charged in Major Ransomware Spree Extradited to U.S. – Justice Dept

Clearview AI Fined €20M for Collecting Italians’ Biometric Data

Chinese Phishing Actors Consistently Targeting EU Diplomats
Most ServiceNow Instances Misconfigured, Exposed

Norwood Clinic (AL) and Central Indiana Orthopedics Incidents Affect 310K Patients

Hackers Fork Open-Source Reverse Tunneling Tool for Persistence

Critical RCE Bugs Found in Pascom Cloud Phone System Used by Businesses

Intel, AMD, Arm Warn of New Speculative Execution CPU Bugs

Nearly 30% Of Critical WordPress Plugin Bugs Don’t Get a Patch

Krebs: Microsoft Patch Tuesday, March 2022 Edition

Dell Opts Out of Microsoft’s Pluton Security for Windows

3/8/2022

Mandiant: China-Backed Hackers APT41 Breached Government Networks in at Least Six U.S. States

Google: Chinese Hackers APT31 Target Gmail Users Affiliated With U.S. Gov’t

Angry Putin Set to ‘Double Down’ in Ukraine, Intel Chiefs Warn Lawmakers

Ukraine and U.S. Targeted by Cybersecurity Attacks in Run-up to Russian Invasion

Belarus Targeted Ukraine, Poland in Phishing Campaigns: Google

ProtonMail Urges Russian Users to Renew as Payment Options Dry Up

Cloudflare to Auto-Brick Servers That Go Offline in Ukraine, Russia

War Is Calling Crypto’s ‘Neutrality’ Into Question

Gig App Gathering Data for U.S. Military, Others Prompts Safety Concerns

Krebs: Conti Ransomware Group Diaries, Part IV: Cryptocrime

Prison for Man Who Scammed U.S. Government to Buy Rare Charizard Pokémon Card
E-Commerce Giant Mercado Libre Confirms Source Code Data Breach

Emotet Growing Slowly but Steadily Since November Resurgence

DDoS Attacks Now Use New Record-Breaking Amplification Vector

Zero-Click Flaws in Widely Used UPS Devices Threaten Critical Infrastructure

Access:7 Vulnerabilities Impact Medical and IoT Devices

New 16 High-Severity UEFI Firmware Flaws Discovered in Millions of HP Devices

Microsoft Addresses 3 Zero-Days & 3 Critical Bugs for March Patch Tuesday

Android’s March 2022 Security Updates Fix Three Critical Bugs

Google to Buy Cybersecurity Firm Mandiant in $5.4 Billion Deal

Google’s Mandiant Deal Aims to Automate More Cybersecurity Services

3/7/2022

U.S., Spain Join Forces in Cyberwarfare Amid Russia-Ukraine War

UN Mulls Russia’s Pitch for Cybercrime Treaty

Musk Warns Starlink Could Attract Russian Bombs

Anonymous Claims It Hacked Into Russian TVs and Showed the True Devastation of Putin’s Ukraine Invasion

What Russia’s Ongoing Cyberattacks in Ukraine Suggest About the Future of Cyber Warfare

Ukrainian CERT Warns Citizens of Phishing Attacks Using Compromised Accounts

FBI Warns of Online Scammers Impersonating Government Officials, Law Enforcement

FBI: Ransomware Gang Breached 52 U.S. Critical Infrastructure Orgs

Coinbase Blocks Over 25,000 Russian-Linked Crypto Addresses

Piracy OK: Russia to Ease Software Licensing Rules After Sanctions
Samsung Confirms Lapsus$ Hackers Stole Galaxy Source Code

PressReader Suffers Cyber-Attack

Rompetrol Gas Station Network Hit by Hive Ransomware

Hilliard City Schools (OH) Acknowledges Data Breach of Student Information

Critical Bugs in TerraMaster TOS Could Open NAS Devices to Remote Hacking

New Linux Bug Gives Root on All Major Distros, Exploit Released

Microsoft Fixes Critical Azure Bug That Exposed Customer Data

How Police Abuse Phone Data to Persecute LGBTQ People

Dozens of COVID Passport Apps Put User’s Privacy at Risk

3/4-6/2022

Ukrainian Websites Under ‘Nonstop’ Attack – Cyber Watchdog Agency

Ukraine to Join NATO Intel-Sharing Cyberdefense Hub

How the West Unplugged Russia From the World’s Financial Systems

Security News This Week: A Major Internet Backbone Company Cuts Off Russia

Tech Companies Seek to Choke Out Russian State Media

Russia Says It’s Blocking Facebook in Alarming New Censorship Push

Russia Weighs Risks of Launching Cyberattacks Against the West

Amazon: Charities, Aid Orgs in Ukraine Attacked With Malware

Russia Shares List of 17,000 IPs Allegedly DDoSing Russian Orgs

Krebs: Conti Ransomware Group Diaries, Part III: Weaponry

Experts Urge EU Not to Force Insecure Certificates in Web Browsers

White House Sides With Congress Over Contentious Cyber Bill

CISA Pledges to Share Incident Reports With FBI After DOJ Backlash to Bipartisan Cybersecurity Act
Cyber-Criminals Exploit Invasion of Ukraine

Adafruit Discloses Data Leak From Ex-employee’s Github Repo

Hackers Leak 190GB of Alleged Samsung Data, Source Code

Authorities Investigate Ransomware Attack in Fleetwood Area School District (PA)

Duncan Regional Hospital (OK) Patient Information Exposed in Data Security Incident

Ascension Michigan Data Breach May Have Exposed Some Patients’ Social Security Numbers

T-Mobile Data Breach Victims at Risk For Identity Theft

SharkBot Malware Hides as Android Antivirus in Google Play

Massive Meris Botnet Embeds Ransomware Notes from REvil

Malware Now Using NVIDIA’s Stolen Code Signing Certificates

Social Media Phishing Attacks Are at an All Time High

New Linux Kernel cgroups Vulnerability Could Let Attackers Escape Container

Mozilla Firefox 97.0.2 Fixes Two Actively Exploited Zero-Day Bugs

3/3/2022

Ukrainian Cities Hit With Blackouts After Attacks on Energy Infrastructure

Ukraine Says Local Gov’t Sites Hacked to Push Fake Capitulation News

Free Decryptor Released for Hermeticransom Victims in Ukraine

Why Russia Hasn’t Launched Major Cyber Attacks Since the Invasion of Ukraine

Anonymous-Linked Group Hacks Russian Space Research Site, Claims to Leak Mission Files

Russia Denies Satellite Hacking and Warns of Wider War

Russia Leaks Data From a Thousand Cuts–Podcast

Ukraine Cyber Group to Strike at Russia’s Critical Infrastructure

Switzerland’s SWIFT Data Centre Under Guard After Russian Banks Excluded

Spyware From Israeli NSO Group

DOJ Officials Criticize Senate-Passed Cyber Bill
NVIDIA Data Breach Exposed Credentials of Over 71,000 Employees

Cyberattack Strikes Bridgestone Plants in Tennessee — And All of North and South America

Monongalia Health (WV) Suffers Second Healthcare Data Breach

Michigan Medicine Data Breach May Have Exposed Some Patients’ Health Information

Data Breach May Have Exposed Personal Information of Oklahomans on Disability Aid List

‘Vuxner’ Malware Campaign Impersonates VC Firm Looking to Buy Sites

Amazon Alexa Can Be Hijacked via Commands From Own Speaker

Researchers Demonstrate New Side-Channel Attack on Homomorphic Encryption

Critical Patches Issued for Cisco Expressway Series, TelePresence VCS Products

Hacktivists, Cybercriminals Switch to Telegram After Russian Invasion

3/2/2022

Russia Steps up Attacks on Key Ukrainian Cities, Biden Warns Putin Will Pay a ‘High Price’

Russia Confirms Casualties in Ukraine Ahead of the Next Round of Talks

Russian Space Agency Says Hacking Satellites Is an Act of War

Ukraine’s Tech Workers Log Off, Take Shelter

Apple and Google Turn Off Map Features to Help Ukraine

Phishing Attacks Target Countries Aiding Ukrainian Refugees

Ukrainian Sites Saw a 10x Increase in Attacks When Invasion Started

Senate Passes Cybersecurity Bill Amid Fears of Russian Cyberattacks

Details of ‘120,000 Russian Soldiers’ Leaked by Ukraine

Swiss Bank Requests Destruction of Documents
Data Breach at OK Department of Human Services May Have Leaked Personal Information

Hackers Begin Weaponizing TCP Middlebox Reflection for Amplified DDoS Attacks

Over 100,000 Medical Infusion Pumps Vulnerable to Years Old Critical Bug

Log4shell Exploits Now Used Mostly for DDoS Botnets, Cryptominers

Attacks Abusing Programming Apis Grew Over 600% In 2021

Companies’ Code Leaking More Passwords and Secrets

AMD, Intel, TSMC, Microsoft and Others Establish Universal Chiplet Standard

As War Escalates in Europe, It’s ‘Shields up’ for the Cybersecurity Industry

EU, U.S. Close to Replacing Defunct Privacy Shield II

Krebs: Conti Ransomware Group Diaries, Part II: The Office

3/1/2022

Ukraine Asked the Internet’s Governing Body to Remove Russian Sites

How Ukraine’s Internet Can Fend Off Russian Attacks

Ukraine Conflict Shows Wartime Norms Don’t Exist for Cyber Operations

Krebs: Conti Ransomware Group Diaries, Part I: Evasion

Microsoft Accounts Targeted by Russian-Themed Credential Harvesting

Russia-Ukraine Crisis: How to Avoid Fundraising Scams

Eugene Kaspersky’s Statement Provokes Controversy Within Cybersecurity Industry

Reality Winner’s Twitter Account Was Hacked to Target Journalists

This Is What Happens When Two Ransomware Gangs Hack the Same Target – At the Same Time

Ransomware Attackers Begin to Eye Midmarket Acquisition Targets
Viasat Attributes Outage to “Cyber Event”

Second New ‘IsaacWiper’ Data Wiper Targets Ukraine After Russian Invasion

NVIDIA Confirms Data Was Stolen in Recent Cyberattack

Logan Health (MT) Reports Data Breach

TeaBot Malware Slips Back Into Google Play Store to Target U.S. Users

Hundreds of eBike Phishing Sites Abuse Google Ads to Push Scams

Content Filtering Devices Abused for 65x DDoS Amplification

RCE Bugs in WhatsApp, Other Hugely Popular VoIP Apps: Patch Now!

Microsoft Rolling Out New Endpoint Security Solution for SMBs

Cybersecurity Experts: Everyone Should Be Taking Precautions

2/28/2022

Putin Puts Nuclear Deterrent Forces on ‘High Alert’ Amid Spiraling Tensions Over Ukraine

‘Unhinged’

Peace Talks Ended Between Russia and Ukraine, No Breakthrough as Shelling Continues

Switzerland Joins EU Sanctions on Russia, Breaking Neutral Posture

Liquidity Vanishes Across Russia Assets With Ruble Plunging

Microsoft Finds FoxBlade Malware on Ukrainian Systems, Removes RT From Windows App Store

Meta: Ukrainian Officials, Military Targeted by GhostWriter Hackers

Facebook Cracks Down on Disinformation, Hacked Accounts in Ukraine

Twitter Labeling Links to Russian State Media

Namecheap Terminates Services for Russians, Asks Them to Move Domains

Ukraine-Russia Cyber Warzone Splits Cyber Underground

Moscow Exchange Downed by Cyber-Attack

Russian TV Stations Hacked

Conti Ransomware Gang Sided With Putin and Had Its Chat Logs Leaked Soon Afterward
Toyota Suspends Production in Japan Following Possible Cyberattack

Insurance Giant AON Hit by a Cyberattack Over the Weekend

Hackers to NVIDIA: Remove Mining Cap or We Leak Hardware Data

Axis Communications Shares Details on Disruptive Cyberattack

California Bar Says ‘Hack’ Exposed 1,000s of Attorney Discipline Cases

New York State Ethics Commission Hit by Cyber Attack

Isle of Man Kettle-Parts Firm Strix Group Hit by Cyber Attack

Workers Say Des Moines Bridgestone Americas Plant Part of Cyber Attack Investigation

Chinese Cyberspies Target Gov’ts With Their ‘Most Advanced’ Backdoor ‘Daxin’

CISA Warns of High-Severity Flaws in Schneider and GE Digital’s SCADA Software

CISA and FBI Warn of Potential Data Wiping Attacks Spillover From Ukrainian Targets

Cybersecurity Stocks Rally as Investors Focus on Attack Risk

U.S. Indicts BitConnect Founder For $2.4 Billion Ponzi Scheme