7/28/2022

NKorean Kimsuky Use Google Chrome Extension to Steal Emails Undetected

U.S., Ukraine Sign Pact to Expand Cooperation in Cyberspace

EU to Open San Francisco Office Focused on Tech Regulation

How Tor Is Fighting—and Beating—Russian Censorship

Google Brings Street View Back to India Following 2016 Ban

UK Police Warn About Social Media Accounts Being Hijacked to Post Indecent Images

European Police Arrest 100 Suspects in BEC Crackdown

JPMorgan, UBS, TradeStation Accused of Shoddy ID Theft Protection

Threat Actors Pivot Around Microsoft’s Macro-Blocking in Office

Ransom Payments Fall as Fewer Victims Choose to Pay Hackers
Krebs: Breach Exposes Users of Microleaves Proxy Service

Hive Ransomware Group Demands £500,000 From Wooton Upper School in Bedfordshire

St. Luke’s Health System (ID) Vendor Kay-Smith Data Breach Affects 31,573 Patients

Clinivate (CA) Announces Data Breach

Gannon Associates Insurance Agency (PA) Announces Data Breach

Malicious NPM Packages Steal Discord Users’ Payment Card Info

Microsoft SQL Servers Hacked to Steal Bandwidth for Proxy Services

Akamai Blocked Largest DDoS in Europe Against One of Its Customers

LibreOffice Addresses Security Issues With Macros, Passwords

Google Delays Blocking 3rd-Party Cookies in Chrome Browser Until 2024

7/27/2022

EU Justice Commissioner Didier Reynders Says Phone Likely Hacked With Israeli NSO Group’s Pegasus Spyware

Daughter of Imprisoned ‘Hotel Rwanda’ Hero to Testify on Spyware at House Hearing

We’re Likely Only Seeing ‘The Tip of the Iceberg’ of Pegasus Spyware Use Against the U.S.

Moldova Plans Cyber Overhauls Amid War in Neighboring Ukraine

Apple Network Traffic Takes Mysterious Detour Through Russia

Weak Data Protection Helped China Attack U.S. Federal Reserve, Report Says

Krebs: A Retrospective on the 2015 Ashley Madison Breach

Google, Like Amazon, May Let Police See Your Video Without a Warrant

Spain Arrests Suspected Hackers Who Sabotaged Radiation Alert System

Average Data Breach Costs Soar to $4.4M Globally & $9.4M in the U.S. in 2022
Microsoft Says It Caught an Austrian Spyware Group ‘DSIRF’ Using Previously Unknown Windows Exploits

‘Subzero’

New ‘Robin Banks’ Phishing Service Targets BofA, Citi, and Wells Fargo

Kansas MSP Shuts Down Cloud Services to Fend Off Cyberattack

Cybersecurity Vendor Entrust Tells Customers Data Was Stolen During June Cyberattack

These Ransomware Hackers Gave up When They Hit Multi-Factor Authentication

FileWave Fixes Bugs That Left 1,000+ Orgs Open to Ransomware, Data Theft

Github Introduces 2FA and Quality of Life Improvements for NPM

Fedora Ditches ‘No Rights Reserved’ Software Over Patent Concerns

Protestware on the Rise: Why Developers Are Sabotaging Their Own Code

7/26/2022

U.S. Doubles Reward for Tips on North Korean-Backed Hackers

How Big Is the Risk That Someone Will Hack an EV Charging Network?

Phishing Attacks Skyrocket with Microsoft and Facebook as Most Abused Brands

LinkedIn Phishing Target Employees Managing Facebook Ad Accounts

‘Ducktail’

Poor Training and Communications Hindering Cybersecurity Efforts

Experts Find Similarities Between New LockBit 3.0 and BlackMatter Ransomware

LockBit Claims Attack on Italian Tax Agency

No More Ransom Helps Millions of Ransomware Victims in 6 Years

Crypto Exchange Kraken Reportedly Hunted by the Feds for Alleged Sanctions Busting

Senate Panel Turns to Kids’ Online Safety

NPM Users Can Now Connect a Twitter Account as a Recovery Method
Hackers Steal $6 Million From Blockchain Music Platform Audius

New Android Malware Apps Installed 10 Million Times From Google Play

Arhaus (OH) Confirms Data Breach Affecting Employee Information

Luca Stealer Malware Spreads Rapidly After Code Handily Appears on Github

Hackers Increasingly Using WebAssembly Coded Cryptominers to Evade Detection

Cosmicstrand UEFI Malware Found in Gigabyte, ASUS Motherboards

Microsoft: IIS Extensions Increasingly Used as Exchange Backdoors

Discord, Telegram Services Hijacked to Launch Array of Cyberattacks

Critical FileWave MDM Flaws Open Organization-Managed Devices to Remote Hackers

Critical Vulnerabilities Exposed Nuki Smart Locks to a Plethora of Attack Options

Hackers Scan for Vulnerabilities Within 15 Minutes of Disclosure

7/25/2022

Russia Is Quietly Ramping Up Its Internet Censorship Machine

Former Google Executive Camille Stewart Gloster to Join White House Cyber Office

Dems Fume at Disney’s Hulu for Blocking Ads on Abortion, Guns, Jan. 6

Crypto Firms Make Thieving Hackers an Offer: Keep a Little, Give Back the Rest

UK Seizes Nearly $27m in Crypto-Assets

How to Require Strong Passwords That Are Not Easily Cracked by Bad Guys on Your Shared Windows PC Devices

Microsoft Adds Default Protection Against RDP Brute-Force Attacks in Windows 11

T-Mobile Pitches $4-Per-Customer Settlement for Data Leak Impacting 80M People
Anti-Vax Dating Site ‘Unjected’ That Let People Advertise ‘mRNA Free’ Semen Left All Its User Data Exposed

Vista Bank (TX) Reports Data Breach Affecting Social Security Numbers

Toronto Symphony Orchestra Customer Names and Emails Potentially Compromised in Ransomware Attack

Australia’s Mount Gambier Prison Hit in Cyber Attack

A ‘Top Tier’ Hacking Gang Is Likely to Be Behind Entrust Ransomware Attack

Hackers Exploited PrestaShop Zero-Day to Breach Online Stores

Experts Uncover New ‘CosmicStrand’ UEFI Firmware Rootkit Used by Chinese Hackers

Source Code for Rust-Based Info-Stealer Released on Hacker Forums

7/22-24/2022

U.S. Bolsters Cyber Alliance to Counter Rising Iran Threat

N.Korea Denounces U.S. Over Washington’s Remarks on Cryptocurrency Stealing

North Korean Hackers Attack EU Targets With Konni RAT Malware

Hacked Ukrainian Radio Stations Broadcast Fake News About President Zelensky’s Health

Thai Minister Backtracks on Spyware Admission as Government Denies Pegasus Use

Chrome Use Subject to Restrictions in Dutch Schools Over Data Security Concerns

Malware-as-a-Service Creating New Cybercrime Ecosystem

How to Safely Lend Someone Else Your Phone

Klobuchar Asks FTC to Investigate Amazon’s $3.9 Billion Move to Acquire One Medical

T-Mobile Agrees to $350 Million Settlement Over Its Massive 2021 Data Breach

My Big Coin Founder Is – You Guessed It – A $6M Crypto-Fraudster
St. Marys, Ontario, Canada Is Being Extorted by LockBit Global Ransomware Gang

Hacker Selling Twitter Account Data of 5.4 Million Users for $30K

Online Insurer PolicyBazaar Says Customer Data Was Exposed by ‘Unauthorized Access’

British Columbia LGBTQ+ Advocacy Group Qmunity Hit With Cyberattack

Smithsonian Statement: WordFly Data Security Incident

PayPal Used to Send Malicious “Double Spear” Invoices

QBot Phishing Uses Windows Calculator Sideloading to Infect Devices

Amadey Malware Pushed via Software Cracks in SmokeLoader Campaign

SonicWall Issues Patch for Critical Bug Affecting its Analytics and GMS Products

Atlassian: Confluence Hardcoded Password Was Leaked, Patch Now!

Google Bringing the Android App Permissions Section Back to the Play Store

7/21/2022

The 2022 US Midterm Elections’ Top Security Issue: Death Threats

Senators Introduce Bi-Partisan Bill to Improve Defenses Against Quantum Computing Data Breaches

How Conti Ransomware Hacked and Encrypted the Costa Rican Government

Outlook Email Users Alerted to Suspicious Activity From Microsoft-Owned IP Address

Microsoft Starts Blocking Office Macros by Default, Again

Google Erroneously Blocks Site of Largest Computing Society, ACM, for Being ‘Harmful’

Hackers for Hire: Adversaries Employ ‘Cyber Mercenaries’

Krebs: Massive Losses Define Epidemic of ‘Pig Butchering’

Former Coinbase Employee Charged in Alleged Insider-Trading Scheme
Hackers Breached the Neopets Virtual Pet Community, Exposing Personal Data of 69 Million

Hackers Use Evilnum Malware to Target Cryptocurrency and Commodities Platforms

New Redeemer Ransomware Version Promoted on Hacker Forums

The Kronos Ransomware Attack: What You Need to Know So Your Business Isn’t Next

Chrome Zero-Day Used to Infect Journalists With Candiru Spyware

New Linux Malware ‘Lightning Framework’ Lets Attackers Install Rootkit on Targeted Systems

Windows 11 Now Blocks RDP Brute-Force Attacks by Default

The Market Is Teeming: Bargains on Dark Web Give Novice Cybercriminals a Quick Start

7/20/2022

Data-Hosting in China Hampers U.S. Law Enforcement -Prosecutor

The DHS Bought a ‘Shocking Amount’ of Phone-Tracking Data

Security Chiefs Warn Bloated Cyber Market Must Learn to Work Together

Boffins Release Tool to Decrypt Intel Microcode. Have at It, X86 Giant Says

I Found a Fraudulent Amazon Charge on My Account After Prime Day. Here’s How to Protect Yourself

LinkedIn Remains the Most Impersonated Brand in Phishing Attacks

Google Calendar Provides New Way to Block Invitation Phishing

Singapore Distances Itself From Local Crypto Companies

Thailand Admits to Using Phone Spyware, Cites National Security
Pro-Russia Hack Campaigns Are Running Rampant in Ukraine

Convincing ‘YouTube’ Google Ads Lead to Windows Support Scams

Gas South (GA) Confirms Unauthorized Access to Its Network, Leading to Consumer Data Breach

AllOne Health (PA) Discovers Breach After Accidentally Wiring Money to a Fraudulent Account

New Luna Ransomware Encrypts Windows, Linux, and ESXi Systems

Magecart Serves Up Card Skimmers on Restaurant-Ordering Systems

Cisco Fixes Bug That Lets Attackers Execute as Root

Atlassian Fixes Critical Confluence Hardcoded Credentials Vulnerability

Google Play Adds Support for DNS-over-HTTP/3 in Android Designed to Keep DNS Queries Private

7/19/2022

A Russian-Backed Malware Group Is Spoofing Pro-Ukraine Apps, Google Finds

Russian SVR Hackers Use Google Drive, Dropbox to Evade Detection

EU Warns of Russian Cyberattack Spillover, Escalation Risks

Russian Threat to U.S. Elections Persists Even Amid War in Ukraine, Officials Say

Belgium Says Chinese Hackers Attacked Its Ministry of Defense

Chinese Regulator to Fine Didi More Than $1 Billion Over Data-Security Breaches

Instagram Slow to Tackle Bots Targeting Iranian Women’s Groups

Amazon Sues Thousands of Facebook Group Administrators Over Fake Reviews

Twitter-Musk Trial Set for October in Lawsuit Over Stalled $44 Billion Takeover

U.S. Seizes $500,000 in Ransom Paid to North Korean Hackers, Official Says

Romanian Man Extradited to U.S. On Hacking Charges Over Virus That Hit NASA

WHO Rushed In New Security Steps After 2020 Cyberattack

Cyber Companies and Universities Are Building ‘Cyber Talent Hub’

Software Supply Chain Concerns Reach C-Suite
Walmart-Controlled Flight Booking Service Cleartrip Suffers Substantial Data Leak

Building Materials Giant Knauf Hit by Black Basta Ransomware Gang

Hackers Steal 50,000 Credit Cards From 300 U.S. Restaurants

Northcentral University Announces Data Breach Affecting Sensitive Student Info

Blue Shield of California Promise Health Plan Announces Data Breach

American Dental Association Reports Breach After Ransomware

Malicious Android Apps With 300K Installs Found on Google Play

New MacOS Backdoor ‘CloudMensis’ Communicates Via Public Cloud

Hacking Group ‘8220’ Grows Cloud Botnet to More Than 30,000 Hosts

Former Conti Actors Remain Active in Cybercrime Underworld

New Air-Gap Attack Uses SATA Cable as an Antenna to Transfer Radio Signals

Authentication Risks Discovered in Okta Platform

Popular Vehicle GPS Tracker Gives Hackers Admin Privileges Over SMS

Ongoing UK Heat Wave Causes Google and Oracle Cloud Outages

7/18/2022

Pegasus Phone Spyware Used to Target 30 Thai Activists, Cyber Watchdogs Say

Russia Fines Google $358 Million for Not Removing Banned Info

TikTok Engaging in Excessive Data Collection, According to New White Paper

CISA Announces Launch of London Bureau

Advocacy Groups Seek Federal Ban on Cyber Ninjas Business

New Study Finds Most Enterprise Vendors Failing to Mitigate Speculative Execution Attacks

Why Cybersecurity Frameworks Alone Won’t Stop The Next Major Breach

Krebs: A Deep Dive Into the Residential Proxy Service ‘911’

DCMS Sets Out Proposal For New AI Rulebook
Flipkart’s Cleartrip Confirms Data Breach After Hackers Put Data for Sale

Anonymous Mental Health App Feelyou Accidentally Exposed 70,000 Personal Emails

Sixt Rent-A-Car Breach Appears to Affect Employees, Dependents, and Customers

Lawson Products Reports Data Breach Affecting a Large Number of Data Types

Colorado Police Investigating Ransomware Attack on Town of Frederick

FBI Warns of Fake Cryptocurrency Apps Used to Defraud Investors

Roaming Mantis Hits Android and iOS Users in Malware, Phishing Attacks

Microsoft’s Latest Security Patch Troubles Windows 11 Users

7/15-17/2022

Ukraine Leans on Elon Musk’s Starlink in Fight Against Russia

Chinese Authorities Grill Alibaba Executives in Data Leak of 1 Billion People

House Republicans Press TikTok on Data Sharing

Krebs: Why 8kun Went Offline During the January 6 Hearings

Google Removes “App Permissions” List from Play Store for New “Data Safety” Section

The Matrix Messaging Network Now Counts More Than 60 Million Users

Average American Accesses Suspicious Sites 6.5 Times a Day

Tor Browser Now Bypasses Internet Censorship Automatically

Ransomware Reduces Costa Rica to Pen and Paper
Albania Shuts Down Digital Services and Government Websites after Cyber Attack

Southern Environmental Reports Data Breach Affecting Current and Former Employees

More Than 1,400 Plymouth (UK) Households Hit by Clarion Housing Cyber Attack

Password Recovery Tool Infects Industrial Systems With Sality Malware

Hackers Targeting VoIP Servers By Exploiting Digium Phone Software

Thousands of Websites Run Buggy WordPress Plugin That Allows Complete Takeover

New Netwrix Auditor Bug Could Let Attackers Compromise Active Directory Domain

CISA Pulls the Fire Alarm on Juniper Networks Bugs

How Can I Get a Job in Cybersecurity?

7/14/2022

State-Sponsored Cyberespionage Campaigns Continue Targeting Journalists & Media

DHS Review Board Says It Could Take Years to Fix Gov’t Log4j Software Vulnerability

Trump’s 2020 Outrage Drives Fear of ‘Insider’ Election Threats

Fewer Fall Victim to Data Breaches as Attackers Switch to Business in 2022

European Police Aim to Keep Young Hackers From Slipping Into Cybercrime

Is Cryptocurrency’s Crash Causing Headaches for Ransomware Gangs?

Amazon Handed Doorbell Cam Ring Data to U.S. Police 11 Times So Far in 2022
Pakistani Hackers Targeting Indian Students in Latest Malware Campaign

Holy Ghost Ransomware Operation Linked to North Korean Hackers

Mantis Botnet Behind the Record-Breaking DDoS Attack in June

BlackCat Ransomware Group Deploys Brute Ratel Pen Testing Kit

PayPal Phishing Kit Added to Hacked WordPress Sites for Full ID Theft

Lenovo Issues Firmware Updates After Researchers Disclosed UEFI Vulnerabilities

What These Two Companies Learned From Their Cyberattack Experiences

7/13/2022

U.S. FTC Vows to Crack Down on illegal Use and Sharing of Citizens’ Sensitive Data

SCOTUS Justices ‘Doxxed’ After Overturning Roe v. Wade

Mergers and Acquisitions Put Zero Trust to the Test

Microsoft Releases Tweet-Size Exploit for macOS Sandbox Escape Bug

Internet Searches Reveal Surprisingly Prevalent Ransomware

Why Do Hacks Happen? Four Ubiquitous Motivations Behind Cybersecurity Attacks

New Lilith Ransomware Emerges With Extortion Site, Lists First Victim

Ex-CIA Engineer Convicted for Sending Classified Hacking Tools and Info to WikiLeaks
$8 Million Stolen in Large-Scale Uniswap Airdrop Phishing Attack

Bandai Namco Confirms Hack After ALPHV Ransomware Data Leak Threat

Colorado Springs Utilities Experiences Data Breach, Customer Data Compromised

Afni (IL) Announces Data Breach

New Android Malware ‘Autolycos’ on Google Play Installed 3 Million Times

MGA Sounds Alarm on Growing “BazarCall” Ransomware Attacks

New UEFI Firmware Vulnerabilities Impact Several Lenovo Notebook Models

Krebs: Microsoft Patch Tuesday, July 2022 Edition

7/12/2022

Experts Say U.S. Must Not Let EU Lead on Cybersecurity

Microsoft: Phishing bypassed MFA in attacks against 10,000 orgs

Cybersecurity Is A Journey, Not A Destination, And It’s For Everyone

A Privacy Panic Flares Up in India After Police Pull Payment Data

TikTok Postpones Privacy Policy Update in Europe After Italy Warns of GDPR Breach

How Elon Musk’s Twitter Feud Could Unfold in Court

Cyber Insurers Looking for New Risk Assessment Models

Fraud Protection Efforts Target Fake Corporate Identities Online and Offline

Hackers Can Unlock Honda Cars Remotely in Rolling-PWN Attacks

Microsoft 365 Patches for Windows 7 to End in 2023
Lithuanian Energy Firm Disrupted by DDOS Attack

Hackers Posing as Merkel Target European Central Bank’s Lagarde

VCU Health Data Breach Exposes Private Information of Thousands of Patients

New ‘Luna Moth’ Hackers Breach Orgs via Fake Subscription Renewals

Older AMD, Intel Chips Vulnerable to Data-Leaking ‘Retbleed’ Spectre Variant

VMware Patches vCenter Server Flaw Fisclosed in November

Microsoft’s July Patch Tuesday Fixes Actively Exploited Bug

Microsoft Fixes Dozens of Azure Site Recovery Privilege Escalation Bugs

CISA Orders Agencies to Patch New Windows Zero-Day Used in Attacks

7/11/2022

U.S. Defense Firm L3Harris Ends Talks to Buy Israeli Spyware From Controversial Firm NSO Group

Krebs: Experian, You Have Some Explaining to Do

Two Ransomware Gangs Now Let You Search Their Stolen Data

Popular NFT Marketplace Axie Phished by North Korean APT Earlier This Year with Fake Job Offer

New Phishing Attacks Shame, Scare Victims into Surrendering Twitter, Discord Credentials

Brazen Crooks Are Now Posing as Cybersecurity Companies to Trick You Into Installing Malware

Florida Man, CEO of Dozens of Companies, Charged in Scheme to Traffic an Estimated $1BN in Fake Cisco Devices

Defense Contractor Aerojet Rocketdyne Pays $9M to Settle Whistleblower’s Cybersecurity Allegations
Massive Rogers Outage Caused by a Maintenance Update

Ransomware Attack Hits French Telecoms Firm La Poste Mobile

Elden Ring Publisher Bandai Namco Reportedly Targeted in an Alphv Ransomware Attack, Claims Group

ATC Healthcare Services (NY) Announces Data Breach

Cloud-based Cryptocurrency Miners Targeting GitHub Actions and Azure VMs

HavanaCrypt Ransomware Sails in as a Fake Google Update

Microsoft Says Decision to Unblock Office Macros Is Temporary

How to Auto Block Macros in Microsoft Office Docs From the Internet

7/8-10/2022

Security Warning After Sale of Stolen Chinese Data

Chinese Cyber Espionage Groups Increasingly Targeting Russia

Web3 Projects Have Lost More Than $2 Billion to Hacks This Year

Lawyers Urged to Stop Advising Clients to Pay Ransomware Demands

Leaked Documents Reveal Uber’s Secretive Relationship With Top Politicians

Elon Musk Seeks to Abandon $44 Billion Twitter Deal

Elon Musk Faces a Long Legal War With TWITTER, Which Has the Upper Hand

Twitter Faces ‘Worst Case Scenario’ as Elon Musk Terminates Purchase

Google Offers Concessions to Fend Off U.S. Antitrust Lawsuit

House Oversight Opens Probe Into Handling of Reproductive Health Data

Microsoft Makes Major Course Reversal, Allows Office to Run Untrusted Macros
Mangatoon Data Breach Exposes Data From 23 Million Accounts

Aon Hack Exposed Sensitive Information of 146,000 Customers

Rogers Network Down Across Canada

Cyber-Attack on India: Over 2,000 Indian Websites Hacked Says Ahmedabad Police

Napa Valley College Suffers Ransomware Attack Over the Weekend

Maastricht University Wound up Earning Money From Its Ransom Payment

New 0mega Ransomware Targets Businesses in Double-Extortion Attacks

Experts Uncover 350 Browser Extension Variants Used in ABCsoup Adware Campaign

Hackers Exploiting Follina Bug to Deploy Rozena Backdoor

Free Decryptor Released for AstraLocker, Yashma Ransomware Victims

PyPI Mandates 2FA for Critical Projects, Developer Pushes Back

7/7/2022

Russian Info Ops Ramp Up Effort to Divide West on Ukraine

Chinese Police Database Was Left Unsecured Long Before Hackers Seized It

Exposes China’s Vast Surveillance State

Online Programming IDEs Can Be Used to Launch Remote Cyberattacks

Fake Copyright Complaints Push IcedID Malware Using Yandex Forms

I Sent My Yoga Studio a Web Form, and All I Got Was This Lousy Malware Attack

Vulgar Posts Fill Disneyland Instagram Account After Hack

Tech World May Face Huge Fines in UK if It Doesn’t Scrub CSAM From Encrypted Chats

Five Accused of Trying to Silence China Critics in U.S.

Cybersecurity Has a Talent Shortage & Non-Technical People With Analytical Skills Have a Way Into the Game
Port Phillip Prison (Australia) Is Hit With a Sophisticated Cyber Attack

American Marriage Ministries Acknowledges Data Exposure After Earlier Incident Reported to FBI

College of the Desert (CA) Knocked Offline in Cyberattack

East West Family (CO) Announces Data Breach Involving Sensitive Employee Info

Hack Allows Drone Takeover Via ‘ExpressLRS’ Protocol

Over 1200 NPM Packages Found Involved in “CuteBoi” Cryptomining Campaign

New Stealthy OrBit Malware Steals Data From Linux Devices

QNAP Warns of New Checkmate Ransomware Targeting NAS Devices

Cisco Releases 10 Security Patches For Expressway Series and TelePresence VCS Products

7/6/2022

Heads of FBI, MI5 Issue Joint Warning on Chinese Spying

Federal Agencies Warn Health Sector Against North Korean ‘Maui’ Ransomware

Senators Call On FTC Chair Khan to Investigate TikTok’s Data Security as Skepticism Grows

Human Error Blamed for Leak of 1 Billion Records of Chinese Citizens

How a Fake Job Offer Took Down the World’s Most Popular Crypto Game

Being Hit With a Cyber-Attack Is Bad. Not Having a Recovery Plan Is Much Worse

Hive Ransomware Upgraded to Rust to Deliver More Sophisticated Encryption

Apple’s New Feature Adds ‘Extreme’ Protection to Your Devices: Lockdown Mode

Highflying Cyber Firms Cut Staff After Raising Hundreds of Millions of Dollars
NJ-Based IT Services Giant SHI Hit by “Professional Malware Attack”

APT Hacker Group Bitter Continues to Attack Military Targets in Bangladesh

Billionaire’s Jeweler Pays $7.5 Million Crypto Ransom to Hackers

Cloud Misconfig Exposes 3TB of Sensitive Airport Data in Amazon S3 Bucket: ‘Lives at Stake’

Benefit Plan Administrators, Inc. Announces Data Breach

Security Advisory Accidentally Exposes Vulnerable Systems

Hackers Abusing BRc4 Red Team Penetration Tool in Attacks to Evade Detection

Ransomware, Hacking Groups Move From Cobalt Strike to Brute Ratel

OpenSSL Releases Patch for High-Severity Bug that Could Lead to RCE Attacks

7/5/2022

Pro-China Group Uses Dragonbridge Campaign to Target Rare Earth Mining Companies

Calls for UK Bans on Chinese CCTV Makers Hikvision, Dahua Expand

Hamas Attempts to Hack IDF Soldiers’ Phones

Smaller Companies Are Urged to Adopt Multifactor Authentication

NIST Acknowledges First Four Quantum-Resistant Encryption Tools

Researchers Share Techniques to Uncover Anonymized Ransomware Sites on Dark Web

Battle Over Big Tech Bills Goes Down to the Wire

Pentagon: We’ll Pay You if You Can Find a Way to Hack Us
Marriott Confirms Latest Data Breach, Possibly Exposing Info on Guests, Employees

Ransomware on Professional Finance Company Affects 600 Hospitals, Practices

Cyber Attack at Cedar Rapids Schools (IA) Shuts Down Summer Programming

Researchers Uncover Malicious NPM Packages Stealing Data from Apps and Web Forms

New RedAlert Ransomware Targets Windows, Linux VMware ESXi Servers

Microsoft Quietly Fixes ShadowCoerce Windows NTLM Relay Bug

The Cybersecurity Threats of Tomorrow That You Should Be Thinking About Today

7/4/2022

Rising Threats Spark U.S. Scramble for Cyber Workers

Is Your New Car a Threat to National Security?

NATO to Develop Rapid Cyber Response Capabilities

What to Do About Inherent Security Flaws in Critical Infrastructure?

The Worst Hacks and Breaches of 2022… So Far

AstraLocker Ransomware Shuts Down and Releases Decryptors
Leaked Personal Data of 1 Billion People Spotted for Sale on the Dark Web

Hacker Claims to Have Stolen Data on 1 Billion Chinese Citizens

WeWork India Exposed Visitors’ Personal Information and Selfies

Google Patches New Chrome Zero-Day Flaw Exploited in Attacks

Django Fixes SQL Injection Vulnerability in New Releases

7/1-3/2022

North Korea Suspected of Plundering Crypto to Fund Weapons Programs

British Army’s YouTube and Twitter Accounts Were Hacked to Promote Crypto Scams

Verified Twitter Accounts Hacked to Send Fake Suspension Notices

Phishing Scam Poses as Canadian Tax Agency Before Canada Day

TikTok Assures U.S. Lawmakers it’s Working to Safeguard User Data From Chinese Staff

Threat Actor Claims Responsibility For IBM and Stanford University Hack

Rogue HackerOne Employee Steals Bug Reports to Sell on the Side

‘Cryptoqueen’ Is Now on FBI’s 10 Most Wanted List

Privacy Protection Agency Seizes Servers of Hacked Travel Company

Google Location Tracking to Forget You Were Ever at That Medical Clinic

Free Smartphone Stalkerware Detection Tool Gets Dedicated Hub
Cyberattack Shuts Down Unemployment, Labor Websites Across the U.S.

Polygon and Fantom Services Restored After Phishing Attack 

Researchers Warn of Teen Hacking Group on Discord

DragonForce Malaysia Releases LPE Exploit, Threatens Ransomware

Toll Fraud Malware Disables Your WiFi to Force Premium Subscriptions

Microsoft Finds Raspberry Robin Worm in Hundreds of Windows Networks

Microsoft Spots Updated Cryptomining Malware Tool Targeting Linux Systems

Zoho ManageEngine ADAudit Plus Bug Gets Public RCE Exploit

CISA Orders Agencies to Patch Windows LSA Bug Exploited in the Wild

Microsoft Defender Adds Network Protection for Android, iOS Devices

Microsoft Updates Azure AD With Support for Temporary Passcodes