8/31/2022

FBI Deploys Cyber Team to Montenegro Following Massive Cyberattack

Finland Plans Cyber Funding For Companies Amid Rising Security Threats

UK Imposes Tough New Cybersecurity Rules for Telecom Providers

Japan’s Digital Minister Vows to Rid the Country of Floppy Disks

Congress Presses Big Crypto Exchanges for Details on How They’re Fighting Scams

You’re Not Stringer Bell, but You May Still Need a Burner Phone

Lyft Passengers, Drivers Allege Company Fails to Protect Users From Assault

Krebs: Final Thoughts on Ubiquiti
Ragnar Locker Ransomware Claims Attack on Portugal’s Flag Airline

Methodist McKinney Hospital (TX) Announces Data Breach

SCA Pharmaceuticals (AR) Announces Data Breach

Evil Corp and Conti Linked to Cisco Data Breach, eSentire Suggests

A ‘High Severity’ TikTok Vulnerability Allowed One-Click Account Hijacking

Google Chrome Bug Lets Sites Write to Clipboard Without Asking

If You Have an iPhone 5S or 6, It’s Time for a Rare iOS Update

AdGuard’s New Ad Blocker Struggles With Google’s Manifest V3 Rules

8/30/2022

Krebs: How 1-Time Passcodes Became a Corporate Liability

Hackers Hide Malware in James Webb Telescope Images

Google’s Open-Source Bug Bounty Aims to Clamp Down on Supply Chain Attacks

Google Play to Ban Android VPN Apps From Interfering With Ads

Ukraine Takes Down Cybercrime Group Hitting Crypto Fraud Victims

A Huge Chinese Database of Faces and Vehicle License Plates Spilled Online

Essential Elements Of Cybersecurity

How to Support Agile Development Through Cybersecurity Best Practices

Security Culture: An OT Survival Story
Russian Streaming Platform START Confirms Data Breach Affecting 7.5M Users

France Telco Altice Hit by Hive Hack Attack

Valex Corporation Announces Data Breach Following Malware Attack

CorrectHealth (GA) Data Breach Affects the Personal Info of More than 54k

EmergeOrtho (NC) Data Breach Leaked Social Security Numbers of 75k

Watering Hole Attacks From TA423 Push ScanBox Keylogger

ModernLoader Delivers Stealers, Cryptominers & RATs Via Fake Amazon Gift Cards

Chrome Extensions With 1.4 Million Installs Steal Browsing Data

8/29/2022

The Telegram-Powered News Outlet Waging Guerrilla War on Russia

U.S. Cyber Command and NSA Partner On Defence Efforts For Midterms Elections

McDonald’s Security Chief on Building Bonds With Corporate Directors

New Cybersecurity Regulations Are Coming: Here’s How to Prepare

FBI: Hackers Increasingly Exploit DeFi Bugs to Steal Cryptocurrency

Cloudflare CDN Clients Caught in Austrian Fight Against Pirate Sites

FTC Alleges Data Broker Kochava Exposes Users to Violent Threats by Selling Location Data

Kiwi Farms Goes Offline amid DDoS Attack and Hosting Issues
Nelnet Servicing Breach Exposes Data of 2.5M Student Loan Accounts

Axel Royal Confirms Data Breach Impacting Consumers’ Social Security Numbers

Northeast Rehabilitation Hospital Network (NH) Files Notice of Data Breach

Nitrokod Crypto Miner Infected Over 111,000 Users with Copies of Popular Software

New Golang-based ‘Agenda Ransomware’ Can Be Customized For Each Victim

LockBit Ransomware Gang Gets Aggressive With Triple-Extortion Tactic

Windows Malware Delays Coinminer Install by a Month to Evade Detection

Critical Hole in Atlassian Bitbucket Allows Any Miscreant to Hijack Servers

8/26-28/2022

NATO Investigates Hacker Sale of MBDA Missile Systems Firm Data

Iran-Based MuddyWater Targets Log4j 2 Vulnerabilities in SysAid Apps in Israel

Montenegro’s State Infrastructure Hit by Cyber Attack -Officials

Cybercrime Groups Increasingly Adopting Sliver Command-and-Control Framework

Cyberattack Raises Pressure on European Water Providers During Drought

Democrat Urges Labor Dept To Regulate Tech That Monitors Employees in the Workplace

DuckDuckGo Opens Its Privacy-Focused Email Service to Everyone

One Man’s Loss Is Another Man’s Gain! Cybersecurity Works Like That
Dominican Republic Government Hit by Ransomware Attack

India’s Akasa Air Exposed Sensitive Records of Thousands of Customers

New Hampshire Lottery Website Returns After Facing Cyber Attack

Twilio Breach Let Hackers Gain Access to Authy 2FA Accounts

Twilio Breach Let Hackers See Okta’s One-Time MFA Passwords

Baker & Taylor’s Systems Remain Offline Almost A Week After Ransomware Attack

Fake ‘Cthulhu World’ P2E Project Used to Push Info-Stealing Malware

Critical Vulnerability Discovered in Atlassian Bitbucket Server and Data Center

8/25/2022

U.S., Israel Formalize Bilateral Cyber Partnership

The U.S. Government Got Caught Using Social Media Sock Puppets to Spread Propaganda

How ‘Kimsuky’ Hackers Ensure Their Malware Only Reach Valid Targets

Scammers Create ‘AI Hologram’ of C-Suite Crypto Exec

Scans of Students’ Homes During Tests Are Deemed Unconstitutional

Hackers Abuse Genshin Impact Anti-cheat System to Disable Antivirus

LastPass Source Code, Blueprints Stolen by Intruder

To Bring PLG to Cybersecurity, Let’s Change Our Hiring Habits
PyPI Packages Hijacked After Developers Fall For Phishing Emails

The O․MG Elite Cable Is a Scarily Stealthy Hacker Tool

Okta Hackers ‘0ktapus’ Behind Twilio and Cloudflare Breach Hit Over 130 Organizations

DoorDash

Microsoft Attributes New Post-Compromise Capability to Nobelium (aka APT29)

Hackers Adopt Sliver Toolkit as a Cobalt Strike Alternative

Cybercriminals Are Selling Access to Chinese Surveillance Hikvision Cameras

Ransomware Attacks Rose 47 Percent in July

8/24/2022

Cyber Agency Highlights Emerging Threats From Quantum Computing

Quantum Ransomware Attack Disrupts Gov’t Agency in Dominican Republic

War in Ukraine Has Pushed Two-Thirds of Businesses to Change Cyber Strategy

EU Outlines Critical Cyber Response to Ukraine War

The Privacy Flaw Threatening U.S. Democracy

Sephora Agrees to $1.2 Million Settlement of Data Privacy Charges

An Anatomy of Crypto-Enabled Cyber Crime

Nearly 3 Years Later, SolarWinds CISO Shares 3 Lessons From the Infamous Attack

U.S. Healthcare Sector Breaches 342M+ Records Since 2009
Plex Breach Exposes Usernames, Emails, and Encrypted Passwords

RansomEXX Claims Ransomware Attack on Sea-Doo, Ski-Doo Maker

Lionel Holdings (NC) Report Data Breach After Ransomware Attack

Calcium Products (IA) Confirms Recent Data Breach

Fake Chrome Extension ‘Internet Download Manager’ Has 200,000 Installs

Hackers Use AiTM Attack to Monitor Microsoft 365 Accounts for BEC Scams

Crypto Miners Using Tox P2P Messenger as Command and Control Server

GitLab ‘Strongly Recommends’ Patching Critical RCE Vulnerability

8/23/2022

Agency Identified 700-Plus Pages of Classified Records at Trump’s Home

Biden Stays Silent on Mar-a-Lago Search

Suspected Iranian Hackers UNC3890 Targeted Several Israeli Organizations for Espionage Since 2020

Ex-Twitter Exec Blows the Whistle, Alleging Reckless and Negligent Cybersecurity Policies

‘Egregious Deficiencies,’ Bots, and Foreign Agents

Congress Is Investigating Twitter Whistleblower Claims

Security Pros Are Rallying to Defend the Twitter Whistleblower

Initiative Aims to Tackle Cyber Threats as Self-Driving Cars Gain Traction

Pirated 3DMark Benchmark Tool Delivering Info-Stealer Malware

Ransomware: Most Attacks Exploit These Common Cybersecurity Mistakes – Fix Them Now: Microsoft

VMware Carbon Black Endpoint Security Solution Causing BSOD Crashes on Windows
French Hospital Hit by $10M Ransomware Attack, Sends Patients Elsewhere

Google Uncovers Tool Used by Iranian Hackers ‘Charming Kitten’ to Steal Data from Email Accounts

New ‘Donut Leaks’ Extortion Gang Linked to Recent Ransomware Attacks

Mansfield ISD (TX) Experiencing Cyber Attack, Phones & Internet Down

Service By Medallion (CA) Reports Data Breach Following Compromised Employee Email Account

Clark Patterson Lee (NY) Reports Data Breach Following “Encryption” Event

Phishing Attacks Abusing SAAS Platforms See a Massive 1,100% Growth

Air-Gap Attack Exploits Gyroscope Ultrasonic Covert Channel to Leak Data

ETHERLED: Air-Gapped Systems Leak Data via Network Card Leds

Microsoft Finds Critical Hole in Operating System That for Once Isn’t Windows

8/22/2022

Experts Nervously Eye Cyber Threats From China

Midterm Elections to Put Misinformation Policies to the Test

Inside the World’s Biggest Hacker Rickroll

Fake Reservation Links Prey on Weary Travelers

Researchers Find Counterfeit Phones with Backdoor to Hack WhatsApp Accounts

FBI Warns of Residential Proxies Used in Credential Stuffing Attacks

Google AI Flagged Parents’ Accounts for Potential Abuse Over Nude Photos of Their Sick Kids

CEO Shalev Hulio of Blacklisted Israeli Spyware Maker NSO Group Steps Down

Perspectives on Model Risk Management of Cybersecurity Solutions in Banking

Sophos Identifies Potential Tag-Team Ransomware Activity

Fake DDoS-Protection Pages on WordPress Sites Serve Up Malware

Warning Over Java Libraries and Deserialization Security Weaknesses
Holdcroft Motor Group Car Dealership Hit by Major Ransomware Attack

Greek Natural Gas Operator DESFA Suffers Ransomware-Related Data Breach

Data on California Prisons’ Visitors, Staff, Inmates Exposed

Indonesia Investigating Alleged Data Breaches at State-Owned Firms

Textile Company Sferra Discloses Data Breach Involving Personal Info

Friedrich Air Conditioning Announces Data Breach

HanesBrands Reports Data Breach Following Ransomware Attack

LockBit Gang Hit by DDoS Attack After Threatening to Leak Entrust Ransomware Data

Meet Borat RAT, a New Unique Triple Threat

Over 80,000 Exploitable Hikvision Cameras Exposed Online

CISA Is Warning of High-Severity PAN-OS DDoS Flaw Used in Attacks

8/19-21/2022

Russia’s ‘Oculus’ to Use AI to Scan Sites for Banned Information

The Head of GCHQ Says Vladimir Putin Is Losing the Information War in Ukraine

U.S. Deployed Cyber ‘Hunt Forward’ Team to Croatia

Businesses Found to Neglect Cybersecurity Until it is Too Late

Democrats Press Social Media Platforms Over FBI Threats

Court Records Expose Name & Address of Women Who Accused Serial Groper, Despite Privacy Laws

The Low Threshold for Face Recognition in New Delhi: 80% Accuracy for Match

The Persona Illusion: Do You Actually Exist on Social Media?

Twitter Tests a Special Tag to Highlight Phone Number-Verified Accounts

Banks Nearing $1 Billion Settlement Over Traders’ Use of Banned Messaging Apps

New Tool Checks if a Mobile App’s Browser Is a Privacy Risk

An Encrypted Zip File Can Have Two Correct Passwords — Here’s Why
Debit Card Fraud Leaves Ally Bank Customers, Small Stores Reeling

Hackers Steal Crypto From Bitcoin ATMs by Exploiting Zero-Day Bug

Russian APT29 Hackers Abuse Azure Services to Hack Microsoft 365 Users

WordPress Sites Hacked With Fake Cloudflare DDoS Alerts Pushing Malware

Whitworth University Still Recovering from Ransomware Attack

Practice Resources Data Breach Impacts 924,138 Patients

Brasseler USA Announces Data Breach

Lee County EMS (FL) Notifies Patients of Data Breach

New Grandoreiro Banking Malware Campaign Targeting Spanish & Mexican Manufacturers

241 NPM and PyPI Packages Caught Dropping Linux Cryptominers

CISA Adds 7 New Actively Exploited Vulnerabilities to Catalog

Hackers May Have Exploited Security Flaws – Apple

8/18/2022

Estonia Thwarts Cyberattack Following Removal of Soviet Monument

Lawmakers Push for Improved Cybersecurity in Health Sector Amid Growing Cyber Threats

Krebs: PayPal Phishing Scam Uses Invoices Sent Via PayPal

Spyware Hunters Are Expanding Their Toolset

Google Blocks Largest HTTPS DDoS Attack ‘Reported to Date’

What Is Cybersecurity, And Why Does It Matter?

How to Upskill Tech Staff to Meet Cybersecurity Needs

Janet Jackson Music Video Declared a Cybersecurity Exploit

Def Con Banned a Social Engineering Star — Now He’s Suing

Lloyd’s to Exclude Catastrophic Nation-Backed Cyberattacks From Insurance Coverage

U.S. Extradited Russian Accused of Money-Laundering Tied to Ryuk Ransomware Gang

WEB3 Is in Chaos and Metaverses Are in Their Own Walled Gardens, Says Randi Zuckerberg
China-Backed APT41 Hackers Targeted 13 Organisations Worldwide Last Year

LockBit Claims Ransomware Attack on Security Giant Entrust

Fremont County (CO) Offices Close After Cyber Attack

BlackByte Ransomware Gang Is Back With New Extortion Tactics

Winnti Hackers Split Cobalt Strike Into 154 Pieces to Evade Detection

Hackers Deploy Bumblebee Loader to Breach Target Networks

Researchers Detail Evasive DarkTortilla Crypter Used to Deliver Malware

Android Malware Apps With 2 Million Installs Found on Google Play

Amazon Fixes Ring Android App Flaw Exposing Camera Recordings

Google, Apple Squash Multiple Exploitable Browser Bugs

8/17/2022

DOE Invests $45 Million in Cyber Technology That Protects Power Sector

Meta Rolls Out Plan for Midterms, Pledges to Remove Misinformation

TikTok Wants Your Trust Around U.S. Midterm Elections Data

Germany Offers Model for Space-Industry Cybersecurity Standards

Software Developer Cracks Hyundai Car Security After Simple Google Search to Find Public Keys

Text Messages, Once a Bulwark of Security, Now Seen as Vulnerable

The Android 13 Privacy Settings You Should Update Now

Students Want to Learn to Code, but the School System Is a Barrier

Thoma Bravo Closes $6.9B Acquisition of Identity-Security Vendor SailPoint
iOS VPNs Have Leaked Traffic for More Than 2 Years, Researcher Claims

North Korean Hackers Use Signed macOS Malware to Target IT Job Seekers

Researchers Link Multi-Year Mass Credential Theft Campaign to Chinese ‘RedAlpha’ Hackers

Atlantic Dialysis Management (NY) Data Breach Possibly Stemming from Ransomware Attack

Malicious PyPi Packages Turn Discord Into Password-Stealing Malware

Cybercriminals Developing BugDrop Malware to Bypass Android Security Features

New Google Chrome Zero-Day Vulnerability Being Exploited in the Wild

Exploit Out for Critical Realtek Flaw Affecting Many Networking Devices

Ransomware Is Still on the Rise

8/16/2022

U.S. Approves Nearly All Tech Exports to China, Data Shows

How Geopolitical Tension Creates Opportunities for Cyber-Criminals

‘Worrying Precedent’ as Ransomware Hackers Target South Staffs Water

Lessons From the Cybersecurity Trenches

CISO Salaries Balloon 15% This Year, Likely Spurred by Demand

The New USB Rubber Ducky Is More Dangerous Than Ever

Malicious Browser Extensions Targeted Almost 7 Million People

Krebs: When Efforts to Contain a Data Breach Backfire

Trump’s Passports Returned After Mar-A-Lago Search, DOJ Official Says

U.S. SEC Charges Three People With Insider Trading Tied to August 2017 Hack of Equifax
CS:GO Trading Site Hacked to Steal $6 Million Worth of Skins

New MailChimp Breach Exposed DigitalOcean Customer Email Addresses

India Shipping Logistics Giant Shipyaari Exposed Customer Data

Conifer Hack Compromises Patient Data From 6 Hospitals

Thomas More University (KY) Hacked in Multiple Ways After Facebook Account Attack

Cedar Rapids School District Confirms Ransom Payment After July Cyber Attack

Texas Meter & Device Company Announces Data Breach

New Evil PLC Attack Weaponizes PLCs to Breach OT and Enterprise Networks

RTLS Systems Vulnerable to MiTM Attacks, Location Manipulation

ÆPIC and SQUIP Vulns in Intel and AMD Processors

8/15/2022

Russian Hackers Target Ukraine With Default Word Template Hijacker

Microsoft Disrupts Russian Hackers’ Operation on NATO Targets

Chinese Tech Giants Share Details of Their Prized Algorithms With Top Regulator in Unprecedented Move

CIA Accused of Illegally Spying on Americans Visiting Assange in Embassy

FBI Threats Spark Calls for Reduced Rhetoric

Black Hat and DEF CON Roundup

New Study Reveals Serious Cyber Insurance Shortfalls

Three Extradited from UK to U.S. on $5m BEC Charges

New York Becomes First State to Require CLE in Cybersecurity, Privacy and Data Protection
Argentina’s Judiciary of Córdoba Hit by PLAY Ransomware Attack

Signal Alerts 1,900 Messaging Users to a Security Threat From Twilio Hackers

Lamoille Health (MT) Experiences Ransomware Attack Leading to Data Breach Involving Patient Info

United Health Centers of the San Joaquin Valley (CA) Data Breach Stemming From Possible Ransomware Attack

Malicious PyPi Packages Aim DDoS Attacks at Counter-Strike Servers

Callback Phishing Attacks See Massive 625% Growth Since Q1 2021

Most Q2 Attacks Targeted Old Microsoft Vulnerabilities

Monero Planned Hard Fork Event on Saturday Makes Hackers’ Favorite Coin Even More Private

8/12-14/2022

Ukraine Cyber Chief Victor Zhora Pays Surprise Visit to ‘Black Hat’ Hacker Meeting in Las Vegas

White House Cyber Director: ‘Defense is the New Offense’ for Cyber

Krebs: It Might Be Our Data, But It’s Not Our Breach

Krebs: Sounding the Alarm on Emergency Alert System Flaws

How to Create a Secure Folder on Your Phone

Why It’s Taking So Long to Encrypt Facebook Messenger

Facebook’s In-app Browser on iOS Tracks ‘Anything You Do on Any Website’

Google Fined $43M by Australian Court for Misleading Users Over Data

Crypto Community Split on Treasury’s Tornado Cash Sanctions

Tornado Cash Developer Arrested After U.S. Sanctions the Cryptocurrency Mixer

A New Jailbreak for John Deere Tractors Rides the Right-to-Repair Wave

Why Twitter Anons Are Sending Crypto to Celebrities
Anonymous Poop Gifting Site ‘ShitExpress’ Hacked, Customers Exposed

Novant (NC) Warns Patients of Data Breach; 1.3 Million Notification Letters Mailed

Twilio: 125 Customers Affected by Data Breach, No Passwords Stolen

Over 9,000 VNC Servers Exposed Online Without a Password

Zeppelin Ransomware Resurfaces with New Compromise, Encryption Tactics

Chinese ‘Lucky Mouse’ Hackers Backdoored MiMi Chat App to Target Windows, Linux, macOS Users

Palo Alto Bug Used for DDoS Attacks and There’s No Fix Yet

Xiaomi Smartphone Vulnerabilities Could Lead to Forged Payments

The Zoom Installer Let a Researcher Hack His Way to Root Access on macOS

Zoom’s Latest Update on Mac Includes a Fix for a Dangerous Security Flaw

Microsoft Blocks UEFI Bootloaders Enabling Windows Secure Boot Bypass

8/11/2022

Russian Invasion of Ukraine Has Dangerously Destabilized International Cyber Security Norms

Access to Hacked Corporate Networks Still Strong but Sales Fall

Sloppy Software Patches Are a ‘Disturbing Trend’

This Mac Hacker’s Code Is So Good, Corporations Keep Stealing It

The U.S. Offers a $10M Bounty for Intel on Conti Ransomware Gang

New Hacker Forum ‘DUMPS’ Takes Pro-Ukraine Stance

Facebook Testing Encrypted Chat Backups

Suspected $3M Romance Scammer Extradited to Japan
UK NHS Service Recovery May Take a Month After MSP Ransomware Attack

Atlas MedStaff (NE) Confirms Recent Data Breach Following “Sophisticated Cyberattack”

Zimbra Auth Bypass Bug Exploited to Breach Over 1,000 Servers

Android Banking Trojan SOVA Returns With New Features Including Ransomware

Critical Flaws Disclosed in Device42 IT Asset Management Software

GitHub’s New Privacy Policy Sparks Backlash Over Tracking Cookies

Looking Back at 25 Years of Black Hat

8/10/2022

Finland’s Parliament Hit With Cyberattack Following U.S. Move to Admit the Country to NATO

Hackers and Fraudsters Used Crypto Bridge RenBridge to Launder $540 Million

Hackers Have Stolen $1.4 Billion This Year Using Crypto Bridges: Here’s Why

New Dark Web Markets Claim Association With Criminal Cartels

Ex-CISA Chief Chris Krebs Calls for Us to Get Serious on Security

CISA Releases Cybersecurity Toolkit to Protect U.S. Elections

Tech, Cyber Companies Launch Security Standard to Monitor Hacking Attempts

The Hacking of Starlink Terminals Has Begun

Google’s Android Red Team Had a Full Pixel 6 Pwn Before Launch

Long-Awaited IoT Reverse Engineering Tool Finally Here

Krebs: The Security Pros and Cons of Using Email Aliases

Musk Teases X.com Social Media Platform

Facebook Profits From Ads on Searches for Hate Group Pages

Former Twitter Employee Found Guilty of Spying for Saudi Arabia

EU Court Expands Definition of Sensitive Data, Prompting Legal Concerns for Companies
Cisco Hacked by Yanluowang Ransomware Gang, 2.8GB Allegedly Stolen

Marymount Manhattan College (NY) Data Breach Following Unauthorized Access to Network

Zenith American Solutions (FL) Data Breach Impacts Sound Health and Wellness Trust

American Wholesale Furniture Company (IN) Announces Data Breach

Automotive Supplier Breached by 3 Ransomware Gangs in 2 Weeks

7-Eleven Denmark Confirms Ransomware Attack Behind Store Closures

Conti Extortion Gangs Behind Surge of BazarCall Phishing Attacks

DeathStalker’s VileRAT Continues to Target Foreign and Crypto Exchanges

‘Tropical Scorpius’ Hacker Uses New RAT Malware in Cuba Ransomware Attacks

Phishing Attack Abuses Microsoft Azure, Google Sites to Steal Crypto

CISA Issues Warning on Active Exploitation of UnRAR Software for Linux Systems

Cisco Fixes Bug Allowing RSA Private Key Theft on ASA, FTD Devices

Krebs: Microsoft Patch Tuesday, August 2022 Edition

Google Now Blocks Workspace Account Hijacking Attempts Automatically

8/9/2022

Maui Ransomware Operation Linked to North Korean ‘Andariel’ Hackers

North Korean-Sponsored Crypto Hacks on the Rise, Experts Warn

Dozens of Whole Foods Stores Will Soon Let You Pay With Just a Scan of Your Palm

Burger King Just Emailed Everyone a Blank Receipt in a Whopper of a Mistake

How Hackers Are Stealing Credit Cards From Classifieds Sites

Will Europe Force a Facebook Blackout?

Chinese Scammers Target Kids With Promise of Extra Gaming Hours

1Password 8 Arrives on Android and iOS With a Big Redesign and Personalized Home

Kali Linux 2022.3 Adds 5 New Tools, Updates Linux Kernel, and More

Cybrary Unveils Next-Gen Interactive Training Experience for Cybersecurity Professionals

Spin Technology Raises $16M to Protect SaaS Apps Against Attacks

Russia-Ukraine Conflict Holds Cyberwar Lessons
Cloudflare Employees Also Hit by Hackers Behind Twilio Breach

BRP Was Target of Cybersecurity Attack Monday

Quebec Farmers Union Under Ransomware Cyberattack

Gibson Overseas (CA) Announces Data Breach

Centerstone (TN) Announces Data Breach

‘Bitter APT’ Hackers Install ‘Dracarys’ Android Malware Using Modified Signal App

10 Malicious Python Packages Exposed in Latest Repository Attack

APIC fail: Intel ‘Sunny Cove’ Chips With SGX Spill Secrets

Microsoft August 2022 Patch Tuesday Fixes Exploited Zero-Day, 121 Flaws

Patch Tuesday: Yet Another Microsoft RCE Bug Under Active Exploit

‘DogWalk’

Microsoft’s Fix for ‘Data Damage’ Risk Hits PC Performance

Microsoft: Exchange ‘Extended Protection’ Needed to Fully Patch New Bugs

8/8/2022

Chinese Hackers TA428 May Be Behind Attacks Targeting Eastern Europe and Afghanistan

deBridge Finance Crypto Platform Targeted by Lazarus Hackers

Cameo’s CEO Steven Galanis Fell Victim to the Latest Bored Ape NFT Heist

A Phone Carrier That Doesn’t Track Your Browsing or Location

New Orchard Botnet Uses Bitcoin Founder’s Account Info to Generate Malicious Domains

Treasury Sanctions Crypto ‘Mixer’ Tornado Cash for Aiding Hackers Laundering Illicit Funds

Buying Cyber Insurance Gets Trickier as Attacks Proliferate, Costs Rise
Twilio Suffers Data Breach After Its Employees Were Targeted by a Phishing Campaign

7-Eleven Stores in Denmark Closed Due to a Cyberattack

Email Marketing Firm Hacked to Steal Crypto-Focused Mailing Lists

Allegheny Health Network (PA) Data Breach Impacting 8,000 People After Phishing Attack

Gage Brothers Concrete Products (SD) Data Breach

Phishers Swim Around 2FA in Coinbase Account Heists

Researchers Uncover Classiscam Scam-as-a-Service Operations in Singapore

How to Find Out if You Are Involved in a Data Breach — And What to Do Next

8/5-7/2022

Cybercrime a Key Revenue Stream For North Korea’s Weapons Program

North Korean ‘Lazarus’ Hackers Target Crypto Experts With Fake Coinbase Job Offers

Chinese Info Ops Campaign ‘HaiEnergy’ Tied to PR Firm Shanghai Haixun Technology

Meta Took Down Russian Troll Farm That Supported Country’s Invasion of Ukraine

Hackers Might Have Figured Out Your Secret Twitter Accounts… Twitter Confirms Breach

How to Use Lockdown Mode in iOS 16 to Make Your Phone More Secure

Reminder: Passkeys Are Not Just From Apple

DuckDuckGo Says Okay, Okay, No to Those Microsoft Trackers After Web Revolt

New Traffic Light Protocol Standard Released After Five Years

Hi, I’ll Be Your Ransomware Negotiator Today – But Don’t Tell the Crooks That

A Ransomware Explosion Fosters Thriving Dark Web Ecosystem

Hacked Crypto Startup Nomad Offers a 10% Bounty for Return of Funds After $190 Million Attack

Canada Jury Convicts Dutch Man of Sexually Extorting Canadian Teen
Open Redirect Flaw Snags Amex, Snapchat User Data

UK NHS Suffers Outage After Cyberattack on Managed Service Provider

Sheppard Robson Asked to Pay Ransom After Cyber-Attack

Jacksonville Sheriff’s Office Disables Computers After “Detected Suspicious Activity”

First Choice Community Healthcare (NM) Confirms Data Breach Impacting Patient Health Info

Gaedeke Group (TX) Confirms Compromised Email Account Led to Recent Data Breach

GwisinLocker Ransomware Targets Linux Systems in South Korea

Slack Resets Passwords After a Bug Exposed Hashed Passwords for Some Users

Facebook Finds New Android Malware Used by APT36 (aka ‘Bitter APT’)

Hackers Are Actively Exploiting Password-Stealing Flaw in Zimbra

Microsoft Edge Gets Better Security Defaults on Less Popular Sites

The Cybersecurity Funding Bubble Hasn’t Burst — But It’s Starting to Deflate

Krebs: Class Action Targets Experian Over Account Security

8/4/2022

Taiwan Defence Ministry: Website Hit by Cyber Attacks Amid Rising China Tensions

From 7-11s to Train Stations, Cyber Attacks Plague Taiwan Over Pelosi Visit

An Attack on Albanian Government Suggests New Iranian Aggression

UK Parliament Bins Its TikTok Account Over China Surveillance Fears

Cybersecurity Agencies Reveal Last Year’s Top Malware Strains

Cyberattackers Increasingly Target Cloud IAM as a Weak Link

Thousands of Hackers Flock to ‘Dark Utilities’ C2-As-A-Service

Krebs: Scammers Sent Uber to Take Elderly Lady to the Bank

Experts Warn of Fake Football (aka Soccer) Ticket Scams

Student Crashes Cloudflare Beta Party, Redirects Email, Bags a Bug Bounty

India Scraps Data Protection Law in Favor of Better Law Coming … Sometime
German Chambers of Industry and Commerce Hit by ‘Massive’ Cyberattack

Louisville Zoo Informs of Possible Cyberattack Leaking Customer Data

More Than 21,000 Affected in HealthBack (OK) Data Breach

Aria Retirement Solutions (CA) Breach After Unauthorized Access to Employee’s Email

Wisan Smith Racker & Prescott (UT) Breach: Clients Report Fraudulent Tax Filings

Multimillion-Dollar Solana Crypto Theft Linked to Slope Mobile Wallet

Hackers Try to Extort Survey Firm QuestionPro After Alleged Data Theft

New Linux Malware Brute-Forces SSH Servers to Breach Networks

Hackers Exploited Atlassian Confluence Bug to Deploy Ljl Backdoor for Espionage

Critical RCE Bug Could Let Hackers Remotely Take Over DrayTek Vigor Routers

DHS Warns of Critical Flaws in Emergency Alert System Devices

8/3/2022

Tory Leadership Vote Delayed After GCHQ Hacking Alert

Ukraine Takes Down 1,000,000 Bots Used for Disinformation

Taiwan Expects Increased ‘Psychological Warfare’ After Pelosi Visit

Spanish Research Agency Still Recovering After Ransomware Attack

Portman Warns Against Overlap in Government Cyber Leadership

You Can’t Choose When You’ll Be Hit by Ransomware, but You Can Choose How You Prepare

Code Dark: Children’s Hospital Strives to Minimize Impact of Hacks

Ransomware Attacks Taking Toll on Security Professionals

The Microsoft Team Racing to Catch Bugs Before They Happen

5 Ways Chess Can Inspire Strategic Cybersecurity Thinking

A New Attack Easily Knocked Out a Potential Encryption Algorithm

Corporate Lobbying Could Imperil Sweeping Data Privacy Bill

Mitigating Cybersecurity Risks For Hybrid Work Environments
Russian Organizations Attacked With New Woody RAT Malware

Thousands of Solana Wallets Drained in Attack Using Unknown Exploit

35,000 Code Repos Not Hacked—but Clones Flood Github to Serve Malware

School Kid Uploads Ransomware Scripts to PyPI Repository as ‘Fun’ Project

Community Surgical Supply (NJ) Breach: Attacker Encrypts Sensitive Consumer Info

The North Highland Company (GA) Data Breach Affects Current and Former Employees

Leaked Image Shows Ransomware Attack Hit Linn-Mar School District (IA)

Cloned Atomic Wallet Website Is Pushing Mars Stealer Malware

Microsoft Accounts Targeted With New MFA-Bypassing Phishing Kit

Researchers Warns of Large-Scale AiTM Attacks Targeting Enterprise Users

Cisco Fixes Critical Remote Code Exec VPN Router Bug

Windows 11 Smart App Control Blocks Files Used to Push Malware

8/2/2022

Taiwan Presidential Office Website Hit by Cyberattack Ahead of Pelosi Visit

Attacks on Taiwan Websites Likely Work of Chinese ‘Hacktivists’

Russia Accuses U.S. of Direct Role in Ukraine War

U.S. Sanctions More Russian Oligarchs; Senate Moves Toward Vote to Admit Sweden and Finland Into NATO

How Cyber Chiefs Cut Through Marketing Noise

Wolf in Sheep’s Clothing: How Malware Tricks Users and Antivirus

Reported Ransomware Attacks Are Just the Tip of the Iceberg: That’s a Problem for Everyone

Krebs: No SOCKS, No Shoes, No Malware Proxy Services!

Mobile Store Owner Hacked T-Mobile Employees to Unlock Phones

Cybersecurity Could Offer a Way for Underrepresented Groups to Break Into Tech
Nomad Crypto Bridge Loses $200 Million in ‘Chaotic’ Hack

EU Missile Maker MBDA Confirms Data Theft Extortion, Denies Breach

Semiconductor Manufacturer Semikron Hit by LV Ransomware Attack

Gatto, Pope & Walrick (CA) Files Notice of Data Breach Following Reports of Potential Tax Return Fraud

Chinese Hackers Using New Manjusaka Hacking Framework in GoLang Similar to Silver and Cobalt Strike

New ‘ParseThru’ Parameter Smuggling Vulnerability Affects Golang-based Applications

Google Patches Critical Android Bluetooth Flaw in August Security Bulletin

VMware Urges Admins to Patch Critical Auth Bypass Bug Immediately

Microsoft Announces New External Attack Surface Audit Tool

8/1/2022

Russia Is Starting to Beat Ukraine at Electronic Warfare, Analysts Say

Nancy Pelosi to Visit Taiwan Despite Warnings From China

White House Warns China Not to Overreact to Potential Pelosi Visit to Taiwan

Many Dems Voted to Limit TikTok. Now They’re Using It.

White House Cyber Hire Highlights Diversity Challenges in Tech Workforce

Steam, PayPal Blocked as Indonesia Enforces New Internet Regulation

Probe Finds Israel Police Did Not Unlawfully Hack Phones of Politicians, Activists
BlackCat Ransomware Claims Attack on European Gas Pipeline

OneTouchpPoint Confirms Breach Potentially Impacting Dozens of Other Businesses

Central Maine Medical Center Files Notice of Recent Data Breach With Federal Gov’t

Credential Stealer Malware Raccoon Updated to Obtain Passwords More Efficiently

Researchers Discover Nearly 3,200 Mobile Apps Leaking Twitter API Keys

Microsoft Defender Experts for Hunting Now Available

Tim Hortons Offers Free Coffee and Donut to Settle Data Privacy Invasion Claims

7/29-31/2022

Justice Department Investigating Data Breach of Federal Court System

Congress Takes Aggressive Stance Against Foreign Spyware

You Pay More When Companies Get Hacked

Security Teams Overwhelmed With Bugs, Bitten by Patch Prioritization

Just Because You Don’t See Hackers, Doesn’t Mean They’re Not In Your Network

U.S. Gov’t Warns Americans of Escalating Sms Phishing Attacks

Krebs: 911 Proxy Service Implodes After Disclosing Breach

Spyware Developer of Imminent Monitor RAT Charged by Australian Police After 14,500 Sales

Meta, U.S. Hospitals Sued for Using Healthcare Data to Target Ads
Bromford Housing Association Targeted by Cyber Attack

Israel’s Sapir College Targeted by Cyber Attack; Students’ Data Held for Ransom by Hackers

Microsoft Links Raspberry Robin USB Worm to Russian Evil Corp Hackers

Huge Network of 11,000 Fake Investment Sites Targets Europe

Facebook Ads Push Android Adware With 7 Million Installs on Google Play

LockBit Ransomware Abuses Windows Defender to Load Cobalt Strike

CISA Warns of Atlassian Confluence Hard-Coded Credential Bug Exploited in Attacks

Apple Just Patched 37 iPhone Security Bugs

Big Questions Remain Around Massive Shanghai Police Data Breach