10/31/2022

Ransomware Hackers Hit Australian Defence Communications Platform

U.S. Convenes Over 30 Countries to Address Ransomware as Hacks of Hospitals, Critical Infrastructure Continue

Data Breach of Missile Maker MBDA May Have Been Real: CloudSEK

NSA Shares Supply Chain Security Tips for Software Suppliers

CISA, FBI, MS-ISAC Publish Guidelines For Federal Agencies on DDoS Attacks

The Hunter Cat Is Kinda Like a Bodyguard for Your Credit Card
Education Tech Giant Chegg Gets an F From FTC for Security After Sensitive Info on 40 Million Users Stolen

Hackers Selling Access to 576 Corporate Networks for $4 Million

U.S. Vision Data Breach Involves Patients of Nationwide Optometry, P.C., SightCare, Inc. & Nationwide Vision Center

New Azov Data Wiper Tries to Frame Researchers and BleepingComputer

Hacking Group Abuses Antivirus Software to Launch LODEINFO Malware

Mozilla Firefox Fixes Freezes Caused by New Windows 11 Feature

10/28-30/2022

Inside a U.S. Military Cyber Team’s Defence of Ukraine

Liz Truss Phone Hack Claim Prompts Calls for Investigation

Federal Bans Aren’t Stopping U.S. States From Buying Forbidden Chinese Kit

‘Complex Threat Environment’ Ahead of Midterm Elections, Top Cybersecurity Official Says

Israel’s Largest Ultra-Orthodox Party Suffers Database Leak, Exposing Info on Millions of Voters

The Election That Saved the Internet From Russia and China

Elon Musk Closes Twitter Deal, Immediately Fires Top Executives

Twitter Is Drafting Broad Job Cuts, Days After Elon Musk’s Takeover

New Open-Source Tool Scans Public AWS S3 Buckets for Secrets

Student Arrested for Running One of Germany’s Largest Dark Web Markets, ‘Deutschland im Deep Web’
Largest EU Copper Producer Aurubis Suffers Cyberattack, IT Outage

WakeMed Health & Hospitals (NC) Announces Data Breach Affecting 495,808 Patients

These Dropper Apps On Play Store Targeting Over 200 Banking and Cryptocurrency Wallets

Cranefly Hackers Use Stealthy Techniques to Deliver and Control Malware

High-Severity Flaws in Juniper Junos OS Affect Enterprise Networking Devices

Connectwise Fixes RCE Bug Exposing Thousands of Servers to Attacks

Exploit Released for Critical VMware RCE Vulnerability, Patch Now

Google Fixes Seventh Chrome Zero-Day Exploited in Attacks This Year

Actively Exploited Windows MoTW Zero-Day Gets Unofficial pPatch

10/27/2022

U.S. Cyber Officials Prioritizing Securing Critical Sectors, Foreign Partnerships Amid Rising Threats

U.S. Officials Say Tech Companies Must Build Secure Products

Japan to Citizens: Get a Digital ID or Health Insurance Gets Harder

Slovak Parliament Suspends Voting Due to Suspected Cyberattack

New York Post Hacked With Offensive Headlines Targeting Politicians

New York Post Fires Employee Who Posted Racist, Sexist Articles to Website, Twitter

Microsoft Links Raspberry Robin Worm to Clop Ransomware Attacks

Never Pay the Ransom — A Cybersecurity CEO Explains Why

Amazon Accidentally Exposed an Internal Server Packed With Prime Video Viewing Habits

Apple iOS and macOS Flaw Could’ve Let Apps Eavesdrop on Your Conversations with Siri
Twilio Discloses Another Hack From June, Blames Voice Phishing

Michigan Medicine Notifies Patients of Health Information Breach

Ascension St. Vincent’s Coastal Cardiology Data Breach After Ransomware Attack

Drinik Android Malware Now Targets Users of 18 Indian Banks

Fodcha DDoS Botnet Reaches 1Tbps in Power, Injects Ransoms in Packets

Kiss-a-Dog Cryptojacking Campaign Targets Docker and Kubernetes

Not So Nice: Purpleurchin Cryptocurrency Miners Spotted Scouring Free Github, Heroku Accounts

Researchers Expose Over 80 ShadowPad Malware C2 Servers

OpenSSL Warns of Critical Security Vulnerability With Upcoming Patch

Apple Fixes Recently Disclosed Zero-Day on Older iPhones, iPads

10/26/2022

Pro-Chinese Disinformation Group Attempts to Undermine U.S. Political System, Influence Voters

White House Unveils Cyber Plan for Chemical Sector

The Feds’ New Open-Access Policy: Who’s Gonna Pay For It?

Ransomware Threat Shifts from U.S. to EMEA and APAC

Ransomware Gangs Ramp Up Industrial Attacks in U.S.

These Ransomware Victims Are Making the Highest Ransom Payments

LinkedIn’s New Security Features Combat Fake Profiles, Threat Actors

Hinge Plans to Add Video Verification Feature as ‘Romance Scams’ Soar

British Hacker Charged for Allegedly Running the Real Deal Dark Web Market

A Bug in Apple MacOS Ventura Breaks Third-Party Security Tools
Unknown Actors are Deploying RomCom RAT to Target Ukrainian Military

Kimsuky Hackers Spotted Using 3 New Android Malware to Target South Koreans

Australian Clinical Labs Announces Medlab Pathology Data Breach Affects 223,000 Accounts

15 Anesthesia Practices Confirm Recent Data Breach From Incident at “Management Company”

Phoenix Programs of Florida Experienced Data Breach Following Compromised Email Accounts

Urology of Greater Atlanta Announces Data Breach, Does Not Disclose Impact

Medibank Now Says Hackers Accessed All Its Customers’ Personal Data

Microsoft Fixes Windows Vulnerable Driver Blocklist Sync Issue

Google Chrome Pays $57K (and Counting) in Bug Bounties for Latest Update

10/25/2022

Sen. Wyden Urges FTC to Access Classified Info to Combat Foreign Hacks

WhatsApp Back Online After Worldwide Outage

New Samsung Maintenance Mode Protects Your Data During Phone Repairs

Gone Phishing: UK Data Watchdog Fines Construction Biz £4.4M for Poor Infosec Hygiene

Dutch Police Arrest Hacker Who Breached Healthcare Software Vendor

Ukrainian Charged for Operating Raccoon Stealer Malware Service

The Hunt for the Dark Web’s Biggest Kingpin, Part 1: The Shadow

Cybersecurity Teams Are Reaching Their Breaking Point: We Should All Be Worried

Remote Work Has Changed Everything: And It’s Still Getting Weirder

About Workers’ Cybersecurity Awareness: 4 Misconceptions
Hive Ransomware Hackers Begin Leaking Data Stolen from Tata Power Energy Company

See Tickets Discloses 2.5 Years-Long Credit Card Theft Breach

Microsoft: Vice Society targets schools with multiple ransomware families

Cyber Attack Suspected in Erie County (PA) 911 Failure Sunday Night

Choice Health Insurance Confirms Recent Data Breach

Massive Cryptomining Campaign Abuses Free-Tier Cloud Dev Resources

22-Year-Old Vulnerability Reported in Widely Used SQLite Database Library

Researchers Detail Windows Event Log Vulnerabilities: LogCrusher and OverLog

Cisco Warns Admins to Patch AnyConnect Flaw Exploited in Attacks

VMware Fixes Critical Cloud Foundation Remote Code Execution Bug

10/24/2022

When Would a Cyberattack Trigger a NATO Response? It’s a Mystery

Cuba Ransomware Affiliate Targets Ukrainian Gov’t Agencies

U.S. Says Two Chinese Intelligence Officers Tried to Obstruct Huawei Prosecution

U.S.-Listed Chinese Stocks Drop 15% After Beijing’s Power Reshuffle Makes the Market ‘Uninvestable’

Hot on the Trail of a Mass-School-Shooting Hoaxer

Binance Is ‘Narrowing Down’ Identity of Hacker Behind $570 Million Crypto Attack, CEO Says

PayPal Is Getting More Secure Passkey Logins

DHL Replaces LinkedIn As Most Imitated Brand in Phishing Attempts

Criminals Are Starting to Exploit the Metaverse, Says Interpol. Police Follow.
Payment Terminal Malware Steals $3.3M Worth of Credit Card Numbers – 167,000 So Far

Pendragon Car Dealer Refuses $60 Million LockBit Ransomware Demand

Snatch Ransomware Group Claims Attack on Kenosha Unified School District (WI)

SideWinder APT Using New WarHawk Backdoor to Target Entities in Pakistan

Chrome Extensions With 1 Million Installs Hijack Targets’ Browsers

Multiple RCE Vulnerabilities Discovered in Veeam Backup & Replication App

Apple Fixes New Zero-Day Used in Attacks Against iPhones, iPads

K-8 Students Learn Cybersecurity Through Gamification

10/21-23/2022

As Russia Wages Disinfo War, Ukraine’s Cyber Chief Calls for Global Anti-Fake News Fight

Researchers: Facebook and TikTok Approving Ads With ‘Blatant’ Misinformation About Voting in Midterms

TikTok Fires Back at Forbes, Denies Report of a Plan to Track Specific U.S. Citizens Using Its App

DC Attorney General: Don’t Use Facebook Messenger, Other Unencrypted Services for Abortion Planning

Tory Leadership: How Secure Is the Online Vote?

The Quiet ‘Insurrection’ the January 6 Committee Missed

How Billionaires Are Building a Right-Wing Online Ecosystem

Everything We Know About the White House’s IoT Security Labeling Effort

$228 Million Privacy Ruling Against Rail Giant Is ‘Wake-Up Call’ for Third-Party Risk

Clearview AI Gets Third €20 Million Fine for Illegal Data Collection

U.S. Gov’t Warns of Daixin Team Targeting Health Orgs With Ransomware

TommyLeaks and SchoolBoys: Two Sides of the Same Ransomware Gang

Schools Are Getting Hit Hard By Cyberattacks. What Can They Do About It?
New Phishing Campaign Targets Saudi Government Service Portal

Iran’s Atomic Energy Organization Says E-mail Was Hacked

Wholesale Giant METRO Hit by IT Outage After Cyberattack

Thousands of Publicly Exposed API Tokens Could Threaten Software Integrity

BlackByte Ransomware Uses New Data Theft Tool for Double-Extortion

Emotet Botnet Distributing Self-Unlocking Password-Protected RAR Files to Drop Malware

Android Adware Apps in Google Play Downloaded Over 20 Million Times

Typosquat Campaign Mimics 27 Brands to Push Windows, Android Malware

Thousands of GitHub Repositories Deliver Fake PoC Exploits With Malware

Hackers Exploit Critical VMware Flaw to Drop Ransomware, Miners

Exploited Windows Zero-Day Lets Javascript Files Bypass Security Warnings

Critical Flaw Reported in Move Virtual Machine Powering the Aptos Blockchain Network

10/20/2022

Ransomware is Being Used As a Precursor to Physical War: Ivanti

How Vice Society Got Away With a Global Ransomware Spree

Krebs: Battle with Bots Prompts Mass Purge of Amazon, Apple Employee Accounts on LinkedIn

FBI Warns Students Against Loan Forgiveness Scammers

74% Say Connected Cars and EV Chargers Need Cybersecurity Ratings

Biden to Announce Nearly $3 Billion for U.S. Battery Production in Electric Vehicle Push

President Biden Still Wants His Cybersecurity Labels on Those Smart Devices

Singapore, Germany to Mutually Recognise IoT Cybersecurity Labels

Corporate Cybersecurity Teams Continue to Struggle to Fill Jobs
Health System Data Breach Due to Meta Pixel Hits 3 Million Patients

Parler Accidentally Exposes Elite Members’ Email Addresses in Kanye Announcement

OldGremlin Ransomware Targeted Over a Dozen Russian Entities in Multi-Million Scheme

Hackers Using New Version of FurBall Android Malware to Spy on Iranian Citizens

New Ursnif Variant Likely Shifting Focus to Ransomware and Data Theft

Google Launches GUAC Open Source Project to Secure Software Supply Chain

Google Sued Over Biometric Data Collection Without Consent

Cybercriminals Jailed for Cryptocurrency Theft, Death Threats

8 Trends Driving Cybersecurity in the Public Sector

10/19/2022

Retired U.S. Generals, Admirals Take Top Jobs With Saudi Crown Prince

China’s Military Is Trying to Recruit Ex-British Air Force Pilots for Training and Intel, UK Says

How the World Will Know If Russia Is Preparing to Launch a Nuke

So, The U.S., China, and Russia Walk Into an Infosec Conference…

Krebs: How Card Skimming Disproportionally Affects Those Most In Need

Microsoft Announces Enterprise DDoS Protection for SMBs

Brazil Arrests Suspect Linked to the Lapsus$ Extortion Hacking Group

Cyber M&A Expected to Remain Robust Into 2023
Microsoft Data Breach Exposes Customers’ Contact Info, Emails

Keystone Health Breach Exposed Health Details of 235K

Deadbolt Ransomware Extorts Vendors and Customers

Experts Warn of Stealthy PowerShell Backdoor Disguising as Windows Update

Researchers Detail Azure SFX Flaw That Could’ve Allowed Attackers to Gain Admin Access

Apache Commons Text RCE Flaw — Keep Calm and Patch Away

CISA Warns of Critical Flaws Affecting Industrial Appliances from Advantech and Hitachi

Emotional Toll From Cyberattacks Can Linger Among Staff for Years

10/18/2022

Ongoing U.S. Support to Ukraine Could Prompt Russian Cyber Escalation in Midterms, Experts Warn

Pro-Russia Hackers DDoS Bulgarian Government

Germany Fires Cybersecurity Chief ‘Over Russia Ties’ Allegations

Sen. Rosen Requests Info on Cyber Threats Targeting Aviation Sector

FBI: Scammers Likely to Target Us Student Loan Debt Relief Applicants

Critical RCE Vulnerability Discovered in Popular Cobalt Strike Hacking Software

The Black Market for Blue Checks

European Police Catch Suspected Car Hackers

Japanese Giants to Offer Security-As-A-Service for Connected Cars

Ex-WSJ Reporter Says He Was Framed in Elaborate ‘Hack-And-Smear’ Operation

You Need a Password Manager. Here Are the Best Ones
Wine Merchant Vinomofo Among Aussie Firms Breached, Exposing Millions

Verizon Notifies Prepaid Customers Their Accounts Were Breached

Chinese Spyder Loader Malware Deployed Against Hong Kong Organizations

‘Winnti’ Hackers Compromised Hong Kong Gov’t Agency Network for a Year

‘DiceyF’ Hackers Target Asian Casinos in Lengthy Cyberespionage Campaign

CHI Health Begins to Restore Systems Affected by Ransomware Attack

Lifespire Services Reports Data Breach With HHS-OCR Affecting 15,375 Individuals

Zoom Patches High-Severity Flaw in macOS Client

DuckDuckGo for Mac Enters Public Beta, Now Available to Everyone

Millennials and Gen Z Less Likely to Observe Cybersecurity Protocols Than Their Elders

10/14-17/2022

‘Prestige’ Ransomware Group Targets Organizations in Ukraine and Poland

Ransom Cartel Linked to Russia-Based REvil Ransomware Group

Ongoing U.S. Support to Ukraine Could Prompt Russian Cyber Escalation in Midterms, Experts War

Musk’s SpaceX Says It Can No Longer Pay for Critical Satellite Services in Ukraine, Asks Pentagon to Pick up the Tab

Xi Wanted China to Be at the Tech Frontier. 5 Years On, Tensions With the U.S. Have Dented That Goal

FBI Warns Chinese Hackers Scanning State Political Parties

Report Shows How China Has Been Using Cyberattacks Over the Past Decade

The Next Ford Mustang Won’t Be Easy to Tune; Blame Cybersecurity

Gadgets That Break Things: Our Favorite Hacking Hardware

Phishing Works So Well Crims Won’t Bother With Deepfakes, Says Sophos Chap

The Hunt for Wikipedia’s Disinformation Moles

Misinformation Most Amplified on TikTok, Twitter: Advocacy Group

Krebs: Anti-Money Laundering Service AMLBot Cleans House

Police Tricks DeadBolt Ransomware Out of 155 Decryption Keys

Spanish Police Bust Region’s “Biggest Narco Bank”

Global Cops Arrest Dozens Linked to ‘Black Axe’ Financial Crime Gang

Student Jailed for Hacking Female Classmates’ Email, Snapchat Accounts

Only PC Players Need a Registered Phone Number for Modern Warfare 2

Raising Cybersecurity Awareness Is Good for Everyone – But It Needs to Be Done Better
Australian Police Secret Agents Exposed in Colombian Data Leak

MyDeal Data Breach Impacts 2.2M Users, Stolen Data for Sale Online

Phishing Incident May Have Exposed Seton (TX) Patient Names, Clinical Information

Multicare Says Employee Data Enmeshed in Kaye-Smith Vendor Ransomware Attack

Ransomware Attack Halts Circulation of Some German Newspapers

Indian Energy Company Tata Power’s IT Infrastructure Hit By Cyber Attack

Amazon Customers Receive Smishing Warning After Receiving Fake Texts

New PHP Version of Ducktail Malware Hijacking Facebook Business Accounts

Venus Ransomware Targets Publicly Exposed Remote Desktop Services

The Hackers Behind the Black Basta Ransomware Family Infiltrate Networks via Qakbot to Deploy Brute Ratel C4

Malware Dev Claims to Sell New BlackLotus Windows UEFI Bootkit

Mirai Botnet Hits Wynncraft Minecraft Server with 2.5 Tbps DDoS Attack

Fortinet Urges Admins to Patch Bug With Public Exploit Immediately

Zimbra Releases Patch for Actively Exploited Vulnerability in its Collaboration Suite

Windows Mark of the Web Bypass Zero-Day Gets Unofficial Patch

Researchers Say Microsoft Office 365 Uses Broken Email Encryption to Secure Messages

Microsoft’s Out-Of-Date Driver List Left Windows Pcs Open to Malware Attacks for Years

CISA Releases Open-Source ‘RedEye’ C2 Log Visualization Tool

10/13/2022

UK Extends Deadline to Remove Huawei From 5G Networks After One Carrier Warned of Outages

Globally Critical Chip Firm Tells U.S. Staff to Stop Servicing China Customers After Biden Export Curbs

Chinese APT WIP19 Targets IT Service Providers and Telcos

New Chinese ‘Alchimist’ Malware Attack Framework Targets Windows, macOS, and Linux Systems

Firefox’s New Service Gives You a Burner Phone Number to Cut Down on Spam

The $1 Billion Alex Jones Effect

Nearly 3 in 4 Say Misinformation a ‘Major Problem’

U.S. Election Officials Are on Alert for Cyber, Physical Attacks

U.S. Election Workers Slammed With Phishing, Malware-Stuffed Emails

How Palantir’s Tech-Based Patriotism and Politics Grew Into a Multi-Billion Dollar Company

Nudge Security Emerges From Stealth to Tackle Cybersecurity’s People Problem

Cyberattackers Spoof Google Translate in Unique Phishing Tactic

Google’s Futuristic 3D Meeting Tech Is Taking Another Step Forward
Budworm Espionage Group Returns, Targets U.S. State Legislature

Insurer Medibank Hit by Targeted Cyberattack

Cyber Attack Accesses Personal Data of LDS Church Members, Employees

New Mexico Licensing Department Subject of Cyber Attack

Snap Employee Data Exposed After Breach at Document Company Elevate

Fast Company Says Executive Board Member Info Was Not Stolen in Recent September Attack

The Scoular Company (NE) Confirms Recent Data Breach

GEE Group (FL) Reports Data Breach Following Encryption Event

Cloudflare Mitigated Record DDoS Attack Against Minecraft Server

Russian DDoS Attack Project Pays Contributors for More Firepower

Magniber Ransomware Now Infects Windows Users via Javascript Files

Exploit Available for Critical Fortinet Auth Bypass Bug, Patch Now

10/12/2022

America’s ‘Once Unthinkable’ Chip Export Restrictions Will Hobble China’s Semiconductor Ambitions

U.S. To Issue New Cybersecurity Requirements for Critical Aviation Systems

Samsung Knox Matrix Plans ‘Private Blockchain’ Security for Appliances, Phones, and TVs

Google’s Pixel 7 Packs a Beefed-Up Security Chip

Google Rolling Out Passkey Passwordless Login Support to Android and Chrome

FormBook Tops Check Point’s Most Wanted Malware List For September

Google Forms Abused in New COVID-19 Phishing Wave in the U.S.

How Wi-Fi Spy Drones Snooped on Financial Firm

The Company That Owns Shein Will Pay New York State $1.9 Million for Data Breach
Hackers Using Vishing to Trick Victims into Installing ‘Copybara’ Android Banking Malware

Unofficial WhatsApp Android App Caught Stealing Users’ Accounts

Mars Area School District (PA) Investigates Breach

New npm Timing Attack Could Lead To Supply Chain Attacks

Claroty Found Hardcoded Cryptographic Keys in Siemens PLCs Using RCE

Aruba Fixes Critical RCE and Auth Bypass Flaws in EdgeConnect

Krebs: Microsoft Patch Tuesday, October 2022 Edition

Microsoft Defender Adds Command and Control Traffic Detection

Microsoft Adds New RSS Feed for Security Update Notifications

10/11/2022

Hacking Group Polonium Uses ‘Creepy’ Malware Against Israel

The Cruel Temptation of the Job Offer Scam

Rising Premiums, More Restricted Cyber Insurance Coverage Poses Big Risk for Companies

Hacktivists Force Companies to Respond to Low-Level Cyberattacks

Labor Department Proposes Rule to Reclassify Contractors as Employees

Google Chat Upgrades for Threading, Custom Emoji, and Security Are Coming Soon

Android Leaks Some Traffic Even With ‘Always-on VPN’

If You’re Wondering Why Google Blew $5B on Mandiant, This May Shed Some Light

America’s Oldest Bank, BNY Mellon, Will Hold That Crypto Now

Talent & Governance: The Key To Cybersecurity Change
JPMorgan Says It Is Not Seeing Any Impact From Alleged Killnet Attack

Valle del Sol (AZ) Announces Unauthorized Access to Its IT Network

BazarCall Callback Phishing Attacks Constantly Evolving Its Social Engineering Tactics

Microsoft Exchange Servers Hacked to Deploy LockBit Ransomware

Researchers Detail Critical RCE Flaw Reported in Popular vm2 JavaScript Sandbox

VMware vCenter Server Bug Disclosed Last Year Still Not Patched

Microsoft October 2022 Patch Tuesday Fixes Zero-Day Used in Attacks, 84 Flaws

Calls for Better Microsoft Teams Backup as Confidential Info Sent on the Platform

All Windows Versions Can Now Block Admin Brute-Force Attacks

10/10/2022

Russian-Speaking ‘Killnet’ Hackers Knock Multiple U.S. Airport Websites Offline. No Impact on Operations Reported

Ukraine Enhances Cooperation With EU Cybersecurity Agencies

German Cybersecurity Chief Investigated Over Russia Ties

ThermoSecure: Cracking Passwords Using Finger Heat on Keyboards is Now Possible

Windows 11 Now Offers Automatic Phishing Protection

Caffeine Service Lets Anyone Launch Microsoft 365 Phishing Attacks

It’s 2022 and Netizens Are Only Now Getting Serious About Cybersecurity

Hospitalwide Outages Still Plaguing CommonSpirit Hospitals
Intel Confirms Alder Lake BIOS Source Code Leak, New Details Emerge

Toyota Discloses Data Leak After Access Key Exposed on GitHub

Singtel’s Second Unit Faces Cyber Attack Weeks After Optus Data Breach

Mativ Holdings (GA) Confirms Recent Data breach Affected Employee Information

Researchers Detail Malicious Tools Used by Cyberespionage Group Earth Aughisky

New Report Uncovers Emotet’s Delivery and Evasion Techniques Used in Recent Attacks

Hackers Behind IcedID Malware Attacks Diversify Delivery Tactics

Fortinet Says Critical Auth Bypass Bug Is Exploited in Attacks

10/7-9/2022

Federal Government Considers Sharing Costs for ‘Catastrophic’ Cyber Incidents

New U.S. Privacy Protections Help Companies Struggling With Legal Limbo In Europe

May Not Satisfy Europe

Krebs: Big U.S. Banks Are Stiffing Account Takeover Victims (Report)

Facebook Warns 1 Million Users Whose Logins Were Stolen by Scam Mobile Apps

Callback Phishing Attacks Evolve Their Social Engineering Tactics

Hackers Can Use ‘App Mode’ in Chromium Browsers’ for Stealth Phishing Attacks

When Are We Gonna Stop Calling It Ransomware? It’s Just Data Kidnapping Now

Cybersecurity Will Account for Nearly One-Quarter of AI Software Market Through 2025

Boston Dynamics: We Won’t Weaponize Our Robots and neither Should Our Customers

Darkweb Market BidenCash Gives Away 1.2 Million Credit Cards for Free
2K Games Warns Users Their Stolen Data Is Now up for Sale Online

Over 12,000 Wisconsin Medicaid Members Had Their Personal Data Exposed

ADATA Denies RansomHouse Cyberattack, Says Leaked Data From 2021 Breach

Binance Hackers Make Off With $100 Million

Brazil’s BRB Bank Pays 50 BTC After Being Targeted by a Ransomware Attack

LofyGang Group Linked to Recent Software Supply Chain Attacks

Fake Adult Sites Push Data Wipers Disguised as Ransomware

Solana Phantom Security Update NFTs Push Password-Stealing Malware

Hackers Exploiting Unpatched RCE Flaw in Zimbra Collaboration Suite

Fortinet Warns of New Auth Bypass Flaw Affecting FortiGate and FortiProxy

Microsoft: Windows 11 22H2 Causes File Copy Performance Hit

10/6/2022

FBI Warns of Disinformation Threats Before 2022 Midterm Elections

U.S. Gov’t Shares Top Flaws Exploited by Chinese Hackers Since 2020

A Swatting Spree Is Terrorizing Schools Across the U.S.

Krebs: Glut of Fake LinkedIn Profiles Pits HR Against the Bots

Cybersecurity Leaders Are Having Trouble Keeping Companies Secure: There’s No Easy Solution

Disabling These Windows 11 Security Features Could Improve Gaming Performance

Blizzard Scales Back Overwatch 2’s Controversial Phone Number Requirement

Musk Requests Stay In Twitter Trial

Meta Sues App Dev for Stealing Over 1 Million WhatsApp Accounts

19-Year-Old Teen Arrested for Using Leaked Optus Breach Data in SMS Scam
Hacker Steals $566 Million Worth of Crypto From Binance Bridge

Indianapolis Housing Agency’s Server Hacked by Cyber Thieves

Saskatoon Gynecology Clinic Hit With Ransomware Attack

Hartnell College Network Outage May Be From Cyberattack

16,000 Traffic Charges ‘Dismissed’ — By Mistake — After NC Courts Computer Problem

Eternity Group Hackers Offering New LilithBot Malware as a Service to Cybercriminals

Linux Kernel 5.19.12 Bug Could Damage Intel Laptop Displays

Details Released for Recently Patched new macOS Archive Utility Vulnerability

Australia Unveils Privacy Rule Changes After Optus Data Breach

10/5/2022

Malicious Cyber Activity Unlikely to Disrupt Voting, FBI Says

Hacktivists Seek to Aid Iran Protests With Cyberattacks and Tips on How to Bypass Internet Censorship

FBI, CISA, and NSA Reveal How Hackers Targeted a Defense Industrial Base Organization

Colorado.gov Downed in ‘Suspected Foreign’ Cyber Attack

City of Houston Website Possibly Hacked With Posts About Russian Mail Order Brides, Essay Writers

Lloyd’s of London Investigates Possible Cyber Attack

Rise in Cyberattacks Stretches and Stresses Defenders

The Insecurities of Cybersecurity Success

Avast Releases Free Decryptor for Hades Ransomware Variants

Ransomware: This Is How Half of Attacks Begin, and This Is How You Can Stop Them

Former Uber Security Chief Joe Sullivan Found Guilty of Obstructing FTC Probe

Seattle Hacker Gets Probation for $250M Capital One Data Breach

DOJ ‘Very Disappointed’ With Probation Sentence for Capital One Hacker Paige Thompson
Staff at Security Firm G4S on Alert After Tax Numbers and Bank Details Posted Online Following Hack

City of Tucson Discloses Data Breach Affecting Over 125,000 People

Family Medical (TX) Reports Informs 234K Patients of Possible Data Compromise

Chase UK’s App-Only Bank Hit With 24-Hour Ongoing Outage

Douglas County (NE) 911 Impacted by Ransomware Cryptovirus

Grain Valley School District (MO) Investigates Cyberattack

Chemonics International Files Official Notice of Data Breach

BlackByte Ransomware Abuses Legit Driver to Disable Security Products

Experts Warn of New RatMilad Android Spyware Targeting Enterprise Devices

Microsoft Investigates Windows 11 22H2 Remote Desktop Issues

Hundreds of Microsoft SQL Servers Backdoored With New Malware

Microsoft Updates Mitigation for ProxyNotShell Exchange Zero Days

10/4/2022

Vladimir Putin’s Speech Contains the Off-Ramp to the War in Ukraine

This Is How the War Could End

Russian Hackers Take Aim at Kremlin Targets?

New Democrat Coalition Backs Privacy Bill

Cyber Bill to Fund Minority, Community College Programs

Musk Revives $44 Billion Twitter Bid, Aiming to Avoid Trial

Shares Surge 22%

Mastercard Pushes Deeper Into Crypto With New Tool for Combating Fraud

BEC Scammer Gets 25-Year Jail Sentence for Stealing Over $9.5 Million

Netwalker Ransomware Affiliate Sentenced to 20 Years in Prison

Russian Hacker Arrested at Airport in India for Reportedly Helping Students Cheat in JEE-Main Exam

Japanese Sushi Chain Boss Resigns Amid Accusation of Improper Data Access
Someone Is Tricking Chinese YouTube Users With a Spyware Version of the Tor Browser

Australia’s Telstra Hit by Data Breach, Two Weeks After Attack on Optus

Optus Confirms 2.1 Million ID Numbers Exposed in Data Breach

Student, Teacher Data Largely Unaffected in Los Angeles Schools Hack

CommonSpirit IT Security Incident Disrupts Hospital Operations

Anthem MaineHealth Suffers Third-Party Data Breach from Choice Health, 13K Impacted

Hackers Are Breaching Scam Sites to Hijack Crypto Transactions

FBI Warns of “Pig Butchering” Cryptocurrency Investment Schemes

FBI: Beware of Fake Batteries, Here’s What to Watch Out For

Researchers Report Supply Chain Vulnerability in Packagist PHP Repository

10/3/2022

NATO Leader on Ukraine’s Fast-Track Into Alliance: Membership ‘Has to Be Taken by Consensus’

CISA Directs Federal Agencies to Improve Cybersecurity Asset Visibility and Vulnerability Detection

The Founder of ‘Black Girls in Cyber’ Sees Lots More Work to Do

National Cybersecurity Awareness Program 18 Years On: Don’t Click That

Small Utilities Must Master Cybersecurity

How Ransomware Is Causing Chaos in American Schools

The High Cost of Living Your Life Online

From Today, America and UK Follow New Rules on How They Can Demand Your Data From Each Other

Healthcare Company Owners Get Jail Time for $7m Fraud Scheme

Transit Swap Exploiter Returns Large Chunk of $28.9M Hack
Russian Retail Chain Digital Network System (DNS) Confirms Hack After Data Leaked Online

Ferrari Says Internal Documents Online, but No Evidence of Cyber Attack

focusIT (AZ) Files Official Notice of Data Breach of Compromised Customer Info

Phishing Campaigns Target KFC, McDonald’s in Saudi Arabia, UAE, Singapore

Web Browser App Mode Can Be Abused to Make Desktop Phishing Pages

Researchers Link Cheerscrypt Linux-Based Ransomware to Chinese Hackers Emperor Dragonfly

Comm100 Chat Provider Hijacked to Spread Malware in Supply Chain Attack

Fake Microsoft Exchange ProxyNotShell Exploits for Sale on GitHub

Microsoft Exchange Server Zero-Day Mitigation Can Be Bypassed

9/30-10/2/2022

Putin Announces Annexation of Ukrainian Regions in Defiance of International Law

Ukrainian Troops Fight to Take Full Control of Lyman, as Russians Attempt to Withdraw

Ukraine Bids to Join NATO Despite Long Odds

9 NATO Members Urge Support for Ukraine After Annexation

Lawmakers Split on Ukraine’s New NATO Bid…Surprise to Biden

U.S. And Turkish Officials Discuss Ukraine and NATO in Unannounced Meeting

Russians Dodging Mobilization Behind Flourishing Scam Market

The FBI Says It Caught an Ex-NSA Employee Trying to Sell Top-Secret Intelligence Documents to Foreign Governments

National Archives Says Some Trump Administration Records Are Still Missing

U.S. Faces Election Worker Shortage Ahead of Midterms Due to Rise in Threats

Krebs: Fake CISO Profiles on LinkedIn Target Fortune 500s

Heightened Cyber Threat Brings CIOs, CISOs Closer

Scarborough: Plan to Make Town Cyber Security Centre of Excellence

Germany Arrests Hacker for Stealing €4 Million via Phishing Attacks

Optus Breach Victims Will Get “Supercharged” Fraud Protection

Chrome’s New Ad-Blocker-Limiting Extension Platform Will Launch in 2023
Krebs: Two New Microsoft 0-Day Flaws in Exchange Server

State-Sponsored Hackers Likely Exploited MS Exchange 0-Days Against ~10 Organizations

Microsoft Confirms

Mexican President Confirms ‘Guacamaya’ Hack Targeting Regional Militaries

Hack Puts Latin American Security Agencies on Edge

Ransomware Gang Leaks Data Stolen From LAUSD School System

LAUSD Creates Hotline After Stolen Data Posted by Ransomware Group

Shangri-La Hacked & Guest Information At Select Hotels Exposed

Northern California Fertility Medical Center Breach Leaks Patients’ Health Info

William Carey University (MS) Comes Under Ransomware Attack

Fake U.S. Gov’t Job Offers Push Cobalt Strike in Phishing Attacks

Lazarus Hackers Abuse Dell Driver Bug Using New FudModule Rootkit

Hackers Backdoor Pirated Windows OS With Cryptominer and Xtreme RAT

CISA Warns of Hackers Exploiting Critical Atlassian Bitbucket Server Vulnerability

Microsoft to Let Office 365 Users Report Teams Phishing Messages

White House: A Proclamation on Cybersecurity Awareness Month, 2022