11/29/2022 November 30, 2022November 30, 2022 ~ The Cyber Beat ~ Leave a comment Krebs: U.S. Gov’t Apps Bundled Russian Code With Ties to Mobile Malware DeveloperExperts Find 16,000+ Scam FIFA World Cup DomainsKillnet Gloats About DDoS Attacks Downing Starlink, White HouseU.S. Census Bureau Head Fends Off Critics of ‘Differential Privacy’ ToolMusk Asks if Apple Hates ‘Free Speech in America’ After Twitter Advertising Drop-offTwitter Stops Enforcing COVID Misinformation PolicyHow Secure a Twitter Replacement Is Mastodon? Let Us Count the WaysWeb App and API Attacks Surge 257% in Financial ServicesCyber Insurers Turn Attention to Catastrophic HacksPolice Shutter 13,000 Sites in Piracy CrackdownSpanish Police Dismantle Operation That Made €12M via Investment ScamsThe Hunt for the Dark Web’s Biggest Kingpin, Part 6: EndgameCISA’s Strategic Plan Is Ushering in a New Cybersecurity EraColumbia Grain International Reports March 2022 Data BreachPII May Have Been Stolen in Southampton County (VA) Ransomware AttackWashington County (MD) Cybersecurity Issue Impacts Some FunctionsKlamath County Developmental Disability Services (OR) Data BreachGOP Super PAC Secure Our Freedom Action Fund Lost $158,000 in Email HackTrigona Ransomware Spotted in Increasing Attacks WorldwideOracle Fusion Middleware Vulnerability Actively Exploited in the Wild: CISANew Flaw in Acer Laptops Could Let Attackers Disable Secure Boot ProtectionMicrosoft Defender Boosts Default Protection for All Enterprise UsersLet’s Encrypt Issued Over 3 Billion Certificates, Securing 309M Sites for FreeLockheed Martin’s Army Cyber Training Platform Goes Civilian
11/28/2022 November 28, 2022November 28, 2022 ~ The Cyber Beat ~ Leave a comment Twitter Hit With Wave of Porn and Spam Obscuring Tweets About China ProtestsElon Musk Confirms Twitter 2.0 will Bring End-to-End Encryption to Direct MessagesTikTok ‘Invisible Body’ Challenge Exploited to Push MalwareMeta Fined $276 Million Over Facebook Data Leak Involving More Than 533 Million UsersA Peek Inside the FBI’s Unprecedented January 6 Geofence DragnetNSA Cyber Director Talks Threats, OpportunitiesWSJ Pro Research Survey: Preparedness ResultsDon’t Be Fooled by End-Of-The-Year Articles on Cybersecurity TrendsBanks in EU Face Tougher Rules on Using Cloud Computing GiantsPhishing Campaign Impersonating UAE Ministry of Human Resources GrowsVanuatu Hospital Staff Using Pen and Paper After Cyber Attack That Crippled Public SectorDurham (ON) Schools Without Email or Phone Services After ‘Cyber Incident’Community Health Network Notifies 1.5M of Data Breach Stemming From Tracking TechHope Health Systems (MD) Experiences Ransomware Attack, Leading to Data BreachMalicious Android App Found Powering Account Creation ServiceOver a Dozen New BMC Firmware Flaws Expose OT and IoT Devices to Remote AttacksResearchers Detail AppSync Cross-Tenant Vulnerability in Amazon Web Services
11/25-27/2022 November 28, 2022November 28, 2022 ~ The Cyber Beat ~ Leave a comment Election Security a Success, but More Improvements Needed, Experts SayRussia-based RansomBoggs Ransomware Targeted Several Ukrainian Organizations…New Ransomware Attacks in Ukraine Linked to Russian Sandworm HackersThe FCC Just Banned These Chinese Cameras and Telecom Hardware From Reaching the U.S.Apple Tracks You More Than You ThinkThe Biggest Security Risks of Using Fitness Trackers and Apps to Monitor Your HealthElon Musk Says Twitter Is Launching ‘Verified’ Service Next WeekFor Gaming Companies, Cybersecurity Has Become a Major Value PropositionDell, HP, and Lenovo Devices Found Using Outdated OpenSSL VersionsGoogle Warns: Android ‘Patch Gap’ Is Leaving These Smartphones Vulnerable to AttackRagnar Ransomware Gang Targets Belgian Municipality, Hits Police InsteadVice Society Ransomware Claims Attack on Cincinnati State CollegeCanadian Menswear Chain Harry Rosen Confirms Cyber AttackAll-India Institute of Medical Sciences (AIIMS) Server Still Down Four Days After Ransomware AttackDufferin County Paramedic Service (ON) Electronic Patient Record System Shut Down Due to Cyber AttackDWIs, Gun Miscues and Dubious Acts Revealed in New York State Police Disciplinary Files5.4 Million Twitter Users’ Stolen Data Leaked Online — More Shared PrivatelyRemote Code Execution Vulnerability Found in Windows Internet Key ExchangeConnectWise Fixes XSS Vulnerability that Could Lead to Remote Code ExecutionGoogle Releases Chrome Patch to Fix New Zero-Day Vuln
11/24/2022 November 24, 2022November 24, 2022 ~ The Cyber Beat ~ Leave a comment Interpol Seized $130 Million From Cybercriminals Worldwide‘iSpoof’ Service Dismantled, Main Operator and 145 Users ArrestedI Lost $17,000 in Crypto. Here’s How to Avoid My Very Silly Mistake10,000 BTC Moves off Crypto Wallet Linked to 2014 Mt. Gox HackWhere Are We Heading With Data Privacy Regulations?Bahamut Spyware Group Compromises Android Devices Via Fake VPN AppsDocker Hub Repositories Hide 1,650+ Malicious ContainersPersonal Information Data Breach Prompts Warning From Tehama County (CA)New RansomExx Ransomware Variant Rewritten in the Rust Programming LanguageThe Hunt for the Dark Web’s Biggest Kingpin, Part 5: Takedown
11/23/2022 November 24, 2022November 24, 2022 ~ The Cyber Beat ~ Leave a comment Ukraine War: Blackouts Across Ukraine Amid Wave of Russian StrikesDozens of Russian Groups Steal 50 Million User PasswordsPro-Russian Hacktivists Take Down EU Parliament Site in DDoS AttackYanluowang Ransomware’s Russian Links Laid Bare in Online LeaksMicrosoft Says Attackers Are Hacking Energy Grids by Exploiting Decades-Old SoftwareUK Privacy Tsar Defends Controversial Enforcement StrategyPanaseer Launches Guidance on Security Controls Ahead of EU’s New LegislationMeta Removes Pro-U.S. Accounts in Middle East and Central Asia…U.S. Military Influence CampaignDucktail Hackers Now Use WhatsApp to Phish for Facebook Ad AccountsGrassley Presses Musk Over Twitter Data Security Concerns, Whistleblower Allegations…Musk Says He’s Done With Twitter Layoffs…Now Hiring!Cyber Due Diligence in M&As Uncovers Threats, Improves ValuationsSonder Takes Steps After Data BreachOntario Secondary School Teachers’ Union Notifies Victims of Ransomware AttackDoctors’ Center Hospital (PR) Announces Breach Affecting Over One Million PatientsDisability Services of the Southwest Has Data BreachHealth Care Management Solutions (WV) Data Breach Affects 500,000 IndividualsDriver’s License Numbers for 470K May Have Been Exposed in Suffolk CyberattackWright & Filippis (MI) Data Breach Affects More than 877k IndividualsMercyhurst University (PA) Announces Data BreachGATE Petroleum Company (FL) Announces Data BreachHackers Exploiting Abandoned Boa Web Servers to Target Critical IndustriesQakbot Infections Linked to Black Basta Ransomware CampaignBackdoored Chrome Extension ‘SearchBlox’ Installed by 200,000 Roblox PlayersFake MSI Afterburner Targets Windows Gamers With Miners, Info-StealersMali GPU ‘Patch Gap’ Leaves Android Users Vulnerable to Attacks
11/22/2022 November 22, 2022November 22, 2022 ~ The Cyber Beat ~ Leave a comment The U.S. Has a Bomb-Sniffing Dog ShortageKillnet DDoS Hacktivists Target British Royal Family and OthersExperts Warn Threat Actors May Abuse Red Team Tool NighthawkThis Scam Starts With a Fake Invoice: It Could End With Crooks Stealing Your DataIn Court Appearance, FTX Lawyer Says ‘Substantial Amount’ of Crypto Firm’s Assets Stolen or MissingU.S. Takes Down Domains Used in ‘Pig Butchering’ Cryptocurrency SchemeHackers Are Locking Out Mars Stealer Operators From Their Own ServersFour Reasons The Cybersecurity Sector Could Remain Recession-ResilientHackers Breach Energy Orgs via Bugs in Discontinued Web ServerReceivables Performance Management (WA) Data Breach Impacts over 3.7 Million PeopleGateway Rehabilitation Center (PA) Data Breach Impacts 130,000HomeTrust Mortgage (TX) Reports Data Breach in the Wake of Ransomware AttackDonut Extortion Group Also Targets Victims With RansomwareAndroid File Manager Apps Infect Thousands With Sharkbot Malware‘ViperSoftX’ Malware Installs Malicious Browser Extensions to Steal Users’ Passwords and CryptosAWS Fixes ‘Confused Deputy’ Vulnerability in AppSync
11/21/2022 November 22, 2022November 22, 2022 ~ The Cyber Beat ~ Leave a comment Red Tape, Potholes and Politics Hamper NATO’s Defence Efforts as the Russia Threat Rises…Cyber as Important as Missile Defences: Ex-NATO GeneralU.S. Offshore Oil and Gas Installation at ‘Increasing’ Risk of CyberattackAutonomous Vehicles Join the List of U.S. National Security ThreatsWorld Cup Phishing Emails Spike in Middle Eastern CountriesLuna Moth Phishing Extortion Campaign Targets Businesses in Multiple SectorsAttackers Bypass Coinbase and MetaMask 2FA via TeamViewer, Fake Support ChatMicrosoft: Hackers Are Using This ‘Concerning’ Tactic to Dodge Multi-Factor AuthenticationThe Long, Lonely Wait to Recover a Hacked Facebook AccountGoogle Wins Legal Battle Against Two Russians Connected with the Glupteba BotnetTwo Estonians Arrested for Running $575M Crypto Ponzi SchemeInvestors Are Pouring Cash Into These 10 Cybersecurity StartupsDaixin Ransomware Gang Steals 5 Million AirAsia Passengers’ and Employees’ DataHackers Steal $300K in DraftKings via Credential Stuffing…DraftKings Says No Evidence Systems Were Breached Following Report of a HackWestmount (QC) Hit by RansomwareCommonwealth Care Alliance of California Reports Data Breach Leaking Patient Health InfoEagle Bank (MD) Data Breach Compromised Customer Social Security NumbersSouth Walton Fire District (FL) Warns Patients About Cyber Attack IncidentNotorious Emotet Malware Returns With High-Volume Malspam CampaignGoogle Identifies 34 Cracked Versions of Popular Cobalt Strike Hacking Toolkit in the WildAurora Infostealer Malware Increasingly Adopted by CybergangsGoogle Chrome Extension Used to Steal Cryptocurrency, PasswordsThousands of Algolia API Keys Could Expose Users’ DataMicrosoft’s Attempts to Harden Kerberos Authentication Broke It on Windows Servers
11/18-20/2022 November 21, 2022November 21, 2022 ~ The Cyber Beat ~ Leave a comment Government of Moldova Shaken by Big Hack-And-Leak OperationVanuatu: Hackers Strand Pacific Island Government for Over a WeekChina and the TikTok Threat: How the White House Cybersecurity Team Is Thinking About ItCISA, NSA, ODNI Publish Software Supply Chain Guidelines For CustomersShoppers Warned Stay Alert this Black Friday as Hackers Renew EffortsKrebs: Researchers Quietly Cracked Zeppelin Ransomware KeysFTX’s Sam Bankman-Fried Cashed Out $300 Million During Funding SpreeWickr’s Free Encrypted Messaging App Is Shutting Down Next YearDonald Trump Returns to Twitter After Elon Musk’s PollHow BlackBerry Moved From Iconic Cellphones to CybersecurityAustralia’s Hack-Back Plan Against Cyberattackers Raises Familiar ConcernsCybercriminals Strike Understaffed Organizations on Weekends and HolidaysU.S. Charges BEC Suspects With Targeting Federal Health Care ProgramsIndian Government Publishes Draft of Digital Personal Data Protection Bill 2022Chinese ‘Mustang Panda’ Hackers Actively Targeting Governments WorldwideMicrosoft Warns of Hackers Using Google Ads to Distribute Royal RansomwareGoogle Search Results Poisoned With Torrent Sites via Data StudioBooz Allen Says Former Staffer Downloaded Employees’ Personal DataEesti Energia Website Down After Pro-kremlin Cyber AttackCyber Attack on Central Depository Services (India)Patients Receive Letter Informing of Data Breach From Christus Spohn Health System (TX)Miller County (AR) Offices Impacted by Cyber Attack After Breach Two Weeks AgoNew ‘AXLocker’ Ransomware Encrypts Files, Then Steals Your Discord AccountLodaRAT Malware Resurfaces with New Variants Employing Updated FunctionalitiesNew Attacks Use Windows Security Bypass Zero-Day to Drop MalwareExploit Released for Actively Abused ProxyNotShell Exchange BugAtlassian Releases Patches for Critical Flaws Affecting Crowd and Bitbucket ProductsGoogle Looking Outside the Usual Channels to Fix Security Skills Gap
11/17/2022 November 18, 2022November 18, 2022 ~ The Cyber Beat ~ Leave a comment Wray Tells Lawmakers That FBI Conducts Cyber Offensive OperationsSenate Democrats Ask FTC to Investigate Twitter After ‘Alarming Steps’ by MuskMeta Employees, Security Guards Fired for Hijacking User AccountsMeta Keeps Booting Small Business Owners for Being Hacked on FacebookFTX’s New Boss Reveals Chaos Left Behind by Sam Bankman-Fried…FTX Filing: Sam Bankman-Fried Transferred Assets to Bahamas Government Custody After Bankruptcy1Password Embraces a Passwordless FutureSecurity Firms Are Turning NYC’s Street Trees Into Surveillance Posts for GuardsMore Than Half of Black Friday Spam Emails Are ScamsUK Government Seeks Further Easing of Data Protection RulesChinese Spy Gets 20 Years for Aviation Espionage PlotU.S. Charges Russian Suspects With Operating Z-Library E-Book SitePhishing Kit Impersonates Well-Known Brands to Target U.S. ShoppersMiddletown Valley Bank (MD) Data Breach After Unauthorized Access to Computer NetworkInnovative Service Technology Management Services (GA) Reports Data BreachFBI: Hive Ransomware Extorted $100M From Over 1,300 VictimsPreviously Unidentified ARCrypter Ransomware Expands WorldwideQBot Phishing Abuses Windows Control Panel EXE to Infect DevicesHigh Severity Vulnerabilities Reported in F5 BIG-IP and BIG-IQ DevicesMicrosoft Urges Devs to Migrate Away From .Net Core 3.1 ASAPZero-Trust Initiatives Stall, as Cyberattack Costs Rocket to $1M per IncidentGoogle Wins Lawsuit Against Alleged Russian Botnet HerdersSpacecraft Vulnerable to Failure, Thanks to Aerospace Networking Bug
11/16/2022 November 16, 2022November 16, 2022 ~ The Cyber Beat ~ Leave a comment FBI Head: China Has ‘Stolen More’ U.S. Data ‘Than Every Other Nation Combined’Russia’s Cyber Forces ‘Underperformed Expectations’ in Ukraine: Senior U.S. OfficialFormer CISA Director Chris Krebs Praises Government’s Role in Election SecurityHostile States Are Targeting You, Speaker Warns MPsU.S. Gov’t: Iranian Hackers Breached Federal Agency Using Log4Shell ExploitState-Backed APT Group Activity Continuing ApaceGermany Says Nein to Qatari World Cup Spyware, Err, AppsKrebs: Disneyland Malware Team: It’s a Puny World After AllTelehealth Sites Put Addiction Patient Data at RiskDuckDuckGo’s App Tracking Protection Beta Is Now Available to All Android Users for TestingHot Market for Cyber Insurance Begins to StabilizeMajority of Companies Reduce Cybersecurity Staff Over HolidaysResearchers Discover Hundreds of Amazon RDS Instances Leaking Users’ Personal DataMagento Stores Targeted in Massive Surge of TrojanOrders AttacksData Breach at Arkansas Department of Human Services Releases Medicaid InformationLake Charles Memorial (LA) Assessing Information After Recent Cyber AttackSierra College (CA) Files Notice of Data Breach Following Ransomware AttackOld Point National Bank (VA) Data Breach Compromises SSNs and Account NumbersWASP Malware Stings Python Developers According to ResearchersNew RapperBot Campaign Aims to Launch DDoS Attacks at Game ServersTwitter Source Code Indicates End-To-End Encrypted DMs Are ComingCybersecurity Best Practice Is Critical for Winning the New Space Race
11/15/2022 November 15, 2022November 15, 2022 ~ The Cyber Beat ~ Leave a comment Lazarus Backdoor DTrack Evolves to Target Europe and Latin AmericaBillbug Targets Government Agencies in Multiple Asian CountriesNew “Earth Longzhi” APT Targets Ukraine and Asian Countries with Custom Cobalt Strike LoadersMayorkas: Ties With Private Sector, Foreign Partners ‘Increasingly Vital’ as Cyber Threats RiseShocker: EV Charging Infrastructure Is Seriously InsecureTwitter Says 2FA Still Works, but It’s Looking Into a ‘Few Cases’ Where It Didn’tThe Hunt for the Dark Web’s Biggest Kingpin, Part 4: Face to FaceKrebs: Top Zeus Botnet Suspect “Tank” Arrested in GenevaPolice Celebrate Arrest of 59 Suspected ScammersGoogle to Pay $392M in Landmark Privacy CaseGoogle to Roll Out Privacy Sandbox on Android 13 Starting Early 2023Suffolk Police Publish Victims Information in Mass Data BreachRansomware Attack Keeps Jackson, Hillsdale County Schools (MI) Closed AgainWork Health Solutions (CA) Data Breach After Unauthorized Employee Email AccessTwitter Fixed a Bug That Exposed Advertisers’ Sensitive Credit Details InternallyPCSpoof: New Vulnerability Affects Networking Tech Used by Spacecraft and AircraftResearchers Reported Critical SQLi and Access Flaws in Zendesk Analytics ServiceRemote Code Execution Discovered in Spotify’s BackstageMisconfigurations, Vulnerabilities Found in 95% of ApplicationsHow Routine Pen Testing Can Reveal the Unseen FlawsCybersecurity Jobs: Five Ways to Help You Build Your Career
11/14/2022 November 15, 2022November 15, 2022 ~ The Cyber Beat ~ Leave a comment Instagram, Facebook, Twitter, YouTube Suspended in Turkey After BlastRussian ‘Killnet’ Hackers Claim Cyber Attack On FBI WebsiteThe Hunt for the FTX Thieves Has Begun…Hack or Inside Job? Blockchain Experts Examine Clues and a ‘Stupid Mistake’GitHub Now Supports Researchers with Private Vulnerability Reporting For Public RepositoriesThe Long, Solder-Heavy Way to Get Root Access to a Starlink TerminalWhoosh Confirms Data Breach After Hackers Sell 7.2M User RecordsNew KmsdBot Malware Hijacking Systems for Mining Crypto and Launch DDoS Attacks42,000 Sites Used to Trap Users in ‘Fangxiao’ Brand Impersonation SchemeOver 15,000 WordPress Sites Compromised in Malicious SEO CampaignWindows Kerberos Authentication Breaks After November Updates
11/11-13/2022 November 13, 2022November 13, 2022 ~ The Cyber Beat ~ Leave a comment Bankrupt Crypto Exchange FTX Probing Unauthorized Transactions…At Least $1 Billion of Client Funds Missing at Failed Crypto Firm FTX…FTX Says It’s Removing Trading and Withdrawals, Moving Digital Assets to a Cold Wallet…Bankrupt Crypto Exchange FTX Is Under Criminal Investigation in the Bahamas…Sam Bankman-Fried Reportedly Denies Fleeing to Argentina, Says He’s Still in the Bahamas…Plotting Escape to Non-Extradition Safe Haven Dubai?…Larry David ‘Predicted’ FTX’s ImplosionCrypto.com Withdrawals Rise After CEO Admits Transaction Problem‘Dark Ships’ Emerge From the Shadows of the Nord Stream MysteryTwitter C-Level Resignations Continue As Blue Program Creates New Cyber-Risks…Twitter Pauses Paid Verifications After Users Abuse Service to Impersonate Brands and PeopleInternal Documents Show How Close the FBI Came to Deploying SpywareNSA Urges Orgs to Use Memory-Safe Programming LanguagesU.S. Seized 18 Web Domains Used for Recruiting Money MulesMicrosoft Blames Russian ‘Sandworm’ Hackers for Prestige Ransomware Attacks on Ukraine & PolandUkraine Says Russian Hacktivists Use New Somnia RansomwareAustralian Police to Russian Medibank Hackers: ‘We Know Who You Are’Australia to Consider Banning Paying of Ransoms to Cyber CriminalsExperts Uncover Two Long-Running Android Spyware Campaigns Targeting UyghursWorld Cup Apps Pose a Data Security and Privacy NightmareCanadian Food Retail Giant Sobeys Hit by Black Basta RansomwareMerced College (CA) Knocked Offline in Apparent Malware AttackRoyal Mail Down: Tracking Unavailable as Outage Exceeds 24 HoursNew Extortion Scam Threatens to Damage Sites’ Reputation, Leak DataMalicious Google Play Store App Spotted Distributing Xenomorph Banking TrojanMultiple High-Severity Flaws Affect Widely Used OpenLiteSpeed Web Server SoftwareAndroid Phone Owner Accidentally Finds a Way to Bypass Lock ScreenMicrosoft Defender Network Protection Generally Available on iOS, Android
11/10/2022 November 11, 2022November 11, 2022 ~ The Cyber Beat ~ Leave a comment Russian Military Hackers Linked to Ransomware Attacks in Ukraine…Russia’s Sway Over Criminal Ransomware Gangs Is Coming Into Focus…Russian LockBit Ransomware Operator Arrested in CanadaKaspersky to Kill Its VPN Service in Russia Next WeekUkraine Arrests Fraud Ring Members Who Made €200 Million per YearApple Limits AirDrop in China After Its Use in ProtestsKrebs: Lawsuit Seeks Food Benefits Stolen By SkimmersTwitter Turmoil WorsensMajority of Security Managers Lack Threat Intelligence SkillsHacker Rewarded $70,000 for Finding Way to Bypass Google Pixel Phones’ Lock ScreensIs Cybersecurity Awareness Month Anything More Than PR?Flashpoint Releases Ransomware Prediction Model for VulnerabilitiesPupils’ Data Spread Online in Hereford School Cyber AttackPetersen International Underwriters (CA) Reports Data Breach United Veterinary Care (FL) Sends Data Breach LetterSalud Family Health (CO) Reports Data Breach Following Apparent CyberattackU.S. Health Dept Warns of Venus Ransomware Targeting Healthcare OrgsPhishing Drops IceXLoader Malware on Thousands of Home, Corporate DevicesFBI Warns Scammers Now Impersonate Refund Payment PortalsResearchers Uncover PyPI Package Hiding Malicious Code Behind Image FileWorok Hackers Hide New Malware in PNGs Using SteganographyMicrosoft Fixes MoTW Zero-Day Used to Drop Malware via ISO Files
11/9/2022 November 9, 2022November 9, 2022 ~ The Cyber Beat ~ Leave a comment A ‘Handful’ of State Election Websites Hit With Cyberattacks, CISA Official Says…Mississippi Officials Unable to Confirm Actors Behind Election Websites CyberattackRussia-Linked APT29 Exploited a Windows Feature to Compromise European Diplomatic Entity NetworkNew Chinese Hacking Group Uses Custom ‘Symatic’ Cobalt Strike LoadersSpyware Scandals Prompt Multiple Calls for Further Bans in EuropeWells Fargo, Zelle Slammed by Liz Warren Over Rampant Online Banking FraudHow to Avoid Getting Duped by Medicare Scammers During Open EnrollmentHow to Prepare for the End of Card PaymentsThe Ubertooth One Lets You Take a Bite Out of BluetoothIBM Unveils New Chip in Push to Realize Quantum Computing’s PromiseCouple Sentenced to Prison for Trying to Sell Nuclear Warship SecretsMedibank Warns Customers Their Data Was Leaked by Ransomware GangTransUnion Confirms Recent Data BreachCamping World and Good Sam Announce Data Breach That Leaked Consumer InfoCyber Attack on an Orange Debt Collection Provider in Spain Exposes Sensitive Data15,000 Sites Hacked for Massive Google SEO Poisoning CampaignSeveral Cyber Attacks Observed Leveraging IPFS Decentralized NetworkExperts Warn of Browser Extensions Spying On Users via Cloud9 Chrome Botnet NetworkNew StrelaStealer Malware Steals Your Outlook, Thunderbird AccountsHigh-Risk Vulnerability Found in ABB’s Flow ComputersLenovo Fixes Flaws That Can Be Used to Disable UEFI Secure BootKrebs: Patch Tuesday, November 2022 Election Edition
11/8/2022 November 8, 2022November 8, 2022 ~ The Cyber Beat ~ Leave a comment Ukrainian Hacktivists Claim to Leak Trove of Documents From Russia’s Central BankFBI: Russian Hacktivists Achieve Only ‘Limited’ DDoS SuccessNorth Korea Attempted to Hack, Siphon Funds From an Israeli CompanyCyber Agency Remains Vigilant Despite Finding No ‘Credible Threats’ to Election…Cyberattacks That Slowed Champaign County (IL) Election Day Voting Process ‘Resolved’TrustCor: A Tiny Company With a UPS Store Address Could Help the Gov’t Get Around Browser SecurityHighmark Health Finds Cybersecurity Staff in Tight Labor MarketInsider Risk on the Rise: 12% of Employees Take IP When Leaving JobsInfluencer ‘Hushpuppi’ Gets 11 Years in Prison for Cyber FraudOver Thirty Arkansas Counties Impacted by Cyber AttackShangri-la Hotel Data Breach Likely Had ‘Minimal’ Impact at Singapore Ministerial SummitAmadey Bot Spotted Deploying LockBit 3.0 Ransomware on Hacked MachinesMalicious Extension Lets Attackers Control Google Chrome RemotelyCitrix Urges Admins to Patch Critical ADC, Gateway Auth BypassVMware Fixes Three Critical Auth Bypass Bugs in Remote Access ToolMicrosoft November 2022 Patch Tuesday Fixes 6 Exploited Zero-Days, 68 Flaws…Microsoft Fixes ProxyNotShell Exchange Zero-Days Exploited in Attacks
11/7/2022 November 7, 2022November 7, 2022 ~ The Cyber Beat ~ Leave a comment Ukraine Looks to Technology to Help Rebuild Its Economy Amid Russia’s OnslaughtJapan Joins Key NATO Cyber AgencyThis Hidden Facebook Tool Lets Users Remove Their Email or Phone Number Shared by OthersMicrosoft Hits the Switch on Password-Free Smartphone AuthenticationExperts Find URLScan Security Scanner Inadvertently Leaks Sensitive URLs and DataStolen $3BN Bitcoin Mystery Ends With Popcorn Tin DiscoveryMaple Leaf Foods Suffers Outage Following Weekend CyberattackMedibank Refuses to Pay Ransom After Data Breach…Ransomware Gang Threatens to Release Stolen Medibank DataMorrison Products Reports Data Breach, Leaking Victims’ Social Security NumbersAlinsco Managing General Agency Files Report of Data BreachAzov Ransomware Is a Wiper, Destroying Data 666 Bytes at a Time
11/4-6/2022 November 6, 2022November 6, 2022 ~ The Cyber Beat ~ Leave a comment Here’s How Lawmakers Are Tackling Rising Cyber Threats in the Health SectorRed Cross Wants Digital Symbols to Deter Hackers From Healthcare InstitutionsBritish Gov’t Is Scanning All Internet Devices Hosted in UKUK Gov’t Data Breach for Millions of Children Ruled UnlawfulCISA Warns of Critical Vulnerabilities in 3 Industrial Control System SoftwareTwitter Slashes Nearly Half Its Workforce as Musk Admits ‘Massive Drop’ in Revenue…Twitter Cut 15 Percent of Its Trust and Safety Staff but Says It Won’t Impact Moderation…Civil Rights Groups Slam Musk’s Mass Twitter Layoffs, Urge Companies to Pause Ads…Former Twitter Chief Jack Dorsey Issues Apology Amid Mass Layoffs: “I Grew the Company Too Quickly”As Twitter Brings on $8 Fee, Phishing Emails Target Verified AccountsKrebs: LinkedIn Adds Verified Emails, Profile Creation DatesNational Guard to Offer Midterm Elections Cybersecurity HelpResearchers Detail New Malware Campaign Targeting Indian Government EmployeesFBI: Hacktivist Ddos Attacks Had Minor Impact on Critical OrgsNorman Public Schools (OK) Experiencing Malicious Ransomware AttackOakBend Medical Center Provides Healthcare Data Breach NoticeGala Games Debunk Rumors Of Alleged Hack After Token PlungesRobin Banks Phishing Service Returns to Steal Banking AccountsMicrosoft Warns of Uptick in Hackers Leveraging Publicly-Disclosed 0-Day VulnerabilitiesSolarWinds Reaches $26M Settlement With Shareholders, Expects SEC ActionMicrosoft Sued for Open-Source Piracy Through Github Copilot
11/3/2022 November 3, 2022November 3, 2022 ~ The Cyber Beat ~ Leave a comment RomCom Weaponized KeePass and SolarWinds Instances to Target Ukraine, Maybe UKCyber Threat Landscape Shaped by Ukraine Conflict, ENISA Report RevealsTikTok Confirms Chinese Staff Can Access UK and EU User DataCongressional Report Finds Health Care Sector ‘Uniquely Vulnerable’ to Cyber AttacksNew Crimson Kingsnake Gang Impersonates Law Firms in BEC AttacksResearchers Find Links b/w Black Basta Ransomware and FIN7 HackersOPERA1ER APT Hackers Targeted Dozens of Financial Organizations in AfricaSoccer Fans, You’re Being WatchedZurich and Mondelez Reach NotPetya Settlement, but Cyber-Risk May IncreaseEconomic Uncertainty Isn’t Stopping Cybercrime Recruitment — It’s Fueling ItOPERA1ER Hackers Steal Over $11 Million From Banks and TelcosLockBit Ransomware Claims Attack on Continental Automotive GiantRoyal Mail Customer Data Leak Shutters Online Click and DropCyber Incident at Boeing Subsidiary Jeppesen Causes Flight Planning DisruptionsDSB Danish Train Standstill on Saturday Caused by Cyber AttackEthos Group Confirms Recent Data BreachThree Rivers Provider Network Confirms Data Breach Impacting Victims’ SSNsNorth Idaho College Recovering From Cyberattack That Led to Network ShutdownSt. Luke’s Health (TX) Suffers Third-Party Data Breach, Unrelated to CommonSpirit AttackNew Clipboard Hijacker ‘Laplas Clipper’ Replaces Crypto Wallet Addresses With Lookalikes
11/2/2022 November 3, 2022November 3, 2022 ~ The Cyber Beat ~ Leave a comment EU Expands Cyber Rules for Airline Flight SafetyU.S. Treasury Thwarts DDoS Attack From Russian Killnet GroupCyber-Attacks on Small Firms: The U.S. Economy’s ‘Achilles Heel’?Mobile Phishing Attacks on Government Staff Soar…U.S. Gov’t Employees Exposed to Mobile Attacks From Outdated Android, iOSTwitter Verified Status Users Flooded with ScamsFrench Defense Firm Thales Denies Ransomware Attack After Leak Site PostingRust: The ‘Viral’ Secure Programming Language That’s Taking Over TechThe Flipper Zero Is a Swiss Army Knife of AntennasU.S. Hacker Group Indicted For Million-Dollar RICO ConspiracyVitali Kremez Found Dead After Apparent Scuba Diving AccidentVodafone Italy Discloses Data Breach After Reseller HackedAustralian Real Estate Agency Harcourts Reveals Names, Addresses Possibly Compromised in AttackAlma Radio Telescope in Chile Taken Down by Cyber AttackCrypto Exchange Deribit Loses $28 Million in a HackMulti-Color Corporation Reports Data Breach Affecting Sensitive Employee and Dependent InfoCorrectCare Integrated Health Announces Data Breach Impacting Individuals IncarceratedHundreds of U.S. News Sites Push Malware in Supply-Chain AttackDozens of PyPI Packages Caught Dropping ‘W4SP’ Info-Stealing MalwareEmotet Botnet Starts Blasting Malware Again After 5 Month BreakMultiple Vulnerabilities Reported in Checkmk IT Infrastructure Monitoring Software
11/1/2022 November 1, 2022November 1, 2022 ~ The Cyber Beat ~ Leave a comment U.S. Treasury Thwarted Attack by Russian Hacker Group Last Month-OfficialChina-Backed APT10 Supercharges Spy Game With Custom Fileless BackdoorSenior Cyber Official: Disinfo Campaigns a ‘Significant Concern’ Ahead of MidtermsCISA Publishes Multi-Factor Authentication Guidelines to Tackle PhishingGovernment by Gmail Catches up With UK Minister… Who Is Reappointed AnywayU.S. Banks Report More Than $1 Billion in Potential Ransomware Payments in 2021Krebs: Accused ‘Raccoon’ Malware Developer Fled Ukraine After Russian InvasionRussian Hacker Behind Massive Data Breach Released From U.S. PrisonLayoffs Mount as Cybersecurity Vendors Hunker DownNearly a Third of Cybersecurity Leaders Considering QuittingNon-Traditional Applicants Could Be Answer to Cyber Talent ShortageOsaka Hospital Halts Services After Ransomware AttackThomson Reuters Database Leak Exposed 3TB of Sensitive Platform and Customer DataFrance’s Defence Group Thales Says Hackers Claim to Have Stolen DataDropbox Discloses Breach After Hacker Stole 130 Github RepositoriesFlambeau (WI) Reports Data Breach Impacting 10,447 IndividualsPinnacle Claims Management (CA) Files Notice of Data BreachGoogle Ad for GIMP.org Served Info-Stealing Malware via Lookalike SiteNew SandStrike Spyware Infects Android Devices via Malicious VPN AppMalicious Android Apps With 1M+ Installs Found on Google PlayResearchers Disclose Details of Critical ‘CosMiss’ RCE Flaw Affecting Azure Cosmos DBOpenSSL 3 Patch, Once Heartbleed-Level “Critical,” Arrives as a Lesser “High”