12/29/2022 December 29, 2022December 29, 2022 ~ The Cyber Beat ~ Leave a comment Geopolitical Tensions Expected to Further Impact Cybersecurity in 2023Cyberwar in Ukraine, Ransomware Fears Drive 2022 Surge in Demand for Threat Intelligence ToolsThe Worst Hacks of 20223 Industries, 3 Security ProgramsGoogle Home Speakers Allowed Hackers to Snoop on ConversationsUkraine Shuts Down Fraudulent Call Center Claiming 18,000 VictimsCrypto Platform 3Commas Admits Hackers Stole API KeysIndustrial Bank Files Notice of Data Breach, Leaking Consumers SSNs and Financial Account InfoFoundCare (FL) Files Notice of Data Breach Affecting Over 14k PatientsCyber Attack Impacting Real Estate Matters at Florence County (SC) Register of Deeds OfficeNetgear Warns Users to Patch Recently Fixed WiFi Router Bug
12/28/2022 December 28, 2022December 28, 2022 ~ The Cyber Beat ~ Leave a comment Russia’s Cyberwar Foreshadowed Deadly Attacks on CiviliansU.S. House Boots TikTok From Government PhonesThe LastPass Disclosure of Leaked Password Vaults Is Being Torn Apart by Security Experts…Yes, It’s Time to Ditch LastPassThe Benefits and Risks of Using a Password Manager to Protect Your Online IdentityIt’s the End of Programming as We Know It — AgainSmart Toys Are Definitely Still Hackable (We Just Don’t Talk About It)Cybersecurity Trends, Lessons & Reflections from the End of 2022Royal Ransomware Claims Attack on Intrado Telecom ProviderRansomware Attack at Lake Charles Memorial Health (LA) Impacts 270,000 PatientsAPT Hackers Turn to Malicious Excel Add-ins as Initial Intrusion VectorHackers Abuse Google Ads to Spread Malware in Legit SoftwareNintendo Patches a Security Vulnerability That Could Give Hackers “Full Console Takeover”Thousands of Citrix Servers Vulnerable to Patched Critical FlawsWhy Cyber Pros and Forensic Accountants Should Work Together to Mitigate Security Risk
12/27/2022 December 27, 2022December 27, 2022 ~ The Cyber Beat ~ Leave a comment Hacktivism Is Back and Messier Than EverNorth Korean ‘Lazarus’ ‘BlueNoroff’ APT Hackers Using New Ways to Bypass Windows MotW ProtectionInternet AppSec Remains Abysmal & Requires Sustained Action in 2023It’s All in the (Lack Of) Details: 2022’s Badly Handled BreachesU.S. Probe: $372 Million Vanished After FTX BankruptcyHackers Stole Data From Multiple Electric Utilities in Sargent & Lundy Ransomware AttackBTC.com Lost $3 Million Worth of Cryptocurrency in CyberattackLouisiana Health System Alerts Patients of Possible Data BreachEarSpy Attack Eavesdrops on Android Phones via Motion Sensors
12/26/2022 December 26, 2022December 26, 2022 ~ The Cyber Beat ~ Leave a comment TikTok Security Dilemma Revives Biden Admin Push for U.S. ControlNorth Korean Hackers Targeted Nearly 1,000 South Korean Foreign Policy ExpertsThe Most Dangerous People on the Internet in 2022: Who Made the List?Hacker Claims to Be Selling Twitter Data of 400 Million UsersBitKeep Wallet Suffers Second Hack Since October, $8 Million Stolen via Infected APKsGuLoader Malware Utilizing New Techniques to Evade Security Software
12/23-25/2022 December 25, 2022December 25, 2022 ~ The Cyber Beat ~ Leave a comment Businesses Hope for Legal Clarity on Trans-Atlantic Data Privacy in 2023President Biden Signs Quantum Cybersecurity Preparedness Act into LawUsers Report Google Calendar Bug Creating Random, Fake EventsEveryone Is Using Google Photos WrongMassive Twitter Data Leak Investigated by EU Privacy WatchdogMeta Agrees to Pay $725 Million to Settle Lawsuit Over Cambridge Analytica Data LeakHow Big Tech Fought Antitrust Reform — And WonTikTok’s Parent Company Admits Using the Platform’s Data to Track JournalistsW4SP Stealer Discovered in Multiple PyPI Packages Under Various NamesNew ‘RisePro’ Info-Stealer Malware Infects Software Pirates via Fake Cracks SitesResearchers Warn of Kavach 2FA Phishing Attacks Targeting Indian Govt. OfficialsHackers Exploit Bug in WordPress Gift Card Plugin With 50K InstallsGhost CMS Vulnerable to Critical Authentication Bypass Flaw
12/22/2022 December 22, 2022December 22, 2022 ~ The Cyber Beat ~ Leave a comment Hands On With Flipper Zero, the Hacker Tool Blowing Up on TikTokElon Musk Actively Searching for a New Twitter CEO, Sources SayFCC Calls for Mega $300 Million Fine for Massive U.S. Robocall CampaignUK Government Says That Sharing Some Passwords is IllegalCritical Security Flaw Reported in Passwordstate Enterprise Password ManagerLastPass: Hackers Stole Customer Vault Data in Cloud Storage BreachBrave Launches FrodoPIR, a Privacy-Focused Database Query SystemDuckDuckGo Now Blocks Google Sign-in Pop-Ups on All SitesComcast Xfinity Accounts Hacked in Widespread 2FA Bypass AttacksQueensland University of Technology Shuts IT Systems After Ransomware AttackChinese Electric Automaker Nio Hit by Ransomware AttackKentuckianaWorks Notifying Over 100 People of Possible Data BreachSuffolk County (NY) Leaders Blame Clerk’s Office for CyberattackFIN7 Cybercrime Syndicate Emerges as Major Player in Ransomware LandscapeVice Society Ransomware Gang Switches to New Custom EncryptorGoogle WordPress Plug-in Bug Allows AWS Metadata TheftCorporate Tech Leaders Untangle Their Cybersecurity Roles
12/21/2022 December 22, 2022December 22, 2022 ~ The Cyber Beat ~ 1 Comment Biden Meets With Zelensky, Pledges Continued U.S. Support for UkraineUkraine’s Cyber Units Aim to Retain Staff, Keep Services Stable as War Enters Year TwoWhite House Cyber Czar Chris Inglis to ResignNASA Infosec Again Falls Short of Required U.S. Government StandardIran’s Internet Blackouts Are Sabotaging Its Own EconomyEufy Publicly Acknowledges Some Parts of Its “No Clouds” ControversyKrebs: The Equifax Breach Settlement Offer is Real, For NowCybersecurity Firms Cut Staff as Fears About Economy, Funding MountU.S. Most Impacted by Data Breaches in the Financial Industry in 2022Corsair Keyboard Bug Makes It Type on Its Own, No Malware InvolvedGuardian: Guardian Hit by Serious It Incident Believed to Be Ransomware Attack…Breaks News of Ransomware Attack on ItselfOkta’s Source Code Stolen After GitHub Repositories HackedSports Betting Operator BetMGM Hit By Data Breach, Exposing Customer InfoHartnell Community College District (CA) Files Notice of Data BreachGodfather Trojan Targets 400 Financial Services Firms Since July 2021FBI Warns of Search Engine Ads Pushing Malware, PhishingZerobot Malware Now Spreads by Exploiting Apache VulnerabilitiesRansomware Hackers Using New Way to Bypass MS Exchange ProxyNotShell MitigationsMicrosoft Fixes Hyper-V VM Problem Caused by Patch Tuesday
12/20/2022 December 21, 2022December 21, 2022 ~ The Cyber Beat ~ Leave a comment Big Tech Bills Left Out of Sweeping Government Spending BillRussian APT Hackers Targeted Petroleum Refinery in NATO Country During Ukraine WarRaspberry Robin Worm Drops Fake Malware to Confuse ResearchersKmsdBot Botnet Suspected of Being Used as DDoS-for-Hire ServiceVirusTotal Cheat Sheet Makes It Easy to Search for Specific ResultsKrebs: Hacked Ring Cams Used to Record Swatting VictimsTwo New York Men Arrested for Conspiring With Russians to Hack JFK Taxi SystemMicrosoft Will Turn off Exchange Online Basic Auth in JanuaryCybersecurity is a Team Sport – Avoid the ‘Us and Them’ CultureThe Importance Of Putting Employees At The Center Of A Security Strategy2023 Cybersecurity Forecasts: Zero Trust, Cloud Security Will Top SpendingCybercriminals Launch New BrasDex Android Trojan Targeting Brazilian Banking UsersPlay Ransomware Gang Uses New Microsoft Exchange Exploit to Breach ServersCyber Attack Affects Phones, Website at Toronto’s SickKids HospitalRansomware Hackers Take Demands Directly to Knox College Students: ‘for You, It’s a Sad Day’Personal Info of 37,000 People Exposed in Whitehall (OH) Ransomware Data BreachP2 Energy Solutions (CO) Data Breach Leaks Social Security Numbers of 69K ConsumersOrder Express (IL) Reports Data Breach Affecting the Info of Over 63k ConsumersGoogle Ad Fraud Campaign Used Adult Content to Make MillionsHackers Bombard PyPi Platform With Information-Stealing MalwareMcGraw Hill’s S3 Buckets Exposed 100,000 Students’ Grades and Personal InfoOrganizations Warned of New Attack Vector in Amazon Web Services
12/19/2022 December 20, 2022December 20, 2022 ~ The Cyber Beat ~ Leave a comment Ukraine’s DELTA Military System Users Targeted by Info-Stealing MalwareThe Risk of Escalation From Cyberattacks Has Never Been GreaterRansomware Groups to Increase Zero-Day Exploit-Based Access Methods in the FutureMeta Takes Down Over 200 Covert Influence Operations Since 2017FBI Pressured Twitter, Sent Trove of Docs Hours Before Post Broke Hunter Laptop StoryMost in Musk’s Twitter Poll Say He Should Step Down as CEO‘Fortnite’ Video Game Developer Paying $520M to Resolve FTC AllegationsDraftKings Warns Data of 67K People Was Exposed in Account HacksPlay Ransomware Claims Attack on German Hotel Chain H-HotelsLouise W. Eggleston Center (VA) Reports Data Breach Following Ransomware AttackResearchers Discover Malicious PyPI Package Posing as SentinelOne SDK to Steal DataMicrosoft Finds macOS Bug That Lets Malware Bypass Security ChecksCritical Windows Code-Execution Vulnerability Went Undetected Until NowBig Challenges And Opportunities: Where’s Cybersecurity Heading In 2023?
12/16-18/2022 December 19, 2022December 19, 2022 ~ The Cyber Beat ~ Leave a comment An Alleged Russian Smuggling Ring Was Uncovered in New HampshireThe FBI Is Worried About a Wave of Cyber Crime Against America’s Small BusinessesFBI Warns BEC Attacks Now Also Target Food ShipmentsAnker’s Eufy Deleted These 10 Privacy Promises Instead of Answering Our QuestionsSoccer Technology Raises Privacy Risks for PlayersGoogle Introduces End-To-End Encryption for Gmail on the WebGoodbye SHA-1: NIST Retires 27-Year-Old Widely Used Cryptographic AlgorithmAnnoying CAPTCHA Is Still Big for Google and E-commerce in Bot Battle, and Likely to Stay That WayFormer Twitter Employee Gets 42 Months for Saudi SchemeWoman Gets 66 Months in Prison for Role in $3.3 Million ID Fraud OpT-Mobile Hacker Gets 10 Years for $25 Million Phone Unlock SchemeColombian Energy Supplier EPM Hit by BlackCat Ransomware AttackRestaurant CRM Platform ‘SevenRooms’ Confirms Breach After Data for Sale254,000 Medicare Beneficiaries Are Getting New ID Cards Due to Data Breach at SubcontractorData Breach Exposing Patron Information at Rochester Public Library (MN)Glupteba Malware Is Back in Action After Google DisruptionAgenda Ransomware Switches to Rust to Attack Critical InfrastructureMicrosoft Warns of New Minecraft DDoS Malware Infecting Windows, LinuxSamba Issues Security Updates to Patch Multiple High-Severity VulnerabilitiesLive From London: Next-Gen Cybersecurity Takes Stage at Black Hat EuropeSecurity Professionals Advise On How To Improve The Security Operations Center
12/15/2022 December 16, 2022December 16, 2022 ~ The Cyber Beat ~ Leave a comment GPS Signals Are Being Disrupted in Russian CitiesUkrainian Gov’t Networks Breached via Trojanized Windows 10 InstallersResearchers Uncover MirrorFace Cyber Attacks Targeting Japanese Political EntitiesSenate Passes Bill Banning TikTok From Government DevicesInstagram Launches New Tool to Help Hacked Users Regain Account AccessMeta’s Tricky Quest to Protect Your AccountWyden Urges FTC Probe Into ‘Sensitive Internet Metadata’ Sold to U.S. GovernmentTechnology Executives Signal Spending in 2023 Even as the Sector Goes Through Massive LayoffsGitHub to Require All Users to Enable 2FA by the End of 2023GitHub Rolls Out Free Secret Scanning for All Public RepositoriesTop Cybersecurity Predictions 2023Data Destruction Policies in the Age of Cloud Computing: Adjust to RealityFuboTV Hit With Cyberattack During World Cup Semifinal MatchSocial Blade Confirms Breach After Hacker Posts Stolen User DataAvem Health Partners (OK) Files Data Breach Stemming from Incident at 365 Data CentersLakeside Software (MI) Data Breach After Incident Results in Leaked SSNsHope College (MI) Warns of Potential Data BreachPotential Cyber Attack Hits Victoria’s Peak (Australia) Fire Response AgencyLego Bricklink Bugs Let Hackers Hijack Accounts, Breach ServersPhishing Attack Uses Facebook Posts to Evade Email SecurityLoan Scam Campaign ‘MoneyMonger’ Exploits Flutter to Hide MalwareMicrosoft Reclassifies SPNEGO Extended Negotiation Security Vulnerability as ‘Critical’Microsoft Removes Windows 11 Update Block for PCs With Gaming Issues
12/14/2022 December 15, 2022December 15, 2022 ~ The Cyber Beat ~ Leave a comment Lawmakers Introduce Bill to Ban TikTok in U.S.Krebs: FBI’s Vetted Info Sharing Network ‘InfraGard’ HackedLoan Fee Fraud Surges by a Fifth as Christmas ApproachesA New Lawsuit Accuses Meta of Inflaming Civil War in EthiopiaNew Lawsuit Accuses Meta of Inflaming Ethiopia Civil WarSeven Smuggled U.S. Military Tech for Moscow, Say FedsKrebs: Six Charged in Mass Takedown of DDoS-for-Hire SitesTech Group Sues California Over Kids’ Online Safety LawOECD Countries Finalize Framework to Limit Government Access to Citizen Personal DataNSA Shares Tips on Mitigating 5G Network Slicing ThreatsOpen-Source Repositories Flooded by 144,000 Phishing PackagesKaye-Smith Announces Data Breach Potentially Affecting MultiCare PatientsNorth Star Leasing (VT), a Division of Peoples Bank, Provides Data Breach Notice‘Third-Party Incident’ Impacted Gemini With 5.7 Million Emails LeakedAttackers Use SVG Files to Smuggle QBot Malware Onto Windows SystemsVMware Releases Fixes for Critical ESXi and vRealize Security FlawsKrebs: Microsoft Patch Tuesday, December 2022 Edition10 Ways Any Company Can Tighten Up Their Cybersecurity Efforts For The New Year
12/13/2022 December 13, 2022December 13, 2022 ~ The Cyber Beat ~ Leave a comment Putin to Choose Cyber Warfare Before Nuclear Weapons, Former NSA Chief SaysHackers Planted Files to Frame an Indian Priest Who Died in CustodyExperts Warn AI ChatGPT Could Democratize CybercrimeGoogle Launches Largest Distributed Database of Open Source VulnerabilitiesCuba Ransomware Gang Abused Microsoft Certificates to Sign MalwareFor Congress to Confront Cybersecurity, Reps Push to Ramp up Cyber LiteracyCybersecurity in Space: The Out Of-This-World Challenges Ahead2022 In Review: A Super Duper Eventful Cybersecurity YearOne Brooklyn Health Battling Cyber Attack That Forced Some Critical Services OfflineTPG Telecom Says up to 15,000 Email Accounts of Business Customers HackedNew Gotrim Botnet Brute Forces WordPress Site Admin AccountsCybersecurity Experts Uncover Inner Workings of Destructive Azov RansomwareHackers Exploit Critical Citrix ADC and Gateway Zero Day, Patch NowAmazon ECR Public Gallery Flaw Could Have Wiped or Poisoned Any ImageApple Fixes New Webkit Zero-Day Used in Attacks Against iPhonesMicrosoft December 2022 Patch Tuesday Fixes 2 Zero-Days, 49 Flaws
12/12/2022 December 13, 2022December 13, 2022 ~ The Cyber Beat ~ Leave a comment How the U.S. Has Helped Counter Destructive Russian Cyberattacks Amid Ukraine WarEuropean Electricity Sector Lacks Cyber Experts as Ukraine War Raises Hacking RisksNorth Korean ‘Kimsuky’ Hackers Impersonate Researchers to Steal IntelNow Utah Governor Orders TikTok Ban for State Government EmployeesNASA Chief: SpaceX Leader Says Elon Musk’s Twitter Drama Is ‘Nothing to Worry About’The New Space Race Will Drive Innovation: Here’s Where It Goes NextSurvey Says: IT Security Teams, Business Execs Still Not on Same PageCloudflare’s Zero Trust Suite Now Available for Free to At-Risk GroupsWhy You’ve Been Getting So Much Gmail Spam About Yeti CoolersJapan, Australia to Bolster Cyber-Defenses, Maybe Offensive Capacity TooReconciling International Breach Reporting Rules Could Prove ChallengingUK Arrests Five for Selling ‘Dodgy’ Point of Sale Software After Joint ProbeUber Suffers New Data Breach After Attack on Vendor, Info Leaked OnlineTwitter Confirms Recent User Data Leak Is From 2021 BreachCoinTracker Crypto Portfolio Software Suffers Data HackCalifornia Department of Finance Hit With Cybersecurity Threat, Investigation Underway…LockBit ClaimsPlay Ransomware Claims Attack on Belgium City of AntwerpCrane Worldwide Logistics Leaked Social Security Numbers Following Data BreachSan Gorgonio Memorial Hospital (CA) Compromised Patient Info After BreachChaos RAT Used to Enhance Linux Cryptomining AttacksNew Python Malware Backdoors VMware ESXi Servers for Remote AccessFortinet Says SSL-VPN Pre-Auth RCE Bug is Exploited in AttacksGoogle Adds Passkey Support to Chrome for Windows, macOS and AndroidEffective, Fast, and Unrecoverable: Wiper Malware Is Popping up Everywhere
12/9-11/2022 December 11, 2022December 11, 2022 ~ The Cyber Beat ~ Leave a comment Krebs: New Ransom Payment Schemes Target Executives, TelemedicineBEC Attacks Expand Beyond Email and Toward Mobile DevicesCritical Infrastructure: Attackers Keep Targeting the U.S. Electric GridNorth Carolina Power Grid Attack Exposes Vulnerabilities, Prompts Scrutiny of Other Recent AttacksA Year Later, That Brutal Log4j Vulnerability Is Still LurkingActivists Respond to Apple Choosing Encryption Over Invasive Image Scanning PlansAdvocacy Groups Make Last-Ditch Plea to Schumer for Vote on Antitrust BillsLinkedIn Has a Fake Account Problem It’s Trying to Fix: Real Users Are Part of the SolutionMadoff Prosecutor: ‘Highly Unusual’ for Sam Bankman-Fried to Be Speaking PubliclyHuawei Licenses 5G Patents to Rival as U.S. Sanctions Force the Chinese Giant to Seek New RevenueTennessee Latest State to Block TikTok Access on Government Networks, Citing CybersecurityAustralia Arrests ‘Pig Butchering’ Suspects for Stealing $100 MillionHack-for-Hire Group ‘Evilnum’ Targets Travel and Financial Entities with New Janicab Malware VariantShows Will Go On at Met Opera Despite Cyber-Attack That Crashed NetworkCobalt Mirage Affiliate Uses GitHub to Relay Drokbk Malware InstructionsTruebot Malware Activity Increases With Possible Evil Corp ConnectionsInformation of 360,000 People Affected in Ontario Vaccine Data BreachAustralia’s Telstra Suffers Privacy Breach, 132,000 Customers ImpactedRackspace Warns of Phishing Risks Following Ransomware AttackAntivirus and EDR Solutions Tricked Into Acting as Data WipersResearchers Detail New Attack Method to Bypass Popular Web Application FirewallsSamsung Galaxy S22 Hacked in 55 Seconds on Pwn2Own Day 3…Hackers Earn $989,750 For 63 Zero-Days Exploited At Pwn2Own Toronto43 Trillion Security Data Points Illuminate Our Most Pressing Threats
12/8/2022 December 8, 2022December 8, 2022 ~ The Cyber Beat ~ Leave a comment U.S. Health Dept Warns of Royal Ransomware Targeting HealthcareCOVID-bit: New COVert Channel to Exfiltrate Data from Air-Gapped ComputersFTC Sues to Block Microsoft’s Acquisition of Gaming Company ActivisionPet Dog Unmasks Drug Trafficker on Encrypted ChatAutomated Dark Web Markets Sell Corporate Email Accounts for $2Researchers Uncover Darknet Service ‘Zombinder’ Allowing Hackers to Trojonize Legit Android AppsSamsung Galaxy S22 Hacked Again on Second Day of Pwn2OwnGoogle: How Android’s Private Compute Core Protects Your DataTor Browser 12.0 Brings Apple Silicon Support, Android EnhancementsIranian ‘MuddyWater’ Hacked Corporate Email Accounts Used to Send MSP Remote Access ToolPopular HR and Payroll Company Sequoia Discloses a Data BreachCommonSpirit Health Ransomware Attack Exposed Data of 623,000 PatientsSuncoast Skin Solutions (FL) Announces Data Breach Following Apparent Ransomware AttackAcuity Brands (GA) Data Breach Impacts More than 37k Employees’ Sensitive InformationBlack, Gould & Associates (AZ) Notifies Over 42,000 Consumers of Recent Data BreachMaryland Senior Living Community Announces Data Security BreachCisco Discloses High-Severity IP Phone Bug With Exploit Code(ISC)² Recruits 110,000 People
12/7/2022 December 8, 2022December 8, 2022 ~ The Cyber Beat ~ Leave a comment Russian Hackers ‘Blue Callisto’ (aka TAG-53) Spotted Targeting U.S. Military Weapons and Hardware SupplierChinese Hackers Using Russo-Ukrainian War Decoys to Target APAC and European EntitiesTaiwan Bans State-Owned Devices From Running Chinese Platform TikTok…Nebraska, South Dakota, South Carolina, Maryland…Indiana SuesGoogle Discovered North Korea Exploiting an Internet Explorer Zero-Day Vulnerability in OctoberApple Claims a New iMessage Can Alert You if State-Sponsored Spies Are EavesdroppingApple Announces Plans to Encrypt iCloud Backups…How to Enable End-To-End Encryption for Your iCloud BackupsProton’s Encrypted Cloud Storage Gets Dedicated Mobile AppsNow Telegram Users Don’t Need a Phone Number — They Can Buy a Fake One With CryptoApple Kills Its Plan to Scan Your Photos for CSAM: Here’s What’s NextScammers Are Scamming Other Scammers Out of Millions of DollarsSan Francisco Terminates Explosive Killer Cop Bots, Un-Backing DecisionCloudSEK Claims It Was Hacked by Another Cybersecurity Firm‘Group X’ Supply Chain Web Skimming Attacks Hit Dozens of SitesNew Go-Based Botnet ‘Zerobot’ Exploiting Exploiting Dozens of IoT Vulnerabilities to Expand its NetworkHackers Use New Fantasy Data Wiper in Coordinated Supply Chain AttackMicrosoft Warns Cryptocurrency Firms Against Complex Cyber-AttacksElon Musk’s Twitter Followers Targeted in Fake Crypto Giveaway ScamMacmillan Reports Data Breach Leaking Consumers’ Social Security NumbersSuffolk University Reports Data Breach Impacting Thousands of Current and Former StudentsHealth Info of Nearly 9K Compromised in Rhode Island Department of Health Data BreachTe Whatu Ora (NZ) Loses Access to 14,000 Health Data Following CyberattackCryptosLabs ‘Pig Butchering’ Ring Stole up to $505 Million Since 2018Vice Society Ransomware Attackers Targeted Dozens of Schools in 2022Google: State Hackers Still Exploiting Internet Explorer Zero-Days
12/6/2022 December 6, 2022December 6, 2022 ~ The Cyber Beat ~ Leave a comment U.S. Intelligence Chief: Parents ‘Should Be’ Concerned for Kids’ Privacy on TikTokFacebook Parent’s Oversight Board Criticizes ‘Cross Check’ Program That Protects VIP UsersRussian Hackers Use Western Networks to Attack UkraineMicrosoft Warns of Russian Cyberattacks Throughout the WinterMicrosoft: Hackers Target Cryptocurrency Firms Over TelegramSwiss Government Wants to Implement Mandatory Duty to Report Cyber-AttacksSuspects Arrested for Hacking U.S. Networks to Steal Employee DataKrebs: Judge Orders U.S. Lawyer in Russian Botnet Case to Pay GoogleDarknet’s Largest Mobile Malware Marketplace Threatens Users WorldwideKmsdBot Botnet Is Down After Operator Sends Typo in CommandFixing The Cybersecurity Staff Shortage: It’s Not Going to Be EasyApplying the OODA Loop to Cybersecurity and Secure Access Service EdgeChinese Hackers Target Middle East Telecoms in Latest Cyber AttacksChina-Based Hackers Target Amnesty International CanadaMassive DDoS Attack Takes Russia’s Second-Largest Bank VTB OfflineAntwerp’s City Services Down After Hackers Attack Digital PartnerRansomware Gang Steals Employee and Customer Data From LJ HookerSnap Finance Files Notice of Data BreachLittle Rock Schools to Pay Hackers to End Ransomware AttackRackspace Confirms Ransomware Attack Behind Days-Long Email OutageOpen Source Ransomware Toolkit Cryptonite Turns Into Accidental Wiper MalwareKali Linux 2022.4 Adds 6 New Tools, Azure Images, And Desktop UpdatesAndroid December 2022 Security Updates Fix 81 VulnerabilitiesSamsung Galaxy S22 Hacked Twice on First Day of Pwn2Own Toronto
12/5/2022 December 6, 2022December 6, 2022 ~ The Cyber Beat ~ Leave a comment APT41 Hackers Linked to Chinese Government Stole Millions in COVID Benefits, Secret Service SaysGunfire at Electrical Grid Kills Power for 45,000 in North CarolinaSyntax Errors Are the Doom of Us All, Including Botnet AuthorsAdobe’s Postscript Programming Language Sparked a Revolution: Now You Can Check Out the Source CodeBig Tech and Its Critics Lash Out at Journalism MeasureCyber Extortion Growing Exponentially in Africa, Middle East and China, Finds OrangeSwiss Digital Giant ABB to Pay $315m in Bribery CaseSneaky Hackers Reverse Defense Mitigations When DetectedCybersecurity Should Focus On Managing Risk‘Team Mysterious Bangladesh’ Hackers Target Indian Education EntityIran-Backed APT42 Hackers Targeting Activists, Journalists, Politicians – HRWFrench Hospital Halts Operations After Cyber-AttackDallas Central Appraisal District Hack Still Causing Issues, Tax Bills May Be Delayed for ThousandsHackers Hijack Linux Devices Using PRoot Isolated FilesystemsSevere AMI MegaRAC Flaws Impact Servers From AMD, ARM, HPE, Dell, OthersCritical Ping Vulnerability Allows Remote Attackers to Take Over FreeBSD SystemsCISA Orders Agencies to Patch Exploited Google Chrome Bug by Dec 26th
12/2-4/2022 December 5, 2022December 5, 2022 ~ The Cyber Beat ~ Leave a comment Never-Before-Seen ‘CryWiper’ Malware Is Nuking Data in Russia’s Courts and Mayors’ OfficesSnowden Receives Russian Passport, Takes Citizenship OathNorth Korean ‘Lazarus’ Hackers Use New, Fake Crypto App ‘BloxHolder’ to Breach Networks, Steal CryptocurrencyElon Musk Suspends Ye From Twitter Following Swastika TweetGlobally Critical Chip ASML Firm Is Driving a Wedge Between the U.S. And Netherlands Over China Tech PolicyIndustry Coalition Urges Congress to Hold off on SBOMs Requirements for Defense ContractorsDHS Cyber Board to Examine Hacking Extortion Group Lapsus$Proton Calendar Rounds Out Security-Focused Big Tech Alternative on iOSGoogle Increases Android Security With Memory-Safe Programming LanguagesWhen Hackers Strike, CEOs Become Negotiators, CommunicatorsWatch Out: Triple-Pronged PayPal Phishing & Fraud ScamPolice Arrest 55 Members of ‘Black Panthers’ SIM Swap GangSIM Swapper Gets 18-Months for Involvement in $22 Million Crypto HeistRackspace Rocked by ‘Security Incident’ That Has Taken Out Hosted Exchange ServicesCyber Attack on Tamil Nadu Hospital, Hackers Sell Data of 1.5 Lakh PatientsFlorida Department of Revenue Tax Website Bug Exposed Filers’ DataSan Diego Unified School District Receives Cybersecurity ThreatHackers Use Archive Files and HTML Smuggling to Bypass Detection Tools‘Black Proxies’ Enable Threat Actors to Conduct Malicious ActivityHackers Sign Android Malware Apps with Compromised Platform CertificatesAndroid Malware Apps With 2 Million Installs Spotted on Google PlayCISA Warns of Multiple Critical Vulnerabilities Affecting Mitsubishi Electric PLCsResearchers Disclose Supply-Chain Flaw Affecting IBM Cloud Databases for PostgreSQLGoogle Rolls Out New Chrome Browser Update to Patch Yet Another High-Severity Zero-Day VulnerabilityWe Are Still Failing to Learn the Most Important Lesson in Cybersecurity: That Needs to Change, Fast
12/1/2022 December 1, 2022December 1, 2022 ~ The Cyber Beat ~ Leave a comment China Clamps Down on Internet as It Seeks to Stamp Out Covid ProtestsKrebs: ConnectWise Quietly Patches Flaw That Helps PhishersZuckerberg Slams Apple’s ‘Problematic’ App Store DominanceMusk Says ‘Misunderstanding’ About Potential Twitter Removal From App Store ResolvedYe, the Artist Formerly Known as Kanye West, to No Longer Buy ParlerWhatsApp Files on Dark Web Show Millions of Records For SaleRising Tether Loans Add Risk to Stablecoin, Crypto WorldNow 1Password Remembers Sites That Use Third-Party Accounts Like Google or Facebook to Log InThese File Types Are the Ones Most Commonly Used by Hackers to Hide Their MalwareOne Year After Log4Shell, Most Firms Are Still Exposed to AttackUK Extends NIS Regulations to IT Managed Service ProvidersHackers Leak Another Set of Medibank Customer Data on the Dark WebFBI: Cuba Ransomware Raked in $60 Million From Over 100 VictimsNew DuckLogs Malware Service Claims Having Thousands of ‘Customers’IKEA Confirms It Was Hit in Significant CyberattackDallam Hartley Counties Hospital District (TX) Reports Data Breach Affecting over 69,000 PatientsCyber Attack Hits North East London Foundation Trust Finance SystemsVatican Website Targeted With Multiple Hack Attempts, ‘Abnormal’ AccessNew Redigo Malware Drops Stealthy Backdoor on Redis ServersSpyware Vendor Variston Exploited N-Days in Chrome, Firefox, WindowsSchoolyard Bully Trojan Apps Stole Facebook Credentials from Over 300,000 Android UsersHyundai App Bugs Allowed Hackers to Remotely Unlock, Start Cars
11/30/2022 December 1, 2022December 1, 2022 ~ The Cyber Beat ~ Leave a comment Majority of U.S. Defense Contractors Not Meeting Basic Cybersecurity RequirementsNoem Orders TikTok Ban for South Dakota GovernmentChina-Based Hackers UNC4191 Target Southeast Asia With USB-Based MalwareCloudflare Finds a Way Through China’s Network DefencesNorth Korea Hackers Using New “Dolphin” Backdoor to Spy on South Korean TargetsReformed Russian Cybercriminal Warns That Hatred Spreads HacktivismGoogle Moves to Block Invasive Spanish Spyware FrameworkRansomware, SMBs Remain Key Security Concerns Amidst Focus on Critical InfrastructuresSingapore Releases Blueprint to Combat Ransomware AttacksCybersecurity Researchers Take Down DDoS Botnet by AccidentLastPass’ Latest Data Breach Exposed Some Customer InformationWhistleblower Reports of Lax Cybersecurity Expected to RiseAustralian Parliament Passes Privacy Penalty Bill: Up to $50M FinesSan Francisco Lawmakers Approve Lethal Robots, but They Can’t Carry GunsShares of CrowdStrike Fall After ‘Disappointing’ Earnings, Morgan Stanley Says Buy the DipTransUnion Class Action Claims Insecure Information Storage Led to Data BreachKeralty Ransomware Attack Impacts Colombia’s Health Care SystemGoTo Says Hackers Breached Its Dev Environment, Cloud StorageSouth Staffordshire (UK) Water Reveals Data HackMena Regional Health System (AR) Suffers Data Breach; 85K Patients ImpactedFrench Electricity Provider Fined for Storing Users’ Passwords with Weak MD5 AlgorithmIngalls & Snyder (NY) Files Notice of Data Breach Following Unauthorized Access to NetworkData Stolen in Ransomware Attack Against Guilford College (NC)Crafty Threat Actor ‘CashRewindo’ Uses ‘Aged’ Domains to Evade Security PlatformsAndroid and iOS Apps with 15 Million Installs Extort Loan SeekersGoogle Discovers Windows Exploit Framework Used to Deploy SpywareResearchers Find a Way Malicious NPM Libraries Can Evade Vulnerability DetectionSirius XM Flaw Unlocks So-Called Smart Cars Thanks to Code FlawCritical RCE Bugs in Android Remote Keyboard Apps With 2M InstallsHigh Severity Zero-Day Flaw Discovered in Quarkus Java FrameworkNew “Icefall” Bugs Include Critical DoS FlawNVIDIA Releases GPU Driver Update to Fix 29 Security Flaws