4/28-30/2023 April 30, 2023April 30, 2023 ~ The Cyber Beat ~ Leave a comment Chinese Hackers Outnumber FBI Cyber Staff 50 to 1, Bureau Director SaysTonto Team Uses Anti-Malware File to Launch Attacks on South Korean InstitutionsRussian APT28 Hackers Use Fake ‘Windows Update’ Guides to Target Ukrainian Gov’tThe DOJ Detected the SolarWinds Hack 6 Months Earlier Than First DisclosedKrebs: Many Public Salesforce Sites are Leaking Private DataHackers Are Breaking Into AT&T Email Accounts to Steal CryptocurrencyMan Gets Four Years for Stealing Bitcoins Seized by FedsKia and Hyundai Owners Now Face New Struggle: Getting Parts for Their Stolen CarsWorkers Are Secretly Using ChatGPT, AI and It Will Pose Big Risks for Tech LeadersItaly Restores ChatGPT After OpenAI Responds to RegulatorOnline Safety Bill Age Checks? We Won’t Do ‘Em, Says WikipediaI Cloned Myself With AI. She Fooled My Bank and My Family.Cold Storage Giant Americold Outage Caused by Network BreachUnitedHealthCare Warns Members’ Information Was Exposed in Data BreachCyber Attack at Bluefield University Leads to Postponed FinalsAttention Online Shoppers: Don’t Be Fooled by Their Sleek, Modern Looks — It’s Magecart!Investigation Into North Kingstown (RI) Ransomware Attack in Full SwingDiocese of Las Vegas Impacted by Data BreachViperSoftX InfoStealer Adopts Sophisticated Techniques to Avoid DetectionAndroid Apps Fail to Protect User Data During Device TransferHackers Target Vulnerable Veeam Backup Servers Exposed OnlineCISA Warns of Critical Flaws in Illumina’s DNA Sequencing InstrumentsZyxel Firewall Devices Vulnerable to Remote Code Execution Attacks — Patch NowApple, Google, and Microsoft Just Fixed Zero-Day Security Flaws
4/27/2023 April 27, 2023April 27, 2023 ~ The Cyber Beat ~ Leave a comment CISA’s Eric Goldstein on Bridging Public-Private Cyber GapsNSA Cybersecurity Director Says ‘Buckle Up’ for Generative AI(ISC)2 Urges Countries to Strengthen Collaboration on Cybersecurity RegulationAPT Groups Expand Reach to New Industries and GeographiesVietnamese Hackers Linked to ‘Malverposting’ CampaignPaperbug Attack: New Politically-Motivated Surveillance Campaign in TajikistanA Cyberattack Forced a Logistics Company to Temporarily Halt OperationsMicrosoft Is Busy Rewriting Core Windows Code in Memory-Safe RustGoogle Banned 173K Developer Accounts to Block Malware, Fraud RingsSANS Reveals Top 5 Most Dangerous Cyberattacks for 2023How Companies Can Ace Cybersecurity Training‘Anonymous Sudan’ Cyber Attack Targets Israel’s Supreme CourtCommScope Employees Left in the Dark After Ransomware AttackHarvard Pilgrim Systems Still Struggling After Ransomware CyberattackAspen Dental (FL) Latest Victim in Series of Cyberattacks on Healthcare ProvidersRansomware Attack Impacts Spartanburg County (SC) Computer NetworkHardenhuish School in Chippenham (UK) Hit by Cyber AttackMicrosoft Confirms PaperCut Servers Used to Deliver LockBit and Cl0p RansomwareLinux Version of RTM Locker Ransomware Targets VMware ESXi ServersNew Atomic macOS Info-Stealing Malware Targets 50 Crypto WalletsAndroid Minecraft Clones With 35M Downloads Infect Users With AdwareLimeRAT Malware Analysis: Extracting the Config
4/26/2023 April 26, 2023April 26, 2023 ~ The Cyber Beat ~ Leave a comment Evasive Panda’s Backdoor MgBot Delivered Via Chinese Software Updates…Tencent QQ Users Hacked in Mysterious Malware Attack, Says ESETAlloy Taurus Hackers Update PingPull Malware to Target Linux SystemsCharming Kitten’s New BellaCiao Malware Discovered in Multi-Country AttacksUkrainian Arrested for Selling Data of 300M People to RussiansDoJ, Treasury Accuses 3 Men of Laundering Crypto for North KoreaGoogle Disrupts the CryptBot Info-Stealing Malware OperationCyber Chiefs Forge Partnerships With Physical Security Units as Combined Threats GrowA U.S. Bill Would Ban Kids Under 13 From Joining Social MediaTinder Is Implementing Video Verification to Further Curb Creepy ScammersMicrosoft Probes Complaints of Edge Leaking Urls to BingHR Firm StaffScapes Discloses Data BreachAstral Brands Discloses Data BreachCyberattack Disrupts Lowell (MA) City Government, Shuts Down ComputersTruman State University (MO) Slowly Recovering From ‘Cybersecurity Virus Attack’Students’ Psychological Reports, Abuse Allegations Leaked by Minneapolis Schools Ransomware HackersApache Superset Vulnerability: Insecure Default Configuration Exposes Servers to RCE AttacksCisco Discloses XSS Zero-Day Flaw in Server Management ToolPrestaShop Fixes Bug That Lets Any Backend User Delete DatabasesCritical Flaw Patched in VMware Workstation and FusionGoogle will add End-to-End encryption to Google AuthenticatorEffects of the Hive Ransomware Group TakedownThere’s No Silver Bullet for Cybersecurity
4/25/2023 April 25, 2023April 25, 2023 ~ The Cyber Beat ~ Leave a comment Lazarus Subgroup Targeting Apple Devices with New RustBucket macOS MalwareIranian Hackers “Educated Manticore” Target Israel With New ToolsU.S. Sent Teams into Foreign Networks to Hunt SolarWinds, Microsoft HackersA Security Team Is Turning ‘Gootloader’ Malware Gang’s Tricks Against ItZero Trust for Zoom Calls: ChromeOS Getting Universal Microphone/Camera TogglesOpenAI Rolls Out ‘Incognito Mode’ on ChatGPTGoogle Authenticator Now Backs up Your 2FA Codes to the CloudPrince William Got ‘Very Large Sum’ in Phone Hack SettlementData Security Breach May Have Left Jewel-Osco Employees’ Information ExposedCIC Group Notifies Individuals of Recent Data BreachIMA Financial Group (KS) Files Notice of 2022 Data BreachPaperCut Says Hackers Are Exploiting ‘Critical’ Security Flaws in Unpatched ServersNew SLP Vulnerability Could Let Attackers Launch 2200x Powerful DDoS AttacksTP-Link Archer WiFi Router Flaw Exploited by Mirai MalwareVMware Fixes Critical Zero-Day Exploit Chain Used at Pwn2OwnWhen Companies Get Stuck In A Cybersecurity Loop
4/24/2023 April 24, 2023 ~ The Cyber Beat ~ Leave a comment 3CX Hackers Also Compromised Critical Infrastructure FirmsRussian Hackers Suspected in Ongoing Exploitation of Unpatched PaperCut ServersTomiris and Turla APT Groups Collaborate to Target Government EntitiesGoogle Debuts Cybersecurity-Focused AI SystemIntel Let Google Cloud Hack New Secure Chips and Found 10 BugsGoogle Authenticator Finally, Mercifully Adds Account Syncing for Two-Factor CodesVirusTotal Now Has an AI-Powered Malware Analysis FeatureCloud Complexity Means Bugs Are Missed in TestingScammers Impersonate Meta in Facebook Campaign With 3200 ProfilesIntel CPUs Vulnerable to New Transient Execution Side-Channel AttackAPC Warns of Critical Unauthenticated RCE Flaws in UPS SoftwareU.S. Navy Contractor Fincantieri Marine Group Hit by Cyber-attackYellow Pages Canada Confirms Cyber Attack as Black Basta Leaks DataSan Bernardino County Sheriff’s Office Struggling to Recover From ‘Malware’ IncidentAlbertsons Companies Files Notice of Data Breach Following Malware AttackGateway Casinos Confirms IT Outage Caused by a Ransomware CyberattackRobeson Health Care Corporation Reports Data Breach Affecting Over 15k IndividualsKuCoin’s Twitter Account Hacked to Promote Crypto ScamNaivas Confirms Cyber Attack on Systems by a Criminal OrganizationHacker Demands Ransom After ‘Taking Control’ of Wiltshire School’s ITMicrosoft 365 Search Outage Affects Outlook, Teams, and SharepointRansomware Hackers Using AuKill Tool to Disable EDR Software Using BYOVD Attack
4/21-23/2023 April 23, 2023April 23, 2023 ~ The Cyber Beat ~ Leave a comment European Air Traffic Control Confirms Website ‘Under Attack’ by Pro-Russia HackersRussian Mercenaries Sympathetic to Putin Target UK With Cyber Threats Over War in UkraineChina Developing Anti-Satellite WeaponsBiden’s Order Against Commercial Spyware Is ‘Upsetting the Market’Hacker Group Names Are Now Absurdly Out of ControlThe Car Thieves Using Tech Disguised Inside Old Nokia Phones and Bluetooth SpeakersKrebs: 3CX Breach Was a Double Supply Chain CompromiseNorth Korea’s Kimsuky APT Keeps Growing, Despite Public OutingMullvad VPN Maker Says Police Tried to Raid Its Offices but Couldn’t Find Any User DataChatGPT Won’t Take Over From Humans for Now, Says Infosys FounderGoogle Bard Can Now Help Write Software CodeWhen Apple Comes Calling, ‘It’s the Kiss of Death’American Bar Association Data Breach Hits 1.4 Million MembersAccounting Firm Rubino & Company Files Official Notice of Data BreachKubernetes RBAC Exploited in Large-Scale Campaign for Cryptocurrency MiningLily Collins — The Hack, Not the Actress — Wants Your Facebook AccountUniversity Websites Using MediaWiki, TWiki Hacked to Serve Fortnite SpamEvil Extractor Targets Windows Devices to Steal Sensitive DataTrojanized Installers Used to Distribute Bumblebee MalwareDecoy Dog Malware Toolkit Found After Analyzing 70 Billion DNS QueriesGhostToken Flaw Could Let Attackers Hide Malicious Apps in Google Cloud PlatformGitHub Now Allows Enabling Private Vulnerability Reporting at ScaleIntel Prioritizes Security in Latest vPro ChipsThe Tangled Web of IR Strategies
4/20/2023 April 20, 2023April 20, 2023 ~ The Cyber Beat ~ Leave a comment 3CX Hack Caused by Supply Chain Attack at Stock Trading Automation Company Trading TechnologiesGoogle: Ukraine Targeted by 60% Of Russian Phishing Attacks in 2023Consumer Financial Protection Bureau Says Employee Breached Data of 250,000 Consumers in ‘Major Incident’Lawmakers Introduce Bill to Counter Chinese Cyber Threats Against TaiwanHuawei Launches In-House Software System After Being Cut Off From Us ServicesSeagate Hit With $300 Million Penalty for Continuing $1 Billion Relationship With Blacklisted Firm Huawei, Despite U.S. Export ControlsProton Launches an End-To-End Encrypted Password ManagerChatGPT-Related Malicious URLs on the RiseExpert Insight: Dangers of Using Large Language Models Before They Are BakedLazarus Group Adds Linux Malware to Arsenal in Operation Dream JobCapita Has ‘Evidence’ Customer Data Was Stolen in Digital BurglaryLockBit Ransomware Reportedly Strikes Venezuela’s Largest BankCyber Attack Reportedly Hits Montana State UniversityMedical Imaging Firm Shields Health Care Group, Inc. Announces Third Party Data Breach Affecting Over 2.3 Million PeopleDaggerfly APT Targets African Telecoms Firm With New MgBot MalwareAttackers Use Abandoned WordPress Plugin to Backdoor WebsitesTwo Critical Flaws Found in Alibaba Cloud’s PostgreSQL DatabasesVMware Fixes vRealize Bug That Let Attackers Run Code as Root
4/19/2023 April 19, 2023April 19, 2023 ~ The Cyber Beat ~ Leave a comment March 2023 Broke Ransomware Attack Records With 459 IncidentsRansomware Gangs Abuse Process Explorer Driver to Kill Security SoftwareFortra Shares Findings on GoAnywhere MFT Zero-Day AttacksPopular Fitness Apps Leak Location Data Even When Users Set Privacy ZonesKrebs: Giving a Face to the Malware Proxy Service ‘Faceless’DC Health Link Data Breach Blamed on Human ErrorNurse Call Systems, Infusion Pumps Riskiest Connected Medical DevicesThe Hacker Who Hijacked Matt Walsh’s Twitter Was Just ‘Bored’The iPhone Setting Thieves Use to Lock You Out of Your Apple AccountPatient Seeks to Force Hospital Network to Pay Hackers Ransom to Remove Naked Photos OnlineU.S. Citizens Charged With Pushing Pro-Kremlin Disinfo, Election InterferenceGary Bowser, Former Nintendo Hacker, Released From PrisonNo Prison Time for Ryuk Ransomware Gang Broker After Guilty PleaHackers Got Hacking Wrong, But It Got Entertainment RightPhishing Scams Growing More Sophisticated, Finra SaysGoogle TAG Warns of Russian APT28 Hackers Conducting Phishing Attacks in UkraineBlind Eagle Cyber Espionage Group Strikes Again: New Attack Chain UncoveredPakistani Hackers Use Linux Malware Poseidon to Target Indian Government AgenciesHuntington Ingalls Industries Data Breach Affects 43,643 IndividualsMajor MA, NH Health Insurance Provider Point32Health Hit by Cybersecurity Ransomware AttackWest Technology Group Confirms Employee SSNs Leaked in Recent Data BreachBryant Bank (AL) Data Breach Leaked an Unknown Number of SSNsPlay Ransomware Gang Uses Custom Shadow Volume Copy Data-Theft ToolRaspberry Robin Adopts Unique Evasion TechniquesHackers Actively Exploit Critical RCE Bug in PaperCut ServersMicrosoft SQL Servers Hacked to Deploy Trigona RansomwareGoogle Chrome Hit by Second Zero-Day Attack – Urgent Patch Update ReleasedMicrosoft Defender Update Causes Windows Hardware Stack Protection Mess
4/18/2023 April 18, 2023April 19, 2023 ~ The Cyber Beat ~ Leave a comment Apple’s High Security Mode Blocked NSO Spyware, Researchers SayCyberattack Risks Rise up Company AgendasUsed Routers Often Come Loaded With Corporate SecretsWhat Happened When the IRS Got AuditedWhatsApp, Signal Claim UK Online Safety Bill Threatens User Privacy and SafetyBrit Cops Rapped Over App That Recorded 200K Phone CallsAustralian Military Helicopter Crash Blamed on Failure to Apply Software PatchAvalor Wants to Unify Cybersecurity Tools by Aggregating DataCombatting Cyber Attacks Requires More Than Just MoneyNSO Group’s Pegasus Spyware Found on High-Risk iPhonesRussian APT28 Snoops Just Love Invading Unpatched Cisco Gear, America and UK WarnChinese APT41 Taps Google Red Teaming Tool in Targeted Info-Stealing AttacksMicrosoft: Iranian Mint Sandstorm Hackers Behind Retaliatory Cyberattacks on U.S. OrgsIranian MuddyWater Uses SimpleHelp to Target Critical Infrastructure FirmsUniversity of the People (CA) Data Breach After Unauthorized SharePoint AccessYouTube Videos Distributing Aurora Stealer Malware via Highly Evasive LoaderNew Sandbox Escape PoC Exploit Available for VM2 Library, Patch NowMicrosoft Opens up Defender Threat Intel Library With File Hash, URL Search
4/17/2023 April 17, 2023April 17, 2023 ~ The Cyber Beat ~ Leave a comment Chinese Cops Ran Troll Farm and Secret NY Police Station, U.S. SaysICE Records Reveal How Agents Abuse Access to Secret DataIsraeli Spyware Vendor QuaDream to Shut Down Following Citizen Lab and Microsoft ExposeI Just Discovered My Roomba Can Be a Security CameraMarketing Biz Join the Triboo Limited Sent 107 Million Spam Emails… To Just 437K PeopleStudent Requested Access to Research Data. And Waited. And Waited. Then Hacked to Get Root.Elon Musk to Develop ‘TruthGPT’ as He Warns About ‘Civilizational Destruction’ From AIInsurers Wary of Longer-Term Costs of CyberattacksApple’s Macs Have Long Escaped Ransomware. That May Be Changing…‘Half-Baked’FIN7 and Ex-Conti Cybercrime Gangs Join Forces in Domino Malware AttacksHackers Publish Sensitive Employee Data Stolen During CommScope Ransomware AttackCapita Investigates Authenticity of Ransomware Gang LeaksCharity Data Stolen in Ransomware Attack on Supplier EvideNew Chameleon Android Malware Mimics Bank, Gov’t, and Crypto AppsQBot Banking Trojan Increasingly Delivered Via Business EmailsNew Zaraza Bot Credential-Stealer Sold on Telegram Targeting 38 Web BrowsersHackers Abuse Google Command and Control Red Team Tool in AttacksEngineering Cybersecurity into U.S. Critical Infrastructure
4/14-16/2023 April 17, 2023April 17, 2023 ~ The Cyber Beat ~ Leave a comment Social-Media Account Overseen by Former Navy Noncommissioned Officer Helped Spread SecretsMeet the Hacker Armies on Ukraine’s Cyber Front LineMontana Lawmakers Approve Statewide Ban on TikTokKrebs: Why is ‘Juice Jacking’ Suddenly Back in the News?What Business Needs to Know About the New U.S. Cybersecurity StrategyThe U.S. Cracked a $3.4 Billion Crypto Heist—and Bitcoin’s AnonymityAre You Being Tracked by an AirTag? Here’s How to CheckElon Musk Is Reportedly Planning an A.I. Startup to Compete With OpenAI, Which He CofoundedWhat It Will Look Like if China Launches Cyberattacks in the U.S.How to Define Tier-Zero Assets in Active Directory SecurityNCR Suffers Aloha POS Outage After BlackCat Ransomware AttackWestern Digital Hackers Demand 8-Figure Ransom Payment for DataConsenSys Reports Data Breach Affecting Over 7,000 MetaMask UsersAndroid Malware Infiltrates 60 Google Play Apps With 100M InstallsHackers Start Abusing Action1 RMM in Ransomware AttacksLockBit Ransomware Encryptors Found Targeting Mac DevicesVice Society Ransomware Uses New PowerShell Data Theft Tool in AttacksCISA Warns of Android Bug Exploited by Chinese App to Spy on UsersGoogle Releases Urgent Chrome Update to Fix Actively Exploited Zero-Day Vulnerability
4/13/2023 April 13, 2023April 13, 2023 ~ The Cyber Beat ~ Leave a comment Air Guardsman Arrested in Connection With Leaked Documents…Pentagon Leak Leads to Limits on Who Gets Access to Military’s Top SecretsRussian APT29 Hackers Linked to Widespread Attacks Targeting NATO and EUPakistan-Aligned Hackers Disrupt Indian Education SectorThe Hacking of ChatGPT Is Just Getting StartedEuropean Privacy Watchdog Creates ChatGPT Task ForceFor AI Laws, China Joins the U.S. In Asking the Public to Chime InNew Arkansas Bill to Keep Minors off Social Media Exempts Most Social Media PlatformsWhatsApp Introduces New Device Verification Feature to Prevent Account Takeover AttacksDutch Police Mails RaidForums Members to Warn They’re Being WatchedFive Arrested After 33,000 Victims Lose $98M to Online Investment FraudCyber Company Darktrace Gets Caught up in LockBit Gang’s Apparent BlunderOver 20,000 Iowa Medicaid Members Affected By Data BreachUnlimited Care (NY) Files Notice of Data Breach Affecting More than 29K EmployeesKansas Health Care Company Medicalodges Hit by Ransomware AttackCollegedale (TN) Has Computer Systems Hacked, RestoredRansomware Attack on Suffolk County Began in 2021No Indication of Identity Theft or Fraud in Beacon Health (IN) Data Breach by EmployeeMoney Ransomware Group Enters Double-Extortion FrayGuLoader Targets U.S. Financial Firms With Tax-Themed Phishing LuresRTM Locker: Emerging Cybercrime Group Targeting Businesses with RansomwareNew Python-Based “Legion” Hacking Tool Emerges on TelegramWindows 11 Is Getting a New ‘Presence Sensing’ Privacy SettingGov’t Agencies Urge ‘Revamp’ of Certain Software to Take Cybersecurity Burden off Customers
4/12/2023 April 13, 2023April 13, 2023 ~ The Cyber Beat ~ Leave a comment Lazarus Group’s DeathNote Campaign Reveals Shift in TargetsFBI: How Fake Xi Cops Prey on Chinese Nationals in the U.S.Leaked Pentagon Documents May Herald a New Era of RevelationsCISA Updates Zero Trust Maturity Model With Public FeedbackU.S. Cyber Chiefs Warn AI Will Help Crooks, China Develop Nastier Cyberattacks FasterChatGPT Can Resume in Italy if Meets Data Watchdog’s DemandsEthical Hackers Could Earn up to $20,000 Uncovering ChatGPT VulnerabilitiesNurses Sue CommonSpirit Hospital Chain Over Unpaid Wages After 2022 CyberattackGartner: Human-Centric Design Is Top Cybersecurity Trend for 2023Hyundai Data Breach Exposes Owner Details in France and ItalyGerman Superyacht Maker Lürssen Hit by Ransomware Cyber AttackKyocera Android App With 1M Installs Can Be Abused to Drop MalwareRetina & Vitreous of Texas Files Notice of Data Breach Following Cybersecurity IncidentDDoS Attacks Shifting to VPS Infrastructure for Increased PowerMicrosoft Shares Guidance to Detect BlackLotus UEFI Bootkit AttacksWindows Admins Warned to Patch Critical MSMQ QueueJumper BugKrebs: Microsoft (& Apple) Patch Tuesday, April 2023 EditionWere You Caught up in the Latest Data Breach? Here’s How to Tell
4/11/2023 April 11, 2023April 23, 2023 ~ The Cyber Beat ~ Leave a comment Ukrainian Hackers Say They Have Compromised Russian Spy Who Hacked Democrats in 20163CX Confirms North Korean Hackers Behind Supply Chain AttackiPhones Hacked via Invisible Calendar Invites to Drop QuaDream SpywareHacked Sites Caught Spreading Malware via Fake Chrome Updates‘Blatantly Obvious’: Spyware Offered to Cyberattackers via PyPI Python Repository by ‘SylexSquad’How LockBit Changed Cybersecurity ForeverOpenAI Launches Bug Bounty Program With Rewards up to $20KU.S. Begins Study of Possible Rules to Regulate AI Like ChatGPTFBI and Former City Manager Say Oldsmar (FL) Cyberattack Never Happened7 Things Your Ransomware Response Playbook Is Likely MissingKodi Discloses Data Breach After Forum Database for Sale OnlineLatitude Financial Refuses to Pay RansomWebster Bank Reports Third-Party Data Breach at Guardian AnalyticsHarrington Raceway (DE) Data Breach Leaks Personal Info of More Than 12k IndividualsWoodward Communications (IA) Data Breach Affects 12,467 IndividualsCryptocurrency Stealer Malware Distributed via 13 NuGet PackagesNewly Discovered “By-Design” Flaw in Microsoft Azure Could Expose Storage Accounts to HackersWindows Zero-Day Vulnerability Exploited in Ransomware AttacksMicrosoft April 2023 Patch Tuesday Fixes 1 Zero-day, 97 FlawsSAP Releases Security Updates for Two Critical-Severity Flaws
4/10/2023 April 10, 2023April 10, 2023 ~ The Cyber Beat ~ Leave a comment Pro-Russia Hackers Say They Breached Canadian Pipeline, but Experts Are SkepticalEstonian National Charged in U.S. for Acquiring Electronics and Metasploit Pro for Russian Military‘I’m Sick to My Stomach’: Pentagon Officials Shocked by Intel LeaksHow the Latest Leaked Documents Are Different From Past BreachesFBI Warns Against Using Public Phone Charging StationsHow to Write Better ChatGPT Prompts (And This Applies to Most Other Text-Based AIs, Too)The Human Factor In Cybersecurity: Understanding Social EngineeringInside FTX: Jokes About Misplaced Funds, Diabolical IT, Poor Oversight, and WorseHigh-Stakes Ransomware Response: Know What Cards You HoldApps for Sale: Cybercriminals Sell Android Hacks for Up to $20K a PopApple Fixes Recently Disclosed Zero-Days on Older iPhones and iPadsKFC, Pizza Hut Owner Yum! Brands Discloses Data Breach After Ransomware AttackSD Worx Shuts Down UK Payroll, HR Services After CyberattackRochester Public School Cancels School Monday After Cyber AttackBaldor Specialty Foods Reports Data Breach Impacting the Confidential Info of 13k+ ConsumersHawaiiUSA Federal Credit Union Confirms Recent Data Breach Affected Over 20k CustomersReports of Data Breach at PharMerica Corp Leave Customers Worried About Their Personal InfoHackers Flood NPM with Bogus Packages Causing a DoS AttackKorea-Based Exchange GDAC Suspends Withdrawals, Deposits After $13M HackTerra DeFi Project Terraport Suffers $2M Hack Days After LaunchCommunity on Sushiswap Exploit: The $3.3 Hack Is ‘Weird’CISA Orders Gov’t Agencies to Update iPhones, Macs by May 1st
4/7-9/2023 April 9, 2023April 9, 2023 ~ The Cyber Beat ~ Leave a comment Pentagon Investigates More Social-Media Posts Purporting to Include Secret U.S. Documents…Leaked Pentagon Documents Show Spies Infiltrated Kremlin… and Also in South Korea, Ukraine & UK…Russia’s Military StrugglesBiden Administration Weighs Action Against Russian Cybersecurity Firm Kaspersky LabAmericans Now Fear Cyberattack More Than Nuclear AttackThere’s a New Form of Keyless Car Theft That Works in Under 2 MinutesAmazon Bans Flipper Zero, Claiming It Violates Policy Against Card Skimming Devices‘A Real Worry’: How AI Is Making It Harder to Spot Fake ImagesFBI Warns of Companies Exploiting Sextortion Victims for ProfitBreached Shutdown Sparks Migration to ARES Data Leak ForumsCISA Orders Agencies to Patch Backup Exec Bugs Used by Ransomware GangAll Dutch Gov’t Networks to Use RPKI to Prevent BGP HijackingIran-Based Hackers MuddyWater Caught Carrying Out Destructive Attacks Under Ransomware GuiseTasmanian Data Breach: Schoolchildren’s Info Among 16,000 Documents Leaked on Dark WebUniversity of Hawaii Maui College Announces Recent Data BreachCamden County (NJ) Police Department Confirms Ransomware AttackCulbertson Memorial Hospital (IL) Hit by Cyber-AttackCyber Attack Leaves Irrigation Systems in Upper Galilee DysfunctionalMassive Balada Injector Campaign Attacking WordPress Sites Since 2017Researchers Discover Critical Remote Code Execution Flaw in VM2 Sandbox LibraryApple Releases Updates to Address Zero-Day Flaws in iOS, iPadOS, macOS, and SafariMicrosoft Delays Exchange Online CARs Deprecation Until 2024Bad Actors Will Use Large Language Models — but Defenders Can, TooAustralia Is Scouring the Earth for Cybercriminals — the US Should Too
4/6/2023 April 6, 2023April 6, 2023 ~ The Cyber Beat ~ Leave a comment Two-Fifths of IT Pros Told to Keep Breaches QuietMicrosoft and Fortra Crack Down on Malicious Cobalt Strike ServersThe Dangerous Weak Link in the U.S. Food ChainThreat Actors Increasingly Use Telegram For Phishing PurposesCan Do Attitude: How Thieves Steal Cars Using Network BusTesla Employees Reportedly Passed Around Personal Videos From Owners’ CarsGoogle Mandates Data Deletion Policy For Android AppsPrivacy Concerns Surround Plans for AI Camera Surveillance at 2024 Paris OlympicsCops Put the Squeeze on Genesis Crime Souk Denizens, Not Just the Admins This TimeUK Criminal Records Office Crippled by “Cyber Incident”Legal Powerhouse Proskauer Exposed Clients’ Confidential M&A DataOakland Ransomware Attack Worsens With Massive New Release of Personal InfoMedusa Ransomware Claims Attack on Open University of CyprusMoney Message Ransomware Gang Claims MSI Breach, Demands $4 Million‘BEC 3.0’ Is Here With Tax-Season QuickBooks CyberattacksThrone Fixes Security Bug That Exposed Creators’ Private Home AddressesQNAP ‘Urgently’ Fixing Vulnerabilities in Multiple Systems
4/5/2023 April 5, 2023April 5, 2023 ~ The Cyber Beat ~ Leave a comment Google TAG Warns of North Korean-linked ARCHIPELAGO CyberattacksUK Discloses Offensive Cyber Capabilities PrinciplesSpain’s Most Dangerous and Elusive Hacker Now in Police CustodyKrebs: FBI Seizes Bot Shop ‘Genesis Market’ Amid Arrests Targeting Operators, SuppliersNew Dark Web Market STYX Focuses on Financial Fraud ServicesHere’s Where the A.I. Jobs AreLog4j Bug Being Used in New Malicious AttacksDatabase Snafu Leaks 600K Records from Z2U MarketplaceOur Lady of the Lake University (TX) Notifies Data Breach VictimsCryptoClippy: New Clipper Malware Targeting Portuguese Cryptocurrency UsersTyphon Reborn Stealer Malware Resurfaces with Advanced Evasion TechniquesHackers Using Self-Extracting Archives Exploit for Stealthy Backdoor AttacksOpen Nexx Garage Doors Anywhere in the World by Exploiting This “Smart” Device
4/4/2023 April 5, 2023April 5, 2023 ~ The Cyber Beat ~ Leave a comment In His New Cybersecurity Strategy, Biden Identifies Cloud Security as a Major ThreatBroad Pay Ranges Can Hamper Cybersecurity HiringBank Rewrote Ads for Infosec Jobs to Stop Scaring Away WomenAlcohol Counseling Companies Monument and Tempest Leaked Patient Data to Advertisers for YearsIRS-Authorized eFile.com Tax Return Software Caught Serving JS MalwareKrebs: A Serial Tech Investment Scammer Takes Up Coding?ChatGPT Has a Big Privacy ProblemTikTok Fined £12.7m For Violating UK Data Privacy LawsA Tiny Blog Took on Big Surveillance in China—and WonCybercrime Marketplace Genesis Market Shut by FBI, International Law EnforcementIsraeli Cyber Security Website Check Point Briefly Taken Down in CyberattackArid Viper Hacking Group Using Upgraded Malware in Middle East Cyber AttacksTallahassee Memorial HealthCare Data Breach Affects Patients’ SSNs and PHINew “Rorschach” Ransomware Spread Via Commercial ProductNew Rilide Malware Targeting Chromium-Based Browsers to Steal CryptocurrencyALPHV Ransomware Exploits Veritas Backup Exec Bugs for Initial AccessHP to Patch Critical Bug in LaserJet Printers Within 90 Days15M+ Services & Apps Remain Sitting Ducks for Known ExploitsHow Strategic Investors Can Help Cybersecurity Startups
4/3/2023 April 3, 2023April 3, 2023 ~ The Cyber Beat ~ Leave a comment TikTok to Comply With US Law, Protect User Data From ChinaThe Massive 3CX Supply-Chain Hack Targeted Cryptocurrency Firms…3CX Thought Supply Chain Attack Was a False PositiveApril Brings Tulips, Taxes … And Phisherfolk ScammersICE Is Grabbing Data From Schools and Abortion ClinicsTor Project’s New Privacy-Focused Browser Lets You Layer a VPNOkay, so ChatGPT Just Debugged My Code. For Real.U.S. DoD Unveils Website For Hack the Pentagon Bug Bounty ProgramU.S. Seizes $112 Million From Cryptocurrency Investment ScammersSchool Principal Resigns After Writing $100,000 Check to Elon Musk ImpersonatorWhat The Board Needs To KnowWestern Digital Hit by Network Security Breach – Critical Services DisruptedOutsourcer Capita Claims to Have Contained “Cyber Incident”BMW Claims Data Breach Limited to Local DealerUber Driver Info Stolen Yet Again: This Time From Law Firm Genova BurnsMontgomery General Hospital (WV) Data Breach Following Ransomware AttackSouthwest Healthcare Services (ND) Data Breach Affects Patients’ SSNs and PHICrypto-Stealing OpcJacker Malware Targets Users with Fake VPN ServiceWinRAR SFX Archives Can Run PowerShell Without Being DetectedCISA Warns of Zimbra Bug Exploited in Attacks Against NATO CountriesFor Cybercrime Gangs, Professionalization Comes With ‘Corporate’ Headaches
3/31-4/2/2023 April 3, 2023April 3, 2023 ~ The Cyber Beat ~ Leave a comment 10-Year-Old Windows Bug With ‘Opt-In’ Fix Exploited in 3CX AttackFederal Government Published Social Security Numbers of 1,900 White House VisitorsChina Opens Cybersecurity Probe of Micron Amid Competition With U.S. Over TechnologyItaly Curbs ChatGPT, Starts Probe Over Privacy ConcernsNYPD Blues: Cops Ignored 93 Percent of Surveillance Law RulesLazarus Heist: The Intercontinental ATM Theft That Netted $14M in Two HoursKrebs: German Police Raid DDoS-Friendly Host ‘FlyHosting’DISH Slapped With Multiple Lawsuits After Ransomware Cyber AttackConsumer Lender TMX Discloses Data Breach Impacting 4.8 Million PeopleLumen Hit by Ransomware, Malware AttacksJefferson County (AL) School System Victim of Ransomware Attack During Spring BreakLewis & Clark College Cyberattack Claimed by Notorious Ransomware GangNew Money Message Ransomware Demands Million Dollar RansomsFake Ransomware Gang ‘Midnight’ Targets U.S. Orgs With Empty Data Leak ThreatsHackers Exploiting WordPress Elementor Pro Vulnerability: Millions of Sites at Risk15 Million Public-Facing Services Vulnerable to CISA KEV Flaws