6/29/2023 June 29, 2023June 29, 2023 ~ The Cyber Beat ~ Leave a comment Iranian Charming Kitten’s PowerStar Malware Evolves with Advanced TechniquesFrom MuddyC3 to PhonyC2: Iran’s MuddyWater Evolves with a New Cyber WeaponSecurity Chiefs Take On IT Roles as More Infrastructure Moves OnlineMIT Publishes Framework to Evaluate Cybersecurity MethodsNSA and CISA Release Guidelines to Secure CI/CD EnvironmentsChinese Balloon That U.S. Shot Down Was ‘Crammed’ With American HardwareNetwork Security Guy in Extradition Tug of War Between U.S. and RussiaPornhub Is Being Accused of Illegal Data CollectionNow Apple Takes a Bite Out of Encryption-Bypassing ‘Spy Clause’ in UK Internet LawProton Launches Open-Source Password Manager With Some LimitationsPro-Russia DDoSia Hacktivist Project Sees 2,400% Membership IncreaseMillions Affected by MOVEit Mass-Hacks as List of Casualties Continues to GrowParacetamol Maker Granules India Flags Significant Operations Hit From Cyber AttackSweetwater UHSD (CA) Data Breach Compromises Student, Staff InfoRoosevelt University Data Breach Involving FAFSA Applications Affects 47,877Fluhorse: Flutter-Based Android Malware Targets Credit Cards and 2FA CodesCritical Security Flaw in Social Login Plugin for WordPress Exposes Users’ AccountsMITRE Releases New List of Top 25 Most Dangerous Software BugsVulnerability Hunting: Threat Hunting’s Cybersecurity CousinCybersecurity 101
6/28/2023 June 29, 2023June 29, 2023 ~ The Cyber Beat ~ Leave a comment White House Outlines Cyber Budget Priorities, Including Making Ransomware ‘No Longer Profitable’‘A Regional Disaster’: Cyberattacks on Health Care Facilities Have Ripple Effects, Study SaysFears Grow of Deepfake ID Scams Following Progress HackHow Your Real Flight Reservation Can Be Used to Scam YouNew Electromagnetic Attacks on Drones Could Let Attackers Take ControlThe Password Game Will Make You Want to Break Your Keyboard in the Best WayMicrosoft Sysmon Now Detects When Executables Files Are CreatedBrave Browser Boosts Privacy With New Local Resources RestrictionsAndariel’s Mistakes Uncover New ‘EarlyRat’ Malware in Lazarus Group CampaignUncovering How AI’s Dual Relationship With Cybersecurity OperatesThe Tiny Government Agency Behind a Chinese A.I. Chip Ban That’s Weighing on NvidiaKrebs: U.K. Cyber Thug “PlugwalkJoe” Gets 5 Years in PrisonUniversity of California Sues Lloyd’s Syndicates Over Cyber InsuranceU.S. Health Department, Law Firms Reportedly Latest Hit in Wide-Ranging MOVEit HackU.S. Patent and Trademark Office Notifies Filers of Years-Long Data LeakCryptosLabs Scam Ring Targets French-Speaking Investors, Rakes in €480 Million8Base Ransomware Spikes in Activity, Threatens U.S. and Brazilian BusinessesTexas AG Reports More Than 2,500 Customers Exposed in USAA Data BreachMAC Pizza (TX) Files Notice of Data Breach Following Recent Ransomware AttackThirdEye Infostealer Poses New Threat to Windows UsersLinux Version of Akira Ransomware Targets VMware ESXi ServersNPM Ecosystem at Risk From “Manifest Confusion” AttacksExploit Released for New Arcserve UDP Auth Bypass VulnerabilityCritical SQL Injection Flaws Expose Gentoo Soko to Remote Code Execution3 Strategies for Bringing Rigor to Software Security
6/27/2023 June 28, 2023June 28, 2023 ~ The Cyber Beat ~ Leave a comment ‘SiegedSec’ Hackers Say Fort Worth, TX Website Targeted Over New State Law on Gender-Affirming CareSubmarine Cables at Growing Risk of Cyber-AttacksU.S. Rep. Zach Nunn Unveils Agriculture Cybersecurity Grant ProposalThe Night 17 Million Precious Military Records Went Up in SmokeChina’s Baidu Claims Its Ernie Bot Beats ChatGPT on Key Tests as A.I. Race Heats UpStudy Reveals Alarming Gap in SIEM Detection of Adversary TechniquesEncroChat Bust Leads to 6,558 Criminals’ Arrests and €900 Million SeizureHundreds of Devices Found Violating New CISA Federal Agency DirectiveClosing The Cybersecurity Gap For NonprofitsThe Lowly DDoS Attack Is Showing Signs of Being Anything But‘Wagner’ Ransomware Targets Computers in RussiaIran Subjected to Hack-And-Leak Operations by GhyamSarnegouniCasualties Keep Growing in This Month’s Mass Exploitation of MOVEit 0-Day…Siemens Energy Confirms Data Breach After MOVEit Data-Theft AttackMiscreants Leak Texts and Info Siphoned by Android Stalkerware App LetMeSpyConner Strong & Buckelew Notifies 15,064 Consumers of Data Breach That Leaked Their SSNDesert Physicians Management (CA) Announces Data Breach on Behalf of Multiple ProvidersNew Ongoing Campaign Targets npm Ecosystem with Unique Execution ChainNew Mockingjay Process Injection Technique Could Let Malware Evade Detection
6/26/2023 June 27, 2023June 27, 2023 ~ The Cyber Beat ~ Leave a comment Microsoft Warns of Widescale Credential Stealing Attacks by Russian APT29 HackersChinese Volt Typhoon Hackers Using Never-Before-Seen Tactics for Critical Infrastructure AttacksThe U.S. Senate Wants to Rein In AI. Good Luck With ThatThe Robotic Falcon Maker Who Lost £100,000 to Cyber CriminalsResearchers Find Way to Recover Cryptographic Keys by Analyzing LED FlickersJP Morgan Accidentally Deletes Evidence in Multi-Million Record Retention ScrewupJapan-Backed Fund to Buy Critical Semiconductor Firm JSR for $6.3 Billion as Chip Tensions RiseFlipper Hacking Device on Track to Make $80M Worth of SalesSerbia Man Charged in U.S. for Running ‘Monopoly’ Darknet Drug MarketHackers Steal Data of 45,000 New York City Students in MOVEit BreachHacktivists Steal Government Files From Texas City Fort WorthSuncor Energy Says It Experienced a Cybersecurity IncidentJapanese Cryptocurrency Exchange Falls Victim to JokerSpy macOS Backdoor AttackBrunswick Operations Normal Again After Cyber AttackActivision Blizzard Games Crippled by Hours-Long DDoS AttackLutheran Social Services of Illinois Announces Data Breach Affecting Over 150k IndividualsAtlanta Postal Credit Union Files Notice of Recent Data Breach Following Ransomware AttackAnatsa Android Trojan Now Steals Banking Info From Users in U.S., UK
6/23-25/2023 June 25, 2023June 25, 2023 ~ The Cyber Beat ~ Leave a comment Multiple U.S. Navy Personnel Say They’ve Received Potentially Malicious Smartwatches in the MailWhy Is It So Rare to Hear About Western Cyber-Attacks?Some Hospitals Are One Ransomware Attack Away From ClosingUK Cyberspies Warn Ransomware Crews Targeting Law FirmsCISA Orders Agencies to Patch iPhone Bugs Abused in Spyware AttacksU.S. Cybersecurity Agency Adds 6 Flaws to Known Exploited Vulnerabilities Catalog5 Ways to Instantly Make Your Instant Messaging More SecureMalaysia to Take Legal Action Against Meta Over Harmful ContentHacker ‘PlugWalkJoe’ Responsible for 2020 Twitter Breach Sentenced to PrisonFBI Seizes BreachForums After Arresting Its Owner Pompompurin in MarchFBI Analyst Gets Three Years For National Security BreachSolarWinds Executives Receive Wells Notice From U.S. SECLastPass Users Furious After Being Locked Out Due to MFA ResetsHow Government Contractors & Agencies Should Navigate New Cyber RulesCapital One Becomes Latest Bank Affected by Cyberattack on Debt-Buying GiantMOVEit Breach Impacts Genworth, CalPERS as Data for 3.2 Million ExposedAmerican Airlines, Southwest Airlines Disclose Data Breaches Affecting PilotsUniversity of Manchester Confirms Data Theft in Recent CyberattackHawaii Community College Targeted in Ransomware AttackKannact Notifies Over 100k Individuals of Data Breach That Leaked Their SSNsVincera Institute (PA) Files Notice of Data Breach Following Ransomware AttackTrojanized Super Mario Game Used to Install Windows MalwareCybercrime Group ‘Muddled Libra’ Targets BPO Sector with Advanced Social EngineeringPowerful JavaScript Dropper PindOS Distributes Bumblebee and IcedID MalwareFortinet Fixes Critical FortiNAC Remote Command Execution FlawGrafana Warns of Critical Auth Bypass Due to Azure AD IntegrationGoogle Bug Bounties Inch Closer to Microsoft’s Payouts
6/22/2023 June 23, 2023June 23, 2023 ~ The Cyber Beat ~ Leave a comment U.S.-China Tech Battle Entering Its ‘Primetime’ — And Generative A.I. Could Be the Next FrontierChinese Camaro Dragon Hackers Strike with USB-Driven Self-Propagating MalwareMULTI#STORM Campaign Targets India and U.S. with Remote Access TrojansDocs Show FBI Pressures Cops to Keep Phone Surveillance SecretsCISA Orders Gov’t Agencies to Patch Bugs Exploited by Russian HackersJapan’s Digital ID Card Gets Emergency Review Amid Data LeaksKrebs: SMS Phishers Harvested Phone Numbers, Shipment Data from UPS Tracking ToolDuckDuckGo’s Privacy-Focused Browser Is Available for Windows NowMicrosoft Teams Bug Allows Malware Delivery From External AccountsMicrosoft 365 Users Report Outlook, Teams Won’t Start or FreezesGoogle Backs Creation of Cybersecurity Clinics With $20 Million Donation6 Major Attack Surfaces Frequently Targeted That You Must ProtectPro-Russian Hackers Killnet, Anonymous Sudan, and REvil Attack the European Investment BankLargest Public Pension Fund in U.S. CalPERS Affected by MOVEit BreachiOttie Discloses Data Breach After Site Hacked to Steal Credit CardsNow BlackCat Extortionists Threaten to Leak Stolen Plastic Surgery PicsMirai Botnet Targets 22 Flaws in D-Link, Zyxel, Netgear DevicesMicrosoft: Hackers Hijack Linux Systems Using Trojanized OpenSSH VersionExploit Released for Cisco AnyConnect Bug Giving SYSTEM PrivilegesMillions of GitHub Repos Likely Vulnerable to RepoJacking, Researchers SayCritical Flaw Found in WordPress Plugin for WooCommerce Used by 30,000 WebsitesVMware Fixes vCenter Server Bugs Allowing Code Execution, Auth BypassNSA Shares Tips on Blocking BlackLotus UEFI Malware AttacksLockBit Developing Ransomware for Apple M1 Chips, Embedded Systems
6/21/2023 June 21, 2023June 21, 2023 ~ The Cyber Beat ~ Leave a comment DOJ Launches Cyber Unit With National Security Focus as China, Russia Threats MountU.S. Tracked Huawei, ZTE Workers at Suspected Chinese Spy Sites in CubaChinese Hacker Group ‘Flea’ Targets American Ministries with Graphican BackdoorNorth Korean ScarCruft (aka APT37) Hackers Exploit Ably Service for Stealthy Wiretapping ‘FadeStealer’ AttacksKrebs: Why Malware Crypting Services Deserve More ScrutinyHow Your New Car Tracks YouSupply Chain and APIs Top Security Concerns, CISO Survey ShowsGoogle Accuses Microsoft of Unfair Practices in Azure Cloud UnitFTC Accuses DNA Testing Company 1Health.io, also known as Vitagene, of Lying About Dumping SamplesFTC: Amazon Trapped Millions Into Hard-To-Cancel Prime MembershipsAvast, Norton Parent Latest Victim of MOVEit Ransomware Attacks…At Least 10 Federal Agencies Contracted With Hacked Software Maker MOVEit…Ransomware Misconceptions Abound, to the Benefit of AttackersUPS Discloses Data Breach After Exposed Customer Info Used in SMS PhishingAustralia’s Perpetual Says ‘Tech Outage’ Affected Some Funds in Cyber IncidentAtlanta Women’s Health Group Files Notice of Data Breach Affecting 33k+ PatientsVincera Institute (PA) Notifies Patients After Ransomware AttackSecurity Researchers Uncover New Spyware Implant TriangleDBApple Fixes Zero-Days Used to Deploy Triangulation Spyware via iMessage
6/20/2023 June 20, 2023June 20, 2023 ~ The Cyber Beat ~ Leave a comment MOVEit hack: Clop Gang Claims Not to Have BBC, BA, and Boots DataRussian APT28 Hackers Breach Ukrainian Gov’t Email ServersCyberattack Hits European Investment Bank, Follows Warning to Financial Sector From Russian HackersDoNot Team: Rogue Android Apps Target Pakistani Individuals in Sophisticated Espionage CampaignData Leak at Major Law Firm HWL Ebsworth Sets Australia’s Government and Elites ScramblingCrypto Hack Alarms Ramp up as Authorities Crack Down After $3.7 Billion StolenReddit Confirms BlackCat Gang Pinched Some DataOver 100,000 ChatGPT Accounts Found in Dark Web MarketplacesMajority of Users Neglect Best Password Practices: Keeper SecurityMicrosoft Fixes Azure AD Auth Flaw Enabling Account TakeoverMeta Unveils Voicebox AI to Replicate the Voices of Your Friends and Loved OnesHackers Warn University of Manchester Students’ of Imminent Data LeakMedibank’s Staff Details Stolen After Property Manager Faces Cyber BreachOreo Cookie Maker Mondelez International Says Crooks Gobbled up Staff InfoSmart Pet Feeders Expose Personal DataInternet, Email Access Further Restored at Stephen F. Austin University Following Cyber AttackExperts Uncover Year-Long Cyber Attack on IT Firm Utilizing Custom Malware RDStealerNew Condi Malware Builds DDoS Botnet Out of TP-Link AX21 RoutersHackers Infect Linux SSH Servers With Tsunami Botnet MalwareVMware Warns of Critical vRealize Flaw Exploited in AttacksResearchers Expose New Severe Flaws in Wago and Schneider Electric OT ProductsZyxel Releases Urgent Security Updates for Critical Vulnerability in NAS Devices
6/19/2023 June 19, 2023June 19, 2023 ~ The Cyber Beat ~ Leave a comment State-Backed CL-STA-0043 Hackers Employ Advanced Methods to Target Middle Eastern and African GovernmentsGuess What Happened to This U.S. Agency Using Outdated Software?Android Spyware Camouflaged as VPN, Chat Apps on Google PlayHackers Use Fake OnlyFans Pics to Drop Info-Stealing MalwareMillions of UK University Credentials Found on Dark WebData Breach at New BreachForums: 4,000 Members’ Data LeakedU.S. Investors Sniffing Around Blacklisted NSO Group AssetsGenerative AI Has Its Risks, But the Sky Isn’t FallingDes Moines Public Schools Confirms Ransomware Attack, Data TheftNew Horizons Medical (MA) Reports Leaked Patient SSNs Following Recent Data BreachParker Wellbore (TX) Files Notice of Recent Data BreachThe Hatcher Agency (AR) Confirms Data Breach Involving 9,500 Individuals’ Personal InformationFirstBank Puerto Rico Announces Data Breach After Cyberattack at MIACResearchers Discover New Sophisticated Toolkit ‘JokerSpy’ Targeting Apple macOS SystemsASUS Urges Customers to Patch Critical Router Vulnerabilities
6/16-18/2023 June 18, 2023June 18, 2023 ~ The Cyber Beat ~ Leave a comment Top EU official urges more countries to ban China’s Huawei, ZTE from 5G networksU.S. Gov’t Offers $10 Million Bounty for Info on Clop Ransomware…U.S. Energy Dep’t Gets Two Ransom Notices as MOVEit Hack Claims More Victims…Millions of Oregon, Louisiana State IDs Stolen in MOVEit Breach…Explainer: How MOVEit Breach Shows Hackers’ Interest in Corporate File Transfer ToolsHumans Aren’t Mentally Ready for an AI-Saturated ‘Post-Truth World’SMS Delivery Reports Can Be Used to Infer Recipient’s LocationKhashoggi Widow Suing Israeli Firm, Says Spyware Caused Her to ‘Constantly Be Looking Over Her Shoulder’Police Cracks Down on DDoS-For-Hire Service Active Since 2013Microsoft Says Early June Disruptions to Outlook, Cloud Platform, Were CyberattacksKillnet Threatens Imminent SWIFT, World Banking AttacksRhysida Ransomware Leaks Documents Stolen From Chilean ArmyNew Zealand’s Smartpay Hit With Ransomware in Latest Antipodean Cyberattack IncidentBlackCat (ALPHV) Ransomware Gang Threatens to Leak Stolen Reddit Data from February BreachFrom Cryptojacking to DDoS Attacks: Diicot Expands Tactics with Cayosin BotnetChamelDoH: New Linux Backdoor Utilizing DNS-over-HTTPS Tunneling for Covert CnCNew Mystic Stealer Malware Increasingly Used in AttacksWestern Digital Boots Outdated NAS Devices Off of My Cloud
6/15/2023 June 15, 2023June 15, 2023 ~ The Cyber Beat ~ Leave a comment New Report Reveals Shuckworm’s (aka Armageddon) Long-Running PowerShell USB Intrusions on Ukrainian OrganizationsA Shady Chinese Firm’s Encryption Chips Got Inside the Navy and NASABarracuda: Chinese Spies UNC4841 Breached Hundreds of Public, Private Networks, Security Firm Says…Krebs: CISA Order Highlights Persistent Risk at Network EdgeCISA and NSA Publish BMC Hardening GuidelinesFood Producers Band Together in Face of Cyber ThreatsStudy Reveals Ransomware as Most Popular Cybercrime ServiceRansomware Hackers and Scammers Utilizing Cloud Mining to Launder CryptocurrencyRussian LockBit Ransomware Hacker Extorted Millions From U.S. Businesses, Prosecutors SayU.S. Government Agencies Hit in Global MOVEit Cyberattack…Clop Ransomware Gang Starts Extorting MOVEit Data-Theft Victims…MOVEit Transfer Customers Warned of New Flaw as PoC Info SurfacesNorth Korea Created Very Phishy Evil Twin of Naver, South Korea’s Top PortalInternational Chapter of the P.E.O. Sisterhood Announces Recent Data Breach Following Ransomware AttackPearland Independence School District (TX) Warns Families of Data BreachGravityRAT Android Trojan Steals WhatsApp Backups and Deletes FilesNew Supply Chain Attack Exploits Abandoned S3 Buckets to Distribute Malicious Binaries
6/14/2023 June 14, 2023June 14, 2023 ~ The Cyber Beat ~ Leave a comment EU Passes Landmark Artificial Intelligence ActThe Pace Of AI Innovation For Cybersecurity Is Fast And FuriousMicrosoft Links Data Wiping Attacks to New Russian GRU Hacking Group ‘Cadet Blizzard’Estonian Police Investigate Crypto Hack Blamed on North Korean Lazarus HackersChinese Hackers Use DNS-Over-HTTPS for Linux Malware CommunicationMalicious Actors Exploit GitHub to Distribute Fake ExploitsLockBit Victims in the U.S. Alone Paid Over $90M in Ransoms Since 2020Moving the Cyber Industry Forward Requires a Novel ApproachFake WannaCry Ransomware Targets Russian “Enlisted” FPS Players33,000 Patients Caught in Data Breach at Maimonides Medical Center (NY)Leidos Experiences Data Breach Resulting from Vulnerability in Software Provided By Diligent CorporationHenry Ford Health System Patient Data Exposed in mscripts, Data BreachNew Golang-Based Skuld Malware Stealing Discord and Browser Data from Windows PCsNew ‘Shampoo’ Chromeloader Malware Pushed via Fake Warez SitesMicrosoft Says Azure Outage Was Caused by ‘Anomalous’ Traffic Spike, Claimed by ‘Anonymous Sudan’Researchers Uncover XSS Vulnerabilities in Azure Services
6/13/2023 June 13, 2023June 13, 2023 ~ The Cyber Beat ~ Leave a comment ‘Aggressive’ China Cyberattacks Are the ‘Defining Threat’ of Our Time, Top U.S. Cyber Official SaysRenewal of U.S. Surveillance Program Faces Resistance From Both PartiesUFO Whistleblower, Meet a Conspiracy-Loving CongressMassive Phishing Campaign Uses 6,000 Sites to Impersonate 100 BrandsRDP Honeypot Targeted 3.5 Million Times in Brute-Force AttacksCISA Orders Federal Agencies to Secure Internet-Exposed Network DevicesWhy Critical Infrastructure Remains a Ransomware TargetResearchers Report First Instance of Automated SaaS Ransomware ExtortionU.S. Regulators Tell Automakers Not to Comply With Massachusetts Vehicle Data LawLast of the Gozi 3 Sentenced Over Windows Info-Stealing Malware OpsSt. Margaret’s Health Is the First Health Care Facility to Link Its Closing to a Ransomware AttackZacks Confirms Hack, 9M Accounts ImpactedUK Telco Watchdog Ofcom, Minnesota Dept of Ed Named as Latest MOVEit VictimsTST BOCES (NY) Files Notice of Data breach Affecting SSNs of More than 11k IndividualsCrypto Wallets Under Attack By DoubleFinger MalwareAdversary-in-the-Middle Attack Campaign Hits Dozens of Global OrganizationsPirated Windows 10 ISOs Install Clipper Malware via EFI PartitionsWordPress Stripe Payment Plugin Bug Leaks Customer Order DetailsKrebs: Microsoft Patch Tuesday, June 2023 Edition…June Patch Tuesday: VMware Vuln Under Attack by Chinese Spies, Microsoft Kinda Meh
6/12/2023 June 13, 2023June 13, 2023 ~ The Cyber Beat ~ Leave a comment Americans Should Prepare for Cyber Sabotage From Chinese Hackers, U.S. Official WarnsTrump, Indicted on 37 Criminal Counts, to Appear in Federal Court in Miami Tuesday…‘Witch Hunt’The U.S. Is Openly Stockpiling Dirt on All Its CitizensSwiss Government Targeted by Series of Cyber-AttacksA Massive Vaccine Database Leak Exposes IDs of Millions of IndiansBeware: 1,000+ Fake Cryptocurrency Sites Trap Users in Bogus Rewards SchemeAn Anti-Porn App Put Him in Jail and His Family Under SurveillanceApple’s Safari Private Browsing Now Automatically Removes Tracking Parameters in URLsMicrosoft Stole Our Stolen Dark Web Data, Says Security OutfitDoing Less With Less: Focusing on ValueHave I Been Pwned Warns of New Zacks Data Breach Impacting 8 MillionPassword Reset Hack Exposed in Honda’s E-Commerce Platform, Dealers Data at RiskPioneer Valley Ophthalmic Consultants, PC Files Notice of Third-Party AltaData Breach at Idaho Department of Health and WelfareColumbus Regional Healthcare System (NC) Data Breach Following Ransomware AttackMicrosoft: Azure Portal Outage Was Caused by Traffic “Spike”Cybercriminals Using Powerful BatCloak Engine to Make Malware Fully UndetectableResearchers Uncover Publisher Spoofing Bug in Microsoft Visual Studio InstallerFortinet: New FortiOS RCE Bug “May Have Been Exploited” in AttacksExploit Released for MOVEit RCE Bug Used in Data Theft Attacks
6/9-11/2023 June 12, 2023June 12, 2023 ~ The Cyber Beat ~ Leave a comment U.S. Confirms China Has Had a Spy Base in Cuba Since at Least 2019New SPECTRALVIPER Backdoor Targeting Vietnamese Public CompaniesUkrainian Hackers Take Down Service Provider for Russian BanksMicrosoft Uncovers Banking AitM Phishing and BEC Attacks Targeting Financial GiantsShell Recharge Security Lapse Exposed EV Drivers’ DataStrava Heatmap Feature Can Be Abused to Find Home AddressesThis Surveillance System Tracks Inmates Down to Their Heart RateDOJ Charges Two Russians in 2011 Mt. Gox Crypto HackUniversity of Manchester Suffers Suspected Data Breach During Cyber IncidentMembers of the Public Among Those Affected by Massive Nova Scotia CyberattackBlackCat Ransomware Fails to Extort Australian Commercial Law Giant HWL Ebsworth‘Pink Drainer’ Hackers Steal $3 Million by Impersonating Crypto News JournalistsMicrosoft’s Azure Portal Down Following New Claims of DDoS AttacksFortinet Fixes Critical RCE Flaw in Fortigate SSL-VPN Devices, Patch NowNew MOVEit Transfer Critical Flaws Found After Security Audit, Patch Now
6/8/2023 June 9, 2023June 9, 2023 ~ The Cyber Beat ~ Leave a comment Espionage Attacks in North Africa Linked to “Stealth Soldier” BackdoorGoogle Changes Email Authentication After Spoof Shows a Bad Delivery for UPSRobot Can Rip the Data Out of Ram Chips With Chilling TechnologyMattel Experiments With ChatGPT in CybersecurityMicrosoft Brings OpenAI Tech to U.S. AgenciesThe Bizarre Reality of Getting Online in North KoreaInterpol: Human Trafficking is Fueling Fraud EpidemicClop Ransomware Likely Testing MOVEit Zero-Day Since 2021Culbertson Memorial Hospital (IL) Data Breach Affects Patients and EmployeesAsylum Ambuscade Hackers Mix Cybercrime With EspionageRoyal Ransomware Gang Adds BlackSuit Encryptor to Their ArsenalExperts Unveil Exploit for Recent Windows Vulnerability Under Active ExploitationKrebs: Barracuda Urges Replacing — Not Patching — Its Email Security Gateways
6/7/2023 June 7, 2023June 7, 2023 ~ The Cyber Beat ~ Leave a comment Russian Clop Ransomware Crew Sets June 14th Extortion Deadline for MOVEit Victims to Pay Up…Here’s How the Gang Did ItNorth Korean APT Group Kimsuky Expands Social Engineering TacticsLazarus Hackers Linked to the $35 Million Atomic Wallet HeistFederal Cyber Oversight of Critical Infrastructure is Failing, Report WarnsCISA and Partners Publish Guide For Remote Access Security10 Years After Snowden’s First Leak, What Have We Learned?Barracuda Says Hacked ESG Appliances Must Be Replaced ImmediatelyThe Bold Plan to Create Cyber 311 HotlinesFlorida Man Pleads Guilty to $100m Cisco Counterfeit SchemeHonda API Flaws Exposed Customer Data, Dealer Panels, Internal DocsJapanese Pharma Giant Eisai Working With Law Enforcement to Resolve Ransomware AttackAscension Reports Data Breach Due to Third Party Vendor VertexPacific Union College Acknowledges Ransomware Attack, but Denies Data BreachMasterCorp (TN) Files Notice of Data Breach Following CyberattackGateway First Bank (OK) Data Breach Following Unauthorized Access to Employee Email AccountsNew Fractureiser Malware Used CurseForge Minecraft Mods to Infect Windows, LinuxVMware Fixes Critical Vulnerabilities in vRealize Network Analytics ToolCisco Fixes AnyConnect Bug Giving Windows SYSTEM Privileges
6/6/2023 June 6, 2023June 6, 2023 ~ The Cyber Beat ~ Leave a comment Cyberspace Plays Key Role in Growing U.S.-China TensionU.S. Gov’t Now Bans TikTok From Contractors’ Work GearKrebs: Service Rents Email Addresses for Account SignupsNew ChatGPT Attack Technique Spreads Malicious PackagesKaspersky Releases Tool to Detect Zero-Click iOS AttacksWith iOS 17, Apple Lets You Share AirTags With Friends and FamilyApple Expands Its On-Device Nudity Detection to Combat CSAMFBI Warns of ‘Deepfakes’ in Sextortion Schemes1Password Launches Its Public Passkey BetaCyber Chiefs Seeking Board Seats Have Their Work Cut Out for ThemMalwarebytes May Not Be Allowed to Label Rival’s Application as ‘Potentially Unwanted’Microsoft Cops $20M Slap on the Wrist for Mishandling Kids’ Xbox DataPolice Use of PayPal Records Under Fire After Raid on ‘Cop City’ Protest Fund TrioVerizon DBIR: Social Engineering Breaches Double, Leading to Spiraling Ransomware CostsNew ‘PowerDrop’ PowerShell Malware Targets U.S. Aerospace IndustryOutlook.com Hit by Outages as Hacktivists Claim DDoS AttacksThe University of Rochester Breached From Vulnerability in File Transfer ServiceSouth Jersey Behavioral Health Resources Attacked with Possible Data BreachCriminal Group Strikes Montclair (NJ) with Cyber Attack, Mayor SaysCyclops Ransomware Gang Offers Go-Based Info Stealer to CybercriminalsOver 60,000 Android Apps Secretly Installed Adware for Past Six MonthsThree Vulnerabilities Discovered in Game Dev Tool RenderDocAndroid Security Update Fixes Mali GPU Flaw Exploited by SpywareZero-Day Alert: Google Issues Patch for New Chrome Vulnerability – Update Now!
6/5/2023 June 5, 2023June 5, 2023 ~ The Cyber Beat ~ 1 Comment Hacks Against Ukraine’s Emergency Response Rise During BombingsUkraine Hacks Russian TV With Video Trolling Moscow Over CounteroffensiveMicrosoft Says Clop Ransomware Gang Is Behind MOVEit Mass-Hacks, as First Victims Come Forward…British Airways, Boots, BBC Payroll Data Stolen in MOVEit Supply-Chain Attack…Clop Ransomware Claims Responsibility for MOVEit Extortion AttacksBrazilian Cybercriminals Using LOLBaS and CMD Scripts to Drain Bank AccountsNew Tool Scans iPhones for ‘Triangulation’ Malware InfectionKeePass v2.54 Fixes Bug That Leaked Cleartext Master PasswordThree Things To Do Before Hiring A Cybersecurity CompanyCaribbean Island of Martinique Dealing With Cyberattack That Disrupted Government ServicesGlobal Zipper Maker YKK Group Hit with LockBit BreachSuperVPN Data Breach Exposes 360M RecordsRansomHouse Ransomware Gang Reportedly Steals Data From Mission Community Hospital (CA)Satacom Malware Campaign Steals Crypto Via Stealthy Browser ExtensionSpinOk Android Malware Found in More Apps With 30 Million InstallsAlarming Surge in TrueBot Activity Revealed with New Delivery VectorsMagento, WooCommerce, WordPress, and Shopify Exploited in Web Skimmer AttackGIGABYTE Releases New Firmware to Fix Recently Disclosed Security Flaws
6/2-4/2023 June 4, 2023June 4, 2023 ~ The Cyber Beat ~ Leave a comment World’s Spy Chiefs Meet in Secret Conclave in SingaporeMalaysia Goes Its Own Huawei, Won’t Ban Chinese Vendor From 5G NetworkChinese Phishing Gang “PostalFurious” Expands CampaignU.S. and Korean Agencies Issue Warning on North Korean Cyber-AttacksKimsuky (APT43) Hackers Pose as Journalists to Steal IntelHow AI Protects (and Attacks) Your InboxMalicious Chrome Extensions With 75M Installs Removed From Web StoreThe Messy U.S. Influence That’s Helping Iranians Stay OnlineUncle Sam Wants DEF CON Hackers to Pwn This Moonlighter Satellite in SpaceCybersecurity Risks and Privacy Rules Add Pressure on Boards4 Areas of Cyber Risk That Boards Need to Immediately AddressWant Sustainable Security? Find Middle Ground Between Tech & EducationBurton Snowboards Discloses Data Breach After February AttackAtomic Wallet Hacks Lead To Over $35 Million in Crypto StolenSpanish Bank Globalcaja Confirms Ransomware AttackShasta Community Health Center (CA) Patients Impacted by Alvaria Data BreachEisner Health (CA) Patients’ Info Leaked at Nonstop Administration and Insurance ServicesCamaro Dragon Strikes with New TinyNote Backdoor for Intelligence GatheringNew Linux Ransomware Strain BlackSuit Shows Striking Similarities to RoyalHackers Hijack Legitimate Sites to Host Credit Card Stealer ScriptsOnline Sellers Targeted by New Information-Stealing Malware ‘Vidar’ CampaignZyxel Shares Tips on Protecting Firewalls From Ongoing AttacksWindows 11 to Require SMB Signing to Prevent NTLM Relay AttacksCISA Orders Gov’t Agencies to Patch MOVEit Bug Used for Data Theft
6/1/2023 June 1, 2023June 1, 2023 ~ The Cyber Beat ~ Leave a comment Kaspersky Says Attackers Hacked Staff iPhones With Unknown Malware…New Zero-Click Hack Targets iOS Users with Stealthy Root-Privilege Malware…Kremlin Claims Apple Helped NSA Spy on Diplomats via iPhone BackdoorN. Korean ScarCruft Hackers Exploit LNK Files to Spread RokRATKrebs: Ask Fitis, the Bear: Real Crooks Sign Their MalwareCybersecurity Budgets Aren’t UntouchableWalmart Finds AI—With Human Control—Is Useful for CybersecurityOpenAI Found a Way to Make AI Models More Logical and Avoid HallucinationsGoogle Triples Rewards for Chrome Sandbox Escape Chain ExploitsHow to Keep Cyberattacks from Tanking Your Balance SheetHorabot Campaign Targets Spanish-Speaking Users in the AmericasHarvard Pilgrim Health Care Ransomware Attack Hits 2.5 Million PeopleUniversity of Waterloo (ON) Investigates Suspected Ransomware Attack on Email ServerMiddlesex County Public Schools (VA) Confirms Ransomware AttackHillsborough (FL) Confirms a Cyberattack Exposed the Personal Info for 58,000 VotersEvasive QBot Malware Leverages Short-lived Residential IPs for Dynamic AttacksImproved BlackCat Ransomware Strikes with Lightning Speed and Stealthy TacticsNew MOVEit Transfer Zero-Day Mass-Exploited in Data Theft AttacksExploit Released for RCE Flaw in Popular ReportLab PDF Library