7/31/2023 July 31, 2023July 31, 2023 ~ The Cyber Beat ~ Leave a comment Biden Announces National Cyber Workforce and Education StrategyAPT31 (aka Judgment Panda and Zirconium) Implants Target Industrial OrganizationsUK Military Embraces Security by DesignNo Evidence Ransomware Victims With Cyber Insurance Pay Up More Often, UK Report SaysHackers Steal Signal, WhatsApp User Data With Fake Android Chat AppCanon Warns of Wi-Fi Security Risks When Discarding Inkjet PrintersHikvision, Nvidia Named in Contract for ‘Uyghur Detection’California Opens Privacy Probe Into Who Controls, Shares the Data Your Car Is CollectingU.S. Chamber of Commerce Opposes New SEC Cybersecurity Reporting RuleMattress Giant Tempur Sealy Hit With Cyberattack Forcing System ShutdownParamedic Billing Services Provides Notice of Data Breach Affecting Patient SSNs and PHIMendocino County (CA) Office of Education Announces Possible Ransomware Attack or Data HackSpyNote Android Spyware Strikes Financial InstitutionsFruity Trojan Uses Deceptive Software Installers to Spread Remcos RATHackers Exploit BleedingPipe RCE to Target Minecraft Servers, PlayersNew P2PInfect Worm Targets Redis Servers with Undocumented Breach MethodsAVRecon Botnet Leveraging Compromised Routers to Fuel Illegal Proxy ServiceIt’s Hot Zero-Day Summer for Apple, Google, and Microsoft Security Fixes
7/28-30/2023 July 30, 2023July 30, 2023 ~ The Cyber Beat ~ Leave a comment U.S. Hunts Chinese Malware That Could Disrupt American Military OperationsRussian BlueBravo Deploys GraphicalProton Backdoor Against European Diplomatic EntitiesAustralia and U.S. Issue Warning About Web App ThreatsNew Malvertising Campaign Distributing Trojanized IT Tools via Google and Bing Search AdsNew Study Reveals Forged Certificate Attack RisksGoogle: Android Patch Gap Makes N-Days as Dangerous as Zero-DaysAnother AI Pitfall: Digital Mirroring Opens New Cyberattack VectorApple Sets New Rules for Developers to Prevent Fingerprinting and Data MisuseBrowser Developers Push Back on Google’s “web DRM” WEI APIFBI Boss: Congress Must Renew Section 702 Spy Powers – That’s How We Get Nearly All Our Cyber IntelTwitter’s Rebranding to ‘X’ Triggers Microsoft Edge Security AlertIsrael’s largest Oil Refinery Bazan Group Website Offline After DDoS AttackHawai’i Community College Pays Ransomware Gang to Prevent Data LeakExposed Sensitive Info on Students, Parents, and Teachers From Southern Association of Independent SchoolsWake Family Eye Care (NC) Experiences Ransomware Attack and Subsequent Data BreachHackers Are Infecting Call of Duty Players With a Self-Spreading MalwareNew Android Malware CherryBlos Utilizing OCR to Steal Sensitive DataIcedID Malware Adapts and Expands Threat with Updated BackConnect ModuleLinux Version of Abyss Locker Ransomware Targets VMware ESXi ServersMajor Security Flaw Discovered in Metabase BI Software – Urgent Update RequiredIvanti Warns of Another Endpoint Manager Mobile Vulnerability Under Active Attack
7/27/2023 July 27, 2023July 27, 2023 ~ The Cyber Beat ~ Leave a comment Microsoft Responsible for China’s U.S. Government Email Hack, Senator Wyden Says…Microsoft Faces Mounting Scrutiny Over China-Linked Email HackCoinsPaid Blames Lazarus Hackers for Theft of $37,300,000 in Crypto“Mysterious Elephant” Emerges, Kaspersky ReportsU.S. Spies Are Lobbying Congress to Save a Phone Surveillance ‘Loophole’Cyber Experience on Boards Still Seen as Critical in New SEC Rules…Requires All Cyber-Incident Disclosures Within Four DaysKrebs: Russia Sends Cybersecurity CEO Iyla Sachkov to Jail for 14 YearsSSNDOB Cybercrime Market Admin Faces 15 Years After Pleading GuiltyOpenAI, Microsoft, Google and Anthropic Form Body to Regulate AIAnonymous Sudan Targets Kenya’s Online Services in Multiple DDoS AttacksHealthcare Files of 8M-Plus People Fall Into Hands of Clop via MOVEit Mega-BugUniversity of the West of Scotland Targeted in Ransomware Attack by Rhysida GangSwiss Visa Appointments Cancelled in UK Due to ‘IT Incident’Security Incident Impacts CardioComm’s OperationsFamily Vision (SC) Hit By Ransomware, Over 60K Patients AffectedHackers Target Apache Tomcat Servers for Mirai Botnet and Crypto MiningHigh Severity Vulnerabilities Discovered in Ninja Forms PluginZimbra Patches Zero-Day Vulnerability Exploited in XSS AttacksBreachForums Database and Private Chats for Sale in Hacker Data Breach
7/26/2023 July 26, 2023July 26, 2023 ~ The Cyber Beat ~ Leave a comment China Says Wuhan Earthquake Centre Attacked by Overseas HackersRepeatable VEC Attacks Target Critical InfrastructureKrebs: Who and What is Behind the Malware Proxy Service SocksEscort?ALPHV Ransomware Adds Data Leak API in New Extortion StrategyTwitter Scammers Stole $1,000 From My Friend—So I Hunted Them DownMicrosoft Previews Defender for IoT Firmware Analysis ServiceRussia Throws Founder of Infosec Biz Group-IB Ilya Sachkov in the Clink for 14 Years for TreasonTackling the Labor Shortage in CybersecurityU.S. SEC Adopts New Cyber Rule, Unveils Brokerage AI ProposalCyber Attack in South England Leaves Hospitals Without Access to Patient RecordsLazarus Hackers Linked to $60 Million Alphapo Cryptocurrency HeistFenix Cybercrime Group Poses as Tax Authorities to Target Latin American UsersDark Web Markets Offer New FraudGPT AI ToolNew Nitrogen Malware Pushed via Google Ads for Ransomware AttacksAkira Ransomware Compromised at Least 63 Victims Since MarchAlmost 40% Of Ubuntu Users Vulnerable to New Privilege Elevation FlawsWindows 10 KB5028244 Update Released with 19 Fixes, Improved Security
7/25/2023 July 25, 2023July 25, 2023 ~ The Cyber Beat ~ Leave a comment Biden Nominates Harry Coker to Be National Cyber DirectorCritical Infrastructure Companies Warned to Watch for Ongoing CyberattackHacker Claims to Have Stolen Sensitive Medical Records from Egypt’s Ministry of HealthTETRA Radio Comms Used by Emergency Heroes Easily Cracked, Say ExpertsChatGPT Has a Plug-In ProblemUK Government Report Finds Cybersecurity Skills Gap StagnantHe Went to Prison for Crypto Crime: Now He’s an Advocate for ComplianceFrance’s Thales to Buy Imperva in $3.6 Billion Cybersecurity DealIBM: Cost of Data Breaches Reaches All-Time High of $4.5 Million in 2023Law Firm Must Hand Over Names of Some Clients Affected by 2020 Cyberattack, Judge SaysSiegedSec Hacktivist Claims to Strike NATO and Leak Sensitive DocsAmerican United Life Insurance Company Confirmed Data Breach Leaked Consumers’ SSNsOver 400,000 Corporate Credentials Stolen by Info-Stealing MalwareDecoy Dog Malware Upgraded to Include New FeaturesCasbaneiro Banking Malware Goes Under the Radar with UAC Bypass TechniqueNew Realst macOS Malware Steals Your Cryptocurrency WalletsAtlassian Releases Patches for Critical Flaws in Confluence and BambooVMware Fixes Bug Exposing CF API Admin Credentials in Audit LogsSuper Admin Elevation Bug Puts 900,000 MikroTik Devices at RiskCISA Warns Gov’t Agencies to Patch Ivanti Bug Exploited in Attacks
7/24/2023 July 24, 2023July 24, 2023 ~ The Cyber Beat ~ Leave a comment China Propaganda Spreads via US News Sites, Freelancers, Times SquareCyber-Attack Strikes Norwegian Government MinistriesLazarus Hackers Hijack Microsoft IIS Servers to Spread MalwareJumpCloud Hack Linked to North Korea After OPSEC MistakeClop Could Make $100m From MOVEit CampaignCode Kept Secret for Years Reveals Its Flaw—a BackdoorFlipper Zero Now Has Its Own App Store for iOS, Android UsersA Critical Cybersecurity Backup Plan That Too Many Companies Are IgnoringGoogle Half-Patches Cloud Build Permissions Exploit, the Rest Is on YouQuinn Emanuel Reports Cyber Attack Involving ‘Limited’ Client DataTampa General Hospital Data Breach Impacts 1.2 Million PatientsYamaha Confirms Cyberattack After Multiple Ransomware Gangs Claim AttacksItalian Asset Manager Azimut Targeted by BlackCat HackersCritical Zero-Days in Atera Windows Installers Expose Users to Privilege Escalation AttacksNew OpenSSH Vulnerability Exposes Linux Systems to Remote Command InjectionAMD Zenbleed Chip Bug Leaks Secrets Fast and EasyIvanti Patches MobileIron Zero-day Bug Exploited in AttacksApple Fixes New Zero-Day Used in Attacks Against iPhones, Macs
7/21-23/2023 July 23, 2023July 24, 2023 ~ The Cyber Beat ~ Leave a comment The Chinese Groups Accused of Hacking the U.S. and Others: STORM-0558, VOLT TYPHOON, BACKDOORDIPLOMACY, APT41, APT27Stolen Microsoft Key May Have Opened up a Lot More Than U.S. Gov’t Email InboxesU.S. DoJ Announces Plan to Shakeup Cybercrime InvestigationsOpenAI, Google, Others Pledge to Watermark AI Content for Safety, White House SaysApple Threatens to Pull iMessage and FaceTime from UK Amid Surveillance DemandsKrebs: Few Fortune 100 Firms List Security Pros in Their Executive RanksBanks In Attackers’ Crosshairs, Via Open Source Software Supply ChainRussian Prosecutor Asks for 18 Years in Jail for Group-IB Founder Ilya SachkovCrypto Couple ‘Razzlekhan’ & Husband Appear Set to Plead Guilty in Bitcoin Hack Money Laundering CaseClop Now Leaks Data Stolen in MOVEit Attacks on Clearweb SitesClop Gang to Earn Over $75 Million From MOVEit Extortion AttacksInvestigation Into Louisiana OMV Cyber Attack Discovers Much More Personal Information Was ExposedRansomware Attack on George County (MS) a ‘Cautionary Tale’The Franklin Mutual Insurance Group (NJ) Notifies Victims of Recent Data Breach Following An Earlier Ransomware AttackHotRat: New Variant of AsyncRAT Malware Spreading Through Pirated SoftwareSophisticated BundleBot Malware Disguised as Google AI Chatbot and UtilitiesCitrix NetScaler ADC and Gateway Devices Under Attack: CISA Urges Immediate ActionCISA Warns Gov’t Agencies to Patch Adobe ColdFusion ServersCVSS 4.0 Is Here, but Prioritizing Patches Still a Hard Problem
7/20/2023 July 20, 2023July 20, 2023 ~ The Cyber Beat ~ Leave a comment U.S. Ambassador to China Hacked in China-Linked Spying OperationTurla’s New DeliveryCheck Backdoor Breaches Ukrainian Defense SectorNorth Korea Labyrinth Chollima (aka Lazarus) Breached JumpCloud to Target Cryptocurrency ClientsGitHub Warns of Lazarus Hackers Targeting Devs With Malicious ProjectsAI Being Used for Hacking and Misinformation, Top Canadian Cyber Official SaysHalf of AI Open Source Projects Reference Buggy PackagesSatellites Are Rife With Basic Security FlawsNSA, Cyber Command Nominee Touts Support of Section 702 RenewalGoogle Messages Signs Onto Cross-Platform Encrypted Group Chat StandardKevin Mitnick, Formerly the World’s ‘Most-Wanted’ Hacker, Has Passed AwayMOVEit Body Count Closes in on 400 Orgs, 20M+ IndividualsEight Steps To Negotiating With Ransomware HackersOld Roblox Data Leak Resurfaces, 4000 Users’ Personal Information ExposedCharter Oak (CT) Bank Website Back Online After Cyber AttackLancaster Orthopedic Group (PA) Breach Exposes More Than 500 Patients’ Personal, Medical InfoMallox Ransomware Exploits Weak MS-SQL Servers to Breach NetworksZyxel Vulnerability Exploited by DDoS Botnets on Linux SystemsApache OpenMeetings Web Conferencing Tool Exposed to Critical VulnerabilitiesCritical Flaws in AMI MegaRAC BMC Software Expose Servers to Remote AttacksShould You Be Using a Cybersecurity Careers Framework?
7/19/2023 July 19, 2023July 19, 2023 ~ The Cyber Beat ~ Leave a comment Chinese APT41 Linked to WyrmSpy and DragonEgg SurveillancewareUK NCA: Nation States Using Cybercrime Groups as ProxiesHouse Committee Takes Aim at U.S. Venture Capital Firms for Investments in Chinese A.I.Crypto Industry Faces New Pressure From Anti-Money Laundering RegulationsCritical API Security Gaps Found in Financial ServicesScam Job Offers Target University StudentsGoogle Restricting Internet Access to Some Employees to Reduce Cyberattack RiskMicrosoft to Offer Some Free Security Products After CriticismCISA and NSA Issue New Guidance to Strengthen 5G Network Slicing Against ThreatsTech Support Scammers Go Analog, Ask Victims to Mail Bundles of CashThe NYPD Is Testing Drones That Broadcast Public Safety Warnings During EmergenciesUkraine Takes Down Massive Bot Farm, Seizes 150,000 Sim CardsVictims of Cyberattack on MOVEit File-Transfer Tool Pile UpEstee Lauder Hit by Cyberattack, Some Business Operations Affected…BlackCat, Clop Claim Australia’s Fortescue Hit by Cyber Attack That Disclosed Some Network DataTampa General Hospital Reports Data BreachPhoenician Medical Center, (AZ) Notifies 162,500 Patients of Recent Data BreachOpenAI Credentials Stolen by the Thousands for Sale on the Dark WebHome Depot Cashier Fired After Exposing Customer Info While Doing Viral NPC TrendP2P Self-Replicating Cloud Worm Targets RedisMicrosoft: Hackers Turn Exchange Servers Into Malware Control CentersAdobe Emergency Patch Fixes New ColdFusion Zero-Day Used in AttacksAttorneys on Alert for Cybersecurity Threats: New York’s New CLE Training Requirement
7/18/2023 July 18, 2023July 18, 2023 ~ The Cyber Beat ~ Leave a comment As Many As 700,000 Turkish TikTok Accounts Were Hacked Before The Country’s Presidential ElectionMajor Government Hack a Wake-up Call for AgenciesThe Biden Administration Is Tackling Smart Devices With a New Cybersecurity LabelCISA Orders Gov’t Agencies to Mitigate Windows and Office Zero-DaysAI Must Have Better Security, Says Top UK Cyber OfficialAmazon’s In-Van Surveillance Footage of Delivery Drivers Is Leaking OnlineKrebs: LeakedSource Owner Quit Ashley Madison a Month Before 2015 HackRival U.S. Lawmakers Mobilize to Stop Police From Buying Phone DataU.S. Blacklists Intellexa and Cytrox That Built Meta, iOS and Android SpywareNetcraft Raises $100 Million From Spectrum EquityRecycling Giant TOMRA Pulls Systems Offline Following ‘Extensive Cyberattack’VirusTotal Data Leak Affects 5K+ UsersRussian Medical Lab Helix Suspends Some Services After Ransomware AttackPotential Data Breach Could Impact Concealed Carry Permit Holders in a Custer County (CO)Cybersecurity Firm Sophos Impersonated by New SophosEncrypt RansomwaredrIBAN Fraud Operations Target Corporate Banking CustomersFIN8 Group Using Modified Sardonic Backdoor for BlackCat Ransomware AttacksNew Critical Citrix ADC and Gateway Flaw Exploited as Zero-DayGoogle Cloud Build Bug Lets Hackers Launch Supply Chain Attacks
7/17/2023 July 17, 2023July 17, 2023 ~ The Cyber Beat ~ Leave a comment ‘Millions’ of Sensitive U.S. Military Emails Were Reportedly Sent to Mali Due to a TypoEU Urged to Prepare for Quantum Cyber-AttacksJumpCloud Discloses Breach by State-Backed APT Hacking GroupMeet NoEscape: Avaddon Ransomware Gang’s Likely SuccessorActing White House Cyber Director Kemba Walden Withdraws NominationHealth Tech Vendor NextGen Healthcare to Pay $31m After Kickback AllegationsIT Worker Jailed for Impersonating Ransomware Gang to Extort EmployerRussian Charged with Tech Smuggling and Money LaunderingPolice Arrests Ukrainian Scareware Developer After 10-Year HuntSorillus RAT and Phishing Attacks Exploit Google Firebase HostingMalicious USB Drives Targeting Global Targets with SOGU and SNOWYDRIVE MalwareHackers Exploit WebAPK to Deceive Android Users into Installing Malicious AppsHenry Ford Health Confirms Data Breach Affecting 168,000 PatientsIdea Financial Files Notice of Data Breach Impacting Over 37k ConsumersThe Accreditation Commission for Education in Nursing Data Breach Affects 11,980Adobe Warns of Critical ColdFusion RCE Bug Exploited in AttacksHackers Exploiting Critical WordPress WooCommerce Payments BugCISA Shares Free Tools to Help Secure Data in the Cloud
7/14-16/2023 July 17, 2023July 17, 2023 ~ The Cyber Beat ~ Leave a comment Microsoft Says Chinese Hackers Used Code Flaw to Steal Emails From U.S. AgenciesChinese APT Favorite Backdoor Shadowpad Found in Pakistani Government AppXi Jinping Calls for ‘Solid’ Security Barrier Around China’s InternetEV Charging Networks Prepare for CyberattacksKrebs: SEO Expert Hired and Fired By Ashley Madison Turned on Company, Promising RevengeNude Videos of Kids From Hacked Baby Monitors Were Sold on TelegramFBI Surveillance Fears Are Uniting a Badly Broken CongressLapsus$ Teen Hacked Uber, Revolut and Grand Theft Auto Maker, London Court HearsBreachForums Owner Pompompurin Pleads Guilty to Hacking ChargesGenesis Market Infrastructure and Inventory Sold on Hacker ForumLondon Mayor’s Office Breach: Sexual Abuse Survivor Personal Information May Have Been Accessible OnlineColorado State University Says Data Breach Impacts Students, StaffShutterfly Says Clop Ransomware Attack Did Not Impact Customer DataThe Discovery Channel and Shutterfly Among Cl0p’s Latest MOVEit Transfer Ransomware VictimsWordPress AIOS Plugin Used by 1M Sites Logged Plaintext PasswordsThousands of Images on Docker Hub Leak Auth Secrets, Private KeysGamaredon Hackers Start Stealing Data 30 Minutes After a BreachLokiBot Malware Targets Windows Users in Office Document AttacksTeamTNT’s Cloud Credential Stealing Campaign Now Targets Azure and Google CloudNew SOHO Router Botnet AVrecon Spreads to 70,000 Devices Across 20 CountriesCisco SD-WAN vManage Impacted by Unauthenticated REST API AccessTraining’s New Understanding
7/13/2023 July 13, 2023July 13, 2023 ~ The Cyber Beat ~ Leave a comment Microsoft Under Fire After Hacks of U.S. State and Commerce Departments…Blinken Warns Chinese CounterpartMandiant Unveils Russian GRU’s Cyber Playbook Against UkraineWhite House Outlines ‘Roadmap’ for Cybersecurity GoalsFake PoC for Linux Kernel Vulnerability on GitHub Exposes Researchers to MalwareUSB Drive Malware Attacks Spiking Again in First Half of 2023New CVSS Version Unveiled Amid Rising Cyber ThreatsGoogle Play Will Enforce Business Checks to Curb Malware SubmissionsCelsius Feels the Heat: Ex-CEO Arrested, Watchdogs Line Up to Sue Bankrupt Crypto BizPicassoLoader Malware Used in Ongoing Attacks on Ukraine and PolandTeamTNT’s Silentbob Botnet Infecting 196 Hosts in Cloud Attack CampaignSource Code for BlackLotus Windows UEFI Malware Leaked on GitHubMorehead State University (KY) Hit by Cyber-AttackWormGPT Cybercrime Tool Heralds an Era of AI Malware vs. AI DefensesRockwell Automation ControlLogix Bugs Expose Industrial Systems to Remote AttacksSecurity Flaws in Honeywell Devices Could Be Used to Disrupt Critical IndustriesZimbra Urges Admins to Manually Fix Zero-Day Exploited in Attacks
7/12/2023 July 12, 2023July 12, 2023 ~ The Cyber Beat ~ Leave a comment China-Based Hackers Breached U.S. Government Email Accounts, Microsoft and White House Say…How a Cloud Flaw Gave Chinese Spies a Key to Microsoft’s KingdomChinese Hackers Deploy Microsoft-Signed Rootkit to Target Gaming SectorRussian Hackers Lured Diplomats in Ukraine With Cheap BMW AdEthical Hackers Reveal How They Use Generative AIRansomware Attacks Are on the Rise, AgainRansomware, From a Different PerspectiveBiden Administration Water Cybersecurity Plan Temporarily BlockedKent County (DE) Struggling to Respond to CyberattackTown of Cornelius (NC) Found Attempted Ransomware AttackNew PyLoose Linux Malware Mines Crypto Directly From MemoryCritical RCE Found in Popular Ghostscript Open-Source PDF LibraryFortinet Warns of Critical RCE Flaw in FortiOS, FortiProxy DevicesSonicWall Warns Admins to Patch Global Management System Critical Auth Bypass Bugs ImmediatelyKrebs: Apple & Microsoft Patch Tuesday, July 2023 EditionGitHub Goes Passwordless, Announces Passkeys Beta Preview
7/11/2023 July 11, 2023July 11, 2023 ~ The Cyber Beat ~ Leave a comment South Korea, NATO to Boost Partnership on Security, Cyber ThreatsMicrosoft: Unpatched Office Zero-Day Exploited in NATO Summit AttacksLithuania Hit by Cyberattacks on NATO Summit EveBanks, Hotels and Hospitals Among Latest MOVEit Mass-Hack VictimsClop Ransomware: Behind MOVEit Lies a Loud, Adaptable and Persistent Threat GroupThe FCC Aims to Stop Sim Swappers With New RulesMoroccan Charged With OpenSea NFT and Crypto TheftCybersecurity Professional Accused of Stealing $9M in CryptoTop Silk Road Advisor ‘Variety Jones’ Sentenced to 20 Years in PrisonDeutsche Bank Confirms Provider Breach Exposed Customer DataHCA Confirms Breach After Hacker Steals Data of 11 Million PatientsZooTampa Hit by Cyber Attack, Target UnclearD’Youville University (NY) Data Breach Leaks Student’s Social Security NumbersSCARLETEEL Cryptojacking Campaign Exploiting AWS Fargate in Ongoing CampaignHackers Exploit Windows Policy Loophole to Forge Kernel-Mode Driver SignaturesApple Confirms WebKit Security Updates Break Browsing on Some SitesHow to Apply MITRE ATT&CK to Your OrganizationCyberattacks Are a War We’ll Never Win, but We Can Defend Ourselves
7/10/2023 July 10, 2023July 10, 2023 ~ The Cyber Beat ~ Leave a comment RomCom Group Targets Ukraine Supporters Ahead of NATO SummitCrimeware Group Asylum Ambuscade Ventures Into Cyber-EspionageCentral Bankers Develop Framework For Securing Digital CurrenciesSocial Networks Can Keep Storing EU User Data in the U.S. Under New AgreementU.S. Seeking to Block Curbs on Government Contact With Social Media FirmsThe Quiet Rise of Real-Time Crime CentersLiberté, Égalité, Spyware: France Okays Cops Snooping on PhonesHoneywell to Buy Israeli Cybersecurity Business ScadafenceIn Private Equity Crackdown, DOJ May Challenge Thoma Bravo’s Acquisition of ForgeRockFormer Employee Charged for Attacking Water Treatment PlantMartin Lewis Shocked at Deepfake Investment Scam AdAmazon Prime Day Always Draws Out the Cyber ScammersCl0p Has Yet to Deploy Ransomware While Exploiting MOVEit Zero-DayUK Battles Hacking Wave as BlackCat Ransomware Gang Claims ‘Biggest Ever’ NHS BreachHCA Healthcare Patient Data Stolen and for Sale by HackersHackers Steal $20 Million by Exploiting Flaw in Revolut’s Payment SystemsRazer Investigates Data Breach Claims, Resets User SessionsBangladesh Government Takes Down Exposed Citizens’ DataHayward (CA) City Website Down After Weekend Cyber AttackArchive of Our Own (AO3) Website Suffering Massive DDoS AttacksGates Corporation (CO) Hit by RansomwareEmployees of Ambry Genetics and REALM IDx Affected by Vitality Group International BreachNew TOITOIN Banking Trojan Targeting Latin American BusinessesVMware Warns of Exploit Available for Critical vRealize RCE BugApple Releases Emergency Update to Fix Zero-Day Exploited in AttacksNew Mozilla Feature Blocks Risky Add-Ons on Specific Websites to Safeguard User Security
7/7-9/2023 July 9, 2023July 9, 2023 ~ The Cyber Beat ~ Leave a comment Krebs: Top Suspect in 2015 Ashley Madison Hack Committed Suicide in 2014Vishing Goes High-Tech: New ‘Letscall’ Malware Employs Voice Traffic RoutingExperts Warn of Rise in Scammers Using AI to Mimic Voices of Loved Ones in DistressHow to Safely Architect AI in Your Cybersecurity ProgramsBarracuda Working On Fix for Ongoing Email Gateway Login IssuesMore Than 42,000 Affected by Ransomware Attack on Pro Bono The Law Foundation of Silicon ValleyNIH Federal Credit Union Notifies 14,706 Members of Data BreachBlackByte 2.0 Ransomware: Infiltrate, Encrypt, and Extort in Just 5 DaysNew ‘Big Head’ Ransomware Displays Fake Windows Update AlertAnother Critical Unauthenticated SQLi Flaw Discovered in MOVEit Transfer Software
7/6/2023 July 6, 2023July 6, 2023 ~ The Cyber Beat ~ Leave a comment Apps With 1.5M Installs on Google Play Send Your Data to ChinaIranian TA453 Hackers’ Sophisticated Malware Targets Windows and macOS UsersMore Organizations Confirm MOVEit-Related Breaches as Hackers Claim to Publish Stolen DataNagoya Port Reopens Following Crippling Cyber AttackCombining Cybersecurity and Tech Roles Helps Solve Security Challenges for Smaller CompaniesSilentbob Campaign: Cloud-Native Environments Under AttackHuman Error the Leading Cause of Cloud Data BreachesGoogle Searches for ‘USPS Package Tracking’ Lead to Banking TheftMicrosoft Puts Out Outlook Fire, Says ‘Everything’s Fine’ With Teams Malware FlawMastodon Fixes Critical “TootRoot” Vulnerability Allowing Node HijackingOngoing Incident Prompts JumpCloud to Reset API KeysOver 130,000 Solar Energy Monitoring Systems Exposed Online24,180 Patient Records Potentially Exposed in Mount Desert Island Hospital (ME) Data BreachNickelodeon Investigates Breach After Leak of ‘Decades Old’ DataExperts Warn of Impending TeamTNT Docker AttacksCISA: Netwrix Auditor RCE Bug Exploited in Truebot Malware AttacksCisco Enterprise Switch Flaw Exposes Encrypted TrafficUnpatched SolarView Systems Vulnerable to ExploitsResearchers Uncover New Linux Kernel ‘StackRot’ Privilege Escalation VulnerabilityAndroid July Security Updates Fix Three Actively Exploited Bugs
7/5/2023 July 5, 2023July 5, 2023 ~ The Cyber Beat ~ Leave a comment U.S. Spies Can Buy Americans’ Private Data: Congress Has a Chance to Stop ItEV Charger Hacking Poses a ‘Catastrophic’ Risk3 Critical RCE Bugs Threaten Industrial Solar Panels, Endangering Grid SystemsRansomware Criminals Are Dumping Kids’ Private Files Online After School HacksSophisticated Email Attacks Target Cryptocurrency WalletsAura Sells Cybersecurity to Regular PeopleSuspected Bank-Infecting OPERA1ER Crime Boss CuffedInstagram’s Twitter Alternative ‘Threads’ Launch Halted in Europe Over Privacy ConcernsJapan’s Nagoya Port Faces Disruption After Ransomware AttackRussian Railway Site RZD Allegedly Taken Down by Ukrainian HackersRedEnergy Stealer-as-a-Ransomware Threat Targeting Energy and Telecom SectorsNode.js Users Beware: Manifest Confusion Attack Opens Door to MalwareNew Tool Exploits Microsoft Teams Bug to Send Malware to UsersRAM-Ramming Rowhammer Is Back – To Uniquely Fingerprint DevicesHigh-Severity Flaws Fixed in Firefox 115 Update
7/3-4/2023 July 4, 2023July 4, 2023 ~ The Cyber Beat ~ Leave a comment U.S. Looks to Restrict China’s Access to Cloud Computing to Protect Advanced TechnologyEU and Japan Look to Partner on A.I. And Chips as China ‘De-risking’ Strategy ContinuesChinese Threat Actors Target Europe in SmugX CampaignU.S. Judge Restricts Biden Officials From Contact With Social Media FirmsSwedish Data Protection Authority Warns Companies Against Google Analytics UseMicrosoft Denies Major 30 Million Customer-BreachReport Reveals Companies Unprepared For Darknet Data LeaksBiotech CEO Gets Hands-On After Cyberattack to Protect BusinessKrebs: Who’s Behind the DomainNetworks Snail Mail Scam?International Police Operation Dismantles Phone Scam NetworkDDoSia Attack Tool Evolves with Encryption, Targeting Multiple SectorsIsrael Aided UAE in Defending Against DDoS Attack Earlier This YearDublin Airport Staff Pay Data ‘Compromised’ by CriminalsNebraska Judicial Branch Reports No Loss of Data in HackMurfreesboro Medical Clinic & SurgiCenter (TN) Ransomware Attack Affect 559,000Meduza Stealer Targets Windows Users With Advanced TacticsMexican Hacker ‘Neo_Net’ Unleashes Android Malware on Global Banks330,000 FortiGate Firewalls Still Unpatched to CVE-2023-27997 RCE FlawCISA Flags 8 Actively Exploited Flaws in Samsung and D-Link Devices
6/30-7/2/2023 July 3, 2023July 3, 2023 ~ The Cyber Beat ~ Leave a comment Switzerland’s Security Report: Impact of Russia–Ukraine ConflictCISA Issues DDoS Warning After Attacks Hit Multiple U.S. OrgsThe TSA Will Use Facial Recognition in Over 400 AirportsSam Altman’s Worldcoin Integrates With Identity Management Software Okta as It Pushes Into GermanyKrebs: Russian Cybersecurity Executive Nikita Kislitsin Arrested for Alleged Role in 2012 MegahacksFree Akira Ransomware Decryptor Helps Recover Your FilesSnappy: A Tool to Detect Rogue WiFi Access Points on Open NetworksWhatsApp Upgrades Proxy Feature Against Internet ShutdownsTwitter’s Bot Spam Keeps Getting Worse — It’s About Porn This TimeCops Told: Er, No, You Need a Wiretap Order if You Want Real-Time Facebook SnoopingChipmaker TSMC Says Supplier Targeted in Cyberattack…LockBit Claims TSMC Hack, Demands $70m Ransom…TSCM Denies LockBit Hack as Ransomware Gang Demands $70 MillionDeFi Platform Poly Network Hacked, Hackers Issue Millions of Tokens on Metis, Polygon and BSCHenrietta Johnson Medical Center (DE) Notifies Patients of Data Breach, Potential ExposureRansomware Attack Hits Lebanon School District (NH)BlackCat Ransomware Pushes Cobalt Strike via WinSCP Search AdsCybercriminals Hijacking Vulnerable SSH Servers in New Proxyjacking CampaignHackers Exploiting Unpatched WordPress Plugin Flaw to Create Secret Admin AccountsApple, Google, and MOVEit Just Patched Serious Security Flaws