8/31/2023 August 31, 2023August 31, 2023 ~ The Cyber Beat ~ Leave a comment Russian APT Intensifies Cyber Espionage Activities Amid Ukrainian Counter-OffensiveRussia’s GRU Blamed for Infamous Chisel Malware Targeting Ukraine’s Military PhonesFacebook Accounts Targeted by Vietnamese Threat GroupsNew Research Exposes Airbnb as Breeding Ground For CybercrimeFree Key Group Ransomware Decryptor Helps Victims Recover DataUK Cyber Agency Warns of Potentially Fundamental Flaw in AI TechnologyVoice Deepfakes Are Coming for Your Bank BalanceIBM Promised to Back Off Facial Recognition — Then It Signed a $69.8 Million Contract to Provide ItApple’s Decision to Kill Its CSAM Photo-Scanning Tool Sparks Fresh ControversyX Wants Permission to Start Collecting Your Biometric Data and Employment HistoryCybersecurity Firms Crowdstrike, Okta Shares Jump After Better-Than-Expected EarningsNorth Korean Hackers Deploy New Malicious Python Packages in PyPI RepositoryEarth Estries’ Espionage Campaign Targets Governments and Tech Titans Across ContinentsParamount Discloses Data Breach Following Security IncidentForever 21 Data Breach: Hackers Accessed Info of 500,000Sourcegraph Website Breached Using Leaked Admin Access TokenLogicMonitor Customers Hacked in Reported Ransomware AttacksChambersburg Area School District (PA) Announces Hit by Recent Ransomware AttackGaston College (NC) Reveals Scope of Ransomware AttackClassiscam Spreads: $64.5M Scheme Targets 79 CountriesSapphireStealer Malware: A Gateway to Espionage and Ransomware OperationsGoogle Fixes Serious Security Flaws in Chrome and Android
8/30/2023 August 30, 2023August 30, 2023 ~ The Cyber Beat ~ Leave a comment Chinese APT Group GREF Use BadBazaar in Android EspionageRussians Impersonate Washington Post and Fox News With Anti-Ukraine StoriesBritish Officials Say AI Chatbots Could Carry Cyber RisksI Tracked an NYC Subway Rider’s Movements with an MTA ‘Feature’Unmasking Trickbot, One of the World’s Top Cybercrime GangsKrebs: U.S. Hacks QakBot, Quietly Removes Botnet InfectionsCybersecurity Enters Conversation About Executive PayMicrosoft Angry Over Russian-Led UN Cybercrime Treaty Proposal That Could Target Non-CriminalsApple Opens 2024 Applications to Get ‘Security Research’ iPhonesDebunking The Top 5 Cybersecurity Myths4 Strategies to Safeguard the Finance Industry Against Deepfake OnslaughtMontreal Electricity Organization Latest Victim in Lockbit Ransomware SpreeAlphV Group Takes Credit for Ransomware Attack on Forsyth County (GA)Toyota Japan Back on the Road After Probably-Not-Cyber Attack Halted ProductionUniversity of Michigan Isn’t Disclosing Details of Internet Outage CyberattackMalicious npm Packages Aim to Target Developers for Source Code TheftHacking Campaign Bruteforces Cisco VPNs to Breach NetworksHackers Can Exploit Windows Container Isolation Framework to Bypass Endpoint SecurityWordPress Migration Add-on Flaw Could Lead to Data BreachesCritical Vulnerability Alert: VMware Aria Operations Networks at Risk from Remote AttacksFlaw Exposes WP Migration Plugin to Hacks
8/29/2023 August 29, 2023August 29, 2023 ~ The Cyber Beat ~ Leave a comment Japan’s Cybersecurity Agency Breached by Suspected Chinese HackersChinese Hacking Group Exploits Barracuda Zero-Day to Target Government, Military, and TelecomFBI Brings Down Massive Qakbot Botnet That Infected More Than 700,000 Computers…Operation Duck Hunt: How the FBI Nuked Qakbot Malware From Infected Windows PCsMeta Says It Has Disrupted a Massive Disinformation Campaign Linked to Chinese Law EnforcementThe Weird, Big-Money World of Cybercrime Writing ContestsMicrosoft Warns of Adversary-in-the-Middle Uptick on Phishing PlatformsVerizon Is Making It Easier to Block Spam Texts Sent by EmailBiometrics? Bring It On: Why Okta’s Jameeka Green Aaron Wants Passwords to Go AwayGenshin Impact Dev Will Sue Kaveh Hacks Users and DevelopersApple Security Boss Faces iPads-For-Gun-Permits Bribery Charge… AgainUniversity of Michigan Cuts Itself off From Internet After Mystery Security SnafuHacktivists Breach Iranian Surveillance SystemCancelled Flights: Air Traffic Disruption Caused by Flight Data IssueNew Ransomware Campaign Targets Citrix NetScaler FlawDarkGate Malware Activity Spikes as Developer Rents Out Malware to AffiliatesNew Android MMRat Malware Uses Protobuf Protocol to Steal Your DataDreamBus Malware Exploits RocketMQ Flaw to Infect ServersHackers Exploit Critical Juniper RCE Bug Chain After PoC ReleaseMicrosoft Adds HSTS Support to Exchange Server 2016 and 2019iFixit Wants Congress to Let It Hack McDonald’s Ice Cream MachinesAddressing Cybersecurity’s Talent Shortage & Its Impact on CISOs
8/28/2023 August 28, 2023August 28, 2023 ~ The Cyber Beat ~ Leave a comment QBot, SocGholish, and Raspberry Robin: The Big 3 Responsible for 80% Of Attacks So Far This YearSpain Warns of LockBit Locker Ransomware Phishing AttacksExperts Uncover How Cybercriminals Could Exploit Microsoft Entra ID for Elevated PrivilegeA Skype App Vulnerability Could Expose Your IP Address to Hackers — And Microsoft Has Yet to Fix ItMalDoc in PDFs: Hiding Malicious Word Docs in PDF FilesDevelopers Beware: Malicious Rust Libraries Caught Transmitting OS Info to Telegram ChannelMicrosoft Will Enable Exchange Extended Protection by Default This FallMom’s Meals Discloses Data Breach Impacting 1.2 Million PeopleRhysida Claims Ransomware Attack on Prospect Medical, Threatens to Sell Data…Rhysida Ransomware Group Claims Attack on Prince George County School District (MD)Balancer Protocol Hit by $900K Exploitation Despite Previous Vulnerability WarningKmsdBot Malware Gets an Upgrade: Now Targets IoT Devices with Enhanced CapabilitiesExploit Released for Juniper Firewall Bugs Allowing RCE AttacksLegal Liability for Insecure Software Might Work, but It’s Dangerous
8/25-27/2023 August 27, 2023August 27, 2023 ~ The Cyber Beat ~ Leave a comment China-Linked Flax Typhoon Cyber Espionage Targets Taiwan’s Key Sectors…Microsoft: Stealthy Flax Typhoon Hackers Use LOLBins to Evade DetectionThe Cheap Radio Hack That Disrupted Poland’s Railway SystemThe Low-Stakes Race to Crack an Encrypted German U-Boat MessageUK ICO Calls Social Media Firms to Protect People’s Data From ScrapingClaimant Data Breached in Genesis, FTX and BlockFi Bankruptcy CasesTwo LAPSUS$ Hackers Convicted in London Court for High-Profile Tech Firm HacksPrivate Equity Firm Veritas Makes Takeover Offer for BlackBerryCybersecurity Startup Wiz Considers Potential Bid for SentinelOnePrivacy Regulator Warns of Surge in “Text Pest” CasesData Breach at French Gov’t Agency Exposes Info of 10 Million PeopleThe Metropolitan Police Investigating Suspected Data BreachByju’s Exposed Sensitive Student Data, Including Loan DetailsKrebs: Kroll Employee SIM-Swapped for Crypto Investor DataLeaseweb Is Restoring ‘Critical’ Systems After Security BreachRapattoni Cyber Attack Disrupts The Real Estate IndustryMOVEit, the Biggest Hack of the Tear, By the NumbersLockBit 3.0 Ransomware Builder Leak Gives Rise to Hundreds of New VariantsCreative QakBot Attack Tactics Challenge Security DefensesTor Turns to Proof-Of-Work Puzzles to Defend Onion Network From DDoS Attacks
8/24/2023 August 24, 2023August 24, 2023 ~ The Cyber Beat ~ 1 Comment Early Intelligence Suggests Prigozhin Was Assassinated, U.S. Officials Say…The Last Hour of Prigozhin’s PlaneNew Telegram Bot “Telekopye” Powering Large-scale Phishing Scams from RussiaBritain to Host World’s First AI Safety Summit to Encourage Responsibility at Home of World War II CodebreakersNIST Publishes Draft Post-Quantum Cryptography StandardsRansomware Hackers Dwell Time Drops to 5 Days, RDP Still Widely UsedRansomware With an Identity Crisis Targets Small Businesses, IndividualsFake Check Scammers Target Adobe Behance Users With Fake Waymo WorkWho’s Your Next Cyber Chief? Good Question.Why The Chainsmokers Invest in—and Party With—Niche Cybersecurity CompaniesNorth Korean Lazarus Group Exploits Critical Zoho ManageEngine Flaw to Deploy Stealthy QuiteRAT MalwareBelgium’s Econocom Confirms Cyber Attack, No Sensitive Data DisclosedNational Grid Notifies Mass. Customers on Data Exposure in ‘Cyber Incident’Ohio History Connection Hit With Ransomware AttackNew “Whiffy Recon” Malware Triangulates Infected Device Location via Wi-Fi Every MinuteNew Study Sheds Light on Adhubllka Ransomware NetworkJupiter X Core WordPress Plugin Could Let Hackers Hijack SitesExploit Released for Ivanti Sentry Bug Abused as Zero-Day in AttacksFBI Warns of Patched Barracuda ESG Appliances Still Being Hacked
8/23/2023 August 23, 2023August 23, 2023 ~ The Cyber Beat ~ Leave a comment U.S. OKs State Auto-Repair Law After Raising Hacking ConcernsAgile Approach to Mass Cloud Credential Harvesting and Crypto Mining Sprints AheadEmail Still the Top Vector for AttackersSyrian Threat Actor EVLF Unmasked as Creator of CypherRAT and CraxsRAT Android MalwareNorth Korean Affiliates Suspected in $40M Cryptocurrency Heist, FBI WarnsTornado Cash ‘Laundered Over $1B’ in Criminal Crypto-CoinsTeen Lapsus$ Member Was Behind the Leaked GTA 6 Footage, London Jury FindsHow to Talk to Your Kids About Social Media and Mental HealthMeta Set to Enable Default End-to-End Encryption on Messenger by Year EndBitwarden Releases Free and Open-Source E2EE Secrets Manager5 Early Warning Indicators That Are Key to Protecting National SecretsCriminals Go Full Viking on CloudNordic, Wipe All Servers and Customer Data…AzeroCloud TooScraped Data of 2.6 Million Duolingo Users Released on Hacking ForumPersonal and Confidential Info Breached in Tucson Unified School District (AZ) CyberattackDiscord Starts Notifying Users Affected by March Data BreachWinRAR Zero-Day Exploited Since April to Hack Trading AccountsOver a Dozen Malicious npm Packages Target Roblox Game DevelopersOver 3,000 Openfire Servers Vulnerable to Takover AttacksNew Stealthy Techniques Let Hackers Gain Windows SYSTEM PrivilegesKali Linux 2023.3 Released With 9 New Tools, Internal ChangesGoogle Workspace Will Require Two Admins to Sign Off on Critical Changes
8/22/2023 August 22, 2023August 22, 2023 ~ The Cyber Beat ~ Leave a comment New HiatusRAT malware attacks target U.S. Defense DepartmentA New Supply Chain Attack Hit Close to 100 Victims—and Clues Point to ChinaMysterious Cyberattack Shuts Down Yet More Telescopes For WeeksThe Physical Impact of Cyberattacks on CitiesKrebs: Tourists Give Themselves Away by Looking Up. So Do Most Network Intruders.The Secret Weapon Hackers Can Use to Dox Nearly Anyone in America for $15The Internet Is Turning Into a Data Black Box. An ‘Inspectability API’ Could Crack It OpenSEC Fines Fintech Crypto Fund That Promised 2,700% ReturnsCyber-Attack on Australian Utility Firm Energy One Spreads to UK SystemsUniversity of Minnesota Reports Possible Breach of “Sensitive Data”Virginia Department of Medical Assistance Services Announces Data BreachSt Helens Council (UK) Hit by Suspected Ransomware Cyber AttackCarderbee Attacks: Hong Kong Organizations Targeted via Malicious Software UpdatesScarab Ransomware Deployed Worldwide Via Spacecolon ToolsetAkira Ransomware Targets Cisco VPNs to Breach OrganizationsNew Variant of XLoader macOS Malware Disguised as ‘OfficeNote’ Productivity App
8/21/2023 August 21, 2023August 21, 2023 ~ The Cyber Beat ~ Leave a comment British Intelligence Is Tipping off Ransomware Targets to Disrupt AttacksU.S. Space Industry Under Threat from Foreign Cyber EspionageDeceptive AI Bots Spread Malware, Raise Security ConcernsThis AI-Generated Crypto Invoice Scam Almost Got Me, and I’m a Security ProA Draft Of TikTok’s Plan To Avoid A Ban Gives The U.S. Government Unprecedented Oversight PowerTesla Points to ‘Insider Wrongdoing’ as Cause of Massive Employee Data LeakUK Clears Broadcom’s $69 Billion Deal to Buy VMwareCybersecurity Firm SentinelOne Explores SaleJapanese Watchmaker Seiko Breached by BlackCat Ransomware GangKansai Nerolac Reports Ransomware Incident on Sunday, Financial Impact UndisclosedOngoing Duo Outage Causes Azure Auth Authentication ErrorsSneaky Amazon Google Ad Leads to Microsoft Support ScamThis Malware Turned Thousands of Hacked Windows and macOS PCs into Proxy ServersTP-Link Smart Bulbs Can Let Hackers Steal Your WiFi PasswordIvanti Warns of New Actively Exploited MobileIron Zero-Day Bug
8/18-20/2023 August 20, 2023August 20, 2023 ~ The Cyber Beat ~ Leave a comment Our Health Care System May Soon Receive a Much-Needed Cybersecurity BoostSenators Want YouTube Investigated Over Showing Targeted Ads to Kids, AgainMatch Group Pauses Background Checks on Tinder and Other Dating AppsKrebs: Karma Catches Up to Global Phishing Service 16Shop14 Suspected Cybercriminals Arrested Across Africa in Coordinated CrackdownPSNI Data Breach: Second Man Arrested by Northern Ireland PoliceGoogle’s New Feature Ensures Your Pixel Phone Hasn’t Been Hacked or Compromised: Here’s How It Works…Google Chrome to Warn When Installed Extensions Are MalwareMore Cyber Companies Announce LayoffsRust Devs Push Back as Serde Project Ships Precompiled BinariesHackers Use VPN Provider’s Code Certificate to Sign MalwareWinRAR Flaw Lets Hackers Run Programs When You Open RAR ArchivesStanding Out From The Crowd At Black HatUnveiling the Hidden Risks of Routing ProtocolsHackers Ask $120,000 for Access to Multi-Billion Auction HouseDeFi Protocols Exactly, Harbor Hacked in Separate AttacksCuba Ransomware Uses Veeam Exploit Against Critical U.S. OrganizationsGermany’s National Bar Association Investigating Ransomware AttackAustralia’s .AU Domain Administrator Denies Data Breach After Ransomware PostingSiemens Healthineers Responds to Alleged Data Theft by LockBit Ransomware GangMorris Hospital & Healthcare Centers (IL) Notifies Patients, Employees of Breach After Royal Gang PostingRansomware Gang Threatens Raleigh Housing Authority (NC) Months After Devastating AttackBunker Hill Community College (MA) Discloses May Ransomware AttackJohn Taylor High School Shares Pupils’ Exam Results in Data BreachNew BlackCat Ransomware Variant Adopts Advanced Impacket and RemCom ToolsWoofLocker Toolkit Hides Malicious Codes in Images to Run Tech Support ScamsNew Juniper Junos OS Flaws Expose Devices to Remote Attacks – Patch Now
8/17/2023 August 17, 2023August 17, 2023 ~ The Cyber Beat ~ Leave a comment Russian Hackers Use Zulip Chat App for Covert C&C in Diplomatic Phishing AttacksChina-Linked Bronze Starlight Group Targeting Gambling Sector with Cobalt Strike BeaconsThe Plan to Better Protect U.S. Hospitals From RansomwareAI Use Rising in Influence Campaigns Online, but Impact LimitedCISA Launches Joint Initiative to Secure RMM SoftwareAnonFiles Shuts Down After Massive User AbuseJapan’s Digital Minister Surrenders Salary to Say Sorry for Data LeaksAn Overview of Dubai’s First and Second Cybersecurity StrategyNew LABRAT Campaign Exploits GitLab Flaw for Cryptojacking and Proxyjacking ActivitiesPhishing Spree Targets Zimbra Collaboration Account HoldersNoFilter Attack: Sneaky Privilege Escalation Method Bypasses Windows SecurityThousands of Android APKs Use Compression Trick to Thwart AnalysisNew Apple iOS 16 Exploit Enables Stealthy Cellular Access Under Fake Airplane ModeCISA Adds Citrix ShareFile Flaw to KEV Catalog Due to In-the-Wild AttacksWhy Technology, Not More Legislation, Is The Answer For Cybersecurity
8/16/2023 August 16, 2023August 16, 2023 ~ The Cyber Beat ~ Leave a comment White House Orders Federal Agencies to Shore up Cybersecurity, Warns of Potential ExposureMajor U.S. Energy Org Targeted in QR Code Phishing AttackScammers Exploit Hacked Websites For PhishingA Third of UK University Students Targeted By FraudThis $70 Device Can Spoof an Apple Device and Trick You Into Sharing Your PasswordGoogle Released First Quantum-Resilient FIDO2 Key ImplementationNYC Bans TikTok on City-Owned DevicesNorthern Irish Police Arrest Man After Data BreachNational Realtor’s Database Hack Disrupts Real Estate Industry, Forces Return to Traditional MethodsCleveland (TN) City Schools Reports Ransomware Attempt on DevicesMassive 400,000 Proxy Botnet Built With Stealthy Malware InfectionsCritical Security Flaws Affect Ivanti Avalanche, Threatening 30,000 OrganizationsExperts Uncover Weaknesses in PowerShell Gallery Enabling Supply Chain AttacksCISA Warns of Critical Citrix ShareFile Flaw Exploited in the WildBoards Don’t Want Security Promises — They Want Action
8/15/2023 August 15, 2023August 15, 2023 ~ The Cyber Beat ~ Leave a comment U.S. Lawmaker Says FBI Notified Him of Email Breach Linked to China-Based Microsoft Cloud HackChinese Media Teases Imminent Exposé of Seismic U.S. Spying SchemeNorth Korean Hackers Suspected in New Wave of Malicious npm PackagesLinkedIn Accounts Hacked in Widespread Hijacking CampaignFBI: Mobile Beta-Testing Apps Are Major Security RiskPhishing Scams Targeting Small Business on Social Media Including Meta Are a ‘Gold Mine’ for CriminalsBolstering Africa’s CybersecurityLatin Americans Fall Prey to More Online Scams as Cybersecurity LagsKrebs: Diligere, Equity-Invest Are New Firms of UK Con ManAI a Top Risk and the Preferred Solution to Financial CrimeHow & Why Cybercriminals Fabricate Data LeaksDiscord.io Halts All Operations After Massive Data BreachClorox Takes Servers Offline, Notifies Law Enforcement After ‘Unauthorized Activity’Norfolk and Suffolk: You’re Not Seeing Double – Yet Another UK Copshop Is Confessing to a Data LeakPrince George’s County Public Schools (MD) Network Hit by Cyber Attack: 4,500 Accounts AffectedCummins Behavioral Health Systems (IN) Announces Data Breach Following Ransomware AttackRaccoon Stealer Malware Returns With New Stealthier VersionCybercriminals Abusing Cloudflare R2 for Hosting Phishing Pages, Experts WarnMultiple Flaws Found in ScrutisWeb Software Exposes ATMs to Remote HackingAlmost 2,000 Citrix NetScaler Servers Backdoored in Hacking CampaignNew CVE-2023-3519 Scanner Detects Hacked Citrix ADC, Gateway Devices
8/14/2023 August 14, 2023August 14, 2023 ~ The Cyber Beat ~ Leave a comment Charming Kitten Targets Iranian Dissidents with Advanced Cyber AttacksHacktivists Attack Japanese Government Over Fukushima Wastewater ReleaseTop U.S. Cyber Official Offers ‘Stark Warning’ of Potential Attacks on Infrastructure if Tensions With China EscalateCISA Expects Upcoming Industry Rules to Show ‘Scope and Scale’ of Ransomware ProblemAs Ransomware Gangs Shift To Data Extortion, Some Adopt A New Tactic: ‘Customer Service’U.S. Issues Draft Cybersecurity Guidelines for EV Charging NetworksResearcher Says They Were Behind iPhone Popups at Def ConA Huge Scam Targeting Kids With Roblox and Fortnite ‘Offers’ Has Been Hiding in Plain SightFBI Warns of Increasing Cryptocurrency Recovery ScamsIndia Passes New Digital Personal Data Protection Bill (DPDPB), Putting Users’ Privacy FirstOver 100K Hacking Forums Accounts Exposed by Info-Stealing MalwareWhat’s New in the NIST Cybersecurity Framework 2.0Alberta Dental Services Security Breach Exposes 1.47M RecordsCumbrian Police Accidentally Publish All Officers’ Details OnlineColorado Department of Health Care Policy & Financing (HCPF) Warns 4 Million of Data Stolen in IBM MOVEit BreachUnited Healthcare Services Files Notice of Data Breach Following Hacking/IT IncidentNew Haven (CT) School District Has Recouped Half of $6 Million Lost in Cyber AttackNew Financial Malware ‘JanelaRAT’ Targets Latin American UsersQwixxRAT: New Remote Access Trojan Emerges via Telegram and DiscordSecurity Researchers Publish Gigabud Banking Malware AnalysisMonti Ransomware Targets VMware ESXi Servers With New Linux lockerOngoing Xurum Attacks on E-commerce Sites Exploiting Critical Magento 2 VulnerabilityMicrosoft Enables Windows Kernel CVE-2023-32019 Fix For Everyone
8/11-13/2023 August 14, 2023August 14, 2023 ~ The Cyber Beat ~ Leave a comment Hackers Spied on Diplomats in Belarus, Researchers SayU.S. Cyber Body to Review Cloud Computing Safety, Microsoft BreachAn Apple Malware-Flagging Tool Is ‘Trivially’ Easy to BypassZoom ZTP & AudioCodes Phones Flaws Uncovered, Exposing Users to EavesdroppingFord Says Cars With WiFi Vulnerability Still Safe to DriveAmerica’s Original Hacking Supergroup Creates a Free Framework to Improve App SecurityLapsus$ Hacker Group Exposed in Latest CSRB Report‘Bulletproof’ Hosting Site LolekHosted That Allegedly Enabled 400 Ransomware Attacks Seized, Founder Artur Grabowski IndictedJudge Sends Sam Bankman-Fried to Jail Over Alleged Witness TamperingXiaomi’s MIUI Now Flags Telegram as Dangerous in ChinaAmazon AWS Distances Itself From Moq Amid Data Collection ControversyUK Gov Keeps Repeating Its Voter Registration Website Is Not a ScamCopper Miner Freeport-McMoRan Reports Cybersecurity IncidentBelt Railway Company of Chicago, U.S.’s Largest Switching & Terminal RR, Investigating Ransomware Data TheftDroxiDat-Cobalt Strike Duo Targets Power Generator NetworkNew SystemBC Malware Variant Targets Southern African Power CompanyKnight Ransomware Distributed in Fake TripAdvisor Complaint EmailsMaginotDNS Attacks Exploit Weak Checks for DNS Cache PoisoningMultiple Flaws Found in the Avada WordPress Theme and PluginMultiple Flaws in CyberPower and Dataprobe Products Put Data Centers at Risk16 New CODESYS SDK Flaws Expose OT Environments to Remote AttacksNew Python URL Parsing Flaw Could Enable Command Execution AttacksHackers Launch Cyberattacks Against U.S. Satellite, Requested by Pentagon
8/10/2023 August 10, 2023August 10, 2023 ~ The Cyber Beat ~ Leave a comment APT31 Linked to Recent Industrial Attacks in Eastern EuropeMoustachedBouncer Hackers Use AiTM Attacks to Spy on DiplomatsU.S. Government Pushes to Fix the Security Flaws Lapsus$ Hackers Used to Leak GTA VITeens Hacked Boston Subway Cards to Get Infinite Free Rides—and This Time, Nobody Got SuedHackers Rig Casino Card-Shuffling Machines for ‘Full Control’ CheatingPanasonic Warns That Internet-of-Things Malware Attack Cycles Are AcceleratingLeaked Yandex Code Breaks Open the Creepy Black Box of Online AdvertisingGet Your Staff’s Consent Before You Monitor Them, Tech Inquiry WarnsThere’s a Good Chance Your VPN Is Vulnerable to Privacy-Menacing TunnelCrack AttackLil Tay Is Not Dead, Claims Social Media Was HackedWhy It’s Time for Everyone to Reorient Their Thinking About CybersecurityFresh Blow to Police Service of Northern Ireland as Second Data Breach DisclosedGeorgia Teacher Pension Vendor’s Data Hacked by Russian Clop Cybercrooks in MOVEit AttacksEl Cerrito (CA) Investigating Data Theft After LockBit Ransomware Group’s ClaimsEncryption Flaws in Popular Chinese Language App Put Users’ Typed Data at RiskPotent Trojans Targeting MacOS UsersNew Statc Stealer Malware Emerges: Your Sensitive Data at RiskGafgyt Malware Exploits Five-Years-Old Flaw in EoL Zyxel RouterNew Attack Alert: Freeze[.]rs Injector Weaponized for XWorm Malware AttacksEmerging Attacker Exploit: Microsoft Cross-Tenant SynchronizationDell Compellent Hardcoded Key Exposes VMware vCenter Admin CredsCISA: New Whirlpool Backdoor Used in Barracuda ESG Hacks
8/9/2023 August 9, 2023August 9, 2023 ~ The Cyber Beat ~ Leave a comment Russia Tipped As Prime Suspect Over Huge Cyber Attack On UK Electoral CommissionCybersecurity Experts Discuss Wins, Losses and Lessons at Western Ukraine GatheringTop 3 Insights I Learned at Recent Cybersecurity EventsWhite House Launches AI-Based Contest to Secure Government Systems From HacksNew York State Debuts First Cybersecurity StrategyGoogle to Fight Hackers With Weekly Chrome Security UpdatesPopular Open Source Project Moq Criticized for Quietly Collecting DataCorporate Data Transfers to Russia Likely Violate EU Privacy Rules, Regulator WarnsA Clever Honeypot Tricked Hackers Into Revealing Their SecretsKrebs: Meet the Brains Behind the Malware-Friendly AI Chat Service ‘WormGPT’Northern Ireland Police Officers Vulnerable After Data LeakRhysida Ransomware Behind Recent Attacks on HealthcareRhysida Ransomware Analysis Reveals Vice Society ConnectionHackers Use Open Source Merlin Post-Exploitation Toolkit in AttacksMalicious Campaigns Exploiting Weak Kubernetes Clusters for Cryptocurrency MiningNew BitForge Cryptocurrency Wallet Flaws Lets Hackers Steal CryptoEvilProxy Phishing Campaign Targets 120,000 Microsoft 365 UsersHigh-Severity Access Control Vulnerability Found in Spring WebFluxMicrosoft Visual Studio Code Flaw Lets Extensions Steal PasswordsKrebs: Microsoft Patch Tuesday, August 2023 Edition
8/8/2023 August 8, 2023August 8, 2023 ~ The Cyber Beat ~ Leave a comment White House Holds First-Ever Summit on the Ransomware Crisis Plaguing the Nation’s Public Schools…White House to Bolster Cybersecurity Training for K-12 Schools, With Help From the FCC, Amazon Web Services and MoreYashma: Vietnamese-Origin Ransomware Operation Mimics WannaCry TraitsRoyal, Hive, Black Basta Ransomware Gangs ‘Collaborating on Cyber Attacks’What Doctors Wish You Knew About HIPAA and Data SecurityLaw Firm Dentons Splits With China’s Dacheng as Counter-Espionage Law Takes HoldInterpol Takes Down 16shop Phishing-As-A-Service PlatformAndroid 14 to Let You Block Connections to Unencrypted Cellular NetworksGoogle Is Picking up the Pace of Chrome Security Update ReleasesThe Problem With Cybersecurity (and AI Security) RegulationHackers Had Access to UK Voter Data for Over a Year Before Anyone NoticedMOVEit Hack Spawned Over 600 Breaches but Is Not Done Yet Say Cyber AnalystsIsraeli Hospital Redirects New Patients Following Ransomware AttackMissouri Warns of Data Breach Involving Medicaid RecipientsQakBot Malware Operators Expand C2 Network with 15 New ServersLOLBAS in the Wild: 11 Living-Off-The-Land Binaries-and-Scripts That Could Be Abused for Multiple Malicious PurposesNew Inception Attack Leaks Sensitive Data From All AMD Zen CPUsNew ‘Downfall’ Flaw Exposes Valuable Data in Generations of Intel ChipsMicrosoft Office Update Breaks Actively Exploited RCE Attack ChainMicrosoft August 2023 Patch Tuesday Warns of 2 Zero-Days, 87 Flaws
8/7/2023 August 7, 2023August 7, 2023 ~ The Cyber Beat ~ Leave a comment China Hacked Japan’s Sensitive Defense Networks, Officials SayNorth Korean ‘ScarCruft’ Hackers Breached Top Russian Missile MakerMicrosoft’s AI Red Team Has Already Made the Case for ItselfCriminals Have Created Their Own ChatGPT ClonesNew Malware Campaign Targets Inexperienced Cyber Criminals with OpenBullet ConfigsStalkerware Slinger LetMeSpy Shuts Down for Good After Database RobberyMeta Accused of Ignoring Reports on Dangerous ContentCyber Insurer Resilience Secures $100 Million in FundingRussian ‘NoName057’ Hacktivists Overwhelm Spanish Sites With DDoSColorado Warns Hackers Stole 16 Years of Public School Data in Ransomware AttackInvisible Ad Fraud Targets Korean Android UsersNew SkidMap Linux Malware Variant Targeting Vulnerable Redis ServersGoogle Play Apps With 2.5M Installs Load Ads When Screen’s OffMallox Ransomware Group Revamps Malware Variants, Evasion TacticsHackers Increasingly Abuse Cloudflare Tunnels for Stealthy ConnectionsSelling Software to the US Government? Know Security Attestation First
8/4-6/2023 August 7, 2023August 7, 2023 ~ The Cyber Beat ~ Leave a comment Two U.S. Navy Sailors Charged With Giving Chinese Spies Secret Military InfoKrebs: Teach a Man to Phish and He’s Set for LifeAlarm Raised Over Mozilla VPN: Wonky Authorization Check Lets Users Cause HavocFBI Warns of Scammers Posing as NFT Devs to Steal Your CryptoFake VMware vConnector Package on PyPI Targets IT ProsHow to Automatically Delete Passcode Texts on Android and iOSTesla Infotainment Jailbreak Unlocks Paid Features, Extracts SecretsNew Acoustic Attack Steals Data From Keystrokes With 95% AccuracyProspect Medical: Cyberattack Disrupts Computer Systems Across U.S., Hindering ServicesColorado Department of Higher Education Warns of Massive Data BreachBurger King Serves Up Sensitive Data, No MayoClop Ransomware Now Uses Torrents to Leak Data and Evade TakedownsReptile Rootkit: Advanced Linux Malware Targeting South Korean SystemsStealthy NPM Malware Exposes Developer DataNew PaperCut Critical Bug Exposes Unpatched Servers to RCE AttacksMicrosoft Addresses Critical Power Platform Flaw After Delays and Criticism
8/3/2023 August 4, 2023August 4, 2023 ~ The Cyber Beat ~ Leave a comment Krebs: How Malicious Android Apps Slip Into DisguiseGoogle Can Now Alert You When Your Private Contact Info Appears OnlineBrave Search Adds Private Image and Video Search CapabilityHumans Unable to Reliably Detect Deepfake SpeechMicrosoft Flags Growing Cybersecurity Concerns for Major Sporting EventsHacktivist Collective “Mysterious Team Bangladesh” RevealedHacktivists Fund Their Operations Using Common Cybercrime TacticsHackers Could Have Scored Unlimited Airline Miles by Targeting One Platform: Points.comRazzlekhan and Husband Guilty of $4.5bn Bitcoin LaunderCocaine Smugglers that Posed as PC Sellers JailedCISA Sounds the Alarm on UEFI SecurityU.S. Gov’t Contractor Serco Discloses Data Breach After MOVEit AttacksPH Tech MOVEit Data Breach Impacts 1.7 Million Oregon Health Plan MembersCrozer Health’s (PA) Computer Systems Were Knocked Offline Thursday by a Ransomware AttackFBI Investigating Ransomware Attack Affecting Eastern Connecticut Health Network, Waterbury HealthMauna Kea Telescope Suspends Operations Following Attempted Cyber AttackMicrosoft Teams Targeted in Midnight Blizzard Phishing AttacksNew Version of Rilide Data Theft Malware Adapts to Chrome Extension Manifest V3Hackers Can Abuse Microsoft Office Executables to Download MalwareNew Microsoft Azure AD CTS Feature Can Be Abused For Lateral MovementFBI, CISA, and NSA Reveal Top Exploited Vulnerabilities of 2022
8/2/2023 August 3, 2023August 3, 2023 ~ The Cyber Beat ~ Leave a comment Russian APT29 Hackers Target Govt Orgs in Microsoft Teams Phishing AttacksPro-Russian Hackers NoName057(16) Claim Attacks on Italian BanksHouse Republicans Open Investigation Into Email Breach at Federal AgenciesAustralian Senate Committee Recommends Bans on Chinese Social Media AppsThe Generative AI Battle Between Companies and Hackers Is StartingAI-Powered CryptoRom Scam Targets Mobile UsersKenya Suspends Sam Altman’s Eyeball-Scanning Crypto ProjectIRS Vows to Digitize All Taxpayer Documents by 2025Materiality Definition Seen as Tough Task in New SEC Cyber RulesRussian Cyber Adversary BlueCharlie Alters Infrastructure in Response to DisclosuresFake FlipperZero Sites Promise Free Devices After Completing OfferTesla Jailbreak Unlocks Theft of In-Car Paid FeaturesNorwegian Entities Targeted in Ongoing Attacks Exploiting Ivanti EPMM VulnerabilityMondee Security Lapse Exposed Flight Itineraries and Unencrypted Credit Card NumbersMarine Industry Giant Brunswick Corporation Lost $85 Million in Cyberattack, CEO ConfirmsSynergy Healthcare Services (FL) Sends Breach Notifications to Over 58K Following CyberattackTwo Subsidiaries Confirm Data Breach Following Group 1001 Ransomware AttackHopedale Police Department (MA) Say Facebook Page Targeted in HackNew NodeStealer Variant Targeting Facebook Business Accounts and Crypto WalletsPhishers Exploit Salesforce’s Email Services Zero-Day in Targeted Facebook CampaignThreat Actors Use AWS SSM Agent as a Remote Access TrojanOver 640 Citrix Servers Backdoored With Web Shells in Ongoing AttacksNew Collide+Power Side-Channel Attack Impacts Almost All CPUsIvanti Discloses New Critical Auth Bypass Bug in Mobileiron Core
8/1/2023 August 1, 2023August 1, 2023 ~ The Cyber Beat ~ Leave a comment U.S. Military Battling Cyber Threats From Within and WithoutCloud Company Cloudzy Assisted 17 Different Government Hacking Groups -U.S. ResearchersSome Companies Shun Long-Awaited Trans-Atlantic Data AgreementCloud Tech Debt Puts Millions of Apps at Risk, Says New ReportBankrupt Crypto Firm Voyager Digital Tried to Return Funds, But Customer Data Might’ve Been Stolen InsteadAmazon Employees Leak Secret Info That Marketplace Sellers Can Buy on TelegramA New Attack Impacts Major AI Chatbots—and No One Knows How to Stop ItFraudGPT: Cybercriminals Train AI Chatbots for Phishing, Malware AttacksThis Disinformation Is Just for YouKazakhstan Denies Plans to Hand Over Russian Cyber Expert to MoscowChina Bans Export of Drones Some Countries Have Already Banned AnywayResearchers Expose Space Pirates’ Cyber Campaign Across Russia and SerbiaRussian Hackers Crash Italian Bank Websites, Cyber Agency SaysRetail Chain Hot Topic Discloses Wave of Credential-Stuffing AttacksThe Chattanooga Heart Institute (TN) Notifies Upwards of 160k Patients of Recent Data BreachAven Financial (CA) Files Notice of Data Breach Impacting Consumers’ Social Security NumbersThreat Actors Abuse Google AMP for Evasive Phishing AttacksNew Infostealer Uncovered in Phishing Scam Targeting Facebook Business AccountsNew WikiLoader Malware Goes to Extreme Lengths to HideCISA Issues New Warning on Actively Exploited Ivanti MobileIron BugsLessons Not Learned From Software Supply Chain Attacks