Russian APT Intensifies Cyber Espionage Activities Amid Ukrainian Counter-Offensive

Russia’s GRU Blamed for Infamous Chisel Malware Targeting Ukraine’s Military Phones

Facebook Accounts Targeted by Vietnamese Threat Groups

New Research Exposes Airbnb as Breeding Ground For Cybercrime

Free Key Group Ransomware Decryptor Helps Victims Recover Data

UK Cyber Agency Warns of Potentially Fundamental Flaw in AI Technology

Voice Deepfakes Are Coming for Your Bank Balance

IBM Promised to Back Off Facial Recognition — Then It Signed a $69.8 Million Contract to Provide It

Apple’s Decision to Kill Its CSAM Photo-Scanning Tool Sparks Fresh Controversy

X Wants Permission to Start Collecting Your Biometric Data and Employment History

Cybersecurity Firms Crowdstrike, Okta Shares Jump After Better-Than-Expected Earnings
North Korean Hackers Deploy New Malicious Python Packages in PyPI Repository

Earth Estries’ Espionage Campaign Targets Governments and Tech Titans Across Continents

Paramount Discloses Data Breach Following Security Incident

Forever 21 Data Breach: Hackers Accessed Info of 500,000

Sourcegraph Website Breached Using Leaked Admin Access Token

LogicMonitor Customers Hacked in Reported Ransomware Attacks

Chambersburg Area School District (PA) Announces Hit by Recent Ransomware Attack

Gaston College (NC) Reveals Scope of Ransomware Attack

Classiscam Spreads: $64.5M Scheme Targets 79 Countries

SapphireStealer Malware: A Gateway to Espionage and Ransomware Operations

Google Fixes Serious Security Flaws in Chrome and Android


Chinese APT Group GREF Use BadBazaar in Android Espionage

Russians Impersonate Washington Post and Fox News With Anti-Ukraine Stories

British Officials Say AI Chatbots Could Carry Cyber Risks

I Tracked an NYC Subway Rider’s Movements with an MTA ‘Feature’

Unmasking Trickbot, One of the World’s Top Cybercrime Gangs

Krebs: U.S. Hacks QakBot, Quietly Removes Botnet Infections

Cybersecurity Enters Conversation About Executive Pay

Microsoft Angry Over Russian-Led UN Cybercrime Treaty Proposal That Could Target Non-Criminals

Apple Opens 2024 Applications to Get ‘Security Research’ iPhones

Debunking The Top 5 Cybersecurity Myths

4 Strategies to Safeguard the Finance Industry Against Deepfake Onslaught
Montreal Electricity Organization Latest Victim in Lockbit Ransomware Spree

AlphV Group Takes Credit for Ransomware Attack on Forsyth County (GA)

Toyota Japan Back on the Road After Probably-Not-Cyber Attack Halted Production

University of Michigan Isn’t Disclosing Details of Internet Outage Cyberattack

Malicious npm Packages Aim to Target Developers for Source Code Theft

Hacking Campaign Bruteforces Cisco VPNs to Breach Networks

Hackers Can Exploit Windows Container Isolation Framework to Bypass Endpoint Security

WordPress Migration Add-on Flaw Could Lead to Data Breaches

Critical Vulnerability Alert: VMware Aria Operations Networks at Risk from Remote Attacks

Flaw Exposes WP Migration Plugin to Hacks


Japan’s Cybersecurity Agency Breached by Suspected Chinese Hackers

Chinese Hacking Group Exploits Barracuda Zero-Day to Target Government, Military, and Telecom

FBI Brings Down Massive Qakbot Botnet That Infected More Than 700,000 Computers

Operation Duck Hunt: How the FBI Nuked Qakbot Malware From Infected Windows PCs

Meta Says It Has Disrupted a Massive Disinformation Campaign Linked to Chinese Law Enforcement

The Weird, Big-Money World of Cybercrime Writing Contests

Microsoft Warns of Adversary-in-the-Middle Uptick on Phishing Platforms

Verizon Is Making It Easier to Block Spam Texts Sent by Email

Biometrics? Bring It On: Why Okta’s Jameeka Green Aaron Wants Passwords to Go Away

Genshin Impact Dev Will Sue Kaveh Hacks Users and Developers

Apple Security Boss Faces iPads-For-Gun-Permits Bribery Charge… Again
University of Michigan Cuts Itself off From Internet After Mystery Security Snafu

Hacktivists Breach Iranian Surveillance System

Cancelled Flights: Air Traffic Disruption Caused by Flight Data Issue

New Ransomware Campaign Targets Citrix NetScaler Flaw

DarkGate Malware Activity Spikes as Developer Rents Out Malware to Affiliates

New Android MMRat Malware Uses Protobuf Protocol to Steal Your Data

DreamBus Malware Exploits RocketMQ Flaw to Infect Servers

Hackers Exploit Critical Juniper RCE Bug Chain After PoC Release

Microsoft Adds HSTS Support to Exchange Server 2016 and 2019

iFixit Wants Congress to Let It Hack McDonald’s Ice Cream Machines

Addressing Cybersecurity’s Talent Shortage & Its Impact on CISOs


QBot, SocGholish, and Raspberry Robin: The Big 3 Responsible for 80% Of Attacks So Far This Year

Spain Warns of LockBit Locker Ransomware Phishing Attacks

Experts Uncover How Cybercriminals Could Exploit Microsoft Entra ID for Elevated Privilege

A Skype App Vulnerability Could Expose Your IP Address to Hackers — And Microsoft Has Yet to Fix It

MalDoc in PDFs: Hiding Malicious Word Docs in PDF Files

Developers Beware: Malicious Rust Libraries Caught Transmitting OS Info to Telegram Channel

Microsoft Will Enable Exchange Extended Protection by Default This Fall
Mom’s Meals Discloses Data Breach Impacting 1.2 Million People

Rhysida Claims Ransomware Attack on Prospect Medical, Threatens to Sell Data

Rhysida Ransomware Group Claims Attack on Prince George County School District (MD)

Balancer Protocol Hit by $900K Exploitation Despite Previous Vulnerability Warning

KmsdBot Malware Gets an Upgrade: Now Targets IoT Devices with Enhanced Capabilities

Exploit Released for Juniper Firewall Bugs Allowing RCE Attacks

Legal Liability for Insecure Software Might Work, but It’s Dangerous


China-Linked Flax Typhoon Cyber Espionage Targets Taiwan’s Key Sectors

Microsoft: Stealthy Flax Typhoon Hackers Use LOLBins to Evade Detection

The Cheap Radio Hack That Disrupted Poland’s Railway System

The Low-Stakes Race to Crack an Encrypted German U-Boat Message

UK ICO Calls Social Media Firms to Protect People’s Data From Scraping

Claimant Data Breached in Genesis, FTX and BlockFi Bankruptcy Cases

Two LAPSUS$ Hackers Convicted in London Court for High-Profile Tech Firm Hacks

Private Equity Firm Veritas Makes Takeover Offer for BlackBerry

Cybersecurity Startup Wiz Considers Potential Bid for SentinelOne

Privacy Regulator Warns of Surge in “Text Pest” Cases
Data Breach at French Gov’t Agency Exposes Info of 10 Million People

The Metropolitan Police Investigating Suspected Data Breach

Byju’s Exposed Sensitive Student Data, Including Loan Details

Krebs: Kroll Employee SIM-Swapped for Crypto Investor Data

Leaseweb Is Restoring ‘Critical’ Systems After Security Breach

Rapattoni Cyber Attack Disrupts The Real Estate Industry

MOVEit, the Biggest Hack of the Tear, By the Numbers

LockBit 3.0 Ransomware Builder Leak Gives Rise to Hundreds of New Variants

Creative QakBot Attack Tactics Challenge Security Defenses

Tor Turns to Proof-Of-Work Puzzles to Defend Onion Network From DDoS Attacks


Early Intelligence Suggests Prigozhin Was Assassinated, U.S. Officials Say

The Last Hour of Prigozhin’s Plane

New Telegram Bot “Telekopye” Powering Large-scale Phishing Scams from Russia

Britain to Host World’s First AI Safety Summit to Encourage Responsibility at Home of World War II Codebreakers

NIST Publishes Draft Post-Quantum Cryptography Standards

Ransomware Hackers Dwell Time Drops to 5 Days, RDP Still Widely Used

Ransomware With an Identity Crisis Targets Small Businesses, Individuals

Fake Check Scammers Target Adobe Behance Users With Fake Waymo Work

Who’s Your Next Cyber Chief? Good Question.

Why The Chainsmokers Invest in—and Party With—Niche Cybersecurity Companies
North Korean Lazarus Group Exploits Critical Zoho ManageEngine Flaw to Deploy Stealthy QuiteRAT Malware

Belgium’s Econocom Confirms Cyber Attack, No Sensitive Data Disclosed

National Grid Notifies Mass. Customers on Data Exposure in ‘Cyber Incident’

Ohio History Connection Hit With Ransomware Attack

New “Whiffy Recon” Malware Triangulates Infected Device Location via Wi-Fi Every Minute

New Study Sheds Light on Adhubllka Ransomware Network

Jupiter X Core WordPress Plugin Could Let Hackers Hijack Sites

Exploit Released for Ivanti Sentry Bug Abused as Zero-Day in Attacks

FBI Warns of Patched Barracuda ESG Appliances Still Being Hacked


U.S. OKs State Auto-Repair Law After Raising Hacking Concerns

Agile Approach to Mass Cloud Credential Harvesting and Crypto Mining Sprints Ahead

Email Still the Top Vector for Attackers

Syrian Threat Actor EVLF Unmasked as Creator of CypherRAT and CraxsRAT Android Malware

North Korean Affiliates Suspected in $40M Cryptocurrency Heist, FBI Warns

Tornado Cash ‘Laundered Over $1B’ in Criminal Crypto-Coins

Teen Lapsus$ Member Was Behind the Leaked GTA 6 Footage, London Jury Finds

How to Talk to Your Kids About Social Media and Mental Health

Meta Set to Enable Default End-to-End Encryption on Messenger by Year End

Bitwarden Releases Free and Open-Source E2EE Secrets Manager

5 Early Warning Indicators That Are Key to Protecting National Secrets
Criminals Go Full Viking on CloudNordic, Wipe All Servers and Customer Data

AzeroCloud Too

Scraped Data of 2.6 Million Duolingo Users Released on Hacking Forum

Personal and Confidential Info Breached in Tucson Unified School District (AZ) Cyberattack

Discord Starts Notifying Users Affected by March Data Breach

WinRAR Zero-Day Exploited Since April to Hack Trading Accounts

Over a Dozen Malicious npm Packages Target Roblox Game Developers

Over 3,000 Openfire Servers Vulnerable to Takover Attacks

New Stealthy Techniques Let Hackers Gain Windows SYSTEM Privileges

Kali Linux 2023.3 Released With 9 New Tools, Internal Changes

Google Workspace Will Require Two Admins to Sign Off on Critical Changes


New HiatusRAT malware attacks target U.S. Defense Department

A New Supply Chain Attack Hit Close to 100 Victims—and Clues Point to China

Mysterious Cyberattack Shuts Down Yet More Telescopes For Weeks

The Physical Impact of Cyberattacks on Cities

Krebs: Tourists Give Themselves Away by Looking Up. So Do Most Network Intruders.

The Secret Weapon Hackers Can Use to Dox Nearly Anyone in America for $15

The Internet Is Turning Into a Data Black Box. An ‘Inspectability API’ Could Crack It Open

SEC Fines Fintech Crypto Fund That Promised 2,700% Returns
Cyber-Attack on Australian Utility Firm Energy One Spreads to UK Systems

University of Minnesota Reports Possible Breach of “Sensitive Data”

Virginia Department of Medical Assistance Services Announces Data Breach

St Helens Council (UK) Hit by Suspected Ransomware Cyber Attack

Carderbee Attacks: Hong Kong Organizations Targeted via Malicious Software Updates

Scarab Ransomware Deployed Worldwide Via Spacecolon Toolset

Akira Ransomware Targets Cisco VPNs to Breach Organizations

New Variant of XLoader macOS Malware Disguised as ‘OfficeNote’ Productivity App


British Intelligence Is Tipping off Ransomware Targets to Disrupt Attacks

U.S. Space Industry Under Threat from Foreign Cyber Espionage

Deceptive AI Bots Spread Malware, Raise Security Concerns

This AI-Generated Crypto Invoice Scam Almost Got Me, and I’m a Security Pro

A Draft Of TikTok’s Plan To Avoid A Ban Gives The U.S. Government Unprecedented Oversight Power

Tesla Points to ‘Insider Wrongdoing’ as Cause of Massive Employee Data Leak

UK Clears Broadcom’s $69 Billion Deal to Buy VMware

Cybersecurity Firm SentinelOne Explores Sale
Japanese Watchmaker Seiko Breached by BlackCat Ransomware Gang

Kansai Nerolac Reports Ransomware Incident on Sunday, Financial Impact Undisclosed

Ongoing Duo Outage Causes Azure Auth Authentication Errors

Sneaky Amazon Google Ad Leads to Microsoft Support Scam

This Malware Turned Thousands of Hacked Windows and macOS PCs into Proxy Servers

TP-Link Smart Bulbs Can Let Hackers Steal Your WiFi Password

Ivanti Warns of New Actively Exploited MobileIron Zero-Day Bug


Our Health Care System May Soon Receive a Much-Needed Cybersecurity Boost

Senators Want YouTube Investigated Over Showing Targeted Ads to Kids, Again

Match Group Pauses Background Checks on Tinder and Other Dating Apps

Krebs: Karma Catches Up to Global Phishing Service 16Shop

14 Suspected Cybercriminals Arrested Across Africa in Coordinated Crackdown

PSNI Data Breach: Second Man Arrested by Northern Ireland Police

Google’s New Feature Ensures Your Pixel Phone Hasn’t Been Hacked or Compromised: Here’s How It Works

Google Chrome to Warn When Installed Extensions Are Malware

More Cyber Companies Announce Layoffs

Rust Devs Push Back as Serde Project Ships Precompiled Binaries

Hackers Use VPN Provider’s Code Certificate to Sign Malware

WinRAR Flaw Lets Hackers Run Programs When You Open RAR Archives

Standing Out From The Crowd At Black Hat

Unveiling the Hidden Risks of Routing Protocols
Hackers Ask $120,000 for Access to Multi-Billion Auction House

DeFi Protocols Exactly, Harbor Hacked in Separate Attacks

Cuba Ransomware Uses Veeam Exploit Against Critical U.S. Organizations

Germany’s National Bar Association Investigating Ransomware Attack

Australia’s .AU Domain Administrator Denies Data Breach After Ransomware Posting

Siemens Healthineers Responds to Alleged Data Theft by LockBit Ransomware Gang

Morris Hospital & Healthcare Centers (IL) Notifies Patients, Employees of Breach After Royal Gang Posting

Ransomware Gang Threatens Raleigh Housing Authority (NC) Months After Devastating Attack

Bunker Hill Community College (MA) Discloses May Ransomware Attack

John Taylor High School Shares Pupils’ Exam Results in Data Breach

New BlackCat Ransomware Variant Adopts Advanced Impacket and RemCom Tools

WoofLocker Toolkit Hides Malicious Codes in Images to Run Tech Support Scams

New Juniper Junos OS Flaws Expose Devices to Remote Attacks – Patch Now


Russian Hackers Use Zulip Chat App for Covert C&C in Diplomatic Phishing Attacks

China-Linked Bronze Starlight Group Targeting Gambling Sector with Cobalt Strike Beacons

The Plan to Better Protect U.S. Hospitals From Ransomware

AI Use Rising in Influence Campaigns Online, but Impact Limited

CISA Launches Joint Initiative to Secure RMM Software

AnonFiles Shuts Down After Massive User Abuse

Japan’s Digital Minister Surrenders Salary to Say Sorry for Data Leaks

An Overview of Dubai’s First and Second Cybersecurity Strategy
New LABRAT Campaign Exploits GitLab Flaw for Cryptojacking and Proxyjacking Activities

Phishing Spree Targets Zimbra Collaboration Account Holders

NoFilter Attack: Sneaky Privilege Escalation Method Bypasses Windows Security

Thousands of Android APKs Use Compression Trick to Thwart Analysis

New Apple iOS 16 Exploit Enables Stealthy Cellular Access Under Fake Airplane Mode

CISA Adds Citrix ShareFile Flaw to KEV Catalog Due to In-the-Wild Attacks

Why Technology, Not More Legislation, Is The Answer For Cybersecurity


White House Orders Federal Agencies to Shore up Cybersecurity, Warns of Potential Exposure

Major U.S. Energy Org Targeted in QR Code Phishing Attack

Scammers Exploit Hacked Websites For Phishing

A Third of UK University Students Targeted By Fraud

This $70 Device Can Spoof an Apple Device and Trick You Into Sharing Your Password

Google Released First Quantum-Resilient FIDO2 Key Implementation

NYC Bans TikTok on City-Owned Devices

Northern Irish Police Arrest Man After Data Breach
National Realtor’s Database Hack Disrupts Real Estate Industry, Forces Return to Traditional Methods

Cleveland (TN) City Schools Reports Ransomware Attempt on Devices

Massive 400,000 Proxy Botnet Built With Stealthy Malware Infections

Critical Security Flaws Affect Ivanti Avalanche, Threatening 30,000 Organizations

Experts Uncover Weaknesses in PowerShell Gallery Enabling Supply Chain Attacks

CISA Warns of Critical Citrix ShareFile Flaw Exploited in the Wild

Boards Don’t Want Security Promises — They Want Action


U.S. Lawmaker Says FBI Notified Him of Email Breach Linked to China-Based Microsoft Cloud Hack

Chinese Media Teases Imminent Exposé of Seismic U.S. Spying Scheme

North Korean Hackers Suspected in New Wave of Malicious npm Packages

LinkedIn Accounts Hacked in Widespread Hijacking Campaign

FBI: Mobile Beta-Testing Apps Are Major Security Risk

Phishing Scams Targeting Small Business on Social Media Including Meta Are a ‘Gold Mine’ for Criminals

Bolstering Africa’s Cybersecurity

Latin Americans Fall Prey to More Online Scams as Cybersecurity Lags

Krebs: Diligere, Equity-Invest Are New Firms of UK Con Man

AI a Top Risk and the Preferred Solution to Financial Crime

How & Why Cybercriminals Fabricate Data Leaks
Discord.io Halts All Operations After Massive Data Breach

Clorox Takes Servers Offline, Notifies Law Enforcement After ‘Unauthorized Activity’

Norfolk and Suffolk: You’re Not Seeing Double – Yet Another UK Copshop Is Confessing to a Data Leak

Prince George’s County Public Schools (MD) Network Hit by Cyber Attack: 4,500 Accounts Affected

Cummins Behavioral Health Systems (IN) Announces Data Breach Following Ransomware Attack

Raccoon Stealer Malware Returns With New Stealthier Version

Cybercriminals Abusing Cloudflare R2 for Hosting Phishing Pages, Experts Warn

Multiple Flaws Found in ScrutisWeb Software Exposes ATMs to Remote Hacking

Almost 2,000 Citrix NetScaler Servers Backdoored in Hacking Campaign

New CVE-2023-3519 Scanner Detects Hacked Citrix ADC, Gateway Devices


Charming Kitten Targets Iranian Dissidents with Advanced Cyber Attacks

Hacktivists Attack Japanese Government Over Fukushima Wastewater Release

Top U.S. Cyber Official Offers ‘Stark Warning’ of Potential Attacks on Infrastructure if Tensions With China Escalate

CISA Expects Upcoming Industry Rules to Show ‘Scope and Scale’ of Ransomware Problem

As Ransomware Gangs Shift To Data Extortion, Some Adopt A New Tactic: ‘Customer Service’

U.S. Issues Draft Cybersecurity Guidelines for EV Charging Networks

Researcher Says They Were Behind iPhone Popups at Def Con

A Huge Scam Targeting Kids With Roblox and Fortnite ‘Offers’ Has Been Hiding in Plain Sight

FBI Warns of Increasing Cryptocurrency Recovery Scams

India Passes New Digital Personal Data Protection Bill (DPDPB), Putting Users’ Privacy First

Over 100K Hacking Forums Accounts Exposed by Info-Stealing Malware

What’s New in the NIST Cybersecurity Framework 2.0
Alberta Dental Services Security Breach Exposes 1.47M Records

Cumbrian Police Accidentally Publish All Officers’ Details Online

Colorado Department of Health Care Policy & Financing (HCPF)  Warns 4 Million of Data Stolen in IBM MOVEit Breach

United Healthcare Services Files Notice of Data Breach Following Hacking/IT Incident

New Haven (CT) School District Has Recouped Half of $6 Million Lost in Cyber Attack

New Financial Malware ‘JanelaRAT’ Targets Latin American Users

QwixxRAT: New Remote Access Trojan Emerges via Telegram and Discord

Security Researchers Publish Gigabud Banking Malware Analysis

Monti Ransomware Targets VMware ESXi Servers With New Linux locker

Ongoing Xurum Attacks on E-commerce Sites Exploiting Critical Magento 2 Vulnerability

Microsoft Enables Windows Kernel CVE-2023-32019 Fix For Everyone


Hackers Spied on Diplomats in Belarus, Researchers Say

U.S. Cyber Body to Review Cloud Computing Safety, Microsoft Breach

An Apple Malware-Flagging Tool Is ‘Trivially’ Easy to Bypass

Zoom ZTP & AudioCodes Phones Flaws Uncovered, Exposing Users to Eavesdropping

Ford Says Cars With WiFi Vulnerability Still Safe to Drive

America’s Original Hacking Supergroup Creates a Free Framework to Improve App Security

Lapsus$ Hacker Group Exposed in Latest CSRB Report

‘Bulletproof’ Hosting Site LolekHosted That Allegedly Enabled 400 Ransomware Attacks Seized, Founder Artur Grabowski Indicted

Judge Sends Sam Bankman-Fried to Jail Over Alleged Witness Tampering

Xiaomi’s MIUI Now Flags Telegram as Dangerous in China

Amazon AWS Distances Itself From Moq Amid Data Collection Controversy

UK Gov Keeps Repeating Its Voter Registration Website Is Not a Scam
Copper Miner Freeport-McMoRan Reports Cybersecurity Incident

Belt Railway Company of Chicago, U.S.’s Largest Switching & Terminal RR, Investigating Ransomware Data Theft

DroxiDat-Cobalt Strike Duo Targets Power Generator Network

New SystemBC Malware Variant Targets Southern African Power Company

Knight Ransomware Distributed in Fake TripAdvisor Complaint Emails

MaginotDNS Attacks Exploit Weak Checks for DNS Cache Poisoning

Multiple Flaws Found in the Avada WordPress Theme and Plugin

Multiple Flaws in CyberPower and Dataprobe Products Put Data Centers at Risk

16 New CODESYS SDK Flaws Expose OT Environments to Remote Attacks

New Python URL Parsing Flaw Could Enable Command Execution Attacks

Hackers Launch Cyberattacks Against U.S. Satellite, Requested by Pentagon


APT31 Linked to Recent Industrial Attacks in Eastern Europe

MoustachedBouncer Hackers Use AiTM Attacks to Spy on Diplomats

U.S. Government Pushes to Fix the Security Flaws Lapsus$ Hackers Used to Leak GTA VI

Teens Hacked Boston Subway Cards to Get Infinite Free Rides—and This Time, Nobody Got Sued

Hackers Rig Casino Card-Shuffling Machines for ‘Full Control’ Cheating

Panasonic Warns That Internet-of-Things Malware Attack Cycles Are Accelerating

Leaked Yandex Code Breaks Open the Creepy Black Box of Online Advertising

Get Your Staff’s Consent Before You Monitor Them, Tech Inquiry Warns

There’s a Good Chance Your VPN Is Vulnerable to Privacy-Menacing TunnelCrack Attack

Lil Tay Is Not Dead, Claims Social Media Was Hacked

Why It’s Time for Everyone to Reorient Their Thinking About Cybersecurity
Fresh Blow to Police Service of Northern Ireland as Second Data Breach Disclosed

Georgia Teacher Pension Vendor’s Data Hacked by Russian Clop Cybercrooks in MOVEit Attacks

El Cerrito (CA) Investigating Data Theft After LockBit Ransomware Group’s Claims

Encryption Flaws in Popular Chinese Language App Put Users’ Typed Data at Risk

Potent Trojans Targeting MacOS Users

New Statc Stealer Malware Emerges: Your Sensitive Data at Risk

Gafgyt Malware Exploits Five-Years-Old Flaw in EoL Zyxel Router

New Attack Alert: Freeze[.]rs Injector Weaponized for XWorm Malware Attacks

Emerging Attacker Exploit: Microsoft Cross-Tenant Synchronization

Dell Compellent Hardcoded Key Exposes VMware vCenter Admin Creds

CISA: New Whirlpool Backdoor Used in Barracuda ESG Hacks


Russia Tipped As Prime Suspect Over Huge Cyber Attack On UK Electoral Commission

Cybersecurity Experts Discuss Wins, Losses and Lessons at Western Ukraine Gathering

Top 3 Insights I Learned at Recent Cybersecurity Events

White House Launches AI-Based Contest to Secure Government Systems From Hacks

New York State Debuts First Cybersecurity Strategy

Google to Fight Hackers With Weekly Chrome Security Updates

Popular Open Source Project Moq Criticized for Quietly Collecting Data

Corporate Data Transfers to Russia Likely Violate EU Privacy Rules, Regulator Warns

A Clever Honeypot Tricked Hackers Into Revealing Their Secrets

Krebs: Meet the Brains Behind the Malware-Friendly AI Chat Service ‘WormGPT’
Northern Ireland Police Officers Vulnerable After Data Leak

Rhysida Ransomware Behind Recent Attacks on Healthcare

Rhysida Ransomware Analysis Reveals Vice Society Connection

Hackers Use Open Source Merlin Post-Exploitation Toolkit in Attacks

Malicious Campaigns Exploiting Weak Kubernetes Clusters for Cryptocurrency Mining

New BitForge Cryptocurrency Wallet Flaws Lets Hackers Steal Crypto

EvilProxy Phishing Campaign Targets 120,000 Microsoft 365 Users

High-Severity Access Control Vulnerability Found in Spring WebFlux

Microsoft Visual Studio Code Flaw Lets Extensions Steal Passwords

Krebs: Microsoft Patch Tuesday, August 2023 Edition


White House Holds First-Ever Summit on the Ransomware Crisis Plaguing the Nation’s Public Schools

White House to Bolster Cybersecurity Training for K-12 Schools, With Help From the FCC, Amazon Web Services and More

Yashma: Vietnamese-Origin Ransomware Operation Mimics WannaCry Traits

Royal, Hive, Black Basta Ransomware Gangs ‘Collaborating on Cyber Attacks’

What Doctors Wish You Knew About HIPAA and Data Security

Law Firm Dentons Splits With China’s Dacheng as Counter-Espionage Law Takes Hold

Interpol Takes Down 16shop Phishing-As-A-Service Platform

Android 14 to Let You Block Connections to Unencrypted Cellular Networks

Google Is Picking up the Pace of Chrome Security Update Releases

The Problem With Cybersecurity (and AI Security) Regulation
Hackers Had Access to UK Voter Data for Over a Year Before Anyone Noticed

MOVEit Hack Spawned Over 600 Breaches but Is Not Done Yet Say Cyber Analysts

Israeli Hospital Redirects New Patients Following Ransomware Attack

Missouri Warns of Data Breach Involving Medicaid Recipients

QakBot Malware Operators Expand C2 Network with 15 New Servers

LOLBAS in the Wild: 11 Living-Off-The-Land Binaries-and-Scripts That Could Be Abused for Multiple Malicious Purposes

New Inception Attack Leaks Sensitive Data From All AMD Zen CPUs

New ‘Downfall’ Flaw Exposes Valuable Data in Generations of Intel Chips

Microsoft Office Update Breaks Actively Exploited RCE Attack Chain

Microsoft August 2023 Patch Tuesday Warns of 2 Zero-Days, 87 Flaws


China Hacked Japan’s Sensitive Defense Networks, Officials Say

North Korean ‘ScarCruft’ Hackers Breached Top Russian Missile Maker

Microsoft’s AI Red Team Has Already Made the Case for Itself

Criminals Have Created Their Own ChatGPT Clones

New Malware Campaign Targets Inexperienced Cyber Criminals with OpenBullet Configs

Stalkerware Slinger LetMeSpy Shuts Down for Good After Database Robbery

Meta Accused of Ignoring Reports on Dangerous Content

Cyber Insurer Resilience Secures $100 Million in Funding
Russian ‘NoName057’ Hacktivists Overwhelm Spanish Sites With DDoS

Colorado Warns Hackers Stole 16 Years of Public School Data in Ransomware Attack

Invisible Ad Fraud Targets Korean Android Users

New SkidMap Linux Malware Variant Targeting Vulnerable Redis Servers

Google Play Apps With 2.5M Installs Load Ads When Screen’s Off

Mallox Ransomware Group Revamps Malware Variants, Evasion Tactics

Hackers Increasingly Abuse Cloudflare Tunnels for Stealthy Connections

Selling Software to the US Government? Know Security Attestation First


Two U.S. Navy Sailors Charged With Giving Chinese Spies Secret Military Info

Krebs: Teach a Man to Phish and He’s Set for Life

Alarm Raised Over Mozilla VPN: Wonky Authorization Check Lets Users Cause Havoc

FBI Warns of Scammers Posing as NFT Devs to Steal Your Crypto

Fake VMware vConnector Package on PyPI Targets IT Pros

How to Automatically Delete Passcode Texts on Android and iOS

Tesla Infotainment Jailbreak Unlocks Paid Features, Extracts Secrets

New Acoustic Attack Steals Data From Keystrokes With 95% Accuracy
Prospect Medical: Cyberattack Disrupts Computer Systems Across U.S., Hindering Services

Colorado Department of Higher Education Warns of Massive Data Breach

Burger King Serves Up Sensitive Data, No Mayo

Clop Ransomware Now Uses Torrents to Leak Data and Evade Takedowns

Reptile Rootkit: Advanced Linux Malware Targeting South Korean Systems

Stealthy NPM Malware Exposes Developer Data

New PaperCut Critical Bug Exposes Unpatched Servers to RCE Attacks

Microsoft Addresses Critical Power Platform Flaw After Delays and Criticism


Krebs: How Malicious Android Apps Slip Into Disguise

Google Can Now Alert You When Your Private Contact Info Appears Online

Brave Search Adds Private Image and Video Search Capability

Humans Unable to Reliably Detect Deepfake Speech

Microsoft Flags Growing Cybersecurity Concerns for Major Sporting Events

Hacktivist Collective “Mysterious Team Bangladesh” Revealed

Hacktivists Fund Their Operations Using Common Cybercrime Tactics

Hackers Could Have Scored Unlimited Airline Miles by Targeting One Platform: Points.com

Razzlekhan and Husband Guilty of $4.5bn Bitcoin Launder

Cocaine Smugglers that Posed as PC Sellers Jailed

CISA Sounds the Alarm on UEFI Security
U.S. Gov’t Contractor Serco Discloses Data Breach After MOVEit Attacks

PH Tech MOVEit Data Breach Impacts 1.7 Million Oregon Health Plan Members

Crozer Health’s (PA) Computer Systems Were Knocked Offline Thursday by a Ransomware Attack

FBI Investigating Ransomware Attack Affecting Eastern Connecticut Health Network, Waterbury Health

Mauna Kea Telescope Suspends Operations Following Attempted Cyber Attack

Microsoft Teams Targeted in Midnight Blizzard Phishing Attacks

New Version of Rilide Data Theft Malware Adapts to Chrome Extension Manifest V3

Hackers Can Abuse Microsoft Office Executables to Download Malware

New Microsoft Azure AD CTS Feature Can Be Abused For Lateral Movement

FBI, CISA, and NSA Reveal Top Exploited Vulnerabilities of 2022


Russian APT29 Hackers Target Govt Orgs in Microsoft Teams Phishing Attacks

Pro-Russian Hackers NoName057(16) Claim Attacks on Italian Banks

House Republicans Open Investigation Into Email Breach at Federal Agencies

Australian Senate Committee Recommends Bans on Chinese Social Media Apps

The Generative AI Battle Between Companies and Hackers Is Starting

AI-Powered CryptoRom Scam Targets Mobile Users

Kenya Suspends Sam Altman’s Eyeball-Scanning Crypto Project

IRS Vows to Digitize All Taxpayer Documents by 2025

Materiality Definition Seen as Tough Task in New SEC Cyber Rules

Russian Cyber Adversary BlueCharlie Alters Infrastructure in Response to Disclosures

Fake FlipperZero Sites Promise Free Devices After Completing Offer

Tesla Jailbreak Unlocks Theft of In-Car Paid Features
Norwegian Entities Targeted in Ongoing Attacks Exploiting Ivanti EPMM Vulnerability

Mondee Security Lapse Exposed Flight Itineraries and Unencrypted Credit Card Numbers

Marine Industry Giant Brunswick Corporation Lost $85 Million in Cyberattack, CEO Confirms

Synergy Healthcare Services (FL) Sends Breach Notifications to Over 58K Following Cyberattack

Two Subsidiaries Confirm Data Breach Following Group 1001 Ransomware Attack

Hopedale Police Department (MA) Say Facebook Page Targeted in Hack

New NodeStealer Variant Targeting Facebook Business Accounts and Crypto Wallets

Phishers Exploit Salesforce’s Email Services Zero-Day in Targeted Facebook Campaign

Threat Actors Use AWS SSM Agent as a Remote Access Trojan

Over 640 Citrix Servers Backdoored With Web Shells in Ongoing Attacks

New Collide+Power Side-Channel Attack Impacts Almost All CPUs

Ivanti Discloses New Critical Auth Bypass Bug in Mobileiron Core


U.S. Military Battling Cyber Threats From Within and Without

Cloud Company Cloudzy Assisted 17 Different Government Hacking Groups -U.S. Researchers

Some Companies Shun Long-Awaited Trans-Atlantic Data Agreement

Cloud Tech Debt Puts Millions of Apps at Risk, Says New Report

Bankrupt Crypto Firm Voyager Digital Tried to Return Funds, But Customer Data Might’ve Been Stolen Instead

Amazon Employees Leak Secret Info That Marketplace Sellers Can Buy on Telegram

A New Attack Impacts Major AI Chatbots—and No One Knows How to Stop It

FraudGPT: Cybercriminals Train AI Chatbots for Phishing, Malware Attacks

This Disinformation Is Just for You

Kazakhstan Denies Plans to Hand Over Russian Cyber Expert to Moscow

China Bans Export of Drones Some Countries Have Already Banned Anyway
Researchers Expose Space Pirates’ Cyber Campaign Across Russia and Serbia

Russian Hackers Crash Italian Bank Websites, Cyber Agency Says

Retail Chain Hot Topic Discloses Wave of Credential-Stuffing Attacks

The Chattanooga Heart Institute (TN) Notifies Upwards of 160k Patients of Recent Data Breach

Aven Financial (CA) Files Notice of Data Breach Impacting Consumers’ Social Security Numbers

Threat Actors Abuse Google AMP for Evasive Phishing Attacks

New Infostealer Uncovered in Phishing Scam Targeting Facebook Business Accounts

New WikiLoader Malware Goes to Extreme Lengths to Hide

CISA Issues New Warning on Actively Exploited Ivanti MobileIron Bugs

Lessons Not Learned From Software Supply Chain Attacks