10/31/2023 October 31, 2023October 31, 2023 ~ The Cyber Beat ~ Leave a comment Canada Bans WeChat and Kaspersky Apps On Government DevicesMeta Launches Paid Ad-Free Subscription in Europe to Satisfy Privacy LawsWhite House Hosts Counter Ransomware Initiative Summit, With a Focus on Not Paying Hackers…Dozens of Countries Will Pledge to Stop Paying Ransomware Gangs…Why Ransomware Victims Can’t Stop Paying off HackersApple Alert: India Opposition Says Government Tried to Hack PhonesIn Cyberattacks, Iran Shows Signs of Improved Hacking CapabilitiesKrebs: .US Harbors Prolific Malicious Link Shortening ServiceLastPass Breach Linked to Theft of $4.4 Million in CryptoCyber Chiefs Worry About Personal Liability as SEC Sues SolarWinds, Executive…Budget Cuts, Layoffs Add to Pressure on Cyber Teams…Half of Execs Request Security Bypass Over Past YearFlorida Man Jailed After Draining $1M From Victims in Crypto SIM Swap AttacksNow Russians Accused of Pwning JFK Taxi System to Sell Top Spots to CabbiesAce Holed: Hardware Store Empire Felled by CyberattackCybersecurity Snafu Sends British Library Back to the Dark AgesSW Ontario Hospitals Confirm Patient Data Compromised in CyberattackFlipper Zero Bluetooth Spam Attacks Ported to New Android AppScarred Manticore Targets Middle East With Advanced MalwareArid Viper Campaign Targets Arabic-Speaking UsersTrojanized PyCharm Software Version Delivered via Google Search AdsMalicious NuGet Packages Caught Distributing SeroXen RAT MalwareExploit Released for Critical Cisco IOS XE Flaw, Many Hosts Still hackedAtlassian Warns of New Critical Confluence Vulnerability Threatening Data LossApple, Google, and Microsoft Just Patched Some Spooky Security FlawsAvast Confirms It Tagged Google App as Malware on Android PhonesSamsung Galaxy Gets New Auto Blocker Anti-malware Feature
10/30/2023 October 30, 2023October 30, 2023 ~ The Cyber Beat ~ Leave a comment BiBi-Linux: Pro-Hamas Hacktivists Targeting Israeli Entities with Wiper MalwareHuawei, Vivo Phones Tag Google App as TrojanSMS-PA MalwareChina Plans to Take ‘Hack-Proof’ Quantum Satellite Technology to New HeightsBiden Issues Executive Order on Safe, Secure AIFTC Orders Non-Bank Financial Firms to Report Breaches in 30 DaysHackers Accessed 632,000 Email Addresses at U.S. Justice, Defense DepartmentsBudget Cuts at CISA Could Affect Enterprise CybersecurityU.S. SEC Sues SolarWinds, Top Cyber Executive for FraudGoogle Chrome Now Auto-Upgrades to Secure Connections for All UsersToronto Public Library Services Down Following Weekend CyberattackDallas County (TX) Investigating ‘Cybersecurity Incident’ Months After City Ransomware AttackSix Rivers Media (TN) Hit by Cyber-Attack Over the WeekendNew Hunters International Ransomware Possible Rebrand of HiveHackers Using MSIX App Packages to Infect Windows PCs with GHOSTPULSE MalwareEleKtra-Leak Cryptojacking Attacks Exploit AWS IAM Credentials Exposed on GitHubUrgent: New Security Flaws Discovered in NGINX Ingress Controller for KubernetesRCE Exploit for Wyze Cam v3 Publicly Released, Patch NowGoogle Promises a Rescue Patch for Android 14’s “Ransomware” Bug
10/27-29/2023 October 29, 2023October 29, 2023 ~ The Cyber Beat ~ Leave a comment N. Korean Lazarus Group Targets Software Vendor Using Known FlawsUkrainian Hackers Disrupt Internet Providers in Russia-Occupied TerritoriesUK National Cyber Security Centre Rolls Out Protective DNS for SchoolsKing Charles III Signs off on UK Online Safety Act, With Unenforceable Spying ClauseThe Hunt for Crypto’s Most Famous Fugitive. ‘Everyone Is Looking for Me.’Pirate IPTV Network in Austria Dismantled and $1.74 Million SeizedGoogle Expands Its Bug Bounty Program to Tackle Artificial Intelligence ThreatsWhat Lurks in the Dark: Taking Aim at Shadow AIBoeing Assessing Lockbit Hacking Gang Threat of Sensitive Data LeakStanford University Investigating Cyberattack After Ransomware ClaimsHackers Email Stolen Clark County School District (NV) Student Data to ParentsResearchers Uncover Wiretapping of XMPP-Based Instant Messaging ServiceF5 Issues Warning: BIG-IP Vulnerability Allows Remote Code ExecutionHackers Earn Over $1 Million for 58 Zero-Days at Pwn2Own TorontoHackerOne Paid Ethical Hackers Over $300 Million in Bug BountiesAndroid 14’s User-Profile Data Bug Seems Indistinguishable From Ransomware
10/26/2023 October 26, 2023October 26, 2023 ~ The Cyber Beat ~ Leave a comment France Says Russian State Hackers Breached Numerous Critical NetworksChina Rushes to Swap Western Tech With Domestic Options as U.S. Cracks DownIranian Group Tortoiseshell Launches New Wave of IMAPLoader Malware AttacksYoroTrooper: Researchers Warn of Kazakhstan’s Stealthy Cyber Espionage GroupHumanity Could ‘Lose Control’ of AI, UK PM Warns, as Britain Seeks Leading Role in the TechUK Parliament Opens Inquiry into Cyber-ResilienceOldham Council Facing 10,000 Cyber Attacks a Day, Report SaysMicrosoft Warns as Scattered Spider Expands from SIM Swaps to RansomwareForget the Outside Hacker, the Bigger Threat Is Inside by the Coffee MachineNigerian Police Dismantle Cybercrime Recruitment, Mentoring HubMaine Mass Shooting Disinformation Floods Social Media as Suspect Remains at LargeChilean Telecom Giant GTD Hit by the Rorschach Ransomware GangAkumin Files Notice of Data Breach with the Securities and Exchange CommissionLonghorn Imaging Center (TX) Data Breach Affects Patients’ Sensitive Medical InformationStripedFly Malware Framework Infects 1 Million Windows, Linux HostsAndroid Adware Apps on Google Play Amass Two Million InstallsRecord-Breaking 100 Million RPS DDoS Attack Exploits HTTP/2 Rapid Reset FlawCritical Flaw in NextGen’s Mirth Connect Could Expose Healthcare DataiLeakage: New Safari Exploit Impacts Apple iPhones and Macs with A and M-Series CPUsApple Drops Urgent Patch Against Obtuse TriangleDB iPhone MalwareServiceNow Quietly Addresses Unauthenticated Data Exposure Flaw From 2015Samsung Galaxy S23 Hacked Two More Times at Pwn2Own Toronto
10/25/2023 October 25, 2023October 25, 2023 ~ The Cyber Beat ~ Leave a comment Pro Russia Winter Vivern: Zero-Day XSS Exploit Targets Roundcube ServersLinkedIn Tests Generative AI to Field Cybersecurity Questions From Employees and SuppliersProton’s Password Manager Now Lets You Securely Share LoginsAmazon Launches European ‘Sovereign’ Cloud as EU Data Debate RagesThe AI-Generated Child Abuse Nightmare Is HereStates Sue Meta Alleging Harm to Young People on Instagram, FacebookCybersecurity Awareness Doesn’t Cut It; It’s Time to Focus on BehaviorFlipper Zero Can Now Spam Android, Windows Users With Bluetooth AlertsSeiko “BlackCat” Data Breach: 60,000 Records on the LineFellowship Village (NJ) Files Notice of Recent Data Breach with the Federal GovernmentMalvertising Campaign Targets Brazil’s PIX Payment System with GoPIX MalwareCitrix Bleed Exploit Lets Hackers Hijack NetScaler AccountsVMware Fixes Critical Code Execution Flaw in vCenter ServerMicrosoft Tests Windows 11 Encrypted DNS Server Auto-DiscoveryWindows 11 to Let Admins Mandate SMB Encryption for Outbound ConnectionsSamsung Galaxy S23 Hacked Twice on First Day of Pwn2Own Toronto
10/24/2023 October 24, 2023 ~ The Cyber Beat ~ Leave a comment Hackers Backdoor Russian State, Industrial Orgs for Data TheftIrish Cops Data Debacle Exposes Half a Million Motorist Records1Password Detects Suspicious Activity Following Okta Support BreachThey Cracked the Code to a Locked USB Drive Worth $235 Million in Bitcoin. Then It Got Weird.Generative AI Can Save Phishers Two Days of WorkA Powerful Tool U.S. Spies Misused to Stalk Women Faces Its Potential DemiseA Controversial Plan to Scan Private Messages for Child Abuse Meets Fresh ScandalAutomakers and Suppliers Spar Over Car DataEx-NSA Employee Pleads Guilty to Leaking Classified Data to RussiaDecentralized Matrix Messaging Network Says It Now Has 115M UsersRTX, the Company Formerly Known as Raytheon, to Sell Its Cybersecurity Business for $1.3BCyberattack on Health Services Provider TransForm Impacts 5 Canadian HospitalsASVEL Basketball Team Confirms Data Breach After Ransomware AttackHopewell Area School District (PA) Targeted by Ransomware AttackOver 9,500 Bank of Canton Customers May Have Had Personal Information Exposed Due to Fiserv BreachUkraine Cyber Officials Warn of a ‘Surge’ in Smokeloader Attacks on Financial, Government EntitiesNew Grandoreiro Malware Variant Targets SpainMeet Rhysida, a New Ransomware Strain That Deletes ItselfBackdoor Implant on Hacked Cisco Devices Modified to Evade DetectioniOS Zero-Day Attacks: Experts Uncover Deeper Insights into Operation TriangulationVMware Warns Admins of Public Exploit for vRealize RCE FlawAPI Security Flaw Impacted Grammarly, Vidio and Bukalapak
10/23/2023 October 23, 2023October 23, 2023 ~ The Cyber Beat ~ Leave a comment Ukraine Security Services Involved in Hack of Russia’s Largest Private BankDC Elections Agency Warns Entire Voting Roll May Have Been StolenU.S. Energy Firm Shares How Akira Ransomware Hacked Its SystemsQNAP Takes Down Server Behind Widespread Brute-Force AttacksPalestine Crypto Donation Scams Emerge Amid Israel-Hamas WarThe Hamas Threat of Broadcasting Hostage Execution Videos Looms Large Over Social MediaKrebs: NJ Man Hired Online to Firebomb, Shoot at Homes Gets 13 Years in PrisonSpain Arrests 34 Cybercriminals Who Stole Data of 4 Million PeopleOkta Cybersecurity Breach Wipes Out More Than $2 Billion in Market CapChange From Within: 3 Cybersecurity Transformation Traps for CISOs to AvoidCity of Philadelphia Discloses Data Breach After Five MonthsUniversity of Michigan Employee, Student Data Stolen in CyberattackCyber Attacks Hit NY State Casino Operation, Two Hudson Valley HospitalsOrange County DA’s Office Hit by Computer Breach; Communications System Taken DownCadre Services (WI) Targeted in Ransomware Attack; Hackers Leak Stolen Data, Including SSNsDoNot Team’s New Firebird Backdoor Hits Pakistan and AfghanistanQuasarRAT Deploys Advanced DLL Side-Loading TechniqueCisco Patches IOS XE Zero-Days Used to Hack Over 50,000 DevicesCitrix Warns Admins to Patch NetScaler CVE-2023-4966 Bug ImmediatelyGoogle Chrome’s New “IP Protection” Will Hide Users’ IP Addresses
10/20-22/2023 October 22, 2023October 22, 2023 ~ The Cyber Beat ~ Leave a comment Krebs: Hackers Stole Access Tokens from Okta’s Support UnitInternational Criminal Court Systems Breached for Cyber EspionageNew TetrisPhantom Hackers Steal Data From Secure USB Drives on Gov’t SystemsDarkGate Malware Campaigns Linked to Vietnam-Based CybercriminalsIrish-Linked Spyware Used in Brazen AttacksCyberattacks Intensify on Israeli and Palestinian Human Rights GroupsThe Dangerous Mystery of Hamas’ Missing ‘Suicide Drones’ENISA Warns of Rising AI Manipulation Ahead of Upcoming European ElectionsRagnar Locker Ransomware Developer Arrested in France20 Years Of Cybersecurity Awareness Month: Leveling Up The BasicsHow an Explosion of ‘Smart’ Devices Is Threatening U.S. Households — And National SecurityMicrosoft Announces Security Copilot Early Access ProgramKwik Trip Finally Confirms Cyberattack Was Behind Ongoing OutageAmerican Family Insurance Confirms Cyberattack Is Behind IT OutagesPennyMac Files Notice of Data Breach That Leaked Thousands of SSNsFake Corsair Job Offers on LinkedIn Push DarkGate MalwareExelaStealer: A New Low-Cost Cybercrime Weapon EmergesCisco Zero-Day Exploited to Implant Malicious Lua Backdoor on Thousands of Devices…Cisco Discloses New IOS XE Zero-Day Exploited to Deploy Malware Implant…Over 40,000 Cisco IOS XE Devices Infected with Backdoor Using Zero-Day…Number of Hacked Cisco IOS XE Devices Plummets From 50K to HundredsCritical RCE Flaws Found in SolarWinds Access Audit Solution
10/19/2023 October 19, 2023October 22, 2023 ~ The Cyber Beat ~ Leave a comment Iran-Linked OilRig Targets Middle East Governments in 8-Month Cyber CampaignCyberspace Has No Boundaries — That’s Why Global Cooperation on Security Is Crucial: UK OfficialAmazon, Microsoft, and India Crack Down on Tech Support ScamsRepublican Congressman Says Labor Crunch Biggest Threat to U.S. CybersecurityQR Codes Used in 22% of Phishing AttacksU.S. Charge Man With Running Stolen Credentials MarketplaceEuropol Knocks RagnarLocker Offline in Second Major Ransomware Bust This YearValve Enhances Steam Security With SMS VerificationCasio Keyed up After Data Loss Hits Customers in 149 CountriesData Breach Hits Saint Louis University Students and Employees, School SaysAtlas Healthcare Confirms Recent Data Breach Affecting Residents’ Social Security NumbersSophisticated MATA Framework Strikes Eastern European Oil and Gas CompaniesFake KeePass Site Uses Google Ads and Punycode to Push MalwareBlackCat Ransomware Uses New ‘Munchkin’ Linux VM in Stealthy AttacksHacker Group GhostSec Unveils New Generation Ransomware ImplantMicrosoft Extends Purview Audit Log Retention After July Breach
10/18/2023 October 18, 2023October 18, 2023 ~ The Cyber Beat ~ Leave a comment Ukraine Says Joint Mission With U.S. Derailed Moscow’s CyberattacksGoogle Links WinRAR Exploitation to Russian, Chinese State HackersCritical Citrix NetScaler Flaw Exploited to Target from Government, Tech FirmsTwitter Glitch Allows CIA Informant Channel to Be HijackedFederal Cyber Chief Tells Agencies to Tap Brakes on AIAI Adoption Surges But Security Awareness Lags BehindKrebs: The Fake Browser Update Scam Gets a MakeoverGoogle Bulks up Android’s Malware Defenses to Combat New Tricks, Including AI: Play ProtectDutch Consumer Group Sues Amazon Over Data TrackingFBI: Hackers Are Extorting Plastic Surgery PatientsEx-Navy IT Head Gets 5 Years for Selling People’s Data on DarkwebUkrainian Activists Hack Trigona Ransomware Gang, Wipe ServersLazarus Group Targeting Defense Experts with Fake Interviews via Trojanized VNC AppsNorth Korean Hackers Lazarus and Andariel Exploit Critical TeamCity Flaw to Breach NetworksMATA Malware Framework Exploits EDR in Attacks on Defense FirmsHacker Leaks Millions of New 23andMe Genetic Data ProfilesQubitstrike Targets Jupyter Notebooks with Crypto Mining and Rootkit CampaignNew Admin Takeover Vulnerability Exposed in Synology’s DiskStation ManagerWhat CISOs Should Exclude From SEC Cybersecurity FilingsMajor Cyber Attack Could Cost the World $3.5 Trillion -Lloyd’s of London
10/17/2023 October 17, 2023October 17, 2023 ~ The Cyber Beat ~ Leave a comment TetrisPhantom: Persistent Espionage Campaign Targets APAC GovernmentsRansomware Comes Back in Vogue for CybercriminalsFake Browser Updates Used in Malware DistributionHuge Increase in ‘Spear Phishing’ Ever Since ChatGPT’s Rise, Says Japanese Cybersecurity FirmGoogle Password Manager Could Ease Your Transition to PasskeysAmazon Quietly Rolls Out Support for Passkeys, With a CatchOver 40,000 Admin Portal Accounts Use ‘Admin’ as a PasswordInsiders Say X’s Crowdsourced Anti-Disinformation Tool Is Making the Problem WorseKrebs: Tech CEO Sentenced to 5 Years in IP Address SchemeNew Calculator Aims to Measure Companies’ Cyberattack DamagesChilean Government Warns of Black Basta Ransomware Attacks After Customs IncidentD-Link Confirms Data Breach After Employee Phishing AttackKwikTrip All but Says IT Outage Was Caused by a CyberattackCrum & Forster Notifies Nearly 14k Consumers of Recent Data Breach Leaking Their SSNsSpyNote Android Malware Spreads via Fake Volcano Eruption AlertsMalicious Notepad++ Google Ads Evade Detection for MonthsOver 10,000 Cisco Devices Hacked in IOS XE Zero-Day AttacksCritical Vulnerabilities Uncovered in Open Source CasaOS Cloud SoftwareExperts Warn of Severe Flaws Affecting Milesight Routers and Titan SFTP Servers
10/16/2023 October 16, 2023October 16, 2023 ~ The Cyber Beat ~ Leave a comment Russian Sandworm Hackers Breached 11 Ukrainian Telcos Since MayPro-Russian Hackers Exploiting Recent WinRAR Vulnerability in New CampaignBLOODALCHEMY Provides Backdoor to Southeast Asian nations’ SecretsFake ‘RedAlert’ Rocket Alert App for Israel Installs Android SpywareHealthcare Sector Warned About New Ransomware Group NoEscapeYour Organization Has Suffered a Data Incident: Now Here Are the Regulators It Will Likely EncounterDeepfake Porn Is Out of ControlWhatsApp Turns on Passwordless Logins With Passkeys for Android UsersWhat the Hollywood Writers Strike Resolution Means for CybersecurityWe’re Not in e-Kansas Anymore: State Courts Reel From ‘Unauthorized Incursion’Taylored Services Parent Co Cyber Attack and Possible Data Breach Affects Current and Former EmployeesHenry Schein Announces Data BreachSpyNote: Beware of This Android Trojan that Records Audio and Phone CallsDiscord Still a Hotbed of Malware Activity — Now APTs Join the FunHackers Exploit Critical Flaw in WordPress Royal Elementor PluginCISA, FBI Urge Admins to Patch Atlassian Confluence ImmediatelyCisco Warns of New iOS XE Zero-Day Actively Exploited in AttacksSignal Disputes Alleged Zero-Day Flaw
10/13-15/2023 October 15, 2023October 15, 2023 ~ The Cyber Beat ~ Leave a comment Billboards in Israel Were Briefly Hacked to Display Pro-Hamas Messages as Cyberwar Ramps UpNew PEAPOD Cyberattack Campaign Targeting Women Political Leaders…Women Political Leaders Summit Targeted in Romcom Malware PhishingAI algorithm Detects MitM Attacks on Unmanned Military VehiclesChinese Embassy Criticizes Costa Rica for 5G Company RestrictionsUK Regulator Fines Equifax £11m for 2017 Data BreachSecurity Pros Warn That EU’s Vulnerability Disclosure Rule Is RiskyAustralia Fines X, Formerly Twitter, for Not Answering Questions on Child Abuse ContentHackers Hit Aid Groups Responding to Israel and Gaza CrisisKwik Trip IT Systems Outage Caused by Mysterious ‘Network Incident’FBI, CISA Warn of Rising AvosLocker Ransomware Attacks Against Critical InfrastructureDarkGate Malware Spreading via Messaging Services Posing as PDF FilesHackers Use Binance Smart Chain Contracts to Store Malicious ScriptsCISA Shares Vulnerabilities, Misconfigs Used by Ransomware GangsSteam Enforces SMS Verification to Curb Malware-Ridden UpdatesMicrosoft to Phase Out NTLM in Favor of Kerberos for Stronger Authentication
10/12/2023 October 12, 2023October 12, 2023 ~ The Cyber Beat ~ Leave a comment Chinese APT ToddyCat Targets Asian Telecoms, GovernmentsIsrael Sees Cyber Incursions Across Digital SystemsMicrosoft Defender Thwarts Large-Scale Akira Ransomware AttackEverest Ransomware Cybercriminals Offer Corporate Insiders Cold, Hard Cash for Remote AccessShadow PC Warns of Data Breach as Hacker Tries to Sell Gamers’ InfoThe Cyberwar Between the East and the West Goes Through AfricaNew Clues Suggest Stolen FTX Funds Went to Russia-Linked Money LaunderersAMC CEO Was Target of Blackmail and Extortion PlotCalifornia Enacts “Delete Act” For Data PrivacyMalicious NuGet Package Targeting .NET Developers with SeroXen RATShellBot Uses Hex IPs to Evade Detection in Attacks on Linux SSH ServersRansomware Attacks Now Target Unpatched WS_FTP ServersRansomware Victims Continue to Pay Up, While Bracing for AI-Enhanced AttacksHyped up Curl Vulnerability Falls Short of ExpectationsApple Fixes iOS Kernel Zero-Day Vulnerability on Older iPhonesNew Microsoft Bug Bounty Program Focuses on AI-Powered Bing6 Simple Cybersecurity Rules You Can Apply Now
10/11/2023 October 12, 2023October 12, 2023 ~ The Cyber Beat ~ Leave a comment Initial U.S. Intelligence Suggests Iran Was Surprised by the Hamas Attack on IsraelGaza Conflict: How Israeli Cybersecurity Will RespondIsraelis Form Citizen Cyber Brigades Amid Mounting Digital AttacksMicrosoft Warns of Nation-State Hackers Exploiting Critical Atlassian Confluence VulnerabilityU.S. Navy Sailor Pleads Guilty to Accepting $15,000 in Bribes From ChinaU.S. Government Issues Open-Source Security Guidance for Critical InfrastructureSEC is Investigating MOVEit Mass-Hack, Says Progress SoftwareThe UN Risks Normalizing Internet CensorshipMicrosoft Defender Now Auto-Isolates Compromised AccountsSimpson Manufacturing Shuts Down IT Systems After CyberattackWest Texas Gas Files Notice of Data Breach Affecting Over 56,000 PeopleBianLian Extortion Group Claims Recent Air Canada BreachLinkedIn Smart Links Attacks Return to Target Microsoft AccountsU.S. Cybersecurity Agency Warns of Actively Exploited Adobe Acrobat Reader VulnerabilityCD-Indexing Cue Files Are the Core of a Serious Linux Remote Code ExploitNew WordPress Backdoor Creates Rogue Admin to Hijack WebsitesKrebs: Patch Tuesday, October 2023 Edition…From Chaos to Cadence: Celebrating Two Decades of Microsoft’s Patch Tuesday
10/10/2023 October 10, 2023October 10, 2023 ~ The Cyber Beat ~ Leave a comment Israel Was Prepared for a Different War…Iran’s Khamenei Lauds Hamas Attack on Israel, Again Denies Involvement…Israeli Startup Community, at Home and Abroad, Prepares to FightNew Threat Actor “Grayling” Blamed For Espionage CampaignCloudflare, Google, and Amazon Explain What’s Behind the Largest DDoS Attacks EverKrebs: Phishers Spoof USPS, 12 Other Natl’ Postal ServicesGoogle Begins Prompting Users to Create Passwordless Passkeys by DefaultAI Isn’t Just About Risk, Says Splunk’s Cyber ChiefNew Report: Child Sexual Abuse Content and Online Risks to Children on the RiseArctic Wolf Acquires Cybersecurity Automation Platform RevelstokeAir Europa Data Breach: Customers Warned to Cancel Credit CardsALPHV Ransomware Gang Claims Attack on Florida Circuit CourtWalmart, Inc. Files Notice of Data Breach Indicating Over 85k VictimsCommunity First Medical Center In Portage Park (IL) Suffers Large-Scale Data BreachIZ1H9 Botnet Targets IoT Devices With New ExploitsD-Link WiFi Range Extender Vulnerable to Command Injection AttacksNew Critical Citrix NetScaler Flaw Exposes ‘Sensitive’ DataMicrosoft October 2023 Patch Tuesday Fixes 3 Zero-Days, 104 FlawsMicrosoft Exchange Gets ‘Better’ Patch to Mitigate Critical BugMicrosoft to Kill Off VBScript in Windows to Block Malware Delivery
10/9/2023 October 9, 2023October 9, 2023 ~ The Cyber Beat ~ Leave a comment Vietnam Agents Tried to Plant Spyware on Phones of U.S. Lawmakers and Journalists: ProbeGaza-Linked Cyber Threat Actor Targets Israeli Energy and Defense SectorsHacktivist Attacks Erupt in Middle East Following Hamas Assault on IsraelX, Formerly Twitter, Amplifies Disinformation Amid the Israel-Hamas ConflictCybercriminals Using EvilProxy Phishing Kit to Target Senior Executives in U.S. FirmsHelloKitty Ransomware Source Code Leaked on Hacking ForumInside FTX’s All-Night Race to Stop a $1 Billion Crypto HeistDOJ: Ex-Soldier Tried to Pass Secrets to China After Seeking a ‘Subreddit About Spy Stuff’Cybersecurity Talent in America: Bridging the GapDatacenter Cabling Biz Volex Confirms Digital Break-inHackers Modify Online Stores’ 404 Pages to Steal Credit CardsHackers Hijack Citrix NetScaler Login Pages to Steal CredentialsPEACHPIT: Massive Ad Fraud Botnet Powered by Millions of Hacked Android and iOSOver 17,000 WordPress Sites Hacked in Balada Injector Attacks Last MonthGNOME Linux Systems Exposed to RCE Attacks via File DownloadsHigh-Severity Flaws in ConnectedIO’s 3G/4G Routers Raise Concerns for IoT SecuritySecurity Patch for Two New Flaws in Curl Library Arriving on October 11Navigating the Patchwork of U.S. Privacy and Cybersecurity Laws: Summer 2023 Regulatory Updates
10/6-8/2023 October 8, 2023October 8, 2023 ~ The Cyber Beat ~ Leave a comment Israel at War With Hamas After Unprecedented Attacks…Israel’s Security Forces Face Questions After Hamas Attack…Israel’s Failure to Stop the Hamas Attack Shows the Danger of Too Much Surveillance…Iran Helped Plot Attack on Israel Over Several WeeksIsrael’s Government, Media Websites Hit With CyberattacksUkraine Cyber-Conflict: Hacking Gangs Vow to De-EscalateApple’s Encryption Is Under Attack by a Mysterious GroupSnap AI Chatbot Investigation Launched in UK Over Teen-Privacy ConcernsFTC Warns of ‘Staggering’ Losses to Social Media Scams Since 2021MGM Didn’t Pay Up After Hackers Broke Into Its System and Stole Customer Data…MGM Resorts Ransomware Attack Led to $100 Million Loss, Data TheftBounty Offered for Secret NSA Seeds Behind NIST Elliptic Curves AlgoNorth Korea’s Lazarus Group Launders $900 Million in CryptocurrencyHost of EU Summit Spain Target of DDoS CyberattacksD.C. Board of Elections Confirms Voter Data Stolen in Site HackHackers Are Selling the Data of Millions Lifted From 23andMe’s Genetic DatabaseCDW Data to Be Leaked Next Week After Negotiations With LockBit Break DownFlorida Circuit Court Pauses Many Proceedings Following CyberattackLyca Mobile Says Customer Data Was Stolen During CyberattackThird Flagstar Bank Data Breach Since 2021 Affects 800,000 CustomersSupermicro’s BMC Firmware Found Vulnerable to Multiple Critical VulnerabilitiesGitHub’s Secret Scanning Feature Now Covers AWS, Microsoft, Google, and SlackMicrosoft 365 Admins Warned of New Google Anti-spam Rules
10/5/2023 October 5, 2023October 5, 2023 ~ The Cyber Beat ~ Leave a comment China-Linked Cyberspies Backdoor Semiconductor Firms With Cobalt StrikeChina Poised to Disrupt U.S. Critical Infrastructure with Cyber-Attacks, Microsoft WarnsHackers With AI Are Harder to Stop, Microsoft SaysSouth Korea Accuses North of Phish and Ships AttackScammers Impersonate Companies to Steal Cryptocurrency from Job SeekersCISA and NSA Tackle IAM Security Challenges in New ReportNSA and CISA Reveal Top 10 Cybersecurity MisconfigurationsU.S. Government Proposes SBOM Rules for ContractorsCourt Rules in Favor of Auto-Repair Companies in Car-Data DisputeBlackbaud Settles Data Breach With 49 States, DC for $50 MillionLorenz Ransomware Crew Bungles Blackmail Blueprint by Leaking Two Years of ContactsGuyana Governmental Entity Hit by DinodasRAT in Cyber Espionage AttackGoldDigger Android Trojan Drains Victim Bank AccountsAnalysis and Config Extraction of Lu0Bot, a Node.js Malware with Considerable CapabilitiesQakBot Threat Actors Still in Action, Using Ransom Knight and Remcos RAT in Latest AttacksCISA Warns of Active Exploitation of JetBrains and Windows VulnerabilitiesCritical Glibc Bug Puts Linux Distributions at RiskAmazon to Make MFA Mandatory for ‘Root’ AWS Accounts by Mid-2024Beyond Cybersecurity Awareness Month: Finding A Signal In The NoiseCould Cybersecurity Breaches Become Harmless in the Future?Zero-Days for Hacking WhatsApp Are Now Worth Millions of Dollars
10/4/2023 October 5, 2023October 5, 2023 ~ The Cyber Beat ~ Leave a comment LightSpy iPhone Spyware Linked to Chinese APT41 GroupRed Cross Issues Wartime Hacktivist RulesBadbox & Peachpit: Your Cheap Android TV Streaming Box May Have a Dangerous BackdoorPolice Issue “Quishing” Email WarningThe Team Helping Women Fight Digital Domestic AbuseBlackBerry to Separate IoT and Cybersecurity Businesses, Plans IPOClorox Says Sales and Profit Took a Big Hit From CyberattackA Tool to Help Boards Measure Cyber ResilienceHow to Measure Patching and Remediation PerformancePatch Confusion for Critical Exim Bug Puts Email Servers at Risk — AgainSony Confirms Data Breach Impacting Thousands in the U.S.Lyca Mobile Suffers Cyber Attack, Investigating Ransomware PossibilityWeather Network Says Ransomware Attack Caused Website and App Outages in SeptemberHundreds of Malicious Python Packages Found Stealing Sensitive DataMicrosoft Warns of Cyber Attacks Attempting to Breach Cloud via SQL Server InstanceRogue npm Package Deploys Open-Source Rootkit in New Supply Chain AttackAtlassian Patches Critical Confluence Zero-Day Exploited in AttacksCisco Fixes Hard-Coded Root Credentials in Emergency ResponderApple Emergency Update Fixes New Zero-Day Used to Hack iPhones
10/3/2023 October 4, 2023October 4, 2023 ~ The Cyber Beat ~ Leave a comment NATO Says It Is Addressing an Apparent Cyberattack After Strategy Documents Posted OnlineFederal Appeals Court Extends Limits on Biden Admin Comms With Social Media Companies to Top U.S. Cyber AgencyPredator Spyware Linked to Madagascar’s Government Ahead of Presidential ElectionNSA Establishes AI Security CenterCompanies Want to Spend More on AI to Defeat Hackers, but There’s a CatchRansomware Crisis, Recession Fears Leave CISOs in Tough SpotUpstream Supply Chain Attacks Triple in a YearImproving Cybersecurity With AWS’s Threat Intelligence Honeypot SystemGoogle Is Making It Harder for Bulk Senders to Fill Your Gmail With SpamEvilProxy Uses Indeed.com Open Redirect for Microsoft 365 PhishingFBI Most-Wanted Russian Hacker Reveals Why He Burned His PassportRock County (WI) Dealing With Ransomware Attack on Public Health DepartmentRagnar Ransomware Gang Posts 30GB of Data It Claims Belongs to Victorian Network Pacific Real EstateRichmond-Based Freight Transport Company Estes Express Lines Experiences CyberattackMetro Transit (MO) Steadily Recovering From Cyber AttackGreater Dallas Healthcare Enterprises Data Breach Affects Patients’ Medical InfoFortiGuard Uncovers Deceptive Install Scripts in npm PackagesWarning: PyTorch Models Vulnerable to Remote Code Execution via ShellTorchNew ‘Looney Tunables’ Linux Bug Gives Root on Major DistrosQualcomm Releases Patch for 3 new Zero-Days Under Active ExploitationMicrosoft Edge, Teams Get Fixes for Zero-Days in Open-Source Libraries
10/2/2023 October 3, 2023October 3, 2023 ~ The Cyber Beat ~ Leave a comment KillNet Claims DDoS Attack Against Royal Family WebsiteNearly 100,000 Industrial Control Systems Exposed to the InternetKrebs: Don’t Let Zombie Zoom Links Drag You DownAI-Generated Phishing Emails Almost Impossible to Detect, Report FindsFBI Warns of Surge in ‘Phantom Hacker’ Scams Impacting ElderlyCybersecurity Awareness Month Celebrates 20 YearsCybersecurity Professional Job-Satisfaction Realities for National Cybersecurity Awareness MonthMicrosoft Defender No Longer Flags Tor Browser as MalwareYes, Singapore Immigration Plans to Scan Your Face Instead of Your PassportNorway Urges Europe-Wide Ban on Meta’s Targeted Ad Data CollectionMotel One Discloses Data Breach Following Ransomware AttackIndia’s National Logistics Portal Exposed Sensitive Personal Data, Trade RecordsFauquier County Public Schools (VA) Open Despite LockBit Ransomware AttackBunnyLoader Malware Targets Browsers and CryptocurrencySilent Skimmer: A Year-Long Web Skimming Campaign Targeting Online Payment BusinessesRansomware Gangs Now Exploiting Critical TeamCity RCE FlawExploit Available for Critical WS_FTP Bug Exploited in AttacksOpenRefine’s Zip Slip Vulnerability Could Let Attackers Execute Malicious CodeArm Issues Patch for Mali GPU Kernel Driver Vulnerability Amidst Ongoing ExploitationExim Patches Three of Six Zero-Day Bugs Disclosed Last Week
9/29-10/1/2023 October 1, 2023October 1, 2023 ~ The Cyber Beat ~ Leave a comment North Korean Lazarus Group Impersonates Recruiter from Meta to Target Spanish Aerospace FirmIranian APT Group OilRig Using New Menorah Malware for Covert OperationsRussian Company Offers $20M for Non-NATO Mobile ExploitsKrebs: A Closer Look at the Snatch Data Ransom GroupPhishing, Smishing Surge Targets U.S. Postal ServiceAmazon Sends Mastercard, Google Play Gift Card Order Emails by MistakeDiscord Is Investigating Cause of ‘You Have Been Blocked’ ErrorsHow to Tell When Your Phone Will Stop Getting Security UpdatesHow to Stop Google Bard From Storing Your Data and LocationCybersecurity Budgets Grow, But at a Slower PaceShinyHunters Member Pleads Guilty to $6 Million in Data Theft DamagesUK PhD Student Guilty of 3D-Printing ‘Kamikaze’ Drone for Islamic State TerroristsRoyal Family Website ‘Targeted in Russian Cyber Attack’Large Michigan Healthcare Provider McLaren Confirms Ransomware AttackTahoe Forest Hospital District (CA) Notifies Patients of Data BreachPinal County Schools (AZ) Affected by Ransomware AttackCloudflare DDoS Protections Ironically Bypassed Using CloudflareCybercriminals Using New ASMCrypt Malware Loader to Fly Under the RadarMeet LostTrust Ransomware — A likely Rebrand of the MetaEncryptor GangNew Critical Security Flaws Expose Exim Mail Servers to Remote AttacksExploit Released for Microsoft SharePoint Server Auth Bypass FlawCisco Warns of Vulnerability in IOS and IOS XE Software After Exploitation AttemptsProgress Software Releases Urgent Hotfixes for Multiple Security Flaws in WS_FTP ServerPeople Still Matter in Cybersecurity Management