1/31/2024 January 31, 2024January 31, 2024 ~ The Cyber Beat ~ Leave a comment U.S. Officials Deliver Warning That Chinese Hackers Are Targeting Infrastructure…Chinese Cyber Attacks Are Intended to ‘Induce Societal Panic’ Across America, Security Directors Tell CongressCISA: Vendors Must Secure Soho Routers Against Volt Typhoon AttacksPawn Storm’s Stealthy Net-NTLMv2 Assault RevealedU.S. Sanctions Egyptian IT Experts Aiding ISIS in CybersecurityEU Launches First Cybersecurity Certification for Digital ProductsCISA Warns of Patched iPhone Kernel Bug Now Exploited in AttacksExploit Released for Android Local Elevation Flaw Impacting 7 OEMsKrebs: Florida Man Charged in SIM-Swapping Spree is Key Suspect in Hacker Groups Oktapus, Scattered SpiderPolice Seize Record 50,000 Bitcoin From Now-Defunct Piracy SiteUber Fined Almost $11 Million by Dutch Privacy WatchdogUNC4990: Italian Businesses Hit by Weaponized USBs Spreading Cryptojacking Malware Since 2020Telegram Marketplaces Fuel Phishing Attacks with Easy-to-Use Kits and MalwareDecember Cyberattack on Chicago Community Hospital Claimed by LockBit GangJohnson Controls Says Ransomware Attack Cost $27 Million, Data StolenHackers Steal $112 Million of XRP Ripple CryptocurrencyEuropcar Denies Data Breach of 50 Million Users, Says Data Is FakeAlert: Ivanti Discloses 2 New Zero-Day Flaws, One Under Active ExploitationNearly 4-Year-Old Cisco Vuln Linked to Recent Akira Ransomware AttacksRunC Flaws Enable Container Escapes, Granting Attackers Host AccessApple and Google Just Patched Their First Zero-Day Flaws of the Year
1/30/2024 January 31, 2024January 31, 2024 ~ The Cyber Beat ~ Leave a comment U.S. Disabled Chinese Hacking Network Targeting Critical Infrastructure…What Is Volt Typhoon, the Alleged China-Backed Hacking Group?Robots Are Fighting Robots in Russia’s War in UkraineAlpha Ransomware Group Launches Data Leak Site on the Dark WebOnline Ransomware Decryptor Helps Recover Partially Encrypted FilesBrazilian Feds Dismantle Grandoreiro Banking Trojan, Arresting Top OperativesVastaamo Hacker Traced via ‘Untraceable’ Monero Transactions, Police SaysCitibank Sued Over Failure to Defend Customers Against Hacks, FraudU.S. Charges Two More Suspects With DraftKing Account HacksHow to Stop Location Tracking on Your Android Phone (Mostly)UK House of Lords Calls For Legislation on Facial Recognition TechChina-Linked Hackers Target Myanmar’s Top Ministries with Backdoor BlitzOrange España Breach: Dark Web Flooded With Operator CredentialsSchneider Electric Confirms Ransomware Attack on Sustainability DivisionAuthorities Investigating Massive Security Breach at Global Affairs CanadaNew ZLoader Malware Variant Surfaces with 64-bit Windows CompatibilityRust Payloads Exploiting Ivanti Zero-Days Linked to Sophisticated Sliver ToolkitMicrosoft Teams Phishing Pushes DarkGate Malware via Group ChatsNew Linux Glibc Flaw Lets Attackers Get Root on Major DistrosJuniper Networks Releases Urgent Junos OS Updates for High-Severity Flaws7 Hacking Tools That Look Harmless but Can Do Real DamageGrowing Threats Outpace Cybersecurity Workforce
1/29/2024 January 29, 2024January 29, 2024 ~ The Cyber Beat ~ Leave a comment Ukraine’s Prisoners of War Agency Hit by CyberattackU.S., UK Impose Sanctions on Network That Targeted Iran Dissidents for AssassinationU.S. Lawmakers Tell DOJ to Quit Blindly Funding ‘Predictive’ Police ToolsFBI: Tech Support Scams Now Use Couriers to Collect Victims’ MoneyRansomware Payments Drop to Record Low as Victims Refuse to PayNigerian ‘Yahoo Boys’ Behind Social Media Sextortion Surge in the U.S.Dark Web Drugs Vendor Forfeits $150m After Guilty PleaDHS Employees Jailed for Stealing Data of 200K U.S. Gov’t WorkersSolarWinds Slams SEC Lawsuit Against It as ‘Unprecedented’ Victim BlamingApple’s New Stolen Device Protection Has a Big Vulnerability: Here’s How to Fix ItEnergy Giant Schneider Electric Hit by Cactus Ransomware AttackFulton County (GA) Hit With a CyberattackFreehold Township School District (NJ) Shut Down by CyberattackKeenan Warns 1.5 Million People of Data Breach After Summer Cyberattack750 Million Indian Mobile Subscribers’ Info for Sale on Dark WebPhobos Ransomware Family Expands With New FAUST VariantMalicious PyPI Packages Slip WhiteSnake InfoStealer Malware onto Windows MachinesResearchers Uncover How Outlook Vulnerability Could Leak Your NTLM Passwords45K Jenkins Servers Exposed to RCE Attacks Using Public ExploitsTop 3 Data Breaches of 2023; What’s Ahead in 2024
1/26-28/2024 January 28, 2024January 28, 2024 ~ The Cyber Beat ~ Leave a comment Microsoft Warns of Widening APT29 Espionage Attacks Targeting Global Orgs…Microsoft Reveals How Hackers Breached Its Exchange Online AccountsUkraine: Hack Wiped 2 Petabytes of Data From Russian Research CenterU.S. National Security Agency Buys Web Browsing Data Without Warrant, Letter Shows…The Pentagon Tried to Hide That It Bought Americans’ Data Without a WarrantKrebs: Who is Alleged Medibank Hacker Aleksandr Ermakov?Ukraine Arrests Hacker for Assisting Russian Missile StrikesPolice Arrest California Teen Said to Be Linked to Hundreds of Swatting Attacks Nationwide Apple Faces ‘Strong Action’ if App Store Changes Fall Short, EU’s Breton SaysCyber Management Details Emerge Under SEC Rules…The SEC Can’t Protect Its Own Data. Should It Be Trusted to Protect Yours?New Leaks Expose Web of Iranian Intelligence and Cyber Companies23andMe Failed to Detect Account Intrusions for MonthsAkira Ransomware Gang Says It Stole Passport Scans From Lush in 110 GB Data HeistData Theft Plaguing K-12 Schools After Holiday Season AttacksHow a Mistakenly Published Password Exposed Mercedes-Benz Source CodeMalicious Ads on Google Target Chinese Users with Fake Messaging AppsAllaKore RAT Malware Targeting Mexican Firms with Financial Fraud TricksExploits Released for Critical Jenkins RCE Flaw, Patch NowPwn2Own Automotive: $1.3M for 49 Zero-Days, Tesla Hacked TwiceWait, Security Courses Aren’t a Requirement to Graduate With a Computer Science Degree?CISO Corner: Deep Dive Into SecOps, Insurance, & CISOs’ Evolving Role
1/25/2024 January 25, 2024January 25, 2024 ~ The Cyber Beat ~ Leave a comment Ukraine Energy Firm, Postal Service Among State Agencies Hit by Apparent CyberattackChina-Aligned APT Group Blackwood Unleashes NSPX30 ImplantBig-Name Targets Push Midnight Blizzard Hacking Spree Back Into the LimelightHow a Group of Israel-Linked Hackers Has Pushed the Limits of CyberwarFake Robocalls in New Hampshire Stoke Election Misinformation FearsKrebs: Using Google Search to Find Software Can Be RiskyApple to Allow Downloads Outside App Store in EU, With New FeesiPhone Apps Abuse iOS Push Notifications to Collect User DataRussian TrickBot Malware Dev Sentenced to 64 Months in PrisonHelp Wanted From Convicted CybercriminalsOver 198GB of BuyGoods.com Data Exposed By Misconfigured Database23andMe Data Breach: Hackers Stole Raw Genotype Data, Health ReportsNew CherryLoader Malware Mimics CherryTree to Deploy PrivEsc ExploitsSystemBC Malware’s C2 Server Analysis Exposes Payload Delivery TricksLODEINFO Fileless Malware Evolves with Anti-Analysis and Remote Code TricksHackers Target WordPress Database Plugin Active on 1 Million SitesCritical Jenkins Vulnerability Exposes Servers to RCE Attacks – Patch ASAP!Cisco Warns of Critical RCE Flaw in Communications SoftwareTesla Hacked Again, 24 More Zero-Days Exploited at Pwn2Own Tokyo
1/24/2024 January 25, 2024January 25, 2024 ~ The Cyber Beat ~ Leave a comment Notorious Spyware Maker NSO Group Is Quietly Plotting a Comeback…U.S. Judge Rejects Spyware Developer NSO’s Attempt to Bin Apple’s Spyware LawsuitRing Steps Back From Sharing Video With Police — MostlyChatGPT Cybercrime Surge Revealed in 3000 Dark Web PostsUK Says AI Will Empower Ransomware Over the Next Two YearsWhy Bulletproof Hosting is Key to Cybercrime-as-a-ServiceItaly Government Proposes Tougher Jail Terms for CybercriminalsU.S., UK, Australia Sanction Russian REvil Hacker Behind Medibank BreachWall Street Fintech EquiLend Offline After CyberattackHewlett Packard Enterprise Suffered Cyber Breach Over Months Last YearMajor IT Outage at Europe’s Largest Caravan and RV Club Makes for Not-So-Happy CampersKansas City Area Transportation Authority Hit With Cybersecurity AttackGoogle Kubernetes Misconfig Lets Any Gmail Account Control Your ClustersOver 5,300 GitLab Servers Exposed to Zero-Click Account Takeover AttacksTesla Hacked, 24 Zero-Days Demoed at Pwn2Own Automotive 2024Who Pays, and Why: A Researcher Examines the Ransomware Victim’s Mindset
1/23/2024 January 24, 2024January 24, 2024 ~ The Cyber Beat ~ Leave a comment Missouri Secretary of State Accused of Withholding Cybersecurity Reviews of Election AuthoritiesUK Water Giant Southern Water Admits Attackers Broke Into System as Gang Holds It to RansomWater Services Giant Veolia North America Hit by Ransomware AttackMicrosoft Balances SEC Disclosure Rules After Email HackHP CEO Says They Brick Printers That Use Third-Party Ink Because of … HackersFrench Watchdog Slams Amazon with €32m Fine for Spying on WorkersCISA Boss Swatted: ‘While My Own Experience Was Certainly Harrowing, It Was Unfortunately Not Unique’Accused PII Seller Faces Jail for Running Underground Fraud OpX Adds Passkeys Support for iOS Users in the United StatesAI Will Make Scam Emails Look Genuine, UK Cybersecurity Agency WarnsAI Program Poised to Advance Cybersecurity in Abu DhabiMega-Breach Database Exposes 26 Billion RecordsTrello API Abused to Link Email Addresses to 15 Million AccountsJason’s Deli Says Online Platform Customer Data Exposed in Credential Stuffing Attack from DecemberDouglas County (CO) Libraries Hacked by Overseas Criminal GroupFirst Financial Security (GA) Notifies Consumers of Breach Following October Ransomware AttackBucks County (PA) Emergency Dispatch System Down for Days Due to CyberattackVexTrio: The Uber of Cybercrime – Brokering Malware for 60+ AffiliatesKasseika Ransomware Uses Antivirus Driver to Kill Other AntivirusesMalicious npm Packages Used to Target GitHub Developer SSH KeysFortra Warns of New Critical GoAnywhere MFT Auth Bypass, Patch Now…Exploit Released for Fortra GoAnywhere MFT Auth Bypass Bug
1/22/2024 January 23, 2024January 23, 2024 ~ The Cyber Beat ~ Leave a comment Microsoft Russian Hack Leaves Too Much UnansweredTietoevry Ransomware Attack Causes Outages for Swedish Firms, CitiesNorth Korean Hackers Weaponize Fake Research to Deliver RokRAT BackdoorA SIM-Swapping Attack Was Behind the Sec’s Fake Bitcoin PostMalicious Web Redirect Scripts Stealth up to Hide on Hacked SitesCracked macOS Apps Drain Wallets Using Scripts Fetched From DNS RecordsYou Need to Turn on Apple’s New Stolen iPhone ToolCops Used DNA to Predict a Suspect’s Face—and Tried to Run Facial Recognition on ItMedibank Hack: Russian Sanctioned Over Australia’s Worst Data BreachThai Court Blocks 9near.org to Avoid Exposure of 55M CitizensFTC Orders Intuit to Stop Pushing “Free” Software That Isn’t Really FreeAerCap Discloses Cybersecurity IncidentLoanDepot Data Breach Hits 16.6 CustomersTrezor Support Site Breach Exposes Personal Data of 66,000 CustomersDawson James Securities (FL) Reports Data Breach After Unauthorized Access to NetworkSubway’s Data Torpedoed by LockBit, Ransomware Gang ClaimsNS-STEALER Uses Discord Bots to Exfiltrate Your Secrets from Popular BrowsersApache ActiveMQ Flaw Exploited in New Godzilla Web Shell AttacksHackers Start Exploiting Critical Atlassian Confluence RCE FlawMavenGate Attack Could Let Hackers Hijack Java and Android via Abandoned LibrariesIvanti: VPN Appliances Vulnerable if Pushing Configs After MitigationApple Issues Patch for Critical Zero-Day in iPhones, Macs – Update Now
1/19-21/2024 January 21, 2024January 21, 2024 ~ The Cyber Beat ~ Leave a comment Microsoft ‘Senior Leadership’ Emails Accessed by Russian SolarWinds Hackers Chinese Hackers Silently Weaponized VMware Zero-Day Flaw for 2 Years…VMware Confirms Critical vCenter Flaw Now Exploited in AttacksABB’s China Operations Under Investigation by U.S. CongressFashion Giant Faces New IPO Hitch: China’s Cybersecurity PoliceThe Verge: The Verge Is Not Interested in Interviewing You About Crypto — But Scammers AreKrebs: Canadian Man Stuck in Triangle of E-Commerce FraudFujitsu Bugs That Sent Innocent People to Prison Were Known ‘From the Start’IT Consultant Fined for Daring to Expose Shoddy SecurityFive Ripped off IT Giant With Bogus Work Expenses, Prosecutors ClaimBreachForums Hacking Forum Admin Sentenced to 20 Years Supervised ReleaseFTC Bans One More Data Broker From Selling Your Location InfoU.S. Agencies Warn Made-In-China Drones Might Help Beijing Snoop on the WorldVF Cyberattack Compromised Data for 35 Million CustomersPayoneer Accounts in Argentina Hacked in 2FA Bypass AttacksCarnegie Mellon University Hit by Cyber Attack Last AugustMoney Message Ransomware Gang Claims Responsibility for Christmas Hospital AttackResearchers Link 3AM Ransomware to Conti, Royal Cybercrime GangsWatch Out for “I Can’t Believe He Is Gone” Facebook Phishing Posts…Meta Won’t Remove Fake Instagram Profiles That Are Clearly CatfishingNpm Trojan Bypasses UAC, Installs AnyDesk with “Oscompatible” PackageCISA Issues Emergency Directive to Federal Agencies on Ivanti Zero-Day ExploitsBrave to End ‘Strict’ Fingerprinting Protection as It Breaks WebsitesMissing the Cybersecurity Mark With the Essential Eight
1/18/2024 January 18, 2024January 18, 2024 ~ The Cyber Beat ~ Leave a comment Russian COLDRIVER Hackers Expand Beyond Phishing with Custom Malware Written in RustGoogle: Russian FSB Hackers Deploy New Spica Backdoor MalwareCISA: Critical Ivanti Auth Bypass Bug Now Actively Exploited‘Stablecoins’ Enabled $40 Billion in Crypto Crime Since 2022Haier Hits Home Assistant Plugin Dev With Takedown NoticeJPMorgan Exec Claims Bank Repels ’45 Billion Cyberattack Attempts per Day’U.S. Gov’t Wants BreachForums Admin Sentenced to 15 Years in PrisonBangladeshi Elections Come Into DDoS CrosshairsCyber Attacks on Kent Councils Disrupt Online ServicesHampton-Newport News Community Services Board Ransomware Attack Leads to BreachTA866 Resurfaces in Targeted OneDrive CampaignTeamViewer Abused to Breach Networks in New Ransomware AttacksNew Malware Campaign Exploits 9hits in Docker AssaultTensorFlow CI/CD Flaw Exposed Supply Chain to Poisoning Attacks
1/17/2024 January 17, 2024January 17, 2024 ~ The Cyber Beat ~ Leave a comment Microsoft: Iranian Hackers Target Researchers With New MediaPl MalwareKrebs: E-Crime Rapper ‘Punchmade Dev’ Debuts Card ShopExperts Ponder Effectiveness of Official Warnings of Cyber ScamsHow a 27-Year-Old Codebreaker Busted the Myth of Bitcoin’s AnonymityThe Next iOS Update Will Make It Harder to Break Into Your iPhoneiShutdown Scripts Can Help Detect iOS Spyware on Your iPhoneOpenAI Announces Plans to Combat Misinformation Amid 2024 ElectionsMastercard Aims to Limit AI Bias, Cyber RiskPhilippines to Propose ASEAN AI Regulatory Framework, House Speaker SaysAI, Gaming, FinTech Named Major Cybersecurity Threats For KidsTaiwanese Semiconductor Company Foxsemicon Hit by Ransomware AttackAmeriprise Financial Notifies Consumers of Recent Data BreachBurr & Forman Discloses October Data BreachToronto Zoo Employees’ Personal Information Stolen in Ransomware AttackKansas State University Systems Impacted by Cybersecurity ThreatHave I Been Pwned Adds 71 Million Emails From Naz.API Stolen Account ListCheap .Cloud Domains and Fake Shark Tank News Fuel Unhealthy Wellness ScamsBigpanzi Botnet Infects 170,000 Android TV Boxes With MalwarePAX PoS Terminal Flaw Could Allow Attackers to Tamper with TransactionsCISA Pushes Federal Agencies to Patch Citrix RCE Within a Week
1/16/2024 January 16, 2024January 16, 2024 ~ The Cyber Beat ~ Leave a comment Ivanti Connect Secure Zero-Days Now Under Mass ExploitationFBI: Androxgh0st Malware Botnet Steals AWS, Microsoft CredentialsA Flaw in Millions of Apple, AMD, and Qualcomm GPUs Could Expose AI DataMacOS Info-Stealers Quickly Evolve to Evade XProtect DetectionNew Tool Identifies Pegasus and Other iOS SpywareGitHub Rotates Keys to Mitigate Impact of Credential-Exposing FlawThe Sad Truth of the FTC’s ‘Historic’ Privacy WinPentagon Using ChatGPT? Oh Sure, for Cyber-Things and Veterans, Says OpenAIAfrica, Middle East Lead Peers in Cybersecurity, but Lag GloballyCybersecurity Giant Palo Alto Networks to Record High After Record HighMajorca City Calvià Extorted for $11M in Ransomware AttackSinging River Health System (MS) Notifies 252K Patients of Recent Data BreachData Breach at Dallas-Based Cooper Aerobics Exposes 90,000 Customer AccountsLeaked COVID Tests Expose Sensitive Patient DataRemcos RAT Spreading Through Adult Games in New Attack WaveInferno Drainer Spoofs Over 100 Crypto Brands to Steal $80m+Citrix Warns of New Netscaler Zero-Days Exploited in AttacksGoogle Fixes First Actively Exploited Chrome Zero-Day of 2024PixieFail Flaws Impact PXE Network Boot in Enterprise SystemsPatch Now: Critical VMware, Atlassian Flaws Found
1/15/2024 January 15, 2024January 15, 2024 ~ The Cyber Beat ~ Leave a comment Anonymous Sudan Claims London Internet Exchange Attack Over Yemen StrikesEnvironmental Websites Hit by DDoS Surge in COP28 CrossfireLatest Adblock Update Causes Massive YouTube Performance HitU.S. Court Docs Expose Fake Antivirus Renewal Phishing TacticsBritish Library Starts Restoring Services Online After HackWindows SmartScreen Flaw Exploited to Drop Phemedrone MalwareOpera MyFlaw Bug Could Let Hackers Run ANY File on Your Mac or WindowsOver 178K SonicWall Firewalls Vulnerable to DoS, Potential RCE Attacks
1/12-14/2024 January 14, 2024January 14, 2024 ~ The Cyber Beat ~ Leave a comment New Findings Challenge Attribution in Denmark’s Energy Sector CyberattacksHyundai MEA X Account Hacked, Followed by Crypto PromotionU.S. SEC Says Breach of X Account Did Not Lead To Breach of Its Broader SystemsCISA Urges Critical Infrastructure to Patch Urgent ICS VulnerabilitiesWaiting for Your Pay Raise? Cofense Warns Against HR-Related Scams29-Year-Old Ukrainian Cryptojacking Kingpin Arrested for Exploiting Cloud ServicesGrapheneOS: Frequent Android Auto-Reboots Block Firmware ExploitsCybersecurity Measures For Remote Hiring: Ensuring Confidentiality And Data ProtectionA Guide to Getting the Right Cyber InsuranceBritish Cosmetics Firm Lush Confirms Cyberattack2023 Ransomware Attack on U.S. Navy Shipbuilder Fincantieri Leaked Info of Nearly 17K PeopleMedusa Ransomware Gang Targets Nonprofit Water for PeopleMedusa Ransomware on the Rise: From Data Leaks to Multi-ExtortionNumber of Orgs Compromised via Ivanti VPN Zero-Days Grows as Mandiant Weighs InExploit for Under-Siege Sharepoint Vuln Reportedly in Hands of Ransomware CrewVulnerability Puts Bosch Smart Thermostats at Risk of CompromiseCritical RCE Vulnerability Uncovered in Juniper SRX Firewalls and EX SwitchesGitLab Warns of Critical Zero-Click Account Hijacking Vulnerability
1/11/2024 January 11, 2024January 11, 2024 ~ The Cyber Beat ~ Leave a comment Finland Warns of Akira Ransomware Wiping NAS and Tape Backup DevicesAnonymous Sudan Launches Cyberattack on Chad TelcoU.S. School Shooter Emergency Plans Exposed in a Highly Sensitive Database LeakFake Recruiters Defraud Facebook Users via Remote-Work OffersMandiant’s X Account Was Hacked in Brute-Force Password Attack…Crypto Drainer-As-A-Service GangSEC Twitter Hack: Here’s How to Protect Your Own Account on XChild Abusers Are Getting Better at Using Crypto to Cover Their TracksThreat Actors Increasingly Abusing GitHub for Malicious PurposeseBay to Cough up $3M After Cyber-Stalking Couple Who Dared Criticize the SoukBitwarden Adds Passkey Support to Log Into Web Password VaultsFramework Discloses Data Breach After Accountant Gets PhishedHalara Probes Breach After Hacker Leaks Data for 950,000 PeopleFallon Ambulance announces data breach affecting over 900,000 patientsOregon Pacific Bank Files Official Notice of Data BreachNew Python-based FBot Hacking Toolkit Aims at Cloud and SaaS PlatformsNew PoC Exploit for Apache OfBiz Vulnerability Poses Risk to ERP SystemsAtomic Stealer Gets an Upgrade – Targeting Mac Users with Encrypted PayloadNew Balada Injector Campaign Infects 6,700 WordPress SitesOver 150K WordPress Sites at Takeover Risk via Vulnerable PluginMicrosoft Shares Script to Update Windows 10 WinRE With BitLocker Fixes
1/10/2024 January 10, 2024January 11, 2024 ~ The Cyber Beat ~ Leave a comment AI Helps U.S. Intelligence Track Hackers Targeting Critical InfrastructureKrebs: Here’s Some Bitcoin, Oh, and You’ve Been Served!Cybercrooks Play Dress-up as ‘Helpful’ Researchers in Latest Ransomware RuseMalware Takedowns Show Progress, But Fight Against Cybercrime Not OverLawmakers Are Out for Blood After a Hack of the SEC’s X Account Causes Bitcoin ChaosSEC Approves Bitcoin ETFs for Everyday InvestorsUncle Sam Tells Hospitals: Meet Security Standards or No Federal Dollars for YouFake 401K Year-End Statements Used to Steal Corporate CredentialsShinyHunters Chief Phisherman Gets 3 Years, Must Cough up $5MAttack on UK Defense Contractor Ultra I&C Leaks Military DetailsTexas-Based Care Provider HMG Healthcare Says Hackers Stole Unencrypted Patient DataConsensioHealth (WI) Data Breach Affects Patients of Four Healthcare ProvidersIndia’s Shopping Giant Infiniti Mall Cyberattack: 280,000 Records Potentially ExposedAttacker Targets Hadoop YARN, Flint Servers in Stealthy CampaignNoaBot: Latest Mirai-Based Botnet Targeting SSH Servers for Crypto MiningIvanti Warns of Connect Secure Zero-Days Exploited in AttacksCisco Says Critical Unity Connection Bug Lets Attackers Get RootWindows 10 KB5034441 Security Update Fails With 0x80070643 Errors
1/9/2024 January 9, 2024January 9, 2024 ~ The Cyber Beat ~ Leave a comment Hackers Hit Moscow Internet Provider in Response to Kyivstar Cyber AttackThe SEC’s X Account Was Hijacked to Post a Fake Approval of Bitcoin ETFsFTC Bans Data Broker From Selling Americans’ Location DataCISA Warns Agencies of Fourth Flaw Used in Triangulation Spyware Attacks on Apple, Adobe, Apache, D-Link, and Joomla ProductsChina Claims It Cracked Apple’s Airdrop to Find Numbers, Email AddressesRansomware Victims Targeted by Fake Hack-Back OffersNew Decryption Key Available for Babuk Tortilla Ransomware VictimsKrebs: Meet Ika & Sal, The Bulletproof Hosting Duo from HellCybersecurity Deals Boom as Investment Dips, Pinpoint Reports82% of Companies Struggle to Manage Security ExposureNew York State Plans to Give Some Cities Free Cyber ToolsAmazon Is Going ‘Super Aggressive’ on Generative AINigerian Gets 10 Years For Laundering Scam FundsGoogle Search Bug Shows Blank Page in Firefox for AndroidParaguay Warns of Black Hunt Ransomware Attacks After Tigo Business BreachAustralian Travel Agency Inspiring Vacations Hit by Data Breach, Leaking Passport and Travel Details of Thousands of CustomersEntire Population of Brazil Possibly Exposed in Massive Data LeakProSmile Notifies Patients of July 2022 Data BreachHackers Can Infect Network-Connected Wrenches to Install RansomwareAlert: Water Curupira Hackers Actively Distributing PikaBot Loader MalwareBeware! YouTube Videos Promoting Cracked Software Distribute Lumma StealerAlert: New Vulnerabilities Discovered in QNAP and Kyocera Device ManagerTurkish Hackers Exploiting Poorly Secured MS SQL Servers Across the GlobeFlaw in AI Plugin Exposes 50,000 WordPress Sites to Remote AttackPath Traversal Bug Besets Popular Kyocera Office PrintersNew Year, New Bugs in Windows, Adobe, Android, More to Be FixedMicrosoft January 2024 Patch Tuesday Fixes 49 Flaws, 12 RCE Bugs
1/8/2024 January 8, 2024January 8, 2024 ~ The Cyber Beat ~ Leave a comment Netgear, Hyundai Latest X Accounts Hacked to Push Crypto DrainersNorth Korean Hackers Stole $600m in Crypto in 2023Merck Settles With Insurers Over $700m NotPetya ClaimNIST Warns of Security and Privacy Risks from Rapid AI System DeploymentFacebook, Instagram Now Mine Web Links You Visit to Fuel Targeted AdsTwilio Will Ditch Its Authy Desktop 2FA Application in August of This Yeah , Goes Mobile OnlyCan Hackers Get Into Your Google Account Without a Password?Toronto Zoo: Ransomware Attack Had No Impact on Animal WellbeingAnti-Hezbollah Groups Hack Beirut Airport ScreensIranian Crypto Exchange Leaks User Passports and IDsCapital Health Attack Claimed by LockBit Ransomware, Risk of Data LeakRhysida Ransomware Gang Takes Credit for Christmas Attack on Global Lutheran OrganizationU.S. Mortgage Lender loanDepot Confirms Ransomware AttackNew Research: Tackling .NET Malware With Harmony Library
1/5-7/2024 January 8, 2024January 8, 2024 ~ The Cyber Beat ~ Leave a comment Stealthy AsyncRAT Malware Attacks Target U.S. Infrastructure for 11 MonthsWeb3 Security Firm CertiK’s X Account Hacked to Push Crypto DrainerX Users Fed up With Constant Stream of Malicious Crypto AdsCrypto Wallet Founder Loses $125,000 to Fake Airdrop WebsiteHow to Be More Anonymous OnlineBreachForums Boss Busted for Bond Blunders – Including Using a VPN19 xDedic Cybercrime Market Users and Admins Face PrisonGoogle: Malware abusing API is standard token theft, not an API issueKyberSlash Attacks Put Quantum Encryption Projects at RiskPro-Iranian Hacker Group Targeting Albania with No-Justice Wiper MalwareSyrian Threat Group Peddles Destructive SilverRATSpectralBlur: New macOS Backdoor Threat from North Korean HackersSea Turtle Cyber Espionage Campaign Targets Dutch IT and Telecom CompaniesMemorial University Recovers From Cyberattack, Delays Semester StartMortgage Firm loanDepot Cyberattack Impacts IT Systems, Payment PortalBeckley (WV) Latest Municipality Hit With CyberattackCompleteCare Health Network (NJ) Reports Data Breach From Ransomware AttackHackers Target Apache RocketMQ Servers Vulnerable to RCE Attacks
1/4/2024 January 4, 2024January 4, 2024 ~ The Cyber Beat ~ Leave a comment Russian Sandworm Hackers Were Inside Ukraine Telecoms Giant Kyivstar for MonthsTo Beat Russia, Ukraine Needs a Major Tech BreakthroughHackers Hijack Gov’t and Business Accounts on X for Crypto ScamsMandiant’s Twitter Account Restored After Six-Hour Crypto Scam HackFun New Deepfake Consequence: More Convincing Crypto ScamCyber Leaders With Tight Budgets Still Must Secure AI, CloudFTC Offers $25,000 Prize for Detecting AI-Enabled Voice CloningLaw Firm Orrick, Herrington & Sutcliffe That Handles Data Breaches Was Hit by Data BreachNavvis & Company Reports Data Breach Affecting Patients of Certain Healthcare ProvidersUAC-0050 Group Using New Phishing Tactics to Distribute Remcos RAT3 Malicious PyPI Packages Found Targeting Linux with Crypto Miners‘Everything’ Blocks Devs From Removing Their Own Npm PackagesIvanti Warns Critical EPM Bug Lets Hackers Hijack Enrolled DevicesZeppelin Ransomware Source Code Sold for $500 on Hacking Forum
1/3/2024 January 3, 2024January 3, 2024 ~ The Cyber Beat ~ Leave a comment Russia Spies on Kyiv Defenses via Hacked Cameras Before Missile Strikes23andMe Tells Victims It’s Their Fault That Their Data Was BreachedLastPass Will Finally Enforce a 12-Character Minimum Master PasswordA New Year’s Resolution for Tech Companies: Knock It off With the CAPTCHAsFor Cyber Companies, Economic Turbulence in 2023 Sets Up Uncertain 2024Alleged Crunchbase Data Breach Exposes Millions to Potential ThreatsFormal Ban on Ransomware Payments? Asking Orgs Nicely to Not Cough up Ain’t WorkingOver 100 European Banks Face Cyber Resilience TestVoIP Firm XCast Agrees to Settle $10m Illegal Robocall CaseNigerian Hacker Arrested for Stealing $7.5m From CharitiesData Breach at Healthcare Tech Firm HealthEC Impacts 4.5 Million PatientsNearly 1 Million Affected by Ambulance Service Transformative Healthcare Data BreachNetwork180 (MI) Data Breach Impacts as Many as 59,000 PeopleFreight Giant Estes Refuses to Deliver Ransom, Says Personal Data Opened and StolenHacker Hijacks Orange Spain RIPE Account to Cause BGP Havoc‘Large-Scale’ Cyberattack Hits French Township, All Local Services DownFake and Stolen X Gold Accounts Flood Dark WebMalware Using Google MultiLogin Exploit to Maintain Access Despite Password ResetNearly 11 Million SSH Servers Vulnerable to New Terrapin AttacksCISA Warns of Actively Exploited Bugs in Chrome and Excel Parsing Library
1/2/2024 January 2, 2024January 2, 2024 ~ The Cyber Beat ~ Leave a comment States and Congress Wrestle With Cybersecurity After Iran Attacks Small Town Water UtilitiesIsrael Battles Spike in Wartime Hacktivist, OT CyberattacksWhat It’s Like to Use Apple’s Lockdown ModePasskeys: All the News and Updates Around Passwordless Sign-onGoogle Password Resets Not Enough to Stop These Info-Stealing Malware StrainsTeen Found Alive After “Cyber-Kidnapping” IncidentGoogle Settles $5 Billion Privacy Lawsuit Over Tracking Users in ‘Incognito Mode’Google Groups Is Ending Support for Usenet to Combat SpamOnline Museum Collections Down After Cyberattack on Service ProviderXerox Says Subsidiary XBS U.S. Breached After Ransomware Gang Leaks DataSwedish Grocery Chain Coop Targeted by Cactus Ransomware GangIranian Food Delivery Giant Snappfood Cyber Attack: 3TB of Data StolenBunker Hill Community College (MA) Announces Data BreachAkumin (FL) Data Breach Impacts Consumers’ SSNs Following Ransomware AttackSteam Drops Support for Windows 7 and 8.1 to Boost Security
12/29/2023-1/1/2024 January 1, 2024January 1, 2024 ~ The Cyber Beat ~ Leave a comment The Biggest Cybersecurity and Cyberattack Stories of 2023The Worst Hacks of 2023Here We Go Again: 2023’s Badly Handled Data BreachesHappy 14th Birthday, KrebsOnSecurity!CEO Arranged His Own Cybersecurity, With Predictable Results2023 Showed Cybersecurity Isn’t Immune From Brutal LayoffsNew Black Basta Decryptor Exploits Ransomware Flaw to Recover FilesBeware: Scam-as-a-Service Aiding Cybercriminals in Crypto Wallet-Draining AttacksHospitals Ask Courts to Force Cloud Storage Firm to Return Stolen DataThe Law Enforcement Operations Targeting Cybercrime in 2023Chinese Authorities Arrest Four in Ransomware Case Involving ChatGPTKimsuky Hackers Deploying AppleSeed, Meterpreter, and TinyNuke in Latest AttacksPro-Palestinian Operation Claims Dozens of Data Breaches Against Israeli FirmsRussian Hackers Believed to Be Behind Cyber Attack on Victoria’s Court SystemAlbanian Parliament and One Albania Telecom Hit by Cyber AttacksCyberattack on Anna Jaques Hospital (MA) Disrupted Records System, Emergency ServicesOrbit Chain Confirms Hack, Warns of Scam Repayment OffersAndroid Game Dev’s Google Drive Misconfig Highlights Cloud Security RisksNew Variant of DLL Search Order Hijacking Bypasses Windows 10 and 11 ProtectionsMalware Abuses Google OAuth Endpoint to ‘Revive’ Cookies, Hijack AccountsGoogle Fixes Nearly 100 Android Security Issues