5/30/2024 May 31, 2024May 31, 2024 ~ The Cyber Beat ~ Leave a comment FlyingYeti Exploits WinRAR Vulnerability to Deliver COOKBOX Malware in UkrainemacOS Version of Elusive ‘LightSpy’ Spyware Tool DiscoveredHealthcare Sector Maps Cyber Risk Posed by ‘Single Points of Failure’Mystery Attacker Remotely Bricked 600,000 SOHO Routers With Malicious Firmware UpdateU.S. Treasury Says NFTs ‘Highly Susceptible’ to Fraud, but Ignored by High-Tier CriminalsKrebs: ‘Operation Endgame’ Hits Malware Delivery PlatformsU.S. Dismantles World’s Largest 911 S5 Botnet with 19 Million Infected DevicesThe Unusual Espionage Act Case Against a Drone PhotographerThese Internet Browsers Promise Privacy. What Does That Actually Mean?Cybercriminals Raid BBC Pension Database, Steal Records of Over 25,000 PeoplePatients’ Personal Information Possibly Exposed in Data Breach at UChicago MedicineEverbridge Warns of Corporate Systems Breach Exposing Business DataCooler Master Confirms Customer Info Stolen in Data BreachCybercriminals Abuse Stack Overflow to Promote Malicious Python PackagePirated Microsoft Office Delivers Malware Cocktail on SystemsRedTail Crypto-Mining Malware Exploiting Palo Alto Networks Firewall VulnerabilityResearchers Uncover Active Exploitation of WordPress Plugin VulnerabilitiesCISA Alerts Federal Agencies to Patch Actively Exploited Linux Kernel Flaw
5/29/2024 May 29, 2024May 29, 2024 ~ The Cyber Beat ~ Leave a comment Meta Says It Removed Six ‘Inauthentic’ Influence Campaigns Including Those From Israel and ChinaAdvance Fee Fraud Targets Colleges With Free Piano OffersOver 90 Malicious Android Apps With 5.5M Installs Found on Google PlayKrebs: Treasury Sanctions Creators of 911 S5 Proxy Botnet (Update)…Stole $5.9 Billion in COVID Relief Funds…More Krebs: Is Your Computer Part of ‘The Largest Botnet Ever?’New Head of FBI Pittsburgh Office Is Cyber Security ExpertNIST Expects to Clear Backlog in Vulnerabilities Database by End of Fiscal YearInternet Archive Disrupted by Sustained and “Mean” DDoS AttackHackers Claim Ticketmaster Data Breach: 560M Users’ Info for Sale at $500KCooler Master Hit by Data Breach Exposing Customer InformationFirst American December Data Breach Impacts 44,000 PeopleNew PyPI Malware “Pytoileur” Steals Crypto and Evades DetectionOkta Warns of Credential Stuffing Attacks Targeting Its CORS FeatureCheck Point Releases Emergency Fix for VPN Zero-Day Exploited in Attacks for Remote Access…Check Point VPN Zero-Day Exploited in Attacks Since April 30
5/28/2024 May 28, 2024May 28, 2024 ~ The Cyber Beat ~ Leave a comment Microsoft Links North Korean Hackers to New FakePenny RansomwareDeepfake Scams Have Robbed Companies of Millions. Experts Warn It Could Get WorseOpenAI Sets up Safety Committee as It Starts Training New ModelHow Researchers Cracked an 11-Year-Old Password to a $3 Million Crypto WalletSpiderOak One Customers Threaten to Jump Ship Following Datacenter UpgradeBreachForums Returns, Just Weeks After FBI-Led TakedownU.S. Gov’t Sanctions Cybercrime Gang Behind Massive 911 S5 BotnetRussian Indicted for Selling Access to U.S. Corporate NetworksRansomware Group RansomHub Claims Responsibility for Christie’s Hack…Auction House Christie’s Confirms Criminals Stole Some Client DataSpyware Maker pcTattletale Shutters After Data BreachSeattle Public Library Goes Offline After Ransomware EventTeaBot Banking Trojan Activity on the Rise, Zscaler ObservesResearchers Warn of CatDDoS Botnet and DNSBomb DDoS Attack TechniqueExploit Released for Maximum Severity Fortinet RCE Bug, Patch NowXSS Vulnerabilities Found in WordPress Plugin Slider Revolution
5/27/2024 May 27, 2024May 27, 2024 ~ The Cyber Beat ~ Leave a comment Pakistan-Linked Hackers ‘Transparent Tribe’ Deploy Python, Golang, and Rust Malware on Indian TargetsMoroccan Cybercrime Group Steals Up to $100K Daily Through Gift Card FraudNew Tricks in the Phishing Playbook: Cloudflare Workers, HTML Smuggling, GenAIGenerative AI May Be Creating More Work Than It SavesBayer and 12 Other Major Drug Companies Caught up in Wholesaler Cencora Data LossSav-Rx Discloses Data Breach Impacting 2.8 Million AmericansHackers Target Check Point VPNs to Breach Enterprise NetworksTP-Link Fixes Critical RCE Bug in Popular C5400X Gaming Router
5/24-26/2024 May 26, 2024May 26, 2024 ~ The Cyber Beat ~ Leave a comment North Korea Rejects U.S. Accusation, Says It Is Not Linked to Any Cyber AttacksFake Pegasus Spyware Strains Populate Clear and Dark WebHacker Defaces Spyware App Site pcTattletale, Dumps Database and Source CodeHackers Created Rogue VMs to Evade Detection in Recent MITRE Cyber AttackBeware: These Fake Antivirus Sites Spreading Android and Windows MalwareBest Buy and Geek Squad Were Most Impersonated Orgs by Scammers in 2023Here’s Why Deleted iPhone Photos Returned to Some iOS DevicesExperts Find Flaw in Replicate AI Service Exposing Customers’ Models and DataIndian Man Stole $37 Million in Crypto Using Fake Coinbase Pro SiteMan Behind Deepfake Biden Robocall Indicted on Felony Charges, Faces $6M FineWargames Director Jackie Schneider on Why Cyber Is One of ‘The Most Interesting Scholarly Puzzles’Stealthy BLOODALCHEMY Malware Targeting ASEAN Government NetworksCencora Notifies Individuals About Data Stolen Earlier This YearHealth Information Published Online After MediSecure Ransomware AttackSuspected Cyber Attack Continues to Hobble Operations at Palomar Health Medical Group (CA)Walmart 401(K) Data Breach Leaks Names, Social Security Numbers of Plan ParticipantsAlbany County (NY) Investigating ‘Cybersecurity Breach’ Ahead of Holiday WeekendHackers Phish Finance Orgs Using Trojanized Minesweeper CloneNew ShrinkLocker Ransomware Uses BitLocker to Encrypt Your FilesArc Browser’s Windows Launch Targeted by Google Ads MalvertisingGoogle Fixes Eighth Actively Exploited Chrome Zero-Day This YearThree-Year-Old Apache Flink Flaw Under Active AttackICQ Messenger Shuts Down After Almost 28 Years
5/23/2024 May 24, 2024May 24, 2024 ~ The Cyber Beat ~ Leave a comment Inside Operation Diplomatic Specter: Chinese APT Group’s Stealthy Tactics ExposedA Leak of Biometric Police Data Is a Sign of Things to ComeAbsolutely Wild: How the FBI Built and Ran Its Own Smartphone Company to Hack the Criminal UnderworldHe Trained Cops to Fight Crypto Crime—and Allegedly Ran a $100M Dark-Web Drug MarketKrebs: Stark Industries Solutions: An Iron Hammer in the CloudCybercriminals Exploit Cloud Storage For SMS Phishing ScamsMicrosoft Spots Gift Card Thieves Using Cyber-Espionage TacticsCasino Cyberattacks Put a Bullseye on Scattered Spider – And the FBI Is Closing InYou Can Now Share Passwords Within Your Google Family GroupApple Wasn’t Storing Deleted iOS Photos in iCloud After AllFallout From Cyberattack at Ascension Hospitals Persists, Causing Delays in Patient CareNational Records of Scotland Data Breached in NHS Cyber-AttackJAVS Courtroom Recording Software Backdoored in Supply Chain AttackA Closer Look at What Wyandotte County (KS) Leaders Spend on Cybersecurity Amid ‘Network Incident’Lash Group (SC) Announces Data Breach Affecting Bayer Corp. CustomersRansomware Attacks Exploit VMware ESXi Vulnerabilities in Alarming PatternHigh-Severity GitLab Flaw Lets Attackers Take Over AccountsIvanti Patches Critical Remote Code Execution Flaws in Endpoint ManagerNVD Leaves Exploited Vulnerabilities Unchecked
5/22/2024 May 23, 2024May 23, 2024 ~ The Cyber Beat ~ Leave a comment Researchers Warn of Chinese-Aligned Hackers Targeting South China Sea Countries: ‘Unfading Sea Haze’Chinese Hackers Rely on Covert Proxy Networks to Evade Detection‘People Are Just Not Worried About Being Scammed’Spyware Found on U.S. Hotel Check-In ComputersTeslas Can Still Be Stolen With a Cheap Radio Hack—Despite New Keyless TechMastercard Doubles Speed of Fraud Detection with Generative AISEC’s $10 Million Fine of NYSE Owner Shows Focus on Cyber DisclosuresU.S. Unveils $50M Program to Help Hospitals Patch Cybersecurity GapsPreparing Your Organization for Upcoming Cybersecurity DeadlinesConservative Cell Carrier Patriot Mobile Hit by Data BreachNorman Public Schools (OK) Facing Ransomware AttackAccounting Firm Dohman, Akerlund & Eddy (NE) Notifies Consumers of February 2024 Data BreachMS Exchange Server Flaws Exploited to Deploy Keylogger in Targeted AttacksUserPro Plugin Vulnerability Allows Account TakeoverQNAP Patches New Flaws in QTS and QuTS hero Impacting NAS AppliancesMicrosoft to Start Killing Off VBScript in Second Half of 2024Microsoft’s New Windows 11 Recall Is a Privacy NightmareLastPass Is Now Encrypting URLs in Password Vaults for Better Security
5/21/2024 May 22, 2024May 22, 2024 ~ The Cyber Beat ~ Leave a comment Russia’s Turla APT Abuses MSBuild to Deliver TinyTurla BackdoorRussia’s DoppelGänger Campaign Manipulates Social MediaRussia Is Expanding Its Cyberwar Against the WestBillionaire Urges Russian Firms to Build Alternative to SAP SoftwareHacktivists Turn to Ransomware in Attacks on Philippines GovernmentFamily Offices Become Prime Targets for Cyber Hacks and RansomwareWith Ransomware Whales Becoming So Dominant, Would-Be Challengers Ask ‘What’s the Point?’UK to Propose Mandatory Reporting for Ransomware Attacks and Licensing Regime for All PaymentsRockwell Automation Warns Admins to Take ICS Devices OfflineKrebs: Why Your Wi-Fi Router Doubles as an Apple AirTagYouTube Becomes Latest Battlefront for Phishing, DeepfakesZoom Adds ‘Post-Quantum’ Encryption for Video NatteringRansomware and AI-Powered Hacks Drive Cyber InvestmentEventbrite Promoted Illegal Opioid Sales to People Searching for Addiction Recovery HelpCan Cybersecurity Be a Unifying Factor in Digital Trade Negotiations?Western Sydney University Data Breach Exposed Student DataLockBit Says They Stole Data in London Drugs Ransomware AttackTrego County Hospital (KS) Targeted by Ransomware AttackCentroMed (TX) Confirms Data Breach Affecting an Estimated 400kGhostEngine Mining Attacks Kill EDR Security Using Vulnerable DriversSolarMarker Malware Evolves to Resist Takedown Attempts with Multi-Tiered InfrastructureMalware Delivery via Cloud Services Exploits Unicode Trick to Deceive UsersBitbucket Artifact Files Can Leak Plaintext Authentication SecretsCritical GitHub Enterprise Server Flaw Allows Authentication BypassResearchers Uncover Flaws in Python Package for AI Models and PDF.js Used by Firefox“Linguistic Lumberjack” Vulnerability Discovered in Popular Logging Utility Fluent BitNextGen Healthcare Mirth Connect Under Attack – CISA Issues Urgent WarningVeeam Warns of Critical Backup Enterprise Manager Auth Bypass Bug
5/20/2024 May 20, 2024May 20, 2024 ~ The Cyber Beat ~ Leave a comment Iranian President Ebrahim Raisi, Hardline Ally of Khamenei, Killed in Helicopter CrashIran-Linked Void Manticore Intensifies Cyber-Attacks on Israel: ‘BiBi Wiper’EPA Says It Will Step up Enforcement to Address ‘Critical’ Vulnerabilities Within Water SectorHHS Offering $50 Million for Proposals to Improve Hospital CybersecurityElection Officials Are Role-Playing AI Threats to Protect DemocracyAI Chatbots Highly Vulnerable to Jailbreaks, UK Researchers FindWindows 11 Recall AI Feature Will Record Everything You Do on Your PCGoogle Thinks the Public Sector Can Do Better Than Microsoft’s ‘Security Failures’How to Remove Your Personal Info From Google’s Search ResultsCan I Phone a Friend? How Cops Circumvent Face Recognition BansOmniVision Discloses Data Breach After 2023 Ransomware AttackInteractive Brokers (CT) Announces Data Breach Due to Compromised Employee Email AccountLatrodectus Malware Loader Emerges as IcedID’s Successor in Phishing CampaignsCyber Criminals Exploit GitHub and FileZilla to Deliver Malware CocktailQNAP QTS Zero-Day in Share Feature Gets Public RCE ExploitCritical Fluent Bit Flaw Impacts All Major Cloud ProvidersData Breach Response Provider, CyEx, Acquires Settlement Administrator, Simpluris Inc.Cyber Firm CyberArk Inks $1.54 Billion Deal to Acquire VenafiOwner of Incognito Dark Web Drugs Market Arrested in New YorkWikiLeaks’ Julian Assange Can Appeal His Extradition to the US, British Court Says
5/17-19/2024 May 20, 2024May 20, 2024 ~ The Cyber Beat ~ Leave a comment China-Linked Hackers Adopt Two-Stage Infection Tactic to Deploy Deuterbear RATKimsuky APT Deploying Linux Backdoor Gomir in South Korean Cyber AttacksCyber Official Speaks Out, Reveals Mobile Network Attacks in U.S.Two Santa Cruz Students Uncover Security Bug That Could Let Millions Do Their Laundry for FreeAn Attorney Says She Saw Her Library Reading Habits Reflected in Mobile Ads. That’s Not Supposed to HappenFrustration Grows Over Google’s AI Overviews Feature, How to DisableMicrosoft to Start Enforcing Azure Multi-Factor Authentication in JulyChinese Nationals Arrested for Laundering $73 Million in Pig Butchering Crypto ScamUK Councils Warn of Data Breach After Attack on Medical Supplier Nottingham Rehab Supplies HealthcareWebTPA Data Breach Impacts 2.4 Million Insurance PolicyholdersAmerican Radio Relay League Cyberattack Takes Logbook of the World OfflineKinsing Hacker Group Exploits More Flaws to Expand Botnet for CryptojackingRansomware Gang Targets Windows Admins via PuTTy, WinSCP MalvertisingNew Android Banking Trojan ‘Antidot’ Mimics Google Play Update AppGrandoreiro Banking Trojan Resurfaces, Targeting Over 1,500 Banks WorldwideCISA Warns of Actively Exploited D-Link Router Vulnerabilities – Patch Now
5/16/2024 May 17, 2024May 17, 2024 ~ The Cyber Beat ~ Leave a comment Congressional Leaders Concerned by NYPD’s Use of Chinese-Made DronesStifling Beijing in Cyberspace Is Now British Intelligence’s Number-One MissionUK Lags Europe on Exploited Vulnerability RemediationEU Probes Meta Over Its Provisions for Protecting ChildrenResearchers: New Wi-Fi Vulnerability Enables Network Eavesdropping via Downgrade AttacksNorway Recommends Replacing SSL VPN to Prevent BreachesFive Charged for Cyber Schemes to Benefit North Korea’s Weapons ProgramMeet Hackbat: An Open-Source, More Powerful Flipper Zero AlternativeNorth Korean Kimsuky Hackers Exploit Facebook Messenger in Targeted Malware CampaignAsian Threat Actors Use New Techniques to Attack Familiar TargetsMediSecure E-script Firm Hit by ‘Large-Scale’ Ransomware Data BreachSugarGh0st RAT Variant Used in Targeted AI Industry AttacksGE Ultrasound Gear Riddled With Bugs, Open to Ransomware & Data TheftAddressing the Cybersecurity Vendor Ecosystem DisconnectAshley Madison Netflix Doc: All the Celebrities Revealed in Cheating HackSEC to Require Financial Firms to Have Data Breach Incident Plans
5/15/2024 May 15, 2024May 15, 2024 ~ The Cyber Beat ~ Leave a comment Turla Group Deploys LunarWeb and LunarMail Backdoors Against Unnamed Diplomatic MissionsNCSC Expands Election Cybersecurity to Safeguard Candidates and OfficialsGoogle Unveils New Android 15 Security Updates…Android Will Be Able to Detect if Your Phone Has Been SnatchedApple Blocked $7 Billion in Fraudulent App Store Purchases in 4 YearsCurrent Market Forces Disincentivizing Cybersecurity, Says NCSC CTOBrothers Arrested for $25 Million Theft in Ethereum Blockchain AttackFBI Seizes BreachForums Again, Urges Users to Report Criminal ActivityNissan North America Data Breach Impacts Over 53,000 EmployeesRockford Public Schools (MI) Turns off Phones, Computer Network to Stop Spread of RansomwareA Cyberattack Took Down Washington’s Metro Website for Two HoursLaw Enforcement Data Stolen in Wichita Ransomware AttackFEI Systems (MD) Files Official Notice of Data Breach Affecting Consumers’ SSNsPDF Exploitation Targets Foxit Reader UsersWindows Quick Assist Abused in Black Basta Ransomware AttacksGoogle Patches Third Exploited Chrome Zero-Day in a WeekKrebs: Patch Tuesday, May 2024 Edition
5/14/2024 May 14, 2024May 14, 2024 ~ The Cyber Beat ~ Leave a comment China Presents Defining Challenge to Global Cybersecurity, Says GCHQRussian Actors Weaponize Legitimate Services in Multi-Malware AttackSecrecy Concerns Mount Over Spy Powers Targeting U.S. Data CentersTelegram CEO Calls Out Rival Signal, Claiming It Has Ties to U.S. GovernmentData Breaches in U.S. Schools Exposed 37.6M RecordsAndroid Is Getting an AI-Powered Scam Call Detection FeatureVC Firm Accel Raises $650 Mln to Invest in AI, Cybersecurity StartupsAmazon-Backed Anthropic Launches Its Claude AI Chatbot Across EuropeFirst AI Talks Begin Between Chinese and U.S. EnvoysNigeria Suspends Cybersecurity Levy Amid Cost of Living CrisisMITRE Unveils EMB3D: A Threat-Modeling Framework for Embedded DevicesCybersec Chiefs Team up With Insurers to Say ‘No’ to Ransomware Bullies44% of Cybersecurity Professionals Struggle with Regulatory ComplianceApple and Google Add Alerts for Unknown Bluetooth Trackers to iOS, AndroidSantander Reports Customer, Employee Data Breach in Spain, Chile, UruguaySinging River Health System: Data of 895,000 Stolen in Ransomware AttackThe Art Market is Down. A Cyberattack at Christie’s May Make Things Worse.Ebury Botnet Operators Diversify with Financial and Crypto TheftOngoing Campaign Bombards Enterprises with Spam Emails and Phone CallsNew Chrome Zero-Day Vulnerability CVE-2024-4761 Under Active ExploitationPoC Exploit Released for RCE Zero-Day in D-Link EXO AX4800 RoutersCritical Flaws in Cacti Framework Could Let Attackers Execute Malicious CodeVMware Patches Severe Security Flaws in Workstation and Fusion ProductsApple Fixes Safari WebKit Zero-Day Flaw Exploited at Pwn2OwnApple Backports Fix for Zero-Day Exploited in Attacks to Older iPhonesMicrosoft Fixes Windows Zero-Day Exploited in QakBot Malware Attacks…Microsoft May 2024 Patch Tuesday Fixes 3 Zero-Days, 61 Flaws
5/13/2024 May 13, 2024May 13, 2024 ~ The Cyber Beat ~ Leave a comment Hack of Provincial Canadian Government Suspected to Be ‘State-Sponsored’Hack of France Sports Minister’s X Account Highlights Olympics CyberthreatsWelcome to the Laser Wars!INC Ransomware Source Code Selling on Hacking Forums for $300,000Krebs: How Did Authorities Identify the Alleged LockBit Boss?The $2.3 Billion Tornado Cash Case Is a Pivotal Moment for Crypto PrivacyInternal Emails Show How a Controversial Gun-Detection AI System Found Its Way to NYCTile Owner Life360 Picks Satellites Over Partnering With Apple or GoogleFCC Reveals Royal Tiger, Its First Tagged Robocall Threat ActorHelsinki Suffers Data Breach After Hackers Exploit Unpatched FlawWebTPA Employer Services Data Breach Affects an Unknown Number of ConsumersPalomar Health Medical Group (CA) Cyber Attack Raises Patient Concerns of Possible BreachAussie Software Firm Iress Flags Data Breach at Third-Party PlatformBotnet Sent Millions of Emails in LockBit Black Ransomware Campaign‘The Mask’ Espionage Group Resurfaces After 10-Year HiatusHackers Use DNS Tunneling for Network Scanning, Tracking VictimsMallox Ransomware Deployed Via MS-SQL Honeypot AttackMalicious Python Package Hides Sliver C2 Framework in Fake Requests Library Logo
5/10-12/2024 May 13, 2024May 13, 2024 ~ The Cyber Beat ~ Leave a comment Europol Confirms Web Portal Breach, Says No Operational Data StolenMicrosoft Launches Generative AI Model Designed Exclusively for U.S. Intelligence ServicesHouse Committee Asks Microsoft’s Brad Smith to Attend Hearing on Security LapsesUK’s AI Safety Institute Unveils Platform to Accelerate Safe AI DevelopmentUK Hit by More Ransomware and Cyberattacks Last Year Than Ever BeforePupils Miss Classes as School Cyber Attacks RiseGhostStripe Attack Haunts Self-Driving Cars by Making Them Ignore Road SignsWidely Used Telit Cinterion Cellular Modems in Industrial IoT Devices Open to SMS Attack‘TunnelVision’ Attack Leaves Nearly All VPNs Vulnerable to SpyingMonday.com Removes “Share Update” Feature Abused for Phishing AttacksBusinesses, Government See Progress in Cyber Hiring, With ExceptionsNorth Korean Hackers Deploy New Golang Malware ‘Durian’ Against Crypto FirmsFIN7 Hacker Group Leverages Malicious Google Ads to Deliver NetSupport RATLargest Non-Bank Lender in Australia Firstmac Limited Warns of a Data BreachChristie’s Says $850M Auctions to Go ahead as Planned Despite CyberattackThe Post Millennial Hack Leaked Data Impacting 26 Million PeopleOhio Lottery Ransomware Attack Impacts Over 538,000 IndividualsAscension Redirects Ambulances After Suspected Ransomware Attack…CISA: Black Basta Ransomware Breached Over 500 Orgs WorldwideMalicious Android Apps Pose as Google, Instagram, WhatsApp to Steal CredentialsChrome Zero-Day Alert — Update Your Browser to Patch New Vulnerability
5/9/2024 May 9, 2024May 9, 2024 ~ The Cyber Beat ~ Leave a comment Kremlin-Backed APT28 Targets Polish Institutions in Large-Scale Malware CampaignAI-Powered Russian Network Pushes Fake Political NewsFBI Warns Hackers’ Use of AI Is Growing. So Is the Bureau’s.Generative AI’s Disinformation Threat Is ‘Overblown,’ Top Cyber Expert SaysAT&T Delays Microsoft 365 Email Delivery Due to Spam WaveMobile Banking Malware Surges 32%How Government Agencies Can Leverage Grants to Shore Up CybersecurityIn Interview, LockBItSupp Says Authorities Outed the Wrong GuyZscaler Takes “Test Environment” Offline After Rumors of a BreachDell Customer Order Database of ‘49M Records’ Stolen, Now up for Sale on Dark WebRansomware Attack at Mexico’s Pemex Halts Work, Threatens to Cripple ComputersUniversity System of Georgia: 800K Exposed in 2023 MOVEit AttackBritish Columbia Investigating Cyberattacks on Government NetworksSurety HR (OH) Notifies Consumers of January 2024 Data BreachNew ‘LLMjacking’ Attack Exploits Stolen Cloud CredentialsMirai Botnet Exploits Ivanti Connect Secure Flaws for Malicious Payload DeliveryCitrix Warns Admins to Manually Mitigate PuTTY SSH Client Bug
5/8/2024 May 8, 2024May 8, 2024 ~ The Cyber Beat ~ Leave a comment UK Opens Investigation of MoD Payroll Contractor After Confirming AttackVon Der Leyen’s Campaign Website Hit by CyberattackU.S. Confronts China Over Volt Typhoon Cyber EspionageCISA Boss: Secure Code Is the ‘Only Way to Make Ransomware a Shocking Anomaly’Microsoft Will Hold Executives Accountable for CybersecurityAI Threatens Elections by Capitalizing on Human Foibles, Officials WarnFBI Warns of Gift Card Fraud Ring Targeting Retail CompaniesTop FBI Official Urges Agents to Use Warrantless Wiretaps on U.S. SoilSix Austrians Arrested in Multi-Million Euro Crypto Scheme10,000 Customers’ Data Exposed in UK Government BreachesNearly 150K Impacted by Kansas Court System HackMassive Webshop Fraud Ring Steals Credit Cards From 850,000 PeopleAscension Warns of Suspected Cyberattack; Clinical Operations DisruptedPatient Appointments Imperiled by Cyberattack on French RadiologistCity of Wichita Breach Claimed by LockBit Ransomware GangHijack Loader Malware Employs Process Hollowing, UAC Bypass in Latest VersionNew Spectre-Style ‘Pathfinder’ Attack Targets Intel CPU, Leak Encryption Keys and DataNew BIG-IP Next Central Manager Bugs Allow Device Takeover
5/7/2024 May 8, 2024May 8, 2024 ~ The Cyber Beat ~ Leave a comment UK MoD Data Breach: State Involvement Cannot Be Ruled Out in Armed Forces Hack, Says Grant ShappsA (Strange) Interview With the Russian-Military-Linked Hackers Targeting US Water UtilitiesKrebs: U.S. Charges Russian Man as Boss of LockBit Ransomware Group…$10 Million Reward for His ArrestU.S. State Dept Broadens Security Vendor List Amid Microsoft Hacking WoesAmerica’s War on Drugs and Crime Will Be AI Powered, Says Homeland Security BossGoogle’s AI Plans Now Include CybersecurityCyber Startup Wiz Raises $1 Billion on Path to IPONigeria to Charge Levy on Domestic Transfers to Fund CybersecurityChina-Linked Hackers Used ROOTROT Webshell in MITRE Network Intrusion Dating Back to DecemberDocGo Discloses Cyberattack After Hackers Steal Patient Health DataChildren’s Mental Health Data Published After NHS Cyber AttackBrandywine Realty Trust Says Data Stolen in Ransomware AttackConcord (MA) Schools Hit with Cyber Security AttackRansomware Crooks Now SIM Swap Executives’ Kids to Pressure Their ParentsNew Attack Leaks VPN Traffic Using Rogue DHCP ServersHackers Exploiting LiteSpeed Cache Bug to Gain Full Control of WordPress SitesRussian Operator of BTC-e Crypto Exchange Pleads Guilty to Money Laundering
5/6/2024 May 6, 2024May 6, 2024 ~ The Cyber Beat ~ Leave a comment Germany Recalls Ambassador to Russia in Response to Alleged Cyberattack Targeting Chancellor’s PartyMoD Data Breach: UK Armed Forces’ Personal Details Accessed in HackApple’s iPhone Spyware Problem Is Getting Worse. Here’s What You Should KnowKrebs: Why Your VPN May Not Be As Secure As It ClaimsTech Giants Agree to Build Security Into Software ProductsKretinsky and Layani Face off in Battle for Distressed IT Firm AtosAT&T Splits Cybersecurity Services Business, Launches LevelBlueChina-Linked Hackers Suspected in ArcaneDoor Cyberattacks Targeting Network DevicesCity of Wichita Shuts Down IT Network After Ransomware AttackMedStar Health Notifies 183,079 Patients of Recent Data BreachXiaomi Android Devices Hit by Multiple Flaws Across Apps and System ComponentsCritical Tinyproxy Flaw Opens Over 50,000 Hosts to Remote Code ExecutionMastodon Delays Fix for Link Previews DDoSing WebsitesConsultant Charged Over $1.5M Extortion Scheme Against IT Giant
5/3-5/2024 May 5, 2024May 5, 2024 ~ The Cyber Beat ~ Leave a comment Microsoft Outlook Privilege Escalation Flaw Exploited by Russia’s APT28 to Hack Czech, German EntitiesMicrosoft Overhaul Treats Security as ‘Top Priority’ After a Series of FailuresKaspersky Hits Back at Claims Its AI Helped Russia Develop Military Drone SystemsAtos Creditors Reach Deal to Rescue Debt-Laden Group, La Tribune SaysParis Olympics Cybersecurity at Risk via Attack Surface GapsNew EU Cyber Rules for Electricity Providers Aim to Prevent Cascading OutagesLockBit’s Seized Darknet Site Resurrected by Police, Teasing New RevelationsFrom Teenage Cyber-Thug to Europe’s Most WantedNorth Korean Hackers Spoofing Journalist Emails to Spy on Policy ExpertsIranian Hackers Pose as Journalists to Push Backdoor MalwareFinland Warns of Android Malware Attacks Breaching Bank AccountsIndonesia is a Spyware Haven, Amnesty International FindsMore Than 380,000 Additional NYC Students Had Personal Info Hacked, Bringing Total to Over 1MLAPD Website Goes Offline; Officials Give No Cause but Say It’s ‘Not Ransomware’Hackers Increasingly Abusing Microsoft Graph API for Stealthy Malware CommunicationsAndroid Bug Leaks DNS Queries Even When VPN Kill Switch is EnabledGoogle Rolls Back reCaptcha Update to Fix Firefox Issues
5/2/2024 May 2, 2024May 2, 2024 ~ The Cyber Beat ~ Leave a comment U.S. Intelligence Chief Warns Congress of Rise in CyberattacksThink Tank: China’s Tech Giants Refine and Define Beijing’s Propaganda PushPasskeys: All the News and Updates Around Passwordless Sign-InsBitwarden Launches New MFA Authenticator App for iOS, AndroidThe Breach of a Face Recognition Firm Reveals a Hidden Danger of BiometricsREvil Ransomware Affiliate Sentenced to Over 13 Years in PrisonFlorida Man Gets 6 Years Behind Bars for Flogging Fake Cisco Kit to U.S. MilitaryPolice Shut Down 12 Fraud Call Centers, Arrests 21 SuspectsHackers Target New NATO Member Sweden with Surge of DDoS AttacksDropbox Reports Cyberattack on Dropbox Sign ProductLockBit Publishes Confidential Data Stolen From Cannes Hospital in FranceNew “Goldoon” Botnet Targets D-Link Routers With Decade-Old FlawAndroid Flaw Affected Apps With 4 Billion InstallsMicrosoft Warns of “Dirty Stream” Attack Impacting Android Apps4 Critical Bugs in ArubaOS Lead to Remote Code ExecutionThree-Quarters of CISOs Admit App Security IncidentsCISA Urges Software Devs to Weed out Path Traversal Vulnerabilities
5/1/2024 May 1, 2024May 1, 2024 ~ The Cyber Beat ~ Leave a comment U.S. Gov’t Warns of Pro-Russian Hacktivists Targeting Water FacilitiesU.S. Government Releases New AI Security Guidelines for Critical InfrastructureIt’s Time to Rethink the National Vulnerabilities Database for the AI Era, Senators SayThe U.S. Government Is Asking Big Tech to Promise Better CybersecurityLockBit, Black Basta, Play Dominate Ransomware in Q1 2024Lawsuits and Company Devaluations Await For Breached Firms1 in 5 U.S. Ransomware Attacks Triggers LawsuitBitcoin Forensic Analysis Uncovers Money Laundering Clusters and Criminal ProceedsA Vast New Data Set Could Supercharge the AI Hunt for Crypto Money LaunderingU.S. Charges 16 Over ‘Depraved’ Grandparent ScamsInfosec Biz Boss Accused of BS’ing the World About His Career, Anti-Crime Product, CustomersEx-NSA Employee Sentenced to 22 Years for Trying to Sell U.S. Secrets to RussiaSenators Slam UnitedHealth’s CEO Over Cyberattack…Cyberattack Was Due to a Lack of Multifactor Authentication, UnitedHealth CEO Says…UnitedHealth CEO Says ‘Maybe a Third’ of U.S. Citizens Were Affected by Recent Hack…UnitedHealth CEO Tells Lawmakers the Company Paid Hackers a $22 Million RansomFrench Hospital CHC-SV Refuses to Pay LockBit Extortion DemandPanda Restaurants Discloses Data Breach After Corporate Systems HackQantas App Glitch Sees Boarding Passes Fly to Other AccountsZLoader Malware Evolves with Anti-Analysis Trick from Zeus Banking TrojanNew Latrodectus Malware Attacks Use Microsoft, Cloudflare ThemesNew Cuttlefish Malware Infects Routers to Monitor Traffic for CredentialsCISA Says GitLab Account Takeover Bug Is Actively Exploited in AttacksVerizon DBIR: Basic Security Gaffes Underpin Bumper Crop of Breaches