7/31/2024 July 31, 2024July 31, 2024 ~ The Cyber Beat ~ Leave a comment Urgent Blood Donation Appeal Issued in U.S. After Critical OneBlood Ransomware AttackDDoS Attack Triggers New Microsoft Global Outage…‘Error’ in Microsoft’s DDoS Defenses Amplified 8-hour Azure OutageSwiss Stock Exchange Suffers Hours-Long Outage After Data GlitchCISA and FBI: DDoS Attacks Won’t Impact U.S. Election IntegrityKrebs: Don’t Let Your Domain Name Become a “Sitting Duck”Credit Card Users Get Mysterious shopify-charge.com ChargesCan GPT-4o Be Trusted With Your Private Data?Meta to Pay Texas $1.4bn for Unlawful Biometric Data CaptureCrowdStrike Is Sued by Shareholders Over Huge Software OutageRussia Legalizes Cryptocurrency Mining as Ongoing Global Sanctions Continue to Disrupt Traditional FinancesGermany Summons Chinese Ambassador Over Cyberattack on Cartography AgencyWorld Leading Silver Producer Fresnillo Discloses CyberattackRansomware Attack Forces Hundreds of Small Indian Banks Offline, Sources SayChinese Hackers Target Japanese Firms with LODEINFO and NOOPDOOR MalwareFraud Ring Pushes 600+ Fake Web Shops via Facebook AdsNew SMS Stealer Malware Targets Over 600 Global BrandsNew PyPI Package Zlibxjson Steals Discord, Browser DataCybercriminals Deploy 100K+ Malware Android Apps to Steal OTP CodesNew Android Malware ‘BingoMod’ Wipes Your Device After Draining Bank AccountsGoogle Ads Push Fake Google Authenticator Site Installing MalwareDigiCert to Revoke 83,000+ SSL Certificates Due to Domain Validation OversightNo Really, What Cybersecurity Requirements and Standards Does My Company Need to Follow and Why?
7/30/2024 July 30, 2024July 30, 2024 ~ The Cyber Beat ~ Leave a comment Russia, Moldova Targeted by Obscure Hacking Group in New XDSpy Cyberespionage CampaignNew SideWinder Cyber Attacks Target Maritime Facilities in Multiple CountriesU.S. Senate Bill Would Radically Improve Voting Machine SecurityUK ICO Slams Electoral Commission for Basic Security FailingsStolen GenAI Accounts Flood Dark Web With 400 Daily Listings‘LockBit of Phishing’ EvilProxy Used in More Than a Million Attacks Every MonthJust One in 10 Attacks Flagged By Security ToolsCybersecurity Firm Tenable Is Exploring a Potential SaleDelta Hires David Boies to Seek Damages From CrowdStrike, Microsoft After OutageMalaysia Is Working on an Internet ‘Kill Switch’, Says MinisterSophisticated Phishing Campaign Targets Microsoft OneDrive UsersBlack Basta Ransomware Switches to More Evasive Custom MalwareDark Angels Ransomware Receives Record-Breaking $75 Million RansomCybercriminals Target Polish Businesses with Agent Tesla and Formbook MalwareVMware ESXi Flaw Exploited by Ransomware Groups for Admin AccessNew Specula Tool Uses Outlook for Remote Code Execution in WindowsGoogle Chrome Adds App-Bound Encryption to Block Infostealer MalwareDigiCert Mass-Revoking TLS Certificates Due to Domain Validation Bug‘The Worst Thing You Can Do’ After a Data Breach, According to a Cybersecurity Expert
7/29/2024 July 29, 2024July 29, 2024 ~ The Cyber Beat ~ Leave a comment Saboteurs Cut Internet Cables in Latest Disruption During Paris OlympicsQuad Foreign Ministers Decry Dangerous South China Sea ActionsAnother European Parliament Member Says He’s Been Targeted With Commercial SpywareProofpoint Email Routing Flaw Exploited to Send Millions of Spoofed Phishing EmailsKrebs: Crooks Bypassed Google’s Email Verification to Create Workspace Accounts, Access 3rd-Party ServicesHow Infostealers Pillaged the World’s PasswordsMeta’s AI Safety System Defeated by the Space BarApple iOS 18.1 Beta Previews Apple Intelligence For the First TimeFormer Avaya Employee Gets 4 Years for $88M License Piracy SchemePro-Ukrainian Hackers Claim Attack on Russian Cyber CompanyIntruders at HealthEquity Rifled Through Storage, Stole 4.3M People’s DataHairClub for Men Notifies Consumers of October 2023 Data BreachTown of Summerville (SC) Says Sensitive Data May Have Been Stolen During Recent CyberattackGh0st RAT Trojan Targets Chinese Windows Users via Fake Chrome SiteMandrake Spyware Infects 32,000 Devices Via Google Play AppsWalmart Discovers New PowerShell Backdoor Linked to Zloader MalwareHotjar, Business Insider Vulnerabilities Expose OAuth Data Risks
7/26-28/2024 July 28, 2024July 28, 2024 ~ The Cyber Beat ~ Leave a comment Attack on Train System Highlights Broad Array of Security Threats to Paris OlympicsECB’s Cyber Security Test Shows ‘Room for Improvement’ for BanksCrowdStrike Says Over 97% of Windows Sensors Back Online…Hacktivists Claim Leak of CrowdStrike Threat Intelligence…CrowdStrike Warns of New Phishing Scam Targeting German Customers…Microsoft Calls for Windows Changes and Resilience After CrowdStrike OutageSecure Boot Is Completely Broken on 200+ Models From 5 Big Device MakersWhy You Should Avoid Use of One-Time Passwords Sent by TextThe Personal Cybersecurity Concierge Is a New Perk, and Need, Among the WealthyDespite Bans, AI Code Tools Widespread in OrganizationsX Begins Training Grok AI With Your Posts, Here’s How to DisableRussian Ransomware Gangs Account for 69% of All Ransom ProceedsFBCS Data Breach Impact Now Reaches 4.2 Million PeoplePrivate Health Information of More Than 1,600 UAB Patients Exposed on PostcardsAllcare Medical Management (CA) Data Breach Affects Patients of FPA Women’s HealthSynnovis Restores Systems After Cyber-Attack, But Blood Shortages RemainCasper Network Halts Operations Following Security BreachOngoing Cyberattack Targets Exposed Selenium Grid Services for Crypto MiningCrypto Exchange Gemini Discloses Third-Party Data BreachMalicious PyPI Package Targets macOS to Steal Google Cloud CredentialsWhatsApp for Windows Lets Python, PHP Scripts Execute With No WarningAcronis Warns of Cyber Infrastructure Default Password Abused in Attacks
7/25/2024 July 25, 2024July 25, 2024 ~ The Cyber Beat ~ Leave a comment North Korean APT45 Hackers Stealing Military Secrets, Say U.S. and AlliesAt the Olympics, AI Is Watching YouLas Vegas Transit System Is Nation’s First to Plan Full Deployment of AI Surveillance System for WeaponsCrowdStrike Offers a $10 Apology Uber Eats Gift Card to Say Sorry for OutageInsurers Brace for Claims From Global Tech Outage‘Innovative’ £9.27m Shared Workspace Opens in TownKaspersky Says Uncle Sam Snubbed Proposal to Open up Its Code for Third-Party ReviewUncle Sam Accuses Florida Man Telco IT Pro of Decade-Long Spying Campaign for ChinaU.S. Offers $10M for Tips on DPRK Hacker Linked to Maui Ransomware AttacksFrench Police Push PlugX Malware Self-Destruct Payload to Clean PCsBelarus-Linked Hackers Target Ukrainian Orgs With PicassoLoader MalwarePro-Palestinian Actor Levels 6-Day DDoS Attack on UAE BankColumbus (OH) Reports Cyber Incident as Multiple Cities Recover From Ransomware AttacksFuturity First Insurance (CT) Provides Notice of November 2033 Data BreachResearchers Reveal ConfusedFunction Vulnerability in Google Cloud PlatformProgress Warns of Critical RCE Bug in Telerik Report ServerCritical ServiceNow RCE Flaws Actively Exploited to Steal CredentialsPKfail Secure Boot Bypass Lets Attackers Install UEFI MalwareCISA Warns of Exploitable Vulnerabilities in Popular BIND 9 DNS Software
7/24/2024 July 24, 2024July 24, 2024 ~ The Cyber Beat ~ Leave a comment North Korean Hackers Targeted Cybersecurity Firm KnowBe4 with Fake IT WorkerMajor Russian Banks Hit with DDoS Attacks as Ukraine Claims ResponsibilityCrowdStrike Blames Test Software for Taking Down 8.5 Million Windows Machines…No Sign Microsoft Plans to Limit CrowdStrike Access to Windows After Outage, Source SaysThis Machine Exposes Privacy ViolationsChrome Adds New Warnings and Cloud Scanning for Suspicious DownloadsGoogle Criticized for Abandoning Cookie Phase-OutGoogle Chrome Now Warns About Risky Password-Protected ArchivesSchool Gets an F for Using Facial Recognition on Kids in CanteenBreachForums v1 Database Leak is an OPSEC Test for HackersEncrypted Apps Still a Challenge as FBI Probes Trump Shooter’s Devices, Wray SaysData Pilfered From Pentagon IT Supplier LeidosCrypto Exchange MonoSwap Has Been Hacked, Warns Users Not to Deposit FundsHamster Kombat’s 250 Million Players Targeted in Malware AttacksBrookfield Zoo (IL) Confirms Data Breach; Employee Information AccessedJefferson County (KY) Clerk’s Offices to Remain Closed on Thursday Amid CyberattackA Hacker ‘Ghost’ Network Is Quietly Spreading Malware on GitHubPatchwork Hackers Target Bhutan with Advanced Brute Ratel C4 ToolMicrosoft Defender Flaw Exploited to Deliver ACR, Lumma, and Meduza StealersDocker Fixes Critical 5-Year Old Authentication Bypass FlawCISA Adds Twilio Authy and IE Flaws to Exploited Vulnerabilities ListMeta Bans 63,000 Accounts Belonging to Nigeria’s Sextortionist Yahoo Boy
7/23/2024 July 23, 2024July 24, 2024 ~ The Cyber Beat ~ Leave a comment CrowdStrike CEO to Testify About Massive Outage That Halted Flights and Hospitals and More…Inside the 78 Minutes That Took Down Millions of Windows Machines…CrowdStrike’s Botched Tech Update Wasn’t Unique. Are Lessons Ever Learned?…DOT Investigating Delta Over IT Outage Chaos…Fake CrowdStrike Repair Manual Pushes New Infostealer MalwareRussia Shifts Cyber Focus to Battlefield Intelligence in UkraineHow Russia-Linked Malware Cut Heat to 600 Ukrainian Buildings in Deep Winter…‘FrostyGoop’Possible APT28-Linked Hackers Target Ukraine’s Scientific InstitutionsUkrainian Institutions Targeted Using HATVIBE and CHERRYSPY MalwareChinese Hackers Target Taiwan and U.S. NGO with MgBot MalwareChinese Espionage Group Upgrades Malware Arsenal to Target All Major OSGreece’s Land Registry Agency Breached in Wave of 400 CyberattacksBreachForums v1 Hacking Forum Data Leak Exposes Members’ InfoDeFi Exchange dYdX v3 Website Hacked in DNS Hijack AttackRed Art Games Hit with Major Cyber AttackEmployer Flexible (TX) Confirms Data Breach Related to myHR PlatformMagento Sites Targeted with Sneaky Credit Card Skimmer via Swap FilesGoogle Abandons Plan to Phase Out Third-Party Cookies in ChromeFTC Launches Probe Into How Companies Use Data to Tailor What Each Customer PaysVerizon to Pay $16 Million in TracFone Data Breach SettlementWiz Rejects Google’s $23 Billion Takeover in Favor of IPOKrebs: Phish-Friendly Domain Registry “.top” Put on Notice
7/22/2024 July 22, 2024July 22, 2024 ~ The Cyber Beat ~ Leave a comment CrowdStrike Update That Caused Global Outage Likely Skipped Checks, Experts Say…‘Significant Number’ of Devices Fixed – CrowdStrike…Microsoft Releases a CrowdStrike Recovery Tool – Here’s How It WorksThe Pentagon Wants to Spend $141 Billion on a Doomsday MachineRansomware Groups Fragment Amid Rising Cybercrime Threats…Cybercrooks Crafting Solo Careers in Wake of Recent Ransomware Takedowns & DisruptionsPolice Infiltrates, Takes Down DigitalStress DDoS-For-Hire ServiceSpain Arrests Three for Using DDoSia Hacktivist PlatformLos Angeles County Court System Slated to Reopen Tuesday After Ransomware Attack56K Michigan Medicine Patients’ Information Potentially Exposed in May CyberattacksExperts Uncover Chinese Cybercrime Network Behind Gambling and Human TraffickingPlay Ransomware Expands to Target VMWare ESXi EnvironmentsPINEAPPLE and FLUXROOT Hacker Groups Abuse Google Cloud for Credential PhishingSocGholish Malware Exploits BOINC Project for Covert CyberattacksTelegram Zero-Day Allowed Sending Malicious Android APKs as Videos
7/19-21/2024 July 21, 2024July 21, 2024 ~ The Cyber Beat ~ Leave a comment Major Tech Outage Grounds Flights, Hits Banks and Businesses Worldwide…Krebs: Global Microsoft Meltdown Tied to Bad CrowdStrike Update…IT Teams Scramble to Recover From CrowdStrike Incident as Officials Warn of ‘Risks of Consolidation…CrowdStrike IT Outage Affected 8.5 Million Windows Devices, Microsoft Says…The CrowdStrike Outage and Global Software’s Single-Point Failure Problem…Fast and Automated: Global Tech Outage Shows Hazards of Cloud Software Updates…CrowdStrike Has a New Guidance Hub for Dealing with the Windows Outage…Cybercriminals Exploit CrowdStrike Update Mishap to Distribute Remcos RAT Malware…Don’t Fall for CrowdStrike Outage Scams…More U.S. Flights Cancelled in Wake of Global Cyber Outage…IT Outage Exposes Fragility of Tech InfrastructureIDF Has Rebuffed 3 Billion Cyberattacks Since Oct. 7, Colonel ClaimsHackers Are Using Fake Drone Contracts to Infect Ukrainian Defense EnterprisesAPT41 Infiltrates Networks in Italy, Spain, Taiwan, Turkey, and the UKPro-Houthi Group Targets Yemen Aid Organizations with Android SpywareRansomware Attack Shuts Down Los Angeles Superior Court SystemsThe Feds Say These Are the Russian Hackers Who Attacked U.S. Water UtilitiesTwo Russian Nationals Plead Guilty in LockBit Ransomware Attacks17-Year-Old Linked to Scattered Spider Cybercrime Syndicate, Including MGM Hack, Arrested in UKDHS Watchdog Rebukes CISA and Law Enforcement Training Center for Failing to Protect DataDHS Inspector General: Coast Guard Shortcomings Hinder Us Maritime Security
7/18/2024 July 18, 2024July 18, 2024 ~ The Cyber Beat ~ Leave a comment Von Der Leyen Pledges to Tackle Ransomware Attacks Against EU HospitalsChainalysis Launches Public-Private Plans to Crack Down on Crypto ScamsFirms Skip Security Reviews of Major App Updates About Half the TimeSolarWinds Beats Most of U.S. SEC Lawsuit Over Russia-Linked Cyberattack…SolarWinds Fixes 8 Critical Bugs in Access Rights Audit SoftwareKaspersky Challenges U.S. Government to Put Up or Shut up About Kremlin TiesMeta Halts AI Use in Brazil Following Data Protection Authority’s BanAlleged ‘Maniac Murder Cult’ Leader ‘Commander Butcher’ Indicted Over Plot to Murder JewsHacker Jailed After Jobcentre Suffers Cyber AttacksUK National Blood Stocks in ‘Very Fragile’ State Following Ransomware AttackNearly 13 Million Australians Affected by MediSecure AttackSAP AI Core Flaws Expose Sensitive Customer Data and KeysLiverpool Suspend Ticket Sales After Cyber AttackIndian Crypto Platform WazirX Confirms $230 Million Stolen During CyberattackRevolver Rabbit Gang Registers 500,000 Domains for Malware CampaignsTAG-100: New Threat Actor Uses Open-Source Tools for Widespread World-Wide AttacksHotPage Malware Hijacks Browsers With Signed Microsoft DriverCritical Cisco Bug Lets Hackers Add Root Users on SEG Devices
7/17/2024 July 17, 2024July 17, 2024 ~ The Cyber Beat ~ Leave a comment Paris 2024 Olympics Face Escalating Cyber-Threats‘Ghostemperor’ Returns: Mysterious Chinese Hacking Group Spotted for First Time in Two YearsChina-Linked APT17 Targets Italian Companies with 9002 RAT MalwareNorth Korean Hackers Update BeaverTail Malware to Target MacOS UsersThe U.S. Supreme Court Kneecapped U.S. Cyber Strategy, Now Up to U.S. CongressKaspersky Gives U.S. Customers Six Months of Free Updates as a Parting GiftData Breaches Highlight Lack of Basic Cyber ControlsGoogle-Backed Software Developer Gitlab Explores Sale, Sources SayCraig Wright Admits He Isn’t the Inventor of Bitcoin After High Court Judgment in UKTraining at Black Hat to Focus on Equipping Cybersecurity Leaders With Soft SkillsGlobal Police Swoop on Black Axe Cybercrime SyndicateOver 400,000 Life360 User Phone Numbers Leaked via Unsecured APIYacht Giant MarineMax Data Breach Impacts Over 123,000 PeopleHackney Council in London Reprimanded for Failing to Prevent Ransomware AttackFurniture Giant Bassett Shuts Down Manufacturing Facilities After Ransomware AttackShadowroot Ransomware Lures Turkish Victims via Phishing AttacksQilin Ransomware’s Sophisticated Tactics Unveiled By ExpertsFIN7 Group Advertises Security-Bypassing Tool on Dark Web ForumsIraq-Based Cybercriminals Deploy Malicious Python Packages to Steal DataCisco SSM On-Prem Bug Lets Hackers Change Any User’s PasswordCritical Apache HugeGraph Vulnerability Under Attack – Patch ASAPExchange Online Adds Inbound DANE with DNSSEC For Security Boost
7/16/2024 July 16, 2024July 16, 2024 ~ The Cyber Beat ~ Leave a comment CyberDragon & Cyber Army of Russia: Hacktivist Groups Target Romania Amid Geopolitical TensionsMHTML Exploited By APT Group Void BansheeSenators Press AT&T, Snowflake for Answers on Wide-Ranging Data Breach…AT&T Ransom Laundered Through Mixers, Gambling ServicesCISA Warns Critical Geoserver GeoTools RCE Flaw is Exploited in AttacksTwo-Fifths of Senior Citizens Suffer Frequent Fraud AttemptsFCC Chair Proposes New Tactics to Crack Down on AI-Generated RobocallsHacked, Leaked, Exposed: Why You Should Never Use Stalkerware AppsRite Aid Says June Data Breach Impacts 2.2 Million PeopleEmail Addresses of 15 Million Trello Users Leaked on Hacking ForumPhilippine Department of Migrant Workers Hit by Ransomware Attack; Online Systems DownFamily Dynamics Counseling Services (WA) Discloses May 2024 Data BreachCyber-Crime Super-Crew Scattered Spider Falls Madly in Love With RansomHub and Qilin‘Konfety’ Ad Fraud Uses 250+ Google Play Decoy Apps to Hide Malicious TwinsMalicious npm Packages Found Using Image Files to Hide Backdoor CodeMicrosoft Finally Fixes Outlook Alerts Bug Caused by December Updates
7/15/2024 July 16, 2024July 16, 2024 ~ The Cyber Beat ~ Leave a comment The FBI Says It Has ‘Gained Access’ to the Trump Rally Shooter’s PhoneU.S. Senators Secretly Work to Block Safeguards Against Surveillance AbuseNorth Korean Hackers Sent Stolen Crypto to Wallet Used by Asian Payment FirmResearchers: Weak Security Defaults Enabled Squarespace Domains Hijacks (Krebs)Attackers Exploit URL Protections to Disguise Phishing LinksCRYSTALRAY Cyber-Attacks Grow Tenfold Using OSS ToolsKaspersky Lab Closing U.S. Division; Laying Off WorkersUK Cyber-Boss Slams China’s Bug-Hoarding LawsPatagonia Invaded Privacy by Using AI to Analyze Customer Service Interactions, Lawsuit AllegesHackers Claim to Have Leaked 1.1 TB of Disney Slack MessagesAT&T Breach May Also Impact Millions of Boost, Cricket, H2O Customers‘Trial’ DDoS Attacks on French Sites Portend Greater Olympics ThreatsNew BugSleep Malware Implant Deployed in MuddyWater AttacksFacebook Ads for Windows Desktop Themes Push Info-Stealing MalwareNew HardBit Ransomware 4.0 Uses Passphrase Protection to Evade DetectionSEXi Ransomware Rebrands to APT INC, Continues VMware ESXi AttacksWP Time Capsule Plugin Update Urged After Critical Security FlawGitHub Token Leak Exposes Python’s Core Repositories to Potential Attacks
7/12-14/2024 July 14, 2024July 15, 2024 ~ The Cyber Beat ~ Leave a comment Former President Donald Trump Injured in Assassination Attempt at Campaign RallyNATO Set to Build New Cyber Defense CenterWhite House Urged by GOP to Double Check Microsoft Isn’t Funneling AI to China via Recent G42 DealCISA Broke Into a U.S. Federal Agency, and No One Noticed for a Full 5 MonthsIran’s Illusion of Reform Masks the Crumbling of Khamenei’s RegimeAustralian Defence Force Private and Husband Charged with Espionage for RussiaThe Rabbit R1 Has Been Logging Users’ Chats — With No Way to Wipe ThemGoogle Parent in Talks to Buy Cybersecurity Startup Wiz for $23 BillionBanks in Singapore to Phase Out One-Time Passwords in 3 MonthsHackers Use PoC Exploits in Attacks 22 Minutes After ReleaseKrebs: Crooks Steal Phone, SMS Records for Nearly All AT&T Customers…AT&T’s Massive Data Breach Deepens Crisis for Snowflake Seven Weeks After Hack Was Disclosed…AT&T Paid a Hacker $370,000 to Delete Stolen Phone Records…One Tech Tip: What to Do if Your Personal Info Has Been Exposed in a Data BreachCar Dealer Software Slinger CDK Global Said to Have Paid $25M Ransom After CyberattackRite Aid Confirms Data Breach After June Ransomware AttackDarkGate Malware Exploits Samba File Shares in Short-Lived CampaignDNS Hijacks Target Crypto Platforms Registered With SquarespaceNetgear warns users to patch auth bypass, XSS router flawsEU Threatens Musk’s X With a Fine of up to 6% of Global Turnover
7/11/2024 July 11, 2024July 11, 2024 ~ The Cyber Beat ~ Leave a comment Macau Government Websites Hit with Cyberattack by Suspected Foreign HackersWhy Indo-Pacific Countries Are Joining the NATO SummitGermany to Phase Out Huawei, ZTE Components From its 5G Core NetworkU.S. Lawmakers Raise Worries About China in Microsoft Deal with Emirati AI FirmChinese APT41 Upgrades Malware Arsenal with DodgeBox and MoonWalkCompanies Sharply Criticize Draft U.S. Cyber Reporting RulesAkira Ransomware: Lightning-Fast Data Exfiltration in 2-Ish HoursPressure Grows in Congress to Treat Crypto Investigator Tigran Gambaryan, Jailed in Nigeria, as a HostageNotorious Hacker Kingpin ‘Tank’ Is Finally Going to PrisonPrivacy Expert Put away for 9 Years After ‘Grotesque’ Cyberstalking CampaignData Breach Exposes Millions of mSpy Spyware CustomersGoogle Increases Bug Bounty Rewards Five Times, up to $151KAdvance Auto Parts Data Breach Impacts 2.3 Million PeopleDallas County: Data of 200,000 Exposed in 2023 Ransomware AttackARRL Finally Confirms Ransomware Gang Stole Data in CyberattackSignal Downplays Encryption Key Flaw, Fixes It After X DramaHeritage Foundation Insists It Was Not Hacked by ‘Gay Furries’ Hacktivist Collective SiegedSecSibanye Stillwater Hit by Ransomware AttackCRYSTALRAY Hacker Expands to 1,500 Breached Systems Using SSH-Snake Tool60 New Malicious Packages Uncovered in NuGet Supply Chain AttackExim Vulnerability Affecting 1.5 Million Servers Lets Attackers Attach Malicious FilesPHP Vulnerability Exploited to Spread Malware and Launch DDoS AttacksPalo Alto Networks Patches Critical Flaw in Expedition Migration Tool
7/10/2024 July 10, 2024July 11, 2024 ~ The Cyber Beat ~ Leave a comment Election Deepfakes Could Undermine Institutional Credibility, Moody’s WarnsNATO Funds Startups Aiming to Solve Cyber Problems in InfrastructureJapan Warns of Attacks Linked to North Korean Kimsuky HackersBeijing Accused of Misusing Western Research to Claim Volt Typhoon Is a Ransomware GroupKrebs: The Stark Truth Behind the Resurgence of Russia’s Fin7Ransomware Groups Prioritize Defense Evasion for Data ExfiltrationHuione: The $11 Billion Marketplace Enabling the Crypto Scam EconomyYou Can Now Protect Your High-Risk Google Account With Just Your PhoneSnowflake Lets Admins Make MFA Mandatory Across All User AccountsMost Security Pros Admit Shadow SaaS and AI UseCISA Urges Devs to Weed Out OS Command Injection VulnerabilitiesMicrosoft Emails That Warned Customers of Russian Hacks Criticized for Looking Like Spam and PhishingTicket Heist Fraud Gang Uses 700 Domains to Sell Fake Olympics TicketsHacktivists Release Two Gigabytes of Heritage Foundation DataKovack Financial (FL) Provides Notice of Third-Party Data Breach That Leaked Consumer SSNsClay County (IN) Courthouse Remains Closed After Ransomware AttackSmishing Triad Targets India with Fraud SurgeViperSoftX Malware Disguises as eBooks on Torrents to Spread Stealthy AttacksPoco RAT Burrows Deep Into Mining SectorNew Ransomware Group Exploiting Veeam Backup Software VulnerabilityNew OpenSSH Vulnerability Discovered: Potential Remote Code Execution RiskGitLab: Critical Bug Lets Attackers Run Pipelines as Other UsersKrebs: Microsoft Patch Tuesday, July 2024 Edition…Microsoft Outlook Faced Critical Zero-Click RCE Vulnerability
7/9/2024 July 9, 2024July 9, 2024 ~ The Cyber Beat ~ Leave a comment U.S., Allies Issue Rare Warning on Chinese Hacking Group: APT40…Chinese State Actor APT40 Exploits N-Day Vulnerabilities “Within Hours”…Chinese APT40 Hackers Hijack SOHO Routers to Launch AttacksHouthi ‘GuardZoo’ Malware Targets Over 450 Middle Eastern Military PersonnelU.S. Disrupts AI-Powered Bot Farm Pushing Russian Propaganda on XJust a Fifth of Manufacturers Have Strongest Anti-Phishing ProtectionScammers Double-Scam Victims by Offering to Help Recover From ScamsGoogle’s Dark Web Monitoring Service Will Soon Be Free for All UsersMicrosoft China Staff Can’t Log on With an Android, so Redmond Buys Them iThingsCyber-Attack on Evolve Bank Exposed Data of 7.6 Million CustomersFinancial Business and Consumer Solutions (FBCS) Data Breach Affects 4 Million PeopleCity of Philadelphia Says Over 35,000 Hit in May 2023 BreachMonroe County (IN) Victim of Intrusion by Ransomware Group BlackSuitFujitsu Confirms Customer Data Exposed in March CyberattackTrojanized jQuery Packages Found on npm, GitHub, and jsDelivr Code RepositoriesHackers Target WordPress Calendar Plugin Used by 150,000 SitesHackers Exploiting Jenkins Script Console for Cryptocurrency Mining AttacksRADIUS Protocol Vulnerability Exposes Networks to MitM Attacks
7/8/2024 July 8, 2024July 8, 2024 ~ The Cyber Beat ~ Leave a comment New APT CloudSorcerer Malware Hits Russian TargetsFix NHS Gaps or Face More Attacks – Ex Cyber ChiefAvast Secretly Gave DoNex Ransomware Decryptors to Victims Before Crims VanishedRussia Blocks VPN Services in Information Crackdown10 Billion Passwords Leaked on Hacking ForumCrypto Thefts Double to $1.4 Billion, TRM Labs FindsScalpers Work With Hackers to Liberate Ticketmaster’s ‘Non-Transferable’ TicketsSelfie-Based Authentication Raises Eyebrows Among Infosec ExpertsApple Geolocation API Exposes Wi-Fi Access Points WorldwideMicrosoft Forgets About SwiftKey’s Support SiteRoblox Vendor Data Breach Exposes Dev Conference Attendee InfoComputer Maker Zotac Exposed Customers’ RMA Info on Google SearchNeiman Marcus Data Breach: 31 Million Email Addresses Found Exposed‘Serious Hacker Attack’ Forces Frankfurt University to Shut down IT SystemsFlorida Health Department Data Exposed by RansomHubCyber Incident Impacts Systems at Southwest Tennessee Community CollegeMekotio Trojan Targets Latin American Banking CredentialsRCE Bug in Widely Used Ghostscript Library Now Exploited in AttacksCritical Unpatched Flaws Disclosed in Popular Gogs Open-Source Git Service
7/5-7/2024 July 7, 2024July 7, 2024 ~ The Cyber Beat ~ Leave a comment The U.S. Must Secure Its Supremacy Against China in AI and Cloud ComputingThere’s a New Government in the UK. What Can We Expect From It on Cyber?Devs Claim Apple Is Banning VPNs in Russia ‘More Effectively’ Than PutinEuropol Says Home Routing Mobile Encryption Feature Aids CriminalsEuro 2024 Becomes Latest Sporting Event to Attract CyberattacksHackers Leak Alleged Taylor Swift Ticket Data to Extort Ticketmaster…Ticketmaster Discredits Dark Web Claims of Stolen Barcodes for Taylor Swift ConcertsMt. Gox Begins Repaying Bitcoin to Creditors a Decade After Exchange’s CollapseShopify Denies It Was Hacked, Links Stolen Data to Third-Party AppLouisiana Special School District Hit by Akira Cyber AttackNew Eldorado Ransomware Targets Windows, VMware ESXi VMsGootLoader Malware Still Active, Deploys New Versions for Enhanced AttacksOVHcloud Hit with Record 840 Million PPS DDoS Attack Using MikroTik RoutersCloudflare Blames Recent Outage on BGP Hijacking IncidentNew Golang-Based Zergeca Botnet Capable of Powerful DDoS AttacksPolyfill[.]io Attack Impacts Over 380,000 Hosts, Including Major Companies
7/3-4/2024 July 4, 2024July 7, 2024 ~ The Cyber Beat ~ Leave a comment Microsoft’s Midnight Blizzard Source Code Breach Also Impacted Federal AgenciesIsraeli Entities Targeted by Cyberattack Using Donut and Sliver FrameworksSenate Leader Demands Answers From CISA on Ivanti-Enabled Hack of Sensitive SystemsHalf of Employees Fear Punishment for Reporting Security MistakesMeta Faces Suspension of AI Data Training in BrazilHow Apple Intelligence’s Privacy Stacks Up Against Android’s ‘Hybrid AI’OpenAI’s ChatGPT Mac App Was Storing Conversations in Plain Text A Hacker Stole OpenAI Secrets, Raising Fears That China Could, TooKrebs: The Not-So-Secret Network Access Broker x999xxRomance Scams Cost Consumers $1.14 Billion Last Year. It’s a ‘More Insidious’ Fraud, Expert SaysEuropol Warns of Home Routing Challenges For Lawful InterceptionAPP Fraud Singled Out as Biggest Financial Crime ThreatGlobal Police Operation Shuts Down 600 Cybercrime Servers Linked to Cobalt StrikeProton Is Launching Encrypted Documents to Take On Google DocsAuto Industry Warns of Supply-Chain Upsets, Higher Costs From Cybersecurity RulesIs Our Food Supply Chain at Risk?Twilio Alerts Authy Two-Factor App Users That ‘Threat Actors’ Have Their Phone NumbersFormula 1 Governing Body Discloses Data Breach After Email HacksAlabama Dept. Of Education Announces Data Breach, Attempted Cyber AttackGamers’ Data Exposed in RPG Platform Roll20 BreachEthereum Mailing List Breach Exposes 35,000 to Crypto Draining AttackHackers Attack HFS Servers to Drop Malware and Monero MinersHealthEquity Data Breach Exposes Protected Health InformationSouth Africa National Healthcare Lab Still Reeling From Ransomware AttackRansomware Scum Who Hit Indonesian Government Apologizes, Hands Over Encryption KeyNew Ransomware Group ‘Volcano Demon’ Phones Execs to Extort PaymentFakeBat Loader Malware Spreads Widely Through Drive-by Download AttacksOVHcloud Blames Record-Breaking DDoS Attack on MikroTik BotnetMicrosoft MSHTML Flaw Exploited to Deliver MerkSpy Spyware ToolWordPress Plugins at Risk From Polyfill Library CompromiseMicrosoft Uncovers Major Flaws in Rockwell PanelView Plus
7/2/2024 July 2, 2024July 2, 2024 ~ The Cyber Beat ~ Leave a comment UN Urges Russia to ‘Immediately’ Cease Interference in European SatellitesThe Tech Crash Course That Trains U.S. Diplomats to Spot ThreatsWhat Cybersecurity Defense Looks Like for School DistrictsHealth Tech Execs Get Jail Time For $1bn Fraud SchemeStolen Credentials Could Unmask Thousands of Darknet Child Abuse Website UsersLockBit Claims Cyberattack on Croatia’s Largest HospitalPatelco Shuts Down Banking Systems Following Ransomware AttackAffirm Fears Customer Info Pilfered During Ransomware Raid at Evolve BankBaddies Hijack Korean ERP Vendor’s Update Systems to Spew MalwareGoogle Now Pays $250,000 for KVM Zero-Day Vulnerabilities
7/1/2024 July 1, 2024July 1, 2024 ~ The Cyber Beat ~ Leave a comment Transparent Tribe’s CapraRAT Spyware Disguised as Popular Apps Threatens Android UsersTeamViewer: Hackers Copied Employee Directory and Encrypted PasswordsThe Problem the U.S. TikTok Crackdown and Kaspersky Ban Have in CommonCISA Director: U.S. Is ‘Not Afraid’ to Shout About Big Tech’s Security FailingsGoogle Chrome to Let Isolated Web App Access Sensitive USB DevicesMeta’s ‘Pay or Consent’ Data Model Breaches EU LawIndonesian Government Didn’t Have Backups of Ransomwared Data, Because DR Was Only an OptionPoland to Probe Russia-Linked Cyberattack on State News AgencyAustralian Police Arrest Suspect in Fake Wi-Fi Scam Targeting Airport PassengersUnfounded Fears: AI Extinction-Level Threats & the AI Arms RaceIndian Software Firm Conceptworld’s Products Hacked to Spread Data-Stealing MalwareRouter Maker’s Support Portal Hacked, Replies With MetaMask PhishingCDK Global Says All Dealers Will Be Back Online by ThursdayFintech Company Wise Says Some Customers Affected by Evolve Bank Data BreachPrudential Financial Now Says 2.5 Million Impacted by Data BreachJapanese Anime and Gaming Giant Kadokawa Admits Data Leak Following Ransomware AttackCisco Warns of NX-OS Zero-Day Exploited to Deploy Custom MalwareCritical regreSSHion OpenSSH Flaw Enables Full System CompromiseCritical Flaws in CocoaPods Expose iOS and macOS Apps to Supply Chain AttacksLatest Intel CPUs Impacted by New Indirector Side-Channel Attack