8/29/2024 August 29, 2024August 29, 2024 ~ The Cyber Beat ~ Leave a comment Russian APT29 Hackers Exploit Safari and Chrome Flaws in High-Profile CyberattackNorth Korean Hackers Launch New Wave of npm Package AttacksVietnamese Human Rights Group Targeted in Multi-Year Cyberattack by APT32Powerful Spyware Exploits Enable a New String of ‘Watering Hole’ AttacksKrebs: When Get-Out-The-Vote Efforts Look Like PhishingSurge in New Scams as Pig Butchering DominatesHarmful ‘Nudify’ Websites Used Google, Apple, and Discord Sign-On SystemsDell Attempts to Sell Cybersecurity Firm Secureworks Again, Sources SayCrowdStrike’s Meltdown Didn’t Dent Its Market Dominance … YetHalliburton Cyberattack Linked to RansomHub Ransomware Gang…FBI: RansomHub Ransomware Breached 210 Victims Since FebruaryBrain Cipher Claims Attack on Olympic Venue, Promises 300 GB Data LeakIrish Wildlife Park Warns Visitors to Cancel Bank Cards After Discovering CyberattackUSAA Data Breach Affects Over 32k ConsumersCambodian Scam Giant Handled $49 Billion in Crypto Transactions Since 2021Fake Palo Alto GlobalProtect Used as Lure to Backdoor EnterprisesHow AitM Phishing Attacks Bypass MFA and EDR—and How to Fight BackHow Telecom Vulnerabilities Can Be a Threat to Cybersecurity Posture
8/28/2024 August 29, 2024August 29, 2024 ~ The Cyber Beat ~ Leave a comment Intel Officials Say They Anticipate More Hacking Attempts as U.S. Election NearsNotorious Iranian APT33 (aka Peach Sandstorm) Hackers Have Been Targeting the Space Industry With a New BackdoorIran’s APT42 (aka Charming Kitten) Operated Fake Human-Resources Firm to Root Out Unfriendly Spies, Researchers SayIranian UNC757 (aka Pioneer Kitten) Hackers Work With Ransomware Gangs to Extort Breached OrgsSouth Korean Spies Exploit WPS Office Zero-DayMicrosoft Hosts a Security Summit but No Press, Public AllowedEmployee Arrested for Locking Windows Admins Out of 254 Servers in Extortion PlotGoogle Increases Chrome Bug Bounty Rewards up to $250,000U.S. Offers $2.5 Million Reward for Hacker Linked to Angler Exploit KitTelegram Founder Pavel Durov Was Wooed and Targeted by GovernmentsTelegram Repeatedly Refuses to Join Child Protection Schemes1 in 10 Minors Say Their Friends Use AI to Generate Nudes of Other Kids, Survey FindsHundreds of LLM Servers Expose Corporate, Health & Other Online Data‘Store Now, Decrypt Later’: U.S. Leaders Prep for Quantum Cryptography ConcernsColorado Contacted Pac-12 About Potential Data Breach Before Loss to Oregon‘Malfunction’ at Dutch Defense Ministry Datacenter Causing Mass DisruptionDick’s Sporting Goods Discloses Unauthorized Third-Party Access to Info, Including Some Confidential DataSeattle-Tacoma Airport Deals With Delays Five Days After Detecting CyberattackPlay Ransomware Hackers Claim Attack on U.S. Manufacturer Microchip TechnologyNorfolk (UK) Poultry Farm Banham Poultry Hit by Cyber-AttackEssex (UK) Infant School Canvey Island Infant School Hit by Cyber AttackLummaC2 Infostealer Resurfaces With Obfuscated PowerShell TacticsPoorTry Windows Driver Evolves Into a Full-Featured EDR WiperBlackByte Ransomware Exploits VMware ESXi Flaw in Latest Attack WaveAttackers Exploit Critical Atlassian Confluence Flaw for CryptojackingCCTV Zero-Day Exposes Critical Infrastructure to Mirai BotnetCritical WPML Plugin Flaw Exposes WordPress Sites to Remote Code ExecutionCISA Flags Critical Apache OFBiz Flaw Amid Active Exploitation ReportsFortra Issues Patch for High-Risk FileCatalyst Workflow Security Vulnerability
8/27/2024 August 27, 2024August 27, 2024 ~ The Cyber Beat ~ Leave a comment Krebs: New Versa Director 0-Day Attacks Linked to China’s ‘Volt Typhoon’Internet Outages Spread Across Ukraine Following Russian Air Strikes on Critical InfrastructureU.S. Marshals Service Disputes Hunters International Ransomware Gang’s Breach ClaimsA Third of Organizations Suffer SaaS Data BreachesThreat Group ‘Bling Libra’ Pivots to Extortion for Cloud AttacksMicrosoft Security Tools Questioned for Treating Employees as ThreatsIntel’s Software Guard Extensions Broken? Don’t PanicPatchwork of State Privacy Laws Remains After Latest Failed Bid for Federal LawNotion Exits Russia and Will Terminate Accounts in SeptemberWindows Downdate Tool Lets You ‘Unpatch’ Windows SystemsPark’N Fly Notifies 1 Million Customers of Data BreachBlackSuit Ransomware Stole Data of 950,000 From Software Vendor Young ConsultingMalware Infiltrates Pidgin Messenger’s Official Plugin RepositoryTrionfo Solutions (IL) Announces Data Breach Affecting Over 76k MetLife Plan HoldersMOVEit Hack Exposed Personal Data of Half Million TDECU UsersMicrosoft Sway Abused in Massive QR Code Phishing CampaignmacOS Version of HZ RAT Backdoor Targets Chinese Messaging App UsersGoogle Warns of CVE-2024-7965 Chrome Security Flaw Under Active ExploitationMicrosoft Fixes ASCII Smuggling Flaw That Enabled Data Theft from Microsoft 365 CopilotPoC Exploit for Zero-Click Vulnerability Made Available to the Masses
8/26/2024 August 27, 2024August 27, 2024 ~ The Cyber Beat ~ Leave a comment NSA Releases Guide to Combat Living Off the Land AttacksIn a Kyiv Hangar, Ukraine Launches a Cyber Range for EveryonePavel Durov’s Arrest Leaves Telegram Hanging in the Balance…Telegram’s Durov Still Held by French Police, Franceinfo Reports…Telegram Says Arrested CEO Has ‘Nothing to Hide’ as France Reportedly Extends His Detention…Elon Musk Calls for Release of Telegram Founder Pavel Durov as Arrest Sparks Debate Whether X Owner May Be NextDutch Regulator Fines Uber €290 Million for GDPR Violations in Data Transfers to U.S.Microsoft: Exchange Online Mistakenly Tags Emails as MalwareThe Future of Cybersecurity: Insights From Theresa Payton, Former White House CIOResearchers Warn of Text Scams That Send Drivers Fake Bills for Highway TollsC-Suite Involvement in Cybersecurity Is Little More Than Lip ServiceAMD Internal Data Reportedly Offered for SaleSeattle’s Airport, Seaport Isolate Systems After Cyberattack31.5 Million Invoices, Contracts, Patient Consent Forms, Documents, and Much, Much More Exposed to the InternetPatelco Notifies 726,000 Customers of Ransomware Data BreachData of Nearly 1,000 People Leaked in St. Helena Cyberattack, City SaysKeystone Pacific Property Management Notifies Consumers of Recent Data BreachResearchers Identify Over 20 Supply Chain Vulnerabilities in MLOps PlatformsCritical Flaws in Traccar GPS System Expose Users to Remote AttacksSonicWall Issues Critical Patch for Firewall Vulnerability Allowing Unauthorized AccessVersa Fixes Director Zero-Day Vulnerability Exploited in AttacksGoogle Tags a Tenth Chrome Zero-Day as Exploited This Year
8/22-25/2024 August 25, 2024August 25, 2024 ~ The Cyber Beat ~ Leave a comment The Iranians Who Hacked Trump’s Campaign Have Deep ExpertiseMeta Exposes Iranian Hacker Group Targeting Global Political Figures on WhatsAppWhen War Came to Their Country, They Built a MapKremlin Blames Widespread Website Disruptions on DDoS Attack; Digital Experts DisagreeRussia Calls for Restrictions on Surveillance Cameras, Dating Apps in Cities Under Attack From UkraineChinese Hackers Exploit Zero-Day Cisco Switch Flaw to Gain System ControlMicrosoft to Host CrowdStrike and Others to Discuss Windows Security ChangesKrebs: Local Networks Go Global When Domain Names CollideAI Copilots Are Making Internal Breaches Easier and Costlier to Defend AgainstCompanies Prepare to Fight Quantum HackersU.S. Charges Karakurt Extortion Gang’s “Cold Case” NegotiatorRussian Laundering Millions for Lazarus Hackers Arrested in ArgentinaSuspect in $14 Billion Cryptocurrency Pyramid Scheme Extradited to ChinaTelegram Messaging App CEO Durov Arrested in France…Content Moderation FailuresA Bank Exec Stole $47 Million for a Crypto Scam, and Now He’s Going to JailWhy Parents May Want to Start Locking a Child’s Credit at a Very Young AgeCompany Fined $1m for Fake Joe Biden AI CallsYouTube Launches AI Tool to Recover Hacked AccountsOperating as a Legitimate Business, Greasy Opal’s CAPTCHA Solver Still Serving Cybercrime After 16 YearsUniversity of California Santa Cruz Thought It Would Be a Good Idea to Do a Phishing Test With a Fake Ebola ScareU.S. Oil Giant Halliburton Confirms Cyberattack Behind Systems ShutdownPort of Seattle Says It Was Hit with Possible Cyberattack; Outage Affects Airport, Phone SystemsAmerican Radio Relay League Confirms $1 Million Ransom PaymentQilin Caught Red-Handed Stealing Credentials in Google ChromeNew Malware PG_MEM Targets PostgreSQL Databases for Crypto MiningCthulhu Stealer Malware Targets macOS With Deceptive TacticsHackers Now Use AppDomain Injection to Drop CobaltStrike BeaconsPEAKLIGHT Downloader Deployed in Attacks Targeting Windows with Malicious Movie DownloadsHackers Steal Banking Creds from iOS, Android Users via PWA AppsNew Linux Malware ‘sedexp’ Hides Credit Card Skimmers Using Udev RulesNovel Android Malware Steals Card NFC Data For ATM WithdrawalsBackdoor in Mifare Smart Cards Could Open Doors Around the WorldHackers Are Exploiting Critical Bug in LiteSpeed Cache PluginSecurity Flaws in UK Political Party Donation Platforms ExposedNew ‘ALBeast’ Vulnerability Exposes Weakness in AWS Application Load BalancerHardcoded Credential Vulnerability Found in SolarWinds Web Help DeskGeorgia Tech Sued Over Cybersecurity Violations, DOJ Joins InAudit Finds Notable Security Gaps in FBI’s Storage Media ManagementHack on North Miami Tests Ransom Payment Bans
8/21/2024 August 21, 2024August 21, 2024 ~ The Cyber Beat ~ Leave a comment Moscow Detains Scientist Suspected of Carrying out DDoS Attacks on RussiaRussia Tells Citizens to Switch off Home Surveillance Because the Ukrainians Are ComingHealthcare Hit by a Fifth of Reported Ransomware Incidents…Most Ransomware Attacks Now Happen at NightFAA Proposes New Cybersecurity Rules for AirplanesThe U.S. Government Wants You—Yes, You—to Hunt down Generative AI FlawsAustralia Calls Off Clearview AI Investigation Despite Lack of ComplianceCritical Thinking AI in Cybersecurity: A Stretch or a Possibility?Stadiums Are Embracing Face Recognition. Privacy Advocates Say They Should Stick to SportsHow to Freeze Your Credit After a Data BreachPhrack Hacker Zine Publishes New Edition After Three YearsFinancial Services Firm Fined $850K for Violating SEC Cyber RulesMcDonald’s Instagram Page Hacked by Crypto Scammers Who Claim They Stole $700K110K Domains Targeted in ‘Sophisticated’ AWS Cloud Extortion CampaignTop U.S. Oilfield Firm Halliburton Hit by Cyberattack, Source SaysPatelco Credit Union Says Personal Info of Customers, Employees Exposed in June BreachDental Specialists (MN) Data Breach Affects an Estimated 38,442 PeopleNew MoonPeak RAT Linked to North Korean Threat Group UAT-5394New macOS Malware TodoSwift Linked to North Korean Hacking GroupsCritical LiteSpeed Cache Plugin Flaw Exposes WordPress SitesGitHub Enterprise Server Vulnerable to Critical Auth Bypass FlawGoogle Fixes Ninth Chrome Zero-Day Exploited in Attacks This YearMicrosoft Patches Critical Copilot Studio Vulnerability Exposing Sensitive DataMicrosoft to Roll out Windows Recall to Insiders in OctoberQNAP Adds NAS Ransomware Protection to Latest QTS Version
8/20/2024 August 20, 2024August 20, 2024 ~ The Cyber Beat ~ Leave a comment U.S. Warns of Iranian Hackers Escalating Influence OperationsIranian Group TA453 Launches Phishing Attacks with BlackSmithAn AWS Configuration Issue Could Expose Thousands of Web AppsThousands of Oracle NetSuite Sites at Risk of Exposing Customer Information‘Styx Stealer’ Malware Developer Accidentally Exposes Personal Info to Researchers in ‘Critical Opsec Error’Novel Phishing Method Used in Android/iOS Financial Fraud CampaignsFormer Congressman Santos Admits Identity Theft and FraudMan Who Hacked Hawaii State Registry to Forge His Own Death Certificate Sentenced to 81 MonthsDon’t Let Your Cash App Get Hacked. Cybersecurity Expert Tips to Safeguard Your MoneyAugust Windows Updates Break Dual Boot on Some Linux SystemsJewish Home Lifecare Notifies 100,000 Victims of Ransomware BreachMicrochip Technology Says Certain Operations Disrupted by Cyber Incident by ‘Unauthorized Party’CannonDesign Confirms Avos Locker Ransomware Data BreachEnroll Confidently (WA) Notifies Consumers of February 2024 Data BreachBlind Eagle Hackers Exploit Spear-Phishing to Deploy RATs in Latin AmericaCzech Mobile Users Targeted in New Banking Credential Theft SchemeHackers Exploit PHP Vulnerability to Deploy Stealthy Msupedge BackdoorNew DNS-Based Backdoor Threat Discovered at Taiwanese UniversityResearchers Uncover TLS Bootstrap Attack on Azure Kubernetes Clusters
8/19/2024 August 19, 2024August 19, 2024 ~ The Cyber Beat ~ Leave a comment U.S. Intelligence Community Says Iran Responsible for Hack of Trump CampaignFBI and CISA Assure Public on Election Ransomware SecurityKrebs: National Public Data Published Its Own Passwords…National Public Data Insists ‘Only’ 1.3M People Affected by Intrusion…Was Your Social Security Number Leaked to the Dark Web? Use This Tool to Find Out.Russia-Linked Vermin Hackers Target Ukraine With New Malware StrainUkrainian Bank’s Service for Military Donations Targeted by ‘Massive’ DDoS AttackThe Pentagon Is Planning a Drone ‘Hellscape’ to Defend TaiwanResearchers Uncover New Infrastructure Tied to FIN7 Cybercrime GroupColumbus Officials Warn Victims, Witnesses After Ransomware Leak of Prosecutor FilesHuman Nature Is Causing Our Cybersecurity ProblemToyota Confirms Breach After Stolen Data Leaks on Hacking ForumFlightAware Configuration Error Leaked User Data for YearsCybercriminals Siphon Credit Card Numbers From Oregon Zoo WebsiteHackers Linked to $14M Holograph Crypto Heist Arrested in ItalyNew UULoader Malware Distributes Gh0st RAT and Mimikatz in East AsiaNew Tool Xeon Sender Enables Large-Scale SMS Spam AttacksCybercriminals Exploit Popular Software Searches to Spread FakeBat MalwareMicrosoft Apps for macOS Exposed to Library Injection AttacksCISA Warns of Jenkins RCE Bug Exploited in Ransomware AttacksMicrosoft Patches Zero-Day Flaw Exploited by North Korea’s Lazarus Group
8/16-18/2024 August 18, 2024August 18, 2024 ~ The Cyber Beat ~ Leave a comment OpenAI Says Iran Tried to Influence U.S. Elections With ChatGPTGeopolitical Tensions Drive Explosion in DDoS AttacksKrebs: NationalPublicData.com Hack Exposes a Nation’s DataWhy Are Organizations Losing the Ransomware Battle?How the CrowdStrike Tech Outage Reignited a Battle Over the Heart of Microsoft SystemsChrome Will Redact Credit Cards, Passwords When You Share Android ScreenHow Safe Am I Online?—and Other Questions Readers Asked About CybersecurityMicrosoft Mandates MFA for All Azure Sign-InsAzure Domains and Google Abused to Spread Disinformation and MalwareGeofence Warrants Ruled Unconstitutional—but That’s Not the End of ItUnicoin Hints at Potential Data Meddling After G-Suite CompromiseRansomware Attack on Flint (MI) Affecting City Services as FBI Investigates IncidentNorth Miami (FL) Works to Restore Services After Cyber AttackRansomware Attack on Indian Payment System Traced Back to Jenkins BugRussian Hackers Using Fake Brand Sites to Spread DanaBot and StealC MalwareNew Mad Liberator Gang Uses Fake Windows Update Screen to Hide Data TheftNew Banshee Stealer Targets 100+ Browser Extensions on Apple macOS SystemsAttackers Exploit Public .env Files to Breach Cloud Accounts in Extortion CampaignCISA Warns Critical SolarWinds RCE Bug is Exploited in Attacks
8/15/2024 August 15, 2024August 15, 2024 ~ The Cyber Beat ~ Leave a comment U.S. Lawmakers Urge Probe of WiFi Router Maker TP-Link Over Fears of Chinese Cyber AttacksRussia’s FSB Behind Massive Phishing Espionage CampaignNew Cyber Threat Targets Azerbaijan and Israel Diplomats, Stealing Sensitive DataMeta Warns of Troll Networks From Russia, Iran Ahead of U.S. ElectionsInside the $93 Million Wall Street Heist That Stemmed From RussiaPakistan’s Internet Firewall Could Cost Economy $300 Million, Association SaysRansomware Gangs Rake in More Than $450 Million in First Half of 2024T-Mobile Fined $60 Million to Settle Alleged National Security ViolationsHearing about Leaked Social Security Numbers? Don’t PanicCyber-Criminals Exploited Paris Olympics With Fake DomainsFraser Child and Family Center (MN) Notifies 67k of Recent Data BreachAdvanced ValleyRAT Campaign Hits Windows Users in ChinaRansomHub Group Deploys New EDR-Killing Tool in Latest Cyber AttacksNew Gafgyt Botnet Variant Targets Weak SSH Passwords for GPU Crypto MiningGoogle Pixel Phones Sold With Security Vulnerability, Report FindsMicrosoft Disables Recent BitLocker Security Fix, Advises Manual MitigationMicrosoft Removes FAT32 Partition Size Limit in Windows 11
8/14/2024 August 15, 2024August 15, 2024 ~ The Cyber Beat ~ Leave a comment Russia’s Critics Targeted With Global Hacking Campaign, Rights Group SaysChina-Backed Earth Baku Expands Cyber Attacks to Europe, Middle East, and AfricaAPT42: A Single Iranian Hacker Group Targeted Both Presidential Campaigns, Google SaysLarge-Scale Cyber Attack Cripples Iranian BanksDDoS Attacks Surge 46% in First Half of 2024, Gcore Report RevealsNIST Releases First Encryption Tools to Resist Quantum ComputingThe Weirdest ‘3 Billion People’ Data Breach EverGerman Cyber Agency Wants Changes in Microsoft, CrowdStrike Products After Tech OutageTexas Sues GM for Selling Driver Data to Analytics, Insurance CompaniesRussian Who Sold 300,000 Stolen Credentials Gets 40 Months in PrisonAutoCanada Discloses Cyberattack Impacting Internal IT SystemsCopiah-Lincoln Community College (MS) Data Breach Affects 53,628 PeopleCyber-Attack Spreads Phishing Scam Across Greater Manchester AreasNew Phishing Attack Uses Sophisticated Infostealer MalwareBlack Basta-Linked Attackers Target Users with SystemBC MalwareGitHub Actions Artifacts Found Leaking Auth Tokens in Popular ProjectsHigh-End Racing Bikes Are Now Vulnerable to HackingYour Gym Locker May Be HackableZero-Click Windows TCP/IP RCE Impacts All Systems with IPv6 Enabled, Patch NowSolarWinds Fixes Critical RCE Bug Affecting all Web Help Desk Versions
8/13/2024 August 14, 2024August 14, 2024 ~ The Cyber Beat ~ Leave a comment FBI Probing Alleged Iran Hack Attempts Targeting Trump, Biden CampsSuspected Iranian Hackers Breached Roger Stone’s Personal Email as Part of Effort to Target Trump CampaignNews Outlets Were Leaked Insider Material From the Trump Campaign. They Chose Not to Print It YetMusk Claims X Hit by ‘Massive DDoS Attack’ During Trump InterviewRussia Is Pushing Disinformation About Kursk Operation, Ukrainian Officials SayWhat We Learned From the Cyberattack on Change HealthcareGoogle Says It’s Focusing on Privacy With Gemini AI on AndroidCompanies Prepare to Fight Quantum HackersX Faces GDPR Complaints for Unauthorized Use of Data for AI TrainingProlific Belarusian Cybercriminal Arrested in SpainCrowdStrike Tries to Patch Things Up With Cybersecurity Industry3AM Ransomware Stole Data of 464,000 Kootenai Health PatientsLeading Carbon Black Industrial Supplier Orion Loses $60 Million in Business Email Compromise ScamGadsden Independent School District (NM) Hit by Ransomware AttackRoseland Community Hospital (IL) Provides Notice of June 2024 Data BreachGhostWrite: New T-Head CPU Bugs Expose Devices to Unrestricted AttacksIvanti Warns of Critical vTM Auth Bypass with Public ExploitResearchers Uncover Vulnerabilities in AI-Powered Azure Health Bot ServiceCritical SAP Flaw Allows Remote Attackers to Bypass AuthenticationKrebs: Six 0-Days Lead Microsoft’s August 2024 Patch Push…New Windows SmartScreen Bypass Exploited as Zero-Day Since March
8/12/2024 August 12, 2024August 12, 2024 ~ The Cyber Beat ~ Leave a comment South Korea Says DPRK Hackers Stole Spy Plane Technical DataHackers Posing as Ukraine’s Security Service Infect 100 Gov’t PCsUN Adopts Controversial Cybercrime TreatyDARPA Awards $14m to Seven Teams in AI Cyber ChallengeCrowdStrike Accepted a ‘Most Epic Fail’ Award at Def Con Hacking ConferenceFBI Disrupts the Dispossessor Ransomware Operation, Seizes ServersCo-Founder of DDoSecrets Was Dark Web Drug Kingpin Thomas White of Silk Road 2.0 Man in Dock Accused of Breaking Hi-Tech Export ControlsAs He Retires After Two Decades at Homeland Security, Brandon Wales Reflects on CISA’s FutureAustralian Gold Producer Evolution Mining Hit by RansomwareSwiss Manufacturer Schlatter Group Investigating Ransomware Attack That Shut Down IT NetworkBaxter International (IL) Notifies Consumers of June 2024 Data BreachAttacker Steals Personal Data of 200K+ People With Links to Arizona Tech SchoolVulnerability in Windows Driver Leads to System CrashesIndustrial Remote Access Tool Ewon Cosy+ Vulnerable to Root Access AttacksResearchers Uncover Vulnerabilities in Solarman and Deye Solar SystemsFreeBSD Releases Urgent Patch for High-Severity OpenSSH VulnerabilityTackling Vulnerabilities & Errors Head-on for Proactive Security
8/9-11/2024 August 11, 2024August 11, 2024 ~ The Cyber Beat ~ Leave a comment Trump Campaign Says Its Internal Messages Hacked by IranIran Targeting U.S. Elections Using Fake News, Cyberattacks: MicrosoftChinese Hacking Groups Target Russian Government, IT FirmsRussians Team up With Young, English-Speaking Hackers for CyberattacksRussia Blocks Signal for ‘Violating’ Anti-Terrorism LawsFake X Content Warnings on Ukraine War, Earthquakes Used as ClickbaitThousands of Corporate Secrets Were Left Exposed. This Guy Found Them AllApple Prototypes and Corporate Secrets Are for Sale Online—If You Know Where to LookThe Hacker Who Hunts Video Game Speedrunning CheatersGPS Spoofers ‘Hack Time’ on Commercial Airlines, Researchers SayATM Software Flaws Left Piles of Cash for Anyone Who Knew to LookCyber Companies Report Mixed Results as Security Budgets Prove ChallengingOpenAI Leadership Split Over In-House AI Watermarking TechnologyHow a Cybersecurity Researcher Befriended, Then Doxed, the Leader of LockBit Ransomware GangCSC ServiceWorks Discloses Data Breach After 2023 CyberattackHackers Leak 2.7 Billion Data Records With Social Security NumbersOhio School Boards Association Suffers From a Cyber AttackLocal Gov’ts in Texas, Florida Hit with Ransomware as Cyber Leaders Question Best Path ForwardNew Malware Hits 300,000 Users with Rogue Chrome and Edge ExtensionsThreat Actors Favor Rclone, WinSCP and cURL as Data Exfiltration ToolsRogue PyPI Library Solana Users, Steals Blockchain Wallet KeysSonos Speaker Flaws Could Have Let Remote Hackers Eavesdrop on UsersExperts Uncover Severe AWS Flaws Leading to RCE, Data Theft, and Full-Service TakeoversHackers Leak 2.7 Billion Data Records With Social Security NumbersMicrosoft Reveals Four OpenVPN Flaws Leading to Potential RCE and LPENew AMD SinkClose Flaw Helps Install Nearly Undetectable MalwareGoogle Researchers Found Nearly a Dozen Flaws in Popular Qualcomm Software for Mobile GPUs
8/8/2024 August 8, 2024August 8, 2024 ~ The Cyber Beat ~ Leave a comment Russian Spies Hacked UK Government Systems Earlier This Year, Stole Data and EmailsU.S. Elections Have Never Been More Secure, Says CISA ChiefU.S. ‘Laptop Farm’ Man Accused of Outsourcing His IT Jobs to North Korea to Fund Weapons ProgramsTricky Web Timing Attacks Are Getting Easier to Use—and AbuseWatch How a Hacker’s Infrared Laser Can Spy on Your Laptop’s KeystrokesMicrosoft’s AI Can Be Turned Into an Automated Phishing MachineKrebs: Cybercrime Rapper Sues Bank over Fraud InvestigationSEC Investigation into Progress MOVEit Hack Ends Without ChargesUSPS Text Scammers Duped His Wife, So He Hacked Their OperationDelta Shrugs Off Criticism, Says Damages Caused by CrowdStrike Outage Total at Least $500 MillionCybersecurity Firm Trend Micro Explores Sale, Sources SayADT Admits Security Breach After Hackers Advertise Stolen Data on the Dark WebHackers Return $12 Million Taken During Ronin Network BreachRussia’s Kursk Region Suffers ‘Massive’ DDoS Attack Amid Ukraine OffensiveNorth Korea Kimsuky Launch Phishing Attacks on UniversitiesPhishing Attack Exploits Google, WhatsApp to Steal DataCisco Warns of Critical RCE Zero-Days in End of Life IP PhonesExploit Released For Cisco SSM Bug Allowing Admin Password ChangesCISA Warns of Hackers Abusing Cisco Smart Install FeatureCISA Warns About Actively Exploited Apache OFBiz RCE FlawHackers Have Exploited An 18-Year-Old ‘0.0.0.0-Day’ Loophole In Safari, Chrome And Firefox
8/7/2024 August 7, 2024August 7, 2024 ~ The Cyber Beat ~ Leave a comment A Flaw in Windows Update Opens the Door to Zombie ExploitsMicrosoft 365 Anti-Phishing Feature Can Be Bypassed With CSSCrowdStrike Blames Test Software for Taking Down 8.5 Million Windows MachinesDelta Passengers Sue Airline for Refusing Refunds After Massive Computer OutageIreland’s DPC Takes Twitter to Court Over AI User Data ConcernsThe Business World Is Obsessed With AI but Company Leaders Ignore Cybersecurity at Their PerilUK IT Provider Faces $7.7 Million Fine for 2022 Ransomware BreachGoogle Chrome Will Let You Send Money to Your Favourite WebsiteKnostic Wins 2024 Black Hat Startup Spotlight CompetitionPort of Tyne Website Hit by Cyber AttackMcLaren Hospitals Disruption Linked to Inc Ransomware AttackNew CMoon USB Worm Targets Russians in Data Theft AttacksNew Go-based Backdoor GoGra Targets South Asian Media OrganizationRoyal Ransomware Successor BlackSuit Has Demanded More Than $500 MillionChameleon Android Banking Trojan Targets Users Through Fake CRM AppCritical Progress WhatsUp RCE Flaw Now Under Active ExploitationRoundcube Webmail Flaws Allow Hackers to Steal Emails and PasswordsApple’s New macOS Sequoia Tightens Gatekeeper Controls to Block Unauthorized Software
8/6/2024 August 6, 2024August 6, 2024 ~ The Cyber Beat ~ Leave a comment Cyberattack and Tropical Storm Debby Disrupt Blood SupplyA New Plan to Break the Cycle of Destructive Critical Infrastructure HacksMicrosoft Says Delta Ignored Satya Nadella’s Offer of CrowdStrike HelpGoogle Violated U.S. Antitrust Laws to Maintain Dominance Over Online Search, Judge Says…How Google’s Huge Defeat in Antitrust Case Could Change How You Search the Internet…What Google’s Antitrust Defeat Means for the Search Giant and Its Partner Apple…A Microsoft Victory and Mozilla Defeat: The Fallout From Google’s Antitrust SagaAbnormal Security, Valued at $5.1 Billion Amid Email Security Push, Eyes Eventual IPOPolice Recover Over $40m Headed to BEC ScammersNearly 40 French Museums Hit By Ransomware AttackMobile Guardian Hack Leads to 13,000 Student Devices Wiped in SingaporeSumter County (FL) Sheriff’s Office Hit by Ransomware AttackNorthwest Arkansas Community College Delays Fall Classes After Ransomware AttackRonin Bridge Paused, Restarted After $12M Drained in Whitehat HackKrebs: Low-Drama ‘Dark Angels’ Reap Record RansomsNorth Korean Hackers Moonstone Sleet Push Malicious JS Packages to npm RegistrySamsung to Pay $1,000,000 for Rces on Galaxy’s Secure VaultProton VPN Adds ‘Discreet Icons’ to Hide App on Android Devices
8/5/2024 August 6, 2024August 6, 2024 ~ The Cyber Beat ~ Leave a comment North Korean Hackers Exploit VPN Update Flaw to Install MalwareCrowdStrike Is Sued by Fliers After Massive Outage Disrupts Air TravelCrowdStrike Says It’s Not to Blame for Delta’s Days-Long OutageCrowdStrike: Delta Air Lines Refused Free Help to Resolve IT OutageCompanies Sue Tech Firms After Outages, but It’s an Uphill BattleEvery Microsoft Employee Is Now Being Judged on Their Security WorkHacked, Scammed, Exposed: Why You’re One Step Away From A Major Disaster OnlineTikTok Withdraws Lite Rewards Program from EU Over Child Safety FearsChina Starts Testing National Cyber-ID Before Consultation on the Idea ClosesReplacement for Action Fraud, Uk’s Cybercrime Reporting Service, Delayed Again Until 2025Singapore Police Wrest Back $41 Million Stolen From Commodities Firm in Bec ScamNew Android Trojan “BlankBot” Targets Turkish Users’ Financial DataKazakh Organizations Targeted by ‘Bloody Wolf’ Cyber AttacksKeytronic Reports Losses of Over $17 Million After Ransomware AttackCalibrated Healthcare (CA) Notifies Healthcare Patients of Recent Data BreachHunters International Ransomware Targets IT Workers With New SharpRhino MalwareNew LianSpy Malware Hides by Blocking Android Security FeatureSneaky SnakeKeylogger Slithers Into Windows Inboxes to Steal Sensitive SecretsResearchers Uncover Flaws in Windows Smart App Control and SmartScreenCritical Flaw in Rockwell Automation Devices Allows Unauthorized AccessCritical Vulnerability in Apache OFBiz Requires Immediate PatchingGoogle Fixes Android Kernel Zero-Day Exploited in Targeted Attacks
8/2-4/2024 August 5, 2024August 5, 2024 ~ The Cyber Beat ~ Leave a comment APT28 Targets Diplomats with HeadLace Malware via Car Sale Phishing LureSensitive Illinois Voter Data Exposed by Contractor’s Unsecured DatabasesSocial Media Firms Fail to Protect Children’s Privacy, Says UK ICOKrebs: U.S. Trades Cybercriminals to Russia in Prisoner SwapWho Ya’ Gonna Call? Why IoT Companies Should Embrace Vulnerability Disclosure ProgramsWhy the Market’s Most-Regulated Companies Need Military-Grade CybersecurityU.S. Expected to Propose Barring Chinese Software in Autonomous VehiclesFive Chinese Nationals Arrested by Feds for ‘Massive’ Elder Fraud SchemeCryptonator Seized for Laundering Ransom Payments, Stolen CryptoDuckDuckGo Blocked in Indonesia Over Porn, Gambling Search ResultsIsraeli Hacktivist Group ‘WeRedEvils’ Brags It Took Down Iran’s Internet‘StormBamboo’ Hackers Breach ISP to Poison Software Updates With MalwareHackers Directly Email Customers of Immigration Firm After Damaging CyberattackFake AI Editor Ads on Facebook Push Password-Stealing MalwareSurge in Magniber Ransomware Attacks Impact Home Users WorldwideHackers Exploit Misconfigured Jupyter Notebooks with Repurposed Minecraft DDoS ToolMirai Botnet targeting OFBiz Servers Vulnerable to Directory TraversalNew Windows Backdoor BITSLOTH Exploits BITS for Stealthy CommunicationLinux Kernel Impacted by New Slubstick Cross-Cache AttackLegendary Rom Hacking Site RomHacking.net Shutting Down After Almost 20 Years
8/1/2024 August 2, 2024August 2, 2024 ~ The Cyber Beat ~ Leave a comment U.S. Releases Russian Hackers and Spies as Part of Prisoner Swap That Includes Evan Gershkovich & Paul Whelan Putin’s Trader: How Russian Hackers Stole Millions From U.S. InvestorsA $500 Open Source Tool Lets Anyone Hack Computer Chips With LasersDelta CEO: ‘When Was the Last Time You Heard of a Big Outage at Apple?CISA Names Lisa Einstein as Its First Chief AI OfficerHe Was an FBI Informant—and Inspired a Generation of Violent ExtremistsScam Platform Shut Down by UK Authorities After 1.8 Million Fraudulent CallsTech Support Scam Ring Leader Gets 7 Years in Prison, $6M FineAustralian Companies Will Soon Need to Report Ransom PaymentsTaiwan Government-Backed Research Organization Targeted by APT41 HackersCencora Confirms Patient Data Stolen in Cyber-AttackRhysida Ransomware Group Takes Credit for Columbus Cyberattack, Auctions Stolen DataHennepin County (MN) Sheriff’s Office Is Responding to Data BreachFBI Warns of Scammers Posing as Crypto Exchange EmployeesRansomEXX Group Targets Indian Banking With New TacticsHackers Distributing Malicious Python Packages via Popular Developer Q&A Platform Stack ExchangeHackers Abuse Free TryCloudflare to Deliver Remote Access MalwareTwilio Kills off Authy for Desktop, Forcibly Logs Out All Users