10/31/2024 October 31, 2024October 31, 2024 ~ The Cyber Beat ~ Leave a comment Pro-Russia Hackers Claim Council Cyber Attacks, Including Greater ManchesterSuspected Pro-Ukraine Cyberattack Knocks Out Parking Enforcement in Russian CityCanadian Government Data Stolen By Chinese HackersMicrosoft: Chinese Hackers Use Quad7 Botnet to Steal CredentialsInside a Firewall Vendor’s 5-Year War With the Chinese Hackers Hijacking Its DevicesThe Untold Story of Trump’s Failed Attempt to Overthrow Venezuela’s PresidentFBI: Iranian Cyber Group Targeted Summer Olympics With Attack on French Display ProviderUK Finance Firms Told to Beef up Buffers Against Crowdstrike-Like EventsMicrosoft Wants $30 if You Want to Delay Windows 11 Switch2024 Looks Set to Be Another Record-Breaking Year for Ransomware — And It’s Likely Going to Get WorseOver a Thousand Online Shops Hacked to Show Fake Product ListingsLarge Peruvian Bank Warns of Data Theft After Dark Web Post EmergesBlackburn College Still Operating Despite Cyber-AttackSt. Anthony Regional Hospital (IA) Provides Notice of Data BreachLottieFiles Supply Chain Attack Exposes Users to Malicious Crypto Wallet DrainerNew Xiu Gou Phishing Kit Targets U.S., Other Countries with MascotHackers Target Critical Zero-Day Vulnerability in PTZ CamerasLiteSpeed Cache WordPress Plugin Bug Lets Hackers Get Admin AccessqBittorrent Fixes Flaw Exposing Users to MitM Attacks for 14 YearsCybersecurity Job Market Stagnates, Dissatisfaction AboundsRussia to Ban Cryptocurrency Mining in Some Regions Due to Electricity Shortages
10/30/2024 October 31, 2024October 31, 2024 ~ The Cyber Beat ~ Leave a comment Midnight Blizzard Spearphishing Campaign Targets Thousands with RDP FilesNorth Korean Group Collaborates with Play Ransomware in Significant Cyber AttackBeijing Claims It’s Found ‘Underwater Lighthouses’ That Its Foes Use for Espionage‘We’re a Fortress Now’: The Militarization of U.S. Elections Is HereColorado Voting System Partial Passwords Accidentally Posted on Government WebsiteFBI: Upcoming U.S. General Election Fuel Multiple Fraud SchemesFired Disney Staffer Accused of Hacking Menu to Add Profanity, Wingdings, Removes Allergen InfoKrebs: Change Healthcare Breach Hits 100M Americans…UnitedHealth Hires Cybersecurity Veteran as New CISOGoogle’s AI-Fueled Gains in Cloud Bode Well for Amazon, MicrosoftCyber Vendor Netskope Plans 2025 IPOInterbank Confirms Data Breach Following Failed Extortion, Data LeakStarkweather and Shepley Insurance Brokerage (RI) Provides Notice of Recent Data BreachHackers Steal 15,000 Cloud Credentials From Exposed Git Config FilesMalware Campaign Expands Its Use of Fake CAPTCHAsUpdated FakeCall Malware Targets Mobile Devices with VishingMalvertising Campaign Hijacks Facebook Accounts to Spread SYS01stealer MalwareResearchers Uncover Python Package Targeting Crypto Wallets with Malicious CodeOpera Browser Fixes Big Security Hole That Could Have Exposed Your InformationApple Rolls Out Major Security Update to Patch macOS and iOS VulnerabilitiesQNAP Patches Second Zero-Day Exploited at Pwn2Own to Get RootWhen Cybersecurity Tools Backfire
10/29/2024 October 29, 2024October 29, 2024 ~ The Cyber Beat ~ Leave a comment Trump Family Members and Biden Aides Among China Hack TargetsMerde! Macron’s Bodyguards Reveal His Location by Sharing Strava DataRussia and China-Linked State Hackers Intensify Attacks on Netherlands, Security Officials WarnSuspicious Social Media Accounts Deployed Ahead of COP29Five Eyes Agencies Launch Startup Security InitiativeSix Senators Tell Biden Administration UN Cybercrime Treaty Must Be ChangedNIS2 Compliance Puts Strain on Business BudgetsTSA Silent on CrowdStrike’s Claim Delta Skipped Required Security UpdateMoneyGram Replaces CEO Weeks After Massive Customer Data BreachRussian Charged by U.S. For Creating RedLine Infostealer MalwareThe Center for Urban Community Services (NY) Notifies 38,000 People of Recent Data BreachChenlun’s Evolving Phishing Tactics Target Trusted BrandsNew LightSpy Spyware Targets iOS with Enhanced CapabilitiesMassive PSAUX Ransomware Attack Targets 22,000 CyberPanel InstancesNew Research Reveals Spectre Vulnerability Persists in Latest AMD and Intel ProcessorsResearchers Uncover Vulnerabilities in Open-Source AI and ML ModelsNew Windows Themes Zero-Day Gets Free, Unofficial PatchesQNAP Fixes NAS Backup Software Zero-Day Exploited at Pwn2OwnHow to Find the Right CISORussia Says It Might Build Its Own Linux Community After Removal of Several Kernel Maintainers
10/28/2024 October 28, 2024October 28, 2024 ~ The Cyber Beat ~ Leave a comment Chinese Hackers Said to Have Collected Audio of American Calls…Including Trump AdvisorCybercriminals Pose a Greater Threat of Disruptive U.S. Election Hacks Than Russia or ChinaEvasive Panda’s CloudScout Toolset Targets TaiwanRussian Malware Campaign Targets Ukrainian Recruits Via TelegramJapanese Man Sentenced to 3 Years After Creating Crypto Ransomware With AIRedline, Meta Infostealer Malware Operations Seized by PoliceJPMorgan Chase Sues Scammers Following Viral ‘Infinite Money Glitch’Delta, CrowdStrike Sue Each Other Over Widespread IT Outage That Caused Thousands of CancellationsSinclair Sues Cyber Insurers Over 2021 HackCybersecurity Firm Rapid7 Fields Buyout Interest, Sources SayCyber Firm Armis Security Raises $200 Million at $4.3 Billion ValuationItalian Politicians Express Alarm at Latest Data Breach Allegedly Affecting 800,000 CitizensFree, France’s Second Largest ISP, Confirms Data Breach After LeakTEAM Software (NE) Confirms July 2024 Data Breach Impacting Thousands of SSNsWichita County (TX) Says 47,000 Had SSNs, Medical Treatment Info Leaked During May CyberattackOver 6,500 Patients Affected by Parkland Health in Dallas Possible Data BreachCybercriminals Use Webflow to Deceive Users into Sharing Sensitive Login CredentialsNew Type of Job Scam Targets Financially Vulnerable PopulationsAI-Powered BEC Scams Zero in on ManufacturersBeaverTail Malware Resurfaces in Malicious npm Packages Targeting DevelopersNew Tool Bypasses Google Chrome’s New Cookie Encryption SystemMozilla: ChatGPT Can Be Manipulated Using Hex CodePut End-of-Life Software to Rest
10/25-27/2024 October 27, 2024October 27, 2024 ~ The Cyber Beat ~ Leave a comment Chinese Hackers Are Said to Have Targeted Phones Used by Trump and Vance…Harris Campaign Too…U.S. Panel to Probe Cyber Failures in Massive ‘Salt Typhoon’ Chinese Hack of TelecomsKremlin-Linked APT29 Hackers Target Ukraine’s State, Military Agencies in New Espionage CampaignUkraine Warns of Mass Phishing Campaign Targeting Citizens DataSenator Accuses Sloppy Domain Registrars of Aiding Russian Disinfo CampaignsLinux Creator Approves De-Listing of Several Kernel Maintainers Associated With RussiaClaude AI Gets Bored During Coding Demonstration, Starts Perusing Photos of National Parks InsteadReuters Exposé of Hack-For-Hire World Is Back Online After Indian Court RulingDelta Sues CrowdStrike Over Software Update That Prompted Mass Flight DisruptionsAmazon Seizes Domains Used in Rogue Remote Desktop Campaign to Steal DataFour REvil Ransomware Members Sentenced in Rare Russian Cybercrime ConvictionsHenry Schein Discloses Data Breach a Year After Ransomware AttackRansomHub Gang Allegedly Behind Attack on Mexican Airport OperatorChimienti & Associates (CA) Experiences Data Breach Following Compromised Email AccountCommunity Dental (ME) Files Official Notice of Data Breach After Cyberattack Exposed Patients’ Sensitive InfoBlack Basta Ransomware Poses as IT Support on Microsoft Teams to Breach NetworksNotorious Hacker Group TeamTNT Launches New Cloud Attacks for Crypto MiningFog Ransomware Targets SonicWall VPNs to Breach Corporate NetworksResearchers Discover Command Injection Flaw in Wi-Fi Alliance’s Test SuiteNew Windows Driver Signature Bypass Allows Kernel Rootkit InstallsNew Cisco ASA and FTD Features Block VPN Brute-Force Password AttacksQNAP, Synology, Lexmark Devices Hacked on Pwn2Own Day 3…Over 70 Zero-Day Flaws Get Hackers $1 Million at Pwn2Own Ireland
10/24/2024 October 24, 2024October 24, 2024 ~ The Cyber Beat ~ Leave a comment White House Issues AI National Security MemoCybersecurity Teams Largely Ignored in AI Policy DevelopmentVoice-Enabled AI Agents Can Automate Everything, Even Your Phone ScamsApple Will Pay Security Researchers up to $1 Million to Hack Its Private AI CloudMeet ZachXBT, the Masked Vigilante Tracking down Billions in Crypto Scams and TheftsCourts Side With Auto Suppliers in Clash With Carmakers Over Vehicle Data AccessIreland Fines LinkedIn €310 Million Over Targeted AdvertisingCFPB Warns Industry Against ‘Deeply Invasive’ Workplace Digital SurveillanceUnitedHealth Says Change Healthcare Hack Affects Over 100 Million, the Largest Ever U.S. Healthcare Data Breach…How the Ransomware Attack at Change Healthcare Went Down: A TimelineInsurance Admin Landmark Says Data Breach Impacts 800,000 PeopleNew Qilin.B Ransomware Variant Emerges with Improved Encryption and Evasion TacticsMandiant Says New Fortinet Flaw Has Been Exploited Since JuneCisco Issues Urgent Fix for ASA and FTD Software Vulnerability Under Active AttackSamsung Galaxy S24 and Sonos Era Hacked on Pwn2Own Ireland Day 2Why Cybersecurity Acumen Matters in the C-Suite
10/23/2024 October 24, 2024October 24, 2024 ~ The Cyber Beat ~ Leave a comment Microsoft Warns Foreign Disinformation Is Hitting the U.S. Election From All DirectionsGeorgia Election Official Says Battleground State Fended off Cyberattack Likely From a Foreign CountryFormer British PM Cameron Calls for Tech Engagement with China Despite Cyber ThreatsU.S. Energy Sector Vulnerable to Supply Chain AttacksU.S. Government Pledges to Cyber Threat Sharing Via TLP ProtocolGoogle to Let Businesses Create Curated Chrome Web Stores for ExtensionsWhatsApp Now Encrypts Contact Databases for Privacy-Preserving SynchingKrebs: The Global Surveillance Free-for-All in Mobile Ad DataUK Government Weighs Review of Computer Misuse Act to Combat CybercrimeUK Court Says Dissident Can Sue the Saudi Government for Targeting Him With SpywareNigeria Drops Charges Against Tigran Gambaryan, Jailed Binance Exec and Former IRS AgentRussia Says ‘Unprecedented’ Cyber Attack Hits Foreign Ministry Amid BRICS SummitRhysida Ransomware Group Targets Prominent Nonprofit for Disabled People EastersealsData Breach at Autobell Car Wash Impacts 52,714 IndividualsEmbargo Ransomware Gang Deploys Customized Defense Evasion ToolsNew Grandoreiro Banking Malware Variants Emerge with Advanced Tactics to Evade DetectionRansomware Gangs Use LockBit’s Fame to Intimidate Victims in Latest AttacksResearchers Reveal ‘Deceptive Delight’ Method to Jailbreak AI ModelsLazarus Hackers Used Fake DeFi Game to Exploit Google Chrome Zero-DayCISA Warns of Active Exploitation of Microsoft SharePoint Vulnerability (CVE-2024-38094)Fortinet Warns of New Critical FortiManager Flaw Used in Zero-Day AttacksHackers Exploit 52 Zero-Days on the First Day of Pwn2Own Ireland
10/22/2024 October 22, 2024October 22, 2024 ~ The Cyber Beat ~ Leave a comment TSMC Blows Whistle on Potential Sanctions-Busting Shenanigans From HuaweiPrigozhin Links, Kremlin Funding Put Another Russian Media Company on U.S. ListForeign Influence Operations Will Expand Before Election and Linger Afterward, U.S. Agencies SayExposed United Nations Database Left Sensitive Information Accessible Online75% of US Senate Campaign Websites Fail to Implement DMARCThe Shitposting Cartoon Dogs Sending Trucks, Drones, and Weapons to Ukraine’s Front LinesSenators Seek Biden Administration Review of Undersea Cable VulnerabilitiesLLMjacking and Open-Source Tool Abuse Surge in 2024 Cloud AttacksAWS, Azure Auth Keys Found in Android and iOS Apps Used by MillionsMeta Brings Back Face Scanning to Combat Scams and Account HackingThink Tanks Urge Action to Curb Misuse of Spyware and Hack-for-HireSEC Charges Tech Firms Over Misleading SolarWinds Hack DisclosuresCISA Proposes New Security Requirements to Protect Gov’t, Personal DataGophish Framework Used in Phishing Campaigns to Deploy Remote Access TrojansBumblebee and Latrodectus Malware Return with Sophisticated Phishing StrategiesAkira Ransomware Is Encrypting Victims Again Following Pure Extortion FlingMalicious npm Packages Target Developers’ Ethereum Wallets with SSH BackdoorCybercriminals Exploiting Docker API Servers for SRBMiner Crypto Mining AttacksZendesk Helped Internet Archive Secure Account After Hacker Breached Email SystemSchreck Financial Group (KS) Experiences Email-Related Data BreachExploit Released for New Windows Server “WinReg” NTLM Relay AttackFortiGate Admins Report Active Exploitation 0-Day. Vendor Isn’t Talking.Security Flaw in Styra’s OPA Exposes NTLM Hashes to Remote AttackersCISA Adds ScienceLogic SL1 Vulnerability to Exploited Catalog After Active Zero-Day AttackVMware Releases vCenter Server Update to Fix Critical RCE VulnerabilityThe Struggle for Software Liability: Inside a ‘Very, Very, Very Hard Problem’
10/21/2024 October 21, 2024October 21, 2024 ~ The Cyber Beat ~ Leave a comment Hezbollah Cyberattack Targets Haifa Hospitals After Beirut Hospital BombingCyprus’ Critical Infrastructure Targeted by Coordinated Cyberattacks Linked to Pro-Palestine Groups‘Unprecedented’ Interference Targets Moldova’s ElectionsChina’s Spamouflage Disinformation Campaign Testing Techniques on Sen. Marco RubioChinese Nation-State Hackers APT41 Hit Gambling Sector for Financial GainU.S. Government Says Relying on Chinese Lithium Batteries Is Too RiskyBiden Administration Proposes New Rules Governing Data Transfers to Adversarial NationsICE’s $2 Million Contract With a Spyware Vendor Is Under White House ReviewSophos Buys Secureworks for $859 Mln to Beef up Cybersecurity PortfolioJapanese Watchmaker Casio Warns of Delivery Delays After Ransomware AttackCrypto Payment Services Firm Transak Says More Than 92,000 Affected by Data BreachSpate of Ransomware Attacks on German-Speaking Schools Hits Another in SwitzerlandNetskope Reports Possible Bumblebee Loader ResurgenceOver 6,000 WordPress Hacked to Install Plugins Pushing InfostealersResearchers Discover Severe Security Flaws in Major E2EE Cloud Storage ProvidersHalf of Organizations Have Unmanaged Long-Lived Cloud CredentialsThe Billionaire Behind Trump’s ‘Unhackable’ Phone Is on a Mission to Fight Tesla’s FSDAustralia’s Privacy Watchdog Publishes Guidance on Commercial AI Products
10/18-20/2024 October 20, 2024October 20, 2024 ~ The Cyber Beat ~ Leave a comment ESET Partner Breached to Send Data Wipers to Israeli OrgsNorth Korean IT Workers in Western Firms Now Demanding Ransom for Stolen DataThe Disinformation Warning Coming From the Edge of EuropeU.S. Cybersecurity Chief Says Election Systems Have ‘Never Been More Secure’What the U.S. Army’s 1959 ‘Soldier of Tomorrow’ Got Right About the Future of WarfareGoogle Scholar Has a ‘Verified Email’ for Sir Isaac NewtonMicrosoft Creates Fake Azure Tenants to Pull Phishers Into HoneypotsThe Government Is Getting Fed up With Ransomware Payments Fueling Endless Cycle of CyberattacksKrebs: Brazil Arrests ‘USDoD,’ Hacker in FBI Infragard BreachTech CEO Charged With Fraud Over Security, Reliability ClaimsAfter Rejecting Google Takeover, Cyber Firm Wiz Says It Will IPO ‘When the Stars Align’Instagram Rolls Out New Sextortion Protection MeasuresEurope Launches ‘Gait Recognition’ Pilot Program to Monitor Border CrossingsTech Giant Nidec Confirms Data Breach Following Ransomware AttackCisco Takes DevHub Portal Offline After Hacker Publishes Stolen DataCrypto Platform Radiant Capital Says $50 Million in Digital Coins Stolen Following Account CompromisesThe Internet Archive Hackers Still Have Access to Its Internal Emailing ToolsBoston Children’s Health Physicians Confirms September Data BreachCrypt Ghouls Targets Russian Firms with LockBit 3.0 and Babuk Ransomware AttacksHackers Exploit Roundcube Webmail XSS Vulnerability to Steal Login CredentialsCISA Confirms Veeam Vulnerability Is Being Used in Ransomware AttacksIntel, AMD CPUs on Linux Impacted by Newly Disclosed Spectre BypassmacOS Vulnerability Could Expose User Data, Microsoft WarnsJetpack Fixes 8-Year-Old Flaw Affecting Millions of WordPress SitesOpen Source LLM Tool Primed to Sniff out Python Zero-DaysCISOs: Throwing Cash at Tools Isn’t Helping Detect Breaches
10/17/2024 October 18, 2024October 20, 2024 ~ The Cyber Beat ~ Leave a comment Hamas Leader Yahya Sinwar Killed in Gaza, Israeli Military SaysIntel China Responds to Accusations of Security Issues From Chinese Cyber AssociationUndercover North Korean IT Workers Now Steal Data, Extort EmployersTwo-thirds of Attributable Malware Linked to Nation StatesGPS Jamming Is Screwing With Norwegian PlanesThis Prompt Can Make an AI Chatbot Identify and Extract Personal Details From Your ChatsActivision Says It’s Fixed an Anti-cheat Hack in Modern Warfare III and Call of Duty: WarzoneUncle Sam Puts $10M Bounty on Russian Troll Farm RybarMore Than 5,000 Arrested, Thousands of Websites Disrupted in Crackdown on Illegal Gambling During Euro TournamentFBI Arrests Alabama Man Suspected of Hacking SEC’s X AccountKrebs: Sudanese Brothers Arrested in ‘AnonSudan’ TakedownUkraine Tracks Emailed Bomb Threats to Russia-Linked GroupA Tough New EU Cyber Law Is off to a Messy Start, With Many Countries Failing to Adopt the RulesKroger’s Facial Recognition Plans Draw Increasing Concern From LawmakersJapan’s Ruling Political Party Hit by Cyberattack From Alleged Pro-Russian HackersIndependent Russian News Site Rides Out a Week of DDoS IncidentsMicrosoft Warns It Lost Some Customer’s Security Logs for a MonthTroubled U.S. Insurance Giant Globe Life Hit by Extortion After Data LeakCasio Says ‘No Prospect of Recovery Yet’ After Ransomware AttackInternet Archive Slowly Revives After DDoS BarrageBianLian Ransomware Claims Attack on Boston Children’s Health PhysiciansGeorgetown University Says Group of Students Accessed Sensitive, Academic InformationRussian RomCom Attacks Target Ukrainian Government with New SingleCamper RAT VariantFake Google Meet Conference Errors Push Infostealing MalwareCicada3301 Ransomware Targets Critical Sectors in US and UKRansomHub Overtakes LockBit as Most Prolific Ransomware GroupWeChat Devs Introduced Security Flaws When They Modded TLS, Say ResearchersCISA Seeks Feedback on Upcoming Product Security Flaws GuidanceWhat Cybersecurity Leaders Can Learn From the Game of Golf
10/16/2024 October 17, 2024October 17, 2024 ~ The Cyber Beat ~ Leave a comment China’s New Focus in U.S. Elections Interference Is Not Harris-Trump Presidential RaceChinese Cyber Association Calls for Review of Intel Products Sold in ChinaChina Says Unidentified Foreign Company Conducted Illegal Mapping ServicesFirm Hacked After Accidentally Hiring North Korean Cyber CriminalIranian Hackers Act as Brokers Selling Critical Infrastructure AccessMystery Drones Swarmed a U.S. Military Base for 17 Days. The Pentagon Is Stumped.Hacker Charged With Seeking to Kill Using Cyberattacks on HospitalsUSDoD Hacker Behind National Public Data Breach Arrested in BrazilRussia’s Case Against REvil Hackers Proceeds as Government Recommends 6.5-Year SentenceFor Some Companies, the Real Cost of a Cyberattack Is Telling Everyone About ItFinancial Firms Need to Focus on Cyber Risks Posed by AI, New York Regulator SaysEU AI Act Checker Reveals Big Tech’s Compliance PitfallsEthical Hackers Embrace AI Tools Amid Rising Cyber ThreatsUK Government Launches AI Safety Scheme to Tackle DeepfakesExperts Play Down Significance of Chinese Quantum “Hack”BlackBerry Exploring Options for Cylance BusinessMore Than Two Dozen Countries Have Used Internet Outages to Sway ElectionsVolkswagen Monitoring Data Dump Threat From 8Base Ransomware CrewBillboards Reportedly Hacked, Displayed Antisemitic Messages in Chicago SuburbTexas Tech Health Network Cyber Attack Disrupts Patient Care in El PasoHackers Target Ukraine’s Potential Conscripts With MeduzaStealer MalwareNorth Korean ScarCruft Exploits Windows Zero-Day to Spread RokRAT MalwareSidewinder Casts Wide Geographic Net in Latest Attack SpreeAstaroth Banking Malware Resurfaces in Brazil via Spear-Phishing AttackCISA Warns of Active Exploitation in SolarWinds Help Desk Software VulnerabilityCritical Default Credential Bug in Kubernetes Image Builder Allows SSH Root AccessGitHub Patches Critical Flaw in Enterprise Server Allowing Unauthorized Instance AccessGoogle: 70% of Exploited Flaws Disclosed in 2023 Were Zero-DaysCISA Urges Improvements in U.S. Software Supply Chain TransparencyFIDO Alliance Drafts New Protocol to Simplify Passkey Transfers Across Different PlatformsAmazon Says 175 Million Customers Now Use Passkeys to Log In
10/15/2024 October 15, 2024October 15, 2024 ~ The Cyber Beat ~ Leave a comment Microsoft: Nation-States Team Up with Cybercriminals for AttacksChina Accuses U.S. of Fabricating Volt Typhoon to Hide Its Own Hacking CampaignsBritish Intelligence Services to Protect All UK Schools From Ransomware AttacksNearly 400 U.S. Healthcare Institutions Hit with Ransomware Over Last Year, Microsoft SaysPassword Manager Makers Want to Let You Securely Transfer PasskeysMillions of People Are Using Abusive AI ‘Nudify’ Bots on TelegramThis AI Tool Helped Convict People of Murder. Then Someone Took a Closer LookAI Amplifies Systemic Risk to Financial Sector, Says India’s Reserve Bank BossGmail Users, Beware of New AI Scam That Looks Very AuthenticThis Influencer Was Scammed Out of Thousands in Crypto — And Has a Tip to Help You Avoid FraudHong Kong Police Bust Fraud Ring That Used Face-Swapping Tech for Romance ScamsFinland Seizes Servers of ‘Sipultie’ Dark Web Drugs MarketDarknet Activity Increases Ahead of 2024 Presidential VoteCisco Investigates Breach After Stolen Data for Sale on Hacking ForumCalgary Public Library Forced to Limit Services After CyberattackGryphon Healthcare (TX) Admits up to 400,000 People’s Personal Info Was SnatchedVarsity Brands (TX) Notifies 65,669 of May 2024 Data BreachEDRSilencer Red Team Tool Used in Attacks to Bypass SecurityCerberus Android Banking Trojan Deployed in New Multi-Stage Malicious CampaignNew Malware Campaign Uses PureCrypter Loader to Deliver DarkVision RATNew Linux Variant of FASTCash Malware Targets Payment Switches in ATM HeistsEight Million Users Install 200+ Malicious Apps from Google PlayResearchers Uncover Hijack Loader Malware Using Stolen Code-Signing CertificatesWordPress Plugin Jetpack Patches Major Vulnerability Affecting 27 Million SitesThe Cybersecurity Burnout Crisis Is Reaching The Breaking PointLLMs Are a New Type of Insider Adversary
10/14/2024 October 14, 2024October 14, 2024 ~ The Cyber Beat ~ Leave a comment Microsoft: Schools Grapple With Thousands of Cyberattacks WeeklyNation-State Attackers Exploiting Ivanti CSA Flaws for Network InfiltrationU.S. DoD Tightens Cybersecurity Standards for Defense ContractorsThe War on Passwords Is One Step Closer to Being OverCrypto-Apocalypse Soon? Chinese Researchers Find a Potential Quantum Attack on Classical EncryptionThe Biggest Data Breaches in 2024: 1 Billion Stolen Records and RisingConfusedPilot Attack Can Manipulate RAG-Based AI SystemsJetpack Fixes Critical Information Disclosure Flaw Existing Since 2016Intesa Under Investigation After Former Employee Spied on Account DataThe Internet Archive Is Back as a Read-Only Service After CyberattacksPokemon Dev Game Freak Confirms Breach After Stolen Data Leaks OnlinemiCare Health Center (MT) Sends Data Breach Letters Following Compromised Email AccountsTelekopye Scammers Target Booking.com and Airbnb UsersTrickMo Malware Steals Android PINs Using Fake Lock ScreenRecently-Patched Firefox Bug Exploited Against Tor Browser Users
10/11-13/2024 October 14, 2024October 14, 2024 ~ The Cyber Beat ~ Leave a comment Russian Court Websites Down After Breach Claimed by Pro-Ukraine HackersU.S. Lawmakers Seek Answers From Telecoms on Chinese Hacking ReportPhilippines Calls for Urgency From China, ASEAN in Negotiating South China Sea CodeTrump Campaign Turns to Secure Hardware After Hacking IncidentGroup With Close Ties to Trump Transition Says It Was Targeted in Cyber AttackHackers Took Over Robovacs to Chase Pets and Yell SlursThe FBI Made a Crypto Coin Just to Catch Fraudsters‘Email Scam’ Was Training Exercise, Says RegulatorWhat Internet Data Brokers Have On You — And How You Can Start to Get It BackHow to Stop Your Data From Being Used to Train AIOpenAI Confirms Threat Actors Use ChatGPT to Write MalwareU.S. Border Agency Under Fire for App’s Handling of Personal DataNational Public Data Files for Bankruptcy, Citing Fallout From CyberattackItaly’s Intesa Sanpaolo Apologises for Security Breach Involving PM MeloniCyberattack Targets Healthcare Nonprofit Overseeing 13 Colorado FacilitiesHuge Game Freak Hack Leaks Next Pokémon GameThe Internet Archive Is Still Down but Will Return in ‘Days, Not Weeks’Casio Confirms Customer Data Stolen in a Ransomware AttackOmni Family Health (CA) Breach Affects Personal Info of Current and Former PatientsOilRig Exploits Windows Kernel Flaw in Espionage Campaign Targeting UAE and GulfINC Ransomware Rebrands to Lynx – Same Code, New Name, Still up to No GoodGitHub, Telegram Bots, and ASCII QR Codes Abused in New Wave of Phishing AttacksCISA: Hackers Abuse F5 BIG-IP Cookies to Map Internal ServersGoogle Warns uBlock Origin and Other Extensions May Be Disabled SoonMicrosoft Deprecates PPTP and L2TP VPN Protocols in Windows Server
10/10/2024 October 11, 2024October 11, 2024 ~ The Cyber Beat ~ Leave a comment U.S., UK Warn of Russian APT29 Hackers Targeting Zimbra, TeamCity ServersNSA Cyber Chief: Espionage Is Now Russia’s Focus for Cyberattacks on UkraineUkraine Arrests Rogue VPN Operator Providing Access to RunetRussian Cyber Firm Dr.Web Denies Data Leak by Pro-Ukraine Hackers‘Q Day’ Is Coming. It’s Time to Worry About Quantum Security.Meet the Team Paid to Break Into Top-Secret BasesOpenAI Blocks 20 Global Malicious Campaigns Using AI for Cybercrime and DisinformationFormer RAC Employees Get Suspended Sentence for Data TheftNew Law in Australia Will Require Mandatory Reporting of Ransomware PaymentsOver 10m Conversations Exposed in AI Call Center HackFore-Get About Privacy, Golf Tech Biz Trackman Leaves 32M Data Records on the FairwayCrooks Stole Personal Info of 77K Fidelity Investments CustomersShoe Show (NC) Data Breach Affects an Estimated 12,856 IndividualsUnderground Ransomware Claims Attack on Casio, Leaks Stolen DataCybercriminals Use Unicode to Hide Mongolian Skimmer in E-Commerce PlatformsAkira and Fog Ransomware Now Exploit Critical Veeam RCE FlawResearchers Uncover Major Security Vulnerabilities in Industrial MMS Protocol LibrariesGitLab Warns of Critical Arbitrary Branch Pipeline Execution Flaw
10/9/2024 October 9, 2024October 9, 2024 ~ The Cyber Beat ~ Leave a comment National Cyber Director Warns of Ransomware, Chinese Infrastructure Attacks and Cyber Supply Chain ConcernsFTC, CISA Warn of Hurricane-Related Scams as Milton Nears FloridaRecent Dr.Web Cyberattack Claimed by Pro-Ukrainian HacktivistsRussia and Turkey Ban Discord Messaging AppFormer Uber Security Chief Appeals Conviction in ‘Bug-Bounty’ CaseKrebs: Lamborghini Carjackers Lured by $243M Cyberheist69,000 Bitcoins Are Headed for the U.S. TreasuryMexico Faces Over Half of Latin American Cybercrimes Due Largely to U.S. TiesAustralia Introduces First Standalone Cybersecurity LawNew EU ‘Appeals Centre Europe’ to Centralize Complaints Against Facebook, TikTok, YouTubeApple’s iPhone Mirroring Flaw Exposes Employee Privacy RisksSmart TVs Are Spying on EveryoneMarriott Settles for a Piddly $52M After Series of Breaches Affecting MillionsDutch Police Arrest Admin of ‘Bohemia/Cannabia’ Dark Web MarketUkraine Sentences Two Hackers From Russia-Linked Armageddon GroupThe Internet Archive Is Under Attack, With a Breach Revealing Information for 31 Million AccountsCalifornia Superior Court Claimed to Be Attacked by Meow RansomwareCrypto-Stealing Malware Campaign Infects 28,000 PeopleNew BeaverTail Malware Targets Job Seekers via Fake RecruitersN. Korean Hackers Use Fake Interviews to Infect Developers with Cross-Platform MalwareNew Generation of Malicious QR Codes Uncovered by ResearchersHackers Hide Remcos RAT in GitHub Repository CommentsSiemens Device PIN Susceptible to Remote Brute-Force in Older ModelMozilla Fixes Firefox Zero-Day Actively Exploited in AttacksCISA Says Critical Fortinet RCE Flaw Now Exploited in AttacksPalo Alto Networks Warns of Firewall Hijack Bugs With Public ExploitKrebs: Patch Tuesday, October 2024 EditionGoogle Joins Forces with GASA and DNS RF to Tackle Online Scams at ScaleCloud, AI Talent Gaps Plague Cybersecurity Teams
10/8/2024 October 8, 2024October 8, 2024 ~ The Cyber Beat ~ Leave a comment U.S. Warns of Foreign Interference in Congressional Races Ahead of Election…U.S. Expecting Foreign Actors to Question Validity of ElectionEU Condemns Russia After Detecting ‘Increasing Number’ of Hybrid ActivitiesUkraine’s Defense Ministry Launches Military CERT to Counter Russian Cyberattacks31 New Ransomware Groups Join the Ecosystem in 12 MonthsNew Mamba 2FA Bypass Service Targets Microsoft 365 AccountsWhat Google’s U-Turn on Third-Party Cookies Means for Chrome PrivacyCyber Providers See Strong Demand, but Few Feel Confident Enough to ListCould You Switch Careers Into Cyber-Security?The Perils of Ignoring Cybersecurity BasicsCyberattack Group ‘Awaken Likho’ Targets Russian Government with Advanced ToolsHome Security Firm ADT Inc Reports Unauthorized Activity on Its NetworkMoneyGram Confirms Hackers Stole Customer Data in CyberattackCasio Reports IT Systems Failure After Weekend Network BreachVermilion Parish Schools (LA) Investigating Cyber AttackAccounting Firm Dohman, Akerlund & Eddy (NE) Files Notice of Recent Data BreachGamers Tricked Into Downloading Lua-Based Malware via Fake Cheating Script EnginesNew Scanner Finds Linux, UNIX Servers Exposed to CUPS RCE AttacksZero-Day Alert: Three Critical Ivanti CSA Vulnerabilities Actively ExploitedMicrosoft October 2024 Patch Tuesday Fixes 5 Zero-Days, 118 Flaws
10/7/2024 October 7, 2024October 7, 2024 ~ The Cyber Beat ~ Leave a comment Advanced Threat Group GoldenJackal Exploits Air-Gapped SystemsVulnerable APIs and Bot Attacks Costing Businesses Up to $186 Billion AnnuallyBoard-CISO Mismatch on Cyber Responsibility, NCSC Research FindsGet Safe Online Launches New Scam DetectorUkrainian Pleads Guilty to Operating Raccoon Stealer MalwareTelegram App Hosts ‘Underground Markets’ for Southeast Asian Crime Gangs, UN SaysCops Love Facial Recognition, and Withholding Info on Its Use From the CourtsEU Court Limits Meta’s Use of Personal Facebook Data for Targeted AdsUN Cybercrime Treaty Lead Negotiator: U.S. Will Suffer if It Doesn’t Vote YesHacker Attack Disrupts Russian State Media on Putin’s BirthdayAmerican Water Shuts Down Online Services After CyberattackUniversal Music Group Admits Data BreachWestern & Southern Life Files Notice of Data BreachNew Gorilla Botnet Launches Over 300,000 DDoS Attacks Across 100 CountriesRecently Spotted Trinity Ransomware Spurs Federal Warning to Healthcare IndustryGoogle Blocks Unsafe Android App Sideloading in India for Improved Fraud ProtectionCritical Apache Avro SDK Flaw Allows Remote Code Execution in Java ApplicationsQualcomm Patches High-Severity Zero-Day Exploited in AttacksCybersecurity Is Serious — But It Doesn’t Have to Be Boring
10/4-6/2024 October 6, 2024 ~ The Cyber Beat ~ Leave a comment U.S. Wiretap Systems Targeted in China-Linked HackHospitals at Risk for Cyber AttacksHotels and Travel Firms Battle AI Phone ScamsTech Platforms Urged to Tackle Hamas’ and Hezbollah’s Online PropagandaThis Teenage Hacker Became a Legend Attacking Companies. Then His Rivals Attacked Him.Ryanair Faces GDPR Turbulence Over Customer ID ChecksHarvard Duo Hacks Meta Ray-Bans to Dox Strangers on Sight in SecondsHow Confidence Between Teams Impacts Cyber Incident OutcomesGoogle Removes Kaspersky’s Antivirus Software From Play StoreRussia Arrests U.S.-Sanctioned Cryptex Founder, 95 Other Linked SuspectsIndiana Man Pleads Guilty to Stealing $37 Million in Crypto From 571 VictimsWhite House Official Says Insurance Companies Must Stop Funding Ransomware PaymentsCriminals Are Testing Their Ransomware Campaigns in AfricaLego’s Website Was Hacked to Promote a Crypto ScamAbout a Quarter Million Comcast Subscribers Had Their Data Stolen From Debt Collector…Comcast and Truist Bank Customers Caught up in FBCS Data BreachWard Transport Sends Data Breach Letters Following “Data Security Incident”Outlast Game Development Delayed After Red Barrels CyberattackHighline Public Schools Confirms Ransomware Behind ShutdownMoneyGram: No Evidence Ransomware Is Behind Recent CyberattackNew MedusaLocker Ransomware Variant Deployed by Threat ActorRecently Patched CUPS Flaw Can be Used to Amplify DDoS AttacksApple Releases Critical iOS and iPadOS Updates to Fix VoiceOver Password VulnerabilityA New Android Feature Locks Your Screen if Your Phone Is StolenGoogle Is Testing Verified Checkmarks in SearchGoogle Pay Alarms Users With Accidental ‘New Card’ Added Emails
10/3/2024 October 3, 2024October 3, 2024 ~ The Cyber Beat ~ Leave a comment Microsoft and U.S. Government Disrupt Russian Star Blizzard OperationsNorth Korean Hackers Using New VeilShell Backdoor in Stealthy Cyber AttacksTikTok More Dangerous to Ukraine Than Telegram for Propaganda, Say Local Disinformation ExpertsUnable to Penetrate Systems, Hackers Spread Lies About VulnerabilitiesCrypto-Doubling Scams Surge Following Presidential DebateLicense Plate Readers Are Creating a U.S.-Wide Database of More Than Just CarsWhat Is the Market Impact of the SEC’s Cyber Disclosure Rules? Not Much.Cybersecurity Spending on the Rise, But Security Leaders Still Feel VulnerableAverage North American CISO Pay Now $565K, Mainly Thanks to One Weird TrickBrits Hate How Big Tech Handles Their Data, but Can’t Be Bothered to Do Much About ItFraudsters Imprisoned for Scamming Apple Out of 6,000 iPhones23andMe is On the Brink. What Happens to All Its DNA Data?Dutch Police: ‘State Actor’ Likely Behind Recent Data BreachDetroit-Area Government Services Impacted by CyberattackFind Great People (SC) Data Breach Affects Personal Information of 12,205 IndividualsNew Perfctl Malware Targets Linux Servers for Cryptocurrency Mining and ProxyjackingCloudflare Blocks Largest Recorded DDoS Attack Peaking at 3.8TbpsKrebs: A Single Cloud Compromise Can Feed an Army of AI Sex BotsThe Secret Weakness Execs Are Overlooking: Non-Human IdentitiesEmail Phishing Attacks Surge as Attackers Bypass Security Controls‘Pig Butchering’ Trading Apps Found on Google Play, App StoreLitespeed Cache Plugin Flaw Allows XSS Attack, Update NowGoogle Adds New Pixel Security Features to Block 2G Exploits and Baseband AttacksAs Ransomware Attacks Surge, UK Privacy Regulator Investigating Fewer Incidents Than EverNorthern Ireland Police Fined for Data Breach Exposing Secret Identities of Officers
10/2/2024 October 2, 2024October 3, 2024 ~ The Cyber Beat ~ Leave a comment Cybersecurity Head Says There’s No Chance a Foreign Adversary Can Change U.S. Election Results, Not Even RussiaChina-Linked CeranaKeeper Targeting Southeast Asia with Data ExfiltrationLazarus: Andariel Hacking Group Shifts Focus to Financial Attacks on U.S. OrganizationsHow North Korea Infiltrated the Crypto IndustryUK’s Nuclear Waste Unit Sellafield Fined for Cybersecurity FailingsThe Feds Still Can’t Get into Eric Adams’ PhoneFCC Is Offering $200 Million to Protect Schools and Libraries From HackersPay Rises for Cyber Chiefs as Hacks, Regulatory Pressure IncreaseShare of Women in UK Cyber Roles Now Just 17%Meta Teams Up with Banks to Target FraudstersTelegram Has Disclosed Criminal Data to Authorities for Years, Durov SaysFIN7 Hackers Launch Deepfake Nude “Generator” Sites to Spread MalwareFake Browser Updates Spread Updated WarmCookie MalwareInternational Police Dismantle Cybercrime Group in West AfricaTIAA Latest Big Firm to Report Data Breach and HackEmpereon Constar Announces Data Breach Following Incident at Partner CompanyHackers Pose as British Postal Carrier to Deliver Prince Ransomware in Destructive CampaignFake Job Applications Deliver Dangerous More_eggs Malware to HR ProfessionalsPyPI Repository Found Hosting Fake Crypto Wallet Recovery Tools That Steal User DataFake Trading Apps Target Victims Globally via Apple App Store and Google PlayAlert: Adobe Commerce and Magento Stores Under Attack from CosmicSting ExploitCritical Ivanti RCE Flaw With Public Exploit Now Used in AttacksResearchers Warn of Ongoing Attacks Exploiting Critical Zimbra Postjournal FlawAlert: Over 700,000 DrayTek Routers Exposed to Hacking via 14 New VulnerabilitiesExperts Warn of DDoS Attacks Using Linux Printing VulnerabilityTwo Simple Give-Me-Control Security Bugs Found in Optigo Network Switches Used in Critical Manufacturing
10/1/2024 October 1, 2024October 1, 2024 ~ The Cyber Beat ~ Leave a comment Iran Fires at Least 180 Missiles Into Israel as Regionwide Conflict GrowsU.S. Accuses Iran of Hacking Former Ambassador to Israel and State Dept. OfficialNotorious Evil Corp Hackers Targeted NATO Allies for Russian IntelligenceICE Signs $2 Million Contract With Spyware Maker Paragon SolutionsKrebs: Crooked Cops, Stolen Laptops & the Ghost of UGNaziEuro Cops Arrest 4 Including Suspected LockBit Dev Chilling on HolidayNCA Unmasks Man It Suspects Is Both ‘Evil Corp Kingpin’ and LockBit AffiliateBritish Hacker Charged in the U.S. For $3.75m Insider Trading SchemeCambodia Arrests Journalist Known for Exposing Cyber Scams and Human TraffickingCalifornia Passes Car Data Privacy Law to Protect Domestic Abuse SurvivorsCybersecurity Firm Proofpoint Considers Pre-IPO Funding as It Plots a Return to Public MarketsRackspace Monitoring Data Stolen in ScienceLogic Zero-Day AttackAustralian e-Tailer digiDirect Customers’ Info Allegedly Stolen and dDumped OnlineCommunity Clinic of Maui Says 123,000 Affected by May CyberattackGlobal Wafers Subsidiary, MEMC, Confirms Recent Data BreachRansomware Attack Forces UMC Health System to Divert Some PatientsThe Playstation Network Is Down in a Global OutageFree Sniper Dz Phishing Tools Fuel 140,000+ Cyber Attacks Targeting User CredentialsAI-Powered Rhadamanthys Stealer Targets Crypto Wallets with Image RecognitionNew Cryptojacking Attack Targets Docker API to Create Malicious Swarm BotnetArc Browser Launches Bug Bounty Program After Fixing RCE BugMicrosoft Overhauls Security for Publishing Edge Extensions