12/30/2024 December 30, 2024December 30, 2024 ~ The Cyber Beat ~ Leave a comment China Hacked Treasury Dept. in ‘Major’ Breach, U.S. SaysAT&T and Verizon Say Networks Secure After Salt Typhoon BreachFinland Seizes Suspected Russian Spy Ship and Questions Crew Following Cable BreaksGermany Charges Three Suspected Russian Spies Accused of Surveilling Military SitesTelegram Blocks Russian State Media Channels in Several EU CountriesItalian Websites Subjected to Pro-Russian DDoS Attack Campaign…U.S. Treasury Says Chinese Hackers Stole Documents in ‘Major Incident’…U.S. Treasury Department Breached Through Remote Support PlatformAtos Says Space Bears Ransomware Group Claims It Compromised a DatabaseIn-Home Attendant Services (TX) Files Official Notice of Data BreachRansomware Is 35 Years Old and Now a Billion-Dollar Problem. Here’s How It Could EvolveHappy 15th Anniversary, KrebsOnSecurity!
12/27-29/2024 December 29, 2024December 29, 2024 ~ The Cyber Beat ~ Leave a comment White House: Salt Typhoon Hacks Possible Because Telecoms Lacked Basic Security Measures…U.S. Adds 9th Telcom to List of Companies Hacked by Chinese-Backed Salt Typhoon CyberespionageThe U.S. Proposes Rules to Make Healthcare Data More SecureBiden Administration Finalizes Rule to Block Sale of Americans’ Bulk Data to AdversariesThe Paper Passport Is DyingCISA’s 2024 Review Highlights Major Efforts in Cybersecurity Industry CollaborationRecord-Breaking Ransoms and Breaches: A Timeline of Ransomware in 2024How Cops Taking Down LockBit, ALPHV Led to RansomHub’s Meteoric RiseIt’s Only a Matter of Time Before LLMs Jump Start Supply-Chain AttacksHackers Steal ZAGG Customers’ Credit Cards in Third-Party BreachCustomer Data From 800,000 Electric Cars and Owners Exposed OnlineBlue Yonder Says November Ransomware Attack Not Connected to Cleo VulnerabilityHackers Hijacked Legitimate Chrome Extensions to Try to Steal DataCloud Atlas Deploys VBCloud Malware: Over 80% of Targets Found in RussiaFICORA and Kaiten Botnets Exploit Old D-Link Vulnerabilities for Global Attacks15,000+ Four-Faith Routers Exposed to New Exploit Due to Default CredentialsPalo Alto Releases Patch for PAN-OS DoS Flaw — Update ImmediatelyToo Much ‘Trust,’ Not Enough ‘Verify’
12/26/2024 December 26, 2024December 26, 2024 ~ The Cyber Beat ~ Leave a comment Cyberattack on Ukraine’s State Registers Disrupts Marriage Registration, Real Estate DealsA Weird Windows 11 Bug Won’t Let Some People Install Any Security UpdatesThe Worst Hacks of 2024Brazilian Hacker Charged for Extorting $3.2M in Bitcoin After Breaching 300,000 AccountsUN General Assembly Approves Cybercrime Treaty Despite Industry BacklashJapan Airlines Systems Back to Normal After Cyberattack Delayed FlightNearly Half a Million People Had Data Stolen After Cyberattack on American Addiction CentersNew ‘OtterCookie’ Malware Used to Backdoor Devs in Fake Job OffersInfostealers Dominate as Lumma Stealer Detections Soar by Almost 400%Apache Warns of Critical Flaws in MINA, HugeGraph, Traffic Control
12/24-25/2024 December 25, 2024December 25, 2024 ~ The Cyber Beat ~ Leave a comment U.S. and Japan Blame North Korea for $308m DMM Bitcoin Crypto HeistIran’s Charming Kitten Deploys BellaCPP: A New C++ Variant of BellaCiao MalwareEuropean Space Agency’s Official Store Hacked to Steal Payment CardsAmerican Airlines Resumes Flights After Brief Grounding Ahead of Busy Christmas TravelFormer NSA Cyberspy’s Not-So-Secret Hobby: Hacking Christmas LightsYou Need to Create a Secret Password With Your FamilyMajor Biometric Data Farming Operation UncoveredInside Operation Destabilise: How a Ransomware Investigation Linked Russian Money Laundering and Street-Level Drug DealingRuijie Networks’ Cloud Platform Flaws Could Expose 50,000 Devices to Remote AttacksPittsburgh Regional Transit Attributes Recent Service Disruptions to Ransomware AttackColonial Surety Company (NJ) Announces Data Breach Stemming from May Cybersecurity IncidentClop Ransomware Is Now Extorting 66 Cleo Data-Theft VictimsHow Androxgh0st Rose From Mozi’s Ashes to Become ‘Most Prevalent Malware’New Botnet Exploits Vulnerabilities in NVRs, TP-Link RoutersCISA Adds Acclaim USAHERDS Vulnerability to KEV Catalog Amid Active ExploitationCritical SQL Injection Vulnerability in Apache Traffic Control Rated 9.9 CVSS — Patch Now
12/23/2024 December 23, 2024December 23, 2024 ~ The Cyber Beat ~ Leave a comment Inside The Invisible Russia-Ukraine BattlefieldFrance Extends Olympics Security Measures to Christmas MarketInterpol Identifies Over 140 Human Traffickers in New Innovative InitiativeAI Could Generate 10,000 Malware Variants, Evading Detection in 88% of CaseMFA: Shun This Basic Cybersecurity Tactic and Become a Target for HackersFTC Orders Marriott and Starwood to Implement Strict Data SecurityClassified Fighter Jet Specs Leaked on War Thunder – AgainAlta Resources Corporation (WI) Provides Notice of Data Breach Affecting Over 37k PeopleCritical Vulns Found in WordPress Plugins WPLMS and VibeBPAdobe Warns of Critical ColdFusion Bug with PoC Exploit CodeApache Fixes Remote Code Execution Bypass in Tomcat Web ServerNon-Human Identities Gain Momentum, Requires Both Management & Security
12/20-22/2024 December 22, 2024December 22, 2024 ~ The Cyber Beat ~ Leave a comment FAA Banning Drone Flights Over New Jersey, New York SitesUkraine’s State Registers Hit with One of Russia’s Largest Cyberattacks, Officials SayRussia Security Threat Is Far Reaching, Italy’s Prime Minister WarnsLazarus Group Spotted Targeting Nuclear Engineers with CookiePlus Malware…North Korean Hackers Stole $1.3 Billion Worth of Crypto This YearItaly’s Data Protection Watchdog Issues €15m Fine to OpenAI Over ChatGPT ProbePegasus Spyware Maker NSO Group Is Liable for Attacks on 1,400 WhatsApp UsersRansomware Attackers Target Industries with Low Downtime ToleranceU.S. Unseals Complaint Against Russian-Israeli Accused of Working for LockBitRomanian Netwalker Ransomware Affiliate Sentenced to 20 Years in PrisonMassive Live Sports Piracy Ring With 812 Million Yearly Visits Taken OfflineThree of the Biggest U.S. Banks Are Facing a Lawsuit for ‘Widespread Fraud’ on Zelle: Bank of America, JPMorgan Chase, and Wells FargoWhat Google’s Quantum Computing Breakthrough Willow Means for the Future of Bitcoin and Other CryptosAscension: Health Data of 5.6 Million Stolen in Ransomware AttackDuke Energy Reports Data Breach Potentially Impacting Over 8 Million CustomersPS Logistics Announces Data Breach Stemming from February 2024 CyberattackSRP Federal Credit Union (SC) Data Breach—240,000 Members Exposed in Attacked Claimed by Nitrogen Ransomware GroupWood County (OH) Agencies Continue Investigating Ransomware AttackKrispy Kreme Breach, Data Theft Claimed by Play Ransomware GangLockBit Admins Tease a New Ransomware Version: LockBit 4.0New FlowerStorm Microsoft Phishing Service Fills Void Left by Rockstar2FARspack npm Packages Compromised with Crypto Mining Malware in Supply Chain AttackHackers Exploiting Critical Fortinet EMS Vulnerability to Deploy Remote Access ToolsSophos Issues Hotfixes for Critical Firewall Flaws: Update to Prevent ExploitationHow Not To Become A Botnet Victim: A Practical Guide For EveryoneInfosec Experts Divided on Ai’s Potential to Assist Red Teams
12/19/2024 December 19, 2024December 19, 2024 ~ The Cyber Beat ~ Leave a comment UAC-0125 Abuses Cloudflare Workers to Distribute Malware Disguised as Army+ AppKrebs: Web Hacking Service ‘Araneida’ Tied to Turkish IT FirmThis VPN Lets Anyone Use Your Internet Connection. What Could Go Wrong?Lumen Technologies Launches Sale of Consumer Fiber UnitU.S. Organizations Still Using Kaspersky Products Despite BanFour Smart Questions for Boards Overseeing CybersecurityU.S. Seeks Extradition of Alleged LockBit Ransomware Developer From IsraelBugs in a Major McDonald’s India Delivery System Exposed Sensitive Customer DataNew Malware Can Kill Engineering Processes in ICS EnvironmentsBadBox Malware Botnet Infects 192,000 Android Devices Despite DisruptionThousands Download Malicious npm Libraries Impersonating Legitimate ToolsJuniper Warns of Mirai Botnet Targeting SSR Devices with Default PasswordsFortinet Warns of Critical FortiWLM Flaw That Could Lead to Admin Access Exploits
12/18/2024 December 18, 2024December 18, 2024 ~ The Cyber Beat ~ Leave a comment U.S. Targets TP-Link With a Potential Ban on the Chinese RoutersU.S. Government Tells Officials, Politicians to Ditch Regular Calls and Texts…Chinese National Cyber Centre Says U.S. Hacks Stole Trade Secrets From Tech FirmsCongress Again Fails to Limit Scope of Spy Powers in New Defense BillKrebs: How to Lose a Crypto Fortune with Just One Bad ClickPhishing Attacks Double in 2024Nigeria Cracks Down on Cryptocurrency Investment Fraud and Romance ScamsRaccoon Stealer Malware Operator Gets 5 Years in Prison After Guilty PleaDutch Regulator Fines Netflix $5 Million for Data Privacy ViolationsQuantum AI Startup SandboxAQ Valued at $5.3 Bln After $300 Mln FundraisingAPT29 Hackers Target High-Value Victims Using Rogue RDP Servers and PyRDP‘Bitter’ Cyberspies Target Defense Orgs With New MiyaRAT MalwareHubPhish Exploits HubSpot Tools to Target 20,000 European Users for Credential TheftBrighton Jones Files Official Notice of Data Breach Following Email Phishing AttackNew Fake Ledger Data Breach Emails Try to Steal Crypto WalletsA Lightweight App Comes With Some Heavy Consequences, Researchers SayNew Attacks Exploit VSCode Extensions and npm PackagesBeyondTrust Issues Urgent Patch for Critical Vulnerability in PRA and RS ProductsMicrosoft Won’t Let Customers Opt out of Passkey PushRecorded Future CEO Applauds “Undesirable” Designation by Russia
12/17/2024 December 17, 2024December 17, 2024 ~ The Cyber Beat ~ Leave a comment Intel Officials Warned Police That U.S. Cities Aren’t Ready for Hostile DronesU.S. Unveils New National Cyber Incident Response PlanSophisticated TA397 Malware Targets Turkish Defense SectorThe Mask APT Resurfaces with Sophisticated Multi-Platform Malware ArsenalStop Calling Online Scams ‘Pig Butchering,’ Interpol WarnsDrug Dealers Have Moved on to Social MediaFacebook Owner Meta Hit with 251 Million Euros in Fines for 2018 Data BreachCoder Wrote a Bug So Bad Security Guards Wanted a Word When He Arrived at WorkPositive Behavior Supports Corporation Reports Data Breach Affecting Sensitive Client InformationHackers Use Microsoft MSC Files to Deploy Obfuscated Backdoor in Pakistan AttacksHackers Exploit Webview2 to Deploy CoinLurker Malware and Evade Security DetectionAttackers Exploit Microsoft Teams and AnyDesk to Deploy DarkGate MalwareCybercriminals Exploit Google Calendar to Spread Malicious LinksOver 25,000 SonicWall VPN Firewalls Exposed to Critical FlawsCritical Security Hole in Apache Struts Under ExploitCISA Orders Federal Agencies to Secure Microsoft 365 Tenants
12/16/2024 December 17, 2024December 17, 2024 ~ The Cyber Beat ~ Leave a comment Trump Administration Wants to Go on Cyber Offensive Against ChinaFederal Money Is Helping States Overhaul Cybersecurity. What Happens if It Dries Up?Russia Recruits Ukrainian Kids for Sabotage and ReconnaissanceSerbian Authorities Are Reportedly Hacking and Installing Spyware on Activists’ Phones: NoviSpyYouTube Creators Targeted in Global Phishing CampaignNew Investment Scam Leverages AI, Social Media Ads to Target Victims WorldwideThe Education Industry: Why Its Data Must Be ProtectedHackers Can Jailbreak Digital License Plates to Make Others Pay Their Tolls and TicketsIsraeli Spyware Firm Paragon Acquired by U.S. Investment GroupBlackBerry Offloads Cylance for a Fraction of What It Paid in 2019Kali Linux 2024.4 Released With 14 New Tools, Deprecates Some FeaturesTexas Tech University System Data Breach Impacts 1.4 Million PatientsConnectOnCall Breach Exposes Health Data of Over 910,000 PatientsHackers Orchestrate Cyberattack Against PIH Health, Claiming Massive Data BreachRhode Island Confirms Data Breach After Brain Cipher Ransomware AttackCicada3301 Ransomware Claims Attack on French Peugeot DealershipNamibia’s State Telecom Provider Says Hackers Leaked Data After It Refused to Pay RansomFBI Spots HiatusRAT Malware Attacks Targeting Web Cameras, DVRsDeceptionAds Delivers 1M+ Daily Impressions via 3,000 Sites, Fake CAPTCHA PagesNew Glutton Malware Exploits Popular PHP Frameworks Like Laravel and ThinkPHPWindows Kernel Bug Now Exploited in Attacks to Gain SYSTEM Privileges
12/13-15/2024 December 16, 2024December 16, 2024 ~ The Cyber Beat ~ Leave a comment Winnti Hackers Target Other Threat Actors With New Glutton PHP BackdoorThai Officials Targeted in Yokai Backdoor Campaign Using DLL Side-Loading TechniquesUkraine Uncovers Russian Spy Network Recruiting Teens for Espionage“Hazardous Drone Operation” Leads to Two Arrests in BostonGame-Like ‘Task Scams’ Stole More Than $220 Million in Six MonthsThe Simple Math Behind Public Key CryptographyMajor Cloud Providers Could Get Key Role in AI Chip Access Outside the U.S., Sources SayPeak Design Denies Snitching on Luigi MangioneUnitedHealth’s Optum Left an AI Chatbot, Used by Employees to Ask Questions About Claims, Exposed to the InternetUK Shoppers Frustrated as Bots Snap Up Popular Christmas GiftsGermany Disrupts BADBOX Malware on 30,000 Devices Using Sinkhole ActionRussia Blocks Viber in Latest Attempt to Censor CommunicationsRhode Island’s Online Benefits System Shuts Down After CyberattackSRP Federal Credit Union (SC) Says 240,000 Impacted by Recent CyberattackAuto Parts Giant LKQ Says Cyberattack Disrupted Canadian Business UnitJapanese Game and Anime Publisher Kadokawa Reportedly Pays $3 Million Ransom to Russia-Linked HackersYoung Life Announces Data Breach Affecting Employees and Volunteers390,000+ WordPress Credentials Stolen via Malicious GitHub Repository Hosting PoC ExploitsCISA Confirms Critical Cleo Bug Exploitation in Ransomware Attacks…Clop Ransomware Claims Responsibility for Cleo Data Theft AttacksAkira and RansomHub Surge as Ransomware Claims Reach All-Time HighCitrix Shares Mitigations for Ongoing Netscaler Password Spray AttacksCISA Warns Water Facilities to Secure HMI Systems Exposed Online
12/12/2024 December 13, 2024December 16, 2024 ~ The Cyber Beat ~ Leave a comment Gamaredon Deploys Android Spyware “BoneSpy” and “PlainGnome” in Former Soviet StatesNorth Korea’s Fake IT Worker Scam Hauled in at Least $88 Million Over Six Years…U.S. Offers $5 Million for Info on North Korean IT Worker FarmsTelecoms Haven’t Notified Most Victims of Chinese Phone Data Hacking Campaign, Sources SayGoogle Says Its Breakthrough Quantum Chip Can’t Break Modern CryptographyPolice Refer Westminster ‘Honeytrap’ to ProsecutorsSpain Busts Voice Phishing Ring for Defrauding 10,000 Bank CustomersPolice Shuts Down Rydox Cybercrime Market, Arrests 3 AdminsInsurance Worker Sentenced After Illegally Accessing Claimants’ DataBitcoin ATM Firm Byte Federal Hacked via GitLab Flaw, 58K Users ExposedOver 300K Prometheus Instances Exposed: Credentials and API Keys Leaking OnlineRemcos RAT Malware Evolves with New TechniquesNew Stealthy Pumakit Linux Rootkit Malware Spotted in the WildNew IOCONTROL Malware Used in Critical Infrastructure AttacksResearchers Uncover Symlink Exploit Allowing TCC Bypass in iOS and macOSWordPress Hunk Companion Plugin Flaw Exploited to Silently Install Vulnerable PluginsSecurity Flaws in WordPress Woffice Theme Prompts Urgent UpdateCleo Patches Critical Zero-Day Exploited in Data Theft Attacks
12/11/2024 December 11, 2024December 11, 2024 ~ The Cyber Beat ~ Leave a comment Researchers Uncover Espionage Tactics of China-Based APT Groups in Southeast AsiaChinese EagleMsgSpy Spyware Found Exploiting Mobile Devices Since 2017Secret Blizzard Targets Ukrainian Military with Custom Malware Kazuar BackdoorThe ‘Ghost Gun’ Linked to Luigi Mangione Shows Just How Far 3D-Printed Weapons Have ComeSnowflake Pledges to Make MFA MandatoryKrebs: How Cryptocurrency Turns to Cash in Russian BanksU.S. Charges Chinese Hacker for Exploiting Zero-Day in 81,000 Sophos FirewallsSouth Korea Takes Down Fraudulent Online Trading Network Used to Extort $6.3MOperation PowerOFF Takes Down DDoS BoostersKrispy Kreme Security Hole Leads to Cyberattack, Frosting OrdersLynx Ransomware Behind Electrica Energy Supplier CyberattackSabre (TX) Sends Data Breach Letter to Employees Announcing Leaked SSNs and MoreSophisticated Scam Targets UAE Residents with Fake Police FinesZLoader Malware Returns With DNS Tunneling to Stealthily Mask C2 CommsNew Malware Technique Could Exploit Windows UI Framework to Evade EDR ToolsMicrosoft Azure MFA Flaw Allowed Easy Access BypassMicrosoft MFA AuthQuake Flaw Enabled Unlimited Brute-Force Attempts Without AlertsKrebs: Patch Tuesday, December 2024 Edition
12/10/2024 December 10, 2024December 10, 2024 ~ The Cyber Beat ~ Leave a comment Wyden Proposes Bill to Secure U.S. Telecoms After Salt Typhoon HacksU.S. Sanctions Chinese Firm Sichuan Silence Information Technology Company Over Potentially Deadly Ransomware AttackNvidia Probed in China Over Possible Antimonopoly ViolationsChinese Hackers Use Visual Studio Code Tunnels for Remote AccessPoker Cheaters Allegedly Use Tiny Hidden Cameras to Spot Dealt CardsNew Jersey Mayors Pen Letter Demanding Action on Mysterious Drone SightingsAI Safety Is Hard to Steer With Science in Flux, U.S. Official SaysAvast Antivirus Owner Gen Digital Acquires MoneyLion in $1 Bln DealFTC Distributes $72 Million in Fortnite Refunds From Epic GamesNext Congress Likely to Tussle Over Cyber OversightNemesis and ShinyHunters Hackers Exploit AWS Misconfigurations in Massive Data BreachHighgate Hotels Sends Out Data Breach Letters Following CyberattackFake Recruiters Distribute Banking Trojan via Malicious Apps in Phishing ScamNew AppLite Malware Targets Banking Apps in Phishing CampaignCleo File Transfer Vulnerability Under Exploitation – Patch Pending, Mitigation UrgedBadRAM: $10 Security Flaw in Amd Could Allow Hackers to Access Cloud Computing SecretsWPForms Bug Allows Stripe Refunds on Millions of WordPress SitesIvanti Warns of Maximum Severity CSA Auth Bypass VulnerabilityMicrosoft December 2024 Patch Tuesday Fixes 1 Exploited Zero-Day, 71 Flaws
12/9/2024 December 10, 2024December 10, 2024 ~ The Cyber Beat ~ Leave a comment China’s Salt Typhoon Recorded Top American Officials’ Calls, Says White House…U.S. Agencies to Brief House on Chinese Salt Typhoon Telecom HackingPhishing Scam Targets Ukrainian Defense CompaniesRadiant Links $50 Million Crypto Heist to North Korean HackersPolice Arrest UHC CEO Shooting Suspect, App Developer Luigi MangioneCybercrime Gang Arrested After Turning Airbnbs Into Fraud CentersFederal Appeals Court Upholds Law Threatening U.S. TikTok BanProposal for Cyber Force Study Is Watered down in Final Defense Bill…The Case For and Against Creating a Military Cyber ForceRussia Disrupts Internet Access in Multiple Regions to Test ‘Sovereign Internet’Romanian Energy Supplier Electrica Hit by Ransomware AttackU.S. Subsidiaries of Japanese Water Treatment Company, Green Tea Maker Kurita Water Industries Hit with RansomwareRansomware Attack Hits Leading Heart Surgery Device Maker ArtivionAmergis Healthcare Staffing (MD) Reports Data Breach Stemming from Compromised Email AccountsBlack Basta Ransomware Evolves with Email Bombing, QR Codes, and Social EngineeringSocks5Systemz Botnet Powers Illegal Proxy Service with 85,000+ Hacked DevicesOpenWrt Sysupgrade Flaw Let Hackers Push Malicious Firmware ImagesResearchers Uncover Prompt Injection Vulnerabilities in DeepSeek and Claude AILarge-Scale Incidents & the Art of Vulnerability Prioritization
12/6-8/2024 December 9, 2024December 9, 2024 ~ The Cyber Beat ~ Leave a comment FCC Chair Proposes Cybersecurity Rules in Response to China’s Salt Typhoon Telecom HackHow Chinese Insiders Are Stealing Data Scooped up by President XI’s National Surveillance SystemRomania Exposes TikTok Propaganda Campaign Supporting Pro-Russian Candidate…Romania Cancels Presidential Election Results After Alleged Russian Meddling on TikTokUK Cybersecurity Agency Unconcerned About Changes to Cisa Under TrumpHackers Using Fake Video Conferencing Apps to Steal Web3 Professionals’ DataQR Codes Bypass Browser Isolation for Malicious C2 CommunicationThe Weight-Loss Drug Boom Has Become One of the Internet’s Biggest ScamsWhy SOC Roles Need to Evolve to Attract a New GenerationPirated Corporate Software Infects Russian Businesses With Info-Stealing MalwareDeloitte Denies Breach, Claims Cyber-Attack Targeted Single ClientAnna Jaques Hospital (MA) Ransomware Breach Exposed Data of 300K PatientsBlue Yonder SaaS Giant Breached by Termite Ransomware GangCardano Foundation X Account Hacked, Scam Links Posted, Then RemovedUltralytics AI Model Hijacked to Infect Thousands With CryptominerMore_eggs MaaS Expands Operations with RevC2 Backdoor and Venom LoaderResearchers Uncover Flaws in Popular Open-Source Machine Learning FrameworksNew Windows Zero-Day Exposes NTLM Credentials, Gets Unofficial Patch
12/5/2024 December 6, 2024December 6, 2024 ~ The Cyber Beat ~ Leave a comment U.S. Phone Companies Could Face Fines for Weak Security Under a Proposed New RuleResearchers Uncover 4-Month Cyberattack on U.S. Firm Linked to Chinese HackersHackers Target Uyghurs and Tibetans with MOONSHINE Exploit and DarkNimbus BackdoorNew Android Spyware Found on Phone Seized by Russian FSBU.S. Arrests Scattered Spider Suspect Linked to Telecom HacksNebraska Man Pleads Guilty to Dumb Cryptojacking OperationEuropol Shuts Down Manson Market Fraud Marketplace, Seizes 50 ServersTexas Accuses Four Companies of Sharing Sensitive User Data Without Proper Notice and ConsentShe Escaped an Abusive Marriage—Now She Helps Women Battle Cyber HarassmentRomania’s Election Systems Targeted in Over 85,000 CyberattacksRansomware Hackers Target NHS Hospitals With New CyberattacksMajor USAID Contractor Chemonics Says 263,000 Affected by 2023 Data BreachHoboken Government Recovering From Ransomware Attack as Conti-Linked Gang Takes CreditPointClickCare Data Breach Affects Residents of Multiple Long-Term Care FacilitiesANEL and NOOPDOOR Backdoors Weaponized in New MirrorFace Campaign Against JapanPro-Russian Hacktivist Group ‘Noname’ Claims 6600 Attacks Targeting EuropeMitel MiCollab Zero-Day Flaw Gets Proof-of-Concept ExploitVulnerability Management Challenges in IoT & OT Environments
12/4/2024 December 5, 2024December 5, 2024 ~ The Cyber Beat ~ Leave a comment U.S. Officials Recommend Encrypted Messaging to Evade Hackers in Telecom Networks‘Large Number’ of Americans’ Metadata Stolen by Chinese Hackers, Senior Official SaysSenators Warn the Pentagon: Get a Handle on China’s Telecom HackingWhite House: Salt Typhoon Hacked Telcos in Dozens of CountriesTrump’s FBI Pick Kash Patel Targeted in Iranian CyberattackA New Phone Scanner That Detects Spyware Has Already Found 7 Pegasus InfectionsShe Was a Russian Socialite and Influencer. Cops Say She’s a Crypto Laundering KingpinUK Disrupts Russian Money Laundering Networks Used by RansomwareKrebs: U.S. Offered $10M for Hacker ‘Wazawaka’ Just Arrested by RussiaRansomware Costs Manufacturing Sector $17bn in DowntimeRussia-Linked Turla Exploits Pakistani Hackers’ Servers to Target Afghan and Indian EntitiesBT Unit Took Servers Offline After Black Basta Ransomware BreachLiverpool Children’s Hospital Confirms Cyber-AttackWirral Hospital Recovery Continues One Week After Cyber IncidentESHA (NJ) Notifies Over 76k People of Recent Data BreachNew DroidBot Android Malware Targets 77 Banking, Crypto AppsResearchers Uncover Backdoor in Solana’s Popular Web3.js npm LibraryJapan Warns of IO-Data Zero-Day Router Flaws Exploited in AttacksCritical SailPoint IdentityIQ Vulnerability Exposes Files to Unauthorized AccessNavigating the Changing Landscape of Cybersecurity RegulationsFBI Shares Tips on How to Tackle AI-Powered Fraud Schemes
12/3/2024 December 3, 2024December 3, 2024 ~ The Cyber Beat ~ Leave a comment U.S. Official Fighting Chinese Telecom Intrusions Urges More Encryption…U.S. Shares Tips to Block Hackers Behind Recent Telecom BreachesFrench Mobile Operators Join Forces to Tackle Rising FraudFinland Says Latest Fiber-Optic Cable Break Was an Accident, Not SabotageKimsuky Group Adopts New Phishing Tactics to Target VictimsKrebs: Why Phishers Love New TLDs Like .shop, .top and .xyzPolice Shut Down Matrix Encrypted Criminal HubPolice Seizes Largest German Online Crime Marketplace ‘Crimenetwork’ & Arrests AdminData Brokers May Be Banned From Selling Your Social Security NumberTwo Data Brokers Banned From Selling ‘Sensitive’ Location Data by the FTCCyberattack and Financial Troubles Force Stoli’s U.S. Arm to File for BankruptcyData on 760K Workers From Xerox, Nokia, BofA, Morgan Stanley and More Dumped OnlineRansomware Attack Disrupts Operations at U.S. Contractor ENGlobalIndian Online ID Verification Firm Signzy Confirms Security IncidentArthur Center Community Health (MO) Files Notice of Data Breach with Federal GovernmentHorns&Hooves Campaign Delivers RATs via Fake Emails and JavaScript PayloadsCloudflare’s Developer Domains Increasingly Abused by Threat ActorsNachoVPN Tool Exploits Flaws in Popular VPN Clients for System CompromiseExploit Released for Critical WhatsUp Gold RCE Flaw, Patch NowVeeam Warns of Critical RCE Bug in Service Provider ConsoleCisco Warns of Exploitation of Decade-Old ASA WebVPN Vulnerability
12/2/2024 December 3, 2024December 3, 2024 ~ The Cyber Beat ~ Leave a comment France Accuses Azerbaijan of Online Manipulation CampaignsGerman Intelligence Launches Task Force to Combat Foreign Election InterferenceChinese Lidar Sensors Pose Hacking Risk to U.S. Defense Equipment, Report SaysThe Pressure Is on for Big Tech to Regulate the Broken Digital Advertising IndustryMalicious Ads in Search Results Are Driving New Generations of ScamsINTERPOL Arrests 5,500 in Global Cybercrime Crackdown, Seizes Over $400 MillionKorea Arrests CEO for Adding DDoS Feature to Satellite ReceiversRussia Sentences Hydra Dark Web Market Leader to Life in PrisonSEC Settles With an Industrial and Commercial Bank of China Unit Over Ransomware Attack, Imposes No FineAre You Being Tracked by an Airtag? Here’s How to CheckCosta Rica State Energy Company Calls in U.S. Experts to Help With Ransomware AttackRetail Outages Drag Into Second Week After Blue Yonder Ransomware Attack$300M Bitcoin Hack Forces Japanese Crypto Exchange DMM Bitcoin to Cease OperationsClipper DEX Says Recent $450K Hack Wasn’t Caused by Private Key LeakCrypto.com Launches Massive $2m Bug Bounty ProgramZane Benefits (UT) Sends Data Breach Letters Confirming Leaked SSNsSmokeLoader Malware Campaign Targets Companies in TaiwanAWS Launches an Incident Response Service to Combat Cybersecurity ThreatsIncident Response Playbooks: Are You Prepared?Apple Patents System for Identifying People When Facial Scans Aren’t Enough
11/29-12/1/2024 December 1, 2024December 1, 2024 ~ The Cyber Beat ~ Leave a comment Cyber-Attacks Could Impact Romanian Presidential Race, Officials ClaimAI-Powered Fake News Campaign Targets Western Support for Ukraine and U.S. ElectionsUN, International Orgs Create Advisory Body for Submarine Cables After IncidentsIn the New Space Race, Hackers Are Hitching a Ride Into OrbitIn New Bitcoin Bull Market, It’s Time to Beware of the Same Old Crypto ScamsMet Police Apologises to Honeytrap Victims Over EmailUK Justice System Failing Cybercrime Victims, Cyber Helpline FindsWanted Russian Hacker ‘Wazawaka’ Linked to Hive and LockBit Ransomware ArrestedU.S. Citizen Florida Man Sentenced for Spying on Behalf of China’s Intelligence AgencyUganda Confirms Cyberattack on Central Bank but Minimizes Extent of BreachINC Ransom Claims Cyber-Attack on UK Children’s HospitalRansomHub Claims to Net Data Hat-Trick Against Bologna FCPhishing-as-a-Service “Rockstar 2FA” Targets Microsoft 365 Users with AiTM AttacksNovel Phising Campaign Uses Corrupted Word Documents to Evade SecuritySpyLoan Android Malware on Google Play Installed 8 Million TimesNew Windows Server 2012 Zero-Day Gets Free, Unofficial PatchesTor Needs 200 New Webtunnel Bridges to Fight CensorshipBulgarians Plead Guilty to Spying for Russia Using ‘Advanced Technology’