9/23/2021 September 23, 2021September 23, 2021 ~ The Cyber Beat ~ Leave a comment FamousSparrow APT Wings in to Spy on Hotels, GovernmentsOfficials Urge Congress to Consider Fining Companies That Fail to Report Cyber IncidentsBanks Share Data to Block CyberattacksRansomware Attackers Targeted This Company: Then Defenders Discovered Something CuriousREvil Affiliates Confirm: Leadership Were Cheating DirtbagsGoogle Report Spotlights Uptick in Controversial ‘Geofence Warrants’ by PoliceKrebs: Indictment, Lawsuits Revive Trump-Alfa Bank StoryColombian Real Estate Agency Leak Exposes Records of Over 100,000 BuyersIllinois Integrated Eligibility System Acknowledges Possible Data Breach 10 Months After IncidentPort of Houston Target of Suspected Nation-State HackU.S. Eye-Care Providers Report Data BreachesMalware Devs Trick Windows Validation With Malformed CertsApple Patches New Zero-Day Bug Used to Hack iPhones and Macs
9/22/2021 September 23, 2021September 23, 2021 ~ The Cyber Beat ~ Leave a comment Republican Lawmakers Raise Security, Privacy Concerns Over Huawei Cloud ServicesLithuania Tells Its Citizens to Throw Xiaomi Mobile Devices in the BinZoom’s $15B Merger With Five9 Probed by Uncle Sam for National Security RisksFacebook’s Chief Technology Officer Mike Schroepfer to Step DownFBI, CISA, and NSA Warn of Escalating Conti Ransomware AttacksMost Business Executives Would Be Willing To Pay Cyber Ransoms: SurveyInternet Users Stressed Out by Cyberattack News: KasperskyU.S. Locks Up Call Center ScammerRaidForums Hacker Data Marketplace Accidentally Exposes Private Staff PageHow REvil May Have Ripped Off Its Own AffiliatesReal Estate Firm Marcus & Millichap Hit With Possible BlackMatter RansomwareMicrosoft Exchange Autodiscover Bugs Leak 100k Windows CredentialsMicrosoft Warns of a Wide-Scale Phishing-as-a-Service OperationApple Will Disable Insecure TLS in Future iOS, macOS ReleasesHackers Are Scanning for Vmware Cve-2021-22005 Targets, Patch Now!
9/21/2021 September 22, 2021September 22, 2021 ~ The Cyber Beat ~ Leave a comment U.S. Treasury Sanctions Cryptocurrency Exchange for Alleged Role in Ransomware AttacksFBI Withheld Decryption Key for Kaseya Ransomware Attack for Three WeeksUK Ministry of Defence Apologises After Afghan Interpreters’ Personal Data Exposed in Email BlunderTurla APT Plants Novel Backdoor In Wake of Afghan UnrestGoing Beyond Curbing Tech Giants, Xi Wants to Steer Flows of Money and Set Tighter Limits on Profit MakingFacebook’s Latest “Apology” Reveals Security and Safety DisarrayUsers Increasingly Willing to Abandon Digital Platforms That Demand Personal Info, Stringent Passwords and Time-Consuming Forms: StudyWhy Cryptomining Malware Is a Harbinger of Future AttacksMarketron Marketing Services Hit by BlackMatter RansomwareFrench Shipping Giant CMA CGM Suffers Data BreachCrystal Valley (MN) Hit by Ransomware, Systems Go OfflineUkrainian Hackers Hit Family Medical Center (MI) With RansomwareNew Capoae Malware Infiltrates WordPress Sites and Installs Backdoored PluginVMware Warns of Critical Bug in Default vCenter Server InstallsNew macOS Zero-Day Bug Lets Attackers Run Commands RemotelyNetgear Fixes Dangerous Code Execution Bug in Multiple RoutersHow to Fix the Windows 0x0000011b Network Printing Error
9/20/2021 September 20, 2021September 20, 2021 ~ The Cyber Beat ~ Leave a comment Indonesia Says No Evidence of Alleged Chinese Intel Hack A New Wave of APT Malware Attack Targeting Organizations in South AmericaWhite House Cybersecurity Summit: A Missed OpportunityKrebs: Does Your Organization Have a Security.txt File?Amazon Driver-Surveillance Cameras Roll Out, Sparking DebateTikTok China Just Limited Kids to 40 Minutes’ Use Each DayGoogle to Auto-Reset Unused Android App Permissions for Billions of DevicesEuropol Breaks Open Extensive Mafia Cybercrime RingFormer IT Exec Pleads Guilty to Insider Trading ConspiracyMajor Agriculture Group New Cooperative Hit by BlackMatter Ransomware AttackVoIP.MS Phone Services Disrupted by DDoS Extortion AttackIsraeli Communications Company Voicenter Hit by Major Cyber AttackData of 106 Million Visitors to Thailand BreachedPayment API Bungling Exposes Millions of Users’ Payment DataEventBuilder Misconfiguration Exposes Microsoft Event Registrant DataEpik Data Breach Impacts 15 Million Users, Including Non-CustomersHacked Sites Push TeamViewer Using Fake Expired Certificate AlertApache OpenOffice Can Be Hijacked by Malicious Documents, Fix Still in Beta
9/17-19/2021 September 20, 2021September 20, 2021 ~ The Cyber Beat ~ Leave a comment Australia, UK, and U.S. Announce Security PartnershipU.S. to Target Crypto Ransomware Payments With SanctionsResearchers Compile List of Vulnerabilities Abused by Ransomware GangsThe FCC Is Trying to Stop Robocalls, but the Scammers Won’t DisappearCyberattackers Target Missouri Hospital At Epicenter Of COVID Outbreak, Post Patient DataFacebook Employees Flag Drug Cartels and Human Traffickers: The Company’s Response Is WeakHow Facebook Hobbled Mark Zuckerberg’s Bid to Get America VaccinatedU.S. Gov’t Sites Showing Porn, Viagra Ads Share a Common Software VendorApp Annie Settlement Signals Closer Scrutiny of Data BrokersKrebs: Trial Ends in Guilty Verdict for DDoS-for-Hire BossAT&T Phone-Unlocking Malware Ring Costs Carrier $200MHealth Dept. Cyber Attack Exposes Most Alaskans’ Personal DataWeb Host Epik Was Warned of a Critical Security Flaw Weeks Before It Was HackedTech Recruiters Jabbed by Fake COVID-19 Passport ScamNew “Elon Musk Club” Crypto Giveaway Scam Promoted via EmailBillions More Android Devices Will Reset Risky App PermissionsOMIGOD: Microsoft Azure VMS Exploited to Drop Mirai, MinersMicrosoft Asks Azure Linux Admins to Manually Patch OMIGOD BugsHow to Fix Printers Asking for Admins Creds After PrintNightmare Patch
9/16/2021 September 16, 2021September 16, 2021 ~ The Cyber Beat ~ Leave a comment Senator Hassan Calls on Agencies to Take Action to Prevent Criminal Cryptocurrency UseCISA, FBI: State-Backed APTs May Be Exploiting Critical Zoho BugFBI: $113 Million Lost to Online Romance Scams This YearREvil/Sodinokibi Ransomware Universal Decryptor Key Is Out7 Steps to a More Secure Social Media PolicyHousehold Names Hit with £500K Fine for Spamming ConsumersSlot Machine Chain Dotty’s Reveals Data Breach Exposing SSNs, Financial Account Numbers, Biometric Data, Medical Records and MoreRepublican Governors Association Was Hacked Earlier This YearEmployee, Patient Data Compromised in Earlier Marion County Health Dept. (IN) Cyber AttackAirline Credential-Theft Takes Off in Widening CampaignWindows MSHTML 0-Day Exploited to Deploy Cobalt Strike Beacon in Targeted AttacksNew Malware Uses Windows Subsystem for Linux for Stealthy AttacksNew Windows Security Updates Break Network Printing
9/15/2021 September 16, 2021September 16, 2021 ~ The Cyber Beat ~ Leave a comment FTC Warns Health Apps to Notify Consumers Impacted by Data BreachesAttackers Impersonate DoT in Two-Day Phishing ScamRansomware Gang: ‘We’ll Burn Your Data if You Get a Negotiator’When Cyber War Becomes WarMicrosoft Rolls Out Passwordless Login for All Microsoft AccountsDeparting U.K. Privacy Regulator Wants Global Consensus on Data DisputesFormer U.S. Operatives Agree to $1.68M Settlement over Mercenary Hacking ChargesGerman Election Authority Confirms Likely Cyber AttackKrebs: Customer Care Giant TTEC Hit By RansomwareNo Patch for High-Severity Bug in Legacy IBM System X ServersMicrosoft Fixes Critical Bugs in Secretly Installed Azure Linux AppMikroTik Shares Info on Securing Routers Hit by Massive Mēris BotnetKali Linux 2021.3 Released With New Pentest Tools, Improvements
9/14/2021 September 15, 2021September 15, 2021 ~ The Cyber Beat ~ Leave a comment Top FBI Official Says There Is ‘No Indication’ Russia Has Taken Action Against HackersGeneral Promises ‘Surge’ to Fight Ransomware AttacksEx-U.S. Intelligence Operatives in UAE Hacking Case to Cooperate with FBIThe Zero-Trust Approach to Managing Cyber Risk ExplainedNearly 50% of On-Premises Databases Have VulnerabilitiesKape Technologies to Acquire ExpressVPNSuffolk County (NY) IT Supervisor Charged with Crypto-MiningMassachusetts AG Launches Investigation Into T-Mobile Data BreachKrita Art App Users Targeted by Ransomware Posing as Paid ‘Collaboration’ OpportunitiesAnonymous Claims to Have Stolen Huge Trove of Data From Epik, the Right-Wing’s Favorite Web HostLubbock Co. (TX) Denies Data Breach, Says Data Temporarily Accessible Under New Software SystemZLoader’s Back, Abusing Google AdWords, Disabling Windows DefenderHP OMEN Gaming Hub Flaw Affects Millions of Windows ComputersTravis CI Flaw Exposed Secrets of Thousands of Open Source ProjectsAdobe Snuffs Critical Bugs in Acrobat, Experience ManagerKrebs: Microsoft Patch Tuesday, September 2021 Edition…Fixes Remaining Windows PrintNightmare Vulnerabilities
9/13/2021 September 13, 2021September 13, 2021 ~ The Cyber Beat ~ Leave a comment Apple Patches iPhone iMessage Vulnerability Exploited by NSO GroupChina-Based Mustang Panda Compromises Indonesian Intelligence AgencyDiscontent Simmers Over How to Police EU Privacy RulesFTC Warns of Extortionists Targeting LGBTQ+ Community on Dating AppsHow Likely Is Your Employee To Cause A Data Breach?Brute-Force Attacks, Vulnerability Exploits Top Initial Attack VectorsPrivate Equity Firm Siris Capital in Talks to Acquire Cybersecurity Firm Radware, Sources SayU.S. Locks Up Oklahoma Man in Nigerian Romance ScamOver 60 Million Wearable, Fitness Tracking Records Exposed via Unsecured DatabasePost-Ida Cyber Attack Hits Jefferson Parish CourtsAnonymous Hacks Texas Republican Party Website in Retaliation for State’s Abortion BanHow Walgreens’ Sloppy COVID-19 Test Registration System Exposed Patient DataLinux Implementation of Cobalt Strike Beacon Targeting Organizations WorldwideWooCommerce Multi Currency Bug Allows Shoppers to Change eCommerce PricingGoogle Patches 10th Chrome Zero-Day Exploited in the Wild This Year
9/10-12/2021 September 13, 2021September 13, 2021 ~ The Cyber Beat ~ Leave a comment Stolen Credentials Led to Data Theft at United NationsCressida Dick: Tech Giants Make It Impossible to Stop TerroristsWhatsApp to Finally Let Users Encrypt Their Chat Backups in the CloudKrebs: KrebsOnSecurity Hit By Huge New IoT Botnet “Meris”Cybersecurity Seen as Rising Risk for AirlinesHackers Are Leaking Children’s Data — And There’s Little Parents Can DoColorado County Clerk Charged with CybercrimeMyRepublic Data Breach Raises Data-Protection QuestionsTechnology Giant Olympus Hit by BlackMatter RansomwareYonkers (NY) Hacked, No Computers for the Past Week: City Hall Says No RansomFujitsu Confirms Stolen Data Not Connected to Cyberattack on Its SystemsMēris Botnet Hit Russia’s Yandex With Massive 22 Million RPS DDoS AttackSOVA, Worryingly Sophisticated Android Trojan, Takes FlightWindows MSHTML Zero-Day Exploits Shared on Hacking Forums
9/9/2021 September 9, 2021September 9, 2021 ~ The Cyber Beat ~ Leave a comment United Nations Confirms Its Systems Were Breached This YearSideWalk Backdoor Linked to China-Linked Spy Group ‘Grayfly’Cyber-Criminal Targets Dadsnet Founders91% Of It Teams Have Felt ‘Forced’ to Trade Security for Business OperationsReport Pushes for Changes to Diversify ‘Homogenous’ U.S. Cybersecurity WorkforceIn the Hybrid Future, Secure Everything Like You’re Never Going BackU of Minnesota Partners With Optum, Medtronic to Launch Medical Device Cybersecurity CenterLAPD Told to Harvest Social Media Handles From People They Stop, Suspect or NotPrison for BEC Scheme Money LaundererSouth African Justice Department Is Hit by Ransomware AttackBrazil’s Health Regulator Hacked After Argentina Qualifier ControversyRansomware Attack on Desert Wells Family Medicine (AZ) Corrupts 35,000 Patients’ RecordsNew Mēris Botnet Breaks DDoS Record With 21.8 Million RPS AttackTitanfall 2 Allegedly Hacked via “Simple Exploit”GitHub Finds 7 Code Execution Vulnerabilities in ‘Tar’ and Npm CLI‘Azurescape’ Kubernetes Attack Allows Cross-Container Cloud CompromiseMicrosoft Fixes Bug Letting Hackers Take Over Azure ContainersWindows MSHTML Zero-Day Defenses Bypassed as New Info Emerges
9/8/2021 September 9, 2021September 9, 2021 ~ The Cyber Beat ~ Leave a comment Pro-China Social Media Campaign Expands to New Countries, Blames U.S. For COVIDAfter the 9/11 Attacks, Wall Street Bolstered Its DefensesThe SEC Is Serious About Cybersecurity. Is Your Company?Spoofing Bug Highlights Cybersecurity for Digital Vaccine PassportsMicrosoft Has a $20 Billion Hacking Plan, but Cybersecurity Has a Big Spending ProblemInside Genesis: The Market Created by Cybercriminals to Make Millions Selling Your Digital IdentityExperts Uncover Mobile Spyware Attacks Targeting Kurdish Ethnic GroupUkrainian Extradited to U.S. for Allegedly Selling Computer Credentials: DOJProtonMail Welcomes Sir Tim Berners-Lee to Its Advisory Board After Privacy BacklashNew Zealand DDoS Wave Targets Banks, Post Offices, Weather Forecasters and MoreHackers Leak Passwords for 500,000 Fortinet VPN AccountsRussian Internet Firm Yandex Hit by Major Cyber Attack -ReportHoward University Shuts Down Network After Ransomware AttackTeamTNT’s New Tools Target Multiple OSMicrosoft: Attackers Exploiting Windows Zero-Day Flaw (Krebs)HAProxy Found Vulnerable to Critical HTTP Request Smuggling AttackZoho Patches Actively Exploited Critical ADSelfService Plus BugHow Much Do You Know About Ransomware? Take Our Quiz
9/7/2021 September 8, 2021September 8, 2021 ~ The Cyber Beat ~ Leave a comment Bipartisan House Group Introduces Legislation to Set Term Limit for Key Cyber LeaderWith the Pandemic End in Sight, Enterprise Defenders Worry About a Surge in CyberattacksRagnar Locker Gang Warns Victims Not to Call the FBIREvil Ransomware Group Resurfaces After Brief HiatusMicrosoft Outlook Shows Real Person’s Contact Info for IDN Phishing EmailsEl Salvador Becomes First Country to Adopt Bitcoin as National Currency…Price TumblesCybersecurity Student Scams Senior Out of $55KHoward University Hit With Ransomware Attack, Cancels ClassesCity of Bridgeport (WV) Notifies Residents of Cyber AttackTexas Right to Life Website Exposed Job Applicants’ ResumesMcDonald’s Leaks Password for Monopoly VIP Database to WinnersJenkins Hit as Atlassian Confluence Cyberattacks WidenBooby-Trapped Office Files, No Patch Yet, Says MicrosoftMicrosoft Shares Temp Fix for Ongoing Office 365 Zero-Day Attacks
9/6/2021 September 6, 2021September 6, 2021 ~ The Cyber Beat ~ Leave a comment Russia Responsible for Cyber Attacks on German Parliament: German Foreign MinistryPro-Russian Disinformation Systematically Spread Using Western Media ChannelsEuropean Regulators Continue to Disrupt Data Transfers to U.S.IoT Attacks Skyrocket, Doubling in 6 MonthsProtonMail Shares Activist’s IP Address With Authorities Despite Its “No Log” ClaimsTrickBot Gang Developer Arrested When Trying to Leave KoreaIrish Police Seize Conti Domains Used in HSE Ransomware AttackFrench Government Visa Website Hit by Cyber-Attack That Exposed Applicants’ Personal DataKrebs: “FudCo” Spam Empire Tied to Pakistani Software FirmRansomware Gangs Target Companies Using These CriteriaTraffic Exchange Networks Distributing Malware Disguised as Cracked SoftwareCritical Auth Bypass Bug Affect NETGEAR Smart Switches — Patch and PoC ReleasedNPM Package With Millions of Weekly Downloads Has Fixed a Remote Code Execution FlawNew Chainsaw Tool Helps IR Teams Analyze Windows Event Logs
9/3-5/2021 September 6, 2021September 6, 2021 ~ The Cyber Beat ~ Leave a comment Why Ransomware Hackers Love a Holiday WeekendU.S. SEC: Watch Out for Hurricane Ida-Related Investment ScamsMassachusetts Lawmakers to Hold Cybersecurity HearingVoting Data From a Colorado County Was Leaked Online: Now the Clerk Is in HidingBanksy Was Warned About Website Flaw Before NFT Hack ScamIrish Health Service Still Recovering Months After Hack: ‘A Cyber-Attack Disrupted My Cancer Treatment’Regulators Investigate Crypto-Exchange Developer Uniswap LabsPrivacy Alarm in Indonesia Over President’s Leaked Vaccine CertificateEight U.S. States to Begin Accepting Digital Driving LicensesApple Delays Plans to Scan Devices for Child Abuse Images After Privacy BacklashFBI: Spike in Sextortion Attacks Cost Victims $8 Million This YearNew Zealand Internet Outage Blamed on DDoS Attack on Nation’s Third Largest Internet ProviderBabuk Ransomware’s Full Source Code Leaked on Hacker ForumData Breach at Coalinga State Hospital (CA) Reveals Private Information on Nearly 1,800 PatientsPittsburgh Public Schools Alert Families to Mailing Error That Exposed Student, Parent InformationConti Ransomware Now Hacking Exchange Servers With ProxyShell ExploitsFIN7 Capitalizes on Windows 11 Release in Latest GambitWatch Out for New Malware Campaign’s ‘Windows 11 Alpha’ AttachmentGoogle’s TensorFlow Drops YAML Support Due to Code Execution FlawOver 60,000 Parked Domains Were Vulnerable to AWS HijackingOffice 365 to Let Admins Block Active Content on Trusted Docs
9/2/2021 September 2, 2021September 2, 2021 ~ The Cyber Beat ~ Leave a comment Biden Administration on Alert for Cyberattacks Ahead of Labor Day WeekendIndustry Groups Urge Lawmakers to Streamline Cyber Breach Reporting RulesFBI Warns of Ransomware Gangs Targeting Food, Agriculture OrgsTranslated Conti Ransomware Playbook Gives Insight Into AttacksChinese Regulators Summon 11 Ride-Hailing Firms, Including Didi, Over ‘Illegal Behavior’Chinese Authorities Arrest Hackers Behind Mozi IoT Botnet AttacksKrebs: Gift Card Gang Extracts Cash From 100k Inboxes DailyDigital State IDs Start Rollouts Despite Privacy ConcernsWhatsApp Fined €225m for GDPR Violations…To AppealAutodesk Reveals It Was Targeted by Russian SolarWinds HackersAtlassian Confluence Flaw Actively Exploited to Install Cryptominers Student, Teacher Personal Info Taken in Dallas Independent School District Data Theft98K Patients, Employees Impacted by CareATC (OK) Data BreachGoogle Play Sign-Ins Allow Covert Location-TrackingWhatsApp Photo Filter Bug Allows Sensitive Info to Be LiftedComcast RF Attack Leveraged Remotes for SurveillanceBluetooth Bugs Open Billions of Devices to DoS, Code ExecutionCisco Patches Critical Authentication Bug With Public Exploit
9/1/2021 September 1, 2021September 1, 2021 ~ The Cyber Beat ~ Leave a comment FTC Bars Alleged ‘Stalkerware’ Company and Its CEO From the Surveillance BusinessKrebs: 15-Year-Old Malware Proxy Network VIP72 Goes DarkBEC Scammers Seek Native English Speakers on UndergroundA Fake Banksy NFT Sold for More Than $300,000: Then the Buyer Got His Money BackAustralian Couple Admits “Serious Cyber Hacking Offenses”Twitter Adds Safety Mode to Automatically Block Online HarassmentCompanies Are Tired of Spending Money on Cybersecurity: Here’s How to Change Their MindsNSA: We ‘Don’t Know When or Even If’ a Quantum Computer Will Ever Be Able to Break Today’s Public-Key EncryptionLockBit Gang Leaks Bangkok Airways Data, Hits Accenture CustomersFired NY Credit Union Employee Nukes 21gb of Data in Revenge…Half of Businesses Can’t Spot These Signs of Insider Cybersecurity ThreatsLinphone SIP Stack Bug Could Let Attackers Remotely Crash Client DevicesGutenberg Template Library & Redux Framework Bugs Plague WordPress SitesHow to Block Windows Plug-and-Play Auto-Installing Insecure Apps
8/31/2021 September 1, 2021September 1, 2021 ~ The Cyber Beat ~ Leave a comment U.S. Officials, Experts Fear China Ransacked Exchange Servers for Data to Train AI SystemsCanada Accepted 7,300 More Immigration Applications Due to Technical BugAgencies Warn of Ransomware Threats Ahead of Labor Day WeekendLockFile Ransomware Uses Never-Before Seen Encryption to Avoid DetectionCoinbase Users Fear Hacking After Erroneous EmailsRegulators Tighten Scrutiny of Data Breach Disclosures by CompaniesUK Government Considers New Regulations for Video Streaming PlatformsLeaked Guntrader Firearms Data File SharedIndonesians Told to Delete Unsecured Tracing AppPersonal Health Info Potentially Exposed From Denton County (TX) COVID Vax ClinicsCybercriminal Sells Tool to Hide Malware in AMD, NVIDIA GPUsProxyware Services Open Orgs to AbuseFortress Home Security Open to Remote DisarmamentWooCommerce Pricing Plugin Allows Malicious Code-InjectionMicrosoft 365 Usage Analytics Now Anonymizes User Info by Default
8/30/2021 August 31, 2021August 31, 2021 ~ The Cyber Beat ~ Leave a comment Biden Administration Establishes Program to Recruit Tech Professionals to Serve in GovernmentRights Group Advises Afghans to Delete DataCISA: Don’t Use Single-Factor Auth on Internet-Exposed SystemsCISA to Host Third Annual President’s Cup Cybersecurity CompetitionSEC Sanctions Brokerages Over Email Break-InsArmy Testing Facial Recognition in Child-Care CentersChina Limits Online Video Games to Three Hours a Week for Young PeopleChinese A.I. Firm SenseTime Files for Hong Kong IPO despite Tech Crackdown and U.S. BlacklistElon Musk’s Loop Gets Autopilot — And an IntruderMicrosoft Azure Cosmos DB Incident Underscores the Need to Closely Watch Cloud DataLockBit Gang to Publish 103GB of Bangkok Air Customer DataDeFi Protocol Cream Finance Hacked for Second Time This YearDuPage Medical Group (IL) Notifying 600,000 Patients About a Data BreachPassport & Healthcare Info and Leaked From Indonesia’s COVID-19 Test-and-Trace App for TravelerNorthern Ontario Police Force Recovering From Ransomware AttackRansomware Attack on Swiss City Rolle Exposed Citizens’ DataHPE Warns Sudo Bug Gives Attackers Root Privileges to Aruba PlatformMicrosoft Exchange ‘ProxyToken’ Bug Allows Email SnoopingAMD Zen+, Zen 2 CPUs Vulnerable to AttackQNAP Works on Patches for OpenSSL Bugs Impacting Its NAS Devices
8/27-29/2021 August 30, 2021August 30, 2021 ~ The Cyber Beat ~ Leave a comment British Embassy Exposed Details of Afghan Workers during Rush to EvacuateWhite House Rallies Private Industry in Cyber BattleChina Plans to Ban U.S. IPOs for Data-Heavy Tech FirmsJustice Department Establishes Program to Train Prosecutors to Handle Cyber CasesFake DMCA Complaints, DDoS Threats Lead To BazaLoader MalwareAmazon Disables Website Used for ISIS PropagandaAmazon Web Services Will Give Free USB Security Keys to Some Employees of U.S.-Based CustomersRagnarok Ransomware Gang Bites the Dust, Releases DecryptorEthereum’s Blockchain Just Split in TwoBoston Public Library Discloses Cyberattack, System-Wide Technical OutageBangkok Airways Suffers Cyber AttackBilaxy Exchange Reports Hot Wallet Hacked, Amount Lost Still UnknownT-Mobile Confident No Ongoing Risks to User Data from Recent Hack…CEO: Hacker Brute-ForceMicrosoft Warns of Widespread Phishing Attacks Using Open RedirectsCritical Azure Cosmos DB Bug Allows Full Cloud Account TakeoverParallels Offers ‘Inconvenient’ Fix for High-Severity Bug
8/26/2021 August 26, 2021August 26, 2021 ~ The Cyber Beat ~ Leave a comment UK Plans New Post-Brexit Privacy Rules to Ease Data SharingChina’s Microsoft Hack May Have Had A Bigger Purpose Than Just SpyingT-Mobile Hacker Who Stole Data on 50 Million Customers: ‘Their Security Is Awful’The Real Victims of Mass Crypto-Hacks That Keep HappeningFBI Shares Technical Details for Hive RansomwareAngry Birds Developer Accused of Illegal Child Data CollectionSurveillance Tech Company Excession Technologies Ltd Sues Police Digital Service over ‘Flawed’ Scoring of Bids on £18m Contract171,000 Patients Exposed after Hackers Breach Illinois Physician Group EmailsWebsite For Cook County Clerk Of The Circuit County Down For Maintenance After Servers BreachedChinese Developers Expose Data Belonging to Android GamersSynology: Multiple Products Impacted by OpenSSL RCE VulnerabilityAtlassian Warns of Critical Confluence FlawVMware Issues Patches to Fix New Flaws Affecting Multiple Products
8/25/2021 August 25, 2021August 25, 2021 ~ The Cyber Beat ~ Leave a comment White House Gathers Tech, Education, Banking Leaders for Cyber Meeting…Biden: Cybersecurity Is the ‘Core National Security Challenge’…Google, Microsoft Plan to Spend Billions on Cybersecurity after Meeting with BidenU.S. Media, Retailers Targeted by New SparklingGoblin APTFIN8 Cybercrime Gang Backdoors U.S. Orgs with New Sardonic MalwareKrebs: Man Robbed of 16 Bitcoin Sues Young Thieves’ ParentsDrug Dealers Get 27 Years After Police Crack EncroChat CommsAustralia Passes Identify and Disrupt Bill73,000 Patients’ Data Affected in Ransomware Attack on Singapore Eye ClinicAtlanta Allergy & Asthma Sends Notice of Healthcare Data Breach to 9,800 PatientsCalifornia State University, Chico Data Breach Exposes Student Requests for Vaccine ExemptionsMirai-Style IoT Botnet Is Now Scanning for Router-Pwning Critical Vuln in Realtek KitCritical F5 BIG-IP Bug Impacts Customers in Sensitive SectorsEthereum Urges Go Devs to Fix Severe Chain-Split VulnerabilityMicrosoft: ProxyShell Bugs “Might Be Exploited,” Patch Servers Now!Microsoft Will Add Secure Preview for Office 365 Quarantined Emails
8/24/2021 August 25, 2021August 25, 2021 ~ The Cyber Beat ~ Leave a comment Amazon, Apple, Microsoft & Other CEOs Reportedly to Attend White House Cybersecurity MeetingBahraini Activists Targeted Using a New iPhone Zero-Day Exploit From NSO Group…New Zero-Click iPhone Exploit Used to Deploy NSO SpywareChinese Auto-Maker Accused of Altering Data after Fatal Autonomous Car AccidentHYCU Initiative Offers Free Evaluation for Ransomware Recovery ProspectsOver a Third of Smart Device Owners Do Not Take Security MeasuresSamsung Can Remotely Disable Their TVs Worldwide Using TV BlockCoinbase Slammed for What Users Say Is Terrible Customer Service after Hackers Drain Their AccountsCyber-thieves Scam Town of Peterborough (NH) Out of $2.3MCarePointe Ear, Nose and Throat (IN) Targeted in Ransomware AttackFake OpenSea Support Staff Are Stealing Cryptowallets and NFTSFake Apple Rep Amasses 620,000+ Stolen iCloud Pics, Vids in Hunt for Images of Nude Women to TradePysa Ransomware Gang’s Script Shows Exactly the Files They’re AfterCustom WhatsApp Build Delivers Triada MalwareSteelSeries Bug Gives Windows 10 Admin Rights by Plugging in a DeviceB. Braun Updates Faulty IV Pump after McAfee Discovers Vuln Allowing Attackers to Change Doses
8/23/2021 August 23, 2021August 23, 2021 ~ The Cyber Beat ~ Leave a comment UN-Backed Tech Group Adds Taliban to List of Terrorist OrganizationsSingapore, U.S. Pledge Deeper Collaboration in CybersecurityHackers Leak Footage of Iranian PrisonCompany Data Hoards Create Tempting Targets for HackersFBI: OnePercent Group Ransomware Targeted U.S. Orgs since Nov 2020CISA Warns Admins to Urgently Patch Exchange ProxyShell BugsHacker Behind $600 Million Crypto Heist Returns Final Slice of Stolen Funds…Gets 500k RewardNew Research Finds 38 Million Records Exposed Online Earlier This YearNokia Subsidiary SAC Wireless Discloses Data Breach after Conti Ransomware AttackPhishing Attack Exposes Medical Information for 12,000 Patients at Revere Health (UT)Researchers Detail Modus Operandi of ShinyHunters Cyber Crime GroupPhishing Campaign Uses UPS.com XSS Vuln to Distribute MalwareAttackers Actively Exploiting Realtek SDK FlawsRazer to Fix Windows Installer That Grants Admin Powers If You Plug in a Mouse
8/20-22/2021 August 23, 2021August 23, 2021 ~ The Cyber Beat ~ Leave a comment China Passes Major Data Protection Law as Regulatory Scrutiny on Tech Sector Intensifies…Jack Ma’s Costliest Business Lesson: China Has Only One LeaderState Department Hit by Cyber Attack, Source SaysUS Census Bureau Failed Breach Response, Watchdog SaysSchools, Colleges Brace for Cyberattacks as Students ReturnInside Afghanistan’s Cryptocurrency Underground as the Country Plunges into TurmoilCybersecurity Jobs: This Is What We’re Getting Wrong When Hiring – And Here’s How to Fix It“Cybersecurity Is the New Seat Belt” Says STX NextSynAck Ransomware Decryptor Lets Victims Recover Files for FreeWeb Censorship Systems Can Facilitate Massive DDoS AttacksWhy Phone Scams Are So Difficult to TackleKey QAnon Influencer ‘GhostEzra’ IdentifiedNew York Man Gets Three Years for Stealing Nude Photos from College VictimsT-Mobile Data Breach Just Got Worse — Now at 54 Million CustomersAT&T Denies Data Breach after Hacker Auctions 70 Million User DatabaseNYC Teachers’ Social Security Numbers ExposedTwin Falls County (ID) Identifies Ransomware as Source of Computer ProblemsPersonal Data Breached in Rockwood School District (MO) Ransomware AttackMozi IoT Botnet Now Also Targets Netgear, Huawei, and ZTE Network GatewaysMicrosoft Exchange Servers Being Hacked by New LockFile RansomwareLockFile Ransomware Uses PetitPotam Attack to Hijack Windows DomainsCloudflare Mitigated One of the Largest DDoS Attack Involving 17.2 Million RPSPegasus iPhone Hacks Used as Lure in Extortion SchemeRazer Bug Lets You Become a Windows 10 Admin by Plugging in a MouseMicrosoft Shares Guidance on Securing Windows 365 Cloud PCs
8/19/2021 August 19, 2021August 19, 2021 ~ The Cyber Beat ~ Leave a comment North Korea Linked APT InkySquid Exploiting Known IE BugsThe Pandemic Revealed the Health Risks of Hospital Ransomware AttacksCOVID-19 Contact-Tracing Data Exposed, Fake Vax Cards CirculateYou Can Post LinkedIn Jobs as Any Employer — So Can AttackersWanted: Disgruntled Employees to Deploy Ransomware (Krebs)CISA Shares Guidance on How to Prevent Ransomware Data BreachesFacebook Hit With New Antitrust Suit From Federal Trade CommissionWoman’s Facebook Account Hacked, Loses More than a Decade’s Worth of FriendsCEO Tried Funding His Startup by Asking Insiders to Deploy RansomwareFlorida Women Charged Over Sexually Exploitative Child Modeling SitesMore than $90 Million in Cryptocurrency Stolen from Japanese Exchange LiquidJPMorgan Chase Notifies Montana Customers of Data BreachBrazil’s Clothing Chain Renner Suffers Ransomware Attack and Systems Are DownData Stolen as Social Housing Group Suffers Ransomware AttackAttempted Marion County (IN) Cyberattack Delaying Some Death CertificatesWhat To Do If You Think You’re Affected by the T-Mobile BreachRansomware: Amateur Attack Shows How Clueless Criminals Are Trying to Get In on the ActionCritical Cisco Bug in Small Business Routers to Remain UnpatchedHackers Can Bypass Cisco Security Products in Data Theft AttacksNew Unofficial Windows Patch Fixes More PetitPotam Attack Vectors
8/18/2021 August 19, 2021August 19, 2021 ~ The Cyber Beat ~ Leave a comment Census Bureau Computer Servers Target of January 2020 CyberattackHacks Rank Among Top Power Grid Risks, Watchdog SaysChina Orders Annual Security Reviews for All Critical Information Infrastructure OperatorsFacebook Shares AI Advancements Improving Content ModerationFeds Expected to Reveal New Strategy in Facebook Antitrust FightBitcoin Mixer Owner Pleads Guilty to Laundering over $300 MillionAirline Employee Jailed for Spending Passengers’ MoneyKrebs: T-Mobile Breach Exposed SSN/DOB of 40M+ People…U.S. Telecoms Agency to Probe T-Mobile Data BreachPine Labs Faces Alleged Data Breach; 50,000 Unique Records ExposedBogus Cryptomining Apps Infest Google PlayHolesWarm Malware Exploits Unpatched Windows, Linux ServersDiavol Ransomware Sample Shows Stronger Connection to TrickBot GangGitHub Urges Users to Enable 2FA after Going Passwordless
8/17/2021 August 17, 2021August 17, 2021 ~ The Cyber Beat ~ Leave a comment Rubio Reiterates Calls for TikTok Ban after China’s Reported Ownership StakeFacebook Says It Will Keep Ban on Taliban Content…WhatsApp Can’t Ban the Taliban Because It Can’t Read Their TextsIranian APT Hackers Impersonate HR Employees to Hit Israeli TargetsBrazilian Government Discloses National Treasury Ransomware AttackConti Ransomware Prioritizes Revenue and Cyberinsurance Data TheftLockBit 2.0 Ransomware Proliferates GloballyPhishing Costs Reach New High of $14.8M for Large CompaniesCrypto Platform Hit by $600 Million Heist Asks Hacker to Become Its Chief Security AdvisorChicago Pharmacist Arrested After Selling CDC COVID-19 Vaccination Cards On eBayApple: CSAM Image-Detection Backdoor ‘Narrow’ in ScopeChase Bank Accidentally Leaked Customer Info to Other CustomersRecords Missing from Illinois Vaccination PortalIndiana Contact Tracing Data BreachedJapan’s Tokio Marine Is the Latest Insurer to Be Victimized by RansomwareKrebs: T-Mobile Investigating Claims of Massive Data BreachMalicious Ads Target Cryptocurrency Users With Cinobi Banking TrojanMalware Campaign Uses Clever ‘CAPTCHA’ to Bypass Browser WarningBug in Millions of Flawed IoT Devices Lets Attackers EavesdropCISA Releases Alert on BadAlloc Vulnerability in BlackBerry ProductsIf You Haven’t Updated ThroughTek DVR since 2018 Do So Now, Warns Mandiant of Critical VulnFortinet Delays Patching Zero-Day Allowing Remote Server Takeover
8/16/2021 August 16, 2021August 16, 2021 ~ The Cyber Beat ~ Leave a comment Afghan Broadcasters for U.S. Government Radio Fear Taliban BacklashSecret Terrorist Watchlist with 2 Million Records Exposed OnlineColonial Pipeline Reports Data Breach after May Ransomware AttackTech Hack Notification Delays Can Leave Corporate Customers in the LurchAnonymous Messaging App Yik Yak Returns after 4-Year ShutdownTesla Autopilot Faces U.S. Safety Regulator’s Scrutiny after Crashes with Emergency VehiclesEducation Giant Pearson Fined $1M for Downplaying Data BreachSim Swap Scammer Pleads Guilty to Instagram Account Hijacks, Crypto TheftT-Mobile Confirms Servers Were Hacked, Investigates Data BreachDallas Cops Lost 8TB of Criminal Case Data during Bungled MigrationSUNY Research Foundation Breach Potentially Affects 47,000Malware Dev Infects Own PC and Data Ends up on Intel PlatformTroubling New Disk-Level Encryption Ransomware ‘DeepBlueMagic’ SurfacesXSS Bug in SEOPress WordPress Plugin Allows Site TakeoverDozens of STARTTLS Related Flaws Found Affecting Popular Email ClientsCritical Valve Bug Lets Gamers Add Unlimited Funds to Steam Wallets
8/13-15/2021 August 16, 2021August 16, 2021 ~ The Cyber Beat ~ Leave a comment Crypto Hacker Offered Reward After $600m Heist…How Hackers Stole and Returned $600M in Tokens From Poly NetworkUN Calls for Moratorium on Sale of Surveillance Tech Like NSO Group’s PegasusKrebs: New Anti Anti-Money Laundering Services for CrooksSynAck Ransomware Releases Decryption Keys After El_Cometa RebrandMysterious Hacker Group Suspected in July Cyberattack on Iranian TrainsCost of Cyberattacks Significantly Higher for Smaller Healthcare OrganizationsApp Store Competition Targeted by Bipartisan Senate BillSenators Want Answers About Amazon’s Biometric Data CollectionAmazon’s Plan to Track Worker Keystrokes: A Sign of Controls to Come?Facebook Adds End-to-End Encryption for Audio and Video Calls in MessengerMicrosoft Teams Will Alert Users of Incoming Spam CallsHacker Claims to Steal Data of 100 Million T-Mobile CustomersFord Bug Exposed Customer and Employee Records From Internal SystemsEmails From Lithuanian Ministry of Foreign Affairs for Sale on Data-Trading ForumCyberattack Hits Israel’s Bar Ilan University: ‘Data Is Being Erased Right Now’Memorial Health Systems (OH) Experiences Cyber AttackU.S. Brokers Warned of Ongoing Phishing Attacks Impersonating FINRAWordPress Sites Abused in Aggah Spear-Phishing CampaignCyberattackers Embrace CAPTCHAs to Hide Phishing, MalwareHackers Spotted Using Morse Code in Phishing Attacks to Evade DetectionVice Society Ransomware Joins Ongoing PrintNightmare AttacksResearchers Find Vulns in Wodify Gym Management Web App Used With CrossFitWindows 365 Exposes Microsoft Azure Credentials in Plaintext