1/19/2022 January 19, 2022January 19, 2022 ~ The Cyber Beat ~ Leave a comment Biden Administration Sets New Requirements for U.S. Secure NetworksOfficial Beijing 2022 Olympics Mobile App Is Marred by Security Flaws, Researchers SayUK’s Cyber Security Center Publishes New Guidance to Fight SmishingCloned Dept. of Labor Site Hawks Fake Government ContractsCISA Urges U.S. Orgs to Prepare for Data-Wiping CyberattacksKrebs: IRS Will Soon Require Selfies for Online AccessFacebook Messenger: The Battle Over End-To-End EncryptionEurope’s Move Against Google Analytics Is Just the BeginningMan Charged with Smuggling Tech Exports to IranInterpol and Nigerian Police Bust Cybercrime BEC RingRed Cross Hit With Cyberattack That Compromised Data of 515,000 ‘Highly Vulnerable People’Marketing Giant RR Donnelly Confirms Data Theft in Conti Ransomware AttackAditya Birla Fashion Says Back After Data Breach; Hackers Say Site Still VulnerableVisalia Unified School District (CA) Says ‘Ransomware Attack Failed’Russian Hackers Heavily Using Malicious Traffic Direction System to Distribute MalwareNew BHUNT Malware Targets Your Crypto Wallets and PasswordsMicrosoft: SolarWinds Fixes Serv-U bug Exploited for Log4j AttacksDeloitte Launches New SaaS Cyber Threat Detection and Response PlatformUkraine: Cyber Warfare — Call It What It Is
1/18/2022 January 19, 2022January 19, 2022 ~ The Cyber Beat ~ Leave a comment Israel Police Uses NSO’s Pegasus to Spy on CitizensU.S. Aims Sanctions at Pro-Russian Agents as Blinken Plans Ukraine, Russia MeetingsPoland Raises Cybersecurity Terror Threat After Ukraine Cyber AttackGloucester Council Cyber Attack Linked to Russian HackersFrom 6G to Big Data, China Is Looking to Boost Tech’s Share of Its EconomyBeijing 2022 Winter Olympics App Bursting With Privacy RisksWinter Olympics: Athletes Advised to Use Burner Phones in BeijingAirlines Warn of ‘Catastrophic’ Crisis When New 5G Service Is DeployedDrugmaker Gilead Alleges Counterfeiting Ring Sold Its HIV DrugsWill 2022 Be the Year of the Software Bill of Materials?Half of Global Cyber Defence Investment Has Been in Israel -PM BennettEuropol Shuts Down VPNLab, Cybercriminals’ Favourite VPN ServiceDemocrats Propose Bill to Ban “Surveillance Advertising”Parasol’s Sister Firms, SJD Accountancy and Nixon Williams, Confirm CyberattackFashion Giant Moncler Confirms Data Breach After Ransomware AttackEntira Family Clinics (MN) Notifies Patients of Data Breach 1 Year LaterOscar Health Notifies Members of Data BreachCrypto.com Acknowledges ‘Unauthorized Activity’ on Servers, Maintains No Funds LostTelegram Is a Hotspot for the Sale of Stolen Financial AccountsCybercriminals Actively Target VMware vSphere with Cryptominers‘White Rabbit’ Ransomware May Be FIN8’s Latest ToolResearchers Bypass SMS-based Multi-Factor Authentication Protecting Box Accounts‘Zero-Click’ Zoom Vulnerabilities Could Have Exposed Calls Raises ConcernsMicrosoft Issues Out-of-Band Update for Patch Tuesday ProblemsOrganizations Face a ‘Losing Battle’ Against VulnerabilitiesOpen Source Developers, Who Work for Free, Are Discovering They Have Power
1/17/2022 January 17, 2022January 17, 2022 ~ The Cyber Beat ~ Leave a comment Destructive Hacks Against Ukraine Echo Its Last CyberwarCyber Espionage Campaign Targets Renewable Energy CompaniesDHL, Microsoft, WhatsApp Top Phishing List of Most Imitated BrandsNintendo Warns of Spoofed Sites Pushing Fake Switch DiscountsFirefox Relay’s Addition to Disposable Email Blocklist Upsets UsersUmbrella Company Parasol Group Confirms Cyber Attack as ‘Root Cause’ of Prolonged Network OutageUK – Brookson Legal Hit by Cyber-Attack, Confirms No Data Was RemovedJackson Hospital (FL) Fends off Recent Ransomware AttackMicrosoft: Edge Will Mitigate ‘Unforeseen Active’ Zero Day BugsZoho Patches New Critical Authentication Bypass in Desktop CentralChrome Limits Websites’ Direct Access to Private Networks for Security Reasons
1/14-16/2022 January 17, 2022January 17, 2022 ~ The Cyber Beat ~ 1 Comment Krebs: At Request of U.S., Russia Rounds Up 14 REvil Ransomware Affiliates…Biden Administration Says Russia Arrested Colonial Pipeline Hacker…What Russia’s Arrest of REvil Hackers Means for RansomwareUkraine: ‘Massive Cyber Attack’ Shuts Down Government Websites…Hackers Likely Used Software Administration Rights of Third Party to Hit Ukrainian Sites, Kyiv Says…Some Signs That Cyber Attack Linked to Hacker Groups Associated With Russia…Ukraine Suspects Group Linked to Belarus Intelligence Over Cyberattack…Microsoft: Fake Ransomware Targets Ukraine in Data-Wiping Attacks…No Lights, No Heat, No Money – That’s Life in Ukraine During Cyber Warfare…U.S. Offers Support After Ukraine Hit By Massive Cyberattack…U.S. Considers Backing an Insurgency if Russia Invades UkraineResearchers Develop CAPTCHA Solver to Aid Dark Web ResearchThe Race Towards Renewable Energy Is Creating New Cybersecurity RisksStates Push Forward With Facebook Antitrust Case, Reportedly Probe VR UnitFormer DHS Official Charged With Stealing Gov’t Employees’ PIIProsecutors Recommend Dropping Case Over China Ties Against MIT ScientistDefense Contractor Hensoldt Confirms Lorenz Ransomware AttackGoodwill Discloses Data Breach on Its ShopGoodwill PlatformCrawford County (AR) Grappling With Ransomware Attack AftermathMulti-Day IT Systems Outage Whacks Umbrella Biz Parasol Group Amid Fears of a Cyber AttackGoogle Might’ve Accidentally Approved an Ad for a Target Gift Card ScameNom Data Center Migration Mistakenly Knocks Sites Offlinenpm Dependency Is Breaking Some React Apps Today — Here’s the FixWatch Out, That Microsoft Edge Update Is Actually RansomwareQLocker Ransomware Returns to Target QNAP NAS Devices WorldwideSafari 15 Bug Can Leak Your Recent Browsing Activity and Personal IdentifiersThree Plugins With Same Bug Put 84k WordPress Sites at RiskCritical Cisco Contact Center Bug Threatens Customer-Service HavocFlaw Found in IDEMIA Biometric ID DevicesNew Intel Chips Won’t Play Blu-Ray Disks Due to SGX DeprecationThe Cybersecurity Measures CTOs Are Actually ImplementingWhy Is Data Destruction the Best Way to Impede Data Breach Risks?If You Use The Same Password Everywhere, This is For You
1/13/2022 January 14, 2022January 14, 2022 ~ The Cyber Beat ~ Leave a comment Apple, Amazon Executives to Meet With White House to Discuss Software SecurityGoogle Calls for New Government Action to Protect Open-Source Software ProjectsFCC Proposes New Data Breach Rules for Phone CompaniesNSO Group Spyware Targeted Dozens of Reporters in El SalvadorNorth Korean Hackers Stole Almost $400M in Cryptocurrency in 2021BlueNoroff Hackers Steal Crypto Using fake MetaMask ExtensionUkrainian Cops Nab Husband and Wife Suspected to Be Part of $1M Ransomware OperationFlorida Woman Vice Principal Charged with Cyber-StalkingCarding Site UniCC Retires After Generating $358 Million in SalesHow Cryptojacking Can Raise Your Energy BillsCybersecurity Labels for Products?North Port (FL) Officials Investigate Potential Hack on City NetworkNew GootLoader Campaign Targets Accounting, Law FirmsAdobe Cloud Abused to Steal Office 365, Gmail CredentialsResearchers Decrypted Qakbot Banking Trojan’s Encrypted Registry KeysMicrosoft Defender Weakness Lets Hackers Bypass Malware DetectionMicrosoft Yanks Buggy Windows Server UpdatesWindows ‘RemotePotato0’ Zero-day Gets An Unofficial PatchAndroid Users Can Now Disable 2G to Block Stingray AttacksAWS Fixes Security Flaws That Exposed AWS Customer Data…New Vulnerabilities Highlight Risks of Trust in Public Cloud
1/12/2022 January 13, 2022January 13, 2022 ~ The Cyber Beat ~ Leave a comment U.S. Links MuddyWater Hacking Group to Iranian Intelligence AgencyHackers Take Over Diplomat’s Email, Target Russian Deputy MinisterTeen Hacker Claims Ability to Control 25 Teslas WorldwideThe Latest Phishing Scam: Fraudulent QR Codes on Parking MetersStolen TikTok Videos, Bent on Fraud, Invade YouTube ShortsKrebs: Who is the Network Access Broker ‘Wazawaka?’Inside the December Ransomware Hit at Nordic Choice HotelsEU to Stage Large-Scale Cyberattack Exercise on Supply ChainsThe ESA Wants You to Hack Its Satellite for Cybersecurity ReasonsTwo Years for UK Man Who Used RATs to Spy on Women and ChildrenMedical Review Institute of America (MRIoA) Reports Data BreachFIFA Ultimate Team Account Takeovers Plague EA GamersCyber Attack Causes Albuquerque Public Schools to Cancel Classes ThursdayRansomware to Blame for Maryland Department of Health Service DelaysOceanLotus Hackers Turn to Web Archive Files to Deploy BackdoorsMagniber Ransomware Using Signed APPX Files to Infect SystemsTellYouThePass Ransomware Returns as a Cross-platform Golang ThreatAmazon, Azure Clouds Host RAT-ty Trio in Infostealing CampaignWidespread, Easily Exploitable Windows RDP Bug Opens Users to Data TheftApple Fixes doorLock Bug That Can Disable iPhones and iPads
1/11/2022 January 12, 2022January 12, 2022 ~ The Cyber Beat ~ Leave a comment World Economic Forum: Cybersecurity an Increasing Global ThreatCISA Alerts Federal Agencies of Ancient Bugs Still Being ExploitedCISA: Russian State-Sponsored Groups Exploited Vulnerabilities in Microsoft, Cisco, Oracle ToolsNew RedLine Malware Version Spread as Fake Omicron Stat CounterDDoS Attacks That Come Combined With Extortion Demands Are on the RiseKaspersky Research Uncovers Cybersecurity Budgets, Insurance, and Vendor Expectations for 2022Top Jobs in the U.S.: Information Security Analyst, #1Moxie Marlinspike Leaves Encrypted-Messaging App SignalMedigate Acquired by ClarotyPentera Announces $150M Series C at $1 Billion Valuation to Disrupt Legacy Vulnerability Management MarketA Missouri Reporter Is Getting Blamed For the Security Flaw He ExposedFinalSite: No School Data Stolen in Ransomware Attack Behind Site OutagesChildren’s Data Is Showing up More Often on the Dark WebBernalillo County (NM) Ransomware Attack Left Jail Offline, Leaving Inmates in Lockdown‘Fully Undetected’ SysJoker Backdoor Malware Targets Windows, Linux & macOSMillions of Routers Exposed to RCE by USB Kernel BugFour Million Outdated Log4j Downloads Were Served From Apache Maven Central Alone Despite Vuln Publicity BlitzCritical SonicWall NAC Vulnerability Stems from Apache ModsState Hackers APT35 Use New PowerShell Backdoor in Log4j AttacksNight Sky Ransomware Uses Log4j Bug to Hack VMware Horizon ServersFirefox Focus Now Blocks Cross-Site Tracking on Android DevicesKrebs: ‘Wormable’ Flaw Leads January 2022 Patch Tuesday
1/10/2022 January 10, 2022January 10, 2022 ~ The Cyber Beat ~ Leave a comment Cyber-Spike 2021: Orgs Suffer 925 Attacks per Week, an All-Time HighCISA Director: ‘We Have Not Seen Significant Intrusions’ From Log4j…. YetExtortion DDoS Attacks Grow Stronger and More Common‘PatchWork’ Cyberspies Infect Themselves With Their Own Malware, Exposing OperationsWhy Politically Motivated Cyber-Attacks Are a Threat to DemocracyThe End of Car Keys, Passwords and Fumbling With Your Phone at CheckoutCastor, Schakowsky Seek Information on Children’s Online Safety ProgramEuropol Ordered to Erase Data on Those Not Linked to CrimeUK Jails Forensics Expert Who Kept Murder Snaps on PCCyber-Thieves Raid Grass Valley (CA)Loyola Medical Center (IL) Email Breach Exposes Nearly 17,000 Patients’ InfoSingapore Retailer OG Hit by Data BreachRagnar_Locker Claims Successful Hack Of Broomfield (CO) Cybersecurity FirmPanasonic Says Hackers Accessed Personal Data of Job Candidates During November AttackAbcbot Botnet Linked to Operators of Xanthe Cryptomining MalwareLinux Version of AvosLocker Ransomware Targets VMware ESXi ServersURL Parsing Bugs Allow DoS, RCE, Spoofing & MoreMicrosoft: Powerdir Bug Gives Access to Protected macOS User DataWordPress 5.8.3 Security Update Fixes SQL Injection, XSS Flaws
1/6-9/2022 January 10, 2022January 10, 2022 ~ The Cyber Beat ~ Leave a comment Hackers Have Been Sending Malware-Filled USB Sticks to U.S. Companies Disguised as PresentsTrojanized dnSspy App Drops Malware Cocktail on Researchers, DevsU.S. Counterintelligence Shares Tips to Block Spyware AttacksChina’s Next Regulatory Target — Algorithms, the Secret of Many Tech Giants’ SuccessWalmart in China’s Spotlight Again as Regulator Cites InfractionsMonsanto Employee Stole Trade Secret to Sell to ChinaEoL Systems Stonewalling Log4j Fixes for Fed AgenciesAttackers Exploit Flaw in Google Docs’ Comments FeatureGoogle Voice Authentication Scam Leaves Victims on the HookCOVID Test Data Breach at British SchoolKrebs: Norton 360 Now Comes With a Cryptominer…Krebs: 500M Avira Antivirus Users Introduced to Cryptomining…This Tesla Owner Says He Mines up to $800 a Month in Cryptocurrency With His CarFrance Fines Google, Facebook for Privacy ViolationsFacebook Launches ‘Privacy Center’ to Educate Users on Data Collection and Privacy OptionsSwiss Army Bans All Chat Apps but Locally-Developed ThreemaU.S. Arrests Suspect Who Stole Unpublished Books in Phishing AttacksVictims of $200 Million Hack of BitMart Crypto Exchange Still Waiting to Get Their Money Back…Iranian Immigrant Lost $53,000 in Crypto Hack, Says He Faces Ruin if BitMart Doesn’t Pay Him BackThousands of Schools Impacted After IT Provider Finalsite Hit by RansomwareCyberattackers Hit Data of 80K Patients at Fertility Centers of IllinoisCiox Health Data Breach Affects AdventHealth, Northwestern and 30 More Providers3.7M FlexBooker Records Dumped on Hacker ForumU.S. Online Pharmacy Ravkoo Links Data Breach to AWS Portal IncidentSonicWall: Y2K22 Bug Hits Email Security, Firewall ProductsNight Sky Is the Latest Ransomware Targeting Corporate NetworksFluBot Malware Now Targets Europe Posing as Flash Player AppDev Corrupts NPM Libs ‘Colors’ and ‘Faker’ Breaking Thousands of AppsQNAP: Get NAS Devices Off the Internet NowPartially Unpatched VMware Bug Opens Door to Hypervisor TakeoverNHS Warns of Hackers Exploiting Log4Shell in VMware HorizonLog4J-Related RCE Flaw in H2 Database Earns Critical RatingRapid Window Title Changes Cause ‘White Screen of Death’Cybersecurity Training Isn’t Working. And Hacking Attacks Are Only Getting WorseCybersecurity Moving Forward: Four Big Things to Watch in 2022
1/5/2022 January 5, 2022January 5, 2022 ~ The Cyber Beat ~ Leave a comment China Says Apps That Could Influence Public Opinion Require a Security ReviewU.S. Army Journal’s Top Paper From 2021 Says Taiwan Should Destroy TSMC if China InvadesProgressives Put Pressure on GoogleHow Ransomware Gangs Went ProDefending Against Modern Ransomware TacticsPutting Ransomware Gangs Out of Business With AIWhy Words Matter In Cybersecurity‘Bulli Bai’ Three Arrested in India for Online Harassment of Muslim Women1.1M Compromised Accounts Found at 17 Major Companies: NY AG70 Investors Lose $50 Million to Fraudsters Posing as Broker-DealersCrypto Platform ARBIX Flagged as a Rugpull, Transfers $10 MillionCanadian Heavy Equipment Maker Weldco-Beales Confirms Cyber Attack by KarakurtFranklin Park Conservatory (OH) Experiences Data Breach; Notifying Affected PatronsBernalillo County (NM) Reports Suspected Ransomware AttackSamoan Meteorology Service (SMS) Website May Have Suffered Cyber Attack‘Elephant Beetle’ Lurks for Months in Networks‘Malsmoke’ Exploits Microsoft’s E-Signature Verification Using ZloaderiOS Malware Can Fake iPhone Shut Downs to Snoop on Camera, MicrophoneGoogle Chrome Update Includes 37 Security FixesMicrosoft Defender for Endpoint Adds Zero-Touch iOS OnboardingCrowdStrike Incorporates Intel CPU Telemetry Into Falcon Sensor
1/4/2022 January 4, 2022January 4, 2022 ~ The Cyber Beat ~ Leave a comment FTC Warns Companies to Secure Consumer Data From Log4j AttacksFears Mount About Russian Cyberattacks in UkraineChina to Make Some Firms Undergo a Data Security Review Before Listing OverseasComing to a Laptop Near You: A New Type of Security Chip From Microsoft: ‘Pluton’; AMD to Integrate Into Upcoming Ryzen CPUsUpskilling, Better Training Keys to Increasing Cyber Talent PoolOpportunity Not Fear: Reframing Cybersecurity to Build a Safer Net for AllCome the Metaverse, Can Privacy Exist?Bulli Bai: India App That Put Muslim Women up for Sale Is ShutGoogle Acquires its First Non-American Cybersecurity Firm SiemplifyHave I Been Pwned Warns of DatPiff Data Breach Impacting MillionsData Skimmer Hits 100+ Sotheby’s Real Estate WebsitesUScellular Discloses Data Breach After Billing System HackCyberattack Hits Quasi-State Agency Illinois Office of the Special Deputy Receiver (OSD) For $6.8 MillionMontreal Tourism Agency Confirms Cyber AttackCarthage Schools (MO) Confirm Ransomware Attack Caused Outage in DecemberMcMenamins December Data Breach Affects 12 Years of Employee InfoSAILFISH System to Find State-Inconsistency Bugs in Smart Contracts
1/3/2022 January 4, 2022January 4, 2022 ~ The Cyber Beat ~ Leave a comment Companies Face Stricter Cyber Rules in 2022Novel Method for Detecting Evasive Malware on IoT Devices Using Electromagnetic Field EmanationsLog4j Highlights Need for Better Handle on Software DependenciesDon’t Copy-Paste Commands From Webpages — You Can Get HackedMicrosoft Skype Makes You Solve a Complex CAPTCHA 10 Times to Sign UpConnecting the Dots on Diversity in Cybersecurity RecruitmentCreating the Next Generation of Secure DevelopersUK Defence School Hit by Sick Cyber Attack by ‘Russia or China’ Causing ‘Significant’ Damage in Early 2021Jerusalem Post Targeted by Pro-Iranian Hackers on Soleimani Assassination AnniversaryPortuguese Media Group Impresa Knocked Offline in Ransomware AttackPurple Fox Malware Distributed via Malicious Telegram InstallersAn Apple HomeKit Bug Can Send iOS Devices Into a Death SpiralMicrosoft Issues Fix for Exchange Y2K22 Bug That Crippled Email Delivery Service
12/31/2021-1/2/2022 January 2, 2022January 2, 2022 ~ The Cyber Beat ~ Leave a comment Fake Vaccine Card Sales a Booming Business as Omicron SurgesThe Biggest Data Breaches, Hacks of 2021Top Cybersecurity and Tech Stories of 2021Top 10 Healthcare Breaches in the U.S. Exposed Data of 19 MillionCopycat and Fad Hackers Will Be the Bane of Supply Chain Security in 2022Tech That Will Change Your Life in 2022Can Social Media Alter a War?Cyber Attack Disrupts Gloucestershire Council’s WebsitePulseTV Discloses Potential Compromise of 200,000 Credit CardsBroward Health (FL) Suffers Data Breach, Including Medical Info, Through 3rd PartyPopular Q&A App Curious Cat Loses Domain, Posts Bizarre TweetsUber Ignores Vulnerability That Lets You Send Any Email From Uber.comNetgear Leaves Vulnerabilities Unpatched in Nighthawk Router
12/30/2021 December 31, 2021December 31, 2021 ~ The Cyber Beat ~ Leave a comment 2021: Tech’s Big YearAn Amazon Lawsuit Encounters a Big Snag: A Judge With a Conflict of InterestConfusing Data Breach in Rhode Island Leads to AG InvestigationIn the Fight Against Cybercrime, Takedowns Are Only TemporaryTwitter Account of FBI’s Fake Chat App, ANOM Seen Trolling TodayHave I Been Pwned Adds 441k Accounts Stolen by Redline MalwareKyoto University Loses 77TB of Research Data Due to Backup ErrorCyberattack Cripples Norway’s AmediaSega Narrowly Avoids Huge Data Breach, Thanks to Security FirmPick N Pay Denies Customer Data Was Exposed Online Despite ‘Glitch’New iLOBleed Rootkit Targeting HP Enterprise Servers with Data Wiping AttacksFirmware Attack Can Drop Persistent Malware in Hidden SSD Area
12/29/2021 December 30, 2021December 30, 2021 ~ The Cyber Beat ~ Leave a comment Cyber Agency Warns of Increased Threats to Manufacturing Groups During PandemicHackers Are Getting Better and Better at Defeating Your 2FA SecurityOne in Five Aged Domains Is Malicious, Risky, or UnsafeRansomware Gang AvosLocker Coughs up Decryptor After Realizing They Hit the Police5 Cybersecurity Trends to Watch in 20226 Things in Cybersecurity We Didn’t Know Last YearHappy 12th Birthday, KrebsOnSecurity.com!China-Based ‘Aquatic Panda’ Infiltrated Academic Institution Through Log4j VulnFintech Firm ONUS Hit by Log4j Hack Refuses to Pay $5 Million RansomMicrosoft Defender Log4j Scanner Triggers False Positive AlertsLastPass Says No Passwords Were Compromised Following Breach ScareCryptomining Attack Exploits Docker API Misconfiguration Since 2019Polygon Justifies Its Quiet Hard-Fork Citing ‘Critical Vulnerability’
12/28/2021 December 28, 2021December 28, 2021 ~ The Cyber Beat ~ Leave a comment Log4j 2.17.1 Out Now, Fixes New Remote Code Execution BugBiden Signs NDAA Relying on Voluntary Private-Sector Cybersecurity CollaborationCongress Zooms in on Cybersecurity After Banner Year of AttacksWashington Grapples With How to Expand Crypto OversightIn 2022, Cybersecurity Will Be Linux and Other Open-Source Developers Real Job Number OneA Year in Microsoft Bugs: The Most Critical, Overlooked & Hard to PatchRedLine Malware Shows Why Passwords Shouldn’t Be Saved in BrowsersLastPass Users Warned Their Master Passwords Are CompromisedT-Mobile Reportedly Suffers Another, Smaller Data BreachMon Health (WV) Reports Email Phishing Incident, Potential Data BreachSecurity Breach at Duneland School Corp (IN)Most of CompuGroup Medical’s Systems Back Online After Ransomware AttackNew Info States Pro Wrestling Tees Data Breach Occurred In April, Affected 31,000 PeopleNew Flagpro Malware Linked to Chinese State-Backed Hackers ‘BlackTech’ APTExperts Detail Logging Tool of DanderSpritz Framework Used by Equation Group HackersRiskware Android Streaming Apps Found on Samsung’s Galaxy Store
12/27/2021 December 27, 2021December 27, 2021 ~ The Cyber Beat ~ Leave a comment European Privacy and Antitrust Regulators Join Forces on Corporate DataJapan, U.S. to Team Up Against RansomwareData Assessment, User Consent Key to Compliance With China LawShutterfly Hit by Conti Ransomware Attack, Impacting Multiple BusinessesQNAP NAS Devices Hit in Surge of ech0raix Ransomware AttacksTop 5 Stories of 2021
12/24-26/2021 December 26, 2021December 26, 2021 ~ The Cyber Beat ~ Leave a comment Multiple Log4j Scanners Released by CISA, CrowdStrikeFaking a COVID-19 Vaccine Card in New York Can Now Get You a Year in JailDridex Omicron Phishing Taunts With Funeral Helpline NumberFrom Airport WiFi to ‘Juice Jacking’: 7 Ways to Protect Your Data When TravelingRussia Fines Google $100m Over “Illegal” ContentHow to Avoid Falling Into China’s ‘Data Trap’Global IT Services Provider Inetum Hit by Ransomware AttackAndroid Banking Trojan Targeting Brazil’s Itaú Unibanco Spreads via Fake Google Play Store PageRook Ransomware Is Yet Another Spawn of the Leaked Babuk CodeJackson Public Schools (MS) Ups Cybersecurity After 2020 Hacker AttackWorst Hacks of 2021BlackMagic Fixes Critical DaVinci Resolve Code Execution Flaws
12/23/2021 December 23, 2021December 23, 2021 ~ The Cyber Beat ~ Leave a comment White House National Security Adviser Asks Software Companies to Discuss CybersecurityConsumers Warned of Surging Delivery Text Scams Ahead of Christmas‘Spider-Man: No Way Home’ Download Installs CryptominerPhishing Victim Can’t Claim $5 Million Loss for Money It Never ‘Held’Texas Man Convicted for BEC Scam on Idaho School DistrictRussian Hacker’s $1.7M Restitution Order OverturnedRussian Social Media Platform VK Introduces 2FA and Plans to Make It Mandatory in 20227 of the Most Impactful Cybersecurity Incidents of 2021Albanian Prime Minister Apologizes Over Database LeakTelegram Abused to Steal Crypto-Wallet CredentialsPhishing Campaign Targets CoinSpot Cryptoexchange 2FA CodeStealthy BLISTER Malware Slips in Unnoticed on Windows SystemsAvosLocker Ransomware Reboots in Safe Mode to Bypass Security ToolsFisher Price’s Bluetooth Reboot of Pre-school Play Phone Has Adult Privacy FlawApple Fixes macOS Security Flaw Behind Gatekeeper Bypass
12/22/2021 December 23, 2021December 23, 2021 ~ The Cyber Beat ~ Leave a comment VP Harris Calls for ‘Cyber Doctrine’ to Address Increasing AttacksFive Eyes Nations Warn of Cyber Threats From Apache Log4j VulnerabilityNVIDIA Discloses Applications Impacted by Log4j VulnerabilityLog4j Flaw: Attackers Are ‘Actively Scanning Networks’ Warns New CISA GuidanceLog4j Reveals Cybersecurity’s Dirty Little SecretChina Suspends Cloud Deal With Alibaba for Not Sharing Log4j 0-Day First With the GovernmentUK Cybercrime Cops Arrest NHS WorkersRideshare Account Hacker Faces up to 22 Years in PrisonHoneypot Experiment Reveals What Hackers Want From IoT DevicesBEC Attack on Monongalia Health (WV) SystemUbisoft Reveals Player Data Breach Came from User ErrorNJ Volunteer EMS Agency Says Patient Data Was BreachedDridex Malware Trolls Employees With Fake Job Termination EmailsMicrosoft Azure App Service Flaw Exposed Customer Source CodeMicrosoft Teams Bug Allowing Phishing Unpatched Since MarchOpera Browser Working on Clipboard Anti-hijacking Feature
12/21/2021 December 22, 2021December 22, 2021 ~ The Cyber Beat ~ Leave a comment A UAE Agency Put Pegasus Spyware on Phone of Jamal Khashoggi’s Wife Months Before His Murder, New Forensics ShowPolish Opposition Duo Roman Giertych and Ewa Wrzosek Hacked With NSO Group Pegasus SpywareDHS Expands Bug Bounty Program to Encourage Hunting Down Apache Log4j VulnerabilityJava Code Repository Riddled with Hidden Log4j Bugs; Here’s Where to LookWe’re Starting to See a National Response to Ransomware, Says Mandiant CEOThis Security Researcher Fooled an At-Home COVID-19 Test Using a Bluetooth HackThreat Actors Steal $80 Million per Month With Fake Giveaways, SurveysU.S. Returns $154 Million in Bitcoins Stolen by Sony Employee2Easy Now a Significant Dark Web Marketplace for Stolen DataProminent Harvard Professor Charles Lieber Found Guilty of Lying About China TiesCity of Denver Hit By Cyber Attack Targeting KronosSaskatoon Airport Computer System Hit by a Cyber AttackGhana NSS Allegedly Hit by Data Breach as 700,000 People’s Documents Leak OnlineScammers Steal $150k Worth of Crypto From NFT Project Fractal With Discord HackPYSA Ransomware Behind Most Double Extortion Attacks in November800k WordPress Sites Still Impacted by Critical SEO Plugin FlawSecret Backdoors Found in German-made Auerswald VoIP SystemGarrett Walk-Through Metal Detectors Can Be Remotely ManipulatedWindows 10 21H2 Adds Ransomware Protection to Security Baseline
12/20/2021 December 21, 2021December 21, 2021 ~ The Cyber Beat ~ Leave a comment Belgian Defense Ministry Hacked by Attackers Exploiting Apache Log4j VulnerabilityLog4j Vulnerability Now Used to Install Dridex Banking Malware2021: The Year Hackers Went Wild and Changed EverythingPhishing Attacks Impersonate Pfizer in Fake Requests for QuotationUK Donates 225 Million Stolen Passwords to Hack-Checking Site Have I Been Pwned Robocalls More Than Doubled in 2021, Cost Victims $30BGoogle & Meta to Protect Data on Undersea CableMeta Sues People Behind Facebook and Instagram PhishingJustice Department Indicts Russian Hacker for Allegedly Participating in Trading SchemeCyber-Attack Impacts Aussie CompaniesClop Ransomware Gang Publish Confidential UK Police Data on the Dark Web…Police National Computer Not Pwned by Clop Ransomware Crims, Insists Home OfficeTexas Ear, Nose and Throat Specialists (Texas ENT) Alerts 535,000 Patients to Data BreachCapital Region Medical Center (MO) Reports System-Wide Network OutageIndustrial Construction Company Basil Read Hit by Ransomware AttackFBI: State Hackers Exploiting New Zoho Zero-Day Since OctoberNew Mobile Network Vulnerabilities Affect All Cellular Generations Since 2GMicrosoft Warns of Easy Windows Domain Takeover via Active Directory Bugs
12/17-19/2021 December 20, 2021December 20, 2021 ~ The Cyber Beat ~ Leave a comment Federal Agencies Ordered to Immediately Patch Systems Against Apache VulnerabilityApache Issues 3rd Patch to Fix New High-Severity Log4j VulnerabilityBuckle Up for More Log4j MadnessSecurity Firm Blumira Discovers Major New Log4j Attack VectorTellYouThePass Ransomware Revived in Linux, Windows Log4j AttacksConti Ransomware Uses Log4j Bug to Hack VMware vCenter ServersCISA Urges VMware Admins to Patch Critical Flaw in Workspace ONE UEMU.S. Distrust of Huawei Linked in Part to Malicious Software Update in 2012Backdoor Gives Hackers Complete Control Over Unnamed Federal Agency NetworkNeuberger: Change Your Passwords NowWestern Digital Warns Customers to Update Their My Cloud DevicesGrim Finance Targeted by ‘Advanced’ Hack; Losses of Over $30 MillionCredit Card Info of 1.8 Million People Stolen From Sports Gear SitesPro Wrestling Tees Owner Confirms Data Breach, Provides Details in Press ReleaseCyberattack on Payroll Provider Kronos Sets Off Scramble Ahead of HolidaysLogistics Giant Hellmann Worldwide Warns of BEC Emails Following Ransomware AttackMeta Says 50,000 Facebook Users May Have Been Spied on by Private Surveillance FirmsSpider-Man Movie Release Frenzy Bites Fans with Credit-Card HarvestingMalicious Joker App Scores Half-Million Downloads on Google Play
12/16/2021 December 17, 2021December 17, 2021 ~ The Cyber Beat ~ Leave a comment Log4j Flaw: This New Threat Is Going to Affect Cybersecurity for a Long TimeOfficials Point to Apache Vulnerability in Urging Passage of Cyber Incident Reporting BillU.S. Concerns Grow Over Potential Russian Cyber Targeting of Ukraine Amid Troop Buildup on BorderRussia Proposes Holding Collective Cybersecurity Talks With EUProminent Egyptian Opposition Activist’s Phone Hacked – WatchdogGoogle Calendar Now Lets You Block Invitation Phishing AttemptsHive Ransomware Enters Big League With Hundreds Breached in Four MonthsMeta Bans Surveillance-For-Hire Firms for Targeting FB UsersJapan Draws a LINE: Web Giants Must Reveal Where They Store User DataFrance Orders Clearview AI to Delete DataKrebs: NY Man Pleads Guilty in $20 Million SIM Swap TheftFirefox Users Can’t Reach Microsoft.com — Here’s What to DoLog4j Attackers Switch to Injecting Monero Miners via RMIMicrosoft: Khonsari Ransomware Hits Self-Hosted Minecraft ServersMcMenamins Breweries Hit by a Conti Ransomware AttackGumtree Classifieds Site Leaked Personal Info via the F12 KeySennheiser Exposed 28,000 Customers’ Data Online ‘Tropic Trooper’ Reemerges as ‘Earth Centaur’ to Target Transportation Outfits‘PseudoManuscrypt’ Mass Spyware Campaign Targets 35K SystemsPhorpiex Botnet Returns With New Tricks Making It Harder to Disrupt‘DarkWatchman’ RAT Shows Evolution in Fileless MalwareResearchers Uncover New Coexistence Attacks On Wi-Fi and Bluetooth ChipsLenovo Laptops Vulnerable to Bug Allowing Admin Privileges
12/15/2021 December 16, 2021December 16, 2021 ~ The Cyber Beat ~ Leave a comment Google Warns That NSO Hacking Is On Par With Elite Nation-State SpiesCISA Warns Critical Infrastructure to Stay Vigilant for Ongoing ThreatsInside the UK Government’s Secret Data RoomZoom Joins Counterterrorism Tech GroupFacebook to Pay Hackers for Reporting Data Scraping Bugs & Scraped DatasetsLarge-Scale Phishing Study Shows Who Bites the Bait More OftenCoinMarketCap Suffers a Seeming Hack, Falsely Driving Crypto Prices to Tens of BillionsHackers Backed by China Seen Exploiting Log4J Security Flaw in Internet SoftwareIran Also Among Those Exploiting Apache Cyber Vulnerability, Researchers SayGlobal Fight Against Log4j Vulnerability Relies on Apache VolunteersApache’s Fix for Log4Shell Can Lead to DoS AttacksState-Sponsored Hackers Abuse Slack API to Steal Airline DataEmotet Starts Dropping Cobalt Strike Again for Faster AttacksSites Hacked With Credit Card Stealers Undetected for Months
12/14/2021 December 15, 2021December 15, 2021 ~ The Cyber Beat ~ Leave a comment DHS Announces Bug Bounty Program to Hunt Down Cyber VulnerabilitiesUSPS Secretly Built & Tested Mobile Voting System Before 2020Hackers Launch Over 840,000 Attacks Through Log4J FlawHackers Exploit Log4j Vulnerability to Infect Computers with Khonsari RansomwareSecond Log4j Vulnerability Discovered, Patch Already ReleasedLog4j: List of Vulnerable Products and Vendor AdvisoriesCISA Orders Federal Agencies to Patch Log4Shell by December 24th‘Seedworm’ Attackers Target Telcos in Asia, Middle EastMicrosoft Rolls Out End-To-End Encryption for Teams CallsPopular Password Manager LastPass to be Spun Out From LogMeInKrebs: Inside Ireland’s Public Healthcare Ransomware ScareHackers Steal $140 Million From Users of Crypto Gaming Company VulcanForgeCyberattack on BHG Opioid Treatment Network Disrupts Patient CareGeorge Washington University Cyberattack During Finals Upends Law Students’ Study PlansSuperior Plus Hit by Ransomware AttackHonolulu Board of Water Supply, Emergency Medical Services Report Attacks on Employee DataAfter Cyber Attack, Maryland Department of Health Website Still Missing COVID Metrics400 Banks’ Customers Targeted with Anubis TrojanNew PS4 Homebrew Exploit Points to Similar PS5 Hacks to ComeHackers Steal Microsoft Exchange Credentials Using IIS ModuleApple iOS Update Fixes Cringey iPhone 13 Jailbreak ExploitMicrosoft Fixes Windows AppX Installer Zero-Day Used by EmotetKrebs: Microsoft Patch Tuesday, December 2021 Edition
12/13/2021 December 14, 2021December 14, 2021 ~ The Cyber Beat ~ Leave a comment Hackers Start Pushing Malware in Worldwide Log4Shell AttacksLog4Shell Flaw Prompts 100 Hack Attacks a Minute, Check Point SaysLog4Shell Is Spawning Even Nastier MutationsLog4j Software Vulnerability Expected to Persist, Possibly for MonthsBugs in Billions of WiFi, Bluetooth Chips Allow Password, Data TheftHackers Target India’s Prime Minister Twitter Account with Fake Bitcoin MessageRomanian Ransomware Suspect Arrested Over Attacks on ‘High-Profile’ OrganisationsEx-NFL Player Joshua Bellamy Gets Three Years for #COVID19 FraudUkraine Arrests 51 for Selling Data of 300 Million People in U.S., EUCSAM Found on LSU Professor’s ComputerThe State of U.S. Cybersecurity a Year After the SolarWinds HackKronos Ransomware Outage Drives Widespread Payroll ChaosTimekeeping Biz Kronos Hit by Ransomware and Warns Customers to Engage Biz Continuity PlansVirginia Assembly IT Agency Hit With Ransomware AttackTinyNuke Info-Stealing Malware Is Again Attacking French UsersPhishing Campaign Uses PowerPoint Macros to Drop Agent TeslaMalicious PyPI Code Packages Rack Up Thousands of DownloadsAttackers Can Get Root by Crashing Ubuntu’s AccountsServiceTelehealth Platform Doxy.me Fixing Issue That Exposed Patient DataGoogle Pushes Emergency Chrome Update to Fix Zero-Day Used in AttacksDell Driver Fix Still Allows Windows Kernel-Level Attacks
12/10-12/2021 December 12, 2021December 12, 2021 ~ The Cyber Beat ~ Leave a comment Officials, Experts Sound the Alarm About Critical Cyber Vulnerability…Press for Actionable Recommendations From New Cyber Advisory Committee‘Karakurt’ Extortion Threat Emerges, But Says No to Ransomware‘Appalling’ Riot Games Job Fraud Takes Aim at WalletsPhishing Attacks Use QR Codes to Steal Banking CredentialsFTC: Americans lost $148 million to gift card scams this yearAustralian Gov’t Raises Alarm Over Conti Ransomware AttacksIrish Health Cyber-Attack Could Have Been Even Worse, Report Says…Happened After One Staffer Opened Malware-Ridden EmailC-Suite’s Biggest Ransomware Fear: Post-attack Regulatory SanctionsBitcoin Mining Has Totally Recovered From Chinese BanUK Court Paves Way for Julian Assange’s Extradition to the U.S.Volvo Hit by Cyber-thieves, R&D StolenBrazilian Ministry of Health Suffers Cyberattack and COVID-19 Vaccination Data VanishesCrypto Exchange AscendEX Suspends Services After $77 Million HackData Breach Impacts 80,000 South Australian Gov’t EmployeesSprawling Active Attack Aims to Take Over 1.6M WordPress SitesZero Day in Ubiquitous Apache Log4j Tool Under Active Attack…‘Enterprise Nightmare’Minecraft Rushes Out Patch for Critical Log4j VulnerabilityResearchers Release ‘Vaccine’ for Critical Log4Shell VulnerabilityMicrosoft: These are the building blocks of QBot malware attacksMozilla Rolls Out GPC for All Firefox Users, but Enforcement Limited to Two StatesEarlier Schreiber Cyber Attack Causes Cream Cheese Shortage as Christmas Nears
12/9/2021 December 9, 2021December 9, 2021 ~ The Cyber Beat ~ Leave a comment U.S. to Tighten Restrictions on Exports of Malicious Cyber ToolsDARPA Announces SMOKE ProgramFueled by Pandemic Realities, Grinchbots Aggressively Surge in ActivityALPHV Blackcat – This Year’s Most Sophisticated RansomwareFujitsu Pins Japanese Gov’t Data Breach on Stolen ProjectWEB AccountsAmazon Fined $1.3 Billion in Italian Antitrust CaseA Third of You Slackers Out There Still Aren’t Using HTTPS by DefaultMicrosoft Previews New Endpoint Security Solution for SMBsKali Linux 2021.4 Released With 9 New Tools, Further Apple M1 SupportCox Communications Discloses Data Breach After Hacker Impersonates Support AgentHellmann Worldwide Logistics Hit by Cyber AttackSuspected Cyberattack Kicks Honolulu City Bus, Handi-Van Systems OfflineButler County Community College (PA) Cooperating With FBI After Ransomware AttackBay Village High School (OH) Staff Member Retiring After Private Records Released for Entire Senior ClassDark Mirai Botnet Targeting RCE on Popular TP-Link RouterMalicious Notepad++ Installers Push StrongPity MalwareHow MikroTik Routers Became a Cybercriminal TargetMicrosoft, Google OAuth Flaws Can Be Abused in Phishing AttacksSanDisk SecureAccess Bug Allows Brute Forcing Vault PasswordsWindows ‘InstallerFileTakeOver’ Zero-Day Bug Gets Free Micropatch
12/8/2021 December 8, 2021December 8, 2021 ~ The Cyber Beat ~ Leave a comment Beijing Reins In China’s Central BankTor’s Main Site Blocked in Russia as Censorship WidensVietnamese ‘XE Group’ Exposed for Eight Years of Hacking, Credit Card TheftOver 40 Million People Had Health Information Leaked This YearCybersecurity Can Pose a Risk in More Than One Way for Financial AdvisorsCoinbase Customers Demand Refunds Over GYEN Stablecoin GlitchKrebs: Canada Charges Its “Most Prolific Cybercriminal”Amazon Is Shutting Down Web Ranking Site Alexa.comMicrosoft: Secured-Core Servers Help Prevent Ransomware AttacksIsrael’s National Insurance Institute Hacked in Dos AttackTwo Data Breaches at Sound Generations (WA) Senior Care Nonprofit Impact 103KEmotet Now Drops Cobalt Strike, Fast Forwards Ransomware AttacksHackers Infect Random WordPress Plugins to Steal Credit CardsMoobot Botnet Chews Up Hikvision Surveillance SystemsMalicious npm Code Packages Built for Hijacking Discord ServersCritical SonicWall VPN Bugs Allow Complete Appliance TakeoverGraphQL API Authorization Flaw Found in Major B2B Financial Platform