TikTok Congressional Hearing: CEO Shou Zi Chew Grilled by U.S. Lawmakers

TikTok Paid for Influencers to Attend the Pro-TikTok Rally in DC

Are Chinese Tech Firms a Security Risk?

Krebs: Google Suspends Chinese E-Commerce App Pinduoduo Over Malware

Stanford Pulls Down ChatGPT Clone After Safety Concerns

Journalist Plugs in Unknown USB Drive Mailed to Him—It Exploded in His Face

Windows 11, Tesla, Ubuntu, and macOS Hacked at Pwn2Own 2023

CloudPanel Installations Use the Same SSL Certificate Private Key

New CISA Tool Detects Hacking Activity in Microsoft Cloud Services

How to Use ChatGPT to Write Code

Epidemic of Insecure Storage, Backup Devices Is a Windfall for Cybercriminals

MITRE Rolls Out Cloud-Based Prototype for Supply Chain Security

Kids Tech Camp iD Tech Still Silent Weeks After Data Breach
City of Toronto Confirms Data Theft, Clop Claims Responsibility

Attorneys Say Private Information Exposed to Public in NC Courts Overhaul

Ottawa County (OH) Officials Working to Restore Network After Ransomware Attack

Shoreline College (WA) Website Hacked; Officials Investigating

Tri Counties Bank in Chico (CA) Suffers Data Breach After February Cyber Attack

China-Aligned “Operation Tainted Love” Targets Middle East Telecom Providers

German and South Korean Agencies Warn of Kimsuky’s Expanding Cyber Attack Tactics

Python Info-Stealing Malware Uses Unicode to Evade Detection

SharePoint Phishing Scam Targets 1600 Across U.S., Europe

BlackGuard Stealer Now Targets 57 Crypto Wallets, Extensions

Exploit Released for Veeam Bug Allowing Cleartext Credential Theft

WordPress Force Patching WooCommerce Plugin with 500K Installs

Microsoft Fixes Acropalypse Privacy Bug in Windows 11 Snipping Tool


The TikTok CEO’s Face-Off With Congress Is Doomed

Cyberterrorism Tops List of Threats to U.S. Vital Interests: Gallup

Unknown Actors Deploy Malware to Steal Data in Occupied Regions of Ukraine

North Korean Hackers Using Chrome Extensions to Steal Gmail Emails

German Political Parties Accused of Microtargeting Voters on Facebook

Facebook Accounts Hijacked by New Malicious Trojanized Version of ChatGPT Chrome Extension

ChatGPT-Owner OpenAI Fixes ‘Significant Issue’ Exposing User Chat Titles

CISA and NSA Enhance Security Framework With New IAM Guide

Beloved Hacking Veteran Kelly ‘Aloria’ Lum Passes Away at 41
Dole Discloses Employee Data Breach After Ransomware Attack

Convergent Outsourcing (WA) Files Notice of Data Breach That Leaked Consumers’ SSNs

Sunland Asphalt and Construction (AZ) Data Breach Affects 7,884 Individuals’ Personal Info

$36M BEC Fraud Attempt Narrowly Thwarted by AI Technology

Hackers Inject Credit Card Stealers Into Payment Processing Modules

New Android Banking Trojan ‘Nexus’ Promoted As MaaS

NAPLISTENER: New Malware in REF2924 Group’s Arsenal for Bypassing Detection

ScarCruft’s Evolving Arsenal: Researchers Reveal New Malware Distribution Techniques

PoC Exploits Released for Netgear Orbi Router Vulnerabilities


Putin to Staffers: Throw Out Your iPhones, or ‘Give It to the Kids’ and Use Russian or Chinese Tech Instead

Google Suspends Top Chinese Shopping App Pinduoduo

CommonMagic Targets Entities in Russo-Ukrainian Conflict Zone

The Scorched-Earth Tactics of Iran’s Cyber Army

Meta Security Manager Was Reportedly Hacked by Greek Intelligence Agency

ChatGPT Bug Temporarily Exposes AI Chat Histories to Other Users

Windows’ Screenshot Tool May Be Saving Stuff You Cropped Out, Too

Adobe Launches Firefly Generative A.I., Which Lets Users Type to Edit Images

European Ports Brace for Cybersecurity Regulation

Breached Hacking Forum Shuts Down, Fears It’s Not ‘Safe’ From FBI
Democratic Rep: At Least 17 Current and Former Members Had Personal Data Exposed in DC Health Link Breach

Clop Ransomware Claims Saks Fifth Avenue, Retailer Says Mock Data Stolen

LockBit Ransomware Gang Now Also Claims City of Oakland Breach

Expert Speaks Out After City of Allen Park (MI) Hit With Ransomware Attack

Over 2400 Fake Pages Found Targeting Job Seekers in Middle East, Africa

New ShellBot DDoS Malware Variants Targeting Poorly Managed Linux Servers

Coinbase Wallet ‘Red Pill’ Flaw Allowed Attacks to Evade Detection

Microsoft: Defender Update Behind Windows LSA Protection Warnings

From Ransomware to Cyber Espionage: 55 Zero-Day Vulnerabilities Weaponized in 2022


Vessels Claiming to Be Chinese Warships Are Messing With Passenger Planes

Online Sleuths Untangle the Mystery of the Nord Stream Sabotage

ChatGPT Helped Win a Hackathon

OpenAI CEO Sam Altman Says He’s a ‘Little Bit Scared’ of A.I.

Researchers Shed Light on CatB Ransomware’s Evasion Techniques

Hackers Mostly Targeted Microsoft, Google, Apple Zero-Days in 2022

The Top Five Cybersecurity Concerns

Krebs: Why You Should Opt Out of Sharing Data With Your Mobile Provider
Ferrari Reports Cyber Incident With Ransom Demand; No Impact to Operations

Mispadu Trojan Steals 90,000+ Banking Credentials From Latin American Victims

General Bytes Bitcoin ATMs Hacked Using Zero-Day, $1.5M Stolen

Texas Medical Liability Trust Data Breach Leaked SSNs and Other Sensitive Data

KillNet Group Uses DDoS Attacks Against Azure-Based Healthcare Apps

New DotRunpeX Malware Delivers Multiple Malware Families via Malicious Ads

Hackers Target .NET Developers with Malicious NuGet Packages


Wave of Stealthy China Cyberattacks Hits U.S., Private Networks, Google Says

Huawei Has Replaced Thousands of U.S.-Banned Parts in Its Products, Founder Says

Google Pixel Exploit Reverses Edited Parts of Screenshots

Google Tells Users of Some Android Phones: Nuke Voice Calling to Avoid Infection

FCC Now Requires Cell Carriers to Block Scam Texts From Sketchy Numbers

I Got Investigated by the Secret Service: Here’s How to Not Be Me

Krebs: Feds Charge NY Man as BreachForums Boss “Pompompurin”

RAT Developer Arrested in Ukraine for Infecting 10,000 PCs With Malware

CIOs Build New Bonds With CISOs
NBA Alerts Fans of a Data Breach Exposing Personal Information

Hitachi Energy Confirms Data Breach After Clop GoAnywhere Attacks

OU Health Confirms Data for 3K Patients Could Have Been Breached After Laptop’s Theft

AllCare Plus Pharmacy (MA) Notified Patients of Data Breach Leaking SSNs and PHI

Telegram, WhatsApp Trojanized to Target Cryptocurrency Wallets

New GoLang-Based HinataBot Exploiting Router and Server Flaws for DDoS Attacks

Emotet Malware Now Distributed in Microsoft OneNote Files to Evade Defenses

Microsoft Shares Script to Fix WinRE BitLocker Bypass Flaw


Senator Warner Wants US Spies to Justify a TikTok Ban

UK Bans TikTok on Government Devices Following U.S. Move

U.S. FTC Asks Social Media, Video Streaming Firms Info on Misleading Ads

Snapchat’s New Parental Control Filters Aim to Protect Minors From Sensitive Content

Courts Side With Big Companies Including Amazon and Experian in Privacy Appeals

Microsoft Support ‘Cracks’ Windows for Customer After Activation Fails

Conti-Based Ransomware ‘Meowcorp’ Gets Free Decryptor

Chinese SilkLoader Malware Sold to Russian Cyber-Criminals

Winter Vivern APT Hackers Use Fake Antivirus Scans to Install Malware
Latitude Cyberattack Leads to Data Theft at Two Service Providers

Trinity Health of New England Employee Email Breach Exposed Patients’ Personal Data

Cryptojacking Group TeamTNT Suspected of Using Decoy Miner to Conceal Data Exfiltration

BianLian Ransomware Pivots From Encryption to Pure Data-Theft Extortion

Convincing Twitter ‘Quote Tweet’ Phone Scam Targets Bank Customers

Fortinet Zero-Day Attacks Linked to Suspected Chinese Hackers

Adobe Acrobat Sign Abused to Push Redline Info-Stealing Malware

Google Finds 18 Baseband Zero-Day Bugs in Samsung Exynos Chipsets

Google Proposes Reducing TLS Cert Life Span to 90 Days


U.S. Threatens to Ban TikTok if Chinese Founder Doesn’t Sell Ownership Stake

China Sought Control of Submarine Cables to Spy, Says Micronesia

Russian Hackers Preparing New Cyber Assault Against Ukraine – Microsoft Report

This Is the New Leader of Russia’s Infamous Sandworm Hacking Unit

A Spy Wants to Connect With You on LinkedIn

The World’s Real ‘Cybercrime’ Problem

FBI: Ransomware Hit 860 Critical Infrastructure Orgs in 2022

Authorities Take Down Darknet Cryptocurrency ‘Mixing’ Service ‘ChipMixer’

Dangers from Hacks Stretch Beyond Broken Computer Systems

AI-Generated Voice Deepfakes Aren’t Scary Good—Yet

Humans Still More Effective Than ChatGPT at Phishing

Krebs: Two U.S. Men Charged in 2022 Hacking of DEA Portal

Cancer Patient Sues Hospital After Ransomware Gang Leaks Her Nude Medical Photos

NordVPN Open Sources Its Linux VPN Client and Libraries

Mozilla Firefox Gets Built-in Firefox Relay Controls
Tick APT Group Hacked East Asian DLP Software Firm

Hacker Selling Data Allegedly Stolen in U.S. Marshals Service Hack

U.S. Federal Agency Hacked Using Old Telerik Bug to Steal Data

LockBit Ransomware Claims Essendant Attack, Company Says “Network Outage”

Latitude Financial Hacked With 328,000 Customer IDs Feared Stolen

Independent Living Systems (ILS) Warns 4.2 Million People of Data Breach

NorthStar Emergency Medical Services (AR) Data Breach Affects 82,450 Individuals

Lansing Community College Suspends Most Classes for ‘Ongoing Cybersecurity Incident’

New Cryptojacking Operation Targeting Kubernetes Clusters for Dero Mining

“FakeCalls” Android Malware Targets Financial Firms in South Korea

First-Known Dero Cryptojacking Operation Seen Targeting Kubernetes

CISA Warns of Adobe ColdFusion Bug Exploited as a Zero-Day

Critical Microsoft Outlook Bug PoC Shows How Easy It Is to Exploit

Krebs: Microsoft Patch Tuesday, March 2023 Edition


D.C. Health Link Hacker Exposes Lawmakers’ Personal Information

UK’s National Cyber Security Centre Reviewing TikTok Risks, Minister Says

MI5 Launches New Agency to Tackle State-Backed Attacks

YoroTrooper Espionage Campaigns Target CIS, EU Countries

DEV-1101 Updates Open Source Phishing Kit

FBI Warns of Spike in ‘Pig Butchering’ Crypto Investment Schemes

Cybercriminals Exploit Silicon Valley Bank (SVB) Collapse to Steal Money and Data

GPT-4 Unveiled: ChatGPT’s Next Big Upgrade Is Here

How Businesses Can Get Ready for AI-Powered Security Threats
Rubrik Confirms Data Theft in GoAnywhere Zero-Day Attack

Beaver Medical Group Files Notice of Data Breach Leaking Patient’s PHI

Bone & Joint (WI) “System Outage” Resulted in Data Breach Affecting Patients & Employees

Merced College (CA) Provides Notice of Data Breach to Students Following Malware Attack

Ring Won’t Say if It Was Hacked After Ransomware Gang Claims Attack

SAP Releases Security Updates Fixing Five Critical Vulnerabilities

Microsoft March 2023 Patch Tuesday Fixes 2 Zero-Days, 83 Flaws

Microsoft Fixes Outlook Zero-Day Used by Russian Hackers Since April 2022

Microsoft Fixes Windows Zero-Day Exploited in Ransomware Attacks


STALKER 2 Game Developer GSC Game World Hacked by Russian Hacktivists, Data Stolen

Large-scale Cyber Attack Hijacks East Asian Websites for Adult Content Redirects

CISA Joins Forces With Women in Cybersecurity to Break up the Boy’s Club

CISA Now Warns Critical Infrastructure of Ransomware-Vulnerable Devices

Fortinet: New FortiOS Bug Used as Zero-Day to Attack Gov’t Networks

NordVPN Makes its Meshnet Private Tunnel Free for Everyone

Outlook App to Get Built-In Microsoft 365 MFA on Android, iOS

Final Three Sentenced in £70m Money Laundering Case
Zoll Medical Says Intruders Had 1M+ Patient, Staff Records at Their Fingertips

LA Housing Authority Discloses Data Breach After Ransomware Attack

Arizona Department of Economic Security Confirms Data Breach

Hackers Steal $197 Million in Crypto in Euler Finance Attack

LockBit Brags: We’ll Leak Thousands of SpaceX Blueprints Stolen From Supplier

Cyber Attack Affecting Gloucester Museum’s System One Year On

Kali Linux 2023.1 Introduces ‘Purple’ Distro for Defensive Security

Brand Names in Finance, Telecom, Tech Lead Successful Phishing Lures


KamiKakaBot Malware Used in Latest Dark Pink APT Attacks on Southeast Asian Targets

North Korean UNC2970 Hackers Expands Operations with New Malware Families

Ransomware Attacks Have Entered a ‘Heinous’ New Phase

Investment Fraud is Now Biggest Cybercrime Earner

Fake ChatGPT Chrome Extension Hijacking Facebook Accounts for Malicious Advertising

Security Researchers Targeted With New Malware via Job Offers on LinkedIn

AI-Generated YouTube Video Tutorials Spreading Infostealer Malware

TikTok Users Shrug at China Fears: ‘It’s Hard to Care’

Cerebral Admits to Sharing Patient Data With Meta, TikTok, and Google

FBI Once Bought Mobile-Phone Data for Warrantless Tracking: Other Agencies Still Do

Brazil Seizing Flipper Zero Shipments to Prevent Use in Crime

Casper Attack Steals Data Using Air-Gapped Computer’s Internal Speaker

Microsoft OneNote to Get Enhanced Security After Recent Malware Abuse

Blackbaud to Pay $3M for Misleading Ransomware Attack Disclosure

Key Takeaways From The National Cybersecurity Strategy
Mental Health Provider Cerebral Alerts 3.1M People of Data Breach

PeopleGrove Security Lapse Exposed Users’ Personal Information

Codman Square Health Center (MA) Reports Data Breach Following Ransomware Attack

56,000 Affected by DC Health Link Data Breach

Staples-Owned Essendant Facing Multi-Day “Outage,” Orders Frozen

BATLOADER Malware Uses Google Ads to Deliver Vidar Stealer and Ursnif Payloads

Medusa Ransomware Gang Picks up Steam as It Targets Companies Worldwide

New Version of Prometei Botnet Infects Over 10,000 Systems Worldwide

Xenomorph Android Banking Trojan Returns with a New and More Powerful Variant

New GoBruteforcer Malware Targets phpMyAdmin, MySQL, FTP, Postgres

Clop Ransomware Gang Begins Extorting GoAnywhere Zero-Day Victims

Unpatched Zero-Day Bugs in Akuvox Smart Intercoms Allow Remote Eavesdropping

CISA Warns of Actively Exploited Plex Bug After LastPass Breach

CISA Warns of Critical VMware RCE Flaw Exploited in Attacks


U.S. Congressman Darin LaHood Says the FBI Unlawfully Targeted Him

Fifth of Government Workers Don’t Care if Employer is Hacked

Tehran Targets Female Activists in Espionage Campaign

Rubio Takes Aim At Planned Ford U.S. Battery Plant Using Chinese Technology

Pentagon Unveils Cyber Workforce Strategy to Tackle Labor Shortage

Krebs: Who’s Behind the NetWire Remote Access Trojan?

Google Trashes the Chrome Cleanup Tool

FBI Warns of Cryptocurrency Theft via “Play-To-Earn” Games

TikTok Initiates Project Clover Amid European Data Security Concerns

Inadvertent Data Destruction After a Cyberattack Can Violate EU Privacy Rules

Scammers Are Using AI to Impersonate Your Loved Ones: Here’s What to Watch Out For
Remcos Trojan Returns to Most Wanted Malware List After Ukraine Attacks

AT&T Blames Marketing Bods for Exposing 9M Subscriber Account Records

Microsoft: Business Email Compromise Attacks Can Take Just Hours

Akamai Mitigates Record-Breaking 900Gbps DDoS Attack in Asia

IceFire Ransomware Now Encrypts Both Linux and Windows Systems

8220 Gang Behind ScrubCrypt Attack Targeting Oracle Weblogic Server

Hackers Exploiting Remote Desktop Software Flaws to Deploy PlugX Malware

Suspected Chinese Cyber Spies Target Unpatched SonicWall Devices

GitHub Makes 2FA Mandatory Next Week for Active Developers

How to Jump-Start Your Cybersecurity Career


FBI Investigates Data Breach Impacting U.S. House Members and Staff

The FBI Just Admitted It Bought U.S. Location Data

The U.S. Air Force Is Moving Fast on AI-Piloted Fighter Jets

Boeing Signs off Anti-Jamming Tech That Keeps Satellites Online

China Says It’s ‘Puzzled’ After Report Germany Might Ban Huawei From Parts of 5G Mobile Network

Dutch Responds to U.S. China Policy With a Plan to Curb Semiconductor Tech Exports

Australia Demands Russia Crack Down on Cyber Criminals

DuckDuckGo Launches AI-Powered Search Query Answering Tool

Microsoft Enables LSA Protection by Default in Windows Canary Build

Eurovision 2023: Hotel Phishing Scam Targets Song Contest Fans

Krebs: Sued by Meta, Freenom Halts Domain Registrations
Lazarus Group Targets South Korean Finance Firm Via Zero-Day Flaw

Commonwealth Bank of Australia’s Indonesian Arm Hit by Cyber Attack

Ransomware Gang Posts Video of Data Stolen From Minneapolis Schools

City of Waynesboro (VA) Targeted in Cyber Attack

Northeast Surgical Group (MI) Notifies 15K Patients of Data Breach

Jenkins Security Alert: New Security Flaws Could Allow Code Execution Attacks

Bitwarden Flaw Can Let Hackers Steal Passwords Using iframes

Fortinet Warns of New Critical Unauthenticated RCE Vulnerability

Veeam Fixes Bug That Lets Hackers Breach Backup Infrastructure

CISA’s KEV Catalog Updated with 3 New Flaws Threatening IT Management Systems


Cyber Command Chief: Election Interference Is Not Going Away

Watchdog Says U.S. Cyber Agency Lacks a Plan for Communicating During Major Hacks

Russia’s Cyber Tactics in Ukraine Shift to Focus on Espionage

Russian Disinformation Campaign Records High-Profile Individuals on Camera

How to Tell if Your Laptop Camera Has Been Hacked and Someone Is Spying on You

White House Backs Senate Bill to Boost U.S. Ability to Ban TikTok

Shein App Accessed Clipboard Data on Android Devices

The Daring Ruse That Exposed China’s Campaign to Steal American Secrets

How Denmark’s Welfare State Became a Surveillance Nightmare

Twitter Just Let Its Privacy- And Security-Protecting Tor Service Expire

Next-Gen Mobile Internet — 6G — Will Launch in 2030, Telecom Bosses Say, Even as 5G Adoption Remains Low

LastPass Hack: Engineer’s Failure to Update Plex Software Led to Massive Data Breach

Pro-Putin Scammers Trick Politicians and Celebrities Into Low-Tech Hoax Video Calls

The Rise of Zero-Trust Cybersecurity in a Multicloud World
Sharp Panda Target Southeast Asia in Espionage Campaign Expansion: ‘Radio Silence’ Mode to Evade Detection

Acer Confirms Breach After 160GB of Data for Sale on Hacking Forum

Brazilian Conglomerate Andrade Gutierrez Suffers 3TB Data Breach

Ransomware Attack Against Barcelona Hospital Disrupts Operations

Houston Healthcare (GA) Falls Victim to Cybersecurity Attack

Minneapolis Public Schools Says Hackers Behind Alleged Attack Posted Some Data Online

Northern Essex Community College (MA) Closed for 5th Day Due to Cyberattack

1st Franklin Financial Corporation (GA) Notifies Customers of Recent Data Breach

Transparent Tribe Hackers Distribute CapraRAT via Trojanized Messaging Apps

SYS01stealer: New Threat Using Facebook Ads to Target Critical Infrastructure Firms

Emotet Malware Attacks Return After Three-Month Break

Android March 2023 Update Fixes Two Critical Code Execution Flaws

Microsoft Excel Now Blocking Untrusted XLL Add-Ins by Default


U.S. Government to Explore Cyber Insurance Backstop

New Class of Lawmakers Look To Dig In on Cybersecurity

Faced With Likelihood of Ransomware Attacks, Businesses Still Choosing to Pay Up

Where Are the Women in Cyber Security? On the Dark Side, Study Suggests

Cybersecurity Trends & Statistics For 2023: Attack Surface And Hacker Capabilities Grow

NIST’s Quantum-Proof Algorithm Has a Bug, Analysts Say

Rotterdam: This Algorithm Could Ruin Your Life

Inside the Suspicion Machine

German and Ukrainian Police Raid Alleged Cybercrime ‘DoppelPaymer’ Gang With Help From FBI
Vice Society Ransomware Group Claims Hamburg University of Applied Sciences as Latest Victim

Denver Public Schools Data Breach Includes SSNs, Bank Info

Henrico Doctors’ Hospital (VA) Notifies Patients of Data Breach

Acer Data Breach? Hacker Claims to Sell 160GB Trove of Stolen Data

Sandbox Blockchain Game Breached to Send Emails Linking to Malware

New HiatusRAT Malware Targets Business-Grade Routers to Covertly Spy on Victims

Old Windows ‘Mock Folders’ UAC Bypass Used to Drop Malware

Proof-of-Concept Released for Critical Microsoft Word RCE Bug


EPA to Make States Evaluate Public Water Systems’ Cybersecurity

U.S. Cybersecurity Agency Raises Alarm Over Royal Ransomware’s Deadly Capabilities

Krebs: Highlights from the New U.S. Cybersecurity Strategy

BidenCash Market Leaks Over 2 Million Stolen Credit Cards for Free

TPM 2.0 Library Vulnerabilities May Affect Billions of IoT Devices

Brave Search Launches AI-Powered Summarizer in Search Results

A Privacy Hero’s Final Wish: An Institute to Redirect AI’s Future

FTC to Ban BetterHelp From Sharing Mental Health Data With Advertisers

Secret Service, ICE Break the Law Over and Over With Fake Cell Tower Spying
Play Ransomware Claims Disruptive Attack on City of Oakland

Play Ransomware Gang Leaks Data Stolen From City of Oakland

Personal Data Exposed in Cyber Attack on Modesto (CA) PD

Indigo Books Refuses LockBit Ransomware Demand

Indian Startup Yes Madam Exposed Sensitive Data of Customers and Gig Workers

Aloha Nursing Rehab Centre Reports 2022 Data Breach Affecting More Than 20k Patients

Veris Residential (NJ) Notifies Victims of Recent Data Breach

New FiXS ATM Malware Targeting Mexican Banks

Microsoft Releases Windows Security Updates for Intel CPU Flaws

How to Prevent Microsoft OneNote Files From Infecting Windows With Malware


Biden Administration Unveils Long-Awaited National Cyber Strategy

Aims to Shift Cybersecurity Burden From Individuals and Small Businesses to Tech Providers

Cisco Chief Says Tech Products Must Be Made More Secure

CISA Releases Free ‘Decider’ Tool to Help with MITRE ATT&CK Mapping

Dashlane to Support New Third-Party Passkey Sync Feature in Android 14

Stop Using Your 4-Digit iPhone Passcode in Public. Do This Instead

Forget ChatGPT, the Most Overhyped Security Tool Is Technology Itself, Wiz Warns

Australian Woman Arrested for Email Bombing a Government Office
WH Smith Discloses Cyber-Attack, Company Data Theft

Chick-Fil-A Confirms Accounts Hacked in Months-Long “Automated” Attack

Hackers Steal Gun Owners’ Data From Firearm Auction Website GunAuction.com

Chinese ‘Mustang Panda’ Hackers Use New Custom Backdoor to Evade Detection

Lucky Mouse: SysUpdate Malware Strikes Again with Linux Version and New Evasion Tactics

Experts Identify ‘Colour-Blind’ Fully-Featured Info Stealer and Trojan in Python Package on PyPI

API Security Flaw Found in Booking.com Allowed Full Account Takeover

This Hacker Tool Can Pinpoint a DJI Drone Operator’s Location


Russia Bans Foreign Messaging Apps in Government Organizations

Cybercriminals Targeting Law Firms with GootLoader and FakeUpdates Malware

Parallax RAT Targeting Cryptocurrency Firms with Sophisticated Injection Techniques

Budweiser Maker Simplifies How It Assesses Privacy and Cyber Risks

GitHub’s Secret Scanning Alerts Now Available for All Public Repos

Microsoft Exchange Online Outage Blocks Access to Mailboxes Worldwide

ChatGPT: What the New York Times and Others Are Getting Terribly Wrong About It

Hacked Washington Law Firm Covington & Burling Fights SEC Subpoena in Effort to Protect Attorney-Client Privilege

Why Overcoming The Cybersecurity Labor Shortage Matters To Company Success
West Virginia University Alerted of Data Breach, Involves ‘Limited’ Amount of Personal Information Available

Southeastern Louisiana University ‘Likely’ Suffered Cyber Attack

Hatch Bank Announces Third-Party Data Breach at Cybersecurity Firm, Fortra

Crystal Bay Casino Notifies 86,291 Individuals of Recent Data Breach

Trezor Warns of Massive Crypto Wallet Phishing Campaign

Iron Tiger Hackers Create Linux Version of Their Custom Malware

BlackLotus Becomes First UEFI Bootkit Malware to Bypass Secure Boot on Windows 11

Cisco Patches Critical Web UI RCE Flaw in Multiple IP Phones

Aruba Networks Fixes Six Critical Vulnerabilities in ArubaOS


China Is Relentlessly Hacking Its Neighbors

TikTok Answers Three Big Cybersecurity Fears About the App

U.S. Gov’t Agencies Have 30 Days to Remove TikTok, Canada Follows Suit

LastPass Reveals Attackers Stole Password Vault Data by Hacking an Employee’s Home Computer

Krebs: Hackers Claim They Breached T-Mobile More Than 100 Times in 2022

How to Set Up Two-Factor Authentication on Your Online Services

Google: Gmail Client-Side Encryption Now Publicly Available

Bitdefender Releases Free Decryptor for MortalKombat Ransomware Strain

Hacking Attack Prompts Russian Regional Broadcasters to Issue Air Alert Warnings (Again)
Dish Network Confirms Ransomware Attack Behind Multi-Day Outage

City of Oregon City Reports Ransomware Attack

Evergreen Treatment Services (OR) Data Breach Affects Personal Info of 21,325 Patients

Anonymous Call Informs Sentara Healthcare (VA) of Data Breach

LSUs Online Services Restored Tuesday After Network Outage: ‘Not Cyber Event’

APT-C-36 Strikes Again: Blind Eagle Hackers Target Key Industries in Colombia

SCARLETEEL Hackers Use Advanced Cloud Skills to Steal Source Code, Data

CISA Issues Warning on Active Exploitation of ZK Java Web Framework Vulnerability


U.S. Marshals Service Investigating Ransomware Attack, Data Theft

CISA Tells Agencies What to Prioritize to Meet Cybersecurity Log Mandate

Australia Plans to Reform Cyber Security Rules, Set up Agency

China Makes It Even Harder for Data to Leave Its Shores

Krebs: When Low-Tech Hacks Cause High-Impact Breaches

Researchers Discover Nearly 200,000 New Mobile Banking Trojan Installers

Researchers Share New Insights Into RIG Exploit Kit Malware’s Operations

ChatGPT Is Down Worldwide – OpenAI Working on Issues

A Year After Russia’s Invasion, Cyberdefenses Have Improved Around the World
Minneapolis Public Schools Still Investigating What Caused ‘Encryption Event’

Hacker Leaks Alleged Activision Employee Data on Cybercrime Forum

Alvaria (MA) Announces Data Breach Following Hive Ransomware Attack

Advanced Health Media Leaked SSNs Following Recent Data Breach

Crum & Forster (NJ) Announces Data Breach

New Exfiltrator-22 Post-Exploitation Kit Linked to LockBit Ransomware

RIG Exploit Kit Still Infects Enterprise Users via Internet Explorer

PlugX Trojan Disguised as Legitimate Windows Debugger Tool in Latest Attacks

Critical Flaws in WordPress Houzez Theme Exploited to Hijack Websites


CISA Calls For Increased Vigilance One Year After Ukraine’s Russian Invasion

Russian IT “Brain Drain” Decentralizes Cybercrime

Pentagon Investigating Two-Week Email Server Leak

Royal Mail Appears to Call LockBit’s Ransomware Bluff – Loses Gigabytes of Data

News Corp Says State Hackers Were on Its Network for Two Years

A Basic iPhone Feature Helps Criminals Steal Your Entire Digital Life

Krebs: Who’s Behind the Botnet-Based Service BHProxies?

Tesla to Change Camera Settings in Europe Over Privacy Fears

EU Commission Bans TikTok on Corporate Devices

‘Ethical Hacker’ Among Ransomware Suspects Cuffed by Dutch Cops

Bitcoin Mining Rig Found Stashed in Massachusetts School Crawlspace

These Experts Are Racing to Protect AI From Hackers. Time Is Running Out
Telus Source Code, Staff Info for Sale on Dark Web Forum

Dish Network Goes Offline After Likely Cyberattack, Employees Cut Off

Stanford University Discloses Data Breach Affecting PhD Applicants

Encino Energy Says ‘No Impact’ Seen After Cyberattack

Cleveland Brothers Holdings Data Breach Affects Thousands of SSNs

Emtec (FL) Breach Affects Over 7,000 People Following Cyberattack

Rockler Companies (MN) Data Breach Impacts More than 8,600 Individuals

PureCrypter Malware Hits Gov’t Orgs With Ransomware, Info-Stealers

ChromeLoader Campaign Lures With Malicious VHDs for Popular Games

Brave Browser to Block “Open in App” Prompts, Pool-Party Attacks

Google Teams Up with Ecosystem Partners to Enhance Security of SoC Processors

Cybersecurity to Be Least Hit by Layoffs in Economic Downturn


How the Russia-Ukraine War Has Changed Cyberspace

Ukraine Says Russian Hackers Backdoored Gov’t Websites in 2021

Batteries Are Ukraine’s Secret Weapon Against Russia

Russian Authorities Claim Ukraine Hackers Are Behind Fake Missile Strike Alerts in Almost a Dozen Cities

WinorDLL64 Backdoor Linked to Lazarus Group

How I Broke Into a Bank Account With an AI-Generated Voice

U.S. Regulators Warn Banks to Be on Alert for Crypto-Related Liquidity Risks

Valve “Honeypot” Used to Ban 40,000 Dota 2 Players Using Cheat

You Can’t Trust App Developers’ Privacy Claims on Google Play

Forsage DeFi Platform Founders Indicted for $340 Million Scam

FTX Fiasco Founder SBF Faces Further Fraud Charges

FTC: Americans Lost $8.8 Billion to Fraud in 2022 After 30% Surge

U.S. Extradites Russian Individual for Allegedly Selling Malicious Software
Datacenters in China, Singapore Cracked by Crims Who Then Targeted Tenants

LockBit Leaks 44GB of Royal Mail’s Data and Sets Fresh £33 Million Ransom

Vice Society Ransomware Gang Leaked 2K Los Angeles Student Health Records Online

Hutchinson Clinic (PA) Posts Notice of Data Breach Affecting Sensitive Patient Information

Clasiopa Hackers Use New Atharvan Malware in Targeted Attacks

Hackers Using Trojanized macOS Apps to Deploy Evasive Cryptocurrency Mining Malware

Python Developers Warned of Trojanized PyPI Packages Mimicking Popular Libraries

A World of Hurt for Fortinet and Zoho After Users Fail to Install Patches

Apple Warns of 3 New Vulnerabilities Affecting iPhone, iPad, and Mac Devices

Microsoft Urges Exchange Admins to Remove Some Antivirus Exclusions

How Cybersecurity Executives Make the Case for Continued Tech Investments in a Tough Economy


Hackers Use Fake ChatGPT Apps to Push Windows, Android Malware and Send Victims to Phishing Pages

Ukraine Suffered More Wiper Malware in 2022 Than Anywhere, Ever

Gcore Thwarts Massive 650 Gbps DDoS Attack on Free Plan Client

Open Source Flaws Found in 84% of Codebases

NSA Shares Guidance on How to Secure Your Home Network

2023 Budget Conversations: Prioritizing Cybersecurity During Economic Downturn

Google Paid $12 Million in Bug Bounties to Security Researchers
Hydrochasma Group Targets Asian Medical and Shipping Sectors

New S1deload Stealer Malware Hijacks Youtube, Facebook Accounts

Cyberattack on Food Giant Dole Temporarily Shuts Down North America Production

Attackers Flood NPM Repository with Over 15,000 Spam Packages Containing Phishing Links

Hackers Now Exploit Critical Fortinet Bug to Backdoor Servers

VMware Patches Critical Vulnerability in Carbon Black App Control Product


Researchers Warn of ReverseRAT Backdoor Targeting Indian Government Agencies

A New Kind of Bug Spells Trouble for iOS and macOS Security

Hackers Exploit Privilege Escalation Flaw on Windows Backup Service

Google Will Boost Android Security Through Firmware Hardening

Accidental WhatsApp Account Takeovers? It’s a Thing

AT&T Seeks to Shed Cybersecurity Division

Sublime Nabs $9.8M for Anti-Phishing Email Security Platform Built on Collective, Crowdsourced Rules

Three City Fund Managers Jailed for $8m Fraud
Sensitive U.S. Military Emails Spill Online via Exposed Server

Russian State TV ‘Hit by Cyber Attack’ During Putin’s Speech

Activision Confirms Data Breach Exposing Employee and Game Info

Virgin Media TV Hack May Cause Disruption to Some Programming

Sophisticated MyloBot Botnet Spreading Rapidly Worldwide: Infecting Over 50,000 Devices Daily

Exploit Released for Critical Fortinet RCE Flaws, Patch Now

Why Security Culture Is Key To Cybersecurity Resilience

Cyberthreats, Regulations Mount for Financial Industry


Here’s How to Secure Your Twitter Account Without Paying for Blue

DNA Testing Biz Vows to Improve Infosec After Criminals Break Into Database It Forgot It Had

Majority of Ransomware Attacks Last Year Exploited Old Bugs

HardBit Ransomware Wants Insurance Details to Set the Perfect Price

Microsoft AI Chatbot Threatens to Expose Personal Info and Ruin a User’s Reputation

Spanish Court Authorises Extradition to U.S. Of Briton Who Allegedly Hacked Biden, Obama

Inglis Retires as National Cyber Director Ahead of Biden’s Cybersecurity EO
Coinbase Cyberattack Targeted Employees With Fake SMS Alert

Eureka Casino Resort (NV) Announces Data Breach Impacting Nearly 230k Individuals

CentraState Healthcare System Announces Data Breach Impacting as Many as 617k Patients

Lehigh Valley Health Network (PA) Hit by Cyberattack

O’Neal Industries Reports Recent Data Breach

Tom James Company (TN) Files Notice of Data Breach Affecting 8,656 Individuals

New Stealc Malware Emerges With a Wide Set of Stealing Capabilities


EU Cybersecurity Agency Warns Against Chinese APTs

Google Report Reveals Russia’s Elaborate Cyber Strategy in Ukraine

‘Russian Hacktivists’ Brag of Flooding German Airport Sites

Experts Warn of RambleOn Android Malware Targeting South Korean Journalists

Armenia and Azerbaijan Hackers Use OxtaRAT to Monitor Conflict

Cloud Infrastructure Used By WIP26 For Espionage Attacks on Telcos

Krebs: New Protections for Food Benefits Stolen by Skimmers

Samsung Has Created a Zero-Click Antivirus for Messages

How to Unlock Your iPhone With a Security Key

Twitter Limits SMS-Based 2-Factor Authentication to Blue Subscribers Only

Europol Busts ‘CEO Fraud’ Gang That Stole €38M in a Few Days

Norwegian Police Recover $5.8M Crypto From Massive Axie Infinity Hack
FBI Says It Has ‘Contained’ Cyber Incident on Bureau’s Computer Network

Hackers Ran Amok Inside GoDaddy for Nearly 3 Years

Data Leak Hits Thousands of Liverpool NHS Workers

MKS Instruments (MA) Data Breach Affects Current and Former Employees

Paul Smith’s College (NY) Data Breach Impacts Over 10k Individuals

Suffolk County, N.Y., Restores Systems After September Cyberattack

New WhiskerSpy Malware Delivered via Trojanized Codec Installer

Critical RCE Vulnerability Discovered in ClamAV Open Source Antivirus Software

Fortinet Issues Patches for 40 Flaws Affecting FortiWeb, FortiOS, FortiNAC, and FortiProxy

AppSec Threats Deserve Their Own Incident Response Plan

Here’s the 12 Best Ways to Avoid Being Scammed Online

The Five Important Moments In History That Shaped The Modern Cybersecurity Landscape


DOJ, Commerce Department Strike Force to Fight Technology Threats From Adversaries

ESXiArgs Ransomware Hits Over 500 New Targets in European Countries

Microsoft Exchange ProxyShell Flaws Exploited in New Crypto-Mining Attack

New Mirai Malware Variant Infects Linux Devices to Build DDoS Botnet

CISA Warns of Windows and iOS Bugs Exploited as Zero-Days

Privacy Regulators Step Up Oversight of AI Use in Europe

BEC Groups Target Firms With Multilingual Impersonation Attacks

Hackers Leverage PayPal to Send Malicious Invoices

Crypto Buyers Beware: 1 in 4 New Tokens of Any Value Is a Scam

Protecting More With What You Have: Cybersecurity Resilience In 2023
New Threat Actor WIP26 Targeting Telecom Service Providers in the Middle East

Burton Snowboards Cancels Online Orders After ‘Cyber Incident’

German Airport Websites Hit by Suspected Cyber Attack

Scandinavian Airlines Says Cyberattack Caused Passenger Data Leak

Atlassian Says Recent Data Leak Stems From Third-Party Vendor Hack

Hackers Using Google Ads to Spread FatalRAT Malware Disguised as Popular Apps

Hackers Start Using Havoc Post-Exploitation Framework in Attacks

Hackers Backdoor Microsoft IIS Servers With New Frebniis Malware

Researchers Warn of Critical Security Bugs in Schneider Electric Modicon PLCs


North Korea’s APT37 Targeting Southern Counterpart with New M2RAT Malware

U.S. Border Patrol Is Finally Able to Check E-Passport Data

Oakland Declares Emergency After Ransomware Attack

Major Global Chipmaking Supplier ASML Claims an Employee Stole Manufacturing Secrets

Made in America, Stolen by China: We Need Cybersecurity Minimum Standards

GitHub Copilot Update Stops AI Model From Revealing Secrets

The Ohio Train Derailment Created a Perfect TikTok Storm

Severed Cable Forces Lufthansa to Cancel More Than 140 Flights

Cyber Insurers Unlikely to Offer Higher Coverage Limits Despite Better Conditions

Russian Hacker Convicted of $90 Million Hack-To-Trade Charges
Indian SideWinder APT Attacks Regional Targets in New Campaign

LockBit and Royal Mail Ransomware Negotiation Leaked by LockBit

Emsisoft Says Hackers Are Spoofing Its Certs to Breach Networks

Meriplex Communications Data Breach Affects Malaga Bank Customers

CompSource Mutual Insurance Company Data Breach Affects Thousands of Claimants

Succession Wealth Targeted by Cyber-Attack

Hyundai, Kia Patch Bug Allowing Car Thefts With a USB Cable

Citrix Fixes Severe Flaws in Workspace, Virtual Apps and Desktops

Intel Patches up SGX Best It Can After Another Load of Security Holes Found


Russian-Linked Malware Was Close to Putting U.S. Electric, Gas Facilities ‘Offline’ Last Year

This Russia-Linked Hack Is Worse Than We Knew

The More You Look for Spy Balloons, the More UFOs You’ll Find

Chinese Hackers Infiltrate South American Diplomatic Networks

Changing Leaders? You May Be a Target of Hackers

How Companies Can Minimize the Cybersecurity Risk From Their Tech Vendors

Eurostar Forces ‘Password Resets’ — Then Fails and Locks Users Out

Microsoft: Exchange Server 2013 Reaches End of Support in April

Cyber-Physical System Vulns Disclosures Reach Peak, While Internal Disclosures Up 80%

Google Launches First Android Beta for Ad-Tracking Overhaul
Healthcare Giant Community Health Systems Reports First Data Breach in GoAnywhere Hacks

Airline SAS Network Hit by Hackers, Says App Was Compromised

Reventics, an Omega Healthcare Company, Announces Data Breach Following Cyberattack

Massive AdSense Fraud Campaign Uncovered – 10,000+ WordPress Sites Infected

RedEyes Hackers Use New Malware to Steal Data From Windows, Phones

NPM Packages Posing as Speed Testers Install Crypto Miners Instead

New ‘MortalKombat’ Ransomware Targets Systems in the U.S.

New Stealthy ‘Beep’ Malware Focuses Heavily on Evading Detection

Embattled VMware ESXi Hypervisor Flaw Exploitable in Myriad Ways

Krebs: Microsoft Patch Tuesday, February 2023 Edition


U.S. Navy Recovers ‘Significant’ Portion of Chinese Spy Balloon off South Carolina

After Shooting Down Flying Objects, U.S. And Canada Have More Theories Than Answers

Chinese Tonto Team Hackers’ Second Attempt to Target Cybersecurity Firm Group-IB Fails

LockBit’s Royal Mail Ransom Deadline Flies By. No Data Released

Majority of Firms Make Cybersecurity Decisions Without Attacker Insight

How To Protect Against AI-Based Email Security Threat Vectors

Medical-Device Makers Face Push to Protect Their Wares From Hacks

Pig Butchering Scams Are Evolving Fast

Lazarus Hackers Use New Mixer to Hide $100 Million in Stolen Crypto

Spain, U.S. Dismantle Phishing Gang That Stole $5 Million in a Year
Namecheap Customers Flooded with Phishing Emails

Pepsi Bottling Ventures Suffers Data Breach After Malware Attack

Garrison Women’s Health (NH) Notifies Patients of Data Breach

Employee Social Security Numbers Exposed in Bridgewater-Raritan School District (NJ)

Rise Interactive Media & Analytics Third-Party Breach Affects Edgepark Medical Supplies

Hackers Create Malicious Dota 2 Game Modes to Secretly Access Players’ Systems

451 PyPI Packages Install Chrome Extensions to Steal Crypto

Cloudflare Blocks Record-Breaking 71 Million RPS DDoS Attack

Apple Fixes New WebKit Zero-Day Exploited to Hack iPhones, Macs

Unciphered Reveals Now-Patched Vulnerability in OneKey Wallet


Former Diplomat Claims to Have SNP MP’s Hacked Emails

North Korean Hackers Are Attacking U.S. Hospitals

U.S. Teases More China Tech Sanctions, This Time to Deflate Balloon-Makers

From Huawei to TikTok, Chinese Tech Giants Face Scrutiny Amid Spying Concerns

Cyberattack on ION Derivatives Unit Had Ripple Effects on Financial Markets

Refund and Invoice Scams Surge in Q4

Reddit Hack Shows Limits of MFA, Strengths of Security Training

Romance Scammers Could Cause Unhappy Valentine’s Day

Attacker Allure: A Look at the Super Bowl’s Operational Cyber-Risks

Everything Is Hackable

How to Manage Third-Party Cybersecurity Risks That Are Too Costly to Ignore

Microsoft Winget Package Manager Failing From Expired SSL Certificate

Passkeys From Apple, Google & Microsoft May Soon Replace Your Passwords as Passwords Are Continually Threatened

How to Make Sure You’re Not Accidentally Sharing Your Location

How to Delete Yourself From the Internet
Ransomware Crooks Steal 3M+ Patients’ Medical Records, Personal Info From Multiple California Medical Groups

City of Oakland Systems Offline After Ransomware Attack

A10 Networks Confirms Data Breach After Play Ransomware Attack

Vice Society Ransomware Attack Confirmed by Mount Saint Mary College

Clop Ransomware Claims it Breached 130 Orgs Using GoAnywhere Zero-Day

Israel’s Technion University Hacked; Cyber Authority Trying to Assist

Kimmel Center, Philadelphia Orchestra Websites Hit by Cyber Attack

Indian Social Media App Slick Exposed Childrens’ User Data

DotHouse Health (MA) Announces Data Breach Impacting 10k Patients

Edmonds School District (WA) Data Breach Exposed Sensitive Information

Devs Targeted by W4SP Stealer Malware in Malicious PyPi Packages

Malicious Npm Package Uses Typosquatting, Downloads Malware

CISA Warns of Active Attacks Exploiting Fortra MFT, TerraMaster NAS, and Intel Driver Flaws


Russia’s Ransomware Gangs Are Being Named and Shamed

Krebs: U.S., U.K. Sanction 7 Men Tied to Trickbot Hacking Group

Australia to Remove Chinese Surveillance Cameras Amid Security Fears

New ESXiArgs Ransomware Version Prevents VMware ESXi Recovery

Hacker Develops New ‘Screenshotter’ Malware to Find High-Value Targets

PayPal and Twitter Abused in Turkey Relief Donation Scams

Cybersecurity—Value Driven From Safety

Insurers Say Cyberattack That Hit Merck Was Warlike Act, Not Covered

1Password Is Trying For Zero Passwords

Codebreakers Decipher Mary, Queen of Scots’ Secret Letters 436 Years After Her Execution
Largest Canadian Bookstore Indigo Shuts Down Site After Cyberattack

Reddit Cyberattack Let Hackers Steal Source Code and Internal Data

Munster Technological University Says IT Breach Caused by Ransomware Attack

Atlantic General Hospital (MD) System Still Down Following Ransomware Attack

NewsPenguin Threat Actor Emerges with Malicious Campaign Targeting Pakistani Entities

Gootkit Malware Adopts New Tactics to Attack Healthcare and Finance Firms

Hackers Use Fake Crypto Job Offers to Push Info-Stealing Malware

Malicious Google Ads Sneak AWS Phishing Sites Into Search Results

OpenSSL Fixes Multiple New Security Flaws with Latest Update


Russian Hackers Using Graphiron Malware to Steal Data from Ukraine

CISA Releases Recovery Script for ESXiArgs Ransomware Victims

The State of the Union Was Light on Cybersecurity, Related Topics

White House Cyber Adviser to Retire Next Week

NIST Standardizes Ascon Cryptographic Algorithm for IoT and Other Lightweight Devices

Regulator Halts AI Chatbot Over GDPR Concerns

Why ChatGPT Isn’t a Death Sentence for Cyber Defenders

How the US Can Stop Data Brokers’ Worst Practices—Right Now

Android 14 to Block Malware From Abusing Sensitive Permissions
Weee! Grocery Service Confirms Data Breach, 1.1 Million Affected

Drug Distributor AmerisourceBergen Confirms Security Breach

Money Lover For Android & iOS Leaked Email Addresses, Transactions

Stroke Scan Files Notice of Data Breach Affecting 50k Consumers

Tor and I2P Networks Hit by Wave of Ongoing DDoS Attacks

TMH Employee: Remote Workers Forced to Use PTO During Cybersecurity Incident

Malicious Dota 2 Game Mods Infected Players With Malware

SonicWall Warns Web Content Filtering Is Broken on Windows 11 22H2


SNP MP Stewart McDonald’s Emails Hacked by Russian Group

Microsoft to Rival Google With New AI-Powered Bing Search

14 Innovation Trends With Exponential Growth Potential: Ark’s Big Ideas 2023

Cybersecurity Teams: The Defender’s Dilemma Is a Lie

Three Common Ways Cybersecurity Teams Waste Money—And What To Do Instead

More Than 2,000 Cybersecurity Patent Applications Filed Since 2010

Kaspersky Briefing: ChatGPT and the Language of Cybersecurity

KrebsOnSecurity in Upcoming Hulu Series on Ashley Madison Breach

Russian Man Pleads Guilty to Laundering Ryuk Ransomware Money
Florida State Court System, U.S., EU Universities Hit by Ransomware Outbreak

UK Metal Engineering Firm Vesuvius Hit by Cyber-Attack

Regal Medical Group Notifies Patients of Recent Data Breach

Researcher Breaches Toyota Supplier Portal With Info on 14,000 Partners

Over 12% Of Analyzed Online Stores Expose Private Data, Backups

Medusa Botnet Returns as a Mirai-Based Variant With Ransomware Sting

New QakNote Attacks Push QBot Malware via Microsoft OneNote Files

Hackers Exploit Vulnerabilities in Sunlogin to Deploy Sliver C2 Framework


Embarrassment as U.S. Cyber Ambassador’s Twitter Account Is Hacked

No Evidence Global Ransomware Hack Was by State Entity, Italy Says

VMware Finds No Evidence of 0-Day in Ongoing ESXiArgs Ransomware Spree

LockBit Ransomware Gang Claims Royal Mail Cyberattack

‘Phishing-As-A-Service’ Kits Are Driving an Uptick in Theft: One Business Owner’s Story

Three U.S. Data Breaches Show Varied Healthcare Exposure Risks

Corporate Boards Struggle to Understand Cybersecurity and Digital Transformation

Inside Safe City, Moscow’s AI Surveillance Dystopia

Google Unveils Bard, its Rival to ChatGPT

Microsoft Authenticator Drops Support for Apple Watch

Drugs Labs Busted After Encrypted Chat App Takedown

Prominent UK Cybersecurity Stock Darktrace Is Under Attack From Short Sellers
GuLoader Malware Using Malicious NSIS Executables to Target E-Commerce Industry

Mint Mobile Gets Affected by T-Mobile Recent Data Breach

Sharp HealthCare (CA) Notifies Nearly 63,000 Patients of Data Breach

Motto Mortgage (CO) Files Notice of Recent Data Breach, Exposing Consumers SSNs

Hidalgo County (TX) Adult Probation Office Hit by Ransomware Attack

Linux Variant of Clop Ransomware Spotted, But Uses Faulty Encryption Algorithm

Hackers Backdoor Windows Devices in Sliver and BYOVD Attacks

Exploit Released for Actively Exploited GoAnywhere MFT Zero-Day

Actively Exploited GoAnywhere MFT Zero-Day Gets Emergency Patch

OpenSSH Releases Patch for New Pre-Auth Double Free Vulnerability

Three Ways To Stop Playing Cybersecurity Whac-A-Mole


Suspected Chinese Spy Balloon Shot Down off South Carolina Coast

Bermuda Hit by Major Internet and Power Outage

New Credential-Stealing Campaign By APT34 Targets Middle East Firms

Googling for Software Downloads Is Extra Risky Right Now

The Biggest Risks in Procrastinating on iPhone, Android Software Updates

Airbnb Is Making a Simple, but Big Booking Change Bringing It Closer to Hotel Check-in

Former Twitter Employees to Testify at House Hearing on Hunter Biden

ICO Relaxes Breach Reporting for Comms Providers

NY Attorney General Forces Spyware Vendor to Alert Victims

Have We Learnt Nothing From SolarWinds Supply Chain Attacks? Not Yet It Appears

Dashlane Password Manager Open-Sourced Its Android and iOS Apps

Krebs: Finland’s Most-Wanted Hacker Nabbed in France

Developer Pleads Guilty to Hacking His Own Company After Pretending to Investigate Himself

U.S. Man Charged in $110m Crypto Trading Scheme

Cyber-Attack Results in More Than $800K Stolen From Houston Business, Lawsuit Filed
Iranian OilRig Hackers Using New Backdoor to Exfiltrate Data from Govt. Organizations

Iran Crew Stole Charlie Hebdo Database, Says Microsoft

TruthFinder, Instant Checkmate Confirm Data Breach Affecting 20M Customers

Tallahassee Memorial HealthCare Takes IT Systems Offline After Cyberattack

Multiple Wayne County (MI) Police Agencies Targeted in Ransomware Attacks

University of Zurich Confirms ‘Serious Cyberattack’

More Than 11,000 Employees, Students and Former Staff Affected by Cyber Attack, QUT Says

PixPirate: New Android Banking Trojan Targeting Brazilian Financial Institutions

Google Ads Push ‘Virtualized’ Malware Made for Antivirus Evasion

Post-Macro World Sees Rise in Microsoft OneNote Documents Delivering Malware

Massive ESXiArgs Ransomware Attack Targets VMware ESXi Servers Worldwide

Linux Version of Royal Ransomware Targets VMware ESXi Servers

Hackers Actively Exploiting Zero-Day in Fortra’s GoAnywhere MFT

Atlassian Patches Critical Authentication Flaw in Jira Software


New Russian-Backed Gamaredon’s Spyware Variants Targeting Ukrainian Authorities

Russia-Ukraine War Has Improved U.S. Cyber Cooperation, Says Key Official

Anker’s Eufy Admits Unencrypted Videos Could Be Accessed, Plans Overhaul

Threat Actors Use ClickFunnels to Bypass Security Services

APT Groups Use Ransomware TTPs as Cover for Intelligence Gathering and Sabotage

Netflix’s US Password-Sharing Crackdown Isn’t Happening—Yet

Former Ubiquiti Dev Pleads Guilty to Trying to Extort His Employer

Discrepancies Discovered in Vulnerability Severity Ratings

Rising ‘Firebrick Ostrich’ BEC Group Launches Industrial-Scale Cyberattacks
North Korean Hackers Exploit Unpatched Zimbra Devices in ‘No Pineapple’ Campaign

Lazarus Group Attack Identified After Operational Security Fail

LockBit Ransomware Attack on Data Firm Ion Could Take Days to Fix

Super Bock Says ‘Cyber’ Nasty ‘Disrupting Computer Services’

Australia’s Black and White Cabs Booking Service Offline After Cyber Attack

Stealthy HeadCrab Malware Compromised Over 1,200 Redis Servers

Hackers Weaponize Microsoft Visual Studio Add-Ins to Push Malware

Malvertising Attacks Are Distributing .Net Malware Loaders

Cisco Fixes Bug Allowing Backdoor Persistence Between Reboots


New DDoS-As-A-Service Platform ‘Passion’ Used in Recent Attacks on Hospitals

Almost all Organizations are Working with Recently Breached Vendors

Crypto Scam Apps Infiltrate Apple App Store and Google Play

Over 1,800 Android Phishing Forms for Sale on Cybercrime Market

Experts Warn of ‘Ice Breaker’ Cyberattacks Targeting Gaming and Gambling Industry

Google Boosts Bounties for Open Source Flaws Found via Fuzzing

Enter the Hunter Satellites Preparing for Space War

EU Tightens Oversight of Data-Privacy Regulators to Speed Up Decisions

Cybersecurity Firm RAPID7 Explores Sale
Arnold Clark Customer Personal Data ‘Stolen in Cyber Attack’

Claimed by Play Ransomware

Google Fi Data Breach Let Hackers Carry Out Sim Swap Attacks

FIA Assessing Impact of Cyber Attack on Financial Data Firm ION

Sensitive Data Stolen in Okanagan College Attack Posted to Dark Web Says Vice Society

LockBit Ransomware Goes ‘Green,’ Uses New Conti-Based Encryptor

New Nevada Ransomware Targets Windows and VMware ESXi Systems

Researchers Uncover New Bugs in Popular ImageMagick Image Processing Utility


Russian-Backed Hackers ‘Killnet’ Actively Targeting U.S. Health Care Sector, HHS Warns

The List So Far

New Report Reveals NikoWiper Malware That Targeted Ukraine Energy Sector

U.S., Middle Eastern Allies Include Cyber Collaboration in Abraham Accords

Microsoft: Over 100 Threat Actors Deploy Ransomware in Attacks

Microsoft Disables Verified Partner Accounts Used for OAuth Phishing

Microsoft Upgrades Defender to Lock Down Linux Gear for Its Own Good

You Really Need to Update Firefox and Android Right Now

OpenAI Releases Tool to Detect AI-Written Text
Google Fi Customers Caught Up in Recent T-Mobile Data Breach

Nantucket Schools Close After Ransomware Attack

Tucson Unified School District Hit by Cyber Attack

DocuSign Brand Impersonation Attack Bypasses Security Measures, Targets Over 10,000

PoS Malware Can Block Contactless Payments to Steal Credit Cards

New Sh1mmer ChromeBook Exploit Unenrolls Managed Devices

Exploit Released for Critical VMware vRealize RCE Vulnerability

Over 29,000 QNAP Devices Unpatched Against New Critical Flaw

Firmware Flaws Could Spell ‘Lights Out’ for Servers


TikTok Chief to Appear Before Congressional Panel

The Untold Story of a Crippling Ransomware Attack

Why Cybersecurity Regulations And Oversight Are As Important As Safety Standards In The Modern Workplace

CISA’s Got a Plan to Strengthen Corporate Cybersecurity

The Wages of Sin Aren’t That Great if You’re a Developer Choosing the Dark Side

OpenAI Is Hiring Developers to Make ChatGPT Better at Coding

GitHub Revokes Code Signing Certificates Stolen in Repo Hack

Wealthy Russian Undertook $90 Mln Hack-And-Trade Scheme, U.S. Says at Trial

New Yorker Gets Four Years for $9m COVID Fraud Scheme
U.S. No Fly List Shared on a Hacking Forum, Government Investigating

JD Sports Says 10 Million Customers Hit by Cyber-Attack

Private Explosives Manufacturer Hired By India’s Defence Ministry Hit By Suspected Ransomware Attack

Porsche Halts NFT Launch, So Phishing Sites Fill the Void

KeePass Disputes Vulnerability Allowing Stealthy Password Theft

Hackers Use TrickGate Software to Deploy Emotet, REvil, Other Malware

Titan Stealer: A New Golang-Based Information Stealer Malware Emerges

QNAP Fixes Critical Bug Letting Hackers Inject Malicious Code


Ukraine Hit with New Golang-based ‘SwiftSlicer’ Wiper Malware in Latest Cyber Attack

Sandworm Hackers Hit News Agency With 5 Data Wipers

Ukraine Enters Uncharted Territory With Request to Investigate Russian Cyberattacks as War Crimes

A Link to This Site Can (Technically) Land You in Russian Prison

Infrastructure Companies Say Suppliers Pose a Growing Cyber Threat

New ‘Pig Butchering’ Scam in West Africa Impersonates U.S. Financial Advisors

Workers Want More AI to Get Rid of Their Office Busywork, Says Microsoft Survey

Black Swans Events Are Shaping the Cybersecurity Present and Future

Researchers to Release VMware vRealize Log RCE Exploit, Patch now

ISC Releases Security Patches for New BIND DNS Software Vulnerabilities
Canada’s Green Party Posted Sensitive Information About Voters and Members Online

Charter Communications Says Vendor Breach Exposed Some Customer Data

mscripts Data Breach Affects 66,372 Individuals

Zendesk Experiences Potential Data Breach

Stratford University (VA) Data Breach Affects Over 78k Student and Employee SSNs

Shady Reward Apps on Google Play Amass 20 Million Downloads

Black Basta Deploys PlugX Malware in USB Devices With New Technique

Gootkit Malware Continues to Evolve with New Components and Obfuscations

PlugX Malware Hides on USB Devices to Infect New Windows Hosts

Multiple Vulnerabilities Found In Healthcare Software OpenEMR


U.S. Hacks Back Against Hive Ransomware Crew

U.S. Offers $10M Bounty for Hive Ransomware Links to Foreign Governments

Google Takes Down 50,000 Instances of Pro-Chinese DRAGONBRIDGE Influence Operation

Iranian Group Cobalt Sapling Targets Saudi Arabia With New Persona

Most Criminal Cryptocurrency Funnels Through Just 5 Exchanges

The Best Personal Safety Devices, Apps, and Alarms

UK’s Lloyds Bank Warns of 80% Surge in Advance Fee Scams

Tech Layoffs Aren’t Hitting This Digital Job Market Where Over 700,000 Workers Are Needed

A Child’s Garden of Cybersecurity
Lutheran Social Services of Illinois Announces Data Breach Affecting 184k Individuals

University of Colorado Hospital Authority Announces Third-Party Data Breach At Diligent Corporation

Guildford School Victim of Cyber-Attack as Phone Lines and Mail Systems ‘Stop Working’

Yandex Denies Hack, Blames Source Code Leak on Former Employee

Bitwarden Password Vaults Targeted in Google Ads Phishing Attack

New Mimic Ransomware Abuses ‘Everything’ Windows Search Tool

Lexmark Warns of RCE Bug Affecting 100 Printer Models, PoC Released

Microsoft Urges Admins to Patch On-Premises Exchange Servers


CISA: Federal Agencies Hacked Using Legitimate Remote Desktop Tools

Russian ‘Hacktivists’ Briefly Knock German Websites Offline

Iranian and Russian Hackers Targeting Politicians and Journalists, Warn UK Officials

U.S. Intelligence Wants to Use Psychology to Avert Cyberattacks

Lessons Learned From the Windows Remote Desktop Honeypot Report

Hackers Auction Alleged Source Code for League of Legends

Krebs: Experian Glitch Exposing Credit Files Lasted 47 Days

Krebs: Administrator of RSOCKS Proxy Botnet Pleads Guilty

Better Management And Training Are Key To Solving The Cybersecurity Skills Gap
Zacks Investment Research Data Breach Affects 820,000 Clients

A Network of Knockoff Apparel Stores Exposed 330,000 Customer Credit Cards

Over 4,500 WordPress Sites Hacked to Redirect Visitors to Sketchy Ad Pages

Livingston Memorial VNA (CA) Data Breach Following Apparent Ransomware Attack

Bank of Eastern Oregon Files Official Notice of Data Breach

Jefferson County Health Department (IA) Files Notice of Data Breach Affecting 115,940

New Stealthy Python RAT Malware Targets Windows in Attacks

Malware Exploited Critical Realtek SDK Bug in Millions of Attacks

Exploit Released for Critical Windows CryptoAPI Spoofing Bug


North Korea-Linked Hackers Behind $100 Million Crypto Heist, FBI Says

LastPass Owner GoTo Shares More Bad News About November’s Security Breach

If You Want to Use a Security Key With Your Apple Account, You’ll Need Two Keys

Microsoft Shares Workaround for Unresponsive Windows Start Menu

The Threat Of “Default” Tech

Assessing the Likelihood of a ‘Catastrophic’ Cyberattack

DOJ, States Sue Google Over Digital Ad Dominance

Noem Says Cellphone Was Hacked, Blames Jan. 6 Panel

Security and the Electric Vehicle Charging Infrastructure
Planet Ice: Customer Details Stolen in Data Breach

Riot Games Receives Ransom Demand From Hackers, Refuses to Pay

Alexander City (AL) Falls Victim to Cyber Attack

DragonSpark Hackers Evade Detection With SparkRAT and Golang

Emotet Malware Makes a Comeback with New Evasion Techniques

Ransomware Access Brokers Use Google Ads to Breach Your Network

75K WordPress Sites Impacted by Critical Online Course Plugin Flaws

VMware Fixes Critical Security Bugs in vRealize Log Analysis Tool

Security Navigator Research: Some Vulnerabilities Date Back to the Last Millennium


T-Mobile Breach Highlights Common Corporate Security Weakness

Most Federal Agencies Ignored GAO’s Cybersecurity Recommendations

U.S. Authorities Release Asylum Seekers After Leaking Their Data Online

Russia’s Largest ISP Says 2022 Broke All DDoS Attack Records

Hackers Deploy Open-Source Tool Sliver C2, Replacing Cobalt Strike, Metasploit

Fewer Ransomware Victims Are Paying Up. But There’s a Catch

Messenger’s Encrypted Chats Get Themes, Emoji Reactions, and More

Microsoft Investing Billions in ChatGPT Maker

ChatGPT Is ‘Not Particularly Innovative,’ and ‘Nothing Revolutionary’, Says Meta’s Chief AI Scientist
A Major Flaw in App Operated by India’s Education Ministry Exposed the Data of Millions of Students

GTA Online Bug Exploited to Ban, Corrupt Players’ Accounts

Ticketmaster Says Cyberattack Disrupted Taylor Swift Ticket Sales

Satellite Healthcare Files Official Notice of Data Breach

Google Ads Invites Being Abused to Push Spam, Adult Sites

CISA Warns of Critical ManageEngine RCE Bug Exploited in Attacks

Apple Fixes Actively Exploited iOS Zero-Day on Older iPhones, iPads

Apple iOS 16.3 Arrives With Support for Hardware Security Keys

Microsoft Plans to Kill Malware Delivery via Excel XLL Add-Ins


Russia Expected to Increase Cyberattacks in Ukraine War — To Little Effect

Gamaredon Group Launches Cyberattacks Against Ukraine Using Telegram

U.S. Airline Accidentally Exposes ‘No Fly List’ on Unsecured Server

How to Encrypt any File, Folder, or Drive on Your System

Like It or Not, Email Is Still Our Greatest Tool – And the Source of Some of Our Biggest Threats

What Diabetes Is Revealing About the Benefits and Risks of Personal Medicine Connected to the Internet

Krebs: New T-Mobile Breach Affects 37 Million Accounts

T-Mobile’s $150 Million Security Plan Isn’t Cutting It

Massive Ad-Fraud Op Dismantled After Hitting Millions of iOS Devices

WhatsApp Hit with €5.5m fine for GDPR Violations

Cybersecurity Was Supposed to Be a Resilient Area of Tech, but These ETFs Are Struggling
Los Angeles Unified School District Says Vice Society Ransomware Gang Stole Contractors’ SSNs

Maple Ridge-Pitt Meadows School District (BC) Investigating Data Breach Affecting up to 19,000 People

FanDuel Discloses Data Breach Caused by Recent MailChimp Hack

Riot Games Hacked, Delays Game Patches After Security Breach

Phishers Use Blank Images to Disguise Malicious Attachments

Hackers Now Use Microsoft OneNote Attachments to Spread Malware

New Boldmove Linux Malware Used to Backdoor Fortinet Devices

Critical ManageEngine RCE Bug Now Exploited to Open Reverse Shells

Exploits Released for Two Samsung Galaxy App Store Vulnerabilities

Over 19,000 End-Of-Life Cisco Routers Exposed to RCE Attacks


Davos 2023: Global Bank Chiefs Get FBI Cybersecurity Update

Ransomware Profits Drop 40% In 2022 as Victims Refuse to Pay

A Sneaky Ad Scam Tore Through 11 Million Phones

New ‘Blank Image’ Attack Hides Phishing Scripts in SVG Files

FTX: Over $400m Stolen from Bankrupt Exchange

Instagram Just Got an Update That Gives You More Control Over What You See in Your Feed

Over a Third of Recent ICS Bugs Still Have No Vendor Patch

For the First Time in a Long Time, Cfos Can Say No to Some Tech Spending

How to Convert Your Home’s Old TV Cable Into Powerful Ethernet Lines
T-Mobile Says Hackers Stole Data on About 37 Million Customers

PayPal Says Crooks Accessed 35,000 Customers’ Info in Credential Stuffing Attack

Ransomware Gang Steals Data From KFC, Taco Bell, and Pizza Hut Brand Owner

New ‘Hook’ Android Malware Lets Hackers Remotely Control Your Phone

Roaming Mantis’ Hacking Campaign Adds DNS Changer to Mobile App

New Microsoft Azure Vulnerability Uncovered — EmojiDeploy for RCE Attacks

Exploit Released for Critical ManageEngine RCE Bug, Patch Now


Iranian Government Entities Under Attack by New Wave of BackdoorDiplomacy Attacks

CISA Warns of Flaws in Siemens, GE Digital, and Contec Industrial Control Systems

Krebs: Thinking of Hiring or Running a Booter Service? Think Again.

Bitzlato Crypto Exchange Seized for Ransomware, Drugs Money Laundering

New York Man Defrauded Thousands Using Credit Cards Sold on Dark Web

Initial Access Broker Market Booms, Posing Growing Threat to Enterprises

Spy Cams Reveal the Grim Reality of Slaughterhouse Gas Chambers

Palantir CEO Tells Tech Workers Who Don’t Like the Company’s Military Deals, ‘Don’t Work Here’

Private-Equity Firms Tighten Focus on Cyber Defenses at Portfolio Companies

European Privacy Regulators Step Up Scrutiny of Business Data Practices

Over Four Billion People Affected By Internet Censorship in 2022
Ukraine Links Data-Wiping Attack on News Agency to Russian Hackers

ODIN Intelligence Website Hacked

MailChimp Discloses New Breach After Employees Got Hacked

Pierce County (WA) Accidentally Shared Sensitive Voter Information for Hundreds of Thousands

Maritime Giant Dnv Says 1,000 Ships Affected by Ransomware Attack

Illegal Solaris Darknet Market Hijacked by Competitor Kraken

Bank of America Starts Restoring Missing Zelle Transactions

Hackers Push Malware via Google Search Ads for VLC, 7-Zip, CCleaner

Critical Security Vulnerabilities Discovered in Netcomm and TP-Link Routers

What Is ChatGPT? AI Technology Sends Schools Scrambling to Preserve Learning

ChatGPT Creates Polymorphic Malware


Hackers Use Fear of Mobilization to Target Russians With Phishing Attacks

Earth Bogle Group Targets Middle East With NjRAT, Geopolitical Lures

Crypto Exchanges Freeze Accounts Tied to North Korea’s Notorious Lazarus Group

Hackers Can Abuse Legitimate GitHub Codespaces Feature to Deliver Malware

What to Know About the Cars of the Future Being Built by Tech, Auto Companies

The Scammers Who Scam Scammers on Cybercrime Forums
Nissan North America Data Breach Caused by Vendor-Exposed Database

Hacktivists Leak Data Apparently From Digital Forensics Vendors Cellebrite and MSAB

Over 4,000 Sophos Firewall Devices Vulnerable to RCE Attacks

Git Patches Two Critical Remote Code Execution Security Flaws

Microsoft Azure Services Flaws Could’ve Exposed Cloud Resources to Unauthorized Access

Let’s Normalize ‘Radical Transparency’ Around Data Breaches


U.S. to Launch Third Iteration of ‘Hack the Pentagon’ Bug Bounty Program

CISA Warns for Flaws Affecting Industrial Control Systems from Major Manufacturers

New Backdoor Created Using Leaked CIA’s Hive Malware Discovered in the Wild

China Aims to Grow Local InfoSec Industry by 30% a Year, to $22 Billion by 2025

North Korean ‘Lazarus’ Group Tied to $100M Harmony Hack Moves 41,000 Ether Over Weekend

Avast Releases Free BianLian Ransomware Decryptor

All the Data Apple Collects About You—and How to Limit It

Europe Beefs-up Cybersecurity Law, Trumping the UK
Vice Society Ransomware Leaks University of Duisburg-Essen’s Data

Saga UK Suffers ‘Unusual Breach’ Where Customers Have Credit Card Data Leaked

Datadog Rotates RPM Signing Key Exposed in CircleCI Hack

Raccoon and Vidar Stealers Spreading via Massive Network of Fake Cracked Software

Malicious ‘Lolip0p’ PyPi Packages Install Info-Stealing Malware

Researchers to Release PoC Exploit for Critical Zoho RCE Bug, Patch Now

MSI Accidentally Breaks Secure Boot for Hundreds of Motherboards


Pro-Russian Hacktivist Group Targets Czech Presidential Election

Russian Hackers Try to Bypass ChatGPT’s Restrictions For Malicious Purposes

NSA Director Asks Congress to Let It Get On With That Warrantless Data Harvesting Without Lapse

Russians Say They Can Grab Software From Intel Again

How to Use Your Phone to Find Hidden Cameras

The Biggest Risks of Using Bluetooth Trackers Like Apple AirTag, Tile

The Big Risk in the Most-Popular, and Aging, Big Tech Default Email Programs

In the Fight Against Scams, ‘Cyber Ambassadors’ Enter the Chat

Brave Browser’s New Snowflake Feature Help Bypass Tor Blocks

Economic Uncertainty Weighs on Cyber Chiefs

TikTok Slapped With $5.4 Million Fine Over Cookie Opt-Out Feature
NortonLifeLock Warns That Hackers Breached Password Manager Accounts

Liquor Control Board of Ontario Site Hacked to Steal Credit Cards

Dozens of Clerk of Court Offices in Louisiana Offline Following Cyber Attack

Malware Attack on CircleCI Engineer’s Laptop Leads to Recent Security Incident

Tainted VPNs Being Used to Spread EyeSpy Surveillanceware

Hacker Group Discloses Ability to Encrypt an RTU Device Using Ransomware, Industry Reacts

PoC Exploits Released for Critical Bugs in Popular WordPress Plugins

Hackers Exploit Control Web Panel Flaw to Open Reverse Shells

Cacti Servers Under Attack as Majority Fail to Patch Critical Vulnerability

Ransomware Has Now Become a Problem for Everyone, and Not Just Tech