12/1-3/2023

Meta Will Enforce Ban on AI-Powered Political Ads in Every Nation, No Exceptions

French Government Recommends Against Using Foreign Chat Apps

NCSC Urges UK Water Companies to Secure Control Systems

U.S. Health Dept Urges Hospitals to Patch Critical Citrix Bleed Bug

Chinese Hackers Using SugarGh0st RAT to Target South Korea and Uzbekistan

Agent Racoon Backdoor Targets Organizations in Middle East, Africa, and U.S.

How to Not Get Hacked by a QR Code

Russian Hacker Vladimir Dunaev Convicted for Creating TrickBot Malware

Google Chrome’s New Cache Change Could Boost Performance
Scores of U.S. Credit Unions Offline After Ransomware Infects Backend Cloud Outfit

23andMe Says Hackers Accessed ‘Significant Number’ of Files About Users’ Ancestry

Blue Shield of California Members’ Data Stolen — ‘A Gold Mine for Thieves’

New Proxy Malware Targets Mac Users Through Pirated Software

UEFI Flaws Allow Bootkits to Pwn Potentially Hundreds of Devices Using Images

Over 20,000 Vulnerable Microsoft Exchange Servers Exposed to Attacks

Linux Version of Qilin Ransomware Focuses on VMware ESXi

VMware Fixes Critical Cloud Director Auth Bypass Unpatched for 2 Weeks

11/30/2023

NATO Holds Cyber Defense Exercise as Wartime Hacking Threats Rise

U.S., Partners Target North Korea (and Kimsuky) With Sanctions Following Satellite Launch

North Korean Hackers Amass $3bn in Cryptocurrency Heists

Bad Password May Have Led to Pennsylvania Water System Hack

Google Unveils RETVec – Gmail’s New Defense Against Spam and Malicious Emails

WhatsApp’s New Secret Code feature Hides Your Locked Chats

8 Tips on Leveraging AI Tools Without Compromising Security

Fewer Cybersecurity Professionals Losing Their Jobs in Breach ‘Blame’ Game

Law Firms & Legal Departments Singled Out for Cyberattacks
Capital Health Hospitals Hit by Cyberattack Causing IT Outages

Staples Confirms Cyberattack Behind Service Outages, Delivery Issues

Booking.com Hackers Increase Attacks on Customers

Forward Bank (WI) Notifies 46,019 Customers of Recent Data Breach

FjordPhantom Android Malware Targets Banks With Virtualization

CACTUS Ransomware Exploits Cloud Analytics Qlik Sense Vulnerabilities in Targeted Attacks

RedLine Stealer Malware Deployed Via ScrubCrypt Evasion Tool

Zyxel Warns of Multiple Critical Vulnerabilities in NAS Devices

Google Fixes a Seventh Zero-Day Flaw in Chrome—Update Now

Apple Fixes Two New iOS Zero-Days in Emergency Updates

11/29/2023

Hackers Breach U.S. Water Facility via Exposed Unitronics PLCs

Cybersecurity Agency Warns That Water Utilities Are Vulnerable to Hackers After Pennsylvania Attack

U.S. Dept of Treasury Seizes Sinbad Cryptocurrency Mixer Used by North Korean Lazarus Hackers

Google Researchers’ Attack Prompts ChatGPT to Reveal Its Training Data

How to Find Your Forgotten Gmail Accounts

Keeping Children Safe in a Rapidly Changing Digital Landscape

SIM Swapper Gets 8 Years in Prison for Account Hacks, Crypto Theft

How a Teenage Saudi Hacker Went From Lockpicking to Ransomware
Krebs: Okta Breach Affected All Customer Support Users

Okta Hack Update Shows Challenges in Rapid Cyber Disclosures

Japanese Space Agency JAXA Hacked in Summer Cyberattack

Dollar Tree Hit by Third Party Data Breach at Zeroed-In Technologies Impacting 2 Million People

Hendersonville (NC) Targeted in Cyber Attack, Employee Data Potentially Compromised

Black Basta Ransomware Made Over $100 Million From Extortion

DJVU Ransomware’s Latest Variant ‘Xaro’ Disguised as Cracked Software

GoTitan Botnet and PrCtrl RAT Exploit Apache Vulnerability

11/28/2023

Ransomware Hackers ‘Wreaking Havoc’ Arrested in Ukraine

‘Kingpin Arrests’

N. Korean Hackers ‘Mixing’ macOS Malware Tactics to Evade Detection

Americans Receive Two Billion Spam Calls Per Month

How Hackers Phish for Your Users’ Credentials and Sell Them

AI Tools Such as ChatGPT Are Generating a Mammoth Increase in Malicious Phishing Emails

Cybercriminals Hesitant About Using Generative AI

Deepfake Digital Identity Fraud Surges Tenfold, Sumsub Report Finds

Krebs: ID Theft Service Resold Access to USInfoSearch Data

Reminder: Google Is About to Start Purging Inactive Accounts

The Hundred-Year Battle for India’s Radio Airwaves

India’s CERT Given Exemption From Right to Information Requests

Splunk Beats Quarterly Revenue Estimates on Robust Cybersecurity Demand

Former Uber CISO Speaks Out, After 6 Years, on Data Breach, SolarWinds
Municipal Water Authority of Aliquippa (PA) Victim of Cyberattack

Federal Officials Investigating Pro-Iran Group

Undetected Android Trojan Expands Attack on Iranian Banks

DP World Confirms Data Stolen in Cyberattack, No Ransomware Used

Qilin Ransomware Claims Attack on Automotive Giant Yanfeng

Egyptian E-Payment Vendor Fawry Recovering From LockBit Ransomware Attack

Proliance Surgeons (WA) Announces Cyber Attack Resulting in Data Breach

Gloucester City Council Spent £1.1 Million Recovering From Ransomware Attack

New BLUFFS Attack Lets Attackers Hijack Bluetooth Connections

Hackers Start Exploiting Critical ownCloud Flaw, Patch Now

Design Flaw in Google Workspace Could Let Attackers Gain Unauthorized Access

Google Chrome Emergency Update Fixes 6th Zero-Day Exploited in 2023

11/27/2023

Hackers Targeting Israeli Businesses Say They Will Pause as Fighting Stops

Ukraine Says It Hacked Russian Aviation Agency, Leaks Data

Leader of Pro-Russia DDoS Crew Killnet ‘Unmasked’ by Russian State Media

Beijing Fosters Foreign Influencers to Spread Its Propaganda

General Electric, DARPA Hack Claims Raise National Security Concerns

A Controversial U.S. Surveillance Program May Get Slipped Into a ‘Must-Pass’ Defense Bill

U.S., Britain, Other Countries Ink Agreement to Make AI ‘Secure by Design’

AI Threat Demands New Approach to Security Designs -U.S. Official

OpenAI’s Board Might Have Been Dysfunctional–but They Made the Right Choice; In the Battle Between AI profits and Ethics, It’s No Contest

The Decision to Restore Altman and Appoint a New Board of Directors Is a Victory for Both OpenAI and Microsoft

Cyber Insurers Warn Catastrophic Hacks Will Require Government Help

What a Failed Attack Against ColdFusion Revealed About Ransomware Tools and Tactics
Ardent Hospital ERs Disrupted in 6 States After Ransomware Attack

Meow Ransomware hits Vanderbilt University Medical Center

Healthcare Giant Henry Schein Hit Twice by BlackCat Ransomware

Slovenia’s Largest Power Provider HSE Hit by Ransomware Attack

Clear Spring Life and Annuity Company (IN) Announces Data Breach Following Ransomware Attack

Ransomware ‘Catastrophe’ at Fidelity National Financial Causes Panic With Homeowners and Buyers

Ransomware Attack on Indie Game Maker Gellyberry Studios Wiped All ‘Ethyrial: Echoes of Yore’ MMORPG Player Accounts

British Library Hack: Customer Data Offered for Sale on Dark Web

Some Lee County (FL) Student Laptops Reportedly Hacked

‘Prank’

Microsoft Deprecates Defender Application Guard for Office

The Power of Storytelling in Cybersecurity Training

11/24-26/2023

Hamas-Linked Cyberattacks Using Rust-Powered SysJoker Backdoor Against Israel

New ‘HrServ.dll’ Web Shell Detected in APT Attack Targeting Afghan Government

East Texas Hospital Network Can’t Receive Ambulances Because of Potential Cybersecurity Incident

Cybercriminals Using Telekopye Telegram Bot to Craft Phishing Scams on a Grand Scale

Gmail Hackers Leave Vital Clues Behind—Check These 3 Things Now

Facebook vs. The Free Press
CTS Cyber-Attack Disrupts UK Property Deals

General Electric Investigates Claims of Cyber Attack, Data Theft

Gulf Air Exposed to Data Breach, ‘Vital Operations Not Affected’

Kubernetes Secrets of Fortune 500 Companies Exposed in Configuration Upload to Public Repositories

Critical Bug in ownCloud File Sharing App Exposes Admin Passwords

OpenCart Owner Turns Air Blue After Researcher Discloses Serious Vuln

11/23/2023

EU Mulls Wider Scope for Cybersecurity Certification Scheme

Industry Piles in on North Korea for Sustained Rampage on Software Supply Chains

Rug Pull Schemes: Crypto Investor Losses Near $1M

OpenAI Researchers Warned Board of AI Breakthrough Ahead of CEO Ouster

Nvidia Sued After Video Call Mistake Showed ‘Stolen’ Data

Cyber Security Professionals Are Exhausted, and It’s Putting Firms at Greater Risk of Attack
$115 Million Stolen From Two Crypto Firms Linked to Justin Sun After Hack

BlackCat Claims It Is Behind Fidelity National Financial Ransomware Shakedown

New Relic Warns Customers It’s Experienced a Cyber … Something

Nassau Bay (TX) Attacked by Akira Ransomware Gang

Alert: New WailingCrab Malware Loader Spreading via Shipping-Themed Emails

InfectedSlurs Botnet Resurrects Mirai With Zero-Days

11/22/2023

Australia Beefs up Cyber Defences After Major Breaches

Microsoft: Lazarus Hackers Breach CyberLink in Supply Chain Attack

New Flaws in Fingerprint Sensors Let Attackers Bypass Windows Hello Login

Scattered Spider Hops Nimbly From Cloud to On-Prem in Complex Attack

OpenAI Says Sam Altman to Return as CEO

Behind the Scenes of Sam Altman’s Showdown at OpenAI

Ilya Sutskever: The OpenAI Genius Who Told Sam Altman He Was Fired

3 Ways to Stop Unauthorized Code From Running in Your Network

U.S. Cybercops Take On ‘Pig Butchering’ Org, Return $9M in Scammed Crypto
Open-Source Blender Project Battling DDoS Attacks Since Saturday

Welltok Data Breach Exposes Data of 8.5 Million U.S. Patients

Cyberattackers Leaked Data of 27,000 NYC Bar Association Members

Kansas Courts Confirm Data Theft, Ransom Demand After Cyberattack

HTX Exchange Loses $13.6m in Hot Wallet Hack

Retool Data Breach Affects MG Stover and Multiple Investment Funds

ClearFake Campaign Expands to Target Mac Systems with Atomic Stealer

New Botnet Malware Exploits Two Zero-Days to Infect NVRs and Routers

11/21/2023

U.S. Cybersecurity Lab Suffers Major Data Breach

SiegedSec

Bahrain Government Websites Briefly Inaccessible After Cyberattack Over Israel-Hamas War

Mustang Panda Hackers Targets Philippines Government Amid South China Sea Tensions

Konni Campaign Deploys Advanced RAT With UAC Bypass Capabilities

North Koreans Use Fake Names, Scripts to Land Remote IT Work for Cash

Majority in New Survey Worried About Being Tricked by Scammer

How Multi-Stage Phishing Attacks Exploit QRs, CAPTCHAs, and Steganography

DOJ Charges Binance With Vast Money-Laundering Scheme and Sanctions Violations

Ex-CEO of NSO Group Raises $33.6 Million for Israeli Cyber Startup

Tor Project Removes Relays Because of For-Profit, Risky Activity
Sumo Logic Wrestles With Security Breach, Pins Down Customer Data

Auto Parts Giant AutoZone Warns of MOVEit Data Breach

Owens Group Hit by Ransomware Cyber Attack

Prestige Care Data Breach Affects an Unknown Number of Residents and Employees

New Agent Tesla Malware Variant Using ZPAQ Compression in Email Attacks

Lumma Malware Can Allegedly Restore Expired Google Auth Cookies

Play Ransomware Goes Commercial – Now Offered as a Service to Cybercriminals

Citrix Warns Admins to Kill NetScaler User Sessions to Block Hackers

CISA Orders Federal Agencies to Patch Looney Tunables Linux Bug

Microsoft Launches Defender Bounty Program With $20,000 Rewards

11/20/2023

Indian Hack-for-Hire Group Targeted U.S., China, and More for Over 10 Years

Gamaredon’s LittleDrifter USB malware spreads beyond Ukraine

Secretive White House Surveillance Program Gives Cops Access to Trillions of U.S. Phone Records

CISA Unveils Healthcare Cybersecurity Guide

NHS Secretary Fined For Accessing Scores of Patient Records

Canadian Government Discloses Data Breach After Contractor Hacks

Cybersecurity Firm Executive Pleads Guilty to Hacking Hospitals

Sam Altman to Join Microsoft Following OpenAI Ouster

More Than 700 of 770 OpenAI Employees Employees Threaten to Quit Unless Board Resigns

Ukraine Sacks Top Cybersecurity Officials in Corruption Probe Involving Software Purchases
MOVEit Victim Count Latest: 2.6K+ Orgs Hit, 77M+ People’s Data Stolen

Greater Paris Wastewater Agency Dealing With Cyberattack

Rhysida Ransomware Gang Claims British Library Cyberattack

NetSupport RAT Infections on the Rise – Targeting Government and Business Sectors

DarkGate and PikaBot Malware Resurrect QakBot’s Tactics in New Phishing Attacks

Infostealer Lumma Evolves With New Anti-Sandbox Method

VX-Underground Malware Collective Framed by Phobos Ransomware

Kinsing Malware Exploits Apache ActiveMQ RCE to Plant Rootkits

How the Evolving Role of the CISO Impacts Cybersecurity Startups

11/17-19/2023

Black Friday: Scammers Exploit Luxury Brands to Lure Victims

FCC Adopts New Rules to Protect Consumers From SIM-Swapping Attacks

FCC Proposes 3-Year Cybersecurity Pilot for Schools, Libraries

Russian Cyber Espionage Group Deploys LitterDrifter USB Worm in Targeted Attacks

Russian Hackers Use Ngrok Feature and WinRAR Exploit to Attack Embassies

Google: Hackers Exploited Zimbra Zero-Day in Attacks on Gov’t Orgs

A Spy Agency Leaked People’s Data Online—Then the Data Was Stolen

LockBit Gang Says ICBC Paid Ransom Over Hack That Disrupted U.S. Treasury Market

How a Hack Shook Wall Street’s Multitrillion-Dollar Foundations

Ransomware Targets Will Pay One Way or Another

Companies Are Building Their Defenses Against AI Hackers, Says TrustedSec’s David Kennedy

OpenAI Ousted CEO Sam Altman, but Is Reportedly Reconsidering the Move

How an Indian Startup Hacked the World

The Cybersecurity Lawsuit That Boards Are Talking About
Multiple Colleges, K-12 Schools Facing Outages After Cyberattacks

‘Sex Life Data’ Stolen From UK Government Among Record Number of Ransomware Attacks

Yamaha Motor Confirms Ransomware Attack on Philippines Subsidiary

British Library: Ongoing Outage Caused by Ransomware Attack

Stanley Steemer Hack Breached Data of Almost 67K Customers

Mt. Graham Regional Medical Center (AZ) Confirms Data Breach from Ransomware Attack

Bloomberg Crypto X Account Snafu Leads to Discord Phishing Attack

8Base Group Deploying New Phobos Ransomware Variant via SmokeLoader

Beware: Malicious Google Ads Trick WinSCP Users into Installing Malware

Exploit for CrushFTP RCE Chain Released, Patch Now

CISA Warns of Actively Exploited Windows, Sophos, and Oracle Bugs

Researchers Extract RSA Keys From SSH Server Signing Errors

Hands Off the Security Budget! Find Efficiencies to Reduce Risk

Cybersecurity: It’s Not A Job—It’s A Mission

11/16/2023

Russian Hackers Linked to ‘Largest Ever Cyber Attack’ on Danish Critical Infrastructure

FBI Warns on Scattered Spider Hackers, Urges Victims to Come Forward

U.S. Congress Report Calls for Privacy Reforms After FBI Surveillance ‘Abuses’

Krebs: Alleged Extortioner of Psychotherapy Patients Faces Trial

Cyber-Criminals Exploit Gaza Crisis With Fake Charity

Most Overused Passwords in the World — Make Sure Yours Isn’t on the List

3 Ways Behavioral Economics Obstructs Cybersecurity

How to Opt Out of Facebook’s Latest Two-Factor Authentication Change

Running Signal Will Soon Cost $50 Million a Year

AI Risks Force Corporate Privacy Officers to Expand Oversight

European Police Take Down $9m Vishing Gang

BlackCat Ransomware Group Reports Victim to SEC

MeridianLink Confirms Cyberattack
Toyota Confirms Breach After Medusa Ransomware Threatens to Leak Data

Long Beach, California Turns off IT Systems After Cyberattack

St. Lucie County (FL) Tax Collector Hacked by Ransomware Attacker ‘Dark Cat’

Rivers Casino (IL) Customers, Employees Targeted by Data Breach

MySQL Servers Targeted by ‘Ddostf’ DDoS-as-a-Service Botnet

Experts Uncover DarkCasino: New Emerging APT Threat Exploiting WinRAR Flaw

Hackers Could Exploit Google Workspace and Cloud Platform for Ransomware Attacks

Zero-Day Flaw in Zimbra Email Software Exploited by Four Hacker Groups

Fortinet Warns of Critical Command Injection Bug in FortiSIEM

Consumer Software Security Assessment: Should We Follow NHTSA’s Lead?

CSA Launches First Zero Trust Certification

Almost Half of Ransomware Groups Operating in 2023 Are New

11/15/2023

Australia Says Hacks Surging, State-Sponsored Groups Targeting Critical Infrastructure

European Firms Urge China to Give More Clarity on Data Transfer Laws

U.S. Cloud Providers Create Special Localized Security Services for Europe

U.S. Government Unveils First AI Roadmap For Cybersecurity

Cyber Experts Worry AI Could Create a World of Haves and Have-Nots

Social Media Sleuths, Armed With AI, Are Identifying Dead Bodies

Google’s New Titan Security Keys Are Ready for a World Without Passwords

Microsoft Debuts New Unified Security Solution With Security Copilot

FBI Director: FISA Section 702 Warrant Requirement a ‘De Facto Ban’
Samsung Hit by New Data Breach Impacting UK Store Customers

Perry Johnson & Associates (PJ&A) Says Cyberattack Exposed Data of Nearly 9 Million Patients

Toronto Public Library Confirms Data Stolen in Ransomware Attack

Major Canadian Fintech Moneris Claimed by Medusa Ransomware

BlackCat Ransomware Gang Targets Businesses Via Google Ads

FBI and CISA Warn of Opportunistic Rhysida Ransomware Attacks

Fraudsters Make $50,000 a Day by Spoofing Crypto Researchers

New PoC Exploit for Apache ActiveMQ Flaw Could Let Attackers Fly Under the Radar

Krebs: Microsoft Patch Tuesday, November 2023 Edition

Teenager Who Allegedly Bragged ‘Fraud Is Fun’ Pleads Guilty To Sports Betting Hack

11/14/2023

Biden Meets With Indonesia President Ahead of Xi Summit

The Top U.S. Cybersecurity Agency Has a New Plan for Weaponized AI

FBI Struggled to Disrupt Dangerous Casino Hacking Gang, Cyber Responders Say

Ransomware Royale: U.S. Confirms Royal, BlackSuit Are Linked

Here’s the Proof There’s No Government Alien Conspiracy Around Roswell

Russia Man Arrested in Florida Pleads Guilty to Building Now-Dismantled IPStorm Proxy Botnet

Teens With “Digital Bazookas” Are Winning the Ransomware War, Researcher Laments

LockBit Ransomware Exploits Citrix Bleed in Attacks, 10K Servers Exposed

Did LockBit Ransomware Mess up by Attacking U.S. Arm of China’s Biggest Bank?
New Campaign Targets Middle East Governments with IronWind Malware

Vietnamese Ducktail Hackers Using New Delphi-Powered Malware to Target Indian Marketers

B2B Pharmacy Provider Truepill Reports Data Breach Impacting 2.3 Million Customers

Cyberattack on Bladen County (NC) Allowed Hackers to Access Data

WP Fastest Cache Plugin Bug Exposes 600K WordPress Sites to Attacks

VMware Discloses Critical VCD Appliance Auth Bypass with No Patch

CacheWarp Attack: New Vulnerability in AMD SEV Exposes Encrypted VMs

Intel Out-Of-Band Patch Addresses Privilege Escalation Flaw

Microsoft Fixes Critical Azure CLI Flaw That Leaked Credentials in Logs

11/13/2023

EU Formalizes Cybersecurity Support For Ukraine

LockBit Gang Says ICBC Paid Ransom Over Hack That Disrupted U.S. Treasury Market

Chinese Hackers Launch Covert Espionage Attacks on 24 Cambodian Organizations

China Proposes Cybersecurity Check for Auditors if National Security Involved

Zelle Banks Have Been Paying Back Scam Victims After Government Pressure

In a First, Cryptographic Keys Protecting SSH Connections Stolen in New Attack

Inside Denmark’s Hell Week as Critical Infrastructure Orgs Faced Cyberattacks

U.S. Privacy Groups Urge Senate Not to Ram Through NSA Spying Powers

New York Plans Cyber Rules for Hospitals
New BiBi-Windows Wiper Targets Windows Systems in Pro-Hamas Attacks

Australia Ports Operator Back Online After Cyber Incident

Canadian Banking Tech Giant Moneris Says It Prevented Ransomware Attack

Automotive Supplier Yanfeng Hit by Cyberattack, Disrupting Stellantis Production

Huber Heights (OH) Hit by Ransomware Cyber Attack

Python Malware Poses DDoS Threat Via Docker API Misconfiguration

FBI: Royal Ransomware Asked 350 Victims to Pay $275 Million

Ethereum Feature Abused to Steal $60 Million From 99K Victims

CISA Warns of Actively Exploited Juniper Pre-Auth RCE Exploit Chain

Introducing the Tech That Keeps the Lights On

11/10-12/2023

Australia Ports Operator DP World Australia Suffers ‘Cybersecurity Incident’, Suspends Operations

Australia Says Ports Operator Cyber Incident ‘Serious’

ICBC Puts Capital Into U.S. Unit, Seeks Cyber Review After Hack

The NSA Seems Pretty Stressed About the Threat of Chinese Hackers in U.S. Critical Infrastructure

Senate Leaders Plan to Prolong NSA Surveillance Using a Must-Pass Bill

Microsoft Warns of Sapphire Sleet’s Fake Skills Assessment Portals Targeting IT Job Seekers

Microsoft: BlueNoroff Hackers Plan New Crypto-Theft Attacks

Krebs: It’s Still Easy for Anyone to Become You at Experian

Strangely Enough, No One Wants to Buy a Ransomware Group That Has Cops’ Attention

Police Takes Down BulletProftLink Large-Scale Phishing Provider
Iran-Linked Imperial Kitten Cyber Group Targeting Middle East’s Tech Sectors

Impatient LockBit Says It’s Leaked 50GB of Stolen Boeing Files After Ransom Fails to Land

Poloniex Crypto-Exchange Offers 5% Cut to Thieves if They Return That $120M They Nicked

McLaren Health Care Says Data Breach Impacted 2.2 Million People

Millions of Northwell Health Patients Potentially Caught in Perry Johnson & Associates Data Breach

York Region School Board (ON) Dealing With a Cyber Attack

Hackers Breach Healthcare Orgs via ScreenConnect Remote Access

Alert: ‘Effluence’ Backdoor Persists Despite Patching Atlassian Confluence Servers

Microsoft Extends Windows Server 2012 ESUs to October 2026

Navigating Tech Risks in Modern M&A Waters

11/9/2023

Ransomware Attack on China’s ICBC Disrupts Treasury Market Trades

LockBit

MuddyC2Go: New C2 Framework Iranian Hackers Using Against Israel

Sandworm Hackers Caused Another Blackout in Ukraine—During a Missile Strike

Signature Techniques of Asian APT Groups Revealed

Generative AI Will Level up Cyber Attacks, According to New Google Report

OpenAI Reveals ChatGPT Is Being DDoS-ed

Signal Tests Usernames So You Can Avoid Sharing Your Phone Number

Omegle Is Shutting Down Notorious Video Chat Service as Scrutiny Grows

SolarWinds Denies SEC Charges Over Cyber Disclosures

Downfall Fallout: Intel Knew AVX Chips Were Insecure and Did Nothing, Lawsuit Claims
Kyocera AVX Says Ransomware Attack Impacted 39,000 Individuals

Mr. Cooper Says Customer Data Exposed During Cyberattack

Maine Government Says MOVEit Data Breach Affects 1.3 Million Residents

Law Firm Allen & Overy Hit by ‘Data Incident’

Suspected Ransomware Attack Hits Scottish Council

Tri-City Medical Center in Oceanside (CA) Hit by Cybersecurity Attack

Harris County (TX) Public Mental Health Provider Recovering From Apparent Cyber Attack

New Kamran Spyware Targets Urdu-Speaking Users in Pakistan

New Malvertising Campaign Uses Fake Windows News Portal to Distribute Malicious Installers

CISA Alerts: High-Severity SLP Vulnerability Now Under Active Exploitation

Zero-Day Alert: Lace Tempest Exploits SysAid IT Support Software Vulnerability

11/8/2023

Microsoft Warns of Election Threats in 2024

Meta Says It Will Label Political Ads That Use AI-Generated Imagery

U.S. Urges Critical Infrastructure Firms to Get “Shields Ready”

FBI Warns of Emerging Ransomware Initial Access Techniques

Predator AI ChatGPT Integration Poses Risk to Cloud Services

WhatsApp Can Now Hide Your IP Address During Calls for Added Security

Fortinet, Rivals Fall on Concerns Around Cybersecurity Spending

Microsoft Drops SMB1 Firewall Rules in New Windows 11 Build
Russian State-Owned Sberbank Hit by 1 Million RPS DDoS Attack

Popular Lego Marketplace BrickLink Went Offline After a ‘Ransom’ Demand

Sumo Logic Discloses Security Breach, Advises API Key Resets

AvidXchange Reports Data Breach After Unauthorized Access

Researchers Uncover Undetectable Crypto Mining Technique on Azure Automation

Ransomware Mastermind Uncovered After Oversharing on Dark Web

Threat Actor Farnetwork Linked to Five Ransomware Schemes

Beware, Developers: BlazeStealer Malware Discovered in Python Packages on PyPI

11/7/2023

North Korea’s New BlueNoroff Malware Variant Targets Cryptocurrency Exchanges

SideCopy Exploiting WinRAR Flaw in Attacks Targeting Indian Government Entities

A New U.S. Privacy Bill Seeks to End Warrantless Police and FBI Spying

Data Broker’s “Staggering” Sale of Sensitive Info Exposed in Unsealed FTC Filing

Google, Meta, Discord, and More Team Up to Fight Child Abuse Online

Woman Jailed After rentahitman.com Assassin Turned Out to Be – Surprise – FBI

Bradford Ethical Hacker Honoured With Record-Breaking Work

Microsoft Authenticator Now Blocks Suspicious MFA Alerts by Default
Japan Aviation Electronics (JAE) Breached By ALPHV

Cook County (IL) Health: Data Breach Potentially Affected up to 1.2 Million Patients

Data Breach at Singapore’s Marina Bay Sands Affects 665,000 Customers

TransForm Says Ransomware Data Breach Affects 267,000 Patients

Dakota Eye Institute Files Notice of Data Breach Affecting More Than 107k

Pulaski County (VA) Public Schools Investigating Cyber Attack

Fake Ledger Live App in Microsoft Store Steals $768,000 in Crypto

GootBot Implant Heightens Risk of Post-Infection Ransomware

11/6/2023

Iranian Hackers Launches Destructive Cyberattacks on Israeli Tech and Education Sectors

U.S. Slaps Sanctions on Accused Fave Go-to Money Launderer of Russia’s Rich and Ryuk Ransomware

U.S., Japan and South Korea Unite to Counter North Korean Cyber Activities

U.S. Law Firms Rethink China Future Amid Economic Woes, Data Crackdown

Siemens, Ericsson Warn EU Cybersecurity Rules May Disrupt Supply Chains

How Will the SEC’s Pursuit of SolarWinds Affect Cyber Chiefs? Readers Weigh In

Google Warns How Hackers Could Abuse Calendar Service as a Covert C2 Channel

Krebs: Who’s Behind the SWAT USA Reshipping Service?

AI Fake Nudes Are Booming. It’s Ruining Real Teens’ Lives.

Meet Your New Cybersecurity Auditor: Your Insurer
DDoS Attack Revealed as Cause of Online Service Outage at Public Healthcare Institutions

Spy Trojan SpyNote Unveiled in Attacks on Gamers

SecuriDropper: New Android Dropper-as-a-Service Bypasses Google’s Defenses

New Jupyter Infostealer Version Emerges with Sophisticated Stealth Tactics

Critical Atlassian Confluence Bug Exploited in Cerber Ransomware Attacks

TellYouThePass Ransomware Joins Apache ActiveMQ RCE Attacks

Hackers Exploit Looney Tunables Linux Bug, Steal Cloud Creds

Veeam Warns of Critical Bugs in Veeam ONE Monitoring Platform

QNAP Releases Patch for 2 Critical Flaws Threatening Your NAS Devices

Microsoft Will Roll Out MFA-Enforcing Policies for Admin Portal Access

11/3-5/2023

Healthcare Data Breaches Impact 88 Million Americans

Discord File Links Will Expire After a Day to Fight Malware

Google Play Store Introduces ‘Independent Security Review’ Badge for Apps

NodeStealer Malware Hijacking Facebook Business Accounts for Malicious Ads

Apple ‘Find My’ Network Can Be Abused to Steal Keylogged Passwords

Flipper Zero: This Tiny Device Is Sending Updated iPhones Into a Never-Ending DoS Loop, Rending Them Useless

Sam Bankman-Fried Is Convicted of Fraud in FTX Collapse

‘Corrupt’ Cop Jailed for Tipping off Pal to EncroChat Dragnet

Dutch Hacker Jailed for Extortion, Selling Stolen Data on RaidForums
American Airlines Pilot Union Hit by Ransomware Attack

Infosys Subsidiary Hit by Cyber Security Attack–Investigation Launched to Identify Overall Impact

Okta’s Recent Customer Support Data Breach Impacted 134 Customers

81K People’s Sensitive Info Feared Stolen From Hilb After Email Inboxes Ransacked

Socks5Systemz Proxy Service Infects 10,000 Systems Worldwide

Kinsing Actors Exploiting Recent Linux Flaw to Breach Cloud Environments

New Microsoft Exchange Zero-Days Allow RCE, Data Theft Attacks

Atlassian Warns of Exploit for Confluence Data Wiping Bug, Get Patching

11/2/2023

Krebs: Russian Reshipping Service ‘SWAT USA Drop’ Exposed

Israeli Entities Under Attack By MuddyWater’s Advanced Tactics

Russia’s Wagner Group Plans to Send Air Defenses to Hezbollah, U.S. Says

The UN Hired an AI Company to Untangle the Israeli-Palestinian Crisis

Brave Responds to Bing and ChatGPT With a New ‘Anonymous and Secure’ AI Chatbot

Microsoft Is Overhauling Its Software Security After Major Azure Cloud Attack

What to Know About New Federal and State Cyber Rules

Infosec Pros Can Secure IT, but Have Harder Time Securing Job Satisfaction

Do Government Sanctions Against Ransomware Groups Work?
Cloudflare Dashboard and APIs Down After Data Center Power Outage

Mortgage Giant Mr. Cooper Hit by Cyberattack Impacting IT Systems

Okta Tells 5,000 of Its Own Staff That Their Data Was Accessed in Third-Party Breach

Ace Hardware Says 1,202 Devices Were Hit During Cyberattack

Boeing Acknowledges Cyberattack on Parts and Distribution Biz

Confidential Student Data Exposed in Fairfax County Public Schools Breach

BlackCat Ransomware Claims Breach of Healthcare Giant Henry Schein

HelloKitty Ransomware Group Exploiting Apache ActiveMQ Vulnerability

Spy Module Discovered in WhatsApp Mods

11/1/2023

North Korean Hackers Target macOS Crypto Engineers With Kandykorn

Palo Alto Reveals New Features in Russian APT Turla’s Kazuar Backdoor

Mysterious Kill Switch Shuts Down Mozi IoT Botnet

FSB Arrests Russian Hackers Working for Ukrainian Cyber Forces

Feds Collar Suspected Sanctions-Busting Russian Smugglers of U.S. Tech

New York Adds Stiffer Requirements to Cybersecurity Rules

Clorox Bets on Strong Inventory to Help Overcome Cyber Attack Hitting Operations

Splunk to Lay Off Nearly 7% Of Its Workforce Amid Economic Woes

Chainguard, an Open-Source Security Firm, Raises $61 Million

3 Ways to Close the Cybersecurity Skills Gap — Now
Hackers Use Citrix Bleed Flaw in Attacks on Gov’t Networks Worldwide

Iranian Cyber Espionage Group Targets Financial and Government Sectors in Middle East

Mexico’s Querétaro Intercontinental Airport Confirms Cyberattack

Toronto Public Library Outages Caused by Black Basta Ransomware Attack

Data Breach Reported at Meals on Wheels Central Texas

Postmeds Data Breach Impacts Hundreds of Thousands of Consumers Nationwide

Authorities Confirm Town of Iowa (LA) Target of Cyberattack

Alert: F5 Warns of Active Attacks Exploiting BIG-IP Vulnerability

3,000 Apache ActiveMQ Servers Vulnerable to RCE Attacks Exposed Online

New CVSS 4.0 Vulnerability Severity Rating Standard Released

10/31/2023

Canada Bans WeChat and Kaspersky Apps On Government Devices

Meta Launches Paid Ad-Free Subscription in Europe to Satisfy Privacy Laws

White House Hosts Counter Ransomware Initiative Summit, With a Focus on Not Paying Hackers

Dozens of Countries Will Pledge to Stop Paying Ransomware Gangs

Why Ransomware Victims Can’t Stop Paying off Hackers

Apple Alert: India Opposition Says Government Tried to Hack Phones

In Cyberattacks, Iran Shows Signs of Improved Hacking Capabilities

Krebs: .US Harbors Prolific Malicious Link Shortening Service

LastPass Breach Linked to Theft of $4.4 Million in Crypto

Cyber Chiefs Worry About Personal Liability as SEC Sues SolarWinds, Executive

Budget Cuts, Layoffs Add to Pressure on Cyber Teams

Half of Execs Request Security Bypass Over Past Year

Florida Man Jailed After Draining $1M From Victims in Crypto SIM Swap Attacks

Now Russians Accused of Pwning JFK Taxi System to Sell Top Spots to Cabbies
Ace Holed: Hardware Store Empire Felled by Cyberattack

Cybersecurity Snafu Sends British Library Back to the Dark Ages

SW Ontario Hospitals Confirm Patient Data Compromised in Cyberattack

Flipper Zero Bluetooth Spam Attacks Ported to New Android App

Scarred Manticore Targets Middle East With Advanced Malware

Arid Viper Campaign Targets Arabic-Speaking Users

Trojanized PyCharm Software Version Delivered via Google Search Ads

Malicious NuGet Packages Caught Distributing SeroXen RAT Malware

Exploit Released for Critical Cisco IOS XE Flaw, Many Hosts Still hacked

Atlassian Warns of New Critical Confluence Vulnerability Threatening Data Loss

Apple, Google, and Microsoft Just Patched Some Spooky Security Flaws

Avast Confirms It Tagged Google App as Malware on Android Phones

Samsung Galaxy Gets New Auto Blocker Anti-malware Feature

10/30/2023

BiBi-Linux: Pro-Hamas Hacktivists Targeting Israeli Entities with Wiper Malware

Huawei, Vivo Phones Tag Google App as TrojanSMS-PA Malware

China Plans to Take ‘Hack-Proof’ Quantum Satellite Technology to New Heights

Biden Issues Executive Order on Safe, Secure AI

FTC Orders Non-Bank Financial Firms to Report Breaches in 30 Days

Hackers Accessed 632,000 Email Addresses at U.S. Justice, Defense Departments

Budget Cuts at CISA Could Affect Enterprise Cybersecurity

U.S. SEC Sues SolarWinds, Top Cyber Executive for Fraud

Google Chrome Now Auto-Upgrades to Secure Connections for All Users
Toronto Public Library Services Down Following Weekend Cyberattack

Dallas County (TX) Investigating ‘Cybersecurity Incident’ Months After City Ransomware Attack

Six Rivers Media (TN) Hit by Cyber-Attack Over the Weekend

New Hunters International Ransomware Possible Rebrand of Hive

Hackers Using MSIX App Packages to Infect Windows PCs with GHOSTPULSE Malware

EleKtra-Leak Cryptojacking Attacks Exploit AWS IAM Credentials Exposed on GitHub

Urgent: New Security Flaws Discovered in NGINX Ingress Controller for Kubernetes

RCE Exploit for Wyze Cam v3 Publicly Released, Patch Now

Google Promises a Rescue Patch for Android 14’s “Ransomware” Bug

10/27-29/2023

N. Korean Lazarus Group Targets Software Vendor Using Known Flaws

Ukrainian Hackers Disrupt Internet Providers in Russia-Occupied Territories

UK National Cyber Security Centre Rolls Out Protective DNS for Schools

King Charles III Signs off on UK Online Safety Act, With Unenforceable Spying Clause

The Hunt for Crypto’s Most Famous Fugitive. ‘Everyone Is Looking for Me.’

Pirate IPTV Network in Austria Dismantled and $1.74 Million Seized

Google Expands Its Bug Bounty Program to Tackle Artificial Intelligence Threats

What Lurks in the Dark: Taking Aim at Shadow AI
Boeing Assessing Lockbit Hacking Gang Threat of Sensitive Data Leak

Stanford University Investigating Cyberattack After Ransomware Claims

Hackers Email Stolen Clark County School District (NV) Student Data to Parents

Researchers Uncover Wiretapping of XMPP-Based Instant Messaging Service

F5 Issues Warning: BIG-IP Vulnerability Allows Remote Code Execution

Hackers Earn Over $1 Million for 58 Zero-Days at Pwn2Own Toronto

HackerOne Paid Ethical Hackers Over $300 Million in Bug Bounties

Android 14’s User-Profile Data Bug Seems Indistinguishable From Ransomware

10/26/2023

France Says Russian State Hackers Breached Numerous Critical Networks

China Rushes to Swap Western Tech With Domestic Options as U.S. Cracks Down

Iranian Group Tortoiseshell Launches New Wave of IMAPLoader Malware Attacks

YoroTrooper: Researchers Warn of Kazakhstan’s Stealthy Cyber Espionage Group

Humanity Could ‘Lose Control’ of AI, UK PM Warns, as Britain Seeks Leading Role in the Tech

UK Parliament Opens Inquiry into Cyber-Resilience

Oldham Council Facing 10,000 Cyber Attacks a Day, Report Says

Microsoft Warns as Scattered Spider Expands from SIM Swaps to Ransomware

Forget the Outside Hacker, the Bigger Threat Is Inside by the Coffee Machine

Nigerian Police Dismantle Cybercrime Recruitment, Mentoring Hub

Maine Mass Shooting Disinformation Floods Social Media as Suspect Remains at Large
Chilean Telecom Giant GTD Hit by the Rorschach Ransomware Gang

Akumin Files Notice of Data Breach with the Securities and Exchange Commission

Longhorn Imaging Center (TX) Data Breach Affects Patients’ Sensitive Medical Information

StripedFly Malware Framework Infects 1 Million Windows, Linux Hosts

Android Adware Apps on Google Play Amass Two Million Installs

Record-Breaking 100 Million RPS DDoS Attack Exploits HTTP/2 Rapid Reset Flaw

Critical Flaw in NextGen’s Mirth Connect Could Expose Healthcare Data

iLeakage: New Safari Exploit Impacts Apple iPhones and Macs with A and M-Series CPUs

Apple Drops Urgent Patch Against Obtuse TriangleDB iPhone Malware

ServiceNow Quietly Addresses Unauthenticated Data Exposure Flaw From 2015

Samsung Galaxy S23 Hacked Two More Times at Pwn2Own Toronto

10/25/2023

Pro Russia Winter Vivern: Zero-Day XSS Exploit Targets Roundcube Servers

LinkedIn Tests Generative AI to Field Cybersecurity Questions From Employees and Suppliers

Proton’s Password Manager Now Lets You Securely Share Logins

Amazon Launches European ‘Sovereign’ Cloud as EU Data Debate Rages

The AI-Generated Child Abuse Nightmare Is Here

States Sue Meta Alleging Harm to Young People on Instagram, Facebook

Cybersecurity Awareness Doesn’t Cut It; It’s Time to Focus on Behavior

Flipper Zero Can Now Spam Android, Windows Users With Bluetooth Alerts
Seiko “BlackCat” Data Breach: 60,000 Records on the Line

Fellowship Village (NJ) Files Notice of Recent Data Breach with the Federal Government

Malvertising Campaign Targets Brazil’s PIX Payment System with GoPIX Malware

Citrix Bleed Exploit Lets Hackers Hijack NetScaler Accounts

VMware Fixes Critical Code Execution Flaw in vCenter Server

Microsoft Tests Windows 11 Encrypted DNS Server Auto-Discovery

Windows 11 to Let Admins Mandate SMB Encryption for Outbound Connections

Samsung Galaxy S23 Hacked Twice on First Day of Pwn2Own Toronto

10/24/2023

Hackers Backdoor Russian State, Industrial Orgs for Data Theft

Irish Cops Data Debacle Exposes Half a Million Motorist Records

1Password Detects Suspicious Activity Following Okta Support Breach

They Cracked the Code to a Locked USB Drive Worth $235 Million in Bitcoin. Then It Got Weird.

Generative AI Can Save Phishers Two Days of Work

A Powerful Tool U.S. Spies Misused to Stalk Women Faces Its Potential Demise

A Controversial Plan to Scan Private Messages for Child Abuse Meets Fresh Scandal

Automakers and Suppliers Spar Over Car Data

Ex-NSA Employee Pleads Guilty to Leaking Classified Data to Russia

Decentralized Matrix Messaging Network Says It Now Has 115M Users

RTX, the Company Formerly Known as Raytheon, to Sell Its Cybersecurity Business for $1.3B
Cyberattack on Health Services Provider TransForm Impacts 5 Canadian Hospitals

ASVEL Basketball Team Confirms Data Breach After Ransomware Attack

Hopewell Area School District (PA) Targeted by Ransomware Attack

Over 9,500 Bank of Canton Customers May Have Had Personal Information Exposed Due to Fiserv Breach

Ukraine Cyber Officials Warn of a ‘Surge’ in Smokeloader Attacks on Financial, Government Entities

New Grandoreiro Malware Variant Targets Spain

Meet Rhysida, a New Ransomware Strain That Deletes Itself

Backdoor Implant on Hacked Cisco Devices Modified to Evade Detection

iOS Zero-Day Attacks: Experts Uncover Deeper Insights into Operation Triangulation

VMware Warns Admins of Public Exploit for vRealize RCE Flaw

API Security Flaw Impacted Grammarly, Vidio and Bukalapak

10/23/2023

Ukraine Security Services Involved in Hack of Russia’s Largest Private Bank

DC Elections Agency Warns Entire Voting Roll May Have Been Stolen

U.S. Energy Firm Shares How Akira Ransomware Hacked Its Systems

QNAP Takes Down Server Behind Widespread Brute-Force Attacks

Palestine Crypto Donation Scams Emerge Amid Israel-Hamas War

The Hamas Threat of Broadcasting Hostage Execution Videos Looms Large Over Social Media

Krebs: NJ Man Hired Online to Firebomb, Shoot at Homes Gets 13 Years in Prison

Spain Arrests 34 Cybercriminals Who Stole Data of 4 Million People

Okta Cybersecurity Breach Wipes Out More Than $2 Billion in Market Cap

Change From Within: 3 Cybersecurity Transformation Traps for CISOs to Avoid
City of Philadelphia Discloses Data Breach After Five Months

University of Michigan Employee, Student Data Stolen in Cyberattack

Cyber Attacks Hit NY State Casino Operation, Two Hudson Valley Hospitals

Orange County DA’s Office Hit by Computer Breach; Communications System Taken Down

Cadre Services (WI) Targeted in Ransomware Attack; Hackers Leak Stolen Data, Including SSNs

DoNot Team’s New Firebird Backdoor Hits Pakistan and Afghanistan

QuasarRAT Deploys Advanced DLL Side-Loading Technique

Cisco Patches IOS XE Zero-Days Used to Hack Over 50,000 Devices

Citrix Warns Admins to Patch NetScaler CVE-2023-4966 Bug Immediately

Google Chrome’s New “IP Protection” Will Hide Users’ IP Addresses

10/20-22/2023

Krebs: Hackers Stole Access Tokens from Okta’s Support Unit

International Criminal Court Systems Breached for Cyber Espionage

New TetrisPhantom Hackers Steal Data From Secure USB Drives on Gov’t Systems

DarkGate Malware Campaigns Linked to Vietnam-Based Cybercriminals

Irish-Linked Spyware Used in Brazen Attacks

Cyberattacks Intensify on Israeli and Palestinian Human Rights Groups

The Dangerous Mystery of Hamas’ Missing ‘Suicide Drones’

ENISA Warns of Rising AI Manipulation Ahead of Upcoming European Elections

Ragnar Locker Ransomware Developer Arrested in France

20 Years Of Cybersecurity Awareness Month: Leveling Up The Basics

How an Explosion of ‘Smart’ Devices Is Threatening U.S. Households — And National Security

Microsoft Announces Security Copilot Early Access Program
Kwik Trip Finally Confirms Cyberattack Was Behind Ongoing Outage

American Family Insurance Confirms Cyberattack Is Behind IT Outages

PennyMac Files Notice of Data Breach That Leaked Thousands of SSNs

Fake Corsair Job Offers on LinkedIn Push DarkGate Malware

ExelaStealer: A New Low-Cost Cybercrime Weapon Emerges

Cisco Zero-Day Exploited to Implant Malicious Lua Backdoor on Thousands of Devices

Cisco Discloses New IOS XE Zero-Day Exploited to Deploy Malware Implant

Over 40,000 Cisco IOS XE Devices Infected with Backdoor Using Zero-Day

Number of Hacked Cisco IOS XE Devices Plummets From 50K to Hundreds

Critical RCE Flaws Found in SolarWinds Access Audit Solution

10/19/2023

Iran-Linked OilRig Targets Middle East Governments in 8-Month Cyber Campaign

Cyberspace Has No Boundaries — That’s Why Global Cooperation on Security Is Crucial: UK Official

Amazon, Microsoft, and India Crack Down on Tech Support Scams

Republican Congressman Says Labor Crunch Biggest Threat to U.S. Cybersecurity

QR Codes Used in 22% of Phishing Attacks

U.S. Charge Man With Running Stolen Credentials Marketplace

Europol Knocks RagnarLocker Offline in Second Major Ransomware Bust This Year

Valve Enhances Steam Security With SMS Verification
Casio Keyed up After Data Loss Hits Customers in 149 Countries

Data Breach Hits Saint Louis University Students and Employees, School Says

Atlas Healthcare Confirms Recent Data Breach Affecting Residents’ Social Security Numbers

Sophisticated MATA Framework Strikes Eastern European Oil and Gas Companies

Fake KeePass Site Uses Google Ads and Punycode to Push Malware

BlackCat Ransomware Uses New ‘Munchkin’ Linux VM in Stealthy Attacks

Hacker Group GhostSec Unveils New Generation Ransomware Implant

Microsoft Extends Purview Audit Log Retention After July Breach

10/18/2023

Ukraine Says Joint Mission With U.S. Derailed Moscow’s Cyberattacks

Google Links WinRAR Exploitation to Russian, Chinese State Hackers

Critical Citrix NetScaler Flaw Exploited to Target from Government, Tech Firms

Twitter Glitch Allows CIA Informant Channel to Be Hijacked

Federal Cyber Chief Tells Agencies to Tap Brakes on AI

AI Adoption Surges But Security Awareness Lags Behind

Krebs: The Fake Browser Update Scam Gets a Makeover

Google Bulks up Android’s Malware Defenses to Combat New Tricks, Including AI: Play Protect

Dutch Consumer Group Sues Amazon Over Data Tracking

FBI: Hackers Are Extorting Plastic Surgery Patients

Ex-Navy IT Head Gets 5 Years for Selling People’s Data on Darkweb
Ukrainian Activists Hack Trigona Ransomware Gang, Wipe Servers

Lazarus Group Targeting Defense Experts with Fake Interviews via Trojanized VNC Apps

North Korean Hackers Lazarus and Andariel Exploit Critical TeamCity Flaw to Breach Networks

MATA Malware Framework Exploits EDR in Attacks on Defense Firms

Hacker Leaks Millions of New 23andMe Genetic Data Profiles

Qubitstrike Targets Jupyter Notebooks with Crypto Mining and Rootkit Campaign

New Admin Takeover Vulnerability Exposed in Synology’s DiskStation Manager

What CISOs Should Exclude From SEC Cybersecurity Filings

Major Cyber Attack Could Cost the World $3.5 Trillion -Lloyd’s of London

10/17/2023

TetrisPhantom: Persistent Espionage Campaign Targets APAC Governments

Ransomware Comes Back in Vogue for Cybercriminals

Fake Browser Updates Used in Malware Distribution

Huge Increase in ‘Spear Phishing’ Ever Since ChatGPT’s Rise, Says Japanese Cybersecurity Firm

Google Password Manager Could Ease Your Transition to Passkeys

Amazon Quietly Rolls Out Support for Passkeys, With a Catch

Over 40,000 Admin Portal Accounts Use ‘Admin’ as a Password

Insiders Say X’s Crowdsourced Anti-Disinformation Tool Is Making the Problem Worse

Krebs: Tech CEO Sentenced to 5 Years in IP Address Scheme

New Calculator Aims to Measure Companies’ Cyberattack Damages
Chilean Government Warns of Black Basta Ransomware Attacks After Customs Incident

D-Link Confirms Data Breach After Employee Phishing Attack

KwikTrip All but Says IT Outage Was Caused by a Cyberattack

Crum & Forster Notifies Nearly 14k Consumers of Recent Data Breach Leaking Their SSNs

SpyNote Android Malware Spreads via Fake Volcano Eruption Alerts

Malicious Notepad++ Google Ads Evade Detection for Months

Over 10,000 Cisco Devices Hacked in IOS XE Zero-Day Attacks

Critical Vulnerabilities Uncovered in Open Source CasaOS Cloud Software

Experts Warn of Severe Flaws Affecting Milesight Routers and Titan SFTP Servers

10/16/2023

Russian Sandworm Hackers Breached 11 Ukrainian Telcos Since May

Pro-Russian Hackers Exploiting Recent WinRAR Vulnerability in New Campaign

BLOODALCHEMY Provides Backdoor to Southeast Asian nations’ Secrets

Fake ‘RedAlert’ Rocket Alert App for Israel Installs Android Spyware

Healthcare Sector Warned About New Ransomware Group NoEscape

Your Organization Has Suffered a Data Incident: Now Here Are the Regulators It Will Likely Encounter

Deepfake Porn Is Out of Control

WhatsApp Turns on Passwordless Logins With Passkeys for Android Users

What the Hollywood Writers Strike Resolution Means for Cybersecurity
We’re Not in e-Kansas Anymore: State Courts Reel From ‘Unauthorized Incursion’

Taylored Services Parent Co Cyber Attack and Possible Data Breach Affects Current and Former Employees

Henry Schein Announces Data Breach

SpyNote: Beware of This Android Trojan that Records Audio and Phone Calls

Discord Still a Hotbed of Malware Activity — Now APTs Join the Fun

Hackers Exploit Critical Flaw in WordPress Royal Elementor Plugin

CISA, FBI Urge Admins to Patch Atlassian Confluence Immediately

Cisco Warns of New iOS XE Zero-Day Actively Exploited in Attacks

Signal Disputes Alleged Zero-Day Flaw

10/13-15/2023

Billboards in Israel Were Briefly Hacked to Display Pro-Hamas Messages as Cyberwar Ramps Up

New PEAPOD Cyberattack Campaign Targeting Women Political Leaders

Women Political Leaders Summit Targeted in Romcom Malware Phishing

AI algorithm Detects MitM Attacks on Unmanned Military Vehicles

Chinese Embassy Criticizes Costa Rica for 5G Company Restrictions

UK Regulator Fines Equifax £11m for 2017 Data Breach

Security Pros Warn That EU’s Vulnerability Disclosure Rule Is Risky

Australia Fines X, Formerly Twitter, for Not Answering Questions on Child Abuse Content
Hackers Hit Aid Groups Responding to Israel and Gaza Crisis

Kwik Trip IT Systems Outage Caused by Mysterious ‘Network Incident’

FBI, CISA Warn of Rising AvosLocker Ransomware Attacks Against Critical Infrastructure

DarkGate Malware Spreading via Messaging Services Posing as PDF Files

Hackers Use Binance Smart Chain Contracts to Store Malicious Scripts

CISA Shares Vulnerabilities, Misconfigs Used by Ransomware Gangs

Steam Enforces SMS Verification to Curb Malware-Ridden Updates

Microsoft to Phase Out NTLM in Favor of Kerberos for Stronger Authentication

10/12/2023

Chinese APT ToddyCat Targets Asian Telecoms, Governments

Israel Sees Cyber Incursions Across Digital Systems

Microsoft Defender Thwarts Large-Scale Akira Ransomware Attack

Everest Ransomware Cybercriminals Offer Corporate Insiders Cold, Hard Cash for Remote Access

Shadow PC Warns of Data Breach as Hacker Tries to Sell Gamers’ Info

The Cyberwar Between the East and the West Goes Through Africa

New Clues Suggest Stolen FTX Funds Went to Russia-Linked Money Launderers

AMC CEO Was Target of Blackmail and Extortion Plot

California Enacts “Delete Act” For Data Privacy
Malicious NuGet Package Targeting .NET Developers with SeroXen RAT

ShellBot Uses Hex IPs to Evade Detection in Attacks on Linux SSH Servers

Ransomware Attacks Now Target Unpatched WS_FTP Servers

Ransomware Victims Continue to Pay Up, While Bracing for AI-Enhanced Attacks

Hyped up Curl Vulnerability Falls Short of Expectations

Apple Fixes iOS Kernel Zero-Day Vulnerability on Older iPhones

New Microsoft Bug Bounty Program Focuses on AI-Powered Bing

6 Simple Cybersecurity Rules You Can Apply Now

10/11/2023

Initial U.S. Intelligence Suggests Iran Was Surprised by the Hamas Attack on Israel

Gaza Conflict: How Israeli Cybersecurity Will Respond

Israelis Form Citizen Cyber Brigades Amid Mounting Digital Attacks

Microsoft Warns of Nation-State Hackers Exploiting Critical Atlassian Confluence Vulnerability

U.S. Navy Sailor Pleads Guilty to Accepting $15,000 in Bribes From China

U.S. Government Issues Open-Source Security Guidance for Critical Infrastructure

SEC is Investigating MOVEit Mass-Hack, Says Progress Software

The UN Risks Normalizing Internet Censorship

Microsoft Defender Now Auto-Isolates Compromised Accounts
Simpson Manufacturing Shuts Down IT Systems After Cyberattack

West Texas Gas Files Notice of Data Breach Affecting Over 56,000 People

BianLian Extortion Group Claims Recent Air Canada Breach

LinkedIn Smart Links Attacks Return to Target Microsoft Accounts

U.S. Cybersecurity Agency Warns of Actively Exploited Adobe Acrobat Reader Vulnerability

CD-Indexing Cue Files Are the Core of a Serious Linux Remote Code Exploit

New WordPress Backdoor Creates Rogue Admin to Hijack Websites

Krebs: Patch Tuesday, October 2023 Edition

From Chaos to Cadence: Celebrating Two Decades of Microsoft’s Patch Tuesday

10/10/2023

Israel Was Prepared for a Different War

Iran’s Khamenei Lauds Hamas Attack on Israel, Again Denies Involvement

Israeli Startup Community, at Home and Abroad, Prepares to Fight

New Threat Actor “Grayling” Blamed For Espionage Campaign

Cloudflare, Google, and Amazon Explain What’s Behind the Largest DDoS Attacks Ever

Krebs: Phishers Spoof USPS, 12 Other Natl’ Postal Services

Google Begins Prompting Users to Create Passwordless Passkeys by Default

AI Isn’t Just About Risk, Says Splunk’s Cyber Chief

New Report: Child Sexual Abuse Content and Online Risks to Children on the Rise

Arctic Wolf Acquires Cybersecurity Automation Platform Revelstoke
Air Europa Data Breach: Customers Warned to Cancel Credit Cards

ALPHV Ransomware Gang Claims Attack on Florida Circuit Court

Walmart, Inc. Files Notice of Data Breach Indicating Over 85k Victims

Community First Medical Center In Portage Park (IL) Suffers Large-Scale Data Breach

IZ1H9 Botnet Targets IoT Devices With New Exploits

D-Link WiFi Range Extender Vulnerable to Command Injection Attacks

New Critical Citrix NetScaler Flaw Exposes ‘Sensitive’ Data

Microsoft October 2023 Patch Tuesday Fixes 3 Zero-Days, 104 Flaws

Microsoft Exchange Gets ‘Better’ Patch to Mitigate Critical Bug

Microsoft to Kill Off VBScript in Windows to Block Malware Delivery

10/9/2023

Vietnam Agents Tried to Plant Spyware on Phones of U.S. Lawmakers and Journalists: Probe

Gaza-Linked Cyber Threat Actor Targets Israeli Energy and Defense Sectors

Hacktivist Attacks Erupt in Middle East Following Hamas Assault on Israel

X, Formerly Twitter, Amplifies Disinformation Amid the Israel-Hamas Conflict

Cybercriminals Using EvilProxy Phishing Kit to Target Senior Executives in U.S. Firms

HelloKitty Ransomware Source Code Leaked on Hacking Forum

Inside FTX’s All-Night Race to Stop a $1 Billion Crypto Heist

DOJ: Ex-Soldier Tried to Pass Secrets to China After Seeking a ‘Subreddit About Spy Stuff’

Cybersecurity Talent in America: Bridging the Gap
Datacenter Cabling Biz Volex Confirms Digital Break-in

Hackers Modify Online Stores’ 404 Pages to Steal Credit Cards

Hackers Hijack Citrix NetScaler Login Pages to Steal Credentials

PEACHPIT: Massive Ad Fraud Botnet Powered by Millions of Hacked Android and iOS

Over 17,000 WordPress Sites Hacked in Balada Injector Attacks Last Month

GNOME Linux Systems Exposed to RCE Attacks via File Downloads

High-Severity Flaws in ConnectedIO’s 3G/4G Routers Raise Concerns for IoT Security

Security Patch for Two New Flaws in Curl Library Arriving on October 11

Navigating the Patchwork of U.S. Privacy and Cybersecurity Laws: Summer 2023 Regulatory Updates

10/6-8/2023

Israel at War With Hamas After Unprecedented Attacks

Israel’s Security Forces Face Questions After Hamas Attack

Israel’s Failure to Stop the Hamas Attack Shows the Danger of Too Much Surveillance

Iran Helped Plot Attack on Israel Over Several Weeks

Israel’s Government, Media Websites Hit With Cyberattacks

Ukraine Cyber-Conflict: Hacking Gangs Vow to De-Escalate

Apple’s Encryption Is Under Attack by a Mysterious Group

Snap AI Chatbot Investigation Launched in UK Over Teen-Privacy Concerns

FTC Warns of ‘Staggering’ Losses to Social Media Scams Since 2021

MGM Didn’t Pay Up After Hackers Broke Into Its System and Stole Customer Data

MGM Resorts Ransomware Attack Led to $100 Million Loss, Data Theft

Bounty Offered for Secret NSA Seeds Behind NIST Elliptic Curves Algo
North Korea’s Lazarus Group Launders $900 Million in Cryptocurrency

Host of EU Summit Spain Target of DDoS Cyberattacks

D.C. Board of Elections Confirms Voter Data Stolen in Site Hack

Hackers Are Selling the Data of Millions Lifted From 23andMe’s Genetic Database

CDW Data to Be Leaked Next Week After Negotiations With LockBit Break Down

Florida Circuit Court Pauses Many Proceedings Following Cyberattack

Lyca Mobile Says Customer Data Was Stolen During Cyberattack

Third Flagstar Bank Data Breach Since 2021 Affects 800,000 Customers

Supermicro’s BMC Firmware Found Vulnerable to Multiple Critical Vulnerabilities

GitHub’s Secret Scanning Feature Now Covers AWS, Microsoft, Google, and Slack

Microsoft 365 Admins Warned of New Google Anti-spam Rules

10/5/2023

China-Linked Cyberspies Backdoor Semiconductor Firms With Cobalt Strike

China Poised to Disrupt U.S. Critical Infrastructure with Cyber-Attacks, Microsoft Warns

Hackers With AI Are Harder to Stop, Microsoft Says

South Korea Accuses North of Phish and Ships Attack

Scammers Impersonate Companies to Steal Cryptocurrency from Job Seekers

CISA and NSA Tackle IAM Security Challenges in New Report

NSA and CISA Reveal Top 10 Cybersecurity Misconfigurations

U.S. Government Proposes SBOM Rules for Contractors

Court Rules in Favor of Auto-Repair Companies in Car-Data Dispute

Blackbaud Settles Data Breach With 49 States, DC for $50 Million

Lorenz Ransomware Crew Bungles Blackmail Blueprint by Leaking Two Years of Contacts
Guyana Governmental Entity Hit by DinodasRAT in Cyber Espionage Attack

GoldDigger Android Trojan Drains Victim Bank Accounts

Analysis and Config Extraction of Lu0Bot, a Node.js Malware with Considerable Capabilities

QakBot Threat Actors Still in Action, Using Ransom Knight and Remcos RAT in Latest Attacks

CISA Warns of Active Exploitation of JetBrains and Windows Vulnerabilities

Critical Glibc Bug Puts Linux Distributions at Risk

Amazon to Make MFA Mandatory for ‘Root’ AWS Accounts by Mid-2024

Beyond Cybersecurity Awareness Month: Finding A Signal In The Noise

Could Cybersecurity Breaches Become Harmless in the Future?

Zero-Days for Hacking WhatsApp Are Now Worth Millions of Dollars

10/4/2023

LightSpy iPhone Spyware Linked to Chinese APT41 Group

Red Cross Issues Wartime Hacktivist Rules

Badbox & Peachpit: Your Cheap Android TV Streaming Box May Have a Dangerous Backdoor

Police Issue “Quishing” Email Warning

The Team Helping Women Fight Digital Domestic Abuse

BlackBerry to Separate IoT and Cybersecurity Businesses, Plans IPO

Clorox Says Sales and Profit Took a Big Hit From Cyberattack

A Tool to Help Boards Measure Cyber Resilience

How to Measure Patching and Remediation Performance

Patch Confusion for Critical Exim Bug Puts Email Servers at Risk — Again
Sony Confirms Data Breach Impacting Thousands in the U.S.

Lyca Mobile Suffers Cyber Attack, Investigating Ransomware Possibility

Weather Network Says Ransomware Attack Caused Website and App Outages in September

Hundreds of Malicious Python Packages Found Stealing Sensitive Data

Microsoft Warns of Cyber Attacks Attempting to Breach Cloud via SQL Server Instance

Rogue npm Package Deploys Open-Source Rootkit in New Supply Chain Attack

Atlassian Patches Critical Confluence Zero-Day Exploited in Attacks

Cisco Fixes Hard-Coded Root Credentials in Emergency Responder

Apple Emergency Update Fixes New Zero-Day Used to Hack iPhones

10/3/2023

NATO Says It Is Addressing an Apparent Cyberattack After Strategy Documents Posted Online

Federal Appeals Court Extends Limits on Biden Admin Comms With Social Media Companies to Top U.S. Cyber Agency

Predator Spyware Linked to Madagascar’s Government Ahead of Presidential Election

NSA Establishes AI Security Center

Companies Want to Spend More on AI to Defeat Hackers, but There’s a Catch

Ransomware Crisis, Recession Fears Leave CISOs in Tough Spot

Upstream Supply Chain Attacks Triple in a Year

Improving Cybersecurity With AWS’s Threat Intelligence Honeypot System

Google Is Making It Harder for Bulk Senders to Fill Your Gmail With Spam

EvilProxy Uses Indeed.com Open Redirect for Microsoft 365 Phishing

FBI Most-Wanted Russian Hacker Reveals Why He Burned His Passport
Rock County (WI) Dealing With Ransomware Attack on Public Health Department

Ragnar Ransomware Gang Posts 30GB of Data It Claims Belongs to Victorian Network Pacific Real Estate

Richmond-Based Freight Transport Company Estes Express Lines Experiences Cyberattack

Metro Transit (MO) Steadily Recovering From Cyber Attack

Greater Dallas Healthcare Enterprises Data Breach Affects Patients’ Medical Info

FortiGuard Uncovers Deceptive Install Scripts in npm Packages

Warning: PyTorch Models Vulnerable to Remote Code Execution via ShellTorch

New ‘Looney Tunables’ Linux Bug Gives Root on Major Distros

Qualcomm Releases Patch for 3 new Zero-Days Under Active Exploitation

Microsoft Edge, Teams Get Fixes for Zero-Days in Open-Source Libraries

10/2/2023

KillNet Claims DDoS Attack Against Royal Family Website

Nearly 100,000 Industrial Control Systems Exposed to the Internet

Krebs: Don’t Let Zombie Zoom Links Drag You Down

AI-Generated Phishing Emails Almost Impossible to Detect, Report Finds

FBI Warns of Surge in ‘Phantom Hacker’ Scams Impacting Elderly

Cybersecurity Awareness Month Celebrates 20 Years

Cybersecurity Professional Job-Satisfaction Realities for National Cybersecurity Awareness Month

Microsoft Defender No Longer Flags Tor Browser as Malware

Yes, Singapore Immigration Plans to Scan Your Face Instead of Your Passport

Norway Urges Europe-Wide Ban on Meta’s Targeted Ad Data Collection
Motel One Discloses Data Breach Following Ransomware Attack

India’s National Logistics Portal Exposed Sensitive Personal Data, Trade Records

Fauquier County Public Schools (VA) Open Despite LockBit Ransomware Attack

BunnyLoader Malware Targets Browsers and Cryptocurrency

Silent Skimmer: A Year-Long Web Skimming Campaign Targeting Online Payment Businesses

Ransomware Gangs Now Exploiting Critical TeamCity RCE Flaw

Exploit Available for Critical WS_FTP Bug Exploited in Attacks

OpenRefine’s Zip Slip Vulnerability Could Let Attackers Execute Malicious Code

Arm Issues Patch for Mali GPU Kernel Driver Vulnerability Amidst Ongoing Exploitation

Exim Patches Three of Six Zero-Day Bugs Disclosed Last Week

9/29-10/1/2023

North Korean Lazarus Group Impersonates Recruiter from Meta to Target Spanish Aerospace Firm

Iranian APT Group OilRig Using New Menorah Malware for Covert Operations

Russian Company Offers $20M for Non-NATO Mobile Exploits

Krebs: A Closer Look at the Snatch Data Ransom Group

Phishing, Smishing Surge Targets U.S. Postal Service

Amazon Sends Mastercard, Google Play Gift Card Order Emails by Mistake

Discord Is Investigating Cause of ‘You Have Been Blocked’ Errors

How to Tell When Your Phone Will Stop Getting Security Updates

How to Stop Google Bard From Storing Your Data and Location

Cybersecurity Budgets Grow, But at a Slower Pace

ShinyHunters Member Pleads Guilty to $6 Million in Data Theft Damages

UK PhD Student Guilty of 3D-Printing ‘Kamikaze’ Drone for Islamic State Terrorists
Royal Family Website ‘Targeted in Russian Cyber Attack’

Large Michigan Healthcare Provider McLaren Confirms Ransomware Attack

Tahoe Forest Hospital District (CA) Notifies Patients of Data Breach

Pinal County Schools (AZ) Affected by Ransomware Attack

Cloudflare DDoS Protections Ironically Bypassed Using Cloudflare

Cybercriminals Using New ASMCrypt Malware Loader to Fly Under the Radar

Meet LostTrust Ransomware — A likely Rebrand of the MetaEncryptor Gang

New Critical Security Flaws Expose Exim Mail Servers to Remote Attacks

Exploit Released for Microsoft SharePoint Server Auth Bypass Flaw

Cisco Warns of Vulnerability in IOS and IOS XE Software After Exploitation Attempts

Progress Software Releases Urgent Hotfixes for Multiple Security Flaws in WS_FTP Server

People Still Matter in Cybersecurity Management

9/27-28/2023

U.S., Japan Authorities Warn of China-Linked Hacking Group BlackTech Attacking Cisco Routers

Budworm APT Evolves Toolset, Targets Telecoms and Government

Microsoft Breach Led to Chinese Theft of 60,000 U.S. State Dept Emails

China’s National Security Minister Rates Fake News Among the Most Pressing Cyber Threats of the Present Day

TikTok Employees Say Executive Moves to U.S. Show China Parent’s Influence

China’s Chip Equipment Firms See Revenue Surge as Beijing Seeks Semiconductor Self-Reliance

Five Alleged Russian Spies Appear in London Court

Krebs: ‘Snatch’ Ransom Group Exposes Visitor IP Addresses

Why Do Employees Keep Ignoring Workplace Cybersecurity Rules?

FBI: Dual Ransomware Attack Victims Now Get Hit Within 48 Hours

4 Legal Surprises You May Encounter After a Cybersecurity Incident

The Anatomy of a Facebook Account Heist

Security Researcher Stopped at U.S. Border for Investigating Crypto Scam

The Maker of ShotSpotter Is Buying the World’s Most Infamous Predictive Policing Tech
U.S. Gov’t Contractor Maximus Says MOVEit Hackers Accessed Health Data of ‘at Least’ 8 Million Individuals

MOVEit Maker Announces New Critical Vulnerability Affecting a Different File Transfer Tool

Building Automation Giant Johnson Controls Hit by Ransomware Attack

Russian Flight Booking System Suffers ‘Massive’ Cyberattack

Dallas: Royal Ransomware Gang Infiltrated Networks Weeks Before Striking

Ransomed.vc Group Hits NTT Docomo After Sony Breach Claims

Android Banking Trojan Zanubis Evolves to Target Peruvian Users

Bing Chat Responses Infiltrated by Ads Pushing Malware

GitHub Repositories Hit by Password-Stealing Commits Disguised as Dependabot Contributions

SSH Keys Stolen by Stream of Malicious PyPI and npm Packages

Cisco Catalyst SD-WAN Manager Flaw Allows Remote Server Access

Cisco Urges Admins to fix IOS Software Zero-Day Exploited in Attacks

Google Releases Patch for Actively Exploited Zero-Day Vulnerability

9/26/2023

Chinese Hackers TAG-74 Targets South Korean Organizations in a Multi-Year Campaign

Rising Cyberattacks on Schools Put Students at Risk

Why the Public Sector Is an Easy Target for Ransomware

Half of Cyber-Attacks Go Unreported

4 Pillars for Building a Responsible Cybersecurity Disclosure Program

CISA Publishes Hardware Bill of Materials Framework

GPUs From All Major Suppliers Are Vulnerable to New Pixel-Stealing Attack

CIA Builds Its Own Artificial Intelligence Tool in Rivalry With China

Tech Giants Launch Post-Quantum Cryptography Coalition

Microsoft is Rolling out Support for Passkeys in Windows 11

Palo Alto Networks in Advanced Talks to Buy Talon and Dig in a $1B Security Sweep
SickKids Impacted by BORN Ontario Data Breach That Hit 3.4 Million

New AtlasCross Hackers Use American Red Cross as Phishing Lure

Philippines State Health Org Struggling to Recover From Ransomware Attack

Sony Investigates Cyberattack as Hackers Fight Over Who’s Responsible

New ZeroFont Phishing Tricks Outlook Into
Showing Fake AV-Scans


ZenRAT Malware Uncovered in Bitwarden Impersonation

ShadowSyndicate Investigation Reveals RaaS Ties

ROBOT Crypto Attack on RSA is Back as Marvin Arrives

Hackers Actively Exploiting Openfire Flaw to Encrypt Servers

Critical JetBrains TeamCity Flaw Could Expose Source Code and Build Pipelines to Attackers

Google Assigns New Maximum Rated CVE to libwebp Bug Exploited in Attacks

9/25/2023

Voting Equipment Giants Team Up For Security

Ukrainian Military Targeted in Phishing Campaign Leveraging Drone Manuals

China-Linked EvilBamboo Targets Mobiles

Your Boss’s Spyware Could Train AI to Replace You

Google is Retiring Its Gmail Basic HTML View in January 2024

The Hot Seat: CISO Accountability in a New Era of SEC Regulation
MOVEit: BORN Ontario Child Registry Data Breach Affects 3.4 Million People

Hackers Threaten to Sell Stolen Sony Data on Dark Web

Progressive Leasing Warns That Sensitive Information Was Stolen During Cyberattack

Web3 Platform Mixin Network Hit by $200m Crypto Hack

Xenomorph Android Malware Now Targets U.S. Banks and Crypto Wallets

9/22-24/2023

Russian Hackers Seek War Crimes Evidence, Ukraine Cyber Chief Says

Government of Bermuda Links Cyberattack to Russian Hackers

Recently Patched Apple, Chrome Zero-Days Exploited in Spyware Attacks

New Apple Zero-Days Exploited to Target Egyptian ex-MP with Predator Spyware

Evasive Gelsemium Hackers Spotted in Attack Against Asian Gov’t

‘Power, Influence, Notoriety’: The Gen-Z Hackers Who Struck MGM, Caesars

Over 700 Dark Web Ads Offer DDoS Attacks Via IoT in 2023

The Shocking Data on Kia and Hyundai Thefts in the U.S.

LastPass: ‘Horse Gone Barn Bolted’ is Strong Password (Krebs)

Cisco’s Splunk Deal Shows Allure of AI in Cybersecurity

ESA Gets the Job of Building Europe’s Secure Satcomms Network

Ransomware Groups are Increasingly Targeting Small Businesses

SMBs Face Growing Cybersecurity Threats, but Basic Measures Can Lower Risks

CISA and NFL Collaborate to Secure Super Bowl LVIII

U.S. Government IT Staffer Arrested on Espionage Charges

Nigerian Man Pleads Guilty to Attempted $6 Million BEC Email Heist
Iranian Nation-State Actor OilRig Targets Israeli Organizations

National Student Clearinghouse Data Breach Impacts 890 Schools

Auckland University of Technology Operating Despite Cyberattack

Hong Kong Consumer Council Falls Victim to Ransom Hackers, Data Breach

Fake Celebrity Photo Leak Videos Flood TikTok With Temu Referral Codes

Lingerie Group Wacoal Hit by Cyber Attack

Hotel Hackers Redirect Guests to Fake Booking.com to Steal Cards

Crypto Firm Nansen Asks Users to Reset Passwords After Vendor Breach

Dallas Says Royal Ransomware Breached Its Network Using Stolen Account

T-Mobile Denies New Data Breach Rumors, Points to Authorized Retailer

Deadglyph: New Advanced Backdoor with Distinctive Malware Tactics

New Variant of Banking Trojan BBTok Targets Over 40 Latin American Banks

Akira Ransomware Mutates to Target Linux Systems, Adds TTPs

High-Severity Flaws Uncovered in Atlassian Products and ISC BIND Server

How Much Cybersecurity Expertise Do Boards Really Have? Not Much.