3/23/2023 March 23, 2023March 23, 2023 ~ The Cyber Beat ~ Leave a comment TikTok Congressional Hearing: CEO Shou Zi Chew Grilled by U.S. LawmakersTikTok Paid for Influencers to Attend the Pro-TikTok Rally in DCAre Chinese Tech Firms a Security Risk?Krebs: Google Suspends Chinese E-Commerce App Pinduoduo Over MalwareStanford Pulls Down ChatGPT Clone After Safety ConcernsJournalist Plugs in Unknown USB Drive Mailed to Him—It Exploded in His FaceWindows 11, Tesla, Ubuntu, and macOS Hacked at Pwn2Own 2023CloudPanel Installations Use the Same SSL Certificate Private KeyNew CISA Tool Detects Hacking Activity in Microsoft Cloud ServicesHow to Use ChatGPT to Write CodeEpidemic of Insecure Storage, Backup Devices Is a Windfall for CybercriminalsMITRE Rolls Out Cloud-Based Prototype for Supply Chain SecurityKids Tech Camp iD Tech Still Silent Weeks After Data BreachCity of Toronto Confirms Data Theft, Clop Claims ResponsibilityAttorneys Say Private Information Exposed to Public in NC Courts OverhaulOttawa County (OH) Officials Working to Restore Network After Ransomware AttackShoreline College (WA) Website Hacked; Officials InvestigatingTri Counties Bank in Chico (CA) Suffers Data Breach After February Cyber AttackChina-Aligned “Operation Tainted Love” Targets Middle East Telecom ProvidersGerman and South Korean Agencies Warn of Kimsuky’s Expanding Cyber Attack TacticsPython Info-Stealing Malware Uses Unicode to Evade DetectionSharePoint Phishing Scam Targets 1600 Across U.S., EuropeBlackGuard Stealer Now Targets 57 Crypto Wallets, ExtensionsExploit Released for Veeam Bug Allowing Cleartext Credential TheftWordPress Force Patching WooCommerce Plugin with 500K InstallsMicrosoft Fixes Acropalypse Privacy Bug in Windows 11 Snipping Tool
3/22/2023 March 22, 2023March 22, 2023 ~ The Cyber Beat ~ Leave a comment The TikTok CEO’s Face-Off With Congress Is DoomedCyberterrorism Tops List of Threats to U.S. Vital Interests: GallupUnknown Actors Deploy Malware to Steal Data in Occupied Regions of UkraineNorth Korean Hackers Using Chrome Extensions to Steal Gmail EmailsGerman Political Parties Accused of Microtargeting Voters on FacebookFacebook Accounts Hijacked by New Malicious Trojanized Version of ChatGPT Chrome ExtensionChatGPT-Owner OpenAI Fixes ‘Significant Issue’ Exposing User Chat TitlesCISA and NSA Enhance Security Framework With New IAM GuideBeloved Hacking Veteran Kelly ‘Aloria’ Lum Passes Away at 41Dole Discloses Employee Data Breach After Ransomware AttackConvergent Outsourcing (WA) Files Notice of Data Breach That Leaked Consumers’ SSNsSunland Asphalt and Construction (AZ) Data Breach Affects 7,884 Individuals’ Personal Info$36M BEC Fraud Attempt Narrowly Thwarted by AI TechnologyHackers Inject Credit Card Stealers Into Payment Processing ModulesNew Android Banking Trojan ‘Nexus’ Promoted As MaaSNAPLISTENER: New Malware in REF2924 Group’s Arsenal for Bypassing DetectionScarCruft’s Evolving Arsenal: Researchers Reveal New Malware Distribution TechniquesPoC Exploits Released for Netgear Orbi Router Vulnerabilities
3/21/2023 March 21, 2023March 21, 2023 ~ The Cyber Beat ~ Leave a comment Putin to Staffers: Throw Out Your iPhones, or ‘Give It to the Kids’ and Use Russian or Chinese Tech InsteadGoogle Suspends Top Chinese Shopping App PinduoduoCommonMagic Targets Entities in Russo-Ukrainian Conflict ZoneThe Scorched-Earth Tactics of Iran’s Cyber ArmyMeta Security Manager Was Reportedly Hacked by Greek Intelligence AgencyChatGPT Bug Temporarily Exposes AI Chat Histories to Other UsersWindows’ Screenshot Tool May Be Saving Stuff You Cropped Out, TooAdobe Launches Firefly Generative A.I., Which Lets Users Type to Edit ImagesEuropean Ports Brace for Cybersecurity RegulationBreached Hacking Forum Shuts Down, Fears It’s Not ‘Safe’ From FBIDemocratic Rep: At Least 17 Current and Former Members Had Personal Data Exposed in DC Health Link BreachClop Ransomware Claims Saks Fifth Avenue, Retailer Says Mock Data StolenLockBit Ransomware Gang Now Also Claims City of Oakland BreachExpert Speaks Out After City of Allen Park (MI) Hit With Ransomware AttackOver 2400 Fake Pages Found Targeting Job Seekers in Middle East, AfricaNew ShellBot DDoS Malware Variants Targeting Poorly Managed Linux ServersCoinbase Wallet ‘Red Pill’ Flaw Allowed Attacks to Evade DetectionMicrosoft: Defender Update Behind Windows LSA Protection WarningsFrom Ransomware to Cyber Espionage: 55 Zero-Day Vulnerabilities Weaponized in 2022
3/20/2023 March 20, 2023March 20, 2023 ~ The Cyber Beat ~ Leave a comment Vessels Claiming to Be Chinese Warships Are Messing With Passenger PlanesOnline Sleuths Untangle the Mystery of the Nord Stream SabotageChatGPT Helped Win a Hackathon…OpenAI CEO Sam Altman Says He’s a ‘Little Bit Scared’ of A.I.Researchers Shed Light on CatB Ransomware’s Evasion TechniquesHackers Mostly Targeted Microsoft, Google, Apple Zero-Days in 2022The Top Five Cybersecurity ConcernsKrebs: Why You Should Opt Out of Sharing Data With Your Mobile ProviderFerrari Reports Cyber Incident With Ransom Demand; No Impact to OperationsMispadu Trojan Steals 90,000+ Banking Credentials From Latin American VictimsGeneral Bytes Bitcoin ATMs Hacked Using Zero-Day, $1.5M StolenTexas Medical Liability Trust Data Breach Leaked SSNs and Other Sensitive DataKillNet Group Uses DDoS Attacks Against Azure-Based Healthcare AppsNew DotRunpeX Malware Delivers Multiple Malware Families via Malicious AdsHackers Target .NET Developers with Malicious NuGet Packages
3/17-19/2023 March 19, 2023March 19, 2023 ~ The Cyber Beat ~ Leave a comment Wave of Stealthy China Cyberattacks Hits U.S., Private Networks, Google SaysHuawei Has Replaced Thousands of U.S.-Banned Parts in Its Products, Founder SaysGoogle Pixel Exploit Reverses Edited Parts of ScreenshotsGoogle Tells Users of Some Android Phones: Nuke Voice Calling to Avoid InfectionFCC Now Requires Cell Carriers to Block Scam Texts From Sketchy NumbersI Got Investigated by the Secret Service: Here’s How to Not Be MeKrebs: Feds Charge NY Man as BreachForums Boss “Pompompurin”RAT Developer Arrested in Ukraine for Infecting 10,000 PCs With MalwareCIOs Build New Bonds With CISOsNBA Alerts Fans of a Data Breach Exposing Personal InformationHitachi Energy Confirms Data Breach After Clop GoAnywhere AttacksOU Health Confirms Data for 3K Patients Could Have Been Breached After Laptop’s TheftAllCare Plus Pharmacy (MA) Notified Patients of Data Breach Leaking SSNs and PHITelegram, WhatsApp Trojanized to Target Cryptocurrency WalletsNew GoLang-Based HinataBot Exploiting Router and Server Flaws for DDoS AttacksEmotet Malware Now Distributed in Microsoft OneNote Files to Evade DefensesMicrosoft Shares Script to Fix WinRE BitLocker Bypass Flaw
3/16/2023 March 16, 2023March 16, 2023 ~ The Cyber Beat ~ Leave a comment Senator Warner Wants US Spies to Justify a TikTok BanUK Bans TikTok on Government Devices Following U.S. MoveU.S. FTC Asks Social Media, Video Streaming Firms Info on Misleading AdsSnapchat’s New Parental Control Filters Aim to Protect Minors From Sensitive ContentCourts Side With Big Companies Including Amazon and Experian in Privacy AppealsMicrosoft Support ‘Cracks’ Windows for Customer After Activation FailsConti-Based Ransomware ‘Meowcorp’ Gets Free DecryptorChinese SilkLoader Malware Sold to Russian Cyber-CriminalsWinter Vivern APT Hackers Use Fake Antivirus Scans to Install MalwareLatitude Cyberattack Leads to Data Theft at Two Service ProvidersTrinity Health of New England Employee Email Breach Exposed Patients’ Personal DataCryptojacking Group TeamTNT Suspected of Using Decoy Miner to Conceal Data ExfiltrationBianLian Ransomware Pivots From Encryption to Pure Data-Theft ExtortionConvincing Twitter ‘Quote Tweet’ Phone Scam Targets Bank CustomersFortinet Zero-Day Attacks Linked to Suspected Chinese HackersAdobe Acrobat Sign Abused to Push Redline Info-Stealing MalwareGoogle Finds 18 Baseband Zero-Day Bugs in Samsung Exynos ChipsetsGoogle Proposes Reducing TLS Cert Life Span to 90 Days
3/15/2023 March 15, 2023March 16, 2023 ~ The Cyber Beat ~ Leave a comment U.S. Threatens to Ban TikTok if Chinese Founder Doesn’t Sell Ownership StakeChina Sought Control of Submarine Cables to Spy, Says MicronesiaRussian Hackers Preparing New Cyber Assault Against Ukraine – Microsoft ReportThis Is the New Leader of Russia’s Infamous Sandworm Hacking UnitA Spy Wants to Connect With You on LinkedInThe World’s Real ‘Cybercrime’ ProblemFBI: Ransomware Hit 860 Critical Infrastructure Orgs in 2022Authorities Take Down Darknet Cryptocurrency ‘Mixing’ Service ‘ChipMixer’Dangers from Hacks Stretch Beyond Broken Computer SystemsAI-Generated Voice Deepfakes Aren’t Scary Good—YetHumans Still More Effective Than ChatGPT at PhishingKrebs: Two U.S. Men Charged in 2022 Hacking of DEA PortalCancer Patient Sues Hospital After Ransomware Gang Leaks Her Nude Medical PhotosNordVPN Open Sources Its Linux VPN Client and LibrariesMozilla Firefox Gets Built-in Firefox Relay ControlsTick APT Group Hacked East Asian DLP Software FirmHacker Selling Data Allegedly Stolen in U.S. Marshals Service HackU.S. Federal Agency Hacked Using Old Telerik Bug to Steal DataLockBit Ransomware Claims Essendant Attack, Company Says “Network Outage”Latitude Financial Hacked With 328,000 Customer IDs Feared StolenIndependent Living Systems (ILS) Warns 4.2 Million People of Data BreachNorthStar Emergency Medical Services (AR) Data Breach Affects 82,450 IndividualsLansing Community College Suspends Most Classes for ‘Ongoing Cybersecurity Incident’New Cryptojacking Operation Targeting Kubernetes Clusters for Dero Mining“FakeCalls” Android Malware Targets Financial Firms in South KoreaFirst-Known Dero Cryptojacking Operation Seen Targeting KubernetesCISA Warns of Adobe ColdFusion Bug Exploited as a Zero-DayCritical Microsoft Outlook Bug PoC Shows How Easy It Is to ExploitKrebs: Microsoft Patch Tuesday, March 2023 Edition
3/14/2023 March 15, 2023March 15, 2023 ~ The Cyber Beat ~ Leave a comment D.C. Health Link Hacker Exposes Lawmakers’ Personal InformationUK’s National Cyber Security Centre Reviewing TikTok Risks, Minister SaysMI5 Launches New Agency to Tackle State-Backed AttacksYoroTrooper Espionage Campaigns Target CIS, EU CountriesDEV-1101 Updates Open Source Phishing KitFBI Warns of Spike in ‘Pig Butchering’ Crypto Investment SchemesCybercriminals Exploit Silicon Valley Bank (SVB) Collapse to Steal Money and DataGPT-4 Unveiled: ChatGPT’s Next Big Upgrade Is HereHow Businesses Can Get Ready for AI-Powered Security ThreatsRubrik Confirms Data Theft in GoAnywhere Zero-Day AttackBeaver Medical Group Files Notice of Data Breach Leaking Patient’s PHIBone & Joint (WI) “System Outage” Resulted in Data Breach Affecting Patients & EmployeesMerced College (CA) Provides Notice of Data Breach to Students Following Malware AttackRing Won’t Say if It Was Hacked After Ransomware Gang Claims AttackSAP Releases Security Updates Fixing Five Critical VulnerabilitiesMicrosoft March 2023 Patch Tuesday Fixes 2 Zero-Days, 83 Flaws…Microsoft Fixes Outlook Zero-Day Used by Russian Hackers Since April 2022…Microsoft Fixes Windows Zero-Day Exploited in Ransomware Attacks
3/13/2023 March 14, 2023March 14, 2023 ~ The Cyber Beat ~ Leave a comment STALKER 2 Game Developer GSC Game World Hacked by Russian Hacktivists, Data StolenLarge-scale Cyber Attack Hijacks East Asian Websites for Adult Content RedirectsCISA Joins Forces With Women in Cybersecurity to Break up the Boy’s ClubCISA Now Warns Critical Infrastructure of Ransomware-Vulnerable DevicesFortinet: New FortiOS Bug Used as Zero-Day to Attack Gov’t NetworksNordVPN Makes its Meshnet Private Tunnel Free for EveryoneOutlook App to Get Built-In Microsoft 365 MFA on Android, iOSFinal Three Sentenced in £70m Money Laundering CaseZoll Medical Says Intruders Had 1M+ Patient, Staff Records at Their FingertipsLA Housing Authority Discloses Data Breach After Ransomware AttackArizona Department of Economic Security Confirms Data BreachHackers Steal $197 Million in Crypto in Euler Finance AttackLockBit Brags: We’ll Leak Thousands of SpaceX Blueprints Stolen From SupplierCyber Attack Affecting Gloucester Museum’s System One Year OnKali Linux 2023.1 Introduces ‘Purple’ Distro for Defensive SecurityBrand Names in Finance, Telecom, Tech Lead Successful Phishing Lures
3/10-12/2023 March 13, 2023March 13, 2023 ~ The Cyber Beat ~ Leave a comment KamiKakaBot Malware Used in Latest Dark Pink APT Attacks on Southeast Asian TargetsNorth Korean UNC2970 Hackers Expands Operations with New Malware FamiliesRansomware Attacks Have Entered a ‘Heinous’ New PhaseInvestment Fraud is Now Biggest Cybercrime EarnerFake ChatGPT Chrome Extension Hijacking Facebook Accounts for Malicious AdvertisingSecurity Researchers Targeted With New Malware via Job Offers on LinkedInAI-Generated YouTube Video Tutorials Spreading Infostealer MalwareTikTok Users Shrug at China Fears: ‘It’s Hard to Care’Cerebral Admits to Sharing Patient Data With Meta, TikTok, and GoogleFBI Once Bought Mobile-Phone Data for Warrantless Tracking: Other Agencies Still DoBrazil Seizing Flipper Zero Shipments to Prevent Use in CrimeCasper Attack Steals Data Using Air-Gapped Computer’s Internal SpeakerMicrosoft OneNote to Get Enhanced Security After Recent Malware AbuseBlackbaud to Pay $3M for Misleading Ransomware Attack DisclosureKey Takeaways From The National Cybersecurity StrategyMental Health Provider Cerebral Alerts 3.1M People of Data BreachPeopleGrove Security Lapse Exposed Users’ Personal InformationCodman Square Health Center (MA) Reports Data Breach Following Ransomware Attack56,000 Affected by DC Health Link Data BreachStaples-Owned Essendant Facing Multi-Day “Outage,” Orders FrozenBATLOADER Malware Uses Google Ads to Deliver Vidar Stealer and Ursnif PayloadsMedusa Ransomware Gang Picks up Steam as It Targets Companies WorldwideNew Version of Prometei Botnet Infects Over 10,000 Systems WorldwideXenomorph Android Banking Trojan Returns with a New and More Powerful VariantNew GoBruteforcer Malware Targets phpMyAdmin, MySQL, FTP, PostgresClop Ransomware Gang Begins Extorting GoAnywhere Zero-Day VictimsUnpatched Zero-Day Bugs in Akuvox Smart Intercoms Allow Remote EavesdroppingCISA Warns of Actively Exploited Plex Bug After LastPass BreachCISA Warns of Critical VMware RCE Flaw Exploited in Attacks
3/9/2023 March 9, 2023March 9, 2023 ~ The Cyber Beat ~ Leave a comment U.S. Congressman Darin LaHood Says the FBI Unlawfully Targeted HimFifth of Government Workers Don’t Care if Employer is HackedTehran Targets Female Activists in Espionage CampaignRubio Takes Aim At Planned Ford U.S. Battery Plant Using Chinese TechnologyPentagon Unveils Cyber Workforce Strategy to Tackle Labor ShortageKrebs: Who’s Behind the NetWire Remote Access Trojan?Google Trashes the Chrome Cleanup ToolFBI Warns of Cryptocurrency Theft via “Play-To-Earn” GamesTikTok Initiates Project Clover Amid European Data Security ConcernsInadvertent Data Destruction After a Cyberattack Can Violate EU Privacy RulesScammers Are Using AI to Impersonate Your Loved Ones: Here’s What to Watch Out ForRemcos Trojan Returns to Most Wanted Malware List After Ukraine AttacksAT&T Blames Marketing Bods for Exposing 9M Subscriber Account RecordsMicrosoft: Business Email Compromise Attacks Can Take Just HoursAkamai Mitigates Record-Breaking 900Gbps DDoS Attack in AsiaIceFire Ransomware Now Encrypts Both Linux and Windows Systems8220 Gang Behind ScrubCrypt Attack Targeting Oracle Weblogic ServerHackers Exploiting Remote Desktop Software Flaws to Deploy PlugX MalwareSuspected Chinese Cyber Spies Target Unpatched SonicWall DevicesGitHub Makes 2FA Mandatory Next Week for Active DevelopersHow to Jump-Start Your Cybersecurity Career
3/8/2023 March 9, 2023March 9, 2023 ~ The Cyber Beat ~ Leave a comment FBI Investigates Data Breach Impacting U.S. House Members and StaffThe FBI Just Admitted It Bought U.S. Location DataThe U.S. Air Force Is Moving Fast on AI-Piloted Fighter JetsBoeing Signs off Anti-Jamming Tech That Keeps Satellites OnlineChina Says It’s ‘Puzzled’ After Report Germany Might Ban Huawei From Parts of 5G Mobile NetworkDutch Responds to U.S. China Policy With a Plan to Curb Semiconductor Tech ExportsAustralia Demands Russia Crack Down on Cyber CriminalsDuckDuckGo Launches AI-Powered Search Query Answering ToolMicrosoft Enables LSA Protection by Default in Windows Canary BuildEurovision 2023: Hotel Phishing Scam Targets Song Contest FansKrebs: Sued by Meta, Freenom Halts Domain RegistrationsLazarus Group Targets South Korean Finance Firm Via Zero-Day FlawCommonwealth Bank of Australia’s Indonesian Arm Hit by Cyber AttackRansomware Gang Posts Video of Data Stolen From Minneapolis SchoolsCity of Waynesboro (VA) Targeted in Cyber AttackNortheast Surgical Group (MI) Notifies 15K Patients of Data BreachJenkins Security Alert: New Security Flaws Could Allow Code Execution AttacksBitwarden Flaw Can Let Hackers Steal Passwords Using iframesFortinet Warns of New Critical Unauthenticated RCE VulnerabilityVeeam Fixes Bug That Lets Hackers Breach Backup InfrastructureCISA’s KEV Catalog Updated with 3 New Flaws Threatening IT Management Systems
3/7/2023 March 8, 2023March 8, 2023 ~ The Cyber Beat ~ Leave a comment Cyber Command Chief: Election Interference Is Not Going AwayWatchdog Says U.S. Cyber Agency Lacks a Plan for Communicating During Major HacksRussia’s Cyber Tactics in Ukraine Shift to Focus on EspionageRussian Disinformation Campaign Records High-Profile Individuals on CameraHow to Tell if Your Laptop Camera Has Been Hacked and Someone Is Spying on YouWhite House Backs Senate Bill to Boost U.S. Ability to Ban TikTokShein App Accessed Clipboard Data on Android DevicesThe Daring Ruse That Exposed China’s Campaign to Steal American SecretsHow Denmark’s Welfare State Became a Surveillance NightmareTwitter Just Let Its Privacy- And Security-Protecting Tor Service ExpireNext-Gen Mobile Internet — 6G — Will Launch in 2030, Telecom Bosses Say, Even as 5G Adoption Remains LowLastPass Hack: Engineer’s Failure to Update Plex Software Led to Massive Data BreachPro-Putin Scammers Trick Politicians and Celebrities Into Low-Tech Hoax Video CallsThe Rise of Zero-Trust Cybersecurity in a Multicloud WorldSharp Panda Target Southeast Asia in Espionage Campaign Expansion: ‘Radio Silence’ Mode to Evade DetectionAcer Confirms Breach After 160GB of Data for Sale on Hacking ForumBrazilian Conglomerate Andrade Gutierrez Suffers 3TB Data BreachRansomware Attack Against Barcelona Hospital Disrupts OperationsHouston Healthcare (GA) Falls Victim to Cybersecurity AttackMinneapolis Public Schools Says Hackers Behind Alleged Attack Posted Some Data OnlineNorthern Essex Community College (MA) Closed for 5th Day Due to Cyberattack1st Franklin Financial Corporation (GA) Notifies Customers of Recent Data BreachTransparent Tribe Hackers Distribute CapraRAT via Trojanized Messaging AppsSYS01stealer: New Threat Using Facebook Ads to Target Critical Infrastructure FirmsEmotet Malware Attacks Return After Three-Month BreakAndroid March 2023 Update Fixes Two Critical Code Execution FlawsMicrosoft Excel Now Blocking Untrusted XLL Add-Ins by Default
3/6/2023 March 7, 2023March 7, 2023 ~ The Cyber Beat ~ Leave a comment U.S. Government to Explore Cyber Insurance BackstopNew Class of Lawmakers Look To Dig In on CybersecurityFaced With Likelihood of Ransomware Attacks, Businesses Still Choosing to Pay UpWhere Are the Women in Cyber Security? On the Dark Side, Study SuggestsCybersecurity Trends & Statistics For 2023: Attack Surface And Hacker Capabilities GrowNIST’s Quantum-Proof Algorithm Has a Bug, Analysts SayRotterdam: This Algorithm Could Ruin Your Life…Inside the Suspicion MachineGerman and Ukrainian Police Raid Alleged Cybercrime ‘DoppelPaymer’ Gang With Help From FBIVice Society Ransomware Group Claims Hamburg University of Applied Sciences as Latest VictimDenver Public Schools Data Breach Includes SSNs, Bank InfoHenrico Doctors’ Hospital (VA) Notifies Patients of Data BreachAcer Data Breach? Hacker Claims to Sell 160GB Trove of Stolen DataSandbox Blockchain Game Breached to Send Emails Linking to MalwareNew HiatusRAT Malware Targets Business-Grade Routers to Covertly Spy on VictimsOld Windows ‘Mock Folders’ UAC Bypass Used to Drop MalwareProof-of-Concept Released for Critical Microsoft Word RCE Bug
3/3-5/2023 March 5, 2023March 5, 2023 ~ The Cyber Beat ~ Leave a comment EPA to Make States Evaluate Public Water Systems’ CybersecurityU.S. Cybersecurity Agency Raises Alarm Over Royal Ransomware’s Deadly CapabilitiesKrebs: Highlights from the New U.S. Cybersecurity StrategyBidenCash Market Leaks Over 2 Million Stolen Credit Cards for FreeTPM 2.0 Library Vulnerabilities May Affect Billions of IoT DevicesBrave Search Launches AI-Powered Summarizer in Search ResultsA Privacy Hero’s Final Wish: An Institute to Redirect AI’s FutureFTC to Ban BetterHelp From Sharing Mental Health Data With AdvertisersSecret Service, ICE Break the Law Over and Over With Fake Cell Tower SpyingPlay Ransomware Claims Disruptive Attack on City of Oakland…Play Ransomware Gang Leaks Data Stolen From City of OaklandPersonal Data Exposed in Cyber Attack on Modesto (CA) PDIndigo Books Refuses LockBit Ransomware DemandIndian Startup Yes Madam Exposed Sensitive Data of Customers and Gig WorkersAloha Nursing Rehab Centre Reports 2022 Data Breach Affecting More Than 20k PatientsVeris Residential (NJ) Notifies Victims of Recent Data BreachNew FiXS ATM Malware Targeting Mexican BanksMicrosoft Releases Windows Security Updates for Intel CPU FlawsHow to Prevent Microsoft OneNote Files From Infecting Windows With Malware
3/2/2023 March 2, 2023March 2, 2023 ~ The Cyber Beat ~ Leave a comment Biden Administration Unveils Long-Awaited National Cyber Strategy…Aims to Shift Cybersecurity Burden From Individuals and Small Businesses to Tech ProvidersCisco Chief Says Tech Products Must Be Made More SecureCISA Releases Free ‘Decider’ Tool to Help with MITRE ATT&CK MappingDashlane to Support New Third-Party Passkey Sync Feature in Android 14Stop Using Your 4-Digit iPhone Passcode in Public. Do This InsteadForget ChatGPT, the Most Overhyped Security Tool Is Technology Itself, Wiz WarnsAustralian Woman Arrested for Email Bombing a Government OfficeWH Smith Discloses Cyber-Attack, Company Data TheftChick-Fil-A Confirms Accounts Hacked in Months-Long “Automated” AttackHackers Steal Gun Owners’ Data From Firearm Auction Website GunAuction.comChinese ‘Mustang Panda’ Hackers Use New Custom Backdoor to Evade DetectionLucky Mouse: SysUpdate Malware Strikes Again with Linux Version and New Evasion TacticsExperts Identify ‘Colour-Blind’ Fully-Featured Info Stealer and Trojan in Python Package on PyPIAPI Security Flaw Found in Booking.com Allowed Full Account TakeoverThis Hacker Tool Can Pinpoint a DJI Drone Operator’s Location
3/1/2023 March 2, 2023March 2, 2023 ~ The Cyber Beat ~ Leave a comment Russia Bans Foreign Messaging Apps in Government OrganizationsCybercriminals Targeting Law Firms with GootLoader and FakeUpdates MalwareParallax RAT Targeting Cryptocurrency Firms with Sophisticated Injection TechniquesBudweiser Maker Simplifies How It Assesses Privacy and Cyber RisksGitHub’s Secret Scanning Alerts Now Available for All Public ReposMicrosoft Exchange Online Outage Blocks Access to Mailboxes WorldwideChatGPT: What the New York Times and Others Are Getting Terribly Wrong About ItHacked Washington Law Firm Covington & Burling Fights SEC Subpoena in Effort to Protect Attorney-Client PrivilegeWhy Overcoming The Cybersecurity Labor Shortage Matters To Company SuccessWest Virginia University Alerted of Data Breach, Involves ‘Limited’ Amount of Personal Information AvailableSoutheastern Louisiana University ‘Likely’ Suffered Cyber AttackHatch Bank Announces Third-Party Data Breach at Cybersecurity Firm, FortraCrystal Bay Casino Notifies 86,291 Individuals of Recent Data BreachTrezor Warns of Massive Crypto Wallet Phishing CampaignIron Tiger Hackers Create Linux Version of Their Custom MalwareBlackLotus Becomes First UEFI Bootkit Malware to Bypass Secure Boot on Windows 11Cisco Patches Critical Web UI RCE Flaw in Multiple IP PhonesAruba Networks Fixes Six Critical Vulnerabilities in ArubaOS
2/28/2023 February 28, 2023February 28, 2023 ~ The Cyber Beat ~ Leave a comment China Is Relentlessly Hacking Its NeighborsTikTok Answers Three Big Cybersecurity Fears About the AppU.S. Gov’t Agencies Have 30 Days to Remove TikTok, Canada Follows SuitLastPass Reveals Attackers Stole Password Vault Data by Hacking an Employee’s Home ComputerKrebs: Hackers Claim They Breached T-Mobile More Than 100 Times in 2022How to Set Up Two-Factor Authentication on Your Online ServicesGoogle: Gmail Client-Side Encryption Now Publicly AvailableBitdefender Releases Free Decryptor for MortalKombat Ransomware StrainHacking Attack Prompts Russian Regional Broadcasters to Issue Air Alert Warnings (Again)Dish Network Confirms Ransomware Attack Behind Multi-Day OutageCity of Oregon City Reports Ransomware AttackEvergreen Treatment Services (OR) Data Breach Affects Personal Info of 21,325 PatientsAnonymous Call Informs Sentara Healthcare (VA) of Data BreachLSUs Online Services Restored Tuesday After Network Outage: ‘Not Cyber Event’APT-C-36 Strikes Again: Blind Eagle Hackers Target Key Industries in ColombiaSCARLETEEL Hackers Use Advanced Cloud Skills to Steal Source Code, DataCISA Issues Warning on Active Exploitation of ZK Java Web Framework Vulnerability
2/27/2023 February 28, 2023February 28, 2023 ~ The Cyber Beat ~ Leave a comment U.S. Marshals Service Investigating Ransomware Attack, Data TheftCISA Tells Agencies What to Prioritize to Meet Cybersecurity Log MandateAustralia Plans to Reform Cyber Security Rules, Set up AgencyChina Makes It Even Harder for Data to Leave Its ShoresKrebs: When Low-Tech Hacks Cause High-Impact BreachesResearchers Discover Nearly 200,000 New Mobile Banking Trojan InstallersResearchers Share New Insights Into RIG Exploit Kit Malware’s OperationsChatGPT Is Down Worldwide – OpenAI Working on IssuesA Year After Russia’s Invasion, Cyberdefenses Have Improved Around the WorldMinneapolis Public Schools Still Investigating What Caused ‘Encryption Event’Hacker Leaks Alleged Activision Employee Data on Cybercrime ForumAlvaria (MA) Announces Data Breach Following Hive Ransomware AttackAdvanced Health Media Leaked SSNs Following Recent Data BreachCrum & Forster (NJ) Announces Data BreachNew Exfiltrator-22 Post-Exploitation Kit Linked to LockBit RansomwareRIG Exploit Kit Still Infects Enterprise Users via Internet ExplorerPlugX Trojan Disguised as Legitimate Windows Debugger Tool in Latest AttacksCritical Flaws in WordPress Houzez Theme Exploited to Hijack Websites
2/24-26/2023 February 26, 2023February 26, 2023 ~ The Cyber Beat ~ Leave a comment CISA Calls For Increased Vigilance One Year After Ukraine’s Russian InvasionRussian IT “Brain Drain” Decentralizes CybercrimePentagon Investigating Two-Week Email Server LeakRoyal Mail Appears to Call LockBit’s Ransomware Bluff – Loses Gigabytes of DataNews Corp Says State Hackers Were on Its Network for Two YearsA Basic iPhone Feature Helps Criminals Steal Your Entire Digital LifeKrebs: Who’s Behind the Botnet-Based Service BHProxies?Tesla to Change Camera Settings in Europe Over Privacy FearsEU Commission Bans TikTok on Corporate Devices‘Ethical Hacker’ Among Ransomware Suspects Cuffed by Dutch CopsBitcoin Mining Rig Found Stashed in Massachusetts School CrawlspaceThese Experts Are Racing to Protect AI From Hackers. Time Is Running OutTelus Source Code, Staff Info for Sale on Dark Web ForumDish Network Goes Offline After Likely Cyberattack, Employees Cut OffStanford University Discloses Data Breach Affecting PhD ApplicantsEncino Energy Says ‘No Impact’ Seen After CyberattackCleveland Brothers Holdings Data Breach Affects Thousands of SSNsEmtec (FL) Breach Affects Over 7,000 People Following CyberattackRockler Companies (MN) Data Breach Impacts More than 8,600 IndividualsPureCrypter Malware Hits Gov’t Orgs With Ransomware, Info-StealersChromeLoader Campaign Lures With Malicious VHDs for Popular GamesBrave Browser to Block “Open in App” Prompts, Pool-Party AttacksGoogle Teams Up with Ecosystem Partners to Enhance Security of SoC ProcessorsCybersecurity to Be Least Hit by Layoffs in Economic Downturn
2/23/2023 February 23, 2023February 23, 2023 ~ The Cyber Beat ~ Leave a comment How the Russia-Ukraine War Has Changed CyberspaceUkraine Says Russian Hackers Backdoored Gov’t Websites in 2021Batteries Are Ukraine’s Secret Weapon Against RussiaRussian Authorities Claim Ukraine Hackers Are Behind Fake Missile Strike Alerts in Almost a Dozen CitiesWinorDLL64 Backdoor Linked to Lazarus GroupHow I Broke Into a Bank Account With an AI-Generated VoiceU.S. Regulators Warn Banks to Be on Alert for Crypto-Related Liquidity RisksValve “Honeypot” Used to Ban 40,000 Dota 2 Players Using CheatYou Can’t Trust App Developers’ Privacy Claims on Google PlayForsage DeFi Platform Founders Indicted for $340 Million ScamFTX Fiasco Founder SBF Faces Further Fraud ChargesFTC: Americans Lost $8.8 Billion to Fraud in 2022 After 30% SurgeU.S. Extradites Russian Individual for Allegedly Selling Malicious SoftwareDatacenters in China, Singapore Cracked by Crims Who Then Targeted TenantsLockBit Leaks 44GB of Royal Mail’s Data and Sets Fresh £33 Million RansomVice Society Ransomware Gang Leaked 2K Los Angeles Student Health Records OnlineHutchinson Clinic (PA) Posts Notice of Data Breach Affecting Sensitive Patient InformationClasiopa Hackers Use New Atharvan Malware in Targeted AttacksHackers Using Trojanized macOS Apps to Deploy Evasive Cryptocurrency Mining MalwarePython Developers Warned of Trojanized PyPI Packages Mimicking Popular LibrariesA World of Hurt for Fortinet and Zoho After Users Fail to Install PatchesApple Warns of 3 New Vulnerabilities Affecting iPhone, iPad, and Mac DevicesMicrosoft Urges Exchange Admins to Remove Some Antivirus ExclusionsHow Cybersecurity Executives Make the Case for Continued Tech Investments in a Tough Economy
2/22/2023 February 22, 2023February 22, 2023 ~ The Cyber Beat ~ Leave a comment Hackers Use Fake ChatGPT Apps to Push Windows, Android Malware and Send Victims to Phishing PagesUkraine Suffered More Wiper Malware in 2022 Than Anywhere, EverGcore Thwarts Massive 650 Gbps DDoS Attack on Free Plan ClientOpen Source Flaws Found in 84% of CodebasesNSA Shares Guidance on How to Secure Your Home Network2023 Budget Conversations: Prioritizing Cybersecurity During Economic DownturnGoogle Paid $12 Million in Bug Bounties to Security ResearchersHydrochasma Group Targets Asian Medical and Shipping SectorsNew S1deload Stealer Malware Hijacks Youtube, Facebook AccountsCyberattack on Food Giant Dole Temporarily Shuts Down North America ProductionAttackers Flood NPM Repository with Over 15,000 Spam Packages Containing Phishing LinksHackers Now Exploit Critical Fortinet Bug to Backdoor ServersVMware Patches Critical Vulnerability in Carbon Black App Control Product
2/21/2023 February 22, 2023February 22, 2023 ~ The Cyber Beat ~ Leave a comment Researchers Warn of ReverseRAT Backdoor Targeting Indian Government AgenciesA New Kind of Bug Spells Trouble for iOS and macOS SecurityHackers Exploit Privilege Escalation Flaw on Windows Backup ServiceGoogle Will Boost Android Security Through Firmware HardeningAccidental WhatsApp Account Takeovers? It’s a ThingAT&T Seeks to Shed Cybersecurity DivisionSublime Nabs $9.8M for Anti-Phishing Email Security Platform Built on Collective, Crowdsourced RulesThree City Fund Managers Jailed for $8m FraudSensitive U.S. Military Emails Spill Online via Exposed ServerRussian State TV ‘Hit by Cyber Attack’ During Putin’s SpeechActivision Confirms Data Breach Exposing Employee and Game InfoVirgin Media TV Hack May Cause Disruption to Some ProgrammingSophisticated MyloBot Botnet Spreading Rapidly Worldwide: Infecting Over 50,000 Devices DailyExploit Released for Critical Fortinet RCE Flaws, Patch NowWhy Security Culture Is Key To Cybersecurity ResilienceCyberthreats, Regulations Mount for Financial Industry
2/20/2023 February 20, 2023February 21, 2023 ~ The Cyber Beat ~ Leave a comment Here’s How to Secure Your Twitter Account Without Paying for BlueDNA Testing Biz Vows to Improve Infosec After Criminals Break Into Database It Forgot It HadMajority of Ransomware Attacks Last Year Exploited Old BugsHardBit Ransomware Wants Insurance Details to Set the Perfect PriceMicrosoft AI Chatbot Threatens to Expose Personal Info and Ruin a User’s ReputationSpanish Court Authorises Extradition to U.S. Of Briton Who Allegedly Hacked Biden, ObamaInglis Retires as National Cyber Director Ahead of Biden’s Cybersecurity EOCoinbase Cyberattack Targeted Employees With Fake SMS AlertEureka Casino Resort (NV) Announces Data Breach Impacting Nearly 230k IndividualsCentraState Healthcare System Announces Data Breach Impacting as Many as 617k PatientsLehigh Valley Health Network (PA) Hit by CyberattackO’Neal Industries Reports Recent Data BreachTom James Company (TN) Files Notice of Data Breach Affecting 8,656 IndividualsNew Stealc Malware Emerges With a Wide Set of Stealing Capabilities
2/17-19/2023 February 19, 2023February 19, 2023 ~ The Cyber Beat ~ Leave a comment EU Cybersecurity Agency Warns Against Chinese APTsGoogle Report Reveals Russia’s Elaborate Cyber Strategy in Ukraine‘Russian Hacktivists’ Brag of Flooding German Airport SitesExperts Warn of RambleOn Android Malware Targeting South Korean JournalistsArmenia and Azerbaijan Hackers Use OxtaRAT to Monitor ConflictCloud Infrastructure Used By WIP26 For Espionage Attacks on TelcosKrebs: New Protections for Food Benefits Stolen by SkimmersSamsung Has Created a Zero-Click Antivirus for MessagesHow to Unlock Your iPhone With a Security KeyTwitter Limits SMS-Based 2-Factor Authentication to Blue Subscribers OnlyEuropol Busts ‘CEO Fraud’ Gang That Stole €38M in a Few DaysNorwegian Police Recover $5.8M Crypto From Massive Axie Infinity HackFBI Says It Has ‘Contained’ Cyber Incident on Bureau’s Computer NetworkHackers Ran Amok Inside GoDaddy for Nearly 3 YearsData Leak Hits Thousands of Liverpool NHS WorkersMKS Instruments (MA) Data Breach Affects Current and Former EmployeesPaul Smith’s College (NY) Data Breach Impacts Over 10k IndividualsSuffolk County, N.Y., Restores Systems After September CyberattackNew WhiskerSpy Malware Delivered via Trojanized Codec InstallerCritical RCE Vulnerability Discovered in ClamAV Open Source Antivirus SoftwareFortinet Issues Patches for 40 Flaws Affecting FortiWeb, FortiOS, FortiNAC, and FortiProxyAppSec Threats Deserve Their Own Incident Response PlanHere’s the 12 Best Ways to Avoid Being Scammed OnlineThe Five Important Moments In History That Shaped The Modern Cybersecurity Landscape
2/16/2023 February 16, 2023February 16, 2023 ~ The Cyber Beat ~ Leave a comment DOJ, Commerce Department Strike Force to Fight Technology Threats From AdversariesESXiArgs Ransomware Hits Over 500 New Targets in European CountriesMicrosoft Exchange ProxyShell Flaws Exploited in New Crypto-Mining AttackNew Mirai Malware Variant Infects Linux Devices to Build DDoS BotnetCISA Warns of Windows and iOS Bugs Exploited as Zero-DaysPrivacy Regulators Step Up Oversight of AI Use in EuropeBEC Groups Target Firms With Multilingual Impersonation AttacksHackers Leverage PayPal to Send Malicious InvoicesCrypto Buyers Beware: 1 in 4 New Tokens of Any Value Is a ScamProtecting More With What You Have: Cybersecurity Resilience In 2023New Threat Actor WIP26 Targeting Telecom Service Providers in the Middle EastBurton Snowboards Cancels Online Orders After ‘Cyber Incident’German Airport Websites Hit by Suspected Cyber AttackScandinavian Airlines Says Cyberattack Caused Passenger Data LeakAtlassian Says Recent Data Leak Stems From Third-Party Vendor HackHackers Using Google Ads to Spread FatalRAT Malware Disguised as Popular AppsHackers Start Using Havoc Post-Exploitation Framework in AttacksHackers Backdoor Microsoft IIS Servers With New Frebniis MalwareResearchers Warn of Critical Security Bugs in Schneider Electric Modicon PLCs
2/15/2023 February 15, 2023February 15, 2023 ~ The Cyber Beat ~ Leave a comment North Korea’s APT37 Targeting Southern Counterpart with New M2RAT MalwareU.S. Border Patrol Is Finally Able to Check E-Passport DataOakland Declares Emergency After Ransomware AttackMajor Global Chipmaking Supplier ASML Claims an Employee Stole Manufacturing SecretsMade in America, Stolen by China: We Need Cybersecurity Minimum StandardsGitHub Copilot Update Stops AI Model From Revealing SecretsThe Ohio Train Derailment Created a Perfect TikTok StormSevered Cable Forces Lufthansa to Cancel More Than 140 FlightsCyber Insurers Unlikely to Offer Higher Coverage Limits Despite Better ConditionsRussian Hacker Convicted of $90 Million Hack-To-Trade ChargesIndian SideWinder APT Attacks Regional Targets in New CampaignLockBit and Royal Mail Ransomware Negotiation Leaked by LockBitEmsisoft Says Hackers Are Spoofing Its Certs to Breach NetworksMeriplex Communications Data Breach Affects Malaga Bank CustomersCompSource Mutual Insurance Company Data Breach Affects Thousands of ClaimantsSuccession Wealth Targeted by Cyber-AttackHyundai, Kia Patch Bug Allowing Car Thefts With a USB CableCitrix Fixes Severe Flaws in Workspace, Virtual Apps and DesktopsIntel Patches up SGX Best It Can After Another Load of Security Holes Found
2/14/2023 February 15, 2023February 15, 2023 ~ The Cyber Beat ~ Leave a comment Russian-Linked Malware Was Close to Putting U.S. Electric, Gas Facilities ‘Offline’ Last Year…This Russia-Linked Hack Is Worse Than We KnewThe More You Look for Spy Balloons, the More UFOs You’ll FindChinese Hackers Infiltrate South American Diplomatic NetworksChanging Leaders? You May Be a Target of HackersHow Companies Can Minimize the Cybersecurity Risk From Their Tech VendorsEurostar Forces ‘Password Resets’ — Then Fails and Locks Users OutMicrosoft: Exchange Server 2013 Reaches End of Support in AprilCyber-Physical System Vulns Disclosures Reach Peak, While Internal Disclosures Up 80%Google Launches First Android Beta for Ad-Tracking OverhaulHealthcare Giant Community Health Systems Reports First Data Breach in GoAnywhere HacksAirline SAS Network Hit by Hackers, Says App Was CompromisedReventics, an Omega Healthcare Company, Announces Data Breach Following CyberattackMassive AdSense Fraud Campaign Uncovered – 10,000+ WordPress Sites InfectedRedEyes Hackers Use New Malware to Steal Data From Windows, PhonesNPM Packages Posing as Speed Testers Install Crypto Miners InsteadNew ‘MortalKombat’ Ransomware Targets Systems in the U.S.New Stealthy ‘Beep’ Malware Focuses Heavily on Evading DetectionEmbattled VMware ESXi Hypervisor Flaw Exploitable in Myriad WaysKrebs: Microsoft Patch Tuesday, February 2023 Edition
2/13/2023 February 14, 2023February 14, 2023 ~ The Cyber Beat ~ Leave a comment U.S. Navy Recovers ‘Significant’ Portion of Chinese Spy Balloon off South CarolinaAfter Shooting Down Flying Objects, U.S. And Canada Have More Theories Than AnswersChinese Tonto Team Hackers’ Second Attempt to Target Cybersecurity Firm Group-IB FailsLockBit’s Royal Mail Ransom Deadline Flies By. No Data ReleasedMajority of Firms Make Cybersecurity Decisions Without Attacker InsightHow To Protect Against AI-Based Email Security Threat VectorsMedical-Device Makers Face Push to Protect Their Wares From HacksPig Butchering Scams Are Evolving FastLazarus Hackers Use New Mixer to Hide $100 Million in Stolen CryptoSpain, U.S. Dismantle Phishing Gang That Stole $5 Million in a YearNamecheap Customers Flooded with Phishing EmailsPepsi Bottling Ventures Suffers Data Breach After Malware AttackGarrison Women’s Health (NH) Notifies Patients of Data BreachEmployee Social Security Numbers Exposed in Bridgewater-Raritan School District (NJ)Rise Interactive Media & Analytics Third-Party Breach Affects Edgepark Medical SuppliesHackers Create Malicious Dota 2 Game Modes to Secretly Access Players’ Systems451 PyPI Packages Install Chrome Extensions to Steal CryptoCloudflare Blocks Record-Breaking 71 Million RPS DDoS AttackApple Fixes New WebKit Zero-Day Exploited to Hack iPhones, MacsUnciphered Reveals Now-Patched Vulnerability in OneKey Wallet
2/10-12/2023 February 12, 2023February 12, 2023 ~ The Cyber Beat ~ Leave a comment Former Diplomat Claims to Have SNP MP’s Hacked EmailsNorth Korean Hackers Are Attacking U.S. HospitalsU.S. Teases More China Tech Sanctions, This Time to Deflate Balloon-MakersFrom Huawei to TikTok, Chinese Tech Giants Face Scrutiny Amid Spying ConcernsCyberattack on ION Derivatives Unit Had Ripple Effects on Financial MarketsRefund and Invoice Scams Surge in Q4Reddit Hack Shows Limits of MFA, Strengths of Security TrainingRomance Scammers Could Cause Unhappy Valentine’s DayAttacker Allure: A Look at the Super Bowl’s Operational Cyber-RisksEverything Is HackableHow to Manage Third-Party Cybersecurity Risks That Are Too Costly to IgnoreMicrosoft Winget Package Manager Failing From Expired SSL CertificatePasskeys From Apple, Google & Microsoft May Soon Replace Your Passwords as Passwords Are Continually ThreatenedHow to Make Sure You’re Not Accidentally Sharing Your LocationHow to Delete Yourself From the InternetRansomware Crooks Steal 3M+ Patients’ Medical Records, Personal Info From Multiple California Medical GroupsCity of Oakland Systems Offline After Ransomware AttackA10 Networks Confirms Data Breach After Play Ransomware AttackVice Society Ransomware Attack Confirmed by Mount Saint Mary CollegeClop Ransomware Claims it Breached 130 Orgs Using GoAnywhere Zero-DayIsrael’s Technion University Hacked; Cyber Authority Trying to AssistKimmel Center, Philadelphia Orchestra Websites Hit by Cyber AttackIndian Social Media App Slick Exposed Childrens’ User DataDotHouse Health (MA) Announces Data Breach Impacting 10k PatientsEdmonds School District (WA) Data Breach Exposed Sensitive InformationDevs Targeted by W4SP Stealer Malware in Malicious PyPi PackagesMalicious Npm Package Uses Typosquatting, Downloads MalwareCISA Warns of Active Attacks Exploiting Fortra MFT, TerraMaster NAS, and Intel Driver Flaws
2/9/2023 February 9, 2023February 9, 2023 ~ The Cyber Beat ~ Leave a comment Russia’s Ransomware Gangs Are Being Named and Shamed…Krebs: U.S., U.K. Sanction 7 Men Tied to Trickbot Hacking GroupAustralia to Remove Chinese Surveillance Cameras Amid Security FearsNew ESXiArgs Ransomware Version Prevents VMware ESXi RecoveryHacker Develops New ‘Screenshotter’ Malware to Find High-Value TargetsPayPal and Twitter Abused in Turkey Relief Donation ScamsCybersecurity—Value Driven From SafetyInsurers Say Cyberattack That Hit Merck Was Warlike Act, Not Covered1Password Is Trying For Zero PasswordsCodebreakers Decipher Mary, Queen of Scots’ Secret Letters 436 Years After Her ExecutionLargest Canadian Bookstore Indigo Shuts Down Site After CyberattackReddit Cyberattack Let Hackers Steal Source Code and Internal DataMunster Technological University Says IT Breach Caused by Ransomware AttackAtlantic General Hospital (MD) System Still Down Following Ransomware AttackNewsPenguin Threat Actor Emerges with Malicious Campaign Targeting Pakistani EntitiesGootkit Malware Adopts New Tactics to Attack Healthcare and Finance FirmsHackers Use Fake Crypto Job Offers to Push Info-Stealing MalwareMalicious Google Ads Sneak AWS Phishing Sites Into Search ResultsOpenSSL Fixes Multiple New Security Flaws with Latest Update
2/8/2023 February 9, 2023February 9, 2023 ~ The Cyber Beat ~ Leave a comment Russian Hackers Using Graphiron Malware to Steal Data from UkraineCISA Releases Recovery Script for ESXiArgs Ransomware VictimsThe State of the Union Was Light on Cybersecurity, Related TopicsWhite House Cyber Adviser to Retire Next WeekNIST Standardizes Ascon Cryptographic Algorithm for IoT and Other Lightweight DevicesRegulator Halts AI Chatbot Over GDPR ConcernsWhy ChatGPT Isn’t a Death Sentence for Cyber DefendersHow the US Can Stop Data Brokers’ Worst Practices—Right NowAndroid 14 to Block Malware From Abusing Sensitive PermissionsWeee! Grocery Service Confirms Data Breach, 1.1 Million AffectedDrug Distributor AmerisourceBergen Confirms Security BreachMoney Lover For Android & iOS Leaked Email Addresses, TransactionsStroke Scan Files Notice of Data Breach Affecting 50k ConsumersTor and I2P Networks Hit by Wave of Ongoing DDoS AttacksTMH Employee: Remote Workers Forced to Use PTO During Cybersecurity IncidentMalicious Dota 2 Game Mods Infected Players With MalwareSonicWall Warns Web Content Filtering Is Broken on Windows 11 22H2
2/7/2023 February 8, 2023February 8, 2023 ~ The Cyber Beat ~ Leave a comment SNP MP Stewart McDonald’s Emails Hacked by Russian GroupMicrosoft to Rival Google With New AI-Powered Bing Search14 Innovation Trends With Exponential Growth Potential: Ark’s Big Ideas 2023Cybersecurity Teams: The Defender’s Dilemma Is a LieThree Common Ways Cybersecurity Teams Waste Money—And What To Do InsteadMore Than 2,000 Cybersecurity Patent Applications Filed Since 2010Kaspersky Briefing: ChatGPT and the Language of CybersecurityKrebsOnSecurity in Upcoming Hulu Series on Ashley Madison BreachRussian Man Pleads Guilty to Laundering Ryuk Ransomware MoneyFlorida State Court System, U.S., EU Universities Hit by Ransomware OutbreakUK Metal Engineering Firm Vesuvius Hit by Cyber-AttackRegal Medical Group Notifies Patients of Recent Data BreachResearcher Breaches Toyota Supplier Portal With Info on 14,000 PartnersOver 12% Of Analyzed Online Stores Expose Private Data, BackupsMedusa Botnet Returns as a Mirai-Based Variant With Ransomware StingNew QakNote Attacks Push QBot Malware via Microsoft OneNote FilesHackers Exploit Vulnerabilities in Sunlogin to Deploy Sliver C2 Framework
2/6/2023 February 7, 2023February 7, 2023 ~ The Cyber Beat ~ Leave a comment Embarrassment as U.S. Cyber Ambassador’s Twitter Account Is HackedNo Evidence Global Ransomware Hack Was by State Entity, Italy SaysVMware Finds No Evidence of 0-Day in Ongoing ESXiArgs Ransomware SpreeLockBit Ransomware Gang Claims Royal Mail Cyberattack‘Phishing-As-A-Service’ Kits Are Driving an Uptick in Theft: One Business Owner’s StoryThree U.S. Data Breaches Show Varied Healthcare Exposure RisksCorporate Boards Struggle to Understand Cybersecurity and Digital TransformationInside Safe City, Moscow’s AI Surveillance DystopiaGoogle Unveils Bard, its Rival to ChatGPTMicrosoft Authenticator Drops Support for Apple WatchDrugs Labs Busted After Encrypted Chat App TakedownProminent UK Cybersecurity Stock Darktrace Is Under Attack From Short SellersGuLoader Malware Using Malicious NSIS Executables to Target E-Commerce IndustryMint Mobile Gets Affected by T-Mobile Recent Data BreachSharp HealthCare (CA) Notifies Nearly 63,000 Patients of Data BreachMotto Mortgage (CO) Files Notice of Recent Data Breach, Exposing Consumers SSNsHidalgo County (TX) Adult Probation Office Hit by Ransomware AttackLinux Variant of Clop Ransomware Spotted, But Uses Faulty Encryption AlgorithmHackers Backdoor Windows Devices in Sliver and BYOVD AttacksExploit Released for Actively Exploited GoAnywhere MFT Zero-Day…Actively Exploited GoAnywhere MFT Zero-Day Gets Emergency PatchOpenSSH Releases Patch for New Pre-Auth Double Free VulnerabilityThree Ways To Stop Playing Cybersecurity Whac-A-Mole
2/3-5/2023 February 6, 2023February 6, 2023 ~ The Cyber Beat ~ Leave a comment Suspected Chinese Spy Balloon Shot Down off South Carolina CoastBermuda Hit by Major Internet and Power OutageNew Credential-Stealing Campaign By APT34 Targets Middle East FirmsGoogling for Software Downloads Is Extra Risky Right NowThe Biggest Risks in Procrastinating on iPhone, Android Software UpdatesAirbnb Is Making a Simple, but Big Booking Change Bringing It Closer to Hotel Check-inFormer Twitter Employees to Testify at House Hearing on Hunter BidenICO Relaxes Breach Reporting for Comms ProvidersNY Attorney General Forces Spyware Vendor to Alert VictimsHave We Learnt Nothing From SolarWinds Supply Chain Attacks? Not Yet It AppearsDashlane Password Manager Open-Sourced Its Android and iOS AppsKrebs: Finland’s Most-Wanted Hacker Nabbed in FranceDeveloper Pleads Guilty to Hacking His Own Company After Pretending to Investigate HimselfU.S. Man Charged in $110m Crypto Trading SchemeCyber-Attack Results in More Than $800K Stolen From Houston Business, Lawsuit FiledIranian OilRig Hackers Using New Backdoor to Exfiltrate Data from Govt. OrganizationsIran Crew Stole Charlie Hebdo Database, Says MicrosoftTruthFinder, Instant Checkmate Confirm Data Breach Affecting 20M CustomersTallahassee Memorial HealthCare Takes IT Systems Offline After CyberattackMultiple Wayne County (MI) Police Agencies Targeted in Ransomware AttacksUniversity of Zurich Confirms ‘Serious Cyberattack’More Than 11,000 Employees, Students and Former Staff Affected by Cyber Attack, QUT SaysPixPirate: New Android Banking Trojan Targeting Brazilian Financial InstitutionsGoogle Ads Push ‘Virtualized’ Malware Made for Antivirus EvasionPost-Macro World Sees Rise in Microsoft OneNote Documents Delivering MalwareMassive ESXiArgs Ransomware Attack Targets VMware ESXi Servers WorldwideLinux Version of Royal Ransomware Targets VMware ESXi ServersHackers Actively Exploiting Zero-Day in Fortra’s GoAnywhere MFTAtlassian Patches Critical Authentication Flaw in Jira Software
2/2/2023 February 2, 2023February 2, 2023 ~ The Cyber Beat ~ Leave a comment New Russian-Backed Gamaredon’s Spyware Variants Targeting Ukrainian AuthoritiesRussia-Ukraine War Has Improved U.S. Cyber Cooperation, Says Key OfficialAnker’s Eufy Admits Unencrypted Videos Could Be Accessed, Plans OverhaulThreat Actors Use ClickFunnels to Bypass Security ServicesAPT Groups Use Ransomware TTPs as Cover for Intelligence Gathering and SabotageNetflix’s US Password-Sharing Crackdown Isn’t Happening—YetFormer Ubiquiti Dev Pleads Guilty to Trying to Extort His EmployerDiscrepancies Discovered in Vulnerability Severity RatingsRising ‘Firebrick Ostrich’ BEC Group Launches Industrial-Scale CyberattacksNorth Korean Hackers Exploit Unpatched Zimbra Devices in ‘No Pineapple’ CampaignLazarus Group Attack Identified After Operational Security FailLockBit Ransomware Attack on Data Firm Ion Could Take Days to FixSuper Bock Says ‘Cyber’ Nasty ‘Disrupting Computer Services’Australia’s Black and White Cabs Booking Service Offline After Cyber AttackStealthy HeadCrab Malware Compromised Over 1,200 Redis ServersHackers Weaponize Microsoft Visual Studio Add-Ins to Push MalwareMalvertising Attacks Are Distributing .Net Malware LoadersCisco Fixes Bug Allowing Backdoor Persistence Between Reboots
2/1/2023 February 1, 2023February 1, 2023 ~ The Cyber Beat ~ Leave a comment New DDoS-As-A-Service Platform ‘Passion’ Used in Recent Attacks on HospitalsAlmost all Organizations are Working with Recently Breached VendorsCrypto Scam Apps Infiltrate Apple App Store and Google PlayOver 1,800 Android Phishing Forms for Sale on Cybercrime MarketExperts Warn of ‘Ice Breaker’ Cyberattacks Targeting Gaming and Gambling IndustryGoogle Boosts Bounties for Open Source Flaws Found via FuzzingEnter the Hunter Satellites Preparing for Space WarEU Tightens Oversight of Data-Privacy Regulators to Speed Up DecisionsCybersecurity Firm RAPID7 Explores SaleArnold Clark Customer Personal Data ‘Stolen in Cyber Attack’…Claimed by Play RansomwareGoogle Fi Data Breach Let Hackers Carry Out Sim Swap AttacksFIA Assessing Impact of Cyber Attack on Financial Data Firm IONSensitive Data Stolen in Okanagan College Attack Posted to Dark Web Says Vice SocietyLockBit Ransomware Goes ‘Green,’ Uses New Conti-Based EncryptorNew Nevada Ransomware Targets Windows and VMware ESXi SystemsResearchers Uncover New Bugs in Popular ImageMagick Image Processing Utility
1/31/2023 February 1, 2023February 1, 2023 ~ The Cyber Beat ~ Leave a comment Russian-Backed Hackers ‘Killnet’ Actively Targeting U.S. Health Care Sector, HHS Warns…The List So FarNew Report Reveals NikoWiper Malware That Targeted Ukraine Energy SectorU.S., Middle Eastern Allies Include Cyber Collaboration in Abraham AccordsMicrosoft: Over 100 Threat Actors Deploy Ransomware in AttacksMicrosoft Disables Verified Partner Accounts Used for OAuth PhishingMicrosoft Upgrades Defender to Lock Down Linux Gear for Its Own GoodYou Really Need to Update Firefox and Android Right NowOpenAI Releases Tool to Detect AI-Written TextGoogle Fi Customers Caught Up in Recent T-Mobile Data BreachNantucket Schools Close After Ransomware AttackTucson Unified School District Hit by Cyber AttackDocuSign Brand Impersonation Attack Bypasses Security Measures, Targets Over 10,000PoS Malware Can Block Contactless Payments to Steal Credit CardsNew Sh1mmer ChromeBook Exploit Unenrolls Managed DevicesExploit Released for Critical VMware vRealize RCE VulnerabilityOver 29,000 QNAP Devices Unpatched Against New Critical FlawFirmware Flaws Could Spell ‘Lights Out’ for Servers
1/30/2023 January 31, 2023January 31, 2023 ~ The Cyber Beat ~ Leave a comment TikTok Chief to Appear Before Congressional PanelThe Untold Story of a Crippling Ransomware AttackWhy Cybersecurity Regulations And Oversight Are As Important As Safety Standards In The Modern WorkplaceCISA’s Got a Plan to Strengthen Corporate CybersecurityThe Wages of Sin Aren’t That Great if You’re a Developer Choosing the Dark SideOpenAI Is Hiring Developers to Make ChatGPT Better at CodingGitHub Revokes Code Signing Certificates Stolen in Repo HackWealthy Russian Undertook $90 Mln Hack-And-Trade Scheme, U.S. Says at TrialNew Yorker Gets Four Years for $9m COVID Fraud SchemeU.S. No Fly List Shared on a Hacking Forum, Government InvestigatingJD Sports Says 10 Million Customers Hit by Cyber-AttackPrivate Explosives Manufacturer Hired By India’s Defence Ministry Hit By Suspected Ransomware AttackPorsche Halts NFT Launch, So Phishing Sites Fill the VoidKeePass Disputes Vulnerability Allowing Stealthy Password TheftHackers Use TrickGate Software to Deploy Emotet, REvil, Other MalwareTitan Stealer: A New Golang-Based Information Stealer Malware EmergesQNAP Fixes Critical Bug Letting Hackers Inject Malicious Code
1/27-29/2023 January 29, 2023January 29, 2023 ~ The Cyber Beat ~ Leave a comment Ukraine Hit with New Golang-based ‘SwiftSlicer’ Wiper Malware in Latest Cyber Attack…Sandworm Hackers Hit News Agency With 5 Data WipersUkraine Enters Uncharted Territory With Request to Investigate Russian Cyberattacks as War CrimesA Link to This Site Can (Technically) Land You in Russian PrisonInfrastructure Companies Say Suppliers Pose a Growing Cyber ThreatNew ‘Pig Butchering’ Scam in West Africa Impersonates U.S. Financial AdvisorsWorkers Want More AI to Get Rid of Their Office Busywork, Says Microsoft SurveyBlack Swans Events Are Shaping the Cybersecurity Present and FutureResearchers to Release VMware vRealize Log RCE Exploit, Patch nowISC Releases Security Patches for New BIND DNS Software VulnerabilitiesCanada’s Green Party Posted Sensitive Information About Voters and Members OnlineCharter Communications Says Vendor Breach Exposed Some Customer Datamscripts Data Breach Affects 66,372 IndividualsZendesk Experiences Potential Data BreachStratford University (VA) Data Breach Affects Over 78k Student and Employee SSNsShady Reward Apps on Google Play Amass 20 Million DownloadsBlack Basta Deploys PlugX Malware in USB Devices With New TechniqueGootkit Malware Continues to Evolve with New Components and ObfuscationsPlugX Malware Hides on USB Devices to Infect New Windows HostsMultiple Vulnerabilities Found In Healthcare Software OpenEMR
1/26/2023 January 27, 2023January 27, 2023 ~ The Cyber Beat ~ Leave a comment U.S. Hacks Back Against Hive Ransomware Crew…U.S. Offers $10M Bounty for Hive Ransomware Links to Foreign GovernmentsGoogle Takes Down 50,000 Instances of Pro-Chinese DRAGONBRIDGE Influence OperationIranian Group Cobalt Sapling Targets Saudi Arabia With New PersonaMost Criminal Cryptocurrency Funnels Through Just 5 ExchangesThe Best Personal Safety Devices, Apps, and AlarmsUK’s Lloyds Bank Warns of 80% Surge in Advance Fee ScamsTech Layoffs Aren’t Hitting This Digital Job Market Where Over 700,000 Workers Are NeededA Child’s Garden of CybersecurityLutheran Social Services of Illinois Announces Data Breach Affecting 184k IndividualsUniversity of Colorado Hospital Authority Announces Third-Party Data Breach At Diligent CorporationGuildford School Victim of Cyber-Attack as Phone Lines and Mail Systems ‘Stop Working’Yandex Denies Hack, Blames Source Code Leak on Former EmployeeBitwarden Password Vaults Targeted in Google Ads Phishing AttackNew Mimic Ransomware Abuses ‘Everything’ Windows Search ToolLexmark Warns of RCE Bug Affecting 100 Printer Models, PoC ReleasedMicrosoft Urges Admins to Patch On-Premises Exchange Servers
1/25/2023 January 26, 2023January 26, 2023 ~ The Cyber Beat ~ Leave a comment CISA: Federal Agencies Hacked Using Legitimate Remote Desktop ToolsRussian ‘Hacktivists’ Briefly Knock German Websites OfflineIranian and Russian Hackers Targeting Politicians and Journalists, Warn UK OfficialsU.S. Intelligence Wants to Use Psychology to Avert CyberattacksLessons Learned From the Windows Remote Desktop Honeypot ReportHackers Auction Alleged Source Code for League of LegendsKrebs: Experian Glitch Exposing Credit Files Lasted 47 DaysKrebs: Administrator of RSOCKS Proxy Botnet Pleads GuiltyBetter Management And Training Are Key To Solving The Cybersecurity Skills GapZacks Investment Research Data Breach Affects 820,000 ClientsA Network of Knockoff Apparel Stores Exposed 330,000 Customer Credit CardsOver 4,500 WordPress Sites Hacked to Redirect Visitors to Sketchy Ad PagesLivingston Memorial VNA (CA) Data Breach Following Apparent Ransomware AttackBank of Eastern Oregon Files Official Notice of Data BreachJefferson County Health Department (IA) Files Notice of Data Breach Affecting 115,940New Stealthy Python RAT Malware Targets Windows in AttacksMalware Exploited Critical Realtek SDK Bug in Millions of AttacksExploit Released for Critical Windows CryptoAPI Spoofing Bug
1/24/2023 January 25, 2023January 25, 2023 ~ The Cyber Beat ~ Leave a comment North Korea-Linked Hackers Behind $100 Million Crypto Heist, FBI SaysLastPass Owner GoTo Shares More Bad News About November’s Security BreachIf You Want to Use a Security Key With Your Apple Account, You’ll Need Two KeysMicrosoft Shares Workaround for Unresponsive Windows Start MenuThe Threat Of “Default” TechAssessing the Likelihood of a ‘Catastrophic’ CyberattackDOJ, States Sue Google Over Digital Ad DominanceNoem Says Cellphone Was Hacked, Blames Jan. 6 Panel‘Security and the Electric Vehicle Charging InfrastructurePlanet Ice: Customer Details Stolen in Data BreachRiot Games Receives Ransom Demand From Hackers, Refuses to PayAlexander City (AL) Falls Victim to Cyber AttackDragonSpark Hackers Evade Detection With SparkRAT and GolangEmotet Malware Makes a Comeback with New Evasion TechniquesRansomware Access Brokers Use Google Ads to Breach Your Network75K WordPress Sites Impacted by Critical Online Course Plugin FlawsVMware Fixes Critical Security Bugs in vRealize Log Analysis ToolSecurity Navigator Research: Some Vulnerabilities Date Back to the Last Millennium
1/23/2023 January 24, 2023January 24, 2023 ~ The Cyber Beat ~ Leave a comment T-Mobile Breach Highlights Common Corporate Security WeaknessMost Federal Agencies Ignored GAO’s Cybersecurity RecommendationsU.S. Authorities Release Asylum Seekers After Leaking Their Data OnlineRussia’s Largest ISP Says 2022 Broke All DDoS Attack RecordsHackers Deploy Open-Source Tool Sliver C2, Replacing Cobalt Strike, MetasploitFewer Ransomware Victims Are Paying Up. But There’s a CatchMessenger’s Encrypted Chats Get Themes, Emoji Reactions, and MoreMicrosoft Investing Billions in ChatGPT MakerChatGPT Is ‘Not Particularly Innovative,’ and ‘Nothing Revolutionary’, Says Meta’s Chief AI ScientistA Major Flaw in App Operated by India’s Education Ministry Exposed the Data of Millions of StudentsGTA Online Bug Exploited to Ban, Corrupt Players’ AccountsTicketmaster Says Cyberattack Disrupted Taylor Swift Ticket SalesSatellite Healthcare Files Official Notice of Data BreachGoogle Ads Invites Being Abused to Push Spam, Adult SitesCISA Warns of Critical ManageEngine RCE Bug Exploited in AttacksApple Fixes Actively Exploited iOS Zero-Day on Older iPhones, iPadsApple iOS 16.3 Arrives With Support for Hardware Security KeysMicrosoft Plans to Kill Malware Delivery via Excel XLL Add-Ins
1/20-22/2023 January 23, 2023January 23, 2023 ~ The Cyber Beat ~ Leave a comment Russia Expected to Increase Cyberattacks in Ukraine War — To Little EffectGamaredon Group Launches Cyberattacks Against Ukraine Using TelegramU.S. Airline Accidentally Exposes ‘No Fly List’ on Unsecured ServerHow to Encrypt any File, Folder, or Drive on Your SystemLike It or Not, Email Is Still Our Greatest Tool – And the Source of Some of Our Biggest ThreatsWhat Diabetes Is Revealing About the Benefits and Risks of Personal Medicine Connected to the InternetKrebs: New T-Mobile Breach Affects 37 Million Accounts…T-Mobile’s $150 Million Security Plan Isn’t Cutting ItMassive Ad-Fraud Op Dismantled After Hitting Millions of iOS DevicesWhatsApp Hit with €5.5m fine for GDPR ViolationsCybersecurity Was Supposed to Be a Resilient Area of Tech, but These ETFs Are StrugglingLos Angeles Unified School District Says Vice Society Ransomware Gang Stole Contractors’ SSNsMaple Ridge-Pitt Meadows School District (BC) Investigating Data Breach Affecting up to 19,000 PeopleFanDuel Discloses Data Breach Caused by Recent MailChimp HackRiot Games Hacked, Delays Game Patches After Security BreachPhishers Use Blank Images to Disguise Malicious AttachmentsHackers Now Use Microsoft OneNote Attachments to Spread MalwareNew Boldmove Linux Malware Used to Backdoor Fortinet DevicesCritical ManageEngine RCE Bug Now Exploited to Open Reverse ShellsExploits Released for Two Samsung Galaxy App Store VulnerabilitiesOver 19,000 End-Of-Life Cisco Routers Exposed to RCE Attacks
1/19/2023 January 20, 2023January 20, 2023 ~ The Cyber Beat ~ Leave a comment Davos 2023: Global Bank Chiefs Get FBI Cybersecurity UpdateRansomware Profits Drop 40% In 2022 as Victims Refuse to PayA Sneaky Ad Scam Tore Through 11 Million PhonesNew ‘Blank Image’ Attack Hides Phishing Scripts in SVG FilesFTX: Over $400m Stolen from Bankrupt ExchangeInstagram Just Got an Update That Gives You More Control Over What You See in Your FeedOver a Third of Recent ICS Bugs Still Have No Vendor PatchFor the First Time in a Long Time, Cfos Can Say No to Some Tech SpendingHow to Convert Your Home’s Old TV Cable Into Powerful Ethernet LinesT-Mobile Says Hackers Stole Data on About 37 Million CustomersPayPal Says Crooks Accessed 35,000 Customers’ Info in Credential Stuffing AttackRansomware Gang Steals Data From KFC, Taco Bell, and Pizza Hut Brand OwnerNew ‘Hook’ Android Malware Lets Hackers Remotely Control Your PhoneRoaming Mantis’ Hacking Campaign Adds DNS Changer to Mobile AppNew Microsoft Azure Vulnerability Uncovered — EmojiDeploy for RCE AttacksExploit Released for Critical ManageEngine RCE Bug, Patch Now
1/18/2023 January 19, 2023January 19, 2023 ~ The Cyber Beat ~ Leave a comment Iranian Government Entities Under Attack by New Wave of BackdoorDiplomacy AttacksCISA Warns of Flaws in Siemens, GE Digital, and Contec Industrial Control SystemsKrebs: Thinking of Hiring or Running a Booter Service? Think Again.Bitzlato Crypto Exchange Seized for Ransomware, Drugs Money LaunderingNew York Man Defrauded Thousands Using Credit Cards Sold on Dark WebInitial Access Broker Market Booms, Posing Growing Threat to EnterprisesSpy Cams Reveal the Grim Reality of Slaughterhouse Gas ChambersPalantir CEO Tells Tech Workers Who Don’t Like the Company’s Military Deals, ‘Don’t Work Here’Private-Equity Firms Tighten Focus on Cyber Defenses at Portfolio CompaniesEuropean Privacy Regulators Step Up Scrutiny of Business Data PracticesOver Four Billion People Affected By Internet Censorship in 2022Ukraine Links Data-Wiping Attack on News Agency to Russian HackersODIN Intelligence Website HackedMailChimp Discloses New Breach After Employees Got HackedPierce County (WA) Accidentally Shared Sensitive Voter Information for Hundreds of ThousandsMaritime Giant Dnv Says 1,000 Ships Affected by Ransomware AttackIllegal Solaris Darknet Market Hijacked by Competitor KrakenBank of America Starts Restoring Missing Zelle TransactionsHackers Push Malware via Google Search Ads for VLC, 7-Zip, CCleanerCritical Security Vulnerabilities Discovered in Netcomm and TP-Link RoutersWhat Is ChatGPT? AI Technology Sends Schools Scrambling to Preserve LearningChatGPT Creates Polymorphic Malware
1/17/2023 January 18, 2023January 18, 2023 ~ The Cyber Beat ~ Leave a comment Hackers Use Fear of Mobilization to Target Russians With Phishing AttacksEarth Bogle Group Targets Middle East With NjRAT, Geopolitical LuresCrypto Exchanges Freeze Accounts Tied to North Korea’s Notorious Lazarus GroupHackers Can Abuse Legitimate GitHub Codespaces Feature to Deliver MalwareWhat to Know About the Cars of the Future Being Built by Tech, Auto CompaniesThe Scammers Who Scam Scammers on Cybercrime ForumsNissan North America Data Breach Caused by Vendor-Exposed DatabaseHacktivists Leak Data Apparently From Digital Forensics Vendors Cellebrite and MSABOver 4,000 Sophos Firewall Devices Vulnerable to RCE AttacksGit Patches Two Critical Remote Code Execution Security FlawsMicrosoft Azure Services Flaws Could’ve Exposed Cloud Resources to Unauthorized AccessLet’s Normalize ‘Radical Transparency’ Around Data Breaches
1/16/2023 January 17, 2023January 17, 2023 ~ The Cyber Beat ~ Leave a comment U.S. to Launch Third Iteration of ‘Hack the Pentagon’ Bug Bounty ProgramCISA Warns for Flaws Affecting Industrial Control Systems from Major ManufacturersNew Backdoor Created Using Leaked CIA’s Hive Malware Discovered in the WildChina Aims to Grow Local InfoSec Industry by 30% a Year, to $22 Billion by 2025North Korean ‘Lazarus’ Group Tied to $100M Harmony Hack Moves 41,000 Ether Over WeekendAvast Releases Free BianLian Ransomware DecryptorAll the Data Apple Collects About You—and How to Limit ItEurope Beefs-up Cybersecurity Law, Trumping the UKVice Society Ransomware Leaks University of Duisburg-Essen’s DataSaga UK Suffers ‘Unusual Breach’ Where Customers Have Credit Card Data LeakedDatadog Rotates RPM Signing Key Exposed in CircleCI HackRaccoon and Vidar Stealers Spreading via Massive Network of Fake Cracked SoftwareMalicious ‘Lolip0p’ PyPi Packages Install Info-Stealing MalwareResearchers to Release PoC Exploit for Critical Zoho RCE Bug, Patch NowMSI Accidentally Breaks Secure Boot for Hundreds of Motherboards
1/13-15/2023 January 15, 2023January 15, 2023 ~ The Cyber Beat ~ Leave a comment Pro-Russian Hacktivist Group Targets Czech Presidential ElectionRussian Hackers Try to Bypass ChatGPT’s Restrictions For Malicious PurposesNSA Director Asks Congress to Let It Get On With That Warrantless Data Harvesting Without LapseRussians Say They Can Grab Software From Intel AgainHow to Use Your Phone to Find Hidden CamerasThe Biggest Risks of Using Bluetooth Trackers Like Apple AirTag, TileThe Big Risk in the Most-Popular, and Aging, Big Tech Default Email ProgramsIn the Fight Against Scams, ‘Cyber Ambassadors’ Enter the ChatBrave Browser’s New Snowflake Feature Help Bypass Tor BlocksEconomic Uncertainty Weighs on Cyber ChiefsTikTok Slapped With $5.4 Million Fine Over Cookie Opt-Out FeatureNortonLifeLock Warns That Hackers Breached Password Manager AccountsLiquor Control Board of Ontario Site Hacked to Steal Credit CardsDozens of Clerk of Court Offices in Louisiana Offline Following Cyber AttackMalware Attack on CircleCI Engineer’s Laptop Leads to Recent Security IncidentTainted VPNs Being Used to Spread EyeSpy SurveillancewareHacker Group Discloses Ability to Encrypt an RTU Device Using Ransomware, Industry ReactsPoC Exploits Released for Critical Bugs in Popular WordPress PluginsHackers Exploit Control Web Panel Flaw to Open Reverse ShellsCacti Servers Under Attack as Majority Fail to Patch Critical VulnerabilityRansomware Has Now Become a Problem for Everyone, and Not Just Tech