6/23/2022

NSO Confirms Pegasus Spyware Used by at least 5 European Countries

Google Warns of New Spyware from RCS Labs Targeting iOS and Android Users

Conti Ransomware Hacking Spree Breaches Over 40 Orgs in a Month

Businesses Risk ‘Catastrophic Financial Loss’ From Cyberattacks, U.S. Watchdog Warns

Less Than Half of Organizations Have Open Source Security Policy

Lithuania Warns of Rise in DDoS Attacks Against Government Sites

Scalper Bots Out of Control in Israel, Selling State Appointments
Halfords Suffers a Puncture in the Customer Details Department

Avamere Health Services Breach Impacts Nursing and Senior Living Employees

Chinese Hackers Use Ransomware as Decoy for Cyber Espionage

Fancy Bear Uses Nuke Threat Lure to Exploit 1-Click Bug

New MetaMask Phishing Campaign Uses KYC Lures to Steal Passphrases

Malicious Windows ‘LNK’ Attacks Made Easy With New Quantum Builder

CISA: Log4Shell Exploits Still Being Used to Hack VMware Servers

6/22/2022

Israeli Air Raid Sirens Triggered in Possible Cyberattack

Microsoft: Russia Stepped up Cyberattacks Against Ukraine’s Allies

Tech Executives Urge Government to Share Cyber Threat Intel

Tech Firms Cut Staff Amid Recession Fears

Cyber Funding, Plentiful for Years, Faces a Reckoning

80% of Firms Suffered Identity-Related Breaches in Last 12 Months

Gamification of Ethical Hacking and Hacking Esports

Krebs: Meet the Administrators of the RSOCKS Proxy Botnet

Brave Now Lets You Customize Search Results—for Better or Worse

‘Mysterious’ Company Sued to Expose Billionaire’s Twitter Critic
Chinese Hackers ‘Tropic Trooper’ Target Script Kiddies With Info-Stealer Trojan

Japanese Automotive Hose Maker Nichirin Hit by Ransomware Attack

Yale New Haven Hospital Research File Implicated in Healthcare Data Breach

Guardian Fueling Technologies (FL) Announces Data Breach

Hot Tub Crime Machine: Jacuzzi Smart Tubs Left Personal Info Exposed

RIG Exploit Kit Now Infects Victims’ PCs With Dridex Instead of Raccoon Stealer

Critical PHP Flaw Exposes QNAP NAS Devices to RCE Attacks

Researchers Uncover Ways to Break the Encryption of ‘MEGA’ Cloud Storage Service

MEGA Fixes Critical Flaws That Allowed the Decryption of User Data

NSA Shares Tips on Securing Windows Devices With PowerShell

6/21/2022

Biden Signs Cyber Bills Into Law

Former NSA Chief Warns of Russian Cyberattacks Against U.S. Financial Sector

Russian Gov’t Hackers Hit Ukraine With Cobalt Strike, CredoMap Malware

Kazakhstan Gov’t Used Spyware Against Protesters

Report: Daycare Monitoring Apps Are ‘Dangerously Insecure’

Magecart Attacks Are Still Around: And They Are Becoming More Stealthy

HPE Tackles Cyber Skills Shortage with Hands-On Experience

Phishing Gang Behind Millions in Losses Dismantled by Police

Twitter Board Recommends Elon Musk Takeover Bid
Cloudflare Outage Knocks Hundreds of Websites Offline

Yodel Parcel Company Confirms Cyberattack Is Disrupting Delivery

Acorda Therapeutics (NY) Announces Data Breach After Compromised Emails

Robert Half International Reports Data Breach Affecting Consumers’ SSNs

Brooks County (TX) Pays off Hacker With Tax Dollars After Ransomware Attack

New Toddycat Apt Targets MS Exchange Servers in Europe and Asia

7-Zip Now Supports Windows ‘Mark-Of-The-Web’ Security Feature

Adobe Acrobat May Block Antivirus Tools From Monitoring PDF Files

6/20/2022

What the Russia-Ukraine War Means for the Future of Cyber Warfare

Security Flaw In Strava, A Social Fitness App, Exposed Identities Of Israeli Soldiers At Military Bases

Krebs: Why Paper Receipts are Money at the Drive-Thru

New ‘BidenCash’ Site Sells Your Stolen Credit Card for Just 15 Cents

Ransomware Attacks: This Is the Data That Cyber Criminals Really Want to Steal

Google Chrome Extensions Could Be Used to Track Users Online

The Ghost of Internet Explorer Will Haunt the Web for Years

Voicemail Phishing Emails Steal Microsoft Credentials
Flagstar Bank Discloses Data Breach Impacting 1.5 Million Customers

81,000+ Social Security Numbers Leaked in Quality Temporary Services (MI) Data Breach

Baptist Health (TX) Announces Data Breach Affecting Patients

Simpson University (CA) Confirms Data Breach Leaked Information of 6,000+ Students

New DFSCoerce NTLM Relay Attack Allows Windows Domain Takeover

Google Researchers Detail 5-Year-Old Apple Safari Vulnerability Exploited in the Wild

CISA and Friends Raise Alarm on Critical Flaws in Industrial Equipment, Infrastructure

6/17-19/2022

Leaked Audio From 80 Internal TikTok Meetings Shows That U.S. User Data Has Been Repeatedly Accessed From China

U.S., EU Plan Joint Foreign Aid for Cybersecurity to Counter China

NSO Group’s Reported Sale to U.S. Defense Contractor Alarms Cybersecurity Experts

Android-wiping BRATA Malware is Evolving Into a Persistent Threat

YouTube Removes Video From Jan 6 Panel Including Trump’s Election Misinformation

Former Amazon Employee Paige Thompson Convicted Over 2019 Capital One Hack

Cookie Consent Crumbles Under Fresh UK Data Law Proposals

UK Approves Assange Extradition to U.S., WikiLeaks Says It Will Appeal
Personal Details of 15,000 Memorial University (NL) Students Leaked in Accidental Data Breach to Other Students

Wilkins Recreational Vehicles (NY) Reports Data Breach Following Conti Ransomware Attack

New Phishing Attack Infects Devices With Cobalt Strike

Atlassian Confluence Flaw Being Used to Deploy Ransomware and Crypto Miners

Over a Dozen Flaws Found in Siemens’ Industrial Network Management System

QNAP NAS Devices Targeted by Surge of eCh0raix Ransomware Attacks

QNAP ‘Thoroughly Investigating’ New DeadBolt Ransomware Attacks

Cisco Says It Won’t Fix Zero-Day RCE in End-Of-Life VPN Routers

6/16/2022

U.S., Partners Dismantle Russian Hacking ‘RSOCKS’ Botnet, Justice Dept Says

Cyber-Criminals Smuggle Ukrainian Men Across Border

Iran State-Sponsored Phishing Attack Targeted Israeli Military Officials

Police Linked to Hacking Campaign to Frame Indian Activists

Corporate Network Access Selling for Under $1000 on Dark Web

Californian Man iCloud Hacker Gets 9 Years in Prison for Stealing Nude Photos

White House to Tackle Online Harassment, Abuse With New Task Force

Microsoft Defender Launches on Windows, macOS, iOS, and Android

RSAC Branded a ‘Super Spreader Event’ as Attendees Share COVID-19 Test Results
India’s Allahabad University Website Crashes During Exam, Cyber Attack Suspected

NakedPages Phishing Toolkit is Now Available on Cybercrime Forums

Android Spyware ‘Hermit’ Discovered in Targeted Attacks

MetaMask, Phantom Warn of Flaw That Could Steal Your Crypto Wallets

Anker Eufy Smart Home Hubs Exposed to RCE Attacks by Critical Flaw

High-Severity RCE Vulnerability Reported in Popular Fastjson Library

Sophos Firewall Zero-Day Bug Exploited Weeks Before Fix

A Microsoft Office 365 Feature Could Help Ransomware Hackers Hold Cloud Files Hostage

730K WordPress Sites Force-Updated to Patch Critical Plugin Bug

Democratizing Cybersecurity

6/15/2022

Russia Is Taking Over Ukraine’s Internet

Babushka Z: The Woman Who Became a Russian Propaganda Icon

Travel-related Cybercrime Takes Off as Industry Rebounds

Allison Inn & Spa (OR) Hit by Unusual Cyberattack; Employee Data, Guests’ Names Posted on Internet

Heineken Says There’s No Free Beer, Warns of Phishing Scam

Hit by a Cyberattack? Hackers Will Probably Come After You Again – Within a Year

Ransomware Negotiation Evolves, as Victims Hope for Discounts

Musk Predicts ‘Massive Red Wave‘, Teases Creation of ‘Super Moderate Super PAC’

Flashpoint Announces Cybersecurity Platform for K-12

Interpol Seizes $50 Million, Arrests 2000 Social Engineers

24+ Billion Credentials Circulating on the Dark Web in 2022 — So Far
Data Breach at U.S. Ambulance Billing Service Comstar Exposed Patients’ Healthcare Info

Goodman Campbell Brain and Spine (IN) Announces Data Breach After Ransomware Attack

Panchan: A New Golang-based Peer-To-Peer Botnet Targeting Linux Servers

MaliBot: A New Android Banking Trojan Spotted in the Wild

Hackers Exploit Three-Year-Old Telerik Flaws to Deploy Cobalt Strike

Critical Flaw in Cisco Secure Email and Web Manager Lets Attackers Bypass Authentication

Citrix Warns Critical Bug Can Let Attackers Reset Admin Passwords

SAP Patches Critical NetWeaver and ABAP Platform Vulnerabilities

Krebs: Microsoft Patch Tuesday, June 2022 Edition

Microsoft: June Windows Server Updates May Cause Backup Issues

6/14/2022

Ukraine Has Begun Moving Sensitive Data Outside Its Borders

The War in Ukraine Has Exposed a Critical American Vulnerability

Cybersecurity in the Pacific: How Island Nations Are Building Their Online Defences

Veterans Explain How Military Service Prepared Them for Cybersecurity Careers

The Unrelenting Threat of Ransomware Is Pushing Cybersecurity Workers to Quit

Hacker Advertises ‘Crappy’ Ransomware on Instagram

Krebs: Ransomware Group Debuts Searchable Victim Data

Why a Bipartisan Data Privacy Proposal Faces Uphill Battle

Lawmakers Make Bipartisan Push for New Government Powers to Block U.S. Investments in China

Brazil’s Data Protection Authority to Gain Independence From Presidential Office

Shanghai’s Censors Can’t Hide Stories of the Dead

Former U.S. State Agency CIO, IT Exec Plead Guilty to Bribery and Extortion Scheme

Microsoft to Acquire Foreign Cyberthreat Analysis Vendor Miburo

Firefox Now Blocks Cross-Site Tracking by Default for All Users
Malaysia-Linked DragonForce Hacktivists Attack Indian Targets

Cloudflare Saw Record-Breaking DDoS Attack Peaking at 26 Million Request Per Second

Large Southern Africa Supermarket Chain Shopright Hit With Ransomware

Allaire Health Services Announces Data Breach

CHI Health (WA) Says Cybersecurity Breach May Have Exposed Some Patients’ Data

Android Malware on the Google Play Store Gets 2 Million Downloads

Unpatched Travis CI API Bug Exposes Thousands of Secret User Access Tokens

New Hertzbleed Side-Channel Attack Affects Intel, AMD CPUs

New Zimbra Email Vulnerability Could Let Attackers Steal Your Login Credentials

Technical Details Released for ‘SynLapse’ RCE Vulnerability Reported in Microsoft Azure

Microsoft June 2022 Patch Tuesday Fixes 1 Zero-Day, 55 Flaws

Microsoft’s Final Patch Tuesday Fixes Follina Bug

Botched and Silent Patches From Microsoft Put Customers at Risk, Critics Say

6/13/2022

Russian Hackers Start Targeting Ukraine With Follina Exploits

Top Cyber Official Says Transformation Needed in Cyberspace

World Economic Forum Wants a Global Map of Online Crime

Cybersecurity Skills Gap a Mounting Concern in Asia

In Security, Less Is More

FDNY Calls for Digital Firewall to Protect Rescue Workers From Cyber-Attacks

Apple CEO Tim Cook Pushes Senate For Privacy Legislation

Apple Wants to End Passwords for Everything: Here’s How It Would Work

CISA Recommends Organizations Update to the Latest Version of Google Chrome

Googler Suspended After Claiming AI Became Sentient

Krebs: “Downthem” DDoS-for-Hire Boss Gets 2 Years in Prison

Questions to Improve Enterprise Cybersecurity Awareness
Kaiser Permanente Data Breach Exposes Health Data of 69K People

India’s Farmers Exposed by New Aadhaar Data Leak

700 Patients’ Private Information Stolen in Avera Data Breach

Perkins & Co. Announces Data Breach Related to Incident at Cloud-Hosting Company Netgain

Hackers Clone Coinbase, MetaMask Mobile Wallets to Steal Your Crypto

Chinese ‘Gallium’ Hackers Using New PingPull Malware in Cyberespionage Attacks

New Syslogk Linux Rootkit Uses Magic Packets to Trigger Backdoor

HelloXD Ransomware Installing Backdoor on Targeted Windows and Linux Systems

Microsoft: Exchange Servers Hacked to Deploy Blackcat Ransomware

PyPI Package ‘Keep’ Mistakenly Included a Password Stealer

Researchers Disclose Rooting Backdoor in Mitel IP Phones for Businesses

Metasploit 6.2.0 Improves Credential Theft, SMB Support Features, More

6/10-12/2022

Conti’s Attack Against Costa Rica Sparks a New Ransomware Era

Job Cuts Hit Cybersecurity Industry Despite Surging Growth From Ransomware Attacks

Cybersecurity Courses Ramp up Amid Shortage of Professionals

In an Ever Evolving Landscape, CISOs Shift Their Priorities

Introducing ‘Hack Me if You Can,’ a New Podcast Series

Researchers Find Bluetooth Signals Can be Fingerprinted to Track Smartphones

Krebs: Adconion Execs Plead Guilty in Anti-Spam Case
Iranian Lycaeum APT Target Energy Sector With New DNS Backdoor

Pyramid Consulting Group (NY) Data Breach Leaked 3,000 Social Security Numbers

Vulns Targeting InfiRay Thermal Cameras May Result in Industrial Process Hacking

Hackers Exploit Recently Patched Confluence Bug for Cryptomining

Confluence Servers Hacked to Deploy AvosLocker, Cerber2021 Ransomware

Pacman: MIT Researchers Discover New Flaw in Apple M1 CPUs That Can’t Be Patched

6/9/2022

Russia Says West Risks ‘Direct Military Clash’ Over Cyber Attacks

Dark Web Sites Selling Alleged Western Weapons Sent to Ukraine

Feds Forced Travel Firms to Share Surveillance Data on Hacker

New Privacy Framework for IoT Devices Gives Users Control Over Data Sharing

How Poor Communication Opens the Door to Ransomware and Extortion

YouTube Accused of Failing to Tackle Fake Elon Musk Livestream Scams

Twitter Set to Agree to Elon Musk Request For Data on Fake Accounts

Bizarre Ransomware Sells Decryptor on Roblox Game Pass Store
Chinese Hacking Group Aoqin Dragon Quietly Spied Orgs for a Decade

Ellsworth (KS) Warns Residents of Ransomware Attack

Fred Hutch Center Center (WA) Data Breach: Unauthorized Hack of Employee Email

AdviceOne (CT) Announces Data Breach

Vice Society Ransomware Claims Attack on Italian City of Palermo

New Ultra-Stealthy Linux Backdoor ‘Symbiote’ Isn’t Your Everyday Malware Discovery

Hackers Can Steal Your Tesla by Creating Their Own Keys

Microsoft Defender Now Isolates Hacked, Unmanaged Windows Devices

Xage Releases New Tool to Battle MFA Bombing in Critical Infrastructure

6/8/2022

Disinfo and Hate Speech Flood TikTok Ahead of Kenya’s Elections

Ukraine’s Secret Cyber-Defense That Blunts Russian Attacks: Excellent Backups

How a Saxophonist Tricked the KGB by Encrypting Secrets in Music

Beware of Scams Involving Jobs, Stimulus Checks and Tax Refunds, IRS Warns

Work Remains in Fight Against Ransomware

Paying Ransomware Paints Bigger Bullseye on Target’s Back

Ransomware Pressure Forces UK CISOs to Consider Quitting

Kali Linux Team to Stream Free Penetration Testing Course on Twitch

Bipartisan Antitrust Bill Sponsors Push for Floor Vote This Month
Massive Facebook Messenger Phishing Operation Generates Millions

Australian Chinese News Site Hit by Cyber Attack, Media Reports

Tenafly Public Schools (NJ) Final Exams Canceled After Ransomware Cripples Computers

OnDeck Breach of Social Security Numbers and Financial Account Info

Poisoned CCleaner Search Results Spread Information-Stealing Malware

Emotet Malware Now Steals Credit Cards From Google Chrome Users

Cuba Ransomware Returns to Extorting Victims With Updated Encryptor

Linux Botnets Now Exploit Critical Atlassian Confluence Bug

Intel Offers ‘Server on a Card’ Reference Design for Network Security

6/7/2022

U.S.: Chinese Gov’t Hackers Breached Telcos to Snoop on Network Traffic

KrebsOnSecurity in New Netflix Series on Cybercrime

Cyber-Attack Surface “Spiralling Out of Control”

Elevated Cyber Threats Are the ‘New Normal’

An Emerging Threat: Attacking 5G Via Network Slices

Senators Gillibrand, Lummis Introduce Major Cryptocurrency Bill

IBM Buys Startup Randori to Address Multicloud Security Messes

Apple’s Rapid Security Response Will Push Faster Updates That Install on Macs Without a Reboot

Apple’s Safety Check Combats Domestic Abuse but Timing Its Use Is Critical

U.S. Seizes SSNDOB Market for Selling Personal Info of 24 Million People
Shields Health Care Group Data Breach Affects 2 Million Patients

Online U.S. Gun Shops, Including Numrich Gun Parts, Hacked to Steal Credit Cards

Prothena Corporation, PLC Confirms Data Breach Following Compromised Employee Email Account

Researchers Warn of Spam Campaign Targeting Victims with SVCReady Malware

Linux Version of Black Basta Ransomware Targets VMware ESXi Servers

Follina Exploited by State-Sponsored Hackers

QBot Malware Now Uses Windows MSDT Zero-Day in Phishing Attacks

Android June 2022 Updates Bring Fix for Critical RCE Vulnerability

New ‘DogWalk’ Windows Zero-Day Bug Gets Free Unofficial Patches

6/6/2022

Ukrainian Officials’ Phones Targeted by Hackers -Cyber Watchdog

At Least Three Russian Ministry Website Reportedly Hacked

Costa Rican Government Held up by Ransomware … Again… This Time by Hive

Ransomware Gangs Now Give Victims Time to Save Their Reputation

Ransomware Attacks Have Dropped. And Gangs Are Attacking Each Other’s Victims

Meet the Vigilantes Who Hack Millions in Crypto to Save It From Thieves

AlphaBay Is Taking Over the Dark Web—Again

LastPass’ Mobile App Offers Access to Your Desktop Vault Without a Master Password

Apple Demos Safari’s ‘Passkeys’ Support in macOS Ventura That Will Help Bring an End to Passwords

Elon Musk Threatens to Pull Out of Twitter Deal Without More Information About Fake Accounts
Windows Zero-Day Exploited in U.S. Local Gov’t Phishing Attacks

Italian City of Palermo Shuts Down All Systems to Fend Off Cyberattack

Texas Gulf Bank Confirms Data Breach From Unauthorized Access to Employee Email Accounts

Rainier Arms Reports Data Breach Impacting the Credit Card Numbers of 46K+ Customers

‘Move-to-Earn’ Application Stepn Suffers Cyber Attack After Upgrade

Mandiant: “No Evidence” We Were Hacked by LockBit Ransomware

QBot Now Pushes Black Basta Ransomware in Bot-Powered Attacks

CISA Warned About Critical Vulnerabilities in Illumina’s DNA Sequencing Devices

Unpatched Critical Flaws Disclosed in U-Boot Bootloader for Embedded Devices

The U.S. Isn’t Getting Ahead on Cyber Security Threats

6/3-5/2022

A Digital Conflict Between Russia and Ukraine Rages on Behind the Scenes of War

Microsoft Disrupts Bohrium Hackers’ Spear-Phishing Operation

Apple Blocked 1.6 Millions Apps From Defrauding Users in 2021

Americans Report Losing Over $1 Billion to Cryptocurrency Scams

Business Email Compromise: The Hacker Gold Rush That’s Poised to Eclipse Ransomware

Evasive Phishing Mixes Reverse Tunnels and URL Shortening Services

Krebs: What Counts as “Good Faith Security Research?”

Tim Hortons Coffee App Broke Law by Constantly Recording Users’ Movements

Google Settles Lawsuit With Illinois Residents for $100M: May 1, 2015, and April 25, 2022

Key Congressional Lawmakers Draft Competing Data Privacy Bills
Louisiana Authorities Investigating Ransomware Attack on City of Alexandria

EMC National Life Company Announces Data Breach

Medicare Issuing New Cards to Residents of the Villages (FL) After Data Breach

Novartis Says No Sensitive Data Was Compromised in Cyberattack

Bored Ape Yacht Club, Otherside NFTs Stolen in Discord Server Hack

WatchDog Hacking Group Launches New Docker Cryptojacking Campaign

SMSFactory Android Malware Sneakily Subscribes to Premium Services

Exploit Released for Atlassian Confluence RCE Bug, Patch Now

Atlassian Releases Patch for Confluence Zero-Day Flaw Exploited in the Wild

GitLab Issues Security Patch for Critical Account Takeover Vulnerability

6/2/2022

Tehran Municipality Websites Hit by Possible Hacking, Iranian Agency Says

Chinese LuoYu Hackers Deploy Cyber-Espionage Malware via App Updates

South Korean Special Forces Captain Charged With Spying for North Korea

Russian Linked Ransomware Groups Rebrand to Dodge Sanctions

Ransomware Gang Now Hacks Corporate Websites to Show Ransom Notes

U.S. Technology, a Longtime Tool for Russia, Becomes a Vulnerability

ExpressVPN Removes Servers in India After Refusing to Comply with Government Order

45% Of Cybersecurity Professionals Have Considered Quitting
Foxconn Confirms Ransomware Attack Disrupted Production in Mexico

Owner of Dodge’s Southern Stores, D&H Company, Reports Data Breach

Scammers Target NFT Discord Channel

Clipminer Malware Gang Stole $1.7M by Hijacking Crypto Payments

Top 10 Android Banking Trojans Target Apps With 1 Billion Downloads

Conti Spotted Working on Exploits for Intel Management Engine Flaws

Critical UNISOC Chip Vulnerability Affects Millions of Android Smartphones

Microsoft Blocks Polonium Hackers From Using Onedrive in Attacks

6/1/2022

Cyber Command Chief Confirms U.S. Took Part in Offensive Cyber Operations

Line Between Criminal Hackers and Nation-State Threats Blurs, U.S. Officials Say

Cloud Computing Dominates. But Security Is Now the Biggest Challenge

U.S. Gov’t: Paying Karakurt Extortion Ransoms Won’t Stop Data Leaks

Ransomware Attacks Need Less Than Four Days to Encrypt Systems

What if Ransomware Evolved to Hit IoT in the Enterprise?

Sheryl Sandberg Steps Down From Meta

Authorities Seize Domain Names After Probe Into Sales of Stolen Personal Information

Europol Confirms Takedown of SMS-based FluBot Spyware

Former OpenSea Head of Product Charged With NFT Insider Trading
FBI Thwarted Cyberattack Against Boston Children’s Hospital

Hundreds of Elasticsearch Databases Targeted in Ransom Attacks

Telegram’s Blogging Platform Abused in Phishing Attacks

RuneScape Phishing Steals Accounts and In-Game Item Bank PINs

SideWinder Hackers Plant Fake Android VPN App in Google Play Store

New Unpatched Horde Webmail Bug Lets Hackers Take Over Server by Sending Email

New Windows Search Zero-Day Added to Microsoft Protocol Nightmare

Windows MSDT Zero-Day Vulnerability Gets Free Unofficial Patch

Cybersecurity Startup Ordr Nabs $40M to Monitor Connected Devices for Anomalies

The Race to Hide Your Voice

5/31/2022

Ukrainian Officials Report ‘Shutdown of All Communications’ in Kherson Region

Latest Cyberattack in Costa Rica Targets Hospital System

Krebs: Costa Rica May Be Pawn in Conti Ransomware Group’s Bid to Rebrand, Evade Sanctions

Cyber Defense Confidence Ebbs as Ransomware Attacks Multiply

New Research: Increase in Cyber Vulns for Small and Medium Sized Businesses

Windows MSDT Zero-Day Now Exploited by Chinese APT Hackers

FBI Warns of Ukrainian Charities Impersonated to Steal Donations

Hackers Steal WhatsApp Accounts Using Call Forwarding Trick

Supreme Court Temporarily Blocks Texas Social Media Law
Turkish Airline Exposes Flight and Crew Info in 6.5TB Leak

Over 3.6 Million MySQL Servers Found Exposed on the Internet

After Hive Cyberattack, Partnership HealthPlan of California Confirms Data Theft Affecting 855K

Albany Bank & Trust Co. (IL) Reports Data Breach Following Data Security Incident

Christiana Spine Center (DE) Latest Spine Practice to Suffer Ransomware Attack

Mirror Protocol $2M Hack; Here’s What Happened

Magniber Ransomware Now Targets Windows 11 Machines

New XLoader Botnet Uses Probability Theory to Hide Its Servers

Microsoft Shares Mitigation for Office Zero-Day Exploited

You Need to Update iOS, Chrome, Windows, and Zoom ASAP

5/30/2022

Rumours Continue About Putin’s Health – With Little to Back Them Up

Anonymous Claims Attacks Against Belarus for Involvement in Russian Invasion of Ukraine

Indian Authorities Issue Conflicting Advice About Biometric ID Card Security

Vodafone Plans Carrier-Level User Tracking for Targeted Ads
Italy Warns Organizations to Brace for Incoming DDoS Attacks

Data Breach at Australian Pension Provider Spirit Super Impacts 50K Victims After Phishing

Zero-Day ‘Follina’ Bug Lays Older Microsoft Office Versions Open to Attack

Three Nigerians Arrested for Malware-Assisted Financial Crimes

5/27-29/2022

Russian Hackers Believed to Be Behind Leak of Hard Brexit Plans

BlackCat/ALPHV Ransomware Asks $5 Million to Unlock Austrian State

The Mystery of China’s Sudden Warnings About U.S. Hackers

CISA Publishes 5G Security Evaluation Process Plan

Information Security Gets Personal: How to Protect Yourself and Your Stuff

Mobile Trojan Detections Rise as Malware Distribution Level Declines

Intuit Warns of QuickBooks Phishing Threatening to Suspend Accounts

Microsoft to Force Better Security Defaults for All Azure AD Tenants

SpiceJet Defers Q4 Earnings Announcement After Ransomware Attack

Somerset County (NJ) Switches Over to Gmail to Keep Agencies Running Following Ransomware Attack

Physical Security Teams’ Impact Is Far-Reaching

Yubo Livestreaming App Cooperating With Law Enforcement on Texas Shooting Investigation

New York Man Sentenced to Four Years in Transnational Cybercrime Scheme
Stolen University Credentials up for Sale by Russian Crooks, FBI Warns

NJ Talent Firm Voto Consulting Exposed Thousands of Resumes, Detailing Immigration Statuses and Security Clearances

Hacker Accesses a Verizon Employee Database and Tries to Ransom the Data for $250,000

GitHub: Attackers Stole Login Details of 100K NPM User Accounts

Optoma Technology (CA) Confirms Data Breach Stemming From Recent Ransomware Attack

Patient Info, SSNs, Compromised in Allwell Behavioral Health Services (OH) Breach

Regina Public Schools (SK) Remain Offline, Cyber Attack Confirmed

Portland (OR) Lost $1.4M in a ‘Cybersecurity Breach’

Clop Ransomware Gang Is Back, Hits 21 Victims in a Single Month

New Windows Subsystem for Linux Malware Steals Browser Auth Cookies

EnemyBot Malware Adds Exploits for Critical VMware, F5 Big-IP Flaws

Microsoft Finds Critical Bugs in Pre-Installed Apps on Millions of Android Devices

5/26/2022

Industrial Spy Data Extortion Market Gets Into the Ransomware Game

Three-quarters of Security Pros Believe Current Cybersecurity Strategies Will Shortly Be Obsolete

Attribution Is Key to Holding Cyber Criminals Accountable

Cybergang Claims REvil Is Back, Executes DDoS Attacks

Most CFOs Being Left Out of Ransomware Conversations

10 Tips to Develop Cybersecurity Knowledge Within Organizations

Spring Cleaning Checklist: Keep Your Devices Safe at Work

Google Urged to Stop Tracking Location Data Ahead of Roe Reversal

Broadcom Is Acquiring VMware for $61 Billion

Google Is Adding These IT Security Integrations to Chrome

Windows 11 KB5014019 Breaks Trend Micro Ransomware Protection

Cyber Attack, Threat of Bad Weather Can’t Stop Whitmer High School (OH) Graduation
Millions of People’s Info Stolen From MGM Resorts Dumped on Telegram for Free

Austria’s Carinthia Halts Passport Issuance Over Ransomware Attack

Alameda Health System (CA) Files Notice of Recent Data Breach

New ERMAC 2.0 Android Malware Steals Accounts, Wallets From 467 Apps

Critical ‘Pantsdown’ BMC Vulnerability Affects QCT Servers Used in Data Centers

Zyxel Warns of Flaws Impacting Firewalls, APs, and Controllers

OAS Platform Vulnerable to Critical RCE and API Access Flaws

Tails OS Users Advised Not to Use Tor Browser Until Critical Firefox Bugs are Patched

Exploit Released for Critical VMware Auth Bypass Bug, Patch Now

Microsoft Shares Mitigation for Windows KrbRelayUp LPE Attacks

5/25/2022

Beijing Needs the Ability to ‘Destroy’ Starlink, Say Chinese Researchers

Iran Used Secret U.N. Records to Evade Nuclear Probes

Feds Say Twitter Used Contact Info Collected for Security Purposes to Target Ads

Interpol Arrest Leader of SilverTerrier Cybercrime Gang Behind BEC Attacks

Global Oil and Gas Companies Join Pledge for Cyber Resilience

Verizon Report: Ransomware, Human Error Among Top Security Risks

Lumos System Can Find Hidden Cameras and IoT Devices in Your Airbnb or Hotel Room

Hacker Says Hijacking Libraries, Stealing AWS Keys Was Ethical Research
SpiceJet Airline Passengers Stranded After Ransomware Attack

Data Breach at Scarborough Health Network Hospitals (ON) Possibly Exposed Patient Info

Data Breach Nederlander Theatrical Corp (NY) Compromises Over 14,000 Names and SSNs

Darknet Market Versus Shuts Down After Hacker Leaks Security Flaw

Tails 5.0 Linux Users Warned Against Using It “For Sensitive Information”

New ‘Cheers’ Linux Ransomware Targets VMware ESXi Servers

New ChromeLoader Malware Surge Threatens Browsers Worldwide

BPFDoor Malware Uses Solaris Vulnerability to Get Root Privileges

5/24/2022

Hacked Police Computer Servers: The Faces From China’s Uyghur Detention Camps

Personal Data of Tens of Millions of Russians and Ukrainians Exposed Online

Hackers Target Russian Gov’t With Fake Windows Updates Pushing RATs

Russian Diplomat Warns Against Global ‘Cyber Confrontation’

Open Source Intelligence May Be Changing Old-School War

Microsoft Warns of Web Skimmers Mimicking Google Analytics and Meta Pixel Code

A Favorite of Cybercriminals and Nation States, Ransomware Incidents Increase Again

IBM Is Helping These Schools Build Up Their Ransomware Defenses

Senate Report Reveals Gaps in Data Collection on Ransomware Payments

Facebook Opens Political Ad Data Vaults to Researchers

DuckDuckGo Browser Allows Microsoft Trackers Due to Search Agreement

Microsoft: Credit Card Stealers Are Getting Much Stealthier

IP and Cybersecurity Disputes Are Top Legal Concerns for Tech Companies
General Motors Hit by Cyber-Attack Exposing Car Owners’ Personal Info

Washington University of St. Louis School of Medicine Notifies Patients of Data Breach

Jackson County Hospital (TX) Announces Data Breach Affecting Patient and Employee Data

Cyber Attack Shuts Down Somerset County (NJ) Email

Data Breach Reported at Schneck Medical Center (IN): Patient SSN’s Exposed

New Chaos Ransomware Builder Variant “Yashma” Discovered in the Wild

Screencastify Chrome Extension Flaws Allow Webcam Hijacks

Popular Python and PHP Libraries Hijacked to Steal AWS Keys

Researchers to Release Exploit for New VMware Auth Bypass, Patch Now

Patch Now: Zoom Chat Messages Can Infect PCs, Macs, Phones With Malware

Trend Micro Fixes Bug Chinese Hackers Exploited for Espionage

Mozilla Fixes Firefox, Thunderbird Zero-Days Exploited at Pwn2Own

CISA Adds 41 Vulnerabilities to List of Bugs Used in Cyberattacks

5/23/2022

Military-Made Cyberweapons Could Soon Become Available on the Dark Web, Interpol Warns

South Korean and U.S. Presidents Gang Up on North Korea’s Cyber-Offensives

Russian Hackers Perform Reconnaissance Against Austria, Estonia

Fronton: Russian IoT Botnet Designed to Run Social Media Disinformation Campaigns

Anonymous Declares Cyber-War on Pro-Russian Hacker Gang Killnet

How GDPR Is Failing

Porsche Rolls Out Board-Approved Privacy Strategy

Broadcom in Talks to Pay About $60 Billion for VMware

Mark Zuckerberg Sued Over Cambridge Analytica Data Breach
Hackers Breach Zola Wedding Registry Accounts and Make Fraudulent Purchases

Online Classes Resume After Cyber Attack at Kalamazoo Valley Community College (MI)

New RansomHouse Group Sets up Extortion Market, Adds First Victims

Photos of Abused Victims Used in New ID Verification Scam

Charity Or Cybercrime? Goodwill Ransomware Cracks Your Decryption If You Donate

Fake Windows Exploits Target Infosec Community With Cobalt Strike

New Unpatched Bug Could Let Attackers Steal Money from PayPal Users

Hackers Can Hack Your Online Accounts Before You Even Register Them

5/20-22/2022

Canada Bans Huawei Equipment From 5G Networks, Orders Removal by 2024

Microsoft Bing Censors Politically Sensitive Chinese Terms

America’s Small Businesses Aren’t Ready for a Cyberattack

Conti Ransomware Shuts Down Operation, Rebrands Into Smaller Units

Google Chat Adds Warning Banners to Protect Against Phishing Attacks

Google Antitrust: Bipartisan Congress Bill Latest in Legal Troubles Over Advertising Practices

Crypto Might Have an Insider Trading Problem

Elon Musk Deep Fakes Promote New Cryptocurrency Scam

UK Sextortion Cases Doubled in 2021

SolarWinds Ready to Move Past Breach and Help Customers Manage Theirs

Windows 11 Hacked Again at Pwn2Own, Telsa Model 3 Too

Windows 11 Hacked Three More Times on Last Day of Pwn2Own Contest
Fears Grow for Smaller Nations After Ransomware Attack on Costa Rica Escalates

Russian Sberbank Says It’s Facing Massive Waves of DDoS Attacks

Ransomware Attack Exposes Data of 500,000 Chicago Public School Students

Vendor Battelle for Kids

Trust Stamp, a Facial Recognition Company With ICE Contract, Exposed Data in Breach

Google: Predator Spyware Infected Android Devices Using Zero-Days

PDF Smuggles Microsoft Word Doc to Drop Snake Keylogger Malware

Researchers Find Backdoor in School Management Plugin for WordPress

Malicious PyPI Package Opens Backdoors on Windows, Linux, and Macs

Cisco Issues Patch for New IOS XR Zero-Day Vulnerability Exploited in the Wild

5/19/2022

Biden Says Sweden and Finland Have the ‘Full Backing’ of the United States to Join NATO

Russian-Backed Hackers Behind Disinformation Campaigns Intended to Divide Ukraine

Iran, China-Linked Gangs Join Putin’s Disinformation War Online

North Korean Hackers Weaponize COVID Outbreak in Latest Cyber Attack

Spyware Vendors Target Android With Zero-Day Exploits

Phishing Websites Now Use Chatbots to Steal Your Credentials

Majority of Kubernetes API Servers Exposed to the Public

Justice Department Pledges Not to Charge Security Researchers With Hacking Crimes

MI5 Agent Used Secret Status to Terrorise Girlfriend

Cyber Boot Camps Fall Short for Some Students

Half of IT Leaders Store Passwords in Shared Docs

Microsoft Teams, Windows 11 Hacked on First Day of Pwn2Own
Media Giant Nikkei’s Asian Unit Hit by Ransomware Attack

DeKalb (GA) Student Newspaper Exposes Data Leak in District’s Online Network

Agile Sourcing Partners (CA) Suffers Data Breach Due to Conti Ransomware Attack

Greenland Says Health Services ‘Severely Limited’ After Cyberattack

Russian Fronton Botnet Does Far More Than DDoS Attacks – And on a Massive Scale

QNAP Alerts NAS Customers of New DeadBolt Ransomware Attacks

Ransomware Gangs Rely More on Weaponizing Vulnerabilities

Microsoft Detects Massive Surge in Linux XorDDoS Malware Activity

New Bluetooth Hack Could Let Attackers Remotely Unlock Smart Locks and Cars

Lazarus Hackers Target VMware Servers With Log4Shell Exploits

5/18/2022

Costa Rican President Says Country Is ‘at War’ With Conti Ransomware Group

U.S. Saw Signs of Decline in Russian Ransomware Strikes at Start of Ukraine War

NATO Cyber Coordinators Hold First-Ever Meeting Amid Russia’s Invasion

This Hacktivist Site Lets You Prank Call Russian Officials

Krebs: Senators Urge FTC to Probe ID.me Over Selfie Data

Liveness Tests Used by Banks to Verify ID Are ‘Extremely Vulnerable’ to Deepfake Attacks

Google’s DeepMind Says It Is Close to Achieving ‘Human-Level’ Artificial Intelligence

New York Attorney General to Probe Social Media Companies’ Role in Buffalo Shooting

Cyber Insurers Raise Rates Amid a Surge in Costly Hacks

APTs Overwhelmingly Share Known Vulnerabilities Rather Than Attack O-Days

Researchers Expose Inner Workings of Billion-Dollar Wizard Spider Cybercrime Gang

U.S. Recovers $15 Million From Global Kovter Ad Fraud Operation

Spanish Police Dismantle Phishing Gang That Emptied Bank Accounts
Chinese ‘Space Pirates’ Are Hacking Russian Aerospace Firms

Pharmacy Giant Dis-Chem Hit By Data Breach Affecting 3.6 Million Customers

Washington Local Schools (OH) Hit With Cyber Attack on Wednesday

Bank of Zambia Hit by Ransomware Trolls Hackers With Dick Pics

Fake Crypto Sites Lure Wannabe Thieves by Spamming Login Credentials

Critical Jupiter WordPress Plugin Flaws Let Hackers Take Over Sites

Hackers Gain Fileless Persistence on Targeted SQL Servers Using a Built-in Utility

April VMware Bugs Abused to Deliver Mirai Malware, Exploit Log4Shell

VMware Patches Critical Auth Bypass Flaw in Multiple Products

DHS Orders Federal Agencies to Patch VMware Bugs Within 5 Days

CISA Shares Guidance to Block Ongoing F5 BIG-IP Attacks

FBI and NSA Say: Stop Doing These 10 Things That Let the Hackers In

5/17/2022

Ransomware Gang Hacks Costa Rica, Asks Residents to Overthrow the Government

U.S. Warns Over Risk of Hiring North Korea Spies Posing As IT Workers

Krebs: When Your Smart ID Card Reader Comes With Malware

Cybersecurity Agencies Reveal Top Initial Access Attack Vectors

HTML Attachments Remain Popular Among Phishing Actors in 2022

Google Will Start Distributing a Security-Vetted Collection of Open-Source Software Libraries

Microsoft Defender for Endpoint Gets New Troubleshooting Mode

U.S,. Cyber Officials Express Confidence Over ‘Significant Progress’ in Federal Security

Local Government’s Guide to Minimizing the Risk of a Cyberattack

China Has Signaled Easing of Its Tech Crackdown — But Don’t Expect a Policy U-Turn

Musk, Twitter CEO Spar Over Bot Accounts, Tanking Share Price
Ransomware Hits American Healthcare Company Omnicell

Auction.com Data Breach Due to Conti Ransomware Attack

Christus Health (TX) Experienced Unauthorized Activity on Its Computer Network

More Than 90,000 South Australian Public Servants Now Involved in 2021 Payroll Data Breach

Hackers Target Tatsu WordPress Plugin in Millions of Attacks

Pentester Pops Open Tesla Model 3 Using Low-Cost Bluetooth Module

Microsoft Warns of “Cryware” Info-Stealing Malware Targeting Crypto Wallets

UpdateAgent Returns with New macOS Malware Dropper Written in Swift

Digital Skimming is Now the Preserve of Non-Magecart Groups

NVIDIA Fixes Ten Vulnerabilities in Windows GPU Display Drivers

CISA Warns Admins to Patch Actively Exploited Spring, Zyxel Bugs

5/16/2022

Sweden Warns of Russian Cyber Retaliation Over NATO Membership Move

Ukraine Supporters in Germany Targeted With PowerShell Rat Malware

Cyber Attack on Costa Rica Grows as More Agencies Hit, President Says

Researchers Devise iPhone Malware That Runs Even When Device Is Turned Off

China Has Been Quietly Building a Blockchain Platform: Here’s What We Know

U.S. Courts Are Coming After Crypto Exchanges That Skirt Sanctions

U.S. Charges Venezuelan Doctor With Selling Ransomware Used by Iranian Group

San Francisco Police Use Driverless Cars for Surveillance
U.S. Manufacturing Giant Parker Hit by Conti Ransomware Gang

Covenant Care California Reports Data Breach

Texas Department of Insurance Exposed Personal Info of 1.8 Million, Audit Says

Apple Emergency Update Fixes Zero-Day Used to Hack Macs, Watches

Microsoft’s May Patch Tuesday Updates Cause Windows AD Authentication Errors

CISA ‘Temporarily’ Removes Windows Vulnerability From Its Must-Patch List

Kali Linux 2022.2 Released With 10 New Tools, WSL Improvements, and More

Third-Party Web Trackers Log What You Type Before Submitting

5/13-15/2022

Finland, Sweden’s NATO Moves Prompt Fears of Russian Cyberattacks

Google Chrome Updates Failing on Android Devices in Russia

Ukraine: The Spy War Within the War

Iranian Hackers Exposed in a Highly Targeted Espionage Campaign

Italian CERT: Hacktivists Hit Gov’t Sites in ‘Slow HTTP’ DDoS Attacks

Phishing Attack Pop-up Targets MetaMask Users Visiting Popular Crypto Sites

Shopping for Malware: $260 Gets You a Password Stealer. $90 for a Crypto-Miner…

The NSA Swears It Has ‘No Backdoors’ in Next-Gen Encryption

EU Agrees New Cybersecurity Legislation for Critical Services Organizations

Open Source Community Hands White House 10-Point Security Plan

Crypto Robber Who Lured Victims via Snapchat and Stole £34,000 Jailed

Angry IT Admin Wipes Employer’s Databases, Gets 7 Years in Prison
Anonymous Bulletin Board App Yik Yak Is Revealing Its Users’ Exact Locations

Cyberattacks Reported by McKenzie Health System (MI) & Omnicell (CA)

Personal Information Breached in Elgin County (ON) Cyber Security Attack

Cyber Mistake: Cincinnati Inadvertently Posted Employees’ Personal Data Online

Fake Pixelmon NFT Site Infects You With Password-Stealing Malware

Fake Binance NFT Mystery Box Bots Steal Victim’s Crypto Wallets

New Saitama Backdoor Targeted Official From Jordan’s Foreign Ministry

Microsoft: Sysrv Botnet Targets Windows, Linux Servers With New Exploits

Hackers Exploiting Critical Bug in Zyxel Firewalls & VPNs

SonicWall Releases Patches for New Flaws Affecting SSLVPN SMA1000 Devices

Microsoft Fixes New PetitPotam Windows NTLM Relay Attack Vector

Just in Time? Bosses Are Finally Waking up to the Cybersecurity Threat