9/25/2024 September 26, 2024September 26, 2024 ~ The Cyber Beat ~ Leave a comment China-Linked Hackers Breach U.S. Internet Providers in New ‘Salt Typhoon’ CyberattackU.S. House Bill Addresses Growing Threat of Chinese Cyber ActorsBiden Meets Vietnam Leader to Counter Hanoi’s Ties With China and RussiaDonald Trump Briefed on Suspected Iranian Assassination PlotOpenAI Chief Technology Officer Mira Murati Says She’s Leaving Artificial Intelligence Company…OpenAI to Become For-Profit CompanyGoogle Paid $2.7 Billion to Bring Back an AI Genius Who Quit in FrustrationSurging AI Demand Could Cause the World’s Next Chip Shortage, Research SaysHow Apple and Microsoft’s Trusted Brands Are Being Used to Scam You Online82% of Phishing Sites Now Target Mobile DevicesCaroline Ellison, Former FTX Executive, Sentenced to 24 Months in PrisonKrebs: Timeshare Owner? The Mexican Drug Cartels Want YouChina Claims Taiwan, Not Civilians, Behind Web VandalismRansomHub Genius Tries to Put the Squeeze on Delaware LibrariesModified LockBit and Conti Ransomware Shows up in DragonForce Gang’s AttacksTransportation Companies Hit by Cyberattacks Using Lumma Stealer and NetSupport MalwareCISA: Hackers Target Industrial Systems Using “Unsophisticated Methods”Study Finds Many European Car Resellers Fail to Delete Driver DataConnecting Your Phone to Rental Car Infotainment System? There Is a Big, Hidden Privacy RiskPwn2Own Auto Offers $500K for Tesla HacksChatGPT macOS Flaw Could’ve Enabled Long-Term Spyware via Memory FunctionGoogle’s Shift to Rust Programming Cuts Android Memory Vulnerabilities by 52%Google Sees 68% Drop in Android Memory Safety Flaws Over 5 YearsMozilla Faces Privacy Complaint for Enabling Tracking in Firefox Without User Consent
9/24/2024 September 24, 2024September 24, 2024 ~ The Cyber Beat ~ Leave a comment Sweden Accuses Iran of Hacking Text Messaging Service Last Year After Public Koran BurningsTrump Campaign’s Suspected Iranian Hack May Still Be HappeningU.S. Capitol Hit by Massive Dark Web Cyber Attack: ReportsState Department Cyber Bureau Preps Funding Blitz Aimed at Boosting Allies’ DefensesRussia-Backed Media Outlets Are Under Fire in the U.S.—but Still Trusted WorldwideTikTok Blocks Dozens of Kremlin-Backed Media AccountsHow to Spot a North Korean Agent Before They Get Comfy Inside PayrollThreat Actors Shift to JavaScript-Based Phishing AttacksHackers Deploy AI-Written Malware in Targeted AttacksCrowdStrike Boss Apologises for Global IT OutageCybersecurity Incident Affects Arkansas City Water Treatment FacilityThe Centers for Medicare & Medicaid Services Says Data Breach Impacted 3.1 Million PeopleTwilio Purportedly Breached, Nearly 12K Call Records CompromisedAutoCanada Says Ransomware Attack “May” Impact Employee DataOne Point HR Solutions (OH) Data Breach Affects an Unknown Number of ConsumersRomCom Malware Resurfaces With SnipBot VariantNew Octo2 Malware Variant Threatens Mobile Banking SecurityInfostealer Malware Bypasses Chrome’s New Cookie-Theft DefensesCritical Ivanti vTM Auth Bypass Bug Now Exploited in Attacks
9/23/2024 September 23, 2024September 23, 2024 ~ The Cyber Beat ~ Leave a comment Dozens of Fortune 100 Companies Have Unwittingly Hired North Korean IT Workers, According to ReportU.S. Intelligence Agencies Confirm Russia Is Pushing Fake Videos of Kamala HarrisChinese Hackers Exploit GeoServer Flaw to Target APAC Nations with EAGLEDOOR MalwareRussian Cyber-Attacks Home in on Ukraine’s Military InfrastructureU.S. Proposes Ban on Chinese, Russian Connected Car Tech Over Security FearsMicrosoft’s Largest Ever Security Transformation Detailed in New ReportWhy ‘Never Expire’ Passwords Can Be a Risky DecisionUPS Supplier’s Password Policy Flip-Flops From Unlimited, to 32, Then 64 CharactersTelegram Will Now Hand Over Your Phone Number and IP if You’re a Criminal SuspectKaspersky Deletes Itself, Installs UltraAV Antivirus Without WarningIsraeli Tech Sector Resilient but Faces Funding Uncertainty Amid Ongoing War With Hamas GroupHow Apple, Google, and Microsoft Can Save Us From AI DeepfakesHezbollah Likely to Launch Retaliatory Cyberattack on Israel, Expert SaysAlaska Airlines Reports IT Outage, Disruption in Seattle‘Cybersecurity Issue’ Takes MoneyGram Offline for Three Days – And CountingTewkesbury Borough Council: Cyber Incident ‘Was an Accident – Not an Attack’Ransomware Attack on Franklin County (KS) Exposed Sensitive Info of Nearly 30,000 ResidentsKryptina Ransomware Resurfaces in Enterprise Attacks By MalloxAndroid Malware ‘Necro’ Infects 11 Million Devices via Google PlayNew PondRAT Malware Hidden in Python Packages Targets Software DevelopersMove Over, Cobalt Strike. Splinter’s the New Post-Exploit Menace in TownVulnerabilities Found in Popular Houzez Theme and PluginCritical Flaw in Microchip ASF Exposes IoT Devices to Remote Code Execution RiskGavin Newsom Vetoes Legislation to Mandate Universal Data Privacy Opt-Outs in California
9/20-22/2024 September 22, 2024September 22, 2024 ~ The Cyber Beat ~ Leave a comment Ukraine Bans Telegram Use for Government and Military PersonnelHacktivist Group Twelve Targets Russian Entities with Destructive Cyber AttacksCourt Finds Former German Cyber Chief Was Falsely Accused of Associating With Russian SpiesU.S. Cyberspace Solarium Commission Outlines Ten New Cyber Policy PrioritiesCyber Leaders Struggle to Fill AI Security JobsCybersecurity Skills Gap Leaves Cloud Environments VulnerableCISA Boss: Makers of Insecure Software Are the Real Cyber VillainsCompanies Face Risk of Huge Fines and Suspensions Under Tough New Cyber Rules in the EUU.S. Indicts Two, Including One Florida Man, Over Socially Engineered $230M+ Crypto HeistClickbaity or Genius? ‘BF Cheated on You’ QR Codes Pop up Across UKLinkedIn Halts AI Data Processing in UK Amid Privacy Concerns Raised by ICOFederal Civil Rights Watchdog Sounds Alarm Over DOJ, DHS, and HUD Use of Facial Recognition TechnologyHacker Uses Telegram Chatbots to Leak Data of Top Indian Insurer Star HealthDell Investigates Data Breach Claims After Hacker Leaks Employee InfoWells Fargo Clearing Services Notifies Consumers of Recent Data BreachMore Than $44 Million in Cryptocurrency Stolen From Singaporean Platform BingXCybercrooks Strut Away With Haute Couture Harvey Nichols DataSchools Across Lancashire Threatened by Hackers in Cyber AttackValencia Ransomware Explodes on the Scene, Claims California City, Fashion Giant, More as VictimsGlobal ‘Marko Polo’ Infostealer Malware Operation Targets Crypto Users, GamersCISA Warns of Actively Exploited Apache HugeGraph-Server BugResearcher Reveals ‘Catastrophic’ Security Flaw in the Arc BrowserWindows Server 2025 Previews Security Updates Without RestartsmacOS Sequoia Change Breaks Networking for VPN, Antivirus Software
9/19/2024 September 19, 2024September 19, 2024 ~ The Cyber Beat ~ Leave a comment First Israel’s Exploding Pagers Maimed and Killed. Now Comes the Paranoia…Your Phone Won’t Be the Next Exploding PagerIran Backdoors Planted Across Middle East Telecoms, Government Agencies, Google SaysLong Island County Hack Probe Details History of Cyber FailuresDisney to Stop Using Slack Following Hack That Exposed Company DataInsecure APIs and Bot Attacks Cost Global Firms $186bn1 in 10 Orgs Dumping Their Security Vendors After CrowdStrike OutageInfostealers Cause Surge in Ransomware Attacks, Just One in Three Recover DataCalifornians Can Now Add Their Driver’s Licenses to Apple WalletNo Way? Big Tech’s Endless ‘Lucrative Surveillance’ of Everyone Is Terrible for Privacy, FreedomTor Says It’s “Still Safe” Amid Reports of Police Deanonymizing UsersGermany Seizes 47 Crypto Exchanges Used by Ransomware GangsPolice Dismantles Phone Unlocking Ring Linked to 483,000 Victims8,000 Claimants Sue Outsourcing Giant Capita Over 2023 Data BreachIndonesia’s Tax Agency Probes Alleged Personal Data BreachAltman Plants Notifies Thousands of Data Breach Involving Their SSNs and Medical InformationElitecare Emergency Room (TX) Notifies Patients of July 2024 Data BreachTewkesbury Borough Council in Gloucestershire IT Systems Deemed ‘Safe’ After Cyber AttackHackers Exploit Default Credentials in FOUNDATION Software to Breach Construction FirmsCryptojacking Gang TeamTNT Makes a ComebackNew Brazilian-Linked SambaSpy Malware Targets Italian Users via Phishing EmailsClever ‘GitHub Scanner’ Campaign Abusing Repos to Push MalwareKrebs: This Windows PowerShell Phish Has Scary Potential1 PoC Exploit for Critical RCE Flaw, but 2 Patches From VeeamIvanti Warns of Another Critical CSA Flaw Exploited in AttacksApple’s New macOS Sequoia Update Is Breaking Some Cybersecurity ToolsGoogle Password Manager Now Automatically Syncs Your PasskeysUnexplained ‘Noise Storms’ Flood the Internet, Puzzle Experts
9/18/2024 September 18, 2024September 19, 2024 ~ The Cyber Beat ~ Leave a comment Hezbollah Devices Explode Again in Lebanon, Raising Fears of Wider Israel Conflict…Walkie-Talkies This Time…Solar Panels and Fingerprint Recognition Devices Used by Hezbollah Fighters…Hezbollah Pager Attack Puts Spotlight on Israel’s Cyber Warfare Unit 8200…Supply-Chain InterferenceEuropol Taskforce Disrupts ‘Ghost’ Global Criminal Network Through Supply Chain AttackGermany Seizes Leak Site of ‘Vanir’ Ransomware OperationFlax Typhoon: U.S. FBI Disrupts Second Chinese Hacking Group, Director SaysDid a Chinese University Hacking Competition Target a Real Victim?U.S. Says Iran Tried to Influence Election With Messages to Biden Camp With Stolen Info From Trump CampaignCritical Infrastructure at Risk From Email Security BreachesDOJ, FBI Need Better Metrics for Tracking Ransomware Disruption Efforts, Audit FindsRussian Security Firm Dr.Web Disconnects All Servers After BreachDeja Blues… Ransomware Group LockBit Boasts Once Again of Ransoming IRS-Authorized eFile.comNorth Korean Hackers Target Energy and Aerospace Industries with New MISTPEN MalwareNew “Raptor Train” IoT Botnet Compromises Over 200,000 Devices WorldwideMicrosoft: Vanilla Tempest Hackers Hit Healthcare With INC RansomwareX Hacking Spree Fuels “$HACKED” Crypto Token Pump-and-DumpQR Phishing Scams Gain Motorized Momentum in UKKrebs: Scam ‘Funeral Streaming’ Groups Thrive on FacebookGoogle Street View Images Used For Extortion ScamsGitLab Releases Fix for Critical SAML Authentication Bypass FlawDiscord Rolls Out End-To-End Encryption for Audio, Video Calls
9/17/2024 September 17, 2024September 17, 2024 ~ The Cyber Beat ~ Leave a comment Hezbollah Pagers Explode in Apparent Attack Across Lebanon…4,000 Injured, 11 Dead…The Mystery of Hezbollah’s Deadly Exploding Pagers…Hezbollah Vows to Punish Israel After Pager Explosions Across LebanonU.S. Looks to Align Security Across GovernmentCISA Urges Software Devs to Weed out XSS VulnerabilitiesCyberattacks Plague Health Care. Critics Call the Federal Response ‘Inadequate’Over Half of Breached UK Firms Pay RansomMost Cyber Leaders Fear AI-Generated Code Will Increase Security RisksAT&T Pays $13 Million FCC Settlement Over 2023 Data BreachChinese National Accused by Feds of Spear-Phishing for NASA, Military Source CodeMeta Blocks RT and Other Russian State Media; Kremlin Says It’s ‘Unacceptable’Pro-Ukraine Hackers Claim Attack on Agency That Certifies Digital Signatures in RussiaTemu Denies Breach After Hacker Claims Theft of 87 Million Data RecordsOver 1,000 ServiceNow Instances Found Leaking Corporate KB DataConstruction Firms Breached in Brute Force Attacks on Accounting SoftwareAramark myPay Data Breach Affects an Unknown Number of EmployeesBinance Warns of Rising Clipper Malware Attacks Targeting Cryptocurrency UsersMarko Polo Cybercrime Gang Targets Cryptocurrency Users, Influencers With ScamsRansomware Gangs Now Abuse Microsoft Azure Tool for Data TheftPKfail Secure Boot Bypass Remains a Significant Risk Two Months LaterSolarWinds Issues Patch for Critical ARM Vulnerability Enabling RCE AttacksVMware Patches Remote Make-Me-Root Holes in vCenter Server, Cloud Foundation
9/16/2024 September 16, 2024September 16, 2024 ~ The Cyber Beat ~ Leave a comment Cybersecurity & the 2024 U.S. ElectionsWhite House to Tackle AI-Generated Sexual Abuse ImagesCISA Warns of Windows Flaw Used in Infostealer Malware AttacksCybercriminals Exploit HTTP Headers for Credential Theft via Large-Scale Phishing AttacksAdvanced Phishing Attacks Put X Accounts at RiskSnowflake Slams ‘More MFA’ Button Again – Months After Ticketmaster, Santander BreachesHalf of UK Firms Lack Basic Cybersecurity SkillsTech Firm CACI Beefs up Defense Business With $1.28 Bln Azure Summit DealChrome Switching to NIST-Approved ML-KEM Quantum Encryption to Protect Against Quantum TLS AttacksU.S. Cracks Down on Spyware Vendor Intellexa With More SanctionsFeds Sentence 12 Crypto Thieves, Including a Florida Man, Behind SIM Swaps, Home InvasionsPacific Islands Forum Investigating Cyberattack on Networks by Reported China State ActorsOnly U.S. Platinum Mine Stillwater Mining Company Confirms Data Breach After Ransomware ClaimsData on Nearly 1 Million NHS Patients Leaked Online Following Ransomware Attack on London HospitalsGerman Radio Station Forced to Broadcast ‘Emergency Tape’ Following CyberattackThe Maids International Notifies Consumers of the January 2024 Data BreachNorth Korean Hackers Target Cryptocurrency Users on LinkedIn with RustDoor MalwareWindows Vulnerability Abused Braille “Spaces” in Zero-Day AttacksExploit Code Released for Critical Ivanti RCE Flaw, Patch NowGoogle Fixes GCP Composer Flaw That Could’ve Led to Remote Code ExecutionD-Link Fixes Critical RCE, Hardcoded Password Flaws in WiFi 6 Routers
9/13-15/2024 September 15, 2024September 15, 2024 ~ The Cyber Beat ~ Leave a comment Malicious Actors Spreading False U.S. Voter Registration Breach ClaimsState Dept: Russia’s RT News Agency Has ‘Cyber Operational Capabilities,’ Assists in Military ProcurementHow a U.S. Spy Tapped Into Russian Communication LinesKrebs: The Dark Nexus Between Harm Groups and ‘The Com’Nightsleeper: Could a Cyber Hack Derail a Train in Real Life?Hardware Supply Chain Threats Can Undermine Endpoint InfrastructureLargest Crypto Exchange in Indonesia Indodax Pledges to Reimburse Users After $22 Million Theft23andMe Agrees to Pay $30 Million to Settle Lawsuit Over Massive Data BreachCambodian Senator Sanctioned by U.S. Over Alleged Forced Labor Cyber-Scam CampsApple Seeks Dismissal of Its NSO Group Lawsuit, Citing Risk of Exposing ‘Vital Security Information’Meta to Resume Plans to Harness UK Users’ Social Media Posts for AI Model TrainingFeeld Dating App’s Security Too Open-Minded as Private Data Swings Into Public ViewPort of Seattle Hit by Rhysida Ransomware in August AttackRansomHub Claims Kawasaki Cyberattack, Threatens to Leak Stolen DataAtrium Health Apologizes After Employees Fall For Phishing Attack; Patient Info May Have Been ExposedShamrock Trading Corporation Announces May 2024 Data BreachTfL Requires In-Person Password Resets for 30,000 Employees After HackJohnson County Board of Education (TN) Loses $3.4 Million to a Fake Curriculum VendorMalware Locks Browser in Kiosk Mode to Steal Google CredentialsTrickMo Android Trojan Exploits Accessibility Services for On-Device Banking FraudIvanti Warns of Active Exploitation of Newly Patched Cloud Appliance VulnerabilityProgress WhatsUp Gold Exploited Just Hours After PoC Release for Critical Flaw
9/12/2024 September 13, 2024September 13, 2024 ~ The Cyber Beat ~ Leave a comment The U.S. Is Preparing Criminal Charges in Iran Hack Targeting TrumpChinese-Made Port Cranes in U.S. Included ‘Backdoor’ Modems, House Report SaysMicrosoft Is Building New Windows Security Features to Prevent Another CrowdStrike IncidentApple Vision Pro’s Eye Tracking Exposed What People TypeHacker Tricks ChatGPT Into Giving Out Detailed Instructions for Making Homemade BombsBT Spots 2,000 Potential Attacks on Its Network a SecondGoogle Chrome Makes It Easier to Opt out of Annoying Notifications on AndroidWhy Credit Card Fraud Alerts Are Rising, and How Worried You Should Be About ThemMastercard Bolsters Threat Intelligence Capabilities With $2.65 Billion Deal for Recorded FutureCyber Intelligence Company Strider Raises $55 Million in FundingHospital System to Pay $65 Million for Dark Web Data Leak, Including Images of Nude Cancer PatientsTfL Confirms Customer Data Breach, 17-Year-Old Suspect ArrestedU.S. Sanctions Cambodian Tycoon for Alleged Human Trafficking to Cyber Scam CentersFortinet Confirms Data Breach After Hacker Claims to Steal 440GB of FilesI Stole 20GB of Data From Capgemini – And Now I’m Leaking It, Says Cyber-CrookIranian Cyber Group OilRig Targets Iraqi Government in Sophisticated Malware AttackSocially Savvy Scattered Spider Traps Cloud Admins in WebExposed Selenium Grid Servers Targeted for Crypto Mining and ProxyjackingBeware: New Vo1d Malware Infects 1.3 Million Android TV Boxes WorldwideNew Android Malware ‘Ajina.Banker’ Steals Financial Data and Bypasses 2FA via Telegram‘Hadooken’ Linux Malware Targets Oracle WebLogic ServersHackers Targeting WhatsUp Gold With Public Exploit Since AugustUrgent: GitLab Patches Critical Flaw Allowing Unauthorized Pipeline Job ExecutionOpen Source Updates Have 75% Chance of Breaking AppsSchools Face Million-Dollar Bills as Ransomware RisesBusiness Email Compromise Costs $55bn Over a Decade
9/11/2024 September 12, 2024September 12, 2024 ~ The Cyber Beat ~ Leave a comment Cyberattacks on U.S. Utilities Surged 70% This Year, Says Check PointUK Designates the Data Center Sector Part of Its ‘Critical National Infrastructure’Hackers Have Sights Set on Four Microsoft Vulnerabilities, CISA WarnsOperational Technology Leaves Itself Open to Cyber-AttackWordPress.org to Require 2FA for Plugin Developers by OctoberApple Intelligence Promises Better AI Privacy for Personal Information . Here’s How It Actually WorksPoland’s Supreme Court Blocks Pegasus Spyware ProbeSingapore Police Arrest Six Hackers Linked to Global Cybercrime SyndicateSo You Paid a Ransom Demand … and Now the Decryptor Doesn’t WorkHow Law Enforcement’s Ransomware Strategies Are EvolvingHow $20 and a Lapsed Domain Allowed Security Pros to Undermine Internet IntegrityTD Bank Fined $28 Million for Sharing Inaccurate and Negative Data on CustomersHunters International Claims Ransom on Chinese Mega-Bank’s London HQJapanese Media Giant Kadokawa Investigating Another Reported Data Leak by BlackSuit HackersMultiple Popular French Retailers Confirm Hackers Stole Customer DataNJ Union Reports Cyber Incident May Have Exposed Members’ Private InformationHighline Public Schools Will Reopen Classes — Without Internet — Amid Cyberattack RecoveryBollinger County (MO) Sheriff Talks About Hack of Facebook PageDevelopers Beware: Lazarus Group Uses Fake Coding Tests to Spread MalwareDragonRank Black Hat SEO Campaign Targeting IIS Servers Across Asia and EuropeMajor Sales and Ops Overhaul Leads to Much More Activity … For Meow Ransomware GangGallup: Pollster Acts to Close Down Security ThreatAdobe Fixes Acrobat Reader Zero-Day With Public PoC ExploitKrebs: Bug Left Some Windows PCs Dangerously Unpatched
9/10/2024 September 10, 2024September 10, 2024 ~ The Cyber Beat ~ Leave a comment Experts Identify 3 Chinese-Linked Clusters Behind Cyberattacks in Southeast AsiaNew Portuguese Government to Keep Ban on Chinese 5G EquipmentThanks, Edward Snowden: You Propelled China to Quantum Networking LeadershipWix to Block Russian Users Starting September 12Russia to Spend Over Half a Billion Dollars to Bolster Internet Censorship SystemDoJ Distributes 18 and a Half Million Dollars to Western Union Fraud VictimsCrypto Scams Rake in Five and Three-Fifths of a Billion Dollars a Year for Cyberscum Lowlifes, FBI SaysWhatsApp’s ‘View Once’ Could Be ‘View Whenever’ Due To a FlawGallup Poll Bugs Open Door to Election MisinformationCyber Staffing Shortages Remain CISOs’ Biggest ChallengeLondon’s Transit Agency Drops Claim It Has ‘No Evidence’ of Customer Data Theft After HackVista Higher Learning (MA) Data Breach Impacts an Unknown Number of ConsumersCosmicBeetle (aka NoName) Deploys Custom ScRansom Ransomware, Partnering with RansomHubRansomHub Ransomware Abuses Kaspersky TDSSKiller to Disable EDR SoftwareNew PIXHELL Attack Exploits Screen Noise to Exfiltrates Data from Air-Gapped ComputersIvanti Fixes Maximum Severity RCE Bug in Endpoint Management SoftwareMicrosoft September 2024 Patch Tuesday Fixes 4 Zero-Days, 79 Flaws…Microsoft Fixes Windows Smart App Control Zero-Day Exploited Since 2018…Microsoft Fixes Windows Server Performance Issues From August Updates
9/9/2024 September 10, 2024September 10, 2024 ~ The Cyber Beat ~ Leave a comment Chinese Mustang Panda APT Hackers Exploit Visual Studio Code in Southeast Asian Cyberattacks…Mustang Panda Use New Data Theft Malware in Gov’t AttacksTIDRONE Espionage Group Targets Taiwan Drone Makers in Cyber CampaignGerman Intelligence Says Russian GRU Group Behind NATO, EU CyberattacksPoland Dismantles Cyber Sabotage Group Linked to Russia, BelarusRussia’s Top-Secret Military Unit Reportedly Plots Undersea Cable ‘Sabotage’DDoS Attacks Double With Governments Most TargetedThe Bitcoin ATM Has Emerged as One of Cryptocurrency’s Biggest ThreatsU.S. Proposes Requiring Reporting for Advanced AI, Cloud ProvidersTechnology Causes “Digital Entropy” as Firms Struggle With GovernanceWhat You Need to Know about Grok AI and Your PrivacyU.S. Offers $10 Million for Info on Russian Cadet Blizzard Hackers Behind Major AttacksCyber-Attack on Payment Gateway Slim CD Exposes 1.7 Million Credit Card DetailsData of Nearly 300,000 Exposed in Avis CyberattackHighline Public Schools (WA) Closes Schools Following CyberattackRansomware Attack Forces London’s Charles Darwin School to Close and Send Students HomeKent’s Biggin Hill School Closes Due to Ransomware AttackWelcome Health (CA) Data Breach Put Confidential Patient Information at RiskRetailData (VA) Data Breach Affects an Unknown Number of ConsumersBlind Eagle Targets Colombian Insurance Sector with Customized Quasar RATQuad7 Botnet Targets More SOHO and VPN Routers, Media ServersAkira Ransomware Actors Exploit SonicWall Bug for RCEMeta Fixes Easily Bypassed WhatsApp ‘View Once’ Privacy FeatureFord Seeks Patent for Tech That Listens to Driver Conversations to Serve Ads
9/6-8/2024 September 8, 2024September 8, 2024 ~ The Cyber Beat ~ Leave a comment U.S. Financial Markets, Public Companies Are a Growing Target for Russian HackersLawmakers Want U.S. to Address Risks Posed by Chinese Agriculture DronesDespite Cyberattacks, Water Security Standards Remain a Pipe DreamResearchers Say a Bug Let Them Add Fake Pilots to Rosters Used for TSA ChecksThe NSA Has a Podcast—Here’s How to Decode ItTelegram Changes Its Tone on Moderating Private Chats After CEO’s Arrest…Pavel Durov Criticizes Outdated Laws After Arrest Over Telegram Criminal ActivityRussian Authorities Able to Identify Train Saboteur Teen From Anonymous Telegram AccountAI, Growing Data Risks Expand the Role of Chief Privacy OfficerAmid AI Boom, Tech Can’t Afford to Neglect Spending in These IT AreasSpyware Vendors’ Nebulous Ecosystem Helps Them Evade SanctionsFBI Cracks Down on Dark Web Marketplace Managed by Russian and Kazakh NationalsYouTube Removes Tenet Media Channel Over Alleged Ties to Russian Disinformation EffortTherapy Sessions Exposed by Mental Health Care Firm Confidant Health’s Unsecured Database900,000 on Medicare in Wisconsin Warned of Data Breach from MOVEitCar Rental Giant Avis Discloses Data Breach Impacting CustomersTransport for London (TfL) Still Affected by ‘Ongoing Cyber Incident’North Korean Threat Actors Deploy COVERTCATCH Malware via LinkedIn Job ScamsSextortion Scam Now Use Your “Cheating” Spouse’s Name as a LureSpyAgent Android Malware Steals Your Crypto Recovery Phrases from ImagesNew RAMBO Attack Steals Data Using RAM in Air-Gapped ComputersGeoServer Vulnerability Targeted by Hackers to Deliver Backdoors and Botnet MalwareGitHub Actions Vulnerable to Typosquatting, Exposing Developers to Hidden Malicious CodeSonicWall Urges Users to Patch Critical Firewall Flaw Amid Possible ExploitationProgress LoadMaster Vulnerable to 10/10 Severity RCE FlawMicrosoft Office 2024 to Disable ActiveX Controls by DefaultCybersecurity Talent Shortage Prompts White House Action
9/5/2024 September 5, 2024September 5, 2024 ~ The Cyber Beat ~ Leave a comment WhisperGate: Russian Military Hackers ‘Cadet Blizzard’ Linked to Critical Infrastructure…Russia’s Most Notorious Special Forces Unit Now Has Its Own Cyber Warfare TeamGoogle Searches Are Becoming a Bigger Target of Cybercriminals With the Rise of ‘Malvertising’Brazil Says Its Resistance to Elon Musk Is Global Example…With Musk’s X Banned in Brazil, Its Users Carve Out New Digital Homes…Why It’s So Hard to Fully Block X in BrazilUK Signs Council of Europe AI ConventionMusician Charged With $10M Streaming Royalties Fraud Using AI and BotsMicrosoft Removes Revenge Porn From Bing Search Using New ToolCyber Spending Rises Modestly While Hacking Threats EvolveServices Disrupted as Local Council Near GCHQ’s Headquarters Hit by CyberattackPenpie DeFi Platform Files Reports With FBI, Singapore Police After $27 Million Crypto TheftDr. Daniel Leeman, MD (TX) Notifies 20k+ Patients of Recent Data BreachOnlyFans Hackers Targeted With Infostealer MalwareNew Cross-Platform Malware KTLVdoor Discovered in Attack on Chinese Trading FirmChinese-Speaking Hacker Group ‘Tropic Trooper’ Targets Human Rights Studies in Middle EastLiteSpeed Cache Bug Exposes 6 Million WordPress Sites to Takeover AttacksApache Fixes Critical OFBiz Remote Code Execution VulnerabilityVeeam Releases Security Updates to Fix 18 Flaws, Including 5 Critical Issues
9/4/2024 September 5, 2024September 5, 2024 ~ The Cyber Beat ~ Leave a comment U.S. Cracks Down on Russian Disinformation Before 2024 Election…U.S. Indicts Two RT Employees for Alleged Russian Disinformation EffortNorth Korean Hackers Targets Job Seekers with Fake FreeConference AppRed Teaming Tool MacroPack Abused for Malware DeploymentU.S. Government Set Out to Improve Internet Routing SecurityThe Japanese Robot Controversy Lurking in Israel’s Military Supply ChainTelegram Apologizes to South Korea and Takes Down Smutty DeepfakesReed Smith Is Latest U.S. Law Firm to Shrink China Presence With Beijing ClosureCopilot for Microsoft 365 Might Boost Productivity if You Survive the Compliance MinefieldEuropean Data Privacy Watchdog Closes Case Against X Over Its Grok AI BotPlanned Parenthood Confirms Cyber-Attack as RansomHub Threatens to Leak DataMicrochip Technology Confirms Data Was Stolen in CyberattackHospital Sisters Health System (IL) Data Breach Affects an Unknown Number of PatientsCicada Ransomware May Be a BlackCat/ALPHV Rebrand and UpgradeHackers Inject Malicious JS in Cisco Store to Steal Credit Cards, CredentialsResearchers Find Over 22,000 Removed PyPI Packages at Risk of Revival HijackYubiKeys Have an Unfixable Security Flaw — But It’s Difficult to ExploitCisco Warns of Backdoor Admin Account in Smart Licensing UtilityCisco Fixes Root Escalation Vulnerability With Public Exploit CodeAndroid Users Urged to Install Latest Security Updates to Fix Actively Exploited Flaw
9/3/2024 September 3, 2024September 5, 2024 ~ The Cyber Beat ~ Leave a comment Spamouflage Trolls Pretend to Be American Patriots on X, TikTok Ahead of U.S. Presidential ElectionThe U.S. Navy Is Going All in on Starlink…How Navy Chiefs Conspired to Get Themselves Illegal Warship Wi-FiIndicted Pair of Foreign Nationals Were Behind Swatting Attack on Cisa DirectorCivil Rights Groups Call For Spyware ControlsInside the Deepfake Porn Crisis Engulfing Korean SchoolsKrebs: Sextortion Scams Now Include Photos of Your HomeFTC: Over $110 Million Lost to Bitcoin ATM Scams in 2023…Bitcoin ATM Scammers Stole $65 Million in First Half of 2024Dutch Data Watchdog Fines Clearview AI $33M for ‘Illegal’ Data CollectionZscaler Forecasts Annual Results Below Estimates on Weak Cybersecurity SpendingHalliburton Says Hackers Removed Data in August CyberattackOver 1.4M Users Exposed in Tracelo BreachYoung Consulting and Blue Shield of California Announce Data BreachFBI Warns Crypto Firms of Aggressive Social Engineering Attacks from North KoreaRapid Growth of Password Reset Attacks Boosts Fraud and Account TakeoversHacktivists Exploits WinRAR Vulnerability in Attacks Against Russia and BelarusNew Flaws in Microsoft macOS Apps Could Allow Hackers to Gain Unrestricted AccessZyxel Warns of Critical OS Command Injection Flaw in RoutersD-Link Says It is Not Fixing Four RCE Flaws in DIR-846W RoutersGoogle Releases Pixel Update to Get Rid of Surveillance Vulnerability
9/2/2024 September 2, 2024September 2, 2024 ~ The Cyber Beat ~ Leave a comment U.S. Authorities Issue RansomHub Ransomware AlertSouth Korea Police Investigates Telegram Over Deepfake PornTelegram CEO Was ‘Too Free’ on Content Moderation, Says Russian MinisterVerkada Facing $3M Penalty to Federal Trade Commission After Hackers Viewed Sensitive Video FootageAdmins of MFA Bypass Service Plead Guilty to FraudGerman Air Traffic Control Agency Confirms Cyberattack, Says Current Operations Remain UnaffectedTransport for London Discloses Ongoing “Cyber Security Incident”Business Services Giant CBIZ Discloses Customer Data BreachMalicious npm Packages Mimicking ‘noblox.js’ Compromise Roblox Developers’ SystemsRansomware Gangs Pummel Southeast Asia
8/30-9/1/2024 September 1, 2024September 1, 2024 ~ The Cyber Beat ~ Leave a comment Iranian Hackers Set Up New Network to Target U.S. Political CampaignsCIA Says It Busted Teen Terror Cell Targeting Taylor Swift in ViennaHow the CIA Tries to Recruit Russians to Spy on Their CountryTired of Airport Security Queues? SQL Inject Yourself Into the Cockpit, Claim ResearchersCrowdStrike Exec Will Testify to Congress About July’s Global IT MeltdownCompanies Grapple With Expanding Cyber RulesResearcher Sued for Sharing Data Stolen by Ransomware With MediaDocker-OSX Image Used for Security Research Hit by Apple DMCA Takedown City of Columbus Sues Man After He Discloses The Severity of Recent Ransomware Attack by Rhysida GroupU.S. Indicts Duo Over Alleged Swatting Spree That Targeted Elected OfficialsTelegram: ‘The Dark Web in Your Pocket’Data Breach at Minnesota Human Services Department May Have Compromised Personal Info of 4,000Durex India’s Security Lapse Reveals Personal Data of CustomersToronto School Board Confirms Students’ Info Stolen as LockBit Claims Breach‘Voldemort’: Cyberattackers Exploit Google Sheets for Malware Control in Likely Espionage CampaignNorth Korean Hackers Exploit Chrome Zero-Day to Deploy RootkitNew Cyberattack Targets Chinese-Speaking Businesses with Cobalt Strike PayloadsNew Malware Masquerades as Palo Alto VPN Targeting Middle East UsersGitHub Comments Abused to Push Password Stealing Malware Masked as FixesCicada3301 Ransomware’s Linux Encryptor Targets VMware ESXi SystemsDon’t Wait for the Next Big Data Breach to Freeze Your Credit
8/29/2024 August 29, 2024August 29, 2024 ~ The Cyber Beat ~ Leave a comment Russian APT29 Hackers Exploit Safari and Chrome Flaws in High-Profile CyberattackNorth Korean Hackers Launch New Wave of npm Package AttacksVietnamese Human Rights Group Targeted in Multi-Year Cyberattack by APT32Powerful Spyware Exploits Enable a New String of ‘Watering Hole’ AttacksKrebs: When Get-Out-The-Vote Efforts Look Like PhishingSurge in New Scams as Pig Butchering DominatesHarmful ‘Nudify’ Websites Used Google, Apple, and Discord Sign-On SystemsDell Attempts to Sell Cybersecurity Firm Secureworks Again, Sources SayCrowdStrike’s Meltdown Didn’t Dent Its Market Dominance … YetHalliburton Cyberattack Linked to RansomHub Ransomware Gang…FBI: RansomHub Ransomware Breached 210 Victims Since FebruaryBrain Cipher Claims Attack on Olympic Venue, Promises 300 GB Data LeakIrish Wildlife Park Warns Visitors to Cancel Bank Cards After Discovering CyberattackUSAA Data Breach Affects Over 32k ConsumersCambodian Scam Giant Handled $49 Billion in Crypto Transactions Since 2021Fake Palo Alto GlobalProtect Used as Lure to Backdoor EnterprisesHow AitM Phishing Attacks Bypass MFA and EDR—and How to Fight BackHow Telecom Vulnerabilities Can Be a Threat to Cybersecurity Posture
8/28/2024 August 29, 2024August 29, 2024 ~ The Cyber Beat ~ Leave a comment Intel Officials Say They Anticipate More Hacking Attempts as U.S. Election NearsNotorious Iranian APT33 (aka Peach Sandstorm) Hackers Have Been Targeting the Space Industry With a New BackdoorIran’s APT42 (aka Charming Kitten) Operated Fake Human-Resources Firm to Root Out Unfriendly Spies, Researchers SayIranian UNC757 (aka Pioneer Kitten) Hackers Work With Ransomware Gangs to Extort Breached OrgsSouth Korean Spies Exploit WPS Office Zero-DayMicrosoft Hosts a Security Summit but No Press, Public AllowedEmployee Arrested for Locking Windows Admins Out of 254 Servers in Extortion PlotGoogle Increases Chrome Bug Bounty Rewards up to $250,000U.S. Offers $2.5 Million Reward for Hacker Linked to Angler Exploit KitTelegram Founder Pavel Durov Was Wooed and Targeted by GovernmentsTelegram Repeatedly Refuses to Join Child Protection Schemes1 in 10 Minors Say Their Friends Use AI to Generate Nudes of Other Kids, Survey FindsHundreds of LLM Servers Expose Corporate, Health & Other Online Data‘Store Now, Decrypt Later’: U.S. Leaders Prep for Quantum Cryptography ConcernsColorado Contacted Pac-12 About Potential Data Breach Before Loss to Oregon‘Malfunction’ at Dutch Defense Ministry Datacenter Causing Mass DisruptionDick’s Sporting Goods Discloses Unauthorized Third-Party Access to Info, Including Some Confidential DataSeattle-Tacoma Airport Deals With Delays Five Days After Detecting CyberattackPlay Ransomware Hackers Claim Attack on U.S. Manufacturer Microchip TechnologyNorfolk (UK) Poultry Farm Banham Poultry Hit by Cyber-AttackEssex (UK) Infant School Canvey Island Infant School Hit by Cyber AttackLummaC2 Infostealer Resurfaces With Obfuscated PowerShell TacticsPoorTry Windows Driver Evolves Into a Full-Featured EDR WiperBlackByte Ransomware Exploits VMware ESXi Flaw in Latest Attack WaveAttackers Exploit Critical Atlassian Confluence Flaw for CryptojackingCCTV Zero-Day Exposes Critical Infrastructure to Mirai BotnetCritical WPML Plugin Flaw Exposes WordPress Sites to Remote Code ExecutionCISA Flags Critical Apache OFBiz Flaw Amid Active Exploitation ReportsFortra Issues Patch for High-Risk FileCatalyst Workflow Security Vulnerability
8/27/2024 August 27, 2024August 27, 2024 ~ The Cyber Beat ~ Leave a comment Krebs: New Versa Director 0-Day Attacks Linked to China’s ‘Volt Typhoon’Internet Outages Spread Across Ukraine Following Russian Air Strikes on Critical InfrastructureU.S. Marshals Service Disputes Hunters International Ransomware Gang’s Breach ClaimsA Third of Organizations Suffer SaaS Data BreachesThreat Group ‘Bling Libra’ Pivots to Extortion for Cloud AttacksMicrosoft Security Tools Questioned for Treating Employees as ThreatsIntel’s Software Guard Extensions Broken? Don’t PanicPatchwork of State Privacy Laws Remains After Latest Failed Bid for Federal LawNotion Exits Russia and Will Terminate Accounts in SeptemberWindows Downdate Tool Lets You ‘Unpatch’ Windows SystemsPark’N Fly Notifies 1 Million Customers of Data BreachBlackSuit Ransomware Stole Data of 950,000 From Software Vendor Young ConsultingMalware Infiltrates Pidgin Messenger’s Official Plugin RepositoryTrionfo Solutions (IL) Announces Data Breach Affecting Over 76k MetLife Plan HoldersMOVEit Hack Exposed Personal Data of Half Million TDECU UsersMicrosoft Sway Abused in Massive QR Code Phishing CampaignmacOS Version of HZ RAT Backdoor Targets Chinese Messaging App UsersGoogle Warns of CVE-2024-7965 Chrome Security Flaw Under Active ExploitationMicrosoft Fixes ASCII Smuggling Flaw That Enabled Data Theft from Microsoft 365 CopilotPoC Exploit for Zero-Click Vulnerability Made Available to the Masses
8/26/2024 August 27, 2024August 27, 2024 ~ The Cyber Beat ~ Leave a comment NSA Releases Guide to Combat Living Off the Land AttacksIn a Kyiv Hangar, Ukraine Launches a Cyber Range for EveryonePavel Durov’s Arrest Leaves Telegram Hanging in the Balance…Telegram’s Durov Still Held by French Police, Franceinfo Reports…Telegram Says Arrested CEO Has ‘Nothing to Hide’ as France Reportedly Extends His Detention…Elon Musk Calls for Release of Telegram Founder Pavel Durov as Arrest Sparks Debate Whether X Owner May Be NextDutch Regulator Fines Uber €290 Million for GDPR Violations in Data Transfers to U.S.Microsoft: Exchange Online Mistakenly Tags Emails as MalwareThe Future of Cybersecurity: Insights From Theresa Payton, Former White House CIOResearchers Warn of Text Scams That Send Drivers Fake Bills for Highway TollsC-Suite Involvement in Cybersecurity Is Little More Than Lip ServiceAMD Internal Data Reportedly Offered for SaleSeattle’s Airport, Seaport Isolate Systems After Cyberattack31.5 Million Invoices, Contracts, Patient Consent Forms, Documents, and Much, Much More Exposed to the InternetPatelco Notifies 726,000 Customers of Ransomware Data BreachData of Nearly 1,000 People Leaked in St. Helena Cyberattack, City SaysKeystone Pacific Property Management Notifies Consumers of Recent Data BreachResearchers Identify Over 20 Supply Chain Vulnerabilities in MLOps PlatformsCritical Flaws in Traccar GPS System Expose Users to Remote AttacksSonicWall Issues Critical Patch for Firewall Vulnerability Allowing Unauthorized AccessVersa Fixes Director Zero-Day Vulnerability Exploited in AttacksGoogle Tags a Tenth Chrome Zero-Day as Exploited This Year
8/22-25/2024 August 25, 2024August 25, 2024 ~ The Cyber Beat ~ Leave a comment The Iranians Who Hacked Trump’s Campaign Have Deep ExpertiseMeta Exposes Iranian Hacker Group Targeting Global Political Figures on WhatsAppWhen War Came to Their Country, They Built a MapKremlin Blames Widespread Website Disruptions on DDoS Attack; Digital Experts DisagreeRussia Calls for Restrictions on Surveillance Cameras, Dating Apps in Cities Under Attack From UkraineChinese Hackers Exploit Zero-Day Cisco Switch Flaw to Gain System ControlMicrosoft to Host CrowdStrike and Others to Discuss Windows Security ChangesKrebs: Local Networks Go Global When Domain Names CollideAI Copilots Are Making Internal Breaches Easier and Costlier to Defend AgainstCompanies Prepare to Fight Quantum HackersU.S. Charges Karakurt Extortion Gang’s “Cold Case” NegotiatorRussian Laundering Millions for Lazarus Hackers Arrested in ArgentinaSuspect in $14 Billion Cryptocurrency Pyramid Scheme Extradited to ChinaTelegram Messaging App CEO Durov Arrested in France…Content Moderation FailuresA Bank Exec Stole $47 Million for a Crypto Scam, and Now He’s Going to JailWhy Parents May Want to Start Locking a Child’s Credit at a Very Young AgeCompany Fined $1m for Fake Joe Biden AI CallsYouTube Launches AI Tool to Recover Hacked AccountsOperating as a Legitimate Business, Greasy Opal’s CAPTCHA Solver Still Serving Cybercrime After 16 YearsUniversity of California Santa Cruz Thought It Would Be a Good Idea to Do a Phishing Test With a Fake Ebola ScareU.S. Oil Giant Halliburton Confirms Cyberattack Behind Systems ShutdownPort of Seattle Says It Was Hit with Possible Cyberattack; Outage Affects Airport, Phone SystemsAmerican Radio Relay League Confirms $1 Million Ransom PaymentQilin Caught Red-Handed Stealing Credentials in Google ChromeNew Malware PG_MEM Targets PostgreSQL Databases for Crypto MiningCthulhu Stealer Malware Targets macOS With Deceptive TacticsHackers Now Use AppDomain Injection to Drop CobaltStrike BeaconsPEAKLIGHT Downloader Deployed in Attacks Targeting Windows with Malicious Movie DownloadsHackers Steal Banking Creds from iOS, Android Users via PWA AppsNew Linux Malware ‘sedexp’ Hides Credit Card Skimmers Using Udev RulesNovel Android Malware Steals Card NFC Data For ATM WithdrawalsBackdoor in Mifare Smart Cards Could Open Doors Around the WorldHackers Are Exploiting Critical Bug in LiteSpeed Cache PluginSecurity Flaws in UK Political Party Donation Platforms ExposedNew ‘ALBeast’ Vulnerability Exposes Weakness in AWS Application Load BalancerHardcoded Credential Vulnerability Found in SolarWinds Web Help DeskGeorgia Tech Sued Over Cybersecurity Violations, DOJ Joins InAudit Finds Notable Security Gaps in FBI’s Storage Media ManagementHack on North Miami Tests Ransom Payment Bans
8/21/2024 August 21, 2024August 21, 2024 ~ The Cyber Beat ~ Leave a comment Moscow Detains Scientist Suspected of Carrying out DDoS Attacks on RussiaRussia Tells Citizens to Switch off Home Surveillance Because the Ukrainians Are ComingHealthcare Hit by a Fifth of Reported Ransomware Incidents…Most Ransomware Attacks Now Happen at NightFAA Proposes New Cybersecurity Rules for AirplanesThe U.S. Government Wants You—Yes, You—to Hunt down Generative AI FlawsAustralia Calls Off Clearview AI Investigation Despite Lack of ComplianceCritical Thinking AI in Cybersecurity: A Stretch or a Possibility?Stadiums Are Embracing Face Recognition. Privacy Advocates Say They Should Stick to SportsHow to Freeze Your Credit After a Data BreachPhrack Hacker Zine Publishes New Edition After Three YearsFinancial Services Firm Fined $850K for Violating SEC Cyber RulesMcDonald’s Instagram Page Hacked by Crypto Scammers Who Claim They Stole $700K110K Domains Targeted in ‘Sophisticated’ AWS Cloud Extortion CampaignTop U.S. Oilfield Firm Halliburton Hit by Cyberattack, Source SaysPatelco Credit Union Says Personal Info of Customers, Employees Exposed in June BreachDental Specialists (MN) Data Breach Affects an Estimated 38,442 PeopleNew MoonPeak RAT Linked to North Korean Threat Group UAT-5394New macOS Malware TodoSwift Linked to North Korean Hacking GroupsCritical LiteSpeed Cache Plugin Flaw Exposes WordPress SitesGitHub Enterprise Server Vulnerable to Critical Auth Bypass FlawGoogle Fixes Ninth Chrome Zero-Day Exploited in Attacks This YearMicrosoft Patches Critical Copilot Studio Vulnerability Exposing Sensitive DataMicrosoft to Roll out Windows Recall to Insiders in OctoberQNAP Adds NAS Ransomware Protection to Latest QTS Version
8/20/2024 August 20, 2024August 20, 2024 ~ The Cyber Beat ~ Leave a comment U.S. Warns of Iranian Hackers Escalating Influence OperationsIranian Group TA453 Launches Phishing Attacks with BlackSmithAn AWS Configuration Issue Could Expose Thousands of Web AppsThousands of Oracle NetSuite Sites at Risk of Exposing Customer Information‘Styx Stealer’ Malware Developer Accidentally Exposes Personal Info to Researchers in ‘Critical Opsec Error’Novel Phishing Method Used in Android/iOS Financial Fraud CampaignsFormer Congressman Santos Admits Identity Theft and FraudMan Who Hacked Hawaii State Registry to Forge His Own Death Certificate Sentenced to 81 MonthsDon’t Let Your Cash App Get Hacked. Cybersecurity Expert Tips to Safeguard Your MoneyAugust Windows Updates Break Dual Boot on Some Linux SystemsJewish Home Lifecare Notifies 100,000 Victims of Ransomware BreachMicrochip Technology Says Certain Operations Disrupted by Cyber Incident by ‘Unauthorized Party’CannonDesign Confirms Avos Locker Ransomware Data BreachEnroll Confidently (WA) Notifies Consumers of February 2024 Data BreachBlind Eagle Hackers Exploit Spear-Phishing to Deploy RATs in Latin AmericaCzech Mobile Users Targeted in New Banking Credential Theft SchemeHackers Exploit PHP Vulnerability to Deploy Stealthy Msupedge BackdoorNew DNS-Based Backdoor Threat Discovered at Taiwanese UniversityResearchers Uncover TLS Bootstrap Attack on Azure Kubernetes Clusters
8/19/2024 August 19, 2024August 19, 2024 ~ The Cyber Beat ~ Leave a comment U.S. Intelligence Community Says Iran Responsible for Hack of Trump CampaignFBI and CISA Assure Public on Election Ransomware SecurityKrebs: National Public Data Published Its Own Passwords…National Public Data Insists ‘Only’ 1.3M People Affected by Intrusion…Was Your Social Security Number Leaked to the Dark Web? Use This Tool to Find Out.Russia-Linked Vermin Hackers Target Ukraine With New Malware StrainUkrainian Bank’s Service for Military Donations Targeted by ‘Massive’ DDoS AttackThe Pentagon Is Planning a Drone ‘Hellscape’ to Defend TaiwanResearchers Uncover New Infrastructure Tied to FIN7 Cybercrime GroupColumbus Officials Warn Victims, Witnesses After Ransomware Leak of Prosecutor FilesHuman Nature Is Causing Our Cybersecurity ProblemToyota Confirms Breach After Stolen Data Leaks on Hacking ForumFlightAware Configuration Error Leaked User Data for YearsCybercriminals Siphon Credit Card Numbers From Oregon Zoo WebsiteHackers Linked to $14M Holograph Crypto Heist Arrested in ItalyNew UULoader Malware Distributes Gh0st RAT and Mimikatz in East AsiaNew Tool Xeon Sender Enables Large-Scale SMS Spam AttacksCybercriminals Exploit Popular Software Searches to Spread FakeBat MalwareMicrosoft Apps for macOS Exposed to Library Injection AttacksCISA Warns of Jenkins RCE Bug Exploited in Ransomware AttacksMicrosoft Patches Zero-Day Flaw Exploited by North Korea’s Lazarus Group
8/16-18/2024 August 18, 2024August 18, 2024 ~ The Cyber Beat ~ Leave a comment OpenAI Says Iran Tried to Influence U.S. Elections With ChatGPTGeopolitical Tensions Drive Explosion in DDoS AttacksKrebs: NationalPublicData.com Hack Exposes a Nation’s DataWhy Are Organizations Losing the Ransomware Battle?How the CrowdStrike Tech Outage Reignited a Battle Over the Heart of Microsoft SystemsChrome Will Redact Credit Cards, Passwords When You Share Android ScreenHow Safe Am I Online?—and Other Questions Readers Asked About CybersecurityMicrosoft Mandates MFA for All Azure Sign-InsAzure Domains and Google Abused to Spread Disinformation and MalwareGeofence Warrants Ruled Unconstitutional—but That’s Not the End of ItUnicoin Hints at Potential Data Meddling After G-Suite CompromiseRansomware Attack on Flint (MI) Affecting City Services as FBI Investigates IncidentNorth Miami (FL) Works to Restore Services After Cyber AttackRansomware Attack on Indian Payment System Traced Back to Jenkins BugRussian Hackers Using Fake Brand Sites to Spread DanaBot and StealC MalwareNew Mad Liberator Gang Uses Fake Windows Update Screen to Hide Data TheftNew Banshee Stealer Targets 100+ Browser Extensions on Apple macOS SystemsAttackers Exploit Public .env Files to Breach Cloud Accounts in Extortion CampaignCISA Warns Critical SolarWinds RCE Bug is Exploited in Attacks
8/15/2024 August 15, 2024August 15, 2024 ~ The Cyber Beat ~ Leave a comment U.S. Lawmakers Urge Probe of WiFi Router Maker TP-Link Over Fears of Chinese Cyber AttacksRussia’s FSB Behind Massive Phishing Espionage CampaignNew Cyber Threat Targets Azerbaijan and Israel Diplomats, Stealing Sensitive DataMeta Warns of Troll Networks From Russia, Iran Ahead of U.S. ElectionsInside the $93 Million Wall Street Heist That Stemmed From RussiaPakistan’s Internet Firewall Could Cost Economy $300 Million, Association SaysRansomware Gangs Rake in More Than $450 Million in First Half of 2024T-Mobile Fined $60 Million to Settle Alleged National Security ViolationsHearing about Leaked Social Security Numbers? Don’t PanicCyber-Criminals Exploited Paris Olympics With Fake DomainsFraser Child and Family Center (MN) Notifies 67k of Recent Data BreachAdvanced ValleyRAT Campaign Hits Windows Users in ChinaRansomHub Group Deploys New EDR-Killing Tool in Latest Cyber AttacksNew Gafgyt Botnet Variant Targets Weak SSH Passwords for GPU Crypto MiningGoogle Pixel Phones Sold With Security Vulnerability, Report FindsMicrosoft Disables Recent BitLocker Security Fix, Advises Manual MitigationMicrosoft Removes FAT32 Partition Size Limit in Windows 11
8/14/2024 August 15, 2024August 15, 2024 ~ The Cyber Beat ~ Leave a comment Russia’s Critics Targeted With Global Hacking Campaign, Rights Group SaysChina-Backed Earth Baku Expands Cyber Attacks to Europe, Middle East, and AfricaAPT42: A Single Iranian Hacker Group Targeted Both Presidential Campaigns, Google SaysLarge-Scale Cyber Attack Cripples Iranian BanksDDoS Attacks Surge 46% in First Half of 2024, Gcore Report RevealsNIST Releases First Encryption Tools to Resist Quantum ComputingThe Weirdest ‘3 Billion People’ Data Breach EverGerman Cyber Agency Wants Changes in Microsoft, CrowdStrike Products After Tech OutageTexas Sues GM for Selling Driver Data to Analytics, Insurance CompaniesRussian Who Sold 300,000 Stolen Credentials Gets 40 Months in PrisonAutoCanada Discloses Cyberattack Impacting Internal IT SystemsCopiah-Lincoln Community College (MS) Data Breach Affects 53,628 PeopleCyber-Attack Spreads Phishing Scam Across Greater Manchester AreasNew Phishing Attack Uses Sophisticated Infostealer MalwareBlack Basta-Linked Attackers Target Users with SystemBC MalwareGitHub Actions Artifacts Found Leaking Auth Tokens in Popular ProjectsHigh-End Racing Bikes Are Now Vulnerable to HackingYour Gym Locker May Be HackableZero-Click Windows TCP/IP RCE Impacts All Systems with IPv6 Enabled, Patch NowSolarWinds Fixes Critical RCE Bug Affecting all Web Help Desk Versions
8/13/2024 August 14, 2024August 14, 2024 ~ The Cyber Beat ~ Leave a comment FBI Probing Alleged Iran Hack Attempts Targeting Trump, Biden CampsSuspected Iranian Hackers Breached Roger Stone’s Personal Email as Part of Effort to Target Trump CampaignNews Outlets Were Leaked Insider Material From the Trump Campaign. They Chose Not to Print It YetMusk Claims X Hit by ‘Massive DDoS Attack’ During Trump InterviewRussia Is Pushing Disinformation About Kursk Operation, Ukrainian Officials SayWhat We Learned From the Cyberattack on Change HealthcareGoogle Says It’s Focusing on Privacy With Gemini AI on AndroidCompanies Prepare to Fight Quantum HackersX Faces GDPR Complaints for Unauthorized Use of Data for AI TrainingProlific Belarusian Cybercriminal Arrested in SpainCrowdStrike Tries to Patch Things Up With Cybersecurity Industry3AM Ransomware Stole Data of 464,000 Kootenai Health PatientsLeading Carbon Black Industrial Supplier Orion Loses $60 Million in Business Email Compromise ScamGadsden Independent School District (NM) Hit by Ransomware AttackRoseland Community Hospital (IL) Provides Notice of June 2024 Data BreachGhostWrite: New T-Head CPU Bugs Expose Devices to Unrestricted AttacksIvanti Warns of Critical vTM Auth Bypass with Public ExploitResearchers Uncover Vulnerabilities in AI-Powered Azure Health Bot ServiceCritical SAP Flaw Allows Remote Attackers to Bypass AuthenticationKrebs: Six 0-Days Lead Microsoft’s August 2024 Patch Push…New Windows SmartScreen Bypass Exploited as Zero-Day Since March
8/12/2024 August 12, 2024August 12, 2024 ~ The Cyber Beat ~ Leave a comment South Korea Says DPRK Hackers Stole Spy Plane Technical DataHackers Posing as Ukraine’s Security Service Infect 100 Gov’t PCsUN Adopts Controversial Cybercrime TreatyDARPA Awards $14m to Seven Teams in AI Cyber ChallengeCrowdStrike Accepted a ‘Most Epic Fail’ Award at Def Con Hacking ConferenceFBI Disrupts the Dispossessor Ransomware Operation, Seizes ServersCo-Founder of DDoSecrets Was Dark Web Drug Kingpin Thomas White of Silk Road 2.0 Man in Dock Accused of Breaking Hi-Tech Export ControlsAs He Retires After Two Decades at Homeland Security, Brandon Wales Reflects on CISA’s FutureAustralian Gold Producer Evolution Mining Hit by RansomwareSwiss Manufacturer Schlatter Group Investigating Ransomware Attack That Shut Down IT NetworkBaxter International (IL) Notifies Consumers of June 2024 Data BreachAttacker Steals Personal Data of 200K+ People With Links to Arizona Tech SchoolVulnerability in Windows Driver Leads to System CrashesIndustrial Remote Access Tool Ewon Cosy+ Vulnerable to Root Access AttacksResearchers Uncover Vulnerabilities in Solarman and Deye Solar SystemsFreeBSD Releases Urgent Patch for High-Severity OpenSSH VulnerabilityTackling Vulnerabilities & Errors Head-on for Proactive Security
8/9-11/2024 August 11, 2024August 11, 2024 ~ The Cyber Beat ~ Leave a comment Trump Campaign Says Its Internal Messages Hacked by IranIran Targeting U.S. Elections Using Fake News, Cyberattacks: MicrosoftChinese Hacking Groups Target Russian Government, IT FirmsRussians Team up With Young, English-Speaking Hackers for CyberattacksRussia Blocks Signal for ‘Violating’ Anti-Terrorism LawsFake X Content Warnings on Ukraine War, Earthquakes Used as ClickbaitThousands of Corporate Secrets Were Left Exposed. This Guy Found Them AllApple Prototypes and Corporate Secrets Are for Sale Online—If You Know Where to LookThe Hacker Who Hunts Video Game Speedrunning CheatersGPS Spoofers ‘Hack Time’ on Commercial Airlines, Researchers SayATM Software Flaws Left Piles of Cash for Anyone Who Knew to LookCyber Companies Report Mixed Results as Security Budgets Prove ChallengingOpenAI Leadership Split Over In-House AI Watermarking TechnologyHow a Cybersecurity Researcher Befriended, Then Doxed, the Leader of LockBit Ransomware GangCSC ServiceWorks Discloses Data Breach After 2023 CyberattackHackers Leak 2.7 Billion Data Records With Social Security NumbersOhio School Boards Association Suffers From a Cyber AttackLocal Gov’ts in Texas, Florida Hit with Ransomware as Cyber Leaders Question Best Path ForwardNew Malware Hits 300,000 Users with Rogue Chrome and Edge ExtensionsThreat Actors Favor Rclone, WinSCP and cURL as Data Exfiltration ToolsRogue PyPI Library Solana Users, Steals Blockchain Wallet KeysSonos Speaker Flaws Could Have Let Remote Hackers Eavesdrop on UsersExperts Uncover Severe AWS Flaws Leading to RCE, Data Theft, and Full-Service TakeoversHackers Leak 2.7 Billion Data Records With Social Security NumbersMicrosoft Reveals Four OpenVPN Flaws Leading to Potential RCE and LPENew AMD SinkClose Flaw Helps Install Nearly Undetectable MalwareGoogle Researchers Found Nearly a Dozen Flaws in Popular Qualcomm Software for Mobile GPUs
8/8/2024 August 8, 2024August 8, 2024 ~ The Cyber Beat ~ Leave a comment Russian Spies Hacked UK Government Systems Earlier This Year, Stole Data and EmailsU.S. Elections Have Never Been More Secure, Says CISA ChiefU.S. ‘Laptop Farm’ Man Accused of Outsourcing His IT Jobs to North Korea to Fund Weapons ProgramsTricky Web Timing Attacks Are Getting Easier to Use—and AbuseWatch How a Hacker’s Infrared Laser Can Spy on Your Laptop’s KeystrokesMicrosoft’s AI Can Be Turned Into an Automated Phishing MachineKrebs: Cybercrime Rapper Sues Bank over Fraud InvestigationSEC Investigation into Progress MOVEit Hack Ends Without ChargesUSPS Text Scammers Duped His Wife, So He Hacked Their OperationDelta Shrugs Off Criticism, Says Damages Caused by CrowdStrike Outage Total at Least $500 MillionCybersecurity Firm Trend Micro Explores Sale, Sources SayADT Admits Security Breach After Hackers Advertise Stolen Data on the Dark WebHackers Return $12 Million Taken During Ronin Network BreachRussia’s Kursk Region Suffers ‘Massive’ DDoS Attack Amid Ukraine OffensiveNorth Korea Kimsuky Launch Phishing Attacks on UniversitiesPhishing Attack Exploits Google, WhatsApp to Steal DataCisco Warns of Critical RCE Zero-Days in End of Life IP PhonesExploit Released For Cisco SSM Bug Allowing Admin Password ChangesCISA Warns of Hackers Abusing Cisco Smart Install FeatureCISA Warns About Actively Exploited Apache OFBiz RCE FlawHackers Have Exploited An 18-Year-Old ‘0.0.0.0-Day’ Loophole In Safari, Chrome And Firefox
8/7/2024 August 7, 2024August 7, 2024 ~ The Cyber Beat ~ Leave a comment A Flaw in Windows Update Opens the Door to Zombie ExploitsMicrosoft 365 Anti-Phishing Feature Can Be Bypassed With CSSCrowdStrike Blames Test Software for Taking Down 8.5 Million Windows MachinesDelta Passengers Sue Airline for Refusing Refunds After Massive Computer OutageIreland’s DPC Takes Twitter to Court Over AI User Data ConcernsThe Business World Is Obsessed With AI but Company Leaders Ignore Cybersecurity at Their PerilUK IT Provider Faces $7.7 Million Fine for 2022 Ransomware BreachGoogle Chrome Will Let You Send Money to Your Favourite WebsiteKnostic Wins 2024 Black Hat Startup Spotlight CompetitionPort of Tyne Website Hit by Cyber AttackMcLaren Hospitals Disruption Linked to Inc Ransomware AttackNew CMoon USB Worm Targets Russians in Data Theft AttacksNew Go-based Backdoor GoGra Targets South Asian Media OrganizationRoyal Ransomware Successor BlackSuit Has Demanded More Than $500 MillionChameleon Android Banking Trojan Targets Users Through Fake CRM AppCritical Progress WhatsUp RCE Flaw Now Under Active ExploitationRoundcube Webmail Flaws Allow Hackers to Steal Emails and PasswordsApple’s New macOS Sequoia Tightens Gatekeeper Controls to Block Unauthorized Software
8/6/2024 August 6, 2024August 6, 2024 ~ The Cyber Beat ~ Leave a comment Cyberattack and Tropical Storm Debby Disrupt Blood SupplyA New Plan to Break the Cycle of Destructive Critical Infrastructure HacksMicrosoft Says Delta Ignored Satya Nadella’s Offer of CrowdStrike HelpGoogle Violated U.S. Antitrust Laws to Maintain Dominance Over Online Search, Judge Says…How Google’s Huge Defeat in Antitrust Case Could Change How You Search the Internet…What Google’s Antitrust Defeat Means for the Search Giant and Its Partner Apple…A Microsoft Victory and Mozilla Defeat: The Fallout From Google’s Antitrust SagaAbnormal Security, Valued at $5.1 Billion Amid Email Security Push, Eyes Eventual IPOPolice Recover Over $40m Headed to BEC ScammersNearly 40 French Museums Hit By Ransomware AttackMobile Guardian Hack Leads to 13,000 Student Devices Wiped in SingaporeSumter County (FL) Sheriff’s Office Hit by Ransomware AttackNorthwest Arkansas Community College Delays Fall Classes After Ransomware AttackRonin Bridge Paused, Restarted After $12M Drained in Whitehat HackKrebs: Low-Drama ‘Dark Angels’ Reap Record RansomsNorth Korean Hackers Moonstone Sleet Push Malicious JS Packages to npm RegistrySamsung to Pay $1,000,000 for Rces on Galaxy’s Secure VaultProton VPN Adds ‘Discreet Icons’ to Hide App on Android Devices
8/5/2024 August 6, 2024August 6, 2024 ~ The Cyber Beat ~ Leave a comment North Korean Hackers Exploit VPN Update Flaw to Install MalwareCrowdStrike Is Sued by Fliers After Massive Outage Disrupts Air TravelCrowdStrike Says It’s Not to Blame for Delta’s Days-Long OutageCrowdStrike: Delta Air Lines Refused Free Help to Resolve IT OutageCompanies Sue Tech Firms After Outages, but It’s an Uphill BattleEvery Microsoft Employee Is Now Being Judged on Their Security WorkHacked, Scammed, Exposed: Why You’re One Step Away From A Major Disaster OnlineTikTok Withdraws Lite Rewards Program from EU Over Child Safety FearsChina Starts Testing National Cyber-ID Before Consultation on the Idea ClosesReplacement for Action Fraud, Uk’s Cybercrime Reporting Service, Delayed Again Until 2025Singapore Police Wrest Back $41 Million Stolen From Commodities Firm in Bec ScamNew Android Trojan “BlankBot” Targets Turkish Users’ Financial DataKazakh Organizations Targeted by ‘Bloody Wolf’ Cyber AttacksKeytronic Reports Losses of Over $17 Million After Ransomware AttackCalibrated Healthcare (CA) Notifies Healthcare Patients of Recent Data BreachHunters International Ransomware Targets IT Workers With New SharpRhino MalwareNew LianSpy Malware Hides by Blocking Android Security FeatureSneaky SnakeKeylogger Slithers Into Windows Inboxes to Steal Sensitive SecretsResearchers Uncover Flaws in Windows Smart App Control and SmartScreenCritical Flaw in Rockwell Automation Devices Allows Unauthorized AccessCritical Vulnerability in Apache OFBiz Requires Immediate PatchingGoogle Fixes Android Kernel Zero-Day Exploited in Targeted Attacks
8/2-4/2024 August 5, 2024August 5, 2024 ~ The Cyber Beat ~ Leave a comment APT28 Targets Diplomats with HeadLace Malware via Car Sale Phishing LureSensitive Illinois Voter Data Exposed by Contractor’s Unsecured DatabasesSocial Media Firms Fail to Protect Children’s Privacy, Says UK ICOKrebs: U.S. Trades Cybercriminals to Russia in Prisoner SwapWho Ya’ Gonna Call? Why IoT Companies Should Embrace Vulnerability Disclosure ProgramsWhy the Market’s Most-Regulated Companies Need Military-Grade CybersecurityU.S. Expected to Propose Barring Chinese Software in Autonomous VehiclesFive Chinese Nationals Arrested by Feds for ‘Massive’ Elder Fraud SchemeCryptonator Seized for Laundering Ransom Payments, Stolen CryptoDuckDuckGo Blocked in Indonesia Over Porn, Gambling Search ResultsIsraeli Hacktivist Group ‘WeRedEvils’ Brags It Took Down Iran’s Internet‘StormBamboo’ Hackers Breach ISP to Poison Software Updates With MalwareHackers Directly Email Customers of Immigration Firm After Damaging CyberattackFake AI Editor Ads on Facebook Push Password-Stealing MalwareSurge in Magniber Ransomware Attacks Impact Home Users WorldwideHackers Exploit Misconfigured Jupyter Notebooks with Repurposed Minecraft DDoS ToolMirai Botnet targeting OFBiz Servers Vulnerable to Directory TraversalNew Windows Backdoor BITSLOTH Exploits BITS for Stealthy CommunicationLinux Kernel Impacted by New Slubstick Cross-Cache AttackLegendary Rom Hacking Site RomHacking.net Shutting Down After Almost 20 Years
8/1/2024 August 2, 2024August 2, 2024 ~ The Cyber Beat ~ Leave a comment U.S. Releases Russian Hackers and Spies as Part of Prisoner Swap That Includes Evan Gershkovich & Paul Whelan Putin’s Trader: How Russian Hackers Stole Millions From U.S. InvestorsA $500 Open Source Tool Lets Anyone Hack Computer Chips With LasersDelta CEO: ‘When Was the Last Time You Heard of a Big Outage at Apple?CISA Names Lisa Einstein as Its First Chief AI OfficerHe Was an FBI Informant—and Inspired a Generation of Violent ExtremistsScam Platform Shut Down by UK Authorities After 1.8 Million Fraudulent CallsTech Support Scam Ring Leader Gets 7 Years in Prison, $6M FineAustralian Companies Will Soon Need to Report Ransom PaymentsTaiwan Government-Backed Research Organization Targeted by APT41 HackersCencora Confirms Patient Data Stolen in Cyber-AttackRhysida Ransomware Group Takes Credit for Columbus Cyberattack, Auctions Stolen DataHennepin County (MN) Sheriff’s Office Is Responding to Data BreachFBI Warns of Scammers Posing as Crypto Exchange EmployeesRansomEXX Group Targets Indian Banking With New TacticsHackers Distributing Malicious Python Packages via Popular Developer Q&A Platform Stack ExchangeHackers Abuse Free TryCloudflare to Deliver Remote Access MalwareTwilio Kills off Authy for Desktop, Forcibly Logs Out All Users
7/31/2024 July 31, 2024July 31, 2024 ~ The Cyber Beat ~ Leave a comment Urgent Blood Donation Appeal Issued in U.S. After Critical OneBlood Ransomware AttackDDoS Attack Triggers New Microsoft Global Outage…‘Error’ in Microsoft’s DDoS Defenses Amplified 8-hour Azure OutageSwiss Stock Exchange Suffers Hours-Long Outage After Data GlitchCISA and FBI: DDoS Attacks Won’t Impact U.S. Election IntegrityKrebs: Don’t Let Your Domain Name Become a “Sitting Duck”Credit Card Users Get Mysterious shopify-charge.com ChargesCan GPT-4o Be Trusted With Your Private Data?Meta to Pay Texas $1.4bn for Unlawful Biometric Data CaptureCrowdStrike Is Sued by Shareholders Over Huge Software OutageRussia Legalizes Cryptocurrency Mining as Ongoing Global Sanctions Continue to Disrupt Traditional FinancesGermany Summons Chinese Ambassador Over Cyberattack on Cartography AgencyWorld Leading Silver Producer Fresnillo Discloses CyberattackRansomware Attack Forces Hundreds of Small Indian Banks Offline, Sources SayChinese Hackers Target Japanese Firms with LODEINFO and NOOPDOOR MalwareFraud Ring Pushes 600+ Fake Web Shops via Facebook AdsNew SMS Stealer Malware Targets Over 600 Global BrandsNew PyPI Package Zlibxjson Steals Discord, Browser DataCybercriminals Deploy 100K+ Malware Android Apps to Steal OTP CodesNew Android Malware ‘BingoMod’ Wipes Your Device After Draining Bank AccountsGoogle Ads Push Fake Google Authenticator Site Installing MalwareDigiCert to Revoke 83,000+ SSL Certificates Due to Domain Validation OversightNo Really, What Cybersecurity Requirements and Standards Does My Company Need to Follow and Why?
7/30/2024 July 30, 2024July 30, 2024 ~ The Cyber Beat ~ Leave a comment Russia, Moldova Targeted by Obscure Hacking Group in New XDSpy Cyberespionage CampaignNew SideWinder Cyber Attacks Target Maritime Facilities in Multiple CountriesU.S. Senate Bill Would Radically Improve Voting Machine SecurityUK ICO Slams Electoral Commission for Basic Security FailingsStolen GenAI Accounts Flood Dark Web With 400 Daily Listings‘LockBit of Phishing’ EvilProxy Used in More Than a Million Attacks Every MonthJust One in 10 Attacks Flagged By Security ToolsCybersecurity Firm Tenable Is Exploring a Potential SaleDelta Hires David Boies to Seek Damages From CrowdStrike, Microsoft After OutageMalaysia Is Working on an Internet ‘Kill Switch’, Says MinisterSophisticated Phishing Campaign Targets Microsoft OneDrive UsersBlack Basta Ransomware Switches to More Evasive Custom MalwareDark Angels Ransomware Receives Record-Breaking $75 Million RansomCybercriminals Target Polish Businesses with Agent Tesla and Formbook MalwareVMware ESXi Flaw Exploited by Ransomware Groups for Admin AccessNew Specula Tool Uses Outlook for Remote Code Execution in WindowsGoogle Chrome Adds App-Bound Encryption to Block Infostealer MalwareDigiCert Mass-Revoking TLS Certificates Due to Domain Validation Bug‘The Worst Thing You Can Do’ After a Data Breach, According to a Cybersecurity Expert
7/29/2024 July 29, 2024July 29, 2024 ~ The Cyber Beat ~ Leave a comment Saboteurs Cut Internet Cables in Latest Disruption During Paris OlympicsQuad Foreign Ministers Decry Dangerous South China Sea ActionsAnother European Parliament Member Says He’s Been Targeted With Commercial SpywareProofpoint Email Routing Flaw Exploited to Send Millions of Spoofed Phishing EmailsKrebs: Crooks Bypassed Google’s Email Verification to Create Workspace Accounts, Access 3rd-Party ServicesHow Infostealers Pillaged the World’s PasswordsMeta’s AI Safety System Defeated by the Space BarApple iOS 18.1 Beta Previews Apple Intelligence For the First TimeFormer Avaya Employee Gets 4 Years for $88M License Piracy SchemePro-Ukrainian Hackers Claim Attack on Russian Cyber CompanyIntruders at HealthEquity Rifled Through Storage, Stole 4.3M People’s DataHairClub for Men Notifies Consumers of October 2023 Data BreachTown of Summerville (SC) Says Sensitive Data May Have Been Stolen During Recent CyberattackGh0st RAT Trojan Targets Chinese Windows Users via Fake Chrome SiteMandrake Spyware Infects 32,000 Devices Via Google Play AppsWalmart Discovers New PowerShell Backdoor Linked to Zloader MalwareHotjar, Business Insider Vulnerabilities Expose OAuth Data Risks
7/26-28/2024 July 28, 2024July 28, 2024 ~ The Cyber Beat ~ Leave a comment Attack on Train System Highlights Broad Array of Security Threats to Paris OlympicsECB’s Cyber Security Test Shows ‘Room for Improvement’ for BanksCrowdStrike Says Over 97% of Windows Sensors Back Online…Hacktivists Claim Leak of CrowdStrike Threat Intelligence…CrowdStrike Warns of New Phishing Scam Targeting German Customers…Microsoft Calls for Windows Changes and Resilience After CrowdStrike OutageSecure Boot Is Completely Broken on 200+ Models From 5 Big Device MakersWhy You Should Avoid Use of One-Time Passwords Sent by TextThe Personal Cybersecurity Concierge Is a New Perk, and Need, Among the WealthyDespite Bans, AI Code Tools Widespread in OrganizationsX Begins Training Grok AI With Your Posts, Here’s How to DisableRussian Ransomware Gangs Account for 69% of All Ransom ProceedsFBCS Data Breach Impact Now Reaches 4.2 Million PeoplePrivate Health Information of More Than 1,600 UAB Patients Exposed on PostcardsAllcare Medical Management (CA) Data Breach Affects Patients of FPA Women’s HealthSynnovis Restores Systems After Cyber-Attack, But Blood Shortages RemainCasper Network Halts Operations Following Security BreachOngoing Cyberattack Targets Exposed Selenium Grid Services for Crypto MiningCrypto Exchange Gemini Discloses Third-Party Data BreachMalicious PyPI Package Targets macOS to Steal Google Cloud CredentialsWhatsApp for Windows Lets Python, PHP Scripts Execute With No WarningAcronis Warns of Cyber Infrastructure Default Password Abused in Attacks
7/25/2024 July 25, 2024July 25, 2024 ~ The Cyber Beat ~ Leave a comment North Korean APT45 Hackers Stealing Military Secrets, Say U.S. and AlliesAt the Olympics, AI Is Watching YouLas Vegas Transit System Is Nation’s First to Plan Full Deployment of AI Surveillance System for WeaponsCrowdStrike Offers a $10 Apology Uber Eats Gift Card to Say Sorry for OutageInsurers Brace for Claims From Global Tech Outage‘Innovative’ £9.27m Shared Workspace Opens in TownKaspersky Says Uncle Sam Snubbed Proposal to Open up Its Code for Third-Party ReviewUncle Sam Accuses Florida Man Telco IT Pro of Decade-Long Spying Campaign for ChinaU.S. Offers $10M for Tips on DPRK Hacker Linked to Maui Ransomware AttacksFrench Police Push PlugX Malware Self-Destruct Payload to Clean PCsBelarus-Linked Hackers Target Ukrainian Orgs With PicassoLoader MalwarePro-Palestinian Actor Levels 6-Day DDoS Attack on UAE BankColumbus (OH) Reports Cyber Incident as Multiple Cities Recover From Ransomware AttacksFuturity First Insurance (CT) Provides Notice of November 2033 Data BreachResearchers Reveal ConfusedFunction Vulnerability in Google Cloud PlatformProgress Warns of Critical RCE Bug in Telerik Report ServerCritical ServiceNow RCE Flaws Actively Exploited to Steal CredentialsPKfail Secure Boot Bypass Lets Attackers Install UEFI MalwareCISA Warns of Exploitable Vulnerabilities in Popular BIND 9 DNS Software
7/24/2024 July 24, 2024July 24, 2024 ~ The Cyber Beat ~ Leave a comment North Korean Hackers Targeted Cybersecurity Firm KnowBe4 with Fake IT WorkerMajor Russian Banks Hit with DDoS Attacks as Ukraine Claims ResponsibilityCrowdStrike Blames Test Software for Taking Down 8.5 Million Windows Machines…No Sign Microsoft Plans to Limit CrowdStrike Access to Windows After Outage, Source SaysThis Machine Exposes Privacy ViolationsChrome Adds New Warnings and Cloud Scanning for Suspicious DownloadsGoogle Criticized for Abandoning Cookie Phase-OutGoogle Chrome Now Warns About Risky Password-Protected ArchivesSchool Gets an F for Using Facial Recognition on Kids in CanteenBreachForums v1 Database Leak is an OPSEC Test for HackersEncrypted Apps Still a Challenge as FBI Probes Trump Shooter’s Devices, Wray SaysData Pilfered From Pentagon IT Supplier LeidosCrypto Exchange MonoSwap Has Been Hacked, Warns Users Not to Deposit FundsHamster Kombat’s 250 Million Players Targeted in Malware AttacksBrookfield Zoo (IL) Confirms Data Breach; Employee Information AccessedJefferson County (KY) Clerk’s Offices to Remain Closed on Thursday Amid CyberattackA Hacker ‘Ghost’ Network Is Quietly Spreading Malware on GitHubPatchwork Hackers Target Bhutan with Advanced Brute Ratel C4 ToolMicrosoft Defender Flaw Exploited to Deliver ACR, Lumma, and Meduza StealersDocker Fixes Critical 5-Year Old Authentication Bypass FlawCISA Adds Twilio Authy and IE Flaws to Exploited Vulnerabilities ListMeta Bans 63,000 Accounts Belonging to Nigeria’s Sextortionist Yahoo Boy
7/23/2024 July 23, 2024July 24, 2024 ~ The Cyber Beat ~ Leave a comment CrowdStrike CEO to Testify About Massive Outage That Halted Flights and Hospitals and More…Inside the 78 Minutes That Took Down Millions of Windows Machines…CrowdStrike’s Botched Tech Update Wasn’t Unique. Are Lessons Ever Learned?…DOT Investigating Delta Over IT Outage Chaos…Fake CrowdStrike Repair Manual Pushes New Infostealer MalwareRussia Shifts Cyber Focus to Battlefield Intelligence in UkraineHow Russia-Linked Malware Cut Heat to 600 Ukrainian Buildings in Deep Winter…‘FrostyGoop’Possible APT28-Linked Hackers Target Ukraine’s Scientific InstitutionsUkrainian Institutions Targeted Using HATVIBE and CHERRYSPY MalwareChinese Hackers Target Taiwan and U.S. NGO with MgBot MalwareChinese Espionage Group Upgrades Malware Arsenal to Target All Major OSGreece’s Land Registry Agency Breached in Wave of 400 CyberattacksBreachForums v1 Hacking Forum Data Leak Exposes Members’ InfoDeFi Exchange dYdX v3 Website Hacked in DNS Hijack AttackRed Art Games Hit with Major Cyber AttackEmployer Flexible (TX) Confirms Data Breach Related to myHR PlatformMagento Sites Targeted with Sneaky Credit Card Skimmer via Swap FilesGoogle Abandons Plan to Phase Out Third-Party Cookies in ChromeFTC Launches Probe Into How Companies Use Data to Tailor What Each Customer PaysVerizon to Pay $16 Million in TracFone Data Breach SettlementWiz Rejects Google’s $23 Billion Takeover in Favor of IPOKrebs: Phish-Friendly Domain Registry “.top” Put on Notice
7/22/2024 July 22, 2024July 22, 2024 ~ The Cyber Beat ~ Leave a comment CrowdStrike Update That Caused Global Outage Likely Skipped Checks, Experts Say…‘Significant Number’ of Devices Fixed – CrowdStrike…Microsoft Releases a CrowdStrike Recovery Tool – Here’s How It WorksThe Pentagon Wants to Spend $141 Billion on a Doomsday MachineRansomware Groups Fragment Amid Rising Cybercrime Threats…Cybercrooks Crafting Solo Careers in Wake of Recent Ransomware Takedowns & DisruptionsPolice Infiltrates, Takes Down DigitalStress DDoS-For-Hire ServiceSpain Arrests Three for Using DDoSia Hacktivist PlatformLos Angeles County Court System Slated to Reopen Tuesday After Ransomware Attack56K Michigan Medicine Patients’ Information Potentially Exposed in May CyberattacksExperts Uncover Chinese Cybercrime Network Behind Gambling and Human TraffickingPlay Ransomware Expands to Target VMWare ESXi EnvironmentsPINEAPPLE and FLUXROOT Hacker Groups Abuse Google Cloud for Credential PhishingSocGholish Malware Exploits BOINC Project for Covert CyberattacksTelegram Zero-Day Allowed Sending Malicious Android APKs as Videos
7/19-21/2024 July 21, 2024July 21, 2024 ~ The Cyber Beat ~ Leave a comment Major Tech Outage Grounds Flights, Hits Banks and Businesses Worldwide…Krebs: Global Microsoft Meltdown Tied to Bad CrowdStrike Update…IT Teams Scramble to Recover From CrowdStrike Incident as Officials Warn of ‘Risks of Consolidation…CrowdStrike IT Outage Affected 8.5 Million Windows Devices, Microsoft Says…The CrowdStrike Outage and Global Software’s Single-Point Failure Problem…Fast and Automated: Global Tech Outage Shows Hazards of Cloud Software Updates…CrowdStrike Has a New Guidance Hub for Dealing with the Windows Outage…Cybercriminals Exploit CrowdStrike Update Mishap to Distribute Remcos RAT Malware…Don’t Fall for CrowdStrike Outage Scams…More U.S. Flights Cancelled in Wake of Global Cyber Outage…IT Outage Exposes Fragility of Tech InfrastructureIDF Has Rebuffed 3 Billion Cyberattacks Since Oct. 7, Colonel ClaimsHackers Are Using Fake Drone Contracts to Infect Ukrainian Defense EnterprisesAPT41 Infiltrates Networks in Italy, Spain, Taiwan, Turkey, and the UKPro-Houthi Group Targets Yemen Aid Organizations with Android SpywareRansomware Attack Shuts Down Los Angeles Superior Court SystemsThe Feds Say These Are the Russian Hackers Who Attacked U.S. Water UtilitiesTwo Russian Nationals Plead Guilty in LockBit Ransomware Attacks17-Year-Old Linked to Scattered Spider Cybercrime Syndicate, Including MGM Hack, Arrested in UKDHS Watchdog Rebukes CISA and Law Enforcement Training Center for Failing to Protect DataDHS Inspector General: Coast Guard Shortcomings Hinder Us Maritime Security
7/18/2024 July 18, 2024July 18, 2024 ~ The Cyber Beat ~ Leave a comment Von Der Leyen Pledges to Tackle Ransomware Attacks Against EU HospitalsChainalysis Launches Public-Private Plans to Crack Down on Crypto ScamsFirms Skip Security Reviews of Major App Updates About Half the TimeSolarWinds Beats Most of U.S. SEC Lawsuit Over Russia-Linked Cyberattack…SolarWinds Fixes 8 Critical Bugs in Access Rights Audit SoftwareKaspersky Challenges U.S. Government to Put Up or Shut up About Kremlin TiesMeta Halts AI Use in Brazil Following Data Protection Authority’s BanAlleged ‘Maniac Murder Cult’ Leader ‘Commander Butcher’ Indicted Over Plot to Murder JewsHacker Jailed After Jobcentre Suffers Cyber AttacksUK National Blood Stocks in ‘Very Fragile’ State Following Ransomware AttackNearly 13 Million Australians Affected by MediSecure AttackSAP AI Core Flaws Expose Sensitive Customer Data and KeysLiverpool Suspend Ticket Sales After Cyber AttackIndian Crypto Platform WazirX Confirms $230 Million Stolen During CyberattackRevolver Rabbit Gang Registers 500,000 Domains for Malware CampaignsTAG-100: New Threat Actor Uses Open-Source Tools for Widespread World-Wide AttacksHotPage Malware Hijacks Browsers With Signed Microsoft DriverCritical Cisco Bug Lets Hackers Add Root Users on SEG Devices
7/17/2024 July 17, 2024July 17, 2024 ~ The Cyber Beat ~ Leave a comment Paris 2024 Olympics Face Escalating Cyber-Threats‘Ghostemperor’ Returns: Mysterious Chinese Hacking Group Spotted for First Time in Two YearsChina-Linked APT17 Targets Italian Companies with 9002 RAT MalwareNorth Korean Hackers Update BeaverTail Malware to Target MacOS UsersThe U.S. Supreme Court Kneecapped U.S. Cyber Strategy, Now Up to U.S. CongressKaspersky Gives U.S. Customers Six Months of Free Updates as a Parting GiftData Breaches Highlight Lack of Basic Cyber ControlsGoogle-Backed Software Developer Gitlab Explores Sale, Sources SayCraig Wright Admits He Isn’t the Inventor of Bitcoin After High Court Judgment in UKTraining at Black Hat to Focus on Equipping Cybersecurity Leaders With Soft SkillsGlobal Police Swoop on Black Axe Cybercrime SyndicateOver 400,000 Life360 User Phone Numbers Leaked via Unsecured APIYacht Giant MarineMax Data Breach Impacts Over 123,000 PeopleHackney Council in London Reprimanded for Failing to Prevent Ransomware AttackFurniture Giant Bassett Shuts Down Manufacturing Facilities After Ransomware AttackShadowroot Ransomware Lures Turkish Victims via Phishing AttacksQilin Ransomware’s Sophisticated Tactics Unveiled By ExpertsFIN7 Group Advertises Security-Bypassing Tool on Dark Web ForumsIraq-Based Cybercriminals Deploy Malicious Python Packages to Steal DataCisco SSM On-Prem Bug Lets Hackers Change Any User’s PasswordCritical Apache HugeGraph Vulnerability Under Attack – Patch ASAPExchange Online Adds Inbound DANE with DNSSEC For Security Boost