11/14/2024 November 14, 2024November 14, 2024 ~ The Cyber Beat ~ Leave a comment Trump’s Second Term Is Expected to Bring Big Change to Top U.S. Cyber Agency…More Spyware, Fewer Rules: What Trump’s Return Means for U.S. Cybersecurity…Washington’s Cybersecurity Storm of ComplacencySitting Ducks DNS Attacks Put Global Domains at RiskGoogle Warns of Rising Cloaking Scams, AI-Driven Fraud, and Crypto SchemesBank of England U-turns on Vulnerability Disclosure RulesCybercriminal Devoid of Boundaries Gets 10-Year Prison SentenceTeen Behind Hundreds of Swatting Attacks Pleads Guilty to Federal ChargesMalware Being Delivered by Mail, Warns Swiss Cyber AgencyHungary Confirms Hack of Defense Procurement AgencyKids’ Shoemaker Start-Rite Trips Over Security Again, Spilling Customer Card InfoMicrosoft Power Pages Misconfiguration Leads to Data ExposureNew Glove Infostealer Malware Bypasses Chrome’s Cookie EncryptionRussian Hackers Exploit New NTLM Flaw to Deploy RAT Malware via Phishing EmailsNew RustyAttr Malware Targets macOS Through Extended Attribute AbuseCISA Warns of More Palo Alto Networks Bugs Exploited in AttacksChatGPT Allows Access to Underlying Sandbox OS, “Playbook” Data
11/13/2024 November 13, 2024November 13, 2024 ~ The Cyber Beat ~ Leave a comment China-Linked Hackers Stole Surveillance Data From Telecom Companies, U.S. SaysHamas-Affiliated WIRTE Employs SameCoin Wiper in Disruptive Attacks Against IsraelTrump’s Second Term Is Expected to Bring Big Change to Top U.S. Cyber Agency…Top White House Cyber Official Urges Trump to Focus on Ransomware, ChinaThese Are the Passwords You Definitely Shouldn’t Be UsingLeaked Info of 122 Million Linked to B2B Data Aggregator BreachData Broker Amasses 100M+ Records on People – Then Someone Snatches, Sells ItThese Guys Hacked AirPods to Give Their Grandmas Hearing AidsAmazon MOVEit Leaker Claims to Be Ethical HackerChinese National Faces 20 Years in U.S. Prison for Laundering Pig-Butchering ProceedsChina-Linked Group Hacked Tibetan Media and University Sites to Distribute Cobalt Strike PayloadEmbargo Ransomware Fiends Boast They’ve Stolen 1.4TB From U.S. Pharmacy NetworkWisconsin City of Sheboygan Says Ransom Demanded After CyberattackASM Global (CA) Notifies Affected Individuals of Recent Data BreachHive0145 Targets Europe with Advanced Strela Stealer CampaignsNew ShrinkLocker Ransomware Decryptor Recovers Bitlocker PasswordCritical Bug in EoL D-Link NAS Devices Now Exploited in AttacksKrebs: Microsoft Patch Tuesday, November 2024 EditionNIST Says Exploited Vulnerability Backlog Cleared but End-Of-Year Goal for Full List UnlikelyNew Google Pixel AI Feature Analyzes Phone Conversations for Scams
11/12/2024 November 12, 2024November 12, 2024 ~ The Cyber Beat ~ Leave a comment German Interior Minister Warns of Cyber Threat Ahead of ElectionsVolt Typhoon Rebuilds Malware Botnet Following FBI DisruptionSurge in Exploits of Zero-Day Vulnerabilities Is ‘New Normal’ Warns Five Eyes AllianceFBI, CISA, and NSA Reveal Most Exploited Vulnerabilities of 2023Microsoft November 2024 Patch Tuesday Fixes 4 Zero-Days, 91 Flaws…Two Zero-Day Bugs in Microsoft’s Nov. Update Under Active Exploit…Windows 10 KB5046613 Update Released with Fixes For Printer BugsCISOs Turn to Indemnity Insurance as Breach Pressure MountsSignal Introduces Convenient “Call Links” for Private Group ChatsPentagon Leaker Sentenced to 15 Years in Jail After Sharing Military Secrets OnlineDutch Company Behind Hannaford, Stop & Shop Says Cyber Issue Affecting U.S. NetworkDelta, Amazon Confirm Vendor Breach as Dark Web Posts Revive MOVEit Leak ConcernsBBS Financial (MA) Confirms Data Breach Following January 2024 Ransomware AttackNorth Korean Hackers Target macOS Using Flutter-Embedded MalwareTA455’s Iranian Dream Job Campaign Targets Aerospace with MalwarePhishing Tool GoIssue Targets Developers on GitHubNew Flaws in Citrix Virtual Apps Enable RCE Attacks via MSMQ MisconfigurationD-Link Won’t Fix Critical Bug in 60,000 Exposed EoL ModemsHow Italy Became an Unexpected Spyware Hub
11/11/2024 November 12, 2024 ~ The Cyber Beat ~ Leave a comment Credit Cards Readers Across Israeli Stores, Gas Stations Crash in CyberattackFBI Issues Warning as Crooks Ramp up Emergency Data Request ScamsWEF Introduces Framework to Strengthen Anti-Cybercrime PartnershipsSecurity Flaws in Popular ML Toolkits Enable Server Hijacks, Privilege EscalationThe AI Machine Gun of the Future Is Already HereHalliburton Reports $35 Million Loss After Ransomware AttackOpen Source Security Incidents Aren’t Going AwayAmazon Confirms Employee Data Breach, but Says It’s Limited to Contact InfoHIBP Notifies 57 Million People of Hot Topic Data BreachFood Lion Acknowledges They Were Hit by CyberattackSet Forth, Inc. (IL) Sends Data Breach Letters to 1.5 Million ConsumersEnglish Construction Company (VA) Targeted in Ransomware Attack, Leading to Data Breach Affecting Former EmployeesNew Remcos RAT Variant Targets Windows Users Via PhishingNew Ymir Ransomware Partners With RustyStealer in Attacks
11/8-10/2024 November 10, 2024November 10, 2024 ~ The Cyber Beat ~ Leave a comment Pro-Russian Hacktivists Target South Korea as North Korea Joins Ukraine WarAuthorities Work to Find the Source of Racist Texts Sent to Black People Nationwide After the ElectionTSA Wants to Expand Cyber Rules for Pipelines and RailroadsScattered Spider, BlackCat Claw Their Way Back From Criminal UndergroundScammers Target UK Senior Citizens With Winter Fuel Payment TextsGoogle’s Mysterious ‘search.app’ Links Leave Android Users ConcernedA New iOS 18 Security Feature Makes It Harder for Police to Unlock iPhonesFBI: Spike in Hacked Police Emails, Fake Subpoenas (Krebs)Bitcoin Fog Founder Sentenced to 12 Years for Cryptocurrency Money LaunderingIcePeony and Transparent Tribe Target Indian Entities with Cloud-Based ToolsMalicious NPM Packages Target Roblox Users with Data-Stealing MalwareMalicious PyPI Package with 37,000 Downloads Steals AWS KeysHackers Now Use Zip File Concatenation to Evade DetectionCritical Veeam RCE Bug Now Used in Frag Ransomware AttacksUnpatched Mazda Connect Bugs Let Hackers Install Persistent MalwarePalo Alto Advises Securing PAN-OS Interface Amid Potential RCE Threat ConcernsD-Link Won’t Fix Critical Flaw Affecting 60,000 Older NAS DevicesHow the Creator of Zero Trust Developed Today’s Most Robust Cybersecurity StrategyRussia’s Internet Watchdog Blocks Thousands of Websites That Use Cloudflare’s Privacy Service
11/7/2024 November 8, 2024November 8, 2024 ~ The Cyber Beat ~ Leave a comment U.S. Agency Warns Employees About Phone Use Amid Ongoing China HackChina-Aligned MirrorFace Hackers Target EU Diplomats with World Expo 2025 BaitChina-Linked Hackers Tasked With Japanese Targets Pursue Them Through EuropeCanada Orders Shutdown of Local TikTok Branch Over Security Concerns764 Terror Network Member Richard Densmore Sentenced to 30 Years in PrisonAkamai Forecasts Fourth-Quarter Revenue Below Estimates on Weak Client SpendingCloudflare’s Q4 Revenue Forecast Falls Short as Cybersec Competition IntensifiesFortinet’s Quarterly Revenue Forecast Disappoints, Shares FallDatadog Raises Annual Forecast Betting on AI-Driven Cybersecurity DemandDefenders Outpace Attackers in AI AdoptionNokia Says Hackers Leaked Third-Party App Source CodeTexas-Based Oilfield Supplier Newpark Resources Faces Disruptions Following Ransomware AttackOrthopedicsNY Files Official Notice of 2023 Data Breach Affecting Patient InformationNorth Korean Hackers Target Crypto Firms with Hidden Risk Malware on macOSDon’t Open That ‘Copyright Infringement’ Email Attachment – It’s an InfostealerAndroxgh0st Botnet Adopts Mozi Payloads, Expands IoT ReachMalicious PyPI Package ‘Fabrice’ Found Stealing AWS Keys from Thousands of DevelopersCISA Warns of Critical Palo Alto Networks Bug Exploited in AttacksHPE Warns of Critical Rce Flaws in Aruba Networking Access PointsThe Power of Process in Creating a Successful Security Posture
11/6/2024 November 7, 2024November 7, 2024 ~ The Cyber Beat ~ Leave a comment Top U.S. Cyber Official Says ‘No Evidence of Malicious Activity’ Impacting ElectionFact Check: Georgia Voter Fraud Video Labeled Russian Disinformation Uses False Personal DataIRISSCON: Organizations Still Falling Victim to Predictable Cyber-AttacksCybercrooks Are Targeting Bengal Cat Lovers in Australia for Some ReasonPeople Urged to Update Some Internet RoutersGermany Drafts Law to Protect Researchers Who Find Security FlawsMajor Ukrainian University Bans Telegram to Reduce CyberthreatsUK Orders Chinese Owners to Relinquish Control of Scottish Semiconductor BusinessMassive Nigerian Cybercrime Bust Sees 130 ArrestedWashington Courts’ Systems Offline Following Weekend CyberattackCyber-Attack on Microlise Disrupts DHL and Serco Tracking ServicesCyberattack Disables Tracking Systems and Panic Alarms on British Prison VansSelectBlinds Says 200,000 Customers Impacted After Hackers Embed Malware on SiteNokia: No Evidence So Far That Hackers Breached Company DataWinos4.0 Malware Found in Game Apps, Targets Windows UsersNew SteelFox Malware Hijacks Windows PCs Using Vulnerable DriverVEILDrive Attack Exploits Microsoft Services to Evade Detection and Distribute MalwareCisco Bug Lets Hackers Run Commands as Root on UWRB Access Points
11/5/2024 November 5, 2024November 5, 2024 ~ The Cyber Beat ~ Leave a comment The FBI Says Russian Emails Are Sending Fake Bomb Threats to Polling Stations…Russia Is Going All Out on Election Day InterferenceU.S. Warns of Last-Minute Iranian and Russian Election Influence Ops…Officials Warn Against Fake U.S. Election Videos, but See Little DisruptionClickFix Exploits Users with Fake Errors and Malicious CodeInterpol Disrupts Cybercrime Activity on 22,000 IP Addresses, Arrests 41Krebs: Canadian Man Arrested in Snowflake Data ExtortionsA Kansas Pig Butchering: CEO Who Defrauded Bank, Church, Friends Gets 24 YearsFBI Seeks Public Help to Identify Chinese Hackers Behind Global Cyber IntrusionsMeta Found to Have Exposed Info on North Korean Defectors to AdvertisersUkraine Accuses Google of Revealing Locations of Its Military SystemsGeorgia Hospital Unable to Access Record System After Ransomware AttackSchneider Electric Ransomware Crew Demands $125K Paid in BaguettesChinese Group Accused of Hacking Singtel in Telecom AttacksChinese Air Fryers May Be Spying on Consumers, Which? WarnsToxicPanda Malware Targets Banking Apps on Android DevicesPakistani Hackers Targeted High-Profile Indian Entities using Custom ElizaRATMalware Campaign Uses Ethereum Smart Contracts to Control npm Typosquat PackagesSynology Urges Patch for Critical Zero-Click RCE Flaw Affecting Millions of NAS DevicesGoogle Warns of Actively Exploited CVE-2024-43093 Vulnerability in Android SystemGoogle Cloud to Make MFA Mandatory by the End of 2025How to Win at Cyber by Influencing People
11/4/2024 November 5, 2024November 5, 2024 ~ The Cyber Beat ~ Leave a comment U.S. Cybersecurity Chief Says Disinformation Surge Hasn’t Impacted Election…In Final Check-in Before Election Day, CISA Cites Low-Level Threats, and Not Much ElseNakasone Says All the News About Influence Campaigns Ahead of Election Day Is Actually ‘A Sign of Success’Rep. Yvette Clarke on AI-Fueled Disinformation: ‘We Have Not Protected Ourselves in Time for This Election Cycle’U.S. Says Russia Behind Fake Haitian Voters VideoMoldova Elects Pro-West President Maia Sandu Despite Russian InterferenceCustom “Pygmy Goat” Malware Used in Sophos Firewall Hack on Gov’t NetworkInside the Massive Crime Industry That’s Hacking Billion-Dollar CompaniesNorthern Minnesota Man Cost Former Employer $45K in Cryptojacking Scheme, Charges SayNigerian Handed 26-Year Sentence for Real Estate Phishing ScamGoogle Researchers Claim First Vulnerability Found Using AISchneider Electric Confirms Dev Platform Breach After Hacker Steals DataNokia Investigates Breach After Hacker Claims to Steal Source CodeCisco Says DevHub Site Leak Won’t Enable Future BreachesColumbus (OH) Ransomware Attack Exposes Data of 500,000 ResidentsMiddlesbrough Council Targeted in Second Cyber Attack in a WeekHouston Housing Authority Was Victim of a Ransomware Attack, Agency SaysKemlon Products & Development Group (TX) Files Official Notice of Data BreachMeet Interlock — The New Ransomware Targeting FreeBSD ServersWindows Infected With Backdoored Linux VMs in New Phishing AttacksCybercriminals Exploit DocuSign APIs to Send Fake InvoicesSupply Chain Attack Uses Smart Contracts for C2 OpsCritical Flaws in Ollama AI Framework Could Enable DoS, Model Theft, and Poisoning
11/1-3/2024 November 3, 2024November 5, 2024 ~ The Cyber Beat ~ Leave a comment Georgia Says U.S., Election Disinformation Likely Coming From Russian Troll FarmsU.S. Blames Russia Over Video Falsely Alleging Fraudulent Voting in State of GeorgiaChina’s Typhoon Hacks Ahead of U.S. Election Spurred by Elite CompetitionCyber Threats and the Election: What You Need to KnowSophos Warns Chinese Hackers Are Becoming StealthierMicrosoft Warns of Chinese Botnet Exploiting Router Flaws for Credential TheftU.S. and Israel Warn of Iranian Threat Actor’s New TradecraftKrebs: Booking.com Phishers May Leave You With ReservationsThey’re Giving Scammers All Their Money. The Kids Can’t Stop Them.6 IT Contractors Arrested for Defrauding Uncle Sam Out of MillionsDDoS Site Dstat.cc Seized and Two Suspects Arrested in GermanyFlorida Man Accused of Hacking Disney World Menus, Changing Font to WingdingsHack Nintendo’s Alarm Clock to Show Cat Pics? Let’s-A-Go!ChatGPT-4o Can Be Used for Autonomous Voice-Based ScamsOpenAI’s New ChatGPT Search Chrome Extension Feels Like a Search HijackerLA Housing Authority Confirms Breach Claimed by Cactus RansomwareSan Joaquin County Superior Court (CA) Suffering From Tech Outages After CyberattackRansomware Attack Hits German Pharmaceutical Wholesaler AEP, Disrupts Medicine SuppliesYoung People’s Data Feared Stolen in Cyberattack on French Government ContractorSaint Xavier University Notifies Over 200k People of Recent Data BreachMiddlesbrough Council Website Restored After Online AttackA Devon School ‘Blackmailed’ by Hackers in Cyber-AttackLastPass Warns of Fake Support Centers Trying to Steal Customer DataAn Okta Login Bug Bypassed Checking Passwords on Some Long UsernamesMicrosoft SharePoint RCE Bug Exploited to Breach Corporate NetworkZero-Click Flaw Exposes Potentially Millions of Popular Storage Devices to AttackCISA Warns of Critical Software Vulnerabilities in Industrial DevicesMicrosoft Delays Windows Copilot+ Recall Release Over Privacy ConcernsFederal Agency Investigating How Meta Uses Consumer Financial Data for Advertising
10/31/2024 October 31, 2024October 31, 2024 ~ The Cyber Beat ~ Leave a comment Pro-Russia Hackers Claim Council Cyber Attacks, Including Greater ManchesterSuspected Pro-Ukraine Cyberattack Knocks Out Parking Enforcement in Russian CityCanadian Government Data Stolen By Chinese HackersMicrosoft: Chinese Hackers Use Quad7 Botnet to Steal CredentialsInside a Firewall Vendor’s 5-Year War With the Chinese Hackers Hijacking Its DevicesThe Untold Story of Trump’s Failed Attempt to Overthrow Venezuela’s PresidentFBI: Iranian Cyber Group Targeted Summer Olympics With Attack on French Display ProviderUK Finance Firms Told to Beef up Buffers Against Crowdstrike-Like EventsMicrosoft Wants $30 if You Want to Delay Windows 11 Switch2024 Looks Set to Be Another Record-Breaking Year for Ransomware — And It’s Likely Going to Get WorseOver a Thousand Online Shops Hacked to Show Fake Product ListingsLarge Peruvian Bank Warns of Data Theft After Dark Web Post EmergesBlackburn College Still Operating Despite Cyber-AttackSt. Anthony Regional Hospital (IA) Provides Notice of Data BreachLottieFiles Supply Chain Attack Exposes Users to Malicious Crypto Wallet DrainerNew Xiu Gou Phishing Kit Targets U.S., Other Countries with MascotHackers Target Critical Zero-Day Vulnerability in PTZ CamerasLiteSpeed Cache WordPress Plugin Bug Lets Hackers Get Admin AccessqBittorrent Fixes Flaw Exposing Users to MitM Attacks for 14 YearsCybersecurity Job Market Stagnates, Dissatisfaction AboundsRussia to Ban Cryptocurrency Mining in Some Regions Due to Electricity Shortages
10/30/2024 October 31, 2024October 31, 2024 ~ The Cyber Beat ~ Leave a comment Midnight Blizzard Spearphishing Campaign Targets Thousands with RDP FilesNorth Korean Group Collaborates with Play Ransomware in Significant Cyber AttackBeijing Claims It’s Found ‘Underwater Lighthouses’ That Its Foes Use for Espionage‘We’re a Fortress Now’: The Militarization of U.S. Elections Is HereColorado Voting System Partial Passwords Accidentally Posted on Government WebsiteFBI: Upcoming U.S. General Election Fuel Multiple Fraud SchemesFired Disney Staffer Accused of Hacking Menu to Add Profanity, Wingdings, Removes Allergen InfoKrebs: Change Healthcare Breach Hits 100M Americans…UnitedHealth Hires Cybersecurity Veteran as New CISOGoogle’s AI-Fueled Gains in Cloud Bode Well for Amazon, MicrosoftCyber Vendor Netskope Plans 2025 IPOInterbank Confirms Data Breach Following Failed Extortion, Data LeakStarkweather and Shepley Insurance Brokerage (RI) Provides Notice of Recent Data BreachHackers Steal 15,000 Cloud Credentials From Exposed Git Config FilesMalware Campaign Expands Its Use of Fake CAPTCHAsUpdated FakeCall Malware Targets Mobile Devices with VishingMalvertising Campaign Hijacks Facebook Accounts to Spread SYS01stealer MalwareResearchers Uncover Python Package Targeting Crypto Wallets with Malicious CodeOpera Browser Fixes Big Security Hole That Could Have Exposed Your InformationApple Rolls Out Major Security Update to Patch macOS and iOS VulnerabilitiesQNAP Patches Second Zero-Day Exploited at Pwn2Own to Get RootWhen Cybersecurity Tools Backfire
10/29/2024 October 29, 2024October 29, 2024 ~ The Cyber Beat ~ Leave a comment Trump Family Members and Biden Aides Among China Hack TargetsMerde! Macron’s Bodyguards Reveal His Location by Sharing Strava DataRussia and China-Linked State Hackers Intensify Attacks on Netherlands, Security Officials WarnSuspicious Social Media Accounts Deployed Ahead of COP29Five Eyes Agencies Launch Startup Security InitiativeSix Senators Tell Biden Administration UN Cybercrime Treaty Must Be ChangedNIS2 Compliance Puts Strain on Business BudgetsTSA Silent on CrowdStrike’s Claim Delta Skipped Required Security UpdateMoneyGram Replaces CEO Weeks After Massive Customer Data BreachRussian Charged by U.S. For Creating RedLine Infostealer MalwareThe Center for Urban Community Services (NY) Notifies 38,000 People of Recent Data BreachChenlun’s Evolving Phishing Tactics Target Trusted BrandsNew LightSpy Spyware Targets iOS with Enhanced CapabilitiesMassive PSAUX Ransomware Attack Targets 22,000 CyberPanel InstancesNew Research Reveals Spectre Vulnerability Persists in Latest AMD and Intel ProcessorsResearchers Uncover Vulnerabilities in Open-Source AI and ML ModelsNew Windows Themes Zero-Day Gets Free, Unofficial PatchesQNAP Fixes NAS Backup Software Zero-Day Exploited at Pwn2OwnHow to Find the Right CISORussia Says It Might Build Its Own Linux Community After Removal of Several Kernel Maintainers
10/28/2024 October 28, 2024October 28, 2024 ~ The Cyber Beat ~ Leave a comment Chinese Hackers Said to Have Collected Audio of American Calls…Including Trump AdvisorCybercriminals Pose a Greater Threat of Disruptive U.S. Election Hacks Than Russia or ChinaEvasive Panda’s CloudScout Toolset Targets TaiwanRussian Malware Campaign Targets Ukrainian Recruits Via TelegramJapanese Man Sentenced to 3 Years After Creating Crypto Ransomware With AIRedline, Meta Infostealer Malware Operations Seized by PoliceJPMorgan Chase Sues Scammers Following Viral ‘Infinite Money Glitch’Delta, CrowdStrike Sue Each Other Over Widespread IT Outage That Caused Thousands of CancellationsSinclair Sues Cyber Insurers Over 2021 HackCybersecurity Firm Rapid7 Fields Buyout Interest, Sources SayCyber Firm Armis Security Raises $200 Million at $4.3 Billion ValuationItalian Politicians Express Alarm at Latest Data Breach Allegedly Affecting 800,000 CitizensFree, France’s Second Largest ISP, Confirms Data Breach After LeakTEAM Software (NE) Confirms July 2024 Data Breach Impacting Thousands of SSNsWichita County (TX) Says 47,000 Had SSNs, Medical Treatment Info Leaked During May CyberattackOver 6,500 Patients Affected by Parkland Health in Dallas Possible Data BreachCybercriminals Use Webflow to Deceive Users into Sharing Sensitive Login CredentialsNew Type of Job Scam Targets Financially Vulnerable PopulationsAI-Powered BEC Scams Zero in on ManufacturersBeaverTail Malware Resurfaces in Malicious npm Packages Targeting DevelopersNew Tool Bypasses Google Chrome’s New Cookie Encryption SystemMozilla: ChatGPT Can Be Manipulated Using Hex CodePut End-of-Life Software to Rest
10/25-27/2024 October 27, 2024October 27, 2024 ~ The Cyber Beat ~ Leave a comment Chinese Hackers Are Said to Have Targeted Phones Used by Trump and Vance…Harris Campaign Too…U.S. Panel to Probe Cyber Failures in Massive ‘Salt Typhoon’ Chinese Hack of TelecomsKremlin-Linked APT29 Hackers Target Ukraine’s State, Military Agencies in New Espionage CampaignUkraine Warns of Mass Phishing Campaign Targeting Citizens DataSenator Accuses Sloppy Domain Registrars of Aiding Russian Disinfo CampaignsLinux Creator Approves De-Listing of Several Kernel Maintainers Associated With RussiaClaude AI Gets Bored During Coding Demonstration, Starts Perusing Photos of National Parks InsteadReuters Exposé of Hack-For-Hire World Is Back Online After Indian Court RulingDelta Sues CrowdStrike Over Software Update That Prompted Mass Flight DisruptionsAmazon Seizes Domains Used in Rogue Remote Desktop Campaign to Steal DataFour REvil Ransomware Members Sentenced in Rare Russian Cybercrime ConvictionsHenry Schein Discloses Data Breach a Year After Ransomware AttackRansomHub Gang Allegedly Behind Attack on Mexican Airport OperatorChimienti & Associates (CA) Experiences Data Breach Following Compromised Email AccountCommunity Dental (ME) Files Official Notice of Data Breach After Cyberattack Exposed Patients’ Sensitive InfoBlack Basta Ransomware Poses as IT Support on Microsoft Teams to Breach NetworksNotorious Hacker Group TeamTNT Launches New Cloud Attacks for Crypto MiningFog Ransomware Targets SonicWall VPNs to Breach Corporate NetworksResearchers Discover Command Injection Flaw in Wi-Fi Alliance’s Test SuiteNew Windows Driver Signature Bypass Allows Kernel Rootkit InstallsNew Cisco ASA and FTD Features Block VPN Brute-Force Password AttacksQNAP, Synology, Lexmark Devices Hacked on Pwn2Own Day 3…Over 70 Zero-Day Flaws Get Hackers $1 Million at Pwn2Own Ireland
10/24/2024 October 24, 2024October 24, 2024 ~ The Cyber Beat ~ Leave a comment White House Issues AI National Security MemoCybersecurity Teams Largely Ignored in AI Policy DevelopmentVoice-Enabled AI Agents Can Automate Everything, Even Your Phone ScamsApple Will Pay Security Researchers up to $1 Million to Hack Its Private AI CloudMeet ZachXBT, the Masked Vigilante Tracking down Billions in Crypto Scams and TheftsCourts Side With Auto Suppliers in Clash With Carmakers Over Vehicle Data AccessIreland Fines LinkedIn €310 Million Over Targeted AdvertisingCFPB Warns Industry Against ‘Deeply Invasive’ Workplace Digital SurveillanceUnitedHealth Says Change Healthcare Hack Affects Over 100 Million, the Largest Ever U.S. Healthcare Data Breach…How the Ransomware Attack at Change Healthcare Went Down: A TimelineInsurance Admin Landmark Says Data Breach Impacts 800,000 PeopleNew Qilin.B Ransomware Variant Emerges with Improved Encryption and Evasion TacticsMandiant Says New Fortinet Flaw Has Been Exploited Since JuneCisco Issues Urgent Fix for ASA and FTD Software Vulnerability Under Active AttackSamsung Galaxy S24 and Sonos Era Hacked on Pwn2Own Ireland Day 2Why Cybersecurity Acumen Matters in the C-Suite
10/23/2024 October 24, 2024October 24, 2024 ~ The Cyber Beat ~ Leave a comment Microsoft Warns Foreign Disinformation Is Hitting the U.S. Election From All DirectionsGeorgia Election Official Says Battleground State Fended off Cyberattack Likely From a Foreign CountryFormer British PM Cameron Calls for Tech Engagement with China Despite Cyber ThreatsU.S. Energy Sector Vulnerable to Supply Chain AttacksU.S. Government Pledges to Cyber Threat Sharing Via TLP ProtocolGoogle to Let Businesses Create Curated Chrome Web Stores for ExtensionsWhatsApp Now Encrypts Contact Databases for Privacy-Preserving SynchingKrebs: The Global Surveillance Free-for-All in Mobile Ad DataUK Government Weighs Review of Computer Misuse Act to Combat CybercrimeUK Court Says Dissident Can Sue the Saudi Government for Targeting Him With SpywareNigeria Drops Charges Against Tigran Gambaryan, Jailed Binance Exec and Former IRS AgentRussia Says ‘Unprecedented’ Cyber Attack Hits Foreign Ministry Amid BRICS SummitRhysida Ransomware Group Targets Prominent Nonprofit for Disabled People EastersealsData Breach at Autobell Car Wash Impacts 52,714 IndividualsEmbargo Ransomware Gang Deploys Customized Defense Evasion ToolsNew Grandoreiro Banking Malware Variants Emerge with Advanced Tactics to Evade DetectionRansomware Gangs Use LockBit’s Fame to Intimidate Victims in Latest AttacksResearchers Reveal ‘Deceptive Delight’ Method to Jailbreak AI ModelsLazarus Hackers Used Fake DeFi Game to Exploit Google Chrome Zero-DayCISA Warns of Active Exploitation of Microsoft SharePoint Vulnerability (CVE-2024-38094)Fortinet Warns of New Critical FortiManager Flaw Used in Zero-Day AttacksHackers Exploit 52 Zero-Days on the First Day of Pwn2Own Ireland
10/22/2024 October 22, 2024October 22, 2024 ~ The Cyber Beat ~ Leave a comment TSMC Blows Whistle on Potential Sanctions-Busting Shenanigans From HuaweiPrigozhin Links, Kremlin Funding Put Another Russian Media Company on U.S. ListForeign Influence Operations Will Expand Before Election and Linger Afterward, U.S. Agencies SayExposed United Nations Database Left Sensitive Information Accessible Online75% of US Senate Campaign Websites Fail to Implement DMARCThe Shitposting Cartoon Dogs Sending Trucks, Drones, and Weapons to Ukraine’s Front LinesSenators Seek Biden Administration Review of Undersea Cable VulnerabilitiesLLMjacking and Open-Source Tool Abuse Surge in 2024 Cloud AttacksAWS, Azure Auth Keys Found in Android and iOS Apps Used by MillionsMeta Brings Back Face Scanning to Combat Scams and Account HackingThink Tanks Urge Action to Curb Misuse of Spyware and Hack-for-HireSEC Charges Tech Firms Over Misleading SolarWinds Hack DisclosuresCISA Proposes New Security Requirements to Protect Gov’t, Personal DataGophish Framework Used in Phishing Campaigns to Deploy Remote Access TrojansBumblebee and Latrodectus Malware Return with Sophisticated Phishing StrategiesAkira Ransomware Is Encrypting Victims Again Following Pure Extortion FlingMalicious npm Packages Target Developers’ Ethereum Wallets with SSH BackdoorCybercriminals Exploiting Docker API Servers for SRBMiner Crypto Mining AttacksZendesk Helped Internet Archive Secure Account After Hacker Breached Email SystemSchreck Financial Group (KS) Experiences Email-Related Data BreachExploit Released for New Windows Server “WinReg” NTLM Relay AttackFortiGate Admins Report Active Exploitation 0-Day. Vendor Isn’t Talking.Security Flaw in Styra’s OPA Exposes NTLM Hashes to Remote AttackersCISA Adds ScienceLogic SL1 Vulnerability to Exploited Catalog After Active Zero-Day AttackVMware Releases vCenter Server Update to Fix Critical RCE VulnerabilityThe Struggle for Software Liability: Inside a ‘Very, Very, Very Hard Problem’
10/21/2024 October 21, 2024October 21, 2024 ~ The Cyber Beat ~ Leave a comment Hezbollah Cyberattack Targets Haifa Hospitals After Beirut Hospital BombingCyprus’ Critical Infrastructure Targeted by Coordinated Cyberattacks Linked to Pro-Palestine Groups‘Unprecedented’ Interference Targets Moldova’s ElectionsChina’s Spamouflage Disinformation Campaign Testing Techniques on Sen. Marco RubioChinese Nation-State Hackers APT41 Hit Gambling Sector for Financial GainU.S. Government Says Relying on Chinese Lithium Batteries Is Too RiskyBiden Administration Proposes New Rules Governing Data Transfers to Adversarial NationsICE’s $2 Million Contract With a Spyware Vendor Is Under White House ReviewSophos Buys Secureworks for $859 Mln to Beef up Cybersecurity PortfolioJapanese Watchmaker Casio Warns of Delivery Delays After Ransomware AttackCrypto Payment Services Firm Transak Says More Than 92,000 Affected by Data BreachSpate of Ransomware Attacks on German-Speaking Schools Hits Another in SwitzerlandNetskope Reports Possible Bumblebee Loader ResurgenceOver 6,000 WordPress Hacked to Install Plugins Pushing InfostealersResearchers Discover Severe Security Flaws in Major E2EE Cloud Storage ProvidersHalf of Organizations Have Unmanaged Long-Lived Cloud CredentialsThe Billionaire Behind Trump’s ‘Unhackable’ Phone Is on a Mission to Fight Tesla’s FSDAustralia’s Privacy Watchdog Publishes Guidance on Commercial AI Products
10/18-20/2024 October 20, 2024October 20, 2024 ~ The Cyber Beat ~ Leave a comment ESET Partner Breached to Send Data Wipers to Israeli OrgsNorth Korean IT Workers in Western Firms Now Demanding Ransom for Stolen DataThe Disinformation Warning Coming From the Edge of EuropeU.S. Cybersecurity Chief Says Election Systems Have ‘Never Been More Secure’What the U.S. Army’s 1959 ‘Soldier of Tomorrow’ Got Right About the Future of WarfareGoogle Scholar Has a ‘Verified Email’ for Sir Isaac NewtonMicrosoft Creates Fake Azure Tenants to Pull Phishers Into HoneypotsThe Government Is Getting Fed up With Ransomware Payments Fueling Endless Cycle of CyberattacksKrebs: Brazil Arrests ‘USDoD,’ Hacker in FBI Infragard BreachTech CEO Charged With Fraud Over Security, Reliability ClaimsAfter Rejecting Google Takeover, Cyber Firm Wiz Says It Will IPO ‘When the Stars Align’Instagram Rolls Out New Sextortion Protection MeasuresEurope Launches ‘Gait Recognition’ Pilot Program to Monitor Border CrossingsTech Giant Nidec Confirms Data Breach Following Ransomware AttackCisco Takes DevHub Portal Offline After Hacker Publishes Stolen DataCrypto Platform Radiant Capital Says $50 Million in Digital Coins Stolen Following Account CompromisesThe Internet Archive Hackers Still Have Access to Its Internal Emailing ToolsBoston Children’s Health Physicians Confirms September Data BreachCrypt Ghouls Targets Russian Firms with LockBit 3.0 and Babuk Ransomware AttacksHackers Exploit Roundcube Webmail XSS Vulnerability to Steal Login CredentialsCISA Confirms Veeam Vulnerability Is Being Used in Ransomware AttacksIntel, AMD CPUs on Linux Impacted by Newly Disclosed Spectre BypassmacOS Vulnerability Could Expose User Data, Microsoft WarnsJetpack Fixes 8-Year-Old Flaw Affecting Millions of WordPress SitesOpen Source LLM Tool Primed to Sniff out Python Zero-DaysCISOs: Throwing Cash at Tools Isn’t Helping Detect Breaches
10/17/2024 October 18, 2024October 20, 2024 ~ The Cyber Beat ~ Leave a comment Hamas Leader Yahya Sinwar Killed in Gaza, Israeli Military SaysIntel China Responds to Accusations of Security Issues From Chinese Cyber AssociationUndercover North Korean IT Workers Now Steal Data, Extort EmployersTwo-thirds of Attributable Malware Linked to Nation StatesGPS Jamming Is Screwing With Norwegian PlanesThis Prompt Can Make an AI Chatbot Identify and Extract Personal Details From Your ChatsActivision Says It’s Fixed an Anti-cheat Hack in Modern Warfare III and Call of Duty: WarzoneUncle Sam Puts $10M Bounty on Russian Troll Farm RybarMore Than 5,000 Arrested, Thousands of Websites Disrupted in Crackdown on Illegal Gambling During Euro TournamentFBI Arrests Alabama Man Suspected of Hacking SEC’s X AccountKrebs: Sudanese Brothers Arrested in ‘AnonSudan’ TakedownUkraine Tracks Emailed Bomb Threats to Russia-Linked GroupA Tough New EU Cyber Law Is off to a Messy Start, With Many Countries Failing to Adopt the RulesKroger’s Facial Recognition Plans Draw Increasing Concern From LawmakersJapan’s Ruling Political Party Hit by Cyberattack From Alleged Pro-Russian HackersIndependent Russian News Site Rides Out a Week of DDoS IncidentsMicrosoft Warns It Lost Some Customer’s Security Logs for a MonthTroubled U.S. Insurance Giant Globe Life Hit by Extortion After Data LeakCasio Says ‘No Prospect of Recovery Yet’ After Ransomware AttackInternet Archive Slowly Revives After DDoS BarrageBianLian Ransomware Claims Attack on Boston Children’s Health PhysiciansGeorgetown University Says Group of Students Accessed Sensitive, Academic InformationRussian RomCom Attacks Target Ukrainian Government with New SingleCamper RAT VariantFake Google Meet Conference Errors Push Infostealing MalwareCicada3301 Ransomware Targets Critical Sectors in US and UKRansomHub Overtakes LockBit as Most Prolific Ransomware GroupWeChat Devs Introduced Security Flaws When They Modded TLS, Say ResearchersCISA Seeks Feedback on Upcoming Product Security Flaws GuidanceWhat Cybersecurity Leaders Can Learn From the Game of Golf
10/16/2024 October 17, 2024October 17, 2024 ~ The Cyber Beat ~ Leave a comment China’s New Focus in U.S. Elections Interference Is Not Harris-Trump Presidential RaceChinese Cyber Association Calls for Review of Intel Products Sold in ChinaChina Says Unidentified Foreign Company Conducted Illegal Mapping ServicesFirm Hacked After Accidentally Hiring North Korean Cyber CriminalIranian Hackers Act as Brokers Selling Critical Infrastructure AccessMystery Drones Swarmed a U.S. Military Base for 17 Days. The Pentagon Is Stumped.Hacker Charged With Seeking to Kill Using Cyberattacks on HospitalsUSDoD Hacker Behind National Public Data Breach Arrested in BrazilRussia’s Case Against REvil Hackers Proceeds as Government Recommends 6.5-Year SentenceFor Some Companies, the Real Cost of a Cyberattack Is Telling Everyone About ItFinancial Firms Need to Focus on Cyber Risks Posed by AI, New York Regulator SaysEU AI Act Checker Reveals Big Tech’s Compliance PitfallsEthical Hackers Embrace AI Tools Amid Rising Cyber ThreatsUK Government Launches AI Safety Scheme to Tackle DeepfakesExperts Play Down Significance of Chinese Quantum “Hack”BlackBerry Exploring Options for Cylance BusinessMore Than Two Dozen Countries Have Used Internet Outages to Sway ElectionsVolkswagen Monitoring Data Dump Threat From 8Base Ransomware CrewBillboards Reportedly Hacked, Displayed Antisemitic Messages in Chicago SuburbTexas Tech Health Network Cyber Attack Disrupts Patient Care in El PasoHackers Target Ukraine’s Potential Conscripts With MeduzaStealer MalwareNorth Korean ScarCruft Exploits Windows Zero-Day to Spread RokRAT MalwareSidewinder Casts Wide Geographic Net in Latest Attack SpreeAstaroth Banking Malware Resurfaces in Brazil via Spear-Phishing AttackCISA Warns of Active Exploitation in SolarWinds Help Desk Software VulnerabilityCritical Default Credential Bug in Kubernetes Image Builder Allows SSH Root AccessGitHub Patches Critical Flaw in Enterprise Server Allowing Unauthorized Instance AccessGoogle: 70% of Exploited Flaws Disclosed in 2023 Were Zero-DaysCISA Urges Improvements in U.S. Software Supply Chain TransparencyFIDO Alliance Drafts New Protocol to Simplify Passkey Transfers Across Different PlatformsAmazon Says 175 Million Customers Now Use Passkeys to Log In
10/15/2024 October 15, 2024October 15, 2024 ~ The Cyber Beat ~ Leave a comment Microsoft: Nation-States Team Up with Cybercriminals for AttacksChina Accuses U.S. of Fabricating Volt Typhoon to Hide Its Own Hacking CampaignsBritish Intelligence Services to Protect All UK Schools From Ransomware AttacksNearly 400 U.S. Healthcare Institutions Hit with Ransomware Over Last Year, Microsoft SaysPassword Manager Makers Want to Let You Securely Transfer PasskeysMillions of People Are Using Abusive AI ‘Nudify’ Bots on TelegramThis AI Tool Helped Convict People of Murder. Then Someone Took a Closer LookAI Amplifies Systemic Risk to Financial Sector, Says India’s Reserve Bank BossGmail Users, Beware of New AI Scam That Looks Very AuthenticThis Influencer Was Scammed Out of Thousands in Crypto — And Has a Tip to Help You Avoid FraudHong Kong Police Bust Fraud Ring That Used Face-Swapping Tech for Romance ScamsFinland Seizes Servers of ‘Sipultie’ Dark Web Drugs MarketDarknet Activity Increases Ahead of 2024 Presidential VoteCisco Investigates Breach After Stolen Data for Sale on Hacking ForumCalgary Public Library Forced to Limit Services After CyberattackGryphon Healthcare (TX) Admits up to 400,000 People’s Personal Info Was SnatchedVarsity Brands (TX) Notifies 65,669 of May 2024 Data BreachEDRSilencer Red Team Tool Used in Attacks to Bypass SecurityCerberus Android Banking Trojan Deployed in New Multi-Stage Malicious CampaignNew Malware Campaign Uses PureCrypter Loader to Deliver DarkVision RATNew Linux Variant of FASTCash Malware Targets Payment Switches in ATM HeistsEight Million Users Install 200+ Malicious Apps from Google PlayResearchers Uncover Hijack Loader Malware Using Stolen Code-Signing CertificatesWordPress Plugin Jetpack Patches Major Vulnerability Affecting 27 Million SitesThe Cybersecurity Burnout Crisis Is Reaching The Breaking PointLLMs Are a New Type of Insider Adversary
10/14/2024 October 14, 2024October 14, 2024 ~ The Cyber Beat ~ Leave a comment Microsoft: Schools Grapple With Thousands of Cyberattacks WeeklyNation-State Attackers Exploiting Ivanti CSA Flaws for Network InfiltrationU.S. DoD Tightens Cybersecurity Standards for Defense ContractorsThe War on Passwords Is One Step Closer to Being OverCrypto-Apocalypse Soon? Chinese Researchers Find a Potential Quantum Attack on Classical EncryptionThe Biggest Data Breaches in 2024: 1 Billion Stolen Records and RisingConfusedPilot Attack Can Manipulate RAG-Based AI SystemsJetpack Fixes Critical Information Disclosure Flaw Existing Since 2016Intesa Under Investigation After Former Employee Spied on Account DataThe Internet Archive Is Back as a Read-Only Service After CyberattacksPokemon Dev Game Freak Confirms Breach After Stolen Data Leaks OnlinemiCare Health Center (MT) Sends Data Breach Letters Following Compromised Email AccountsTelekopye Scammers Target Booking.com and Airbnb UsersTrickMo Malware Steals Android PINs Using Fake Lock ScreenRecently-Patched Firefox Bug Exploited Against Tor Browser Users
10/11-13/2024 October 14, 2024October 14, 2024 ~ The Cyber Beat ~ Leave a comment Russian Court Websites Down After Breach Claimed by Pro-Ukraine HackersU.S. Lawmakers Seek Answers From Telecoms on Chinese Hacking ReportPhilippines Calls for Urgency From China, ASEAN in Negotiating South China Sea CodeTrump Campaign Turns to Secure Hardware After Hacking IncidentGroup With Close Ties to Trump Transition Says It Was Targeted in Cyber AttackHackers Took Over Robovacs to Chase Pets and Yell SlursThe FBI Made a Crypto Coin Just to Catch Fraudsters‘Email Scam’ Was Training Exercise, Says RegulatorWhat Internet Data Brokers Have On You — And How You Can Start to Get It BackHow to Stop Your Data From Being Used to Train AIOpenAI Confirms Threat Actors Use ChatGPT to Write MalwareU.S. Border Agency Under Fire for App’s Handling of Personal DataNational Public Data Files for Bankruptcy, Citing Fallout From CyberattackItaly’s Intesa Sanpaolo Apologises for Security Breach Involving PM MeloniCyberattack Targets Healthcare Nonprofit Overseeing 13 Colorado FacilitiesHuge Game Freak Hack Leaks Next Pokémon GameThe Internet Archive Is Still Down but Will Return in ‘Days, Not Weeks’Casio Confirms Customer Data Stolen in a Ransomware AttackOmni Family Health (CA) Breach Affects Personal Info of Current and Former PatientsOilRig Exploits Windows Kernel Flaw in Espionage Campaign Targeting UAE and GulfINC Ransomware Rebrands to Lynx – Same Code, New Name, Still up to No GoodGitHub, Telegram Bots, and ASCII QR Codes Abused in New Wave of Phishing AttacksCISA: Hackers Abuse F5 BIG-IP Cookies to Map Internal ServersGoogle Warns uBlock Origin and Other Extensions May Be Disabled SoonMicrosoft Deprecates PPTP and L2TP VPN Protocols in Windows Server
10/10/2024 October 11, 2024October 11, 2024 ~ The Cyber Beat ~ Leave a comment U.S., UK Warn of Russian APT29 Hackers Targeting Zimbra, TeamCity ServersNSA Cyber Chief: Espionage Is Now Russia’s Focus for Cyberattacks on UkraineUkraine Arrests Rogue VPN Operator Providing Access to RunetRussian Cyber Firm Dr.Web Denies Data Leak by Pro-Ukraine Hackers‘Q Day’ Is Coming. It’s Time to Worry About Quantum Security.Meet the Team Paid to Break Into Top-Secret BasesOpenAI Blocks 20 Global Malicious Campaigns Using AI for Cybercrime and DisinformationFormer RAC Employees Get Suspended Sentence for Data TheftNew Law in Australia Will Require Mandatory Reporting of Ransomware PaymentsOver 10m Conversations Exposed in AI Call Center HackFore-Get About Privacy, Golf Tech Biz Trackman Leaves 32M Data Records on the FairwayCrooks Stole Personal Info of 77K Fidelity Investments CustomersShoe Show (NC) Data Breach Affects an Estimated 12,856 IndividualsUnderground Ransomware Claims Attack on Casio, Leaks Stolen DataCybercriminals Use Unicode to Hide Mongolian Skimmer in E-Commerce PlatformsAkira and Fog Ransomware Now Exploit Critical Veeam RCE FlawResearchers Uncover Major Security Vulnerabilities in Industrial MMS Protocol LibrariesGitLab Warns of Critical Arbitrary Branch Pipeline Execution Flaw
10/9/2024 October 9, 2024October 9, 2024 ~ The Cyber Beat ~ Leave a comment National Cyber Director Warns of Ransomware, Chinese Infrastructure Attacks and Cyber Supply Chain ConcernsFTC, CISA Warn of Hurricane-Related Scams as Milton Nears FloridaRecent Dr.Web Cyberattack Claimed by Pro-Ukrainian HacktivistsRussia and Turkey Ban Discord Messaging AppFormer Uber Security Chief Appeals Conviction in ‘Bug-Bounty’ CaseKrebs: Lamborghini Carjackers Lured by $243M Cyberheist69,000 Bitcoins Are Headed for the U.S. TreasuryMexico Faces Over Half of Latin American Cybercrimes Due Largely to U.S. TiesAustralia Introduces First Standalone Cybersecurity LawNew EU ‘Appeals Centre Europe’ to Centralize Complaints Against Facebook, TikTok, YouTubeApple’s iPhone Mirroring Flaw Exposes Employee Privacy RisksSmart TVs Are Spying on EveryoneMarriott Settles for a Piddly $52M After Series of Breaches Affecting MillionsDutch Police Arrest Admin of ‘Bohemia/Cannabia’ Dark Web MarketUkraine Sentences Two Hackers From Russia-Linked Armageddon GroupThe Internet Archive Is Under Attack, With a Breach Revealing Information for 31 Million AccountsCalifornia Superior Court Claimed to Be Attacked by Meow RansomwareCrypto-Stealing Malware Campaign Infects 28,000 PeopleNew BeaverTail Malware Targets Job Seekers via Fake RecruitersN. Korean Hackers Use Fake Interviews to Infect Developers with Cross-Platform MalwareNew Generation of Malicious QR Codes Uncovered by ResearchersHackers Hide Remcos RAT in GitHub Repository CommentsSiemens Device PIN Susceptible to Remote Brute-Force in Older ModelMozilla Fixes Firefox Zero-Day Actively Exploited in AttacksCISA Says Critical Fortinet RCE Flaw Now Exploited in AttacksPalo Alto Networks Warns of Firewall Hijack Bugs With Public ExploitKrebs: Patch Tuesday, October 2024 EditionGoogle Joins Forces with GASA and DNS RF to Tackle Online Scams at ScaleCloud, AI Talent Gaps Plague Cybersecurity Teams
10/8/2024 October 8, 2024October 8, 2024 ~ The Cyber Beat ~ Leave a comment U.S. Warns of Foreign Interference in Congressional Races Ahead of Election…U.S. Expecting Foreign Actors to Question Validity of ElectionEU Condemns Russia After Detecting ‘Increasing Number’ of Hybrid ActivitiesUkraine’s Defense Ministry Launches Military CERT to Counter Russian Cyberattacks31 New Ransomware Groups Join the Ecosystem in 12 MonthsNew Mamba 2FA Bypass Service Targets Microsoft 365 AccountsWhat Google’s U-Turn on Third-Party Cookies Means for Chrome PrivacyCyber Providers See Strong Demand, but Few Feel Confident Enough to ListCould You Switch Careers Into Cyber-Security?The Perils of Ignoring Cybersecurity BasicsCyberattack Group ‘Awaken Likho’ Targets Russian Government with Advanced ToolsHome Security Firm ADT Inc Reports Unauthorized Activity on Its NetworkMoneyGram Confirms Hackers Stole Customer Data in CyberattackCasio Reports IT Systems Failure After Weekend Network BreachVermilion Parish Schools (LA) Investigating Cyber AttackAccounting Firm Dohman, Akerlund & Eddy (NE) Files Notice of Recent Data BreachGamers Tricked Into Downloading Lua-Based Malware via Fake Cheating Script EnginesNew Scanner Finds Linux, UNIX Servers Exposed to CUPS RCE AttacksZero-Day Alert: Three Critical Ivanti CSA Vulnerabilities Actively ExploitedMicrosoft October 2024 Patch Tuesday Fixes 5 Zero-Days, 118 Flaws
10/7/2024 October 7, 2024October 7, 2024 ~ The Cyber Beat ~ Leave a comment Advanced Threat Group GoldenJackal Exploits Air-Gapped SystemsVulnerable APIs and Bot Attacks Costing Businesses Up to $186 Billion AnnuallyBoard-CISO Mismatch on Cyber Responsibility, NCSC Research FindsGet Safe Online Launches New Scam DetectorUkrainian Pleads Guilty to Operating Raccoon Stealer MalwareTelegram App Hosts ‘Underground Markets’ for Southeast Asian Crime Gangs, UN SaysCops Love Facial Recognition, and Withholding Info on Its Use From the CourtsEU Court Limits Meta’s Use of Personal Facebook Data for Targeted AdsUN Cybercrime Treaty Lead Negotiator: U.S. Will Suffer if It Doesn’t Vote YesHacker Attack Disrupts Russian State Media on Putin’s BirthdayAmerican Water Shuts Down Online Services After CyberattackUniversal Music Group Admits Data BreachWestern & Southern Life Files Notice of Data BreachNew Gorilla Botnet Launches Over 300,000 DDoS Attacks Across 100 CountriesRecently Spotted Trinity Ransomware Spurs Federal Warning to Healthcare IndustryGoogle Blocks Unsafe Android App Sideloading in India for Improved Fraud ProtectionCritical Apache Avro SDK Flaw Allows Remote Code Execution in Java ApplicationsQualcomm Patches High-Severity Zero-Day Exploited in AttacksCybersecurity Is Serious — But It Doesn’t Have to Be Boring
10/4-6/2024 October 6, 2024 ~ The Cyber Beat ~ Leave a comment U.S. Wiretap Systems Targeted in China-Linked HackHospitals at Risk for Cyber AttacksHotels and Travel Firms Battle AI Phone ScamsTech Platforms Urged to Tackle Hamas’ and Hezbollah’s Online PropagandaThis Teenage Hacker Became a Legend Attacking Companies. Then His Rivals Attacked Him.Ryanair Faces GDPR Turbulence Over Customer ID ChecksHarvard Duo Hacks Meta Ray-Bans to Dox Strangers on Sight in SecondsHow Confidence Between Teams Impacts Cyber Incident OutcomesGoogle Removes Kaspersky’s Antivirus Software From Play StoreRussia Arrests U.S.-Sanctioned Cryptex Founder, 95 Other Linked SuspectsIndiana Man Pleads Guilty to Stealing $37 Million in Crypto From 571 VictimsWhite House Official Says Insurance Companies Must Stop Funding Ransomware PaymentsCriminals Are Testing Their Ransomware Campaigns in AfricaLego’s Website Was Hacked to Promote a Crypto ScamAbout a Quarter Million Comcast Subscribers Had Their Data Stolen From Debt Collector…Comcast and Truist Bank Customers Caught up in FBCS Data BreachWard Transport Sends Data Breach Letters Following “Data Security Incident”Outlast Game Development Delayed After Red Barrels CyberattackHighline Public Schools Confirms Ransomware Behind ShutdownMoneyGram: No Evidence Ransomware Is Behind Recent CyberattackNew MedusaLocker Ransomware Variant Deployed by Threat ActorRecently Patched CUPS Flaw Can be Used to Amplify DDoS AttacksApple Releases Critical iOS and iPadOS Updates to Fix VoiceOver Password VulnerabilityA New Android Feature Locks Your Screen if Your Phone Is StolenGoogle Is Testing Verified Checkmarks in SearchGoogle Pay Alarms Users With Accidental ‘New Card’ Added Emails
10/3/2024 October 3, 2024October 3, 2024 ~ The Cyber Beat ~ Leave a comment Microsoft and U.S. Government Disrupt Russian Star Blizzard OperationsNorth Korean Hackers Using New VeilShell Backdoor in Stealthy Cyber AttacksTikTok More Dangerous to Ukraine Than Telegram for Propaganda, Say Local Disinformation ExpertsUnable to Penetrate Systems, Hackers Spread Lies About VulnerabilitiesCrypto-Doubling Scams Surge Following Presidential DebateLicense Plate Readers Are Creating a U.S.-Wide Database of More Than Just CarsWhat Is the Market Impact of the SEC’s Cyber Disclosure Rules? Not Much.Cybersecurity Spending on the Rise, But Security Leaders Still Feel VulnerableAverage North American CISO Pay Now $565K, Mainly Thanks to One Weird TrickBrits Hate How Big Tech Handles Their Data, but Can’t Be Bothered to Do Much About ItFraudsters Imprisoned for Scamming Apple Out of 6,000 iPhones23andMe is On the Brink. What Happens to All Its DNA Data?Dutch Police: ‘State Actor’ Likely Behind Recent Data BreachDetroit-Area Government Services Impacted by CyberattackFind Great People (SC) Data Breach Affects Personal Information of 12,205 IndividualsNew Perfctl Malware Targets Linux Servers for Cryptocurrency Mining and ProxyjackingCloudflare Blocks Largest Recorded DDoS Attack Peaking at 3.8TbpsKrebs: A Single Cloud Compromise Can Feed an Army of AI Sex BotsThe Secret Weakness Execs Are Overlooking: Non-Human IdentitiesEmail Phishing Attacks Surge as Attackers Bypass Security Controls‘Pig Butchering’ Trading Apps Found on Google Play, App StoreLitespeed Cache Plugin Flaw Allows XSS Attack, Update NowGoogle Adds New Pixel Security Features to Block 2G Exploits and Baseband AttacksAs Ransomware Attacks Surge, UK Privacy Regulator Investigating Fewer Incidents Than EverNorthern Ireland Police Fined for Data Breach Exposing Secret Identities of Officers
10/2/2024 October 2, 2024October 3, 2024 ~ The Cyber Beat ~ Leave a comment Cybersecurity Head Says There’s No Chance a Foreign Adversary Can Change U.S. Election Results, Not Even RussiaChina-Linked CeranaKeeper Targeting Southeast Asia with Data ExfiltrationLazarus: Andariel Hacking Group Shifts Focus to Financial Attacks on U.S. OrganizationsHow North Korea Infiltrated the Crypto IndustryUK’s Nuclear Waste Unit Sellafield Fined for Cybersecurity FailingsThe Feds Still Can’t Get into Eric Adams’ PhoneFCC Is Offering $200 Million to Protect Schools and Libraries From HackersPay Rises for Cyber Chiefs as Hacks, Regulatory Pressure IncreaseShare of Women in UK Cyber Roles Now Just 17%Meta Teams Up with Banks to Target FraudstersTelegram Has Disclosed Criminal Data to Authorities for Years, Durov SaysFIN7 Hackers Launch Deepfake Nude “Generator” Sites to Spread MalwareFake Browser Updates Spread Updated WarmCookie MalwareInternational Police Dismantle Cybercrime Group in West AfricaTIAA Latest Big Firm to Report Data Breach and HackEmpereon Constar Announces Data Breach Following Incident at Partner CompanyHackers Pose as British Postal Carrier to Deliver Prince Ransomware in Destructive CampaignFake Job Applications Deliver Dangerous More_eggs Malware to HR ProfessionalsPyPI Repository Found Hosting Fake Crypto Wallet Recovery Tools That Steal User DataFake Trading Apps Target Victims Globally via Apple App Store and Google PlayAlert: Adobe Commerce and Magento Stores Under Attack from CosmicSting ExploitCritical Ivanti RCE Flaw With Public Exploit Now Used in AttacksResearchers Warn of Ongoing Attacks Exploiting Critical Zimbra Postjournal FlawAlert: Over 700,000 DrayTek Routers Exposed to Hacking via 14 New VulnerabilitiesExperts Warn of DDoS Attacks Using Linux Printing VulnerabilityTwo Simple Give-Me-Control Security Bugs Found in Optigo Network Switches Used in Critical Manufacturing
10/1/2024 October 1, 2024October 1, 2024 ~ The Cyber Beat ~ Leave a comment Iran Fires at Least 180 Missiles Into Israel as Regionwide Conflict GrowsU.S. Accuses Iran of Hacking Former Ambassador to Israel and State Dept. OfficialNotorious Evil Corp Hackers Targeted NATO Allies for Russian IntelligenceICE Signs $2 Million Contract With Spyware Maker Paragon SolutionsKrebs: Crooked Cops, Stolen Laptops & the Ghost of UGNaziEuro Cops Arrest 4 Including Suspected LockBit Dev Chilling on HolidayNCA Unmasks Man It Suspects Is Both ‘Evil Corp Kingpin’ and LockBit AffiliateBritish Hacker Charged in the U.S. For $3.75m Insider Trading SchemeCambodia Arrests Journalist Known for Exposing Cyber Scams and Human TraffickingCalifornia Passes Car Data Privacy Law to Protect Domestic Abuse SurvivorsCybersecurity Firm Proofpoint Considers Pre-IPO Funding as It Plots a Return to Public MarketsRackspace Monitoring Data Stolen in ScienceLogic Zero-Day AttackAustralian e-Tailer digiDirect Customers’ Info Allegedly Stolen and dDumped OnlineCommunity Clinic of Maui Says 123,000 Affected by May CyberattackGlobal Wafers Subsidiary, MEMC, Confirms Recent Data BreachRansomware Attack Forces UMC Health System to Divert Some PatientsThe Playstation Network Is Down in a Global OutageFree Sniper Dz Phishing Tools Fuel 140,000+ Cyber Attacks Targeting User CredentialsAI-Powered Rhadamanthys Stealer Targets Crypto Wallets with Image RecognitionNew Cryptojacking Attack Targets Docker API to Create Malicious Swarm BotnetArc Browser Launches Bug Bounty Program After Fixing RCE BugMicrosoft Overhauls Security for Publishing Edge Extensions
9/30/2024 September 30, 2024September 30, 2024 ~ The Cyber Beat ~ Leave a comment Watch Out for Hurricane Helene Donation ScamsUK and U.S. Warn of Growing Iranian Spear Phishing ThreatU.S. Sets New Rule That Could Spur AI Chip Shipments to the Middle EastU.S. State CISOs Struggling With Insufficient Cybersecurity Funding…Systems Used by Courts and Governments Across the U.S. Riddled With VulnerabilitiesThe Pig Butchering Invasion Has BegunU.S. Reaches $31.5 Million Settlement With T-Mobile Over Data BreachesMan Charged for Selling Forged License Keys for Network SwitchesRemote ID Verification Tech Is Often Biased, Bungling, and No Good on Its OwnMedia Giant AFP Hit by Cyberattack Impacting News Delivery ServicesCF Medical Data Breach Stems from Incident at Financial Business and Consumer SolutionsVerizon Outage Impacts 100,000 Plus Users Across U.S.Sloppy Entra ID Credentials Attract Hybrid Cloud RansomwareCritical Flaws in Tank Gauge Systems Expose Gas Stations to Remote AttacksCritical RCE Vulnerabilities Found in Common Unix Printing SystemMicrosoft Defender Adds Detection of Unsecure Wi-Fi NetworksJPCERT Shares Windows Event Log Tips to Detect Ransomware AttacksHere’s What to Expect From the Counter Ransomware Initiative Meeting This Week
9/27-29/2024 September 29, 2024September 29, 2024 ~ The Cyber Beat ~ Leave a comment As Hezbollah Threat Loomed, Israel Built up Its Spy AgenciesPentagon Gives Thumbs-Down to Cyber Service Proposal in Defense BillsTesla’s Cybertruck Goes, Inevitably, to WarGovernments Urge Improved Security and Resilience for Undersea CablesWhy It’s Time to Take Warnings About Using Public Wi-Fi, in Places Like Airports, SeriouslyWatch: Can BBC Reporter’s AI Clone Fool His Colleagues?How Pen and Paper Comes to the Rescue in an IT CrisisThe U.S. Government Wants to Cut out Some of Its Weirdest Password RulesIrish Data Protection Commission Fines Meta $102 Million for Storing Passwords in Plain TextUK National Hacked Public Companies for Stock Trading Intel, DOJ SaysAll Dutch Police Officers’ Contact Details Stolen in CyberattackRichmond Community Schools (IN) Suffers Ransomware AttackRansomware Attack Continues at UMC Hospital in Lubbock (TX)Amgen (CA) Announces Third-party Data Breach from Incident at Sirva RelocationMicrosoft Identifies Storm-0501 as Major Threat in Hybrid Cloud Ransomware AttacksNew HTML Smuggling Campaign Delivers DCRat Malware to Russian-Speaking UsersProgress Urges Admins to Patch Critical Whatsup Gold Bugs ASAPMicrosoft: Windows Recall Now Can Be Removed, Is More SecureHow Should CISOs Navigate the SEC Cybersecurity and Disclosure Rules?Red Team Hacker on How She ‘Breaks Into Buildings and Pretends to Be the Bad Guy’
9/26/2024 September 26, 2024September 26, 2024 ~ The Cyber Beat ~ Leave a comment Hurricane Helene Prompts CISA Fraud WarningRussia-Backed Gamaredon Still ‘Most Engaged’ Hacker Group in UkraineN. Korean Hackers Deploy New KLogEXE and FPSpy Malware in Targeted AttacksCloudflare Warns of India-Linked Hackers Targeting South and East Asian EntitiesWatering Hole Attack on Kurdish Sites Distributing Malicious APKs and SpywareIsraeli Military Chief Says Troops Are Preparing for Ground War in Lebanon…Amid Air Strikes and Rockets, an SMS From the EnemyFears of Weakness in Water Cybersecurity Grow After Kansas AttackIranians Indicted in Connection With Trump Campaign HackKrebs: U.S. Indicts 2 Top Russian Hackers, Sanctions CryptexYork Mayor Eric Adams Is Indicted After Years-Long Federal Corruption Investigation Into Bribery and Fraud…Told FBI He Forgot His Phone’s Passcode…Don’t Ever Hand Your Phone to the CopsOver a Third of Employees Secretly Sharing Work Info with AINIST Scraps Passwords Complexity and Mandatory Changes in New GuidelinesChicago Stops Using Controversial ShotSpotter Gunshot Detection SystemKuwait Health Ministry Restoring Systems After Cyberattack Takes Down Hospitals, Healthcare AppData Breach at MC2 Data Leaves 100 Million at Risk of Fraud58K Patients Have Health Info Possibly Exposed in Michigan Medicine BreachRoss, Anglim, Angelini & Co. (NJ) Breach Compromises an Unknown Number of Social Security NumbersCybercriminals Hack UK Rail Network Wi-Fi…Man Arrested After ‘Islamophobic’ Cyber Attack Hits London Stations Wi-FiMoneyGram Services Restored but Questions Remain About Cyber IncidentRichardson (TX) Working With FBI to Address Attempted Ransomware AttackFirst Mobile Crypto Drainer ‘WalletConnect’ Found on Google PlayMalicious Ads Hide Infostealer in League of Legends ‘Download’Automattic Blocks WP Engine’s Access to WordPress ResourcesCUPS Flaws Enable Linux Remote Code Execution, but There’s a CatchMillions of Kia Vehicles Could Be Hacked and Tracked Due to a Simple Website BugPatch Now: Critical Nvidia Bug Allows Container Escape, Complete Host TakeoverHPE Patches Three Critical Security Holes in Aruba PapiTails OS Merges With Tor Project for Better Privacy, Security
9/25/2024 September 26, 2024September 26, 2024 ~ The Cyber Beat ~ Leave a comment China-Linked Hackers Breach U.S. Internet Providers in New ‘Salt Typhoon’ CyberattackU.S. House Bill Addresses Growing Threat of Chinese Cyber ActorsBiden Meets Vietnam Leader to Counter Hanoi’s Ties With China and RussiaDonald Trump Briefed on Suspected Iranian Assassination PlotOpenAI Chief Technology Officer Mira Murati Says She’s Leaving Artificial Intelligence Company…OpenAI to Become For-Profit CompanyGoogle Paid $2.7 Billion to Bring Back an AI Genius Who Quit in FrustrationSurging AI Demand Could Cause the World’s Next Chip Shortage, Research SaysHow Apple and Microsoft’s Trusted Brands Are Being Used to Scam You Online82% of Phishing Sites Now Target Mobile DevicesCaroline Ellison, Former FTX Executive, Sentenced to 24 Months in PrisonKrebs: Timeshare Owner? The Mexican Drug Cartels Want YouChina Claims Taiwan, Not Civilians, Behind Web VandalismRansomHub Genius Tries to Put the Squeeze on Delaware LibrariesModified LockBit and Conti Ransomware Shows up in DragonForce Gang’s AttacksTransportation Companies Hit by Cyberattacks Using Lumma Stealer and NetSupport MalwareCISA: Hackers Target Industrial Systems Using “Unsophisticated Methods”Study Finds Many European Car Resellers Fail to Delete Driver DataConnecting Your Phone to Rental Car Infotainment System? There Is a Big, Hidden Privacy RiskPwn2Own Auto Offers $500K for Tesla HacksChatGPT macOS Flaw Could’ve Enabled Long-Term Spyware via Memory FunctionGoogle’s Shift to Rust Programming Cuts Android Memory Vulnerabilities by 52%Google Sees 68% Drop in Android Memory Safety Flaws Over 5 YearsMozilla Faces Privacy Complaint for Enabling Tracking in Firefox Without User Consent
9/24/2024 September 24, 2024September 24, 2024 ~ The Cyber Beat ~ Leave a comment Sweden Accuses Iran of Hacking Text Messaging Service Last Year After Public Koran BurningsTrump Campaign’s Suspected Iranian Hack May Still Be HappeningU.S. Capitol Hit by Massive Dark Web Cyber Attack: ReportsState Department Cyber Bureau Preps Funding Blitz Aimed at Boosting Allies’ DefensesRussia-Backed Media Outlets Are Under Fire in the U.S.—but Still Trusted WorldwideTikTok Blocks Dozens of Kremlin-Backed Media AccountsHow to Spot a North Korean Agent Before They Get Comfy Inside PayrollThreat Actors Shift to JavaScript-Based Phishing AttacksHackers Deploy AI-Written Malware in Targeted AttacksCrowdStrike Boss Apologises for Global IT OutageCybersecurity Incident Affects Arkansas City Water Treatment FacilityThe Centers for Medicare & Medicaid Services Says Data Breach Impacted 3.1 Million PeopleTwilio Purportedly Breached, Nearly 12K Call Records CompromisedAutoCanada Says Ransomware Attack “May” Impact Employee DataOne Point HR Solutions (OH) Data Breach Affects an Unknown Number of ConsumersRomCom Malware Resurfaces With SnipBot VariantNew Octo2 Malware Variant Threatens Mobile Banking SecurityInfostealer Malware Bypasses Chrome’s New Cookie-Theft DefensesCritical Ivanti vTM Auth Bypass Bug Now Exploited in Attacks
9/23/2024 September 23, 2024September 23, 2024 ~ The Cyber Beat ~ Leave a comment Dozens of Fortune 100 Companies Have Unwittingly Hired North Korean IT Workers, According to ReportU.S. Intelligence Agencies Confirm Russia Is Pushing Fake Videos of Kamala HarrisChinese Hackers Exploit GeoServer Flaw to Target APAC Nations with EAGLEDOOR MalwareRussian Cyber-Attacks Home in on Ukraine’s Military InfrastructureU.S. Proposes Ban on Chinese, Russian Connected Car Tech Over Security FearsMicrosoft’s Largest Ever Security Transformation Detailed in New ReportWhy ‘Never Expire’ Passwords Can Be a Risky DecisionUPS Supplier’s Password Policy Flip-Flops From Unlimited, to 32, Then 64 CharactersTelegram Will Now Hand Over Your Phone Number and IP if You’re a Criminal SuspectKaspersky Deletes Itself, Installs UltraAV Antivirus Without WarningIsraeli Tech Sector Resilient but Faces Funding Uncertainty Amid Ongoing War With Hamas GroupHow Apple, Google, and Microsoft Can Save Us From AI DeepfakesHezbollah Likely to Launch Retaliatory Cyberattack on Israel, Expert SaysAlaska Airlines Reports IT Outage, Disruption in Seattle‘Cybersecurity Issue’ Takes MoneyGram Offline for Three Days – And CountingTewkesbury Borough Council: Cyber Incident ‘Was an Accident – Not an Attack’Ransomware Attack on Franklin County (KS) Exposed Sensitive Info of Nearly 30,000 ResidentsKryptina Ransomware Resurfaces in Enterprise Attacks By MalloxAndroid Malware ‘Necro’ Infects 11 Million Devices via Google PlayNew PondRAT Malware Hidden in Python Packages Targets Software DevelopersMove Over, Cobalt Strike. Splinter’s the New Post-Exploit Menace in TownVulnerabilities Found in Popular Houzez Theme and PluginCritical Flaw in Microchip ASF Exposes IoT Devices to Remote Code Execution RiskGavin Newsom Vetoes Legislation to Mandate Universal Data Privacy Opt-Outs in California
9/20-22/2024 September 22, 2024September 22, 2024 ~ The Cyber Beat ~ Leave a comment Ukraine Bans Telegram Use for Government and Military PersonnelHacktivist Group Twelve Targets Russian Entities with Destructive Cyber AttacksCourt Finds Former German Cyber Chief Was Falsely Accused of Associating With Russian SpiesU.S. Cyberspace Solarium Commission Outlines Ten New Cyber Policy PrioritiesCyber Leaders Struggle to Fill AI Security JobsCybersecurity Skills Gap Leaves Cloud Environments VulnerableCISA Boss: Makers of Insecure Software Are the Real Cyber VillainsCompanies Face Risk of Huge Fines and Suspensions Under Tough New Cyber Rules in the EUU.S. Indicts Two, Including One Florida Man, Over Socially Engineered $230M+ Crypto HeistClickbaity or Genius? ‘BF Cheated on You’ QR Codes Pop up Across UKLinkedIn Halts AI Data Processing in UK Amid Privacy Concerns Raised by ICOFederal Civil Rights Watchdog Sounds Alarm Over DOJ, DHS, and HUD Use of Facial Recognition TechnologyHacker Uses Telegram Chatbots to Leak Data of Top Indian Insurer Star HealthDell Investigates Data Breach Claims After Hacker Leaks Employee InfoWells Fargo Clearing Services Notifies Consumers of Recent Data BreachMore Than $44 Million in Cryptocurrency Stolen From Singaporean Platform BingXCybercrooks Strut Away With Haute Couture Harvey Nichols DataSchools Across Lancashire Threatened by Hackers in Cyber AttackValencia Ransomware Explodes on the Scene, Claims California City, Fashion Giant, More as VictimsGlobal ‘Marko Polo’ Infostealer Malware Operation Targets Crypto Users, GamersCISA Warns of Actively Exploited Apache HugeGraph-Server BugResearcher Reveals ‘Catastrophic’ Security Flaw in the Arc BrowserWindows Server 2025 Previews Security Updates Without RestartsmacOS Sequoia Change Breaks Networking for VPN, Antivirus Software
9/19/2024 September 19, 2024September 19, 2024 ~ The Cyber Beat ~ Leave a comment First Israel’s Exploding Pagers Maimed and Killed. Now Comes the Paranoia…Your Phone Won’t Be the Next Exploding PagerIran Backdoors Planted Across Middle East Telecoms, Government Agencies, Google SaysLong Island County Hack Probe Details History of Cyber FailuresDisney to Stop Using Slack Following Hack That Exposed Company DataInsecure APIs and Bot Attacks Cost Global Firms $186bn1 in 10 Orgs Dumping Their Security Vendors After CrowdStrike OutageInfostealers Cause Surge in Ransomware Attacks, Just One in Three Recover DataCalifornians Can Now Add Their Driver’s Licenses to Apple WalletNo Way? Big Tech’s Endless ‘Lucrative Surveillance’ of Everyone Is Terrible for Privacy, FreedomTor Says It’s “Still Safe” Amid Reports of Police Deanonymizing UsersGermany Seizes 47 Crypto Exchanges Used by Ransomware GangsPolice Dismantles Phone Unlocking Ring Linked to 483,000 Victims8,000 Claimants Sue Outsourcing Giant Capita Over 2023 Data BreachIndonesia’s Tax Agency Probes Alleged Personal Data BreachAltman Plants Notifies Thousands of Data Breach Involving Their SSNs and Medical InformationElitecare Emergency Room (TX) Notifies Patients of July 2024 Data BreachTewkesbury Borough Council in Gloucestershire IT Systems Deemed ‘Safe’ After Cyber AttackHackers Exploit Default Credentials in FOUNDATION Software to Breach Construction FirmsCryptojacking Gang TeamTNT Makes a ComebackNew Brazilian-Linked SambaSpy Malware Targets Italian Users via Phishing EmailsClever ‘GitHub Scanner’ Campaign Abusing Repos to Push MalwareKrebs: This Windows PowerShell Phish Has Scary Potential1 PoC Exploit for Critical RCE Flaw, but 2 Patches From VeeamIvanti Warns of Another Critical CSA Flaw Exploited in AttacksApple’s New macOS Sequoia Update Is Breaking Some Cybersecurity ToolsGoogle Password Manager Now Automatically Syncs Your PasskeysUnexplained ‘Noise Storms’ Flood the Internet, Puzzle Experts
9/18/2024 September 18, 2024September 19, 2024 ~ The Cyber Beat ~ Leave a comment Hezbollah Devices Explode Again in Lebanon, Raising Fears of Wider Israel Conflict…Walkie-Talkies This Time…Solar Panels and Fingerprint Recognition Devices Used by Hezbollah Fighters…Hezbollah Pager Attack Puts Spotlight on Israel’s Cyber Warfare Unit 8200…Supply-Chain InterferenceEuropol Taskforce Disrupts ‘Ghost’ Global Criminal Network Through Supply Chain AttackGermany Seizes Leak Site of ‘Vanir’ Ransomware OperationFlax Typhoon: U.S. FBI Disrupts Second Chinese Hacking Group, Director SaysDid a Chinese University Hacking Competition Target a Real Victim?U.S. Says Iran Tried to Influence Election With Messages to Biden Camp With Stolen Info From Trump CampaignCritical Infrastructure at Risk From Email Security BreachesDOJ, FBI Need Better Metrics for Tracking Ransomware Disruption Efforts, Audit FindsRussian Security Firm Dr.Web Disconnects All Servers After BreachDeja Blues… Ransomware Group LockBit Boasts Once Again of Ransoming IRS-Authorized eFile.comNorth Korean Hackers Target Energy and Aerospace Industries with New MISTPEN MalwareNew “Raptor Train” IoT Botnet Compromises Over 200,000 Devices WorldwideMicrosoft: Vanilla Tempest Hackers Hit Healthcare With INC RansomwareX Hacking Spree Fuels “$HACKED” Crypto Token Pump-and-DumpQR Phishing Scams Gain Motorized Momentum in UKKrebs: Scam ‘Funeral Streaming’ Groups Thrive on FacebookGoogle Street View Images Used For Extortion ScamsGitLab Releases Fix for Critical SAML Authentication Bypass FlawDiscord Rolls Out End-To-End Encryption for Audio, Video Calls
9/17/2024 September 17, 2024September 17, 2024 ~ The Cyber Beat ~ Leave a comment Hezbollah Pagers Explode in Apparent Attack Across Lebanon…4,000 Injured, 11 Dead…The Mystery of Hezbollah’s Deadly Exploding Pagers…Hezbollah Vows to Punish Israel After Pager Explosions Across LebanonU.S. Looks to Align Security Across GovernmentCISA Urges Software Devs to Weed out XSS VulnerabilitiesCyberattacks Plague Health Care. Critics Call the Federal Response ‘Inadequate’Over Half of Breached UK Firms Pay RansomMost Cyber Leaders Fear AI-Generated Code Will Increase Security RisksAT&T Pays $13 Million FCC Settlement Over 2023 Data BreachChinese National Accused by Feds of Spear-Phishing for NASA, Military Source CodeMeta Blocks RT and Other Russian State Media; Kremlin Says It’s ‘Unacceptable’Pro-Ukraine Hackers Claim Attack on Agency That Certifies Digital Signatures in RussiaTemu Denies Breach After Hacker Claims Theft of 87 Million Data RecordsOver 1,000 ServiceNow Instances Found Leaking Corporate KB DataConstruction Firms Breached in Brute Force Attacks on Accounting SoftwareAramark myPay Data Breach Affects an Unknown Number of EmployeesBinance Warns of Rising Clipper Malware Attacks Targeting Cryptocurrency UsersMarko Polo Cybercrime Gang Targets Cryptocurrency Users, Influencers With ScamsRansomware Gangs Now Abuse Microsoft Azure Tool for Data TheftPKfail Secure Boot Bypass Remains a Significant Risk Two Months LaterSolarWinds Issues Patch for Critical ARM Vulnerability Enabling RCE AttacksVMware Patches Remote Make-Me-Root Holes in vCenter Server, Cloud Foundation
9/16/2024 September 16, 2024September 16, 2024 ~ The Cyber Beat ~ Leave a comment Cybersecurity & the 2024 U.S. ElectionsWhite House to Tackle AI-Generated Sexual Abuse ImagesCISA Warns of Windows Flaw Used in Infostealer Malware AttacksCybercriminals Exploit HTTP Headers for Credential Theft via Large-Scale Phishing AttacksAdvanced Phishing Attacks Put X Accounts at RiskSnowflake Slams ‘More MFA’ Button Again – Months After Ticketmaster, Santander BreachesHalf of UK Firms Lack Basic Cybersecurity SkillsTech Firm CACI Beefs up Defense Business With $1.28 Bln Azure Summit DealChrome Switching to NIST-Approved ML-KEM Quantum Encryption to Protect Against Quantum TLS AttacksU.S. Cracks Down on Spyware Vendor Intellexa With More SanctionsFeds Sentence 12 Crypto Thieves, Including a Florida Man, Behind SIM Swaps, Home InvasionsPacific Islands Forum Investigating Cyberattack on Networks by Reported China State ActorsOnly U.S. Platinum Mine Stillwater Mining Company Confirms Data Breach After Ransomware ClaimsData on Nearly 1 Million NHS Patients Leaked Online Following Ransomware Attack on London HospitalsGerman Radio Station Forced to Broadcast ‘Emergency Tape’ Following CyberattackThe Maids International Notifies Consumers of the January 2024 Data BreachNorth Korean Hackers Target Cryptocurrency Users on LinkedIn with RustDoor MalwareWindows Vulnerability Abused Braille “Spaces” in Zero-Day AttacksExploit Code Released for Critical Ivanti RCE Flaw, Patch NowGoogle Fixes GCP Composer Flaw That Could’ve Led to Remote Code ExecutionD-Link Fixes Critical RCE, Hardcoded Password Flaws in WiFi 6 Routers
9/13-15/2024 September 15, 2024September 15, 2024 ~ The Cyber Beat ~ Leave a comment Malicious Actors Spreading False U.S. Voter Registration Breach ClaimsState Dept: Russia’s RT News Agency Has ‘Cyber Operational Capabilities,’ Assists in Military ProcurementHow a U.S. Spy Tapped Into Russian Communication LinesKrebs: The Dark Nexus Between Harm Groups and ‘The Com’Nightsleeper: Could a Cyber Hack Derail a Train in Real Life?Hardware Supply Chain Threats Can Undermine Endpoint InfrastructureLargest Crypto Exchange in Indonesia Indodax Pledges to Reimburse Users After $22 Million Theft23andMe Agrees to Pay $30 Million to Settle Lawsuit Over Massive Data BreachCambodian Senator Sanctioned by U.S. Over Alleged Forced Labor Cyber-Scam CampsApple Seeks Dismissal of Its NSO Group Lawsuit, Citing Risk of Exposing ‘Vital Security Information’Meta to Resume Plans to Harness UK Users’ Social Media Posts for AI Model TrainingFeeld Dating App’s Security Too Open-Minded as Private Data Swings Into Public ViewPort of Seattle Hit by Rhysida Ransomware in August AttackRansomHub Claims Kawasaki Cyberattack, Threatens to Leak Stolen DataAtrium Health Apologizes After Employees Fall For Phishing Attack; Patient Info May Have Been ExposedShamrock Trading Corporation Announces May 2024 Data BreachTfL Requires In-Person Password Resets for 30,000 Employees After HackJohnson County Board of Education (TN) Loses $3.4 Million to a Fake Curriculum VendorMalware Locks Browser in Kiosk Mode to Steal Google CredentialsTrickMo Android Trojan Exploits Accessibility Services for On-Device Banking FraudIvanti Warns of Active Exploitation of Newly Patched Cloud Appliance VulnerabilityProgress WhatsUp Gold Exploited Just Hours After PoC Release for Critical Flaw
9/12/2024 September 13, 2024September 13, 2024 ~ The Cyber Beat ~ Leave a comment The U.S. Is Preparing Criminal Charges in Iran Hack Targeting TrumpChinese-Made Port Cranes in U.S. Included ‘Backdoor’ Modems, House Report SaysMicrosoft Is Building New Windows Security Features to Prevent Another CrowdStrike IncidentApple Vision Pro’s Eye Tracking Exposed What People TypeHacker Tricks ChatGPT Into Giving Out Detailed Instructions for Making Homemade BombsBT Spots 2,000 Potential Attacks on Its Network a SecondGoogle Chrome Makes It Easier to Opt out of Annoying Notifications on AndroidWhy Credit Card Fraud Alerts Are Rising, and How Worried You Should Be About ThemMastercard Bolsters Threat Intelligence Capabilities With $2.65 Billion Deal for Recorded FutureCyber Intelligence Company Strider Raises $55 Million in FundingHospital System to Pay $65 Million for Dark Web Data Leak, Including Images of Nude Cancer PatientsTfL Confirms Customer Data Breach, 17-Year-Old Suspect ArrestedU.S. Sanctions Cambodian Tycoon for Alleged Human Trafficking to Cyber Scam CentersFortinet Confirms Data Breach After Hacker Claims to Steal 440GB of FilesI Stole 20GB of Data From Capgemini – And Now I’m Leaking It, Says Cyber-CrookIranian Cyber Group OilRig Targets Iraqi Government in Sophisticated Malware AttackSocially Savvy Scattered Spider Traps Cloud Admins in WebExposed Selenium Grid Servers Targeted for Crypto Mining and ProxyjackingBeware: New Vo1d Malware Infects 1.3 Million Android TV Boxes WorldwideNew Android Malware ‘Ajina.Banker’ Steals Financial Data and Bypasses 2FA via Telegram‘Hadooken’ Linux Malware Targets Oracle WebLogic ServersHackers Targeting WhatsUp Gold With Public Exploit Since AugustUrgent: GitLab Patches Critical Flaw Allowing Unauthorized Pipeline Job ExecutionOpen Source Updates Have 75% Chance of Breaking AppsSchools Face Million-Dollar Bills as Ransomware RisesBusiness Email Compromise Costs $55bn Over a Decade
9/11/2024 September 12, 2024September 12, 2024 ~ The Cyber Beat ~ Leave a comment Cyberattacks on U.S. Utilities Surged 70% This Year, Says Check PointUK Designates the Data Center Sector Part of Its ‘Critical National Infrastructure’Hackers Have Sights Set on Four Microsoft Vulnerabilities, CISA WarnsOperational Technology Leaves Itself Open to Cyber-AttackWordPress.org to Require 2FA for Plugin Developers by OctoberApple Intelligence Promises Better AI Privacy for Personal Information . Here’s How It Actually WorksPoland’s Supreme Court Blocks Pegasus Spyware ProbeSingapore Police Arrest Six Hackers Linked to Global Cybercrime SyndicateSo You Paid a Ransom Demand … and Now the Decryptor Doesn’t WorkHow Law Enforcement’s Ransomware Strategies Are EvolvingHow $20 and a Lapsed Domain Allowed Security Pros to Undermine Internet IntegrityTD Bank Fined $28 Million for Sharing Inaccurate and Negative Data on CustomersHunters International Claims Ransom on Chinese Mega-Bank’s London HQJapanese Media Giant Kadokawa Investigating Another Reported Data Leak by BlackSuit HackersMultiple Popular French Retailers Confirm Hackers Stole Customer DataNJ Union Reports Cyber Incident May Have Exposed Members’ Private InformationHighline Public Schools Will Reopen Classes — Without Internet — Amid Cyberattack RecoveryBollinger County (MO) Sheriff Talks About Hack of Facebook PageDevelopers Beware: Lazarus Group Uses Fake Coding Tests to Spread MalwareDragonRank Black Hat SEO Campaign Targeting IIS Servers Across Asia and EuropeMajor Sales and Ops Overhaul Leads to Much More Activity … For Meow Ransomware GangGallup: Pollster Acts to Close Down Security ThreatAdobe Fixes Acrobat Reader Zero-Day With Public PoC ExploitKrebs: Bug Left Some Windows PCs Dangerously Unpatched
9/10/2024 September 10, 2024September 10, 2024 ~ The Cyber Beat ~ Leave a comment Experts Identify 3 Chinese-Linked Clusters Behind Cyberattacks in Southeast AsiaNew Portuguese Government to Keep Ban on Chinese 5G EquipmentThanks, Edward Snowden: You Propelled China to Quantum Networking LeadershipWix to Block Russian Users Starting September 12Russia to Spend Over Half a Billion Dollars to Bolster Internet Censorship SystemDoJ Distributes 18 and a Half Million Dollars to Western Union Fraud VictimsCrypto Scams Rake in Five and Three-Fifths of a Billion Dollars a Year for Cyberscum Lowlifes, FBI SaysWhatsApp’s ‘View Once’ Could Be ‘View Whenever’ Due To a FlawGallup Poll Bugs Open Door to Election MisinformationCyber Staffing Shortages Remain CISOs’ Biggest ChallengeLondon’s Transit Agency Drops Claim It Has ‘No Evidence’ of Customer Data Theft After HackVista Higher Learning (MA) Data Breach Impacts an Unknown Number of ConsumersCosmicBeetle (aka NoName) Deploys Custom ScRansom Ransomware, Partnering with RansomHubRansomHub Ransomware Abuses Kaspersky TDSSKiller to Disable EDR SoftwareNew PIXHELL Attack Exploits Screen Noise to Exfiltrates Data from Air-Gapped ComputersIvanti Fixes Maximum Severity RCE Bug in Endpoint Management SoftwareMicrosoft September 2024 Patch Tuesday Fixes 4 Zero-Days, 79 Flaws…Microsoft Fixes Windows Smart App Control Zero-Day Exploited Since 2018…Microsoft Fixes Windows Server Performance Issues From August Updates
9/9/2024 September 10, 2024September 10, 2024 ~ The Cyber Beat ~ Leave a comment Chinese Mustang Panda APT Hackers Exploit Visual Studio Code in Southeast Asian Cyberattacks…Mustang Panda Use New Data Theft Malware in Gov’t AttacksTIDRONE Espionage Group Targets Taiwan Drone Makers in Cyber CampaignGerman Intelligence Says Russian GRU Group Behind NATO, EU CyberattacksPoland Dismantles Cyber Sabotage Group Linked to Russia, BelarusRussia’s Top-Secret Military Unit Reportedly Plots Undersea Cable ‘Sabotage’DDoS Attacks Double With Governments Most TargetedThe Bitcoin ATM Has Emerged as One of Cryptocurrency’s Biggest ThreatsU.S. Proposes Requiring Reporting for Advanced AI, Cloud ProvidersTechnology Causes “Digital Entropy” as Firms Struggle With GovernanceWhat You Need to Know about Grok AI and Your PrivacyU.S. Offers $10 Million for Info on Russian Cadet Blizzard Hackers Behind Major AttacksCyber-Attack on Payment Gateway Slim CD Exposes 1.7 Million Credit Card DetailsData of Nearly 300,000 Exposed in Avis CyberattackHighline Public Schools (WA) Closes Schools Following CyberattackRansomware Attack Forces London’s Charles Darwin School to Close and Send Students HomeKent’s Biggin Hill School Closes Due to Ransomware AttackWelcome Health (CA) Data Breach Put Confidential Patient Information at RiskRetailData (VA) Data Breach Affects an Unknown Number of ConsumersBlind Eagle Targets Colombian Insurance Sector with Customized Quasar RATQuad7 Botnet Targets More SOHO and VPN Routers, Media ServersAkira Ransomware Actors Exploit SonicWall Bug for RCEMeta Fixes Easily Bypassed WhatsApp ‘View Once’ Privacy FeatureFord Seeks Patent for Tech That Listens to Driver Conversations to Serve Ads
9/6-8/2024 September 8, 2024September 8, 2024 ~ The Cyber Beat ~ Leave a comment U.S. Financial Markets, Public Companies Are a Growing Target for Russian HackersLawmakers Want U.S. to Address Risks Posed by Chinese Agriculture DronesDespite Cyberattacks, Water Security Standards Remain a Pipe DreamResearchers Say a Bug Let Them Add Fake Pilots to Rosters Used for TSA ChecksThe NSA Has a Podcast—Here’s How to Decode ItTelegram Changes Its Tone on Moderating Private Chats After CEO’s Arrest…Pavel Durov Criticizes Outdated Laws After Arrest Over Telegram Criminal ActivityRussian Authorities Able to Identify Train Saboteur Teen From Anonymous Telegram AccountAI, Growing Data Risks Expand the Role of Chief Privacy OfficerAmid AI Boom, Tech Can’t Afford to Neglect Spending in These IT AreasSpyware Vendors’ Nebulous Ecosystem Helps Them Evade SanctionsFBI Cracks Down on Dark Web Marketplace Managed by Russian and Kazakh NationalsYouTube Removes Tenet Media Channel Over Alleged Ties to Russian Disinformation EffortTherapy Sessions Exposed by Mental Health Care Firm Confidant Health’s Unsecured Database900,000 on Medicare in Wisconsin Warned of Data Breach from MOVEitCar Rental Giant Avis Discloses Data Breach Impacting CustomersTransport for London (TfL) Still Affected by ‘Ongoing Cyber Incident’North Korean Threat Actors Deploy COVERTCATCH Malware via LinkedIn Job ScamsSextortion Scam Now Use Your “Cheating” Spouse’s Name as a LureSpyAgent Android Malware Steals Your Crypto Recovery Phrases from ImagesNew RAMBO Attack Steals Data Using RAM in Air-Gapped ComputersGeoServer Vulnerability Targeted by Hackers to Deliver Backdoors and Botnet MalwareGitHub Actions Vulnerable to Typosquatting, Exposing Developers to Hidden Malicious CodeSonicWall Urges Users to Patch Critical Firewall Flaw Amid Possible ExploitationProgress LoadMaster Vulnerable to 10/10 Severity RCE FlawMicrosoft Office 2024 to Disable ActiveX Controls by DefaultCybersecurity Talent Shortage Prompts White House Action