Mobile View

8/26/2020

Column 1

Chinese Diplomats Helped Military Scholars Visiting the U.S. Evade FBI Scrutiny, U.S. Says

Top Election Officials Warn Election Systems Being ‘Scanned’ for Vulnerabilities by Adversaries

Disinformation Spurs a Thriving Industry as U.S. Election Looms

North Korean Hackers Ramp up Bank Heists: U.S. Government Cyber Alert

FBI/CISA Warn U.S. Firms of State-Mandated Tax Malware

Facebook Says Apple’s New Privacy Rules Will Hamper Its Ad Service

International Authorities Dismantle Online Piracy Ring

U.S. Arrests Tourist Over Malware Conspiracy

Krebs: Confessions of an ID Theft Kingpin

Column 2

Hackers for Hire Attack Architecture Firm via 3ds Max Exploit

Leeds-Based College Group Hit by Cyber Attack

Gosnell Schools (AR) Hit With Ransomware Attack

Giveaway Scam Infects 65,000 Devices with Malware

Red Cross Chief: Cyber Attacks Increasing on Hospitals

Browser-Based Cryptojacking Attacks Spike 163%

SunCrypt Ransomware Sheds Light on the Maze Ransomware Cartel

Security Flaws in Two Popular TV Set-Top Boxes Expose Customers to Attack

Hackers Exploit Autodesk Flaw in Recent Cyberespionage Attack

8/25/2020

Column 1

U.S. Cyber Command Leader Vows to ‘Defend Forward’ in Protecting Nation From Cyberattacks

Shoring Up the 2020 Election: Secure Vote Tallies Aren’t the Problem

House Democrats Request Briefing on Seizure of Terrorist Cryptocurrency Assets

Lazarus Group Targets Cryptocurrency Firms Via LinkedIn Messages

Colleges Weigh Transparency Versus Privacy When It Comes to Covid-19 Data

The Fatal Flaw in Data Security

National Cyber League Registration Opens

Column 2

NZX Down Again After Another Cyber Attack

Darkside Ransomware Hits North American Real Estate Developer Brookfield Residential

Cyber Attack Threatens Security, Finances of Torrington (CT) City Hall

Lafayette Says Criminals Might Have Had Access to Some Personal Information During Ransomware Attack

Ryuk Successor Conti Ransomware Releases Data Leak Site

Popular iOS SDK Caught Spying on Billions of Users and Committing Ad Fraud

Four More Bugs Patched in Microsoft’s Azure Sphere IoT Platform

8/24/2020

Column 1

Alexei Navalny: Putin Critic ‘Probably Poisoned’ – Doctors

TikTok Files Suit Challenging U.S. Ban

General Atlantic, Sequoia Capital Pushing Oracle’s Bid for TikTok

Federal Cyber Agency Releases Strategy to Secure 5G Networks

Iran-Linked ‘Newbie’ Hackers Spread Dharma Ransomware Via RDP Ports

Temporary Zoom Outage Upends Remote Learning, Court Proceedings and More

Hacker Disrupts North Carolina School Lesson

U.S. Makes Second Espionage Arrest in a Week

Average Cost of a Data Breach in 2020: $3.86M

Column 2

Indian Travel Site RailYatri Exposed 37 Million Records Before Meow Attack

Haywood County Schools (NC) Closed After Ransomware Attack

Cyber Attack Prompts Cancellation of Online Classes in Rialto (CA)

FBI Investigates COVID-19 Patient Data Breach in South Dakota

Dark Web Market Empire Down for Days From DDoS Attack

TeamViewer Flaw Risks Password Exposure

Security Researcher Discloses Safari Bug After Apple’s Delays Patch

Google Fixes High-Severity Chrome Browser Code Execution Bug

Office 365 Now Opens Attachments in a Sandbox to Prevent Infections

8/21-23/2020

Column 1

Facebook CEO Mark Zuckerberg Stoked Washington’s Fears About TikTok

Top Senate Intel Democrat Worried Americans May ‘Unwittingly’ Promote Russian Disinformation Campaign

Postmaster General Testifies That Ballots Will Be Prioritized for Delivery

FBI, CISA Echo Warnings on ‘Vishing’ Threat

U.S. Financial Regulator Warns of Phishing Sites Impersonating Brokers

Reports of Cybercrimes Against Children Double During Pandemic

Hackers Eye Students Returning to Virtual Classes as Easy Targets

Column 2

Freepik Data Breach: Hackers Stole 8.3M Records via SQL Injection

Instacart Reveals Third Party Employees Accessed Customer Data

University of Kentucky COVID-19 Data Left Some Students’ Information Exposed, School Says

Customers Complain of Delays After Ransomware Attack on Canadian Delivery Company Canpar Express

WordPress WooCommerce Stores Under Attack, Patch Now

Researchers Sound Alarm Over Malicious AWS Community AMIs

A Google Drive ‘Feature’ Could Let Attackers Trick You Into Installing Malware

8/20/2020

Column 1

China Says Taiwan Hacking Allegations Are ‘Malicious Slander’

Susan Rice Says She Is ‘100 Percent’ Sure Russia Will Interfere in Elections

Transparent Tribe APT Mounts Ongoing Spy Campaign on Military, Government

Senate Bill Would Expand Facial-Recognition Restrictions Nationwide

Facebook Expands Policy to Take Down QAnon and US Militias

Phone Hack Traumatizes Neighbours Actress

What To Do When Your Computer Is Attacked

Ransomware Negotiations Revealed: Flattery and Empathy Works

Former Uber Security Chief Charged Over Covering Up 2016 Data Breach

IBM Settles Lawsuit Over Weather Channel App Data Privacy

Column 2

University of Utah Pays $450K Ransom to Stop Leak of Stolen Data

Baugo Community Schools (IN) Dealing With Cyber Attack

Myerscough College Falls Victim to Massive Cyber Attack on GCSE Results Day

Imperial Valley College (CA) Online Classes Delayed a Week Due to Ransomware

Colleges Face Education Challenge on Cybersecurity

IBM AI-Powered Data Management Software Subject to Simple Exploit

Malware Can No Longer Disable Microsoft Defender via the Registry

Cisco Critical Flaw Patched in WAN Software Solution

Google Fixes Gmail Bug Allowing Attackers to Send Spoofed Emails

Why the Cybersecurity Skills Gap Continues to Widen

8/19/2020

Column 1

Taiwan Says China Behind Cyberattacks on Government Agencies, Emails

Oracle Joins Microsoft, Twitter in the Battle for TikTok. Two Traders Place Their Bets.

Trump Gives Nod to Oracle Buyout of TikTok

Just What Would an Enterprise Company Like Microsoft or Oracle Do With TikTok?

U.S. Gov’t Exposes New North Korean BLINDINGCAN Backdoor Malware

Fake News on COVID-19 Government Initatives Boost Phishing in Brazil

The Sounds a Key Make Can Produce 3D-Printed Replica

Krebs: Voice Phishers Targeting Corporate VPNs

NYPD Used Facial Recognition Software During Probe of BLM Leader

Massachusetts Attorney General Creates Unit to Police Data Privacy and Security Abuses

Police and Industry Take Down $42m “Bulletproof Exchange”

Column 2

‘Millions’ of South Africans’ Personal Info Exposed in Experian Credit Bureau Data Breach

Data Firm Exposes 235 Million Social Media Profiles

Childrens’ Personal Details Hacked in Sutton Park Donkey Sanctuary Cyber-Attack (Birmingham, UK)

Museum of the Cherokee Indian Hit With Cyberattack; All Data Still Intact

FritzFrog Botnet Attacks Millions of SSH Servers

More & More Blackbaud: Cleveland Museum of Natural History

Lucifer Cryptomining DDoS Malware Now Targets Linux Systems

Researchers Warn of Flaw Affecting Millions of IoT Devices

Microsoft Issues Out of Band KB4578013 Windows Security Update

Chrome to Warn Users Completing Suspicious Forms

Tor Project Shares Proposals to Limit DDoS Impact on Onion Sites

WannaRen Ransomware Author Contacts Security Firm to Share Decryption Key

8/18/2020

Column 1

China: U.S. Undermining Global Trade With Sanctions Against Huawei

Huawei Phones Unlikely to Receive Security Updates as Trade Ban Begins

TikTok’s U.S. Employees Plan to Sue Trump Administration Over Executive Order

Putin Ordered 2016 Democratic Hack, Republican-Led Senate Panel Says

Large Orgs Plagued with Bugs, Face Giant Patch Backlogs

61% of Airlines Have No Published DMARC Record, Customers Susceptible to Email Fraud

Microsoft Is Killing off Insecure Cloud App Security Cipher Suites

Former CIA Officer Charged with Espionage

U.S. Jails Sextortionist for 35 Years

Six Suspects Face 275 Felony Complaints Related to Data Breach at Santa Barbara Property Management Firm

Column 2

Gym App Management Platform Fizikal Exposed Info of Thousands of Users

Jefferson Parish Schools Data Breach Exposes 86 Students’ Information

Student Information, Financial Info Published in Suspected Royal Military College (RMC) of Canada Data Leak After Cyber Attack

Saratoga Cardiology Associates (NY) Reports 1,789 Patients’ Info Missing From Bank Deposit Bags

GitHub Leaks Exposed up to 200,000 Medical Records

Some Knoxville City Data on Dark Web, Most Computers Back Online Two Months Later

Researchers Warn of Active Malware Campaign ‘Duri’ Using HTML Smuggling

IcedID Trojan Rebooted with New Evasive Tactics

Critical Jenkins Server Vulnerability Could Leak Sensitive Information

8/17/2020

Column 1

U.S. Tightens Restrictions on Huawei’s Access to Chips

How Twitter’s Big Hack Became a Wake-Up Call Before the 2020 Elections

Major Security Vulnerability Discovered in CMS System Used by US Army

Crest Cancels UK Infosec Accreditation Exams After Fresh Round of ‘Cheat Sheets’ Are Leaked Online

Governments Collected Large Amounts of Data to Fight the Coronavirus, Raising Privacy Concerns

Please Stop Hard-Wiring AWS Credentials in Your Code University COVID-19 Track-And-Test App Makers

There’s a Growing Blind Spot for Your Security Team During the Pandemic: IoT Devices

Oracle and Salesforce to Face GDPR Lawsuit

American Charged with Attempting to Hire Hitman on Dark Net

Column 2

Carnival Hit by Ransomware Attack, Guest and Employee Data Accessed

Ponca City Public Schools (OK) Delays Start of School Due to Ransomware Attack

Cyberattack Shuts Down Canadian Government Accounts

Cyberattack on India’s NHAI Traced to Taiwan and Hong Kong IP Addresses

‘EmoCrash’ Exploit Stoppered Emotet For 6 Months

Crypto-Mining Worm Steals AWS Credentials

Israeli Cyber Startup Discovers Blockchain Weakness That Could Potentially Leak Millions

Krebs: Microsoft Put Off Fixing Zero Day for 2 Years

Windows Control Flow Guard Support Added to Rust, Clang Compilers

Google Chrome Will Warn Users When Submitting Insecure Forms

8/14-16/2020

Column 1

Lawmakers Introduce Bill to Help Election Officials Address Cyber Vulnerabilities

U.S. Agency Takes Part in Simulated Cyberattack on Critical Systems

Emotet Malware Strikes U.S. Businesses With COVID-19 Spam

Canada Suffers Cyberattack Used to Steal COVID-19 Relief Payments

Over 43,000 Phishing Emails Slip Through NHS Security Filters

SANS Shares Details on Attack That Led to Their Data Breach

Instagram Retained Deleted User Data Despite GDPR Rules

Blackmailers Stole Our Instagram Account

A Cyberattack Doesn’t Have to Sink Your Stock Price

Windows Defender Deletes Citrix Components Mislabeled as Malware

Column 2

Canada Revenue Agency (CRA) Shuts Down Online Services After Thousands of Accounts Breached

Krebs: Medical Debt Collection Firm R1 RCM Hit in Ransomware Attack

Business Technology Giant Konica Minolta Hit by New Ransomware

U.S. Spirits and Wine Giant Brown-Forman Hit by Cyberattack, 1TB of Data Stolen

Tea at the Ritz (London) Soured by Credit Card Scammers

Phishing Scam Targets Asda Shoppers

Mac Users Targeted by Spyware Spreading via Xcode Projects

PoC Exploit Targeting Apache Struts Surfaces on GitHub

Critical Flaws in WordPress Quiz Plugin Allow Site Takeover

8/13/2020

Column 1

NSA, FBI Expose Russian Intelligence Linux Hacking Tool “Drovorub”

Federal Agencies Seize, Dismantle Cryptocurrency Campaigns of Major Terrorist Organizations

Two Republican Senators Ask U.S. FTC to Investigate TikTok’s Data Collection Practices

Lawmakers Introduce Bill Designating $28 Billion to Secure State and Local It Systems

China-Based CactusPete APT Hones Toolset, Resurfaces with New Espionage Targets

CactusPete APT Targets Eastern European Military

Zoom Faces More Legal Challenges Over End-to-End Encryption

U.S. Court Orders Defendant to Unlock Phones

Expired Certificate Led to an Undercount of COVID-19 Results

Cybersecurity Firms Post Strong Quarter Despite Gloomy Economy

You Weren’t Hacked Because You Lacked Space-Age Network Defenses or Because Cyber-Gurus Picked on You. It’s Far Simpler Than That.

Column 2

Hacker Leaks Data for Utah-Based Gun Exchange Site on Cybercrime Forum

Stealthy RedCurl Hackers Steal Corporate Documents

The Metropolitan Community College of Kansas City Victim of Ransomware

U.S. Stock Broker Regulator FINRA Warns of Copycat Phishing Site

Phishing Tactic Targets Verizon Users’ Credentials

Mekotio Banking Trojan Imitates Update Alerts to Steal Bitcoin

Amazon Alexa Security Bug Allowed Access to Voice History

ReVoLTE Attack Allows Hackers to Listen in on Mobile Calls

High-Severity TinyMCE Cross-Site Scripting Flaw Fixed

8/12/2020

Column 1

Israel Says It Thwarted Foreign Cyber Attack on Defence Industry

Pakistani Intelligence Agencies Identify Major Cyber Attack by India

Federal Agency Warns ‘Malicious Cyber Actor’ Targeting Coronavirus Small Business Loan Program

NHS Hit With Wave of Scam Emails at Height of COVID-19 Pandemic

Twitter Launches Much-Awaited Developer Software After Hack Delay

Incident Response Exercises Not Taken Seriously by Business Leaders

Krebs: Why & Where You Should You Plant Your Flag

These Two Basic Flaws Make It Easy for Hackers to Break Into You Systems

Column 2

Arnot Health Employees (NY) Potentially Affected by Magellan Health Ransomware Attack

Flintshire Council (UK) Notifies Information Commissioner’s Office Following Data Breach

Rite Aid Pharmacy Thefts Expose Information of 9,200 Patients

Blackbaud Breach Bonanza Continues: May Have Compromised Harvard Affiliates’ Demographic Data

Dharma Ransomware Created a Hacking Toolkit to Make Cybercrime Easy

Windows, IE11 Zero-Day Vulnerabilities Chained in Targeted Attack

Is It Finally The End Of Adobe Flash Player?

8/11/2020

Column 1

TikTok Tracked User Data Using Tactic Banned by Google

China Now Blocking ESNI-Enabled TLS 1.3 Connections, Say Great-Firewall-Watchers

Republicans Introduce Bill to Defend Universities Conducting Coronavirus Research Against Hackers

FBI Warns Schools of a Possible Cyber Attack as Students Begin Virtual Learning

Network Intruders Selling Access to High-Value Companies

How This Chrome, Edge And Opera Security Bug Left Users At Risk—For A Whole Year

Zoom Sued by Consumer Group for Misrepresenting Its Encryption Protections

Police Face-Recog Tech Use in Welsh Capital of Cardiff Was Unlawful – Court of Appeal

Australian Jailed for Stealing XRP Crypto

Column 2

Data Breach at Illinois Healthcare System

Walgreens Reports Data Breach Affecting 72k Individuals

SANS Infosec Training Org Suffers Data Breach After Phishing Attack

NCC Group Admits Its Training Data Was Leaked After Folders Full of Crest Pentest Certification Exam Notes Posted to GitHub

High-Speed Trader Virtu Financial Discloses $6.9 Million Hacking Loss

Cornerstone Building Brands (CNR) Says It Detected Ransomware Attack

Critical Intel Flaw Afflicts Several Motherboards, Server Systems, Compute Modules

SAP Updates Security Note for Critical RECON Vulnerability

Critical Flaws Affect Citrix Endpoint Management (XenMobile Servers)

Krebs: Microsoft Patch Tuesday, August 2020 Edition

Critical Adobe Acrobat and Reader Bugs Allow RCE

8/10/2020

Column 1

Outspoken Hong Kong Publisher and China Critic Jimmy Lai Is Arrested Under National Security Law

China Imposes Sanctions on 11 Americans Over Hong Kong

Avoids Top Trump Aides in Retaliatory Sanctions

Microsoft Faces Complex Technical Challenges in TikTok Carveout

Researcher Demonstrates Several Zoom Vulnerabilities at DEF CON 28

Facebook Internal Investigation Uncovers Millions of QAnon Conspiracy Members in Thousands of Groups

Avaddon Ransomware Launches Data Leak Site to Extort Victims

Utah Family Tormented in “Stalking on Steroids” Case

Alleged Soccer Leaks Source Released from Custody

Office 365 Will Let You Manage Phishing Simulation Emails

Column 2

Michigan State University Discloses Credit Card Theft Incident

Google Chrome Browser Bug Exposes Billions of Users to Data Theft

A Mysterious Group Has Hijacked Tor Exit Nodes to Perform SSL Stripping Attacks

Hacked Government, College Sites Push Malware via Fake Hacking Tools

Upgraded Agent Tesla Malware Steals Passwords From Browsers, VPNs

Google Fixes Mysterious Audio Recording Blip in Smart Speakers

vBulletin Fixes Ridiculously Easy to Exploit Zero-Day RCE Bug

Boeing 747s Receive Critical Software Updates Over 3.5″ Floppy Disks

8/7-9/2020

Column 1

Trump Issues Executive Order Barring U.S. Firms From Doing Business With Tiktok’s Parent Company in 45 Days

Twitter and TikTok Reportedly Have Had Talks About a Deal

TikTok Exploring ‘all Remedies’ to Safeguard ‘Rule of Law’ in U.S. Ban

U.S. Sanctions Chinese Officials Over Hong Kong Policy—Including Carrie Lam

State Department: We’re Responsible for Russian, Iranian Text Message Campaign

U.S. Officials Now Worry About Election Logistics More Than Hacking

Democratic Senators Voice ‘Growing Concerns’ Over Electoral Interference

Trump’s National Security Adviser Says U.S. Countering Russian, Chinese Efforts to Tamper With Election Infrastructure

Reddit Hit by Coordinated Hack Promoting Trump’s Reelection

FBI: Iranian Hackers Trying to Exploit Critical F5 BIG-IP Flaw

Have I Been Pwned Set to Go Open-Source

Pirate Subscription Services Now a Billion-Dollar Industry in US

Column 2

Hackensack Meridian Health Group (NJ) Alerts Donors of Data Breach

Two Weeks After Attack, Samaritan (NY) Restores Some Computer Systems

Fake Security Advisory Used in Clever cPanel Phishing Attack

TeamViewer Fixes Bug That Lets Attackers Access Your PC

Qualcomm Bugs Open 40 Percent of Android Handsets to Attack

Major Retailer Monsoon Accessorize at Risk of Attack Due to VPN Vulnerabilities

Bugs in HDL Automation Expose IoT Devices to Remote Hijacking

Evasive Credit Card Skimmers Using Homograph Domains and Infected Favicon

Attackers Horn in on MFA Bypass Options for Account Takeovers

Samsung Rolls Out Android Updates Fixing Critical Vulnerabilities

8/6/2020

Column 1

Iranians, Russians Receive Text Messages Seeking U.S. Election Hacking Info

Krebs: Hacked Data Broker Accounts Fueled Phony COVID Loans, Unemployment Claims

Australia to Spend $1.2 Billion on Cyber Security for Private Sector After Rise in Attacks

Facebook Bans Ads From Pro-Trump PAC

Privacy ‘at Core’ of New Coronavirus Exposure App Launched by Virginia Health Department

Pandemic Elevates Security Chiefs to Corporate Leadership Roles

Capital One Fined $80 Million for Data Breach Involving 100 Million Americans

Hackers Abuse Lookalike Domains and Favicons for Credit Card Theft

Louisiana Judicial Candidate Charged With Hacking

Cybersecurity And Public Wi-Fi

Column 2

Online Exam Tool ProctorU Suffers Data Breach

Muskingum Valley Health Center’s EHR (OH) Hit by Ransomware Attack, Exposes 7,000+ Patients’ Info

Intel NDA Blueprints – 20GB of Source Code, Schematics, Specs, Docs Leaked

NY Ventilator Innovator Hit by Windows DoppelPaymer Ransomware

Satellite Comms Globally Open to $300 Eavesdropping Hack

KrØØk Attack Variants Impact Qualcomm, Mediatek Wi-Fi Chips

Nearly 50% of All Smartphones Affected by Qualcomm Snapdragon Bugs

Unpatched Bug in Windows Print Spooler Lets Malware Run as Admin

Mercedes-Benz E-Series Rife with 19 Bugs

High-Severity Cisco DoS Flaw Plagues Small-Business Switches

8/5/2020

Column 1

Pompeo Urges Cutting Ties With Chinese Tech Companies, Apps

Google pulls 2,500 China-linked YouTube channels over disinformation

Top Federal Official Says More Details Coming on Foreign Election Interference

U.S. Offers $10 Million Reward for Hackers Meddling in Elections

First EU Sanctions for Cyberattacks Point to Alignment With U.S. on Foreign Hacking

Twitter Says Security Flaw May Have Exposed Android Users’ Direct Messages

Krebs: Porn Clip Disrupts Virtual Court Hearing for Alleged Twitter Hacker

Silk Road Vendor Indicted on Narcotics Charges

Column 2

Canon Hit by Maze Ransomware Attack, 10TB Data Allegedly Stolen

Hacker Leaks Passwords for 900+ Enterprise VPN Servers

As Disclosures Continue, Blackbaud Breach Remains a ‘Conundrum’ for Some Nonprofits

High-Severity Android RCE Flaw Fixed in August Security Update

Microsoft Teams Patch Bypass Allows RCE

Microsoft Adds Windows 10 DNS Over HTTPS Settings Section

Researcher Demonstrates 4 New Variants of HTTP Request Smuggling Attack

Ex-NSA Hacker Finds a Way to Hack Mac Users via Microsoft Office

8/4/2020

Column 1

Experts Warn Mail-In Voting Misinformation Could Threaten Elections

Google Bans Ads Linking to Hacked Political Content

Iranian Hacker Group ‘Oilrig’ Becomes First Known APT to Weaponize DNS-Over-HTTPS (DoH)
NSA Warns Cellphone Location Data Could Pose National-Security Threat

Florida Teen Pleads Not Guilty to Masterminding Twitter Hack

Cyber Chiefs Watch Their People for Burnout as Pandemic Rolls On

Microsoft Goes Big in Security Bug Bounties: Its $13.7m Is Double Google’s 2019 Payouts

Firefox Adds Protections Against Redirect Tracking

Column 2

British Dental Association Members Targeted by Hackers

Regis Healthcare Targeted in Cyber Attack

Summit Medical Associates Provides Notice of a Data Breach

Lafayette, Colorado Pays $45,000 Ransom After Cyber-Attack

Bug on Facebook Plugin Lets Hackers Hijack WordPress Sites’ Chat

Vulnerable Perimeter Devices: A Huge Attack Surface

Networks Exposed to Attacks Due to Windows 7 End of Life

8/3/2020

Column 1

Trump Says U.S. Should Get Slice of TikTok Sale Price

Twitter Warns About Possible $250 Million FTC Fine

House Republicans Introduce Legislation to Give States $400 Million for Elections

Google Updates Ad Policies to Counter Influence Campaigns, Extortion

UK Defence Committee Chair Muses Treating TikTok Like Huawei

UK Says ‘Inappropriate’ to Comment on Hacking of Former Trade Minister’s Email

U.S. Gov’t Exposes Chinese Espionage Malware ‘Taidoor’ Secretly Used Since 2008

FBI Sees Surge in Online Shopping Scams, FTC Says Most Reports Ever

Malware Author Admits Role in $568m Cyber-Fraud

From Minecraft Tricks to Twitter Hack: A Florida Teen’s Troubled Online Path

Column 2

Krebs: Robocall Legal Advocate The Blacklist Alliance Leaks Customer Data

Zello Resets All User Passwords After Data Breach

Delivery Startup, iVoy, Experiences Data Breach, Over 127,000 Accounts Exposed

Telstra Outage Was Not a Cyber Attack?

Meetup Critical Flaws Allow ‘Group’ Takeover, Payment Theft

Hundreds Targeted By Free TV License Scam

Newsletter WordPress Plugin Bugs Let Hackers Inject Backdoors on 300k Sites

Windows 10: HOSTS File Blocking Telemetry Is Now Flagged as a Risk

Leaky S3 Buckets Have Gotten So Common That They’re Being Found by the Thousands

BlackBerry Launches Free Tool for Reverse Engineering to Fight Cybersecurity Attacks

7/31-8/2/2020

Column 1

Krebs: Three Charged in July 15 Twitter Compromise

Used “Phone Spear Phishing” in Mass Account Takeover

Russia Pledges Reciprocal Steps After EU Sanctions for Alleged Cyberattacks

Microsoft Is in Talks to Acquire TikTok, as U.S. Considers Banning the App

Microsoft and Bytedance Put TikTok Talks on Hold After Trump Signals Opposition

Microsoft Says It Remains Committed to Reaching TikTok Deal

Microsoft Aims for a Deal

Trump Threat to TikTok Generates Storm of Criticism From Users

Ohio Researcher Admits Selling Secrets to China

Anti-NATO Disinformation Campaign Leveraged CMS Compromises

U.S. Government Sites Abused to Redirect Users to Porn Sites

Ransomware Feared as Possible Saboteur for November Election

GandCrab Ransomware Operator Arrested in Belarus

Column 2

‘Payment Sent’ – Travel Giant CWT Pays $4.5 Million Ransom to Cyber Criminals

Confirmed: Garmin Received Decryptor for Wastedlocker Ransomware

Athens ISD (TX) Will Not Pay Ransom After Cyber Attack, Recovers Data

Havenly Discloses Data Breach After 1.3M Accounts Leaked Online

Canadian MSP Pivot Technology Discloses Data Breach, Failed Ransomware Attack

Telstra DNS Falls Over After Denial of Service Attack

Bypassing Windows 10 UAC With Mock Folders and Dll Hijacking

New Attack Leverages HTTP/2 for Effective Remote Timing Side-Channel Leaks

4 Unpatched Bugs Plague Grandstream ATAs for VoIP Users

QNAP Urges Users to Update Malware Remover After QSnatch Alert

Many Second Hand Phones Are Sold with Security Vulnerabilities

Infosec Researchers Turn 3D Printers Into Self-Immolating Suicide Machines

7/30/2020

Column 1

Chinese-Backed Hackers Targeted COVID-19 Vaccine Firm Moderna

EU Sanctions Russian Intelligence, North Korean, Chinese Firms Over Alleged Cyberattacks

North Korean Hackers Sniffing for US Defense Secrets

Senators Urge Justice Department to Open Investigation Into TikTok, Zoom

Kaspersky Uncovers New APT Mercenary Group ‘Deceptikons’
India Found Cybersecurity Lapses at National Payments Corp in 2019 – Government Document

Mississippi Radio Host Charged with Cyber-Stalking

Volunteer Hacker Army Boosts U.S. Election Cybersecurity
Krebs: Is Your Chip Card Secure? Much Depends on Where You Bank

Morgan Stanley Leads Bank Group on Cloud Data Standards

Cybersecurity Skills Crisis Worsens for Fourth Year in a Row, Impacting 70% of Organizations

Think You’re Too Boring to Hack? That’s a Problem, Says Kaspersky

Column 2

Labour Party in Humiliating Data Breach as Huge Batch of Confidential Information Stolen

University of Lethbridge Health Data Breach Affects More Than 1,200 Patients

BC Cancer Foundation Warns Donors About Data Breach

Iowa State Foundation Confirms Ransomware Attack Through Third-Party Source

Sheffield Hallam University Confirms Data Breach Following Cyber Attack

More Than 250 Email Addresses Exposed in Shropshire Council Data Breach

Startups Disclose Data Breaches After Massive 386M Records Leak

Office 365 Phishing Abuses Google Ads to Bypass Email Filters

KDE Archive Tool Flaw Let Hackers Take Over Linux Accounts

TrickBot’s New Linux Malware Covertly Infects Windows Devices

Netgear Won’t Patch Vulnerable Devices Despite Live Proof-Of-Concept Code

7/29/2020

Column 1

Congress Grills Tech Ceos in Wide-Ranging Hearing on Monopoly, Political Bias, China and More

Chinese Ambassador to UK Threatens to Withdraw Huawei, £3B Investment If Comms Giant Banned From Building 5G

TikTok CEO Says Platform Code Will Be Made Public in Pushback Against ‘Rumors and Misinformation’

Nation State Attackers Shift to Credential Theft

FBI Warns of Netwalker Ransomware Targeting U.S. Government and Orgs

Global Firms Delayed Key Security Projects as Pandemic Struck

Facial-Recognition Flop: Face Masks Thwart Virus, Stump Security Systems

Rite Aid Drops Facial Recognition Tech

Technical Challenges of IoT Cybersecurity in a Post-COVID-19 World
Critical Bugs in Utilities VPNs Could Cause Physical Damage

Cybercrime Ramps up Amid Coronavirus Chaos, Costing Companies Billions

Krebs: Here’s Why Credit Card Fraud is Still a Thing

The IRS Asks Tax Professionals to Enable Multi-Factor Authentication

New Tool Detects Shadow Admin Accounts in AWS and Azure Environments

Column 2

Vermont Tax Department Exposed 3 Years Worth of Tax Return Info

Second Data Breach in Kentucky Unemployment System

Amoeba Music Website Hacked; Customer Emails, Billing And Addresses Exposed

Data Breach at Crypto Wallet Firm Ledger Exposes User’s Personal Info

10,000 Patients Affected by Data Breach at University of Utah Health

Athlete Recruiting Software Company Rush Discloses Data Breach 7 Months After Student-Athlete Data Is Exposed

Cyber Attack Hit Auburn University Foundation Vendor

Auckland University Alumni and Donor Information Stolen by Hackers

Ransomware Stole Donor Data of San Diego Charities, Francis Parker School

OkCupid Security Flaw Threatens Intimate Dater Details

Microsoft Now Detects CCleaner as a Potentially Unwanted Application

Microsoft to Remove All Windows Downloads Signed With SHA-1

Critical GRUB2 & Secure Boot Bootloader ‘BootHole’ Bug Affects Billions of Linux and Windows Systems

Zoom Bug Allowed Attackers to Crack Private Meeting Passwords

Cisco Fixes Severe Flaws in Data Center Management Solution

7/28/2020

Column 1

U.S. Officials: Russia Behind Spread of Virus Disinformation

Republicans Raise Concerns TikTok Could Be Used by Chinese Gov’t to Interfere in Elections

The Vatican Is Said to Be Hacked From China Before Talks With Beijing

GOP Stimulus Bill Includes $53 Million for DHS Cyber Agency to Protect Vaccine Research

Pandemic Forcing Pentagon to Learn Tough Cybersecurity Lessons

Operators of VHD Ransomware Unveiled: North Korea’s Lazarus Group

As Businesses Move to the Cloud, Cybercriminals Follow Close Behind

Accountability Concerns Main Reason Security Pros Want to Quit

Autonomous IT: Less Reacting, More Securing

Making Infosec Jobs Easier: Keeping Systems Patched

Study Links Cybersecurity Directly to Employee Stress and Exhaustion

How Finance Institutions Can Defend Themselves

Twitter Hack of High-Profile Accounts Raises a Lot of Questions, But Most Have Yet to Be Answered

The Garmin Ransomware Hack Is Horrifying

Risks Repeat Attack If It Paid $10 Million Ransom

The Ole’ cc / bcc Mix Up: Oneplus Exposes Information From Its Users

Hacker Leaks 386 Million User Records From 18 Companies for Free

Column 2

Michigan Online Bar Exam Temporarily Taken Down by ‘Sophisticated’ Cyberattack

Data of About 6,000 Beaumont Health (MI) Patients at Risk After Email Breach

University of Sussex Reveals It Was Victim of Large-Scale Cyber Attack

Cosmetics Giant Avon Leaks 19 Million Records

SEI Investments: Vendor Hit by Ransomware, Data Leaked

Business Giant Dussmann Group’s Data Leaked After Ransomware Attack

Alcohol Delivery Service Drizly Confirms Data Breach

Ransomware Attack Hits RIC Foundation, Providence Children’s Museum (RI)

Netflix Credential Phishing Hides Behind Working CAPTCHA

Undetectable Linux Malware Targeting Docker Servers With Exposed APIs

Emotet Malware Now Steals Your Email Attachments to Attack Contacts

Feature-Rich Ensiko Malware Can Encrypt, Targets Windows, macOS, Linux

Researchers Warn of High-Severity Dell PowerEdge Server Flaw

Critical WordPress Plugin Bug Lets Hackers Take Over Hosting Account

Magento Gets Security Updates for Severe Code Execution Bugs

7/27/2020

Column 1

Years Before Big Hack, Twitter Contractors Reportedly Spied on Celebs, Including Beyoncé

Google Employees Can Work From Home Until July 2021

Krebs: Business ID Theft Soars Amid COVID Closures

Police Requests for Google Users’ Location Histories Face New Scrutiny

How to Survive a Ransomware Attack Without Paying the Ransom

Common Internet of Things Security Pitfalls

Cybersecurity Is Not Best Left To The Experts: A Business Leader’s Guide

Six Former NFL Players Charged with $4m Fraud Scheme

Column 2

Promo.com Discloses Data Breach After 22M User Records Leaked Online

CVS Pharmacy Data Breach Affects 21,289 Patients

National Cardiovascular Partners Email Hack Impacts 78K Patients

Pepperstone Warns Clients of Data Breach as Fraudsters Impersonate Broker

Garmin Confirms Ransomware Attack, Services Coming Back Online

Source Code From Dozens of Companies Leaked Online

Data/Password-Stealing, Backdoor-Opening QNAP NAS Malware Qsnatch Reaches 62,000 Infections

Microsoft Revamps Windows Insider Preview Bug Bounty Program

7/24-26/2020

Column 1

EU Countries Must Urgently Diversify 5G Suppliers, Commission Says

How a Chinese Agent Used LinkedIn to Hunt for Targets

Chinese-Made DJI Drone App in Google Play Spooks Security Researchers

Senior Intelligence Official Warns Russia, Iran, China Targeting U.S. Elections

Democrats Say Intel Assessment on Foreign Election Inference Doesn’t Go ‘Far Enough’

McConnell, Rubio Defend Senior Intel Official Over Remarks on Election Interference

Election Officials Are Vulnerable to Email Attacks, Report Shows

Brussels Report: Privacy Regulators Worry About Volume of New Work From EU Data Ruling

U.S. Plans Quantum Internet

Krebs: Thinking of a Cybersecurity Career? Read This

Column 2

Tech Unicorn Dave Admits to Security Breach Impacting 7.5 Million Users

New ‘Meow’ Attack Has Deleted Almost 4,000 Unsecured Databases

Third Round of Nintendo Leaks Involve Super Mario 64 and Pokemon Beta Data

Garmin WastedLocker Ransomware Demand: $10 Million

U.S. Gov’t Confirms Active Exploitation of F5 BIG-IP RCE Flaw

Emotet Malware Operation Hacked to Show Memes to Victims

Linux-Based Malware Analysis Toolkit REMnux 7 Released

That Used or Refurbished Android Phone Might Be Unsafe

Cisco Patches ASA/FTD Firewall Flaw Actively Exploited by Hackers

5 Severe D-Link Router Vulnerabilities Disclosed, Patch Now

7/23/2020

Column1

Pompeo: U.S. Engagement With China Has Failed

More Than 1,000 People at Twitter Had Ability to Aid Hack of Accounts

Dutch Lawmaker Wilders Says Twitter Hack Could Expose Dissidents

Twitter Considering Subscriptions Amid an Advertising Slump

Sharp Spike in Ransomware in U.S. as Pandemic Inspires Attackers

Senate-Passed Defense Spending Bill Includes Clause Giving DHS Cyber Agency Subpoena Power

Federal Agencies Warn Foreign Hackers Are Targeting Critical Infrastructure

UK Gov’t Warns of Ransomware, BEC Attacks Against Sports Sector

Cisco, Zoom and Others Must Bolster Security, Say Privacy Chiefs

CISOs: Cyber Insurance Fails to Cover Modern Threats and Remote Workforces

Intelligence Community Rolls Out Guidelines for Ethical Use of AI

US Banks Can Now Offer Crypto Custody Services

Column 2

Garmin Suffers Reported Ransomware Attack

Polk County (FL) Tax Office Blames Data Breach on Virus

Patient Data Exposed After Walmart Pharmacy Break-Ins

CouchSurfing Investigates Data Breach After 17M User Records Appear on Hacking Forum

Blackbaud Hack: Universities Lose Data to Ransomware Attack

Instacart Denies Widespread Data Breach Affecting Hundreds of Thousands of Customers

Hackers Steal Transfer Fees, Cripple Football (Soccer) Stadiums

Windows REvil Ransomware Used to Attack Spanish Gov’t Firm Adif

Fraudulent Photo App Operation Detected on Google Store

ASUS Home Router Bugs Open Consumers to Snooping Attacks

Cisco Network Security Flaw Leaks Sensitive Data

Password Reuse to Blame for Fifth of Account Takeovers

7/22/2020

Column 1

China Asks U.S. to Stop Accusing Beijing Over Cyber Crimes

UK Concerned by Latest Evidence of Chinese Hacking: Raab

Bipartisan Support Grows for Inclusion of Election Funding in Senate Stimulus Package

Krebs: Twitter Hacking for Profit and the LoLs

Twitter: Hackers Accessed Direct Messages of 36 Victims, Including One Elected Official

Apple Offers Modified Phones to Security Researchers Looking for iOS Weaknesses

Google’s Project Zero Team Won’t Be Applying for Apple’s SRD Program

U.S. Offers $2 Million for Info on Ukrainians Charged for SEC Hack

New York Regulator Charges First American Unit Over 2019 Data Breach

Slack Credentials Abundant on Cybercrime Markets, but Little Interest From Hackers

With Cyberattacks Surging Due to COVID-19, ‘Digital Distancing’ Could Limit Exposure

Cybersecurity Lessons from the Pandemic

Remote Cybersecurity: The Risks When Working From Home

Column 2

Disabled Delawareans’ Personal Data Ends Up in Student Project

University of York Investigating Data Theft Incident

Erie Community College Target of Ransomware Cyber Attack

Twilio Exposes SDK, Attackers Inject It With Malvertising Code

Hundreds Of Thousands Of Instacart Customers’ Personal Data Is Being Sold Online

OilRig APT Drills into Malware Innovation with Unique Backdoor

MATA Malware Framework Latest Move for North Korean Hackers

Lazarus Group Surfaces with Advanced Malware Framework

Cryptojacking Botnet ‘Prometei’ Steals Data From Its Victims

New ‘Meow’ Attack Has Wiped Dozens of Unsecured Databases

Going Down the Spyware Rabbit Hole with SilkBean Mobile Malware

D-Link Blunder: Firmware Encryption Key Exposed in Unencrypted Image

Critical SharePoint Flaw Dissected, RCE Details Now Available

7/21/2020

Column 1

U.S. Accuses Two Hackers of Stealing Secrets From American Firms for China

McCarthy Introduces Legislation to Sanction Foreign Hackers Targeting COVID-19 Research

Russia Report: UK Failed to Investigate Interference in Elections

Russia Is a ‘Capable Cyber Actor’ and Its Influence Is the ‘New Normal’

Chinese Hackers Escalate Attacks Against India and Hong Kong Amid Tensions

Chris Vickery: AI Will Drive Tomorrow’s Data Breaches

Why The Future of Cybersecurity Needs Both Humans and AI Working Together

The Data Privacy Loophole Federal Agencies Are Still Missing

Is Security Awareness Becoming the Latest Cybersecurity Snake Oil?

Column 2

Statement Regarding Reported Health Data Breach in Western Australia

Australian TV Ratings Are Hit by a Cyber Attack One Day Before the Big Brother Finale
DeepSource Resets Logins After Employee Falls for Sawfish Phishing

Phishing Campaign Uses Google Cloud Services to Steal Office 365 Logins

Freddie Mac Caught in Fallout From Ransomware at Business Partner

Vodafone Partners with Accenture to Offer Cybersecurity Services

Critical Adobe Photoshop Flaws Patched in Emergency Update

Microsoft Double Key Encryption Enters Public Preview

7/20/2020

Column 1

House Republicans Urge Trump to Take Action Against Chinese Hackers Targeting Coronavirus Research

Top Democrats Send Letter on Possible Foreign Meddling in November Election

Russian Cyberattacks an ‘Urgent Threat’ to National Security

UK ISC Attributes Cyber-Attacks and Election Interference to Russia

Russia and China’s Vaccine Hacks Don’t Violate Rules of the Road for Cyberspace

Australian Government Urged to Name and Shame Countries Launching Cyber Attacks

Coinbase Blocked Twitter Hackers From Stealing an Extra $280k

Cybersecurity Spending to Grow This Year but May Be Hit by Budget Constraints
21-Year-Old Cypriot Hacker Extradited to U.S. Over Fraud and Extortion Charges

Office 365 Adds New Security Configuration Analysis Feature

Column 2

Genealogy Software Maker Software MacKiev Exposes Data on 60,000 Users

Lorien Health Services Discloses Ransomware Attack Affecting Nearly 50,000

Toronto-Based Writing Platform Wattpad Investigating Breach Following a Report That 271m User Records for Sale

One Million Online Student Records Exposed by E-Learning Sites

Bridgeport, Waterbury (CT) Grocery Stores Targeted by Payment Card Thieves

Mac Cryptocurrency Traders Targeted by Trojanized Apps

Telecom Argentina Has Tuesday Deadline to Pay $7.5m Ransom

UK Consumers Targeted by Tesco 4K TV Phishing Scam

Analysts Detect New Banking Malware

Windows 10 Store ‘wsreset’ Tool Lets Attackers Bypass Antivirus

7/17-19/2020

Column 1

Russian Attempts to Steal Vaccine Data Unacceptable but Have Not Done Damage: UK Security Minister

Despite Theft Allegations, Russia Hails Deal to Make UK-Developed COVID-19 Vaccine

Russia’s Fancy Bear and Cozy Bear Hacking Groups Are Under the Spotlight

Some VPN Firms Shut Down Hong Kong Servers Over Security Law Concerns

Three Trump Officials Have Now Hinted at a TikTok Ban This Month
Senior DHS Official Says Agency Not Seeing ‘Coordinated’ Foreign Election Interference

Russia Operatives Accused of 2019 UK Election Interference

Court Rules German Police Receive Too Much Data

Judge Green-Lights Facebook, WhatsApp Hacking Lawsuit Against Spyware Biz NSO

Column 2

Krebs: Who’s Behind Wednesday’s Epic Twitter Hack?

Twitter Says 130 People Were Targeted in Hack

Twitter Says Attackers Downloaded Data From up to Eight Non-Verified Accounts

Twitter Says Hackers Tricked Several Employees Into Giving Them Credentials

Stolen Bitcoin From Twitter Hack Is Already Being Laundered

Cloud Biz Blackbaud Paid Ransomware Demands, Took 2 Months to Tell Customers

New Phishing Campaign Abuses a Trio of Enterprise Cloud Services: Microsoft Azure & Dynamics, and IBM Cloud

There’s a Reason Your Inbox Has More Malicious Spam—Emotet Is Back

Magento Adds 2FA to Protect Against Card Skimming Attacks

Critical SIGred Windows DNS Bug Gets Micropatch After PoCs Released

7/16/2020

Column 1

Russian Hackers APT 29 (aka Cozy Bear) Blamed for Attacks on Coronavirus Vaccine-Related Targets

Kremlin Rejects Western Allegations Russia Tried to Steal COVID-19 Vaccine Data

Twitter Was Ill-Equipped to Handle an Unprecedented Hack

Senate Republican Asks Twitter for Urgent Briefing on Hacking Incident

Senate Democrat Asks for Probes

Trump Will Remain on Twitter, His Account Secure: White House

Focus Falls on Bitcoin Trail in Race to Identify Twitter Hackers

……….Hidden Messages Found in Transactions to Twitter Hack Bitcoin Address

……….Twitter Hackers Caught Using BitPay and Coinbase on Hack-Related Wallet

Before Hack Tore Through Twitter, Online Forum Offered Accounts for Sale

Twitter Delays Launch of New API Software Following Hack

EU’s Top Court Restricts Personal-Data Transfers to U.S., Citing Surveillance Concerns

Tech Giants Sued Over Biometric Privacy

FBI Issues Cybersecurity Warning to Air Travelers on Airport WiFis

Column 2

U.S. Actor Casting Company MyCastingFile.com Leaked Private Data of Over 260,000 Individuals

Private Data Exposed in Insecure Lambton Property Management (Lpm) Site Over Misunderstanding of Cloud

French Telecom Orange Confirms Ransomware Attack Exposing Business Customers’ Data

Cyber Attacks Again Hit Israel’s Water System, Shutting Agricultural Pumps

Iranian Cyberspies Leave Training Videos Exposed Online

Clarke County (MS) Dispatch Servers Hacked, Money Demanded
Diebold Nixdorf Warns of a New Class of ATM ‘Black Box’ Attacks Across Europe
Amazon-Themed Phishing Campaigns Swim Past Security Checks

LokiBot Redux Attacks Massive List of Common Android Apps

New Android Malware ‘BlackRock’ Now Steals Passwords For Non-Banking Apps Too

Zoom Addresses Vanity URL Zero-Day

Threat Actors Introduce Unique ‘Newbie’ Hacker Forum at CryptBB

T-Mobile Announces Free Scam Shield Robocall and Scam Protection

DHS Gives Federal Agencies 24 Hours to Patch Critical Microsoft Windows Vulnerability

7/15/2020

Column 1

Widespread Twitter Hack Reaches Bill Gates, Kanye West, Elon Musk, Joe Biden and Barack Obama

Twitter Silences Some Verified Accounts After Wave of Hacks

Chinese Media Calls for UK to Face ‘Public and Painful’ Retaliation Over Huawei Ban as Trump Claims Credit

UK Denies Trump Influenced Decision to Ban China’s Huawei From 5G Networks

Pompeo Imposes Visa Restrictions on Huawei, Other Chinese Tech Companies, Citing Human Rights Abuses

Pompeo ‘Confident’ Other Countries Will Meddle in 2020 Elections

Deepfake Used to Attack Activist Couple Shows New Disinformation Frontier

Jewish Service Zoom-bombed with Swastikas

Law School Graduates Worried About Security, Privacy of Online Bar Exam

How Nanotechnology Will Disrupt Cybersecurity

Column 2

Data Breach at Houston-Based Billing and Collection Company Benefit Recovery Specialists, Inc.

Ransomware Attack Halts X-FAB Production in Lubbock, Worldwide

Dover’s Mid-Delaware Imaging Hit By Ransomware Attack, Warns Of Possible Data Breach

New Zealand Police & Research Firm Caught up in Data Breach

Citrix: No Breach, Hacker Stole Business Info From Third Party

Cisco Fixes Critical Pre-Auth Flaws Allowing Router Takeover

Firefox on Android: Camera Remains Active When Phone Is Locked or the User Switches Apps
Brazil’s Banking Trojans Guildma, Javali, Melcoz and Grandoreiro (Collectively Known as Tetrade) Go Global

PoC Exploits Released for SAP Recon Vulnerabilities, Patch Now!

7/14/2020

Column 1

UK Mobile Carriers Must Remove Huawei 5G Kit by 2027

Malware Stashed in China-Mandated Software Is More Extensive Than Thought…GoldenHelper

House Democrat Presses Google, Apple to Increase Transparency Around Foreign-Owned Apps

Trump Signs Hong Kong Sanctions Bill

Senior Catalonian Politician’s Phone Allegedly Targeted By Government Spyware

US Army Seeks Cryptocurrency Tracing Tools

Researchers Unmask Video Conferencing Users from Images

DMARC Adoption Spikes, Higher Ed Remains Behind

Critical Security Concerns for the Education Industry

Just 21% of Security Pros Haven’t Considered Quitting Their Current Job

Herjavec Group Acquires Securience

Column 2

Leaked Details of 142M MGM Hotel Guests Found for Sale on Dark Web

Wattpad Data Breach Exposes Account Info for Millions of Users

Millions of Logins from UK Ticket Site for Sale on Dark Web

IT Services Major Collabera Suffers Maze Ransomware Attack

‘Secure’ Chat App Welcome Chat Spies on Users

New AgeLocker Ransomware Uses Googler’s Utility to Encrypt Files

Krebs: ‘Wormable’ Windows Flaw Leads July Microsoft Patches

Adobe Issues July 2020 Critical Security Patches for Multiple Software

Critical SAP Bug Allows Full Enterprise System Takeover

Rogue Javascript Integrations Permit Attacking Opportunities

7/13/2020

Column 1

House Republican Introduces Legislation to Strengthen Federal Cybersecurity

Israeli Court Dismisses Amnesty International’s Petition Against Spyware Firm NSO

Wells Fargo Tells Employees to Delete TikTok From Their Company Devices

A ‘New Age’ of Sophisticated Business Email Compromise is Coming

How Insider Threats Are Changing

Remote Working: This Free Tool Tests How Good Your Security Really Is

Is It Ok to Use Your Browser’s Built-In Password Management Tools?

A Paramedic’s Lessons for Cybersecurity Pros

Column 2

Krebs: Breached Data Indexer ‘Data Viper’ Hacked

Hacker ‘NightLion’ Leaks Database After Researcher Threatens to Reveal Identities

LiveAuctioneers Reports Data Breach After User Records Sold Online

Belgium Bank Argenta Suffers Jackpotting Attack

Health Insurer Religare (India) Hit by Data Breach

Barrow County (GA) Government Hit With Cyber Attack

Baton Rouge Clinic Investigating Cyber Attack

Microsoft Extends Security for Azure Storage File Shares, Data Lakes

7/10-12/2020

Column 1

UK ‘on Alert for China Cyber Attack’ in Retaliation for Hong Kong

The Threat of Chines Cyber-Attack Is Looming Over India

Trump Confirms 2018 U.S. Cyberattack on Russian Troll Farm

Biden Campaign Hires Top Cybersecurity Officials to Defend Against Threats

U.S. Secret Service Creates New Cyber Fraud Task Force

Amazon Backtracks From Demand That Employees Delete TikTok

Over 1,300 Phishing Kits for Sale on Hacker Forum

Californian Jailed Over Identity Theft Scheme Targeting Military

Russian Hacker Found Guilty for Dropbox, Linkedin, and Formspring Breaches

Mozilla Reduces TLS Certificate Lifespan to 1 Year in September

Column 2

India’s Delivery App Dunzo Says Partner Database Breached, User Data Exposed

eToro Accounts Peddled by the Thousands on Cybercrime Forums

Over $3 Million in Bitcoin (BTC) Stolen from Crypto Exchange Cashaa Following Recent Hack

Premier League Soccer Club Targeted in £100 Million BEC Scam

Any Chingari App (Indian TikTok Clone) Account Can Be Hacked Easily

Popular TP-Link Family of Kasa Security Cams Vulnerable to Attack

How to Protect Your Verizon Number From Sim Swapping Attacks

Malware Developers Add Any.Run Sandbox Detection to Evade Analysis

Zoom Fixes Zero-Day Rce Bug Affecting Windows 7, More Updates Soon

TrickBot Malware Mistakenly Warns Victims That They Are Infected

7/9/2020

Column 1

British Mobile Carriers Warn Removing Huawei Will Cause ‘Blackouts’ and Cost Billions

Germany Seizes Server Hosting ‘BlueLeaks’ Data Dump on US Police Practices

UK, Australia Investigate Clearview Facial Recognition Firm Clearview AI

U.N. Rules Require Cybersecurity Guarantees for Connected Cars

Pressure Mounts on Facebook to Rein in Hate Speech

Google Will Ban Ads for Stalkerware Starting August 11

Op-Ed: Strong Cybersecurity Strategy Is No Longer a Luxury for Small Businesses

Op-Ed: Cybersecurity Safeguards Should Extend to Supply-Chain Partners

Is there really a cybersecurity skills shortage?

Kids Are Curious About Cybersecurity — Let’s Teach Them

95% of Brits Unable to Consistently Identify Phishing Messages

Teen Murdered After Confronting Cyber-Bullies

Column 2

Cyber Attackers Hit Bond Giant TCW, MetWest Funds

Kingston’s Royal Military College Is 1 of 4 Military Schools in Canada Targeted

Cyber Attack Targets Surry County (NC) Schools

Fraudsters Conducting Malvertising Campaign Via Inactive Domains

Fake TikTok App Targets Indian Users

HSBC SMS Phishing Scam Targets UK Victims

SurveyMonkey Phishers Go Hunting for Office 365 Credentials

Microsoft Warns on OAuth Attacks Against Cloud App Users

Conti Ransomware Shows Signs of Being Ryuk’s Successor

Evilnum Hackers Use the Same Malware Supplier as FIN6, Cobalt

Joker Malware Apps Once Again Bypass Google’s Security to Spread via Play Store

‘Undeletable’ Malware Shows Up in Yet Another Android Device

Zoom Zero-Day Allows RCE, Patch on the Way

7/8/2020

Column 1

Hong Kong Downloads of Signal Surge as Residents Fear Crackdown

Attack On Iran’s Natanz Nuclear Facility Not A Cyber Attack, But A Bomb Blast – Reports

State and Local Officials Beg Congress to Send More Election Funds Ahead of November

House Democrats Press Twitter, Facebook, Google for Reports on Coronavirus Disinformation

Smartwatch Hack Could Send Fake Pill Reminders to Patients

Microsoft Sues Coronavirus Phishing Spammers to Seize Their Domains Amid Web App Attacks Against Office

Notorious Hacker ‘Fxmsp’ Outed After Widespread Access-Dealing

15 Billion Credentials Currently Up for Grabs on Hacker Forums

Risky blogspot.in Domain for Sale After Google Fails to Renew It

Law Enforcement Agencies Are Using a Legal Loophole to Buy up Personal Data Exposed by Hackers

How to Prevent Burnout in a Cybersecurity Career

Column 2

Casino App Clubillion Leaks PII on “Millions” of Users

Chilton County (AL) Is Latest Victim of Ransomware Attack

Potandon Produce (Idaho Falls, ID) Notifies Customers of Data Security Incident

Gang Uses Ako Ransomware to Hit Hamilton Brown Creative Design Firm

Vancouver Coastal Health Warns Employees of Cyber Attack, No Evidence Data Removed, Misused

Keeper Threat Group Rakes in $7M from Hundreds of Compromised E-Commerce Sites

Russian Fraudsters Test Stolen Credit Cards Using Ecommerce Sites

Cerberus Banking Trojan Unleashed on Google Play

Credit-Card Skimmer Has Unlikely Target: Microsoft ASP.NET Sites

Advertising Plugin for WordPress Threatens Full Site Takeovers

Palo Alto Networks Fixes Another Severe Flaw in PAN-OS Devices

7/7/2020

Column 1

In Hong Kong National Security Law, Echoes of China’s Own Cyber Crackdown

Social Media Giants Move to Defy Hong Kong’s New National Security Law

U.S. Is ‘Looking at’ Banning TikTok and Chinese Social Media Apps, Pompeo Says

FBI Director Wray Warns of Chinese Hacking, Espionage Threats Against American Companies

House Democrats Include $500M for Election Security in Annual Appropriations Bill

NHS Lanarkshire Apologise Over Hundreds of COVID-19 Data Breaches

U.S. Treasury Shares Tips on Spotting Money Mule and Imposter Scams

U.S. Secret Service Issues Ransomware Warning

Applying the 80-20 Rule to Cybersecurity

Column 2

First Reported Russian BEC Scam Gang ‘Cosmic Lynx’ Targets Fortune 500 Firms

Middle East Bus-Sharing App Swvl Hit With Security Breach; Names, Numbers of Users Compromised

Check This List to See Which 570 Online Stores Were Infected With Card-Skimming Magecart

Microsoft Takes Down Domains Used in COVID-19-Related Cybercrime
Mozilla Suspends Firefox Send Service While It Addresses Malware Abuse
Mitigating Critical F5 BIG-IP RCE Flaw Not Enough, Bypass Found

ThiefQuest Info-Stealing Mac Wiper Gets Free Decryptor

Microsoft Launches Free Linux Forensics and Rootkit Malware Detection Service

Citrix Fixes 11 Flaws in ADC, Gateway, and SD-WAN WANOP Appliances

7/6/2020

Column 1

UK to Phase Out Huawei Gear From 5G Networks in a Major Policy U-Turn After U.S. Sanctions: Reports

China envoy warns of ‘consequences’ if Britain rejects Huawei

France to Encourage Telecom Groups to Avoid Huawei Products, but Not Ban Company: Report

Nokia, Hurt by Costly 5G Chip Mistake, Struggles to Catch Huawei

North Korean APT Lazarus Group Adds Magecart to the Mix

Volume and Size of Fines for Data Breaches Expected to Rise

VaultAge Solutions CEO Goes Into Hiding to Avoid Cryptocurrency Investors Allegedly Scammed Out of $13 Million

Home Routers Are All Broken, Finds Security Study

Watch Out for This Nasty New Trend in Robocall Scams

4 Evolving Technology Areas Of Smart Cybersecurity

Microsoft Defender ATP Web Content Filtering Is Now Free

How to Assess More Sophisticated IoT Threats

Column 2

EDP Renewables North America (EDPR NA) Confirms Ragnar Locker Ransomware Attack

Independence Blue Cross Alerts Members of Data Breach

5 Dating Apps Leak More than 1 Million User Profiles and Sensitive Information

Brazil’s Hapvida Discloses Cyber Breach, Potential Client Data Leak

Ransomware Attack on Insurance MSP Xchanging Affects Clients

X-FAB Affected by Cyber Attack

Cooke County (TX) Sheriff’s Office Suffers Ransomware Attack

Multiple DXC Technology Customers Down After Insurance Arm Hit By Ransomware

Flaw Fixed in Hotels.com Generator as Tesco Clubcard Users Impacted

Tokopedia Files Police Report over Alleged Data Breach

Android Users Hit with ‘Undeletable’ Adware

Purple Fox EK Adds Microsoft Exploits to Arsenal

7/3-5/2020

Column 1

Iran Hints a Cyber Attack Caused Fire at Nuclear Facility

Foreign Cyber Criminals Take Aim at Americans Working From Home

NSA Issues VPN Security Guidance

Companies Start Reporting Ransomware Attacks as Data Breaches

Prince Edward Island Ransomware Attack Costs Taxpayers More Than $900k

Virtual Reality Is Booming in the Workplace Amid the Pandemic

Ring Doorbell’s Police Partnerships Questioned Over Racial Bias

Infosec Community Disagrees With Changing ‘Black Hat’ Term Due to Racial Stereotyping

Krebs: E-Verify’s “SSN Lock” is Nothing of the Sort

Windows 10’s Microsoft Store Codecs Patches Are Confusing Users

Column 2

Moose Remain Unaware of Lottery Privacy Breach

Washington County Sheriff’s Office (OR) Hack

500,000 BMW, Mercedes and Hyundai Owners Hit by Massive Data Breach

University of Michigan: Leaked Emails, Passwords Were From ‘3rd-Party Data Breaches’

Barclays Bank Appeared to Be Using the Wayback Machine as a ‘CDN’ for Some Javascript

Critical RCE Flaw (CVSS 10) Affects F5 BIG-IP Application Security Servers

Try2Cry Ransomware Tries to Worm Its Way to Other Windows Systems

Avaddon Ransomware Still Using Excel 4.0 Macros

New Behave! Extension Warns of Website Port Scans, Local Attacks

.NET Core Vulnerability Lets Attackers Evade Malware Detection

7/2/2020

Column 1

Facebook to Launch Fourth of July Voter Registration Drive

Facebook Privacy Glitch Gave 5K Developers Access to ‘Expired’ Data

Vulnerable Voting Infrastructure and the Future of Election Security

Researchers Link APT15 Hackers to Chinese Military Company
Krebs: Ransomware Gangs Don’t Need PR Help

Surge of MongoDB Ransom Attacks Use GDPR as Extortion Leverage

133m Records for Sale as Fruits of Data Breach Spree Keep Raining Down

U.S. Schools and Colleges Have Leaked 24.5 Million Records Since 2005

4 Barriers to Teaching Employees Good Cybersecurity Habits

Hundreds Arrested After Cops Dismantle Encrypted Phone Network

Leaders Need to Prioritize Cybersecurity

Column 2

V Shred Data Leak Exposes PII, Sensitive Photos of Fitness Customers and Trainers

Data Breach at CNY Works Career Center May Have Exposed Personal Information of 56,000 Clients

Fort Worth Bike Share Hacked, Users’ Credit Card Info and Names Possibly Compromised

NetWalker Ransomware Group Claims Attack on Fort Worth Transportation Agency

Ransomware Attackers Pressure Knoxville by Posting City Data Online

Ohio Department of Health Website Not Hacked, Technical Difficulties Shut It Down
New Mac Ransomware OSX.ThiefQuest Hidden in Pirated Software

Apache Guacamole Opens Door for Total Control of Remote Footprint

Chingari App Maker Globussoft’s Website Contains Malware, Says Researcher

Cisco SMB Kit Harbors Cross-Site Scripting Bug

Malwarebytes AdwCleaner Now Removes Malware From the Command Line

Microsoft Defender ATP Now Helps Secure Network Devices

7/1/2020

Column 1

Details of Beijing’s New Hong Kong Security Law: Signals End to More Than 2 Decades of Autonomy

China: Us ‘Oppressing Chinese Companies’ in New Huawei Move

Research Finds Uighurs Targeted by Chinese Spyware as Part of Surveillance Campaign

California’s CCPA Gets Teeth Today

Companies Rush to Implement Identity Systems for Remote Working

Remote Workers Becoming More Security Conscious Although Bad Habits Persist

Federal Reserve Shares Tips on Mitigating Synthetic Identity Fraud

U.S. Gov’t Shares Tips on Defending Against Cyberattacks via Tor

Schools Already Struggled With Cybersecurity. Then Came Covid-19

The World’s Biggest Stolen Data Archive Is About to Reach 10 Billion Personal Records

Column 2

Dozens of U.S. News Sites Hacked in WastedLocker Ransomware Attacks

Mac Users Beware New EvilQuest Ransomware Targets Apple Computers

Malware Uses Postal App Lure to Send SMS Messages and Steal Data

TrickBot Malware Now Checks Screen Resolution to Evade Analysis

Windows POS Malware Uses DNS to Smuggle Stolen Credit Cards

Cisco Warns of High-Severity Bug in Small Business Switch Lineup

Woolies Hit With AU$1 Million Spamming Fine

Did a Chinese Hack Kill Canada’s Greatest Tech Company?

One out of every 142 passwords is ‘123456’

6/30/2020

Column 1

Hong Kong Security Law: China Passes Controversial Legislation

U.S. Suspends Sensitive Tech Exports to Hong Kong

After Pompeo Says ‘Tide Is Turning Against Huawei,’ India Reportedly Weighs 5G Ban on Chinese Firm

FCC Formally Designates Huawei and ZTE as National Security Threats

Australia to Spend Nearly $1 Billion to Boost Cyber Security

CISA: Nation-State Attackers Likely to Exploit Palo Alto Networks Bug

How Public Safety Systems Can Be Abused by Nation State Actors

Krebs: COVID-19 ‘Breach Bubble’ Waiting to Pop?

Businesses Lack a Workable Ransomware Recovery Strategy

Unauthorized Data Sharing Puts Companies at Risk

The More Cybersecurity Tools an Enterprise Deploys, the Less Effective Their Defense Is
ID Theft: Fake Google Alerts Are Now Delivering Malware

Democrats, Voting Rights Groups Pressure Senate to Approve Mail-In Voting Resources

California Enters Privacy Law Limbo as November Vote Looms

New Cybersecurity Standard for IoT Devices Established By ETSI

The Celebrities at Risk of Having Their Personal Data Stolen by REvil Ransomware Gang Revealed

Column 2

Education Dept. Left Exposed Social Security Numbers of Thousands of Borrowers

Business Giant Xerox Allegedly Suffers Maze Ransomware Attack

DeFi Protocol Balancer Loses $500k in Hack

American Medical Tech Reports 2019 Email Hack Impacting 47K Patients

Data Breach Reported for Merced County’s Medi-Cal Managed Healthcare Plan

Florida Orthopaedic Institute Warns Patients of Potential Data Breach

Senior Living Provider Choice Health Management Services’s Email Breach Affects Residents, Employees, Third Parties (NC & SC)

Waterloo Insurance Firm Heartland Farm Mutual Reveals Data Breach

Seller Floods Hacker Forum With Data Stolen From 14 Companies

StrongPity APT Back with Kurdish-Aimed Watering Hole Attacks

Clever Phishing Scam Targets Websites With Free DNSSEC Offer

Devious Bitcoin Scam Uses Targeted Texts and Celeb Endorsements

EvilQuest Mac Ransomware Has Keylogger, Crypto Wallet-Stealing Abilities

Faulty Drivers Fuel ATM Hacking Problem, Say Researchers

Microsoft Releases OOB Security Updates for Windows 10 RCE Bugs

Netgear Not Quite Halfway There With Patches for 28 Out of 79 Vulnerable Router Models

6/29/2020

Column 1

India Bans TikTok, Dozens of Other Chinese Apps After Border Clash

China’s Influence via Wechat Is ‘Flying Under the Radar’ of Most Western Democracies

Cyber Attack on National Highways Authority of India (NHAI)

Senators Move to Boost State and Local Cybersecurity as Part of Annual Defense Bill

AWS Facial Recognition Platform Misidentified Over 100 Politicians As Criminals

Hackers Turning Roblox Gaming Accounts Into Trump Supporters

Campaigners Call for UK Computer Misuse Act Revision on 30th Anniversary

Over 100k Daily Brute-Force Attacks on RDP in Pandemic Lockdown

Half of Internet Users Fall Victim to Cyber Attacks

Column 2

Twitter Admits Business Data Breach For Some Users and Conveys Apologies

Online Learning Platform OneClass Exposes Data on One Million Students

Cyber Attack Reported at New Mexico State University (NMSU) Foundation

Researchers Find New Calendar-Based Phishing Campaign

A Hacker Gang ‘Cl0ud SecuritY’ Is Wiping Lenovo NAS Devices and Asking for Ransoms

e-Commerce Site Hackers Now Hiding Credit Card Stealer Inside Image Metadata

SEC Warns Investors From Dealing With iBSmartify Nigeria Cryptocurrency

Unpatched Wi-Fi Extender Opens Home Networks to Remote Control

Palo Alto Networks Patches Critical Vulnerability in Firewall OS

6/26-28/2020

Column 1

Chinese Malware Used in Attacks Against Australian Orgs

Hackers With Chinese, North Korean, Pakistani Links Attack Indian Websites

8 U.S. City Websites Targeted in Magecart Attacks

FEC Commissioner Resigns, Leaving Agency Without a Quorum Again

Bill Proposes National Cyber-Security Czar

Hospitals Scramble to Adapt Security Measures Amid Cyberattacks

Ransomware Is Now Your Biggest Online Security Nightmare. It’s About to Get Worse

Russian Hackers May Be Trying to Target You With Ransomware. Here’s How

Explicit, Racist Hack During Online Public Meeting Leads Baton Rouge to Involve FBI

Krebs: Russian Cybercrime Boss Burkov Gets 9 Years

Developer of Mirai, Qbot-Based DDoS Botnets Jailed for 13 Months

Fraudster Gareth David Long Jailed for Stealing Millions from US Seniors

Admin of Carding Portal Behind $568m in Losses Pleads Guilty

Capital One Loses Bid to Block Release of Post-Hack Report

Column 2

Security Breach Impacts Maine State Police Database

Hack Included Documents From Secretive Maine Police Unit

Hackers Breach E27, Want “Donation” to Reveal Vulnerabilities

TikTok To Stop Clipboard Snooping After Apple Privacy Feature Exposes Behavior

GeoVision Access Control Devices Let Hackers Steal Fingerprints
DarkCrewFriends Returns with Botnet Strategy

Evil Corp Blocked From Deploying WastedLocker Ransomware on 30 Major U.S. Firms

UCSF Medical School Officials Pay Hackers $1.14 Million Ransom To Recover Stolen Data

Attackers Target Exposed API Endpoints to Facilitate DDoS Attacks and Mine Cryptocurrencies

Adobe, Mastercard, Visa Warn Online Store Owners of Magento 1.x EOL

New Ransom X Ransomware Used in Texas TxDOT Cyberattack

Microsoft: Patch IIS Bug Now to Protect Exchange Servers

Almost 300 Windows 10 Executables Vulnerable to DLL Hijacking

Why Certain Characters “Glitch” Gmail, YouTube, and Twitter

6/25/2020

Column 1

‘GoldenSpy’ Spyware Hidden in Chinese Tax Software Was Probably Planted by a Nation-State, Say Experts

Russian Criminal Group Finds New Target: Americans Working at Home

FBI Warns K12 Schools of Ransomware Attacks via RDP

WikiLeaks Founder Julian Assange Charged With Conspiring With LulzSec & Anonymous Hackers

eBay Security Employees Allegedly Orchestrated Deliveries of Live Cockroaches, Pornographic Videos and a Mask of a Bloody Pig’s Head

Krebs: New Charges, Sentencing in Satori IoT Botnet Conspiracy

Jack Abramoff Charged With Conspiracy in Cryptocurrency Case

Nationwide Facial Recognition Ban Proposed By Lawmakers

Zoom Hires Former Salesforce SVP as New CISO

Why Cybersecurity Is Really A Business Problem

B.C., Ontario Privacy Commissioners Order LifeLabs to Improve Security After Data Breach

Your Smartphone Could Be Using Your Information to Determine Your COVID-19 Risk

Column 2

350,000 Social Media Influencers and Users at Risk Following Data Breach

European Bank Suffers Biggest PPS DDoS Attack, New Botnet Suspected

LG Electronics Allegedly Hit by Maze Ransomware Attack

IndiaMart Data Breach: 40,000 Company Records Discovered on Cybercrime Forums

A Domestic Violence Prevention App Backed by Dr. Phil Exposed Victims’ Distress Recordings

Docker Images Containing Cryptojacking Malware Distributed via Docker Hub

Golang Worm Widens Scope to Windows, Adds Payload Capacity

List of Ripple20 Vulnerability Advisories, Patches, and Updates

Critical Bugs and Backdoor Found in GeoVision’s Fingerprint and Card Scanners

Microsoft Removed the Defer Feature Update Setting in Windows 10

PlayStation Announces Bug Bounty Program

6/24/2020

Column 1

FBI: Major Spike in Coronavirus-Related Cyber Threats

U.S. Soldier Indicted Over Mass Murder Plot

New Bill Targeting ‘Warrant-Proof’ Encryption Draws Ire

European Authorities Aim to Make National Coronavirus Apps Work Across Borders

Laws on Police Facial Recognition Aren’t Tough Enough, UK Data Watchdog Tells Court

Africa Is Under Cyber Attack — Here’s Why We Need More Awareness and Training

Cybersecurity Market Grows but Faces Pressure Amid Shrinking IT Budgets

There’s No Vaccine For Data Leaks: Why One Cyber Attack Leads To Another

Average Cost of a Data Breach: $116M

Over Two-Thirds of Q1 Malware Hidden by HTTPS

Yahoo Users Have Until July 20 to File Data Breach Claims

Column 2

Telegram: Breach Exposed Millions Of Users’ Data

Exposed Frost & Sullivan Databases for Sale on Hacking Forum

Two-Year Data Breach at Florida Senior Care Provider Cano Health

AMT Healthcare Data Breach Impacts Nearly 50,000 Patients

CryptoCore Hackers Made Over $200m Breaching Crypto Exchanges

Microsoft: Attackers Increasingly Exploit Exchange Servers
Emerging Ransomware CryCryptor Targets Photos, Videos on Android Devices

Self-Propagating Lucifer Malware Targets Windows Systems

Critical Vulnerability Found In Russian Payment Service QIWI

NVIDIA Patches High Severity Flaws in Windows, Linux Drivers

VMware Fixes Critical Vulnerability in Workstation and Fusion

6/23/2020

Column 1

FBI Probing Racist Emails Sent to Thousands Affiliated With Major Universities: Reports

Two-Fifths of Firms May Replace Email After #COVID19

How COVID-19 Has Changed Cybersecurity

Work From Home Opens New Remote Insider Threats

Number of Breached Records Continues to Soar

Facebook Accused of Trying to Bypass GDPR, Slurp Domain Owners’ Personal Whois Info via an Obscure Process

Google Is on a Mission to Stop You From Reusing Passwords

Cyber-Extortionist Threatens Australian Swimming Pro

Cop Comedy Riskiest Show to Watch Online

Microsoft Is Adding Linux, Android, and Firmware Protections to Windows

VirusTotal Adds Cynet’s Artificial Intelligence-Based Malware Detection

Column 2

Twitter Discloses Billing Info Leak After ‘Data Security Incident’

Keizer, Oregon Pays $48,000 Cyber-Ransom

Richmond Hill (GA) Computers Restored After Alleged Hack

European Victims Refuse to Bow to Thanos Ransomware

Fxmsp Hackers Made $1.5m Selling Access to Corporate Networks

Sodinokibi (REvil) Ransomware Now Scans Networks For PoS Systems

Hakbit Ransomware Attack Uses GuLoader, Malicious Microsoft Excel Attachments

Ryuk Ransomware Deployed Two Weeks After Trickbot Infection

New WastedLocker Ransomware Distributed via Fake Program Updates

80,000 Printers Are Exposing Their IPP Port Online

6/22/2020

Column 1

China Has a 15-Year Plan to Shape the Future of Tech. but Some Call It Hype

Top European Official Warns China Against Targeting Hospitals With Cyberattacks

North Korean #COVID19 Phishing Campaign Targets Six Countries

Morocco Used NSO’s Spyware to Snoop on Journalist, Amnesty Says

Hackers Use Google Analytics to Steal Credit Cards, Bypass CSP

New Zealand Seizes $90 Million in Assets of Russian Cybercrime Suspect

Egypt Based Hackers Attempted Cyber Attacks on Ethiopian Gov’t Sites

U.S. Gov’t to Enforce HTTPS on New .Gov Sites Starting September 1

Companies Name One of the Biggest Cybersecurity Threats: Their Employees

Column 2

Krebs: ‘BlueLeaks’ Exposes Files from Hundreds of Police Departments

Stalker Online Breach: 1.3 Million User Records Stolen

Attackers Hit Thai Power Authority Using Maze Ransomware

Indiabulls Group Hit by Clop Ransomware, Gets 24h Leak Deadline

Kroger Network Server (OH) Breach Exposes Nearly 11,000 Patients’ Info

Ransomware Group Auctions Crozer-Keystone Health System Data on Darknet

DHS CISA: Serious Vulnerabilities Found in 6 Medical Device Systems

Encrypted Phone Network Encrochat Shutting Down After Police Hack: Has Hitmen and Drug Gangs as Customers

BitDefender Fixes Bug Allowing Attackers to Run Commands Remotely

Malwarebytes Causing Performance Issues in Windows 10 2004

6/19-21/2020

Column 1

Australia Sees China as Main Suspect in State-Based Cyberattacks, Sources Say

The Huawei Hostages

Krebs: Turn on Multi-Factor Authentication Before Crooks Do It For You

If You Get a Call Saying You’ve Been Exposed to COVID-19, It Could Be a Scam

Indonesia Probes Alleged Hacking of COVID-19 Test Data

Austrian Telecoms Operator Played Six-Month Game of Cat-and-Mouse With Hacker

Developer Who Successfully Hacked Bitcoin Wallet Ensures Bitcoin Is Still Safe

French Court Upholds Ruling Fining Google $56 Million for Data Protection Violations

Facebook’s FTC-Mandated Privacy Committee Now in Effect

U.S. Deports NeverQuest Cyber-Thief

Former DIA Analyst Sentenced to Prison Over Data Leak

Hacker Arrested for Stealing, Selling PII of 65K Hospital Employees

Column 2

Oracle’s BlueKai Spilled ‘Billions Of Records’ Of Web-Tracking Data

ConnectWise Partners Hit By Ransomware Via Automate Flaw

Hong Kong Based Apparel Retailer Bossini Reveals Customer Data Hack

Tallapoosa County (AL) Recovers From Ransomware Attack

Ransomware Attack Confirmed by Australia-Based Beverage Manufacturer Lion

Care New England Confirms It Was Victim of a Cyber-Attack

Philadelphia-Area Crozer-Keystone Health System Says It ‘Isolated’ a Malware Attack

Discord Modified to Steal Accounts by New Nitrohack Malware

Hackers Use Fake Windows Error Logs to Hide Malicious Payload

Ransomware Operators Lurk on Your Network After Their Attack

Adobe Wants Users to Uninstall Flash Player by the End of the Year

AMD Says It Will Fix New CPU Bugs by the End of June 2020

6/18/2020

Column 1

Former Google CEO Eric Schmidt: There’s ‘No Question’ Huawei Routed Data to Beijing

ITI Advises on 5G Cybersecurity
UK U-Turns on Contact Tracing App Privacy

‘Massive’ Cyber Attack on Australian Government

Krebs: FEMA IT Specialist Charged in ID Theft, Tax Refund Fraud Conspiracy

Phishing Campaign Targeting Office 365, Exploits Brand Names

U.S. Indicts Six Nigerians Over $6m Email Scam

Commissioners Urge Hiring Changes to Fill Government Jobs in Cyber, AI

Pandemic Popularity Forces Dark Web Forums to Recruit

Maze Ransomware Gang Demand Payoff From Wrong Company

I Know All the Cybersecurity Rules. Yet I Still Break Them.

Column 2

Delivery Hero Confirms Data Breach After Customer Data is Posted On a Dark Web Forum

Statement by CasualX in Response to the Report of a Massive Data Breach

InvisiMole Hackers Target High-Profile Military and Diplomatic Entities, Partners with Gamaredon

As Checks Turn up in the Mail, People Who Didn’t Apply for Unemployment Realize They Are Fraud Victims

BofA Phish Gets Around DMARC, Other Email Protections

Wells Fargo Phishing Baits Customers With Calendar Invites

IcedID Banker is Back, Adding Steganography, COVID-19 Theme

Cisco Webex, Router Bugs Allow Code Execution

79 Netgear Router Models Risk Full Takeover Due to Unpatched Bug

26 Flaws in Open-Source Zephyr and MCUboot Stacks

Chrome Extensions Are ‘the New Rootkit’ Say Researchers Linking Surveillance Campaign to Israeli Registrar Galcomm

6/17/2020

Column 1

Cyber Spies Use LinkedIn to Hack European Defence Firms

North Korea’s Lazarus Group at It Again: Watch Out for .rar Files Coming and Going From Your Networks

Agencies Say FCC Should Deny Request for Underwater Cable Between Hong Kong and U.S.

Krebs: When Security Takes a Backseat to Productivity (in the CIA)

Israel And Greece Sign an Agreement on Cybersecurity Info-Sharing

Widespread Security Vulnerabilities in Mobile Banking Apps

Zoom Reverses Course, Will Give End-To-End Encryption Option to All Users

Premier League’s Return: A Hat Trick of Cyberthreats?

BEC Attackers Ditch C-Suite in Favor of Fresh Target

Sharp Rise in Web Attacks on Gamers

Column 2

IT Giant Cognizant Confirms Data Breach After Ransomware Attack

DraftKings Discloses SBTech Ransomware Attack in SEC Filing

REvil Ransomware Group Begins Leaking Sensitive Data From Goodman Mintz LLP, Strategic Sites LLC, and ZEGG Hotels & Store

Unemployment Fraud in Washington Linked to Health Care Ransomware

Care New England Website Remains Down; No Evidence Found of Data Breach

Cyber Security Expert Says Care New England Hack ‘Is Indicative of Ransomware’

Shlayer Mac Malware Returns with Extra Sneakiness

AcidBox Malware Uncovered Using Repurposed VirtualBox Exploit

Bug in ‘USB for Remote Desktop’ Lets Hackers Add Fake Devices

Cisco Fixes Severe Flaws in Webex Meetings for Windows, MacOS

6/16/2020

Column 1

Report Finds Russian Disinformation Group Tied to 2016 Elections Still Active

U.S. Firms Can Work With Huawei on 5G and Other Standards. Here’s What It Means

U.S. Says Former eBay Workers Sent Live Roaches, Bloody Pig Mask to Intimidate Critics

The Coronavirus-Fueled Tech Trends That Will Continue to Dominate Daily Life

46% of SMEs Sharing Confidential Files by Email During Lockdown

Financial Firms Facing Serious Hacking Threat in COVID-19 Era

Unpack the Use of AI in Cybersecurity, Plus Pros and Cons

90’s Social Engineering: How I Conned My Way Into an Interview With Michael Jordan

Newly Unclassified Report Finds CIA Security Failures Led to Massive 2017 Breach

Global DDoS Attack Dismissed as T-Mobile Misconfiguration

Anonymous: ‘the U.S. Is Currently Under a Major DDoS Attack’

Column 2

Chipmaker MaxLinear Hit by ‘Maze’ Ransomware Attack

Avon Forced to Shut Down Its UK Website After Cyber Attack

Toronto Accounting Firm Hit by Ransomware

Wiggle Investigates Cyber-Attack

Hackers Target Redcar Children’s Charity in Attempted Cyber Attack

‘Ripple20’ Bugs Impact Hundreds of Millions of Connected Devices

CoinMiner Exploits Apple APSDaemon Vulnerability to Evade Detection

Google Alerts Catches Fake Data Breach Notes Pushing Malware

Adobe Patches 18 Critical Flaws in Out-Of-Band Update

Plex Fixes Media Server Bugs Allowing Full System Takeover

VLC Media Player 3.0.11 Fixes Severe Remote Code Execution Flaw

Half of Firms Likely Running Vulnerable Oracle E-Business Suite

6/15/2020

Column 1

Lawmakers Warn of ‘Electoral Chernobyl’ in November Following Georgia Election Chaos

Twitter Disrupts Wide-Ranging Political Disinformation Campaigns

Philippine Journalist and Rappler Co-Founder Maria Ressa Found Guilty of Violating Cyber Libel Law

Six Former eBay Employees Charged With Cyberstalking Massachusetts Couple

Poor Password Practices and Growing Acceptance of Biometrics in Financial Accounts

WebAuthn Passwordless Authentication Now Available for Atlassian Products

Intel Will Soon Bake Anti-Malware Defenses Directly Into Its Tiger Lake CPUs

ESET Rushes to Defend Rival Malwarebytes in Legal War Sparked by Vendor Upset at ‘Unwanted Program’ Label

Greece Recruits Hackers Against Turkish Cyber Attacks

Column 2

Foodora Data Breach Impacts Customers in 14 Countries

Data Breach Reported at Presbyterian Healthcare (NM)

9 Dating Apps Exposed 845 GB of Explicit Photos, Chats, and More

Claire’s Customers Targeted with Magecart Payment-Card Skimmer

Penn Township Ups Cybersecurity After Incident

U.S. Bank Customers Targeted in Ongoing Qbot Campaign

Mobile Threats Delivered by Adult Content Double

New Mobile Internet Protocol Vulnerabilities Let Hackers Target 4G/5G Users

20 Months Behind Bars for IT Support Worker Who Nicked £30k Worth of Crypto-Cash

6/12-14/2020

Column 1

Microsoft Joins Ban on Sale of Facial Recognition Tech to Police

Spies Can Listen to Your Conversations by Watching a Light Bulb in the Room

WhatsApp Blamed Own Users for Failure to Keep Phone Number Repo off Google Searches

This App Will Tell You If Your iPhone Has Been Hacked

Windows 10 Privacy Settings Bug Lets Users Change Admin Options

Why Securing Endpoints Is The Future Of Cybersecurity

Mitigating Health Care’s Cybersecurity Risks in the Era of Hyperconnectivity

Honeypot Reveals Tactics Used by Cybercriminals to Deploy Ransomware

Honda Resumes Production at Plants Hit by Suspected Cyber Attack

D-Link Leaves Severe Security Bugs in Home Router Unpatched

Column 2

Earth Empusa Threat Group Targeting Victims Across Tibet, Turkey and Taiwan via Watering-Hole Websites

Krebs: Privnotes.com Is Phishing Bitcoin from Users of Private Messaging Service Privnote.com

Robotics Company Symbotic Falls Prey to REvil Ransomware Attack

Rangely District Hospital (CO) Suffers Ransomware Attack

Report: Sapiens Pays $250,000 in Bitcoin for Ransomware Attack

Black Kingdom Ransomware Hacks Networks With Pulse VPN Flaws

“Tor2Mine” Has Returned to Infecting Systems With Cryptominers

Extortionists Threaten to Destroy Sites in Fake Ransom Attacks

Personal Information Exposed in Prior Data Breach at Magellan Health Inc

Hackers Are Quick to Notice Exposed Elasticsearch Servers

6/11/2020

Column 1

Democrats Press Intel Chief for Answers on Foreign Efforts to Exploit U.S. Racial Tensions

Zoom Suspends U.S.-Based Activist’s Account After Tiananmen Square Commemoration Event

Twitter Deletes Over 170,000 Accounts Tied to Chinese Propaganda Efforts

U.S. Cops’ Personal Info Leaked Online

Drones Fly Over Protest-Packed Cities

Phishing and BEC Surge as #COVID19 Attackers Prioritize Email

Turn the Table on Phishers and Scammers to Protect Your Brand

Working From Home Is the New Normal, but Cybersecurity Isn’t Keeping Up

Google, Facebook and Microsoft Back Global Plan to ‘Eradicate’ Online Child Sexual Abuse

Germany Seeks EU Sanctions for 2015 Cyberattack on Its Parliament

UK Government Awards £10m Fund to Develop Cybersecurity Tech Solutions

Tesla Hacker Unlocks Performance Upgrade and Acceleration Boost at a Discount

IBM Cloud Global Outage Caused by “Incorrect” BGP Routing

Column 2

Fortune 500 Insurance Firm Genworth Discloses Data Breach

Live Event Solutions Leader Tait Discloses Data Breach

Fisher and Paykel Hit With Cyberattack

MU Health Care Experienced Data Breach, Some Social Security Numbers Compromised

Yale New Haven Health Staff Unnecessarily Accessed COVID-19 Data in Medical Records

MAZE Attacks Threadstone Advisors

City of Knoxville Shuts Down Network After Ransomware Attack

Knoxville: No Personal Info Accessed in Ransomware Attack on City Offices

Microsoft Outlook Users Targeted By Gamaredon’s New VBA Macro

Kubernetes Falls to Cryptomining via Machine-Learning Framework

Encent Floats Bug Bounties for Its Cloudy Linux and IoT OSes

A Bug in Facebook Messenger for Windows Could’ve Helped Malware Gain Persistence

Android 11 Brings Numerous Security and Privacy Improvements

6/10/2020

Column 1

Researchers Say Online Voting Tech Used in 5 States Is Fatally Flawed

Fake Black Lives Matter Voting Campaign Spreads Trickbot Malware

FBI Warns Hackers Are Targeting Mobile Banking Apps

Scammers Pretend to Be COVID-19 Contact Tracers to Get Personal Information From Victims

Office 365 Phishing Baits Business Owners With Relief Payments

Environmentalists Targeted Exxon Mobil. Then Hackers Targeted Them.

What Is Gaia-X? A Guide to Europe’s Cloud Computing Fight-Back Plan

Amazon Puts One-Year Moratorium on Rekognition Facial Recognition Technology for Police Use

Facebook Paid for a Tool to Hack Its Own User, Then Handed It to the FBI

Cost of US Cyber Command Program Quintuples

Slovak Police Seize Wiretapping Devices Connected to Government Network

Minimal Techno DJ Denis Kaznacheev Arrested in Berlin on Cyber-Crime Charges at Request of the U.S. Government

Helping Remote Workers Overcome Remote Attacks

Column 2

Italian Encryption Utility Firm CloudEyE Accused of Bundling GuLoader Malware Functions in Product

Norwegian Shipbuilder Vard Hit by Ransomware Cyberattack

Self-Destructing Skimmer Steals Credit Cards of Greenworks Hardware Tools Customers

Coinsquare CEO Says Company Was Contacted About Potential Data Breach Affecting Thousands of Users Last Year

Mt. Diablo Unified School District (CA) Notifies Parents

Employed People Getting Hit With Unemployment Payment Scam in Illinois To Divulge Bank Information

Snake Ransomware Delivers Double-Strike on Honda and Enel Argentina

Thanos Ransomware First to Weaponize RIPlace Tactic

GnuTLS Patches Security Hole That Hung Around for Two Years – Worse Than Heartbleed, Says Google Cryptoboffin

Kingminer Patches Vulnerable Servers to Lock out Competitors

Expiring SSL Certs Expected to Break Smart TVs, Fridges, and IoTs

Equifax’s Latest Breach Settlement Is Skimpy to Plaintiffs, Critics Say

6/9/2020

Column 1

Senate Report: Chinese Telecom Firms Operated in U.S. Without Proper Oversight for Decades

Booz Allen Hamilton: No Evidence of Unauthorized Data Transfers by Top Chinese Drone Manufacturer

Georgia Officials Launch Investigation Into Election Day Chaos Amid Voter Suppression Concerns

Opinion: The ‘Silver Lining’ of the Pandemic Is the Way It Is Catalyzing Changes in Cybersecurity

Senior Official Estimates $30 Billion in Stimulus Funds Will Be Stolen Through Coronavirus Scams

Fake SpaceX YouTube Channels Scam Viewers out of $150k in Bitcoin

Hack-for-Hire Firm Dark Basin Connected to Attacks on Nonprofits, Journalists

New Cybersecurity Recommendations for U.S. Government Target IoT, Social Media

Ransomware Gangs Are Teaming Up to Form Cartel-Style Structures

Nefilim Hackers Publish Oil Firm Data Online and Continue Disruptive Campaign

WhatsApp Resolves Issue That Exposed Some Users’ Phone Numbers in Google Search Results

Microsoft June 2020 Patch Tuesday: Largest Ever With 129 Fixes

Intel Patched 22 Vulnerabilities in the June 2020 Platform Update

Adobe Fixes Critical Remote Code Execution Bug in Flash Player

Patches for Spectre Holes on Linux Aren’t Perfect

Column 2

Obscure Indian Cyber Firm BellTroX InfoTech Services Spied on Politicians, Investors Worldwide

South Africa’s Life Healthcare Hit by Cyber Attack

Australian Beverage Maker Lion Hit by Cyber Attack

Nintendo Said a Total of 300,000 Accounts Have Been Hacked

Computer Hack Affects Ste. Genevieve County (MO)

Babylon Health Admits GP App Suffered a Data Breach

Natura: Cyber Incident’ Partially Hit Avon Operations

Keepnet Labs Confirms Contractor Exposed ‘Data Breach Database’ of 5 Billion Records

Update: Florence (AL) Hit By Ransomware 12 Days After Being Alerted by KrebsOnSecurity

Magecart Targets Emergency Services-related Sites via Insecure S3 Buckets

KingMiner Botnet Brute-Forces MSSQL Databases to Install Cryptocurrency Miner

Maze Ransomware Adds Ragnar Locker to Its Extortion Cartel

Valak Malware Gets New Plugin to Steal Outlook Login Credentials

New SGAxe Attack Steals Protected Data From Intel SGX Enclaves

SMBleed: A New Critical Vulnerability Affects Windows SMB Protocol

Windows Group Policy Flaw Lets Attackers Gain Admin Privileges

6/8/2020

Column 1

Study Finds Vulnerabilities in Online Voting Tool Used by Several States

U.S. Energy Providers Hit With New Malware in Targeted Attacks

Huawei Takes out Several Full-Page Ads in UK Newspapers as Government Reviews Its 5G Role

Singapore’s Contact Tracing Wearable Causes Privacy Backlash

Phishing Attack Hits German Coronavirus Task Force

Hackers Are Attacking the German PPE Supply Chain

Phishers Hide #COVID19 Malware in CVs and Medical Leave Forms

Facebook Sues Companies for Registering Impostor Domains

Privacy Browser Brave Busted for Autocompleting URLs to Versions It Profits From

The 20 Best Cybersecurity Startups To Watch In 2020

Column 2

Any Indian DigiLocker Account Could’ve Been Accessed Without Password

University of the Philippines Cebu (UP Cebu) Confirms Data Breach on Its Student Evaluation on Teaching System

Privacy Breach at Manitoba Agricultural Services Corporation (MASC)

Florence (AL) City Computer Systems Hit by Cyber Attack

Animal Rights Group Hacked Over Exploded Elephant Comments

Honda Investigates Possible Ransomware Attack, Networks Impacted

ZEE5 Refutes Report of Data Breach After Hackers Threaten to Leak Customers’ Info Online

REvil Ransomware Gang Strikes Again with More Auctions Listing Stolen Data

New Avaddon Ransomware Launches in Massive Smiley Spam Campaign

CallStranger UPnP Bug Allows Data Theft, DDoS Attacks, LAN Scans

6/5-7/2020

Column 1

Report Details New Cyber Threats to Elections From COVID-19

Facebook Labels State-Controlled Media Ahead of U.S. Elections

Chinese Tech Giants Caught up in Rising U.S.-China Tensions

Israel and Iran Just Showed Us the Future of Cyberwar With Their Unusual Attacks

Greek Hackers Take Down Turkish Foreign Ministry Website in Revenge

UK Gov’t Publishes Contracts Granting Amazon, Microsoft, Google, and AI Firms Access to COVID-19 Health Data

North Dakota Contact Tracing App Ends Data Share with Foursquare

Bogus COVID-19 Contact Tracers May Be Coming for Your Personal Information

Nationwide Unemployment Scam

Signal Deploys Blur Tool in Its Messaging and Calling App to Allow Users to Obscure Faces in App-Captured Snapshots

Cyber Concerns Haunt Financial Sector During Pandemic Recovery

Approximately 117 Million IT Jobs Lost Since March

Sophos Confirms Restructuring Plans, Denies Blog Closure

U.S. Aerospace Services Provider VT San Antonio Aerospace (VT SAA) Breached by Maze Ransomware

Cyberattack Attempts on Anti-Racism Websites See Massive Spike

Northern Maine Community College (NMCC) Offers Cybersecurity Program

FTC Slams Children’s App Developer HyperBeard for COPPA Violations

Krebs: Owners of DDoS-for-Hire Service vDOS Get 6 Months Community Service

Column 2

Fitness Depot Hit by Data Breach After ISP Fails to ‘Activate the Antivirus’

Some University of Utah Health Patients Notified of Data Security Breach

Ransomware Attack on Singapore-based ST Engineering’s U.S. Unit Contained

Singapore Network Not Affected by U.S. Cyber Attack

Electrolux, Others Conned Out of Big Money by BEC Scammer; Kenenty Hwan Kim (aka Myung Kim) Pleads Guilty

Amherst (MA) Police Report ‘Substantial Amount’ of Fraudulent Unemployment Claims Being Filed With Stolen Identities of Residents

Post Falls (ID) Police Department Says ‘No Sensitive Data’ Compromised in Cyberattack

Hackers Target Fincantieri’s Norwegian Unit With Ransomware

San Beda University (Philippines) Student Portal Hacked, Personal Data of Thousands Stolen

100,000 Private Box eXchange (PBX) Telephone Boxes Hit With Voice Message Phishing

Ongoing eCH0raix Ransomware Campaign Targets QNAP NAS Devices

Kupidon Is the Latest Ransomware Targeting Your Data

Fake Ransomware Decryptor for STOP Djvu Double-Encrypts Desperate Victims’ Files

Florida Institute of Technology Student Discovers Flaws in Leading Doorbell Security Cameras

Windows 10 SMBGhost Bug Gets Public Proof-Of-Concept RCE Exploit

WhatsApp Phone Numbers Pop Up in Google Search Results — But is it a Bug?

uBlock Origin Ad Blocker Now Blocks Port Scans on Most Sites

Microsoft Dev Fixes Major Annoyance in Chromium Browser

6/4/2020

Column 1

Presidential Campaigns Targeted by Suspected Chinese, Iranian Hackers

Phishing: China APT 31 (aka Zirconium) Attacks Biden Campaign; Iran APT 35 (aka Charming Kitten) Attacks Trump Campaign

New Report Claims Huawei Hushed Up Iran Business Links

Europe Nears Tipping Point on Russian Hacking

Black Lives Matter Activists Targeted by Cyber Attacks

London Queer Pub Forced to Abort HIV Fundraiser Amid ‘Operation Pridefall’ Anti-LGBT+ Cyber Attack

Crowdstrike CEO: How the Future of Remote Work and Security Will Look

Shift Your Cybersecurity Mindset to Maintain Cyber Resilience

Zoom Restricts End-to-End Encryption to Paid Users

Netizens Urged Not to Use Name as Password

Google Adds YubiKey Support for Apple Devices

Mozilla Firefox to Let You Export Saved Passwords in Plain Text

Column 2

Chartered Professional Accountants (CPA) of Canada Discloses Data Breach Affecting 329,000 Individuals

Business Services Giant Conduent Hit by Maze Ransomware

NetWalker Ransomware Strikes Three U.S. Universities (UCSF, Michigan State & Columbia College Chicago)

Michigan State Refuses to Pay Ransom to Hackers

Hackers Begin Publishing Stolen Documents

Duluth School District (MN) Addresses Cyber Security Breach

Fraudulent iOS VPN Apps Attempt to Scam Users

ZLoader-Laced Emails Masquerade As CVs From Job-Seekers

Bruteforce Malware Probes Login for Popular Web Platforms

Tycoon Ransomware Banks on Unusual Image File Tactic

Japan to Review Cyber-Bullying Laws Following Wrestler’s Suicide

Google Faces Privacy Lawsuit Over Tracking Users in Incognito Mode

6/3/2020

Column 1

Top DHS Official Says to Expect ‘Every Intelligence Service’ to Target COVID-19 Research

Hackers Steal Secrets From U.S. Nuclear Missile Contractor Westech International

DopplePaymer Ransomware Gang Says It Breached NASA Contractor DMI

Sophisticated Info-Stealer APT ‘Cycldek’ Targets Air-Gapped Devices via USB

Here’s How Far Hackers Are Willing to Go to Steal Your Stimulus Check

Enterprise Mobile Phishing Attacks Skyrocket Amidst Pandemic

Most Victims Choose a Similar or Weaker Password after a Data Breach, Study Finds

Zoom CEO Explains Stance on Encryption, Says He Wants to ‘Work Together’ With Law Enforcement

Is Zoom Critical Infrastructure?

Two Critical Flaws in Zoom Could’ve Let Attackers Hack Systems via Chat

Hackers Force Minnesota Senate Website Offline

Chicago Police Scanner Jammed by Hackers Amid Riots

Romanian Skimmer Gang in Mexico Outed by KrebsOnSecurity Stole $1.2 Billion

Aussie Fined for Tweeting Apple Employees’ Data

AUCloud Brings Object Lock-Based Ransomware Protection to Australia

Column 2

San Francisco Retirement Program SFERS Suffers Data Breach

Netwalker Ransomware Continues Assault on U.S. Colleges, Hits UCSF

Ransomware Gangs Team up to Form Extortion Cartel

Unnamed University Fights off Cyber Attack From Another School

Nearly 1,000 Members of Kentucky Employees’ Health Plan Hit by Data Breach

Cyber Attack Strikes Person County (NC) Computer Systems

Hackers Hijack One of Coincheck’s Domains for Spear-Phishing Attacks

Recent Coinsquare Data Hack Could Put Millions of Dollars in Bitcoin at Risk

Attackers Target 1M+ WordPress Sites To Harvest Database Credentials

Office 365 Phishing Baits Remote Workers With Fake VPN Configs

TrickBot Adds BazarBackdoor to Malware Arsenal

Dark Web Demand Surges for YouTube Accounts

Firefox 77.0.1 Released to Prevent DDoSing DoH DNS Providers

Critical SAP ASE Flaws Allow Complete Control of Databases

This Wallpaper Will Crash Your Android Phone

6/2/2020

Column 1

Zuckerberg Defends Hands-Off Approach to Trump’s Posts

Krebs: REvil Ransomware Gang Starts Auctioning Victim Data

Iran ‘Opened a Pandora’s Box’ in Cyber Attack on Israeli Water System

EU to Impose Sanctions on Russia Hackers for Cyber Attack on German Bundestag – Journalist

Cyber Incidents, Possibly by Anonymous, Accompany U.S. Unrest

COVID-19 & 5 Data Breaches Combine Into a Cyberstorm for Consumers

Cybersecurity Spending Hits ‘Temporary Pause’ Amid Pandemic

Cybersecurity Startups Feel a Pinch on Funding and Sales

Police Efforts Help to Erode Trust on Dark Web

European Cybersecurity Blogger Award Winners Announced

NYC Cybersecurity Bootcamp Offers Free Training Nationwide

Office 365 to Make One-Time Passcode Emails Look Less Spammy

Column 2

Islamic Hackers Group Claims Responsibility for Cyber-Attack That Exposed PII of Hundreds of Israelis

Bahamas Police Probe Registry Hack

Researchers Find Exposed Data on Millions of Users of Quiz App, TVSmiles

Saint Joseph Health & 6 More Indiana Providers Report Improper Disposal of Patient Records

Commercial Services Group (CSG) Hit With Ransomware

Octopus Scanner Sinks Tentacles into GitHub Repositories

Google Fixes Android Flaws That Allow Code Execution With High System Rights

Apple Jailbreak Zero-Day Gets a Patch

Critical Exim bugs being patched but many servers still at risk

Linus Torvalds Trashes 5.8 Linux Kernel Patch Over Opt-In Intel CPU Bug Mitigation

Severe Cisco DoS Flaw Can Cripple Nexus Switches

VMware Cloud Director Flaw Lets Hackers Take Over Virtual Datacenters

6/1/2020

Column 1

Trump Plans to Ban Chinese Students with Military Ties

Human-Rights Groups Ask Police to Hunt Hackers Attacking Hospitals

Minneapolis City and Police Websites Attacked

Minneapolis Police Department Hack Likely Fake, Says Researcher

After a Breach, Users Rarely Change Their Passwords, Study Finds

The Cybersecurity Implications of 5G Technology

Column 2

Bharat Interface for Money (BHIM) Payment App Data Breach Exposes Millions of Indians’ Data

Joomla Resources Directory (JRD) Portal Suffers Data Breach

Kelles Campaign (NY State Assembly) Says They’re Under Cyber-Attack

Meadow Vale Primary School (Bracknell Forest, UK) Suffers Cyber Attack From Hackers Wiping Personal Data

Web Browsers Still Allow Drive-By-Downloads in 2020

Apple Pays $100K Bounty for Critical ‘Sign in With Apple’ Flaw

5/29-31/2020

Column 1

Cruz Calls for Criminal Investigation Into Twitter Over Alleged Iranian Sanction Violations

North Korea Accuses U.S. of Hurting Its Image With Cyber Threat Warning

Israel-Iran Attacks: ‘Cyber Winter Is Coming’

Anonymous Says It’ll ‘Expose’ Minneapolis Police, Website Hacked

UK Government Launches Funding Program to Boost Security of IoT Market

‘Hack-For-Hire’ Firms Spoof WHO To Target Google Credentials

As States Reopen, the Boss Wants to Know What You’re Up To This Weekend

Google’s New Tool Lets You See a Two Metre Social Distancing Gap With AR

Krebs Career Choice Tip: Cybercrime is Mostly Boring

The University of Texas at San Antonio to Create Cybersecurity Innovation Institute

Alabama Seniors Offered Free Cybersecurity Courses

Office 365 to Give Detailed Info on Malicious Email Attachments

List of Well-Known Web Sites That Port Scan Their Visitors

ACLU Sues Clearview AI Over Faceprint Collection, Sale

Hacker Leaks Database of Dark Web Hosting Provider

Column 2

Big Footy Data Breach Exposed Private Details of up to 100,000 Users

Amtrak Resets User Passwords After Guest Rewards Data Breach

Unemployment Fraud Hits North Olympic Peninsula (WA) Residents

Warning to Parents After Cyber Criminals Attack Bristol (UK) School Website

Ransomware Attack Targets Nipissing First Nation (Ontario)

REvil Hackers ‘Hold Second Us Firm to Ransom’

Highly-Targeted SteganographyAttacks on Industrial Sector Hide Malicious Powershell Scripts in Images

‘Hackers Burned My Hand With Cryptojacking Computer Virus’

Smart Car Source Code Leak May Compromise Customer Safety

Google Just Gave Millions Of Users A Reason To Quit Chrome

Critical ‘Sign in with Apple’ Bug Could Have Let Attackers Hijack Anyone’s Account

New Noise-Resilient Attack On Intel and AMD CPUs Makes Flush-based Attacks Effective

Snake Ransomware Slithers Into the Light

Nworm: Trickbot Gang’s New Stealthy Malware Spreading Module

Any Mitron (Viral TikTok Clone) Profile Can Be Hacked in Seconds

Utah Tech CEO Jailed for Possessing Thousands of Files Depicting Child Sexual Abuse

5/28/2020

Column 1

NSA Warns of Ongoing Russian Hacking Campaign Against U.S. Systems

Germany Calls in Russian Envoy Over Hack Attack

Google Sees Resurgence in State-Backed Hacking, Phishing Related to COVID-19

Sue Gordon: The Coronavirus Pandemic Should Change the Way We Look at National Security

Cybersecurity: Half of Employees Admit They Are Cutting Corners When Working From Home

C-Level Executives the Weakest Link in Organizations’ Mobile Security

Cyber-Criminals Impersonating Google to Target Remote Workers

#COVID19 Drives Dealers Online as Drugs Supply Soars

Pelosi Pulls Vote on FISA Bill After Trump Veto Threat

Lawmakers Urge More Federal Funding for State Cybersecurity

Krebs: UK Ad Campaign Seeks to Deter Cybercrime

Minneapolis City Systems Temporarily Brought Down by Cyberattack

Comedian Arrested for Cybercrime over Face Swap

Google Location Tracking Lambasted in Arizona Lawsuit

Researchers Uncover Brazilian Hacktivist VandaTheGod’s Identity Who Defaced Over 4800 Sites

Column 2

Minted Discloses Data Breach After 5m User Records Sold Online

Data Breach of the Kentucky Unemployment System Occurred in April

Ransomware Attack Affects 13,146 Patients’ Info at Palmer, Alaska Mat-Su Surgical Associates

Rio Arriba County (NM) Government Falls Victim to Ransomware

Austrian City of Weiz Falls Victim to NetWalker’s Ransomware Attack

Japanese IT Services Firm NTT Communications Reveals Hack Affecting up to 621 Customers

Cyber Attack Delays NWT Power Corporation (NTPC) Bills, Northland Customers Unaffected (Northwest Territories)

Hackers Compromise Cisco Servers Via SaltStack Flaws

DoD Contractors Team Up with HPE on Ransomware-Stopper

Fake Valorant Mobile App Pushes Scams on Eager Gamers

200k Sites With Buggy WordPress Plugin Exposed to Wipe Attacks

Valak Loader Revamped to Rob Microsoft Exchange Servers

NSA Warns of New Sandworm Attacks on Email Servers

PonyFinal Ransomware Targets Enterprise Servers Then Bides Its Time

New Octopus Scanner Malware Spreads via Github Supply Chain Attack

Inside the Hoaxcalls Botnet: Both Success and Failure

5/27/2020

Column 1

FBI Investigating ‘Zoom Bombings’ Involving Child Sexual Abuse

Nearly One Fifth of Law Firms Show Signs of Compromise

FTC Warns College Students of Scams Relating to Coronavirus Checks

UK Energy Operators Join the European Network for Cybersecurity

Brussels Report: More EU Privacy Investigations, Longer Decision Times

Google Highlights Indian ‘Hack-For-Hire’ Companies in New Tag Report

Chinese Researchers Disrupt Malware Attack That Infected Thousands of PCs

1000 Corporate Systems Infected With Monero Mining Malware

3 Questions Your Board Has About Cybersecurity

Thais Ditch Twitter for Blockchain-Based Social Network Minds

Column 2

Hackers Sell Data from 26 Million LiveJournal Users on Dark Web

Truecaller Denies Data Leak After 4.75m Users’ Info Emerges on Darknet

Michigan State University Hit by Ransomware Threatening Leak of Student and Financial Data

Northwest Atlantic Fisheries Organization Hit by Ransomware Attack

Columbus (GA) Mayor Confirms Ransomware Attack on City Government Yesterday

More Ohio PUA Applicants Claim PII Exposed; State Denies

DoubleGun Group Builds Massive Botnet Using Cloud Services

Smart Cars Vulnerable to Hack That Could Enable ‘Remote Control’

$100 Million in Bounties Paid by Hackerone to Ethical Hackers

New York Teen Masterminds $23.8m Crypto Heist

5/26/2020

Column 1

U.S. Tech Giants Are Reportedly Providing Web Services to Blacklisted Chinese Surveillance Firms

Canada to Lead Global Effort to Counter Election Interference

Report: ATM Skimmer Gang Had Protection from Mexican Attorney General’s Office (Krebs)

Chinese City Proposes Permanent Health Tracking With a Score Based on Drinking and Exercise Habits

Tel Aviv University Researchers Successfully Repel Massive Attempted Cyber Attack

New [F]Unicorn Ransomware Hits Italy via Fake COVID-19 Infection Map

California Activists Ramp Up Fight Against Facial-Recognition Technology

Texas Deputy Sheriff Admits Cyberstalking Massachusetts Tween

Cyber Peace Institute Issues Plea for Governments to Protect Healthcare from Cyber-Attacks

Risky Strategy by Many Private Colleges Leaves Them Exposed

The Unaddressed Gap in Cybersecurity: Human Performance

Lawyers Aim £18bn Class Action Suit at easyJet

Column 2

Data on 29 Million Indian Jobseekers Leaked

Qatar Tracing App Flaw Exposed 1m Users’ Data: Amnesty

Ohio-Based Management and Services Network Experiences Email Hack, Exposes PHI of 30k Individuals

North Babylon School District (New York) Investigating ‘Ransomware-Type’ Computer Virus

Arbonne MLM Data Breach Exposes User Passwords, Personal Info

Bank of America Reveals Data Breach in PPP Application Process

Hacking Group Ke3chang Builds New Ketrum Malware From Recycled Backdoors

Turla APT Revamps One of Its Go-To Spy Tools

New ComRAT Malware Uses Gmail to Receive Commands and Exfiltrate Data

New iOS Jailbreak Tool Works on iPhone Models iOS 11 to iOS 13.5

StrandHogg 2.0 Critical Bug Allows Android App Hijacking

Customized Android Builds Drive Global Security Inequality

5/25/2020

Column 1

States Plead for Cybersecurity Funds as Hacking Threat Surges

UK Cybersecurity Review May Mean the End for Huawei 5G Deal

What Would Happen If the UK Ditched Huawei?

Multiple Israeli Coronavirus Research Centers Struck in Major Cyber Attack

People Know Reusing Passwords Is Dumb, But Still Do It

Why Should You Teach Cybersecurity to Your Kids?

Ransomware Attacks Are Exploding in the Education Sector

Column 2

A Massive Database of 8 Billion Thai Internet Records Leaks

Australian Customer Experience Firm Stellar Hit by Ransomware

Retailer IN SPORT’s Head Office Hit by Ransomware

Hacker Extorts Online Shops, Sells Databases If Ransom Not Paid

Thousands of Enterprise Systems Infected by New Blue Mockingbird Malware Gang

Cisco Emits Critical Fix in Latest Patch Bundle

70 Percent of Mobile, Desktop Apps Contain Open-Source Bugs

Houseparty Hires Firm That Linked Saudi Crown Prince to Jeff Bezos Hack Over Cyber Attack Rumors

5/22-24/2020

Column 1

Lawmakers Ask for Briefings on Chinese Targeting of Coronavirus Research

U.S. Tech Giants Are Reportedly Providing Web Services to Blacklisted Chinese Surveillance Firms

Fresh UK Review Into Huawei Role in 5G Networks

Japan Suspects Missile Data Leak in Mitsubishi Cyberattack

Cyberattack on Israeli Water Systems Uncovers Regulatory Chaos

Cyberattack on Israeli Websites Says ‘Countdown to Destruction Has Begun’

Krebs: Riding the State Unemployment Fraud ‘Wave’

‘Coronavirus Report’ Emails Spread NetSupport RAT, Microsoft Warns

North Dakota’s Contact Tracing App Sends User Data to Third Parties

Businesses Could Face Influx of Attacks When Offices Reopen

Federal Cyber Standards for Chemical Plants Criticized by Watchdog

Mumbai Police Force Uses ‘The Force’ for Cyber-Safety Campaign

Column 2

Indonesia Probes Breach of Data on More Than Two Million Voters

Mathway Investigates Data Breach After 25m Records Sold on Dark Web

Online Education Site EduCBA Discloses Data Breach After Hack

Hacker Sells Tens of Thousands of Ledger, Tezor, and Keepkey Users’ Info

Banco de Costa Rica (BCR) Denies Breach After Cybercrime Group Maze Claims to Publish Private Data

NSO Group Impersonates Facebook Security Team to Spread Spyware — Report

ZLoader Banking Malware Is Back, Deployed in Over 100 Campaigns

RagnarLocker Ransomware Hides in Virtual Machine to Escape Detection

Discord Client Turned Into a Password Stealer by Updated Malware

Apple iOS 13.5 Hacked: Zero-Day Flaw Exploited By iPhone Jailbreakers

How iPhone Hackers Got Their Hands on the New iOS Months Before Its Release

eBay Port Scans Visitors’ Computers for Remote Access Programs

School Boy, 15, ‘Baby Al Capone’ Is Being Sued for $71.4m for ‘Hacking the Phone of a Wealthy Cryptocurrency Investor and Stealing $23.8m’

5/21/2020

Column 1

German Court Orders Spy Agency to Curb Foreign-Intelligence Gathering

Israeli Websites Targeted in Major Cyber Attack

Iranian APT Group Chafer Targets Governments in Kuwait and Saudi Arabia

Senators Introduce Bill to Protect Seniors From Coronavirus Scams

To Test Its Security Mid-Pandemic, GitLab Tried Phishing Its Own Work-From-Home Staff: 1 in 5 Fell for It

70% of Organizations to Increase Cybersecurity Spending Following COVID-19 Pandemic

Microsoft Warns of “Massive” #COVID19 RAT

Zoom Meetings Bombed with Child Sexual Abuse Material

Flight Risk Employees Account for Most Insider Threats

Long Tail Analysis: A New Hope in the Cybercrime Battle

Column 2

Hacker Shares 40 Million Wishbone User Records for Free

Florida Department of Economic Opportunity Data Breach Exposed Social Security Numbers of Some Who Applied for Unemployment

Crooks Tap Google Firebase in Fresh Phishing Tactic

Supreme Court Phish Targets Office 365 Credentials

Hackers Tried to Use Sophos Firewall Zero-Day to Deploy Ransomware

Ransomware Deploys Virtual Machines to Hide Itself From Antivirus Software

Silent Night Banking Trojan Charges Top Dollar on the Underground

Winnti Group Targets Video Game Developers with New Backdoor Malware

New PipeMon Malware Uses Windows Print Processors for Persistence

New ‘Spectra’ Attack Breaks the Separation Between WI-FI and Bluetooth

Critical Cisco Bug in Unified CCX Allows Remote Code Execution

5/20/2020

Column 1

Japan Defence Ministry Investigating Potential Hack of Next-Gen Missile Details: Asahi

Michigan Launches Cybercrime Hotline

Fraudulent Unemployment, COVID-19 Relief Claims Earn BEC Gang Millions

Vigilante Hackers Target ‘Scammers’ With Ransomware, DDoS Attacks

Tech Chiefs Press Cloud Suppliers for Consistency on Security Data

IRS Hasn’t Implemented More Than 100 Federal Watchdog’s Cybersecurity Recommendations

Stanford University Tops List of US Cybersecurity Degree Providers

Column 2

Home Chef Announces Data Breach After Hacker Sells 8m User Records

Snake Ransomware Leaks Patient Data From Fresenius Medical Care

Ohioans’ Personal Info Exposed in Pandemic Unemployment Data Breach, ODJFS Says

Borough of Duncannon (PA) Says It Was the Victim of Ransomware Attack Last Month

Sydney Sports Store Instore Hit by Windows Revil Ransomware

Houseparty Denied It Had Been Hacked While Miscreants Were Abusing Its Dot-Com Domain Name Infrastructure

GhostDNS Exploit Kit Source Code Leaked to Antivirus Company

Dark Web Crypto Use Grew Exponentially

5/19/2020

Column 1

Easyjet Hack Leaves 9 Million Customers’ Details Exposed

Chinese Hackers Suspected

Taiwan Suggests China’s Winnti Group Is Behind Ransomware Attack on State Oil Company

FBI Probe Ties Florida Attack to al Qaeda, Faults Apple

REvil to Auction Stolen Madonna Data

FTC Warns About Contact Tracing Scams

Financial Gain Trumps Espionage as Top Motivator in Cyber Attacks: Report

Minnesota Sees Surge in Sex Crimes Against Minors Online

Krebs: Ukraine Nabs Sanix (a.k.a. “Sanixer“) Suspect in 773M Password ‘Megabreach’

The Top 10 Routinely Exploited Vulnerabilities

The Cybersecurity Processes Most Vulnerable to Human Error

NetWalker Adjusts Ransomware Operation to Only Target Enterprise

Half of Public Sector Workers Have Never Heard of Ransomware

How to Decode a Data Breach Notice

Column 2

Brazil’s Biggest Cosmetic Brand Natura Exposes Personal Details of Its Users

72,000 on Pandemic Unemployment Assistance in Colorado Had Private Information Exposed

Beer Rating App ‘Untapped’ Reveals Homes and Identities of Spies and Military Bods, Warns Bellingcat

Rogue ADT Tech Spied on Hundreds of Customers in Their Homes via CCTV

BlockFi Says It Suffered a Data Breach, but No Customer Funds Were Lost

Supernodes Across Europe Attacked By Cryptojackers To Illicitly Mine Monero

Mercedes-Benz Source Code Exposed via Misconfigured Git Registration System

WolfRAT Android Malware Targets WhatsApp, Facebook Messenger

NXNSAttack Technique Can Be Abused for Large-Scale DDOS Attacks

Clever Phishing Attack Bypasses MFA to Nab Microsoft Office 365 Credentials

Google Rolls out New Enhanced Safe Browsing Security Feature

Adobe Patches Critical RCE Flaw in Character Animator App

5/18/2020

Column 1

Bipartisan Bill Would Restrict Purchases of Airport Equipment From Chinese Companies

Officials: Israel Linked to a Disruptive Cyberattack on Iranian Port Facility

Pandemic Raises New Cybersecurity Concerns for Navy

Cyber Insurers Get Tough on Risk Assessments Amid Coronavirus Pandemic

Ransomware Gang “Pentaguard” Arrested for Spreading Locky to Hospitals

Chicago Children’s Hospital Sued Over Data Breaches

Over 190 Law Firms Affected by Advanced Data Leak That Exposed Over 10,000 Legal Documents

Krebs: This Service From “RedBear” Helps Malware Authors Fix Flaws in their Code

The 3 Top Cybersecurity Myths & What You Should Know

Why It’s Critical to Ensure Your IoT Doesn’t Become a Tangled Web of Vulnerability

Column 2

Hacker Sells 129 Million Sensitive Records of Russian Car Owners

Data Breach In Illinois’ New Pandemic Unemployment Assistance (PUA) System Exposes Some Claimants’ Personal Info

Samsung, Rolls-Royce Information Exposed by Leaky Database, Security Firm Says

Covve Revealed as Source of Data Breach Impacting 23m Individuals

Sri Lankan Websites Come Under Cyber Attack

WAFB (LA) Experiences Brief Digital Hack

ProLock Ransomware Teams Up With QakBot Trojan to Infect Victims

FBI Warns of Prolock Ransomware Decryptor Not Working Properly

Fake U.S. Dept of Treasury Emails Spreads New Node.js Malware

Smartphones, Laptops, IoT Devices Vulnerable to New BIAS Bluetooth Attack

Edison Mail iOS Bug Exposes Emails to Strangers

Windows 10 Defender’s Hidden Features Revealed by This Free Tool