Security Brief
kevnowledgy
- 22 / 25
1
Security Brief: Snowflake suscpect arrested, D-Link won’t fix flaw,Mazda persistent malware, Nokia
15:47

Security Brief: Snowflake suscpect arrested, D-Link won’t fix flaw,Mazda persistent malware, Nokia

Welcome to Security brief for week 45 #cybernews #cybersecurity #informationsecurity #infosec Outline: 00:24:00 - Stay Safe: Latest Security Update! 00:24:05 - City of Columbus: Data of 500,000 stolen in July ransomware attack 00:25:21 - Schneider Electric confirms dev platform breach after hacker steals data 00:27:05 - Nokia investigates breach after hacker claims to steal source code 00:28:49 - Suspect behind Snowflake data-theft attacks arrested in Canada 00:30:56 - Interpol disrupts cybercrime activity on 22,000 IP addresses, arrests 41 00:32:54 - D-Link won’t fix critical flaw affecting 60,000 older NAS devices 00:35:07 - Google's mysterious 'search.app' links leave Android users concerned 00:36:37 - Unpatched Mazda Connect bugs let hackers install persistent malware 00:38:53 - The End _______ Sources: City of Columbus: Data of 500,000 stolen in July ransomware attack https://www.bleepingcomputer.com/news/security/city-of-columbus-data-of-500-000-stolen-in-july-ransomware-attack/ Schneider Electric confirms dev platform breach after hacker steals data https://www.bleepingcomputer.com/news/security/schneider-electric-confirms-dev-platform-breach-after-hacker-steals-data/ Nokia investigates breach after hacker claims to steal source code https://www.bleepingcomputer.com/news/security/nokia-investigates-breach-after-hacker-claims-to-steal-source-code/ Suspect behind Snowflake data-theft attacks arrested in Canada https://www.bleepingcomputer.com/news/security/suspect-behind-snowflake-data-theft-attacks-arrested-in-canada/ Interpol disrupts cybercrime activity on 22,000 IP addresses, arrests 41 https://www.bleepingcomputer.com/news/security/interpol-disrupts-cybercrime-activity-on-22-000-ip-addresses-arrests-41/ D-Link won’t fix critical flaw affecting 60,000 older NAS devices https://www.bleepingcomputer.com/news/security/d-link-wont-fix-critical-flaw-affecting-60-000-older-nas-devices/ Google's mysterious 'search.app' links leave Android users concerned https://www.bleepingcomputer.com/news/security/googles-mysterious-searchapp-links-leave-android-users-concerned/ Unpatched Mazda Connect bugs let hackers install persistent malware https://www.bleepingcomputer.com/news/security/unpatched-mazda-connect-bugs-let-hackers-install-persistent-malware/ Want to make your own AI video? checkout invideo: invideo.sjv.io/kev ---------- Follow me: youtube @kevnowledgy instagram.com @kevnowledgyy X.com @kevnowledgy
1 comment
2
Security Brief: Internet Archive hacked, Bumblebee malware, Fortinet zero-day, REvil sentences
13:25

Security Brief: Internet Archive hacked, Bumblebee malware, Fortinet zero-day, REvil sentences

Welcome to Security brief for week 43 #cybernews #cybersecurity #informationsecurity #infosec Outline: 00:00:00 - Stay Safe: Latest Security Update! 00:00:05 - Internet Archive breached again through stolen access tokens 00:01:02 - Bumblebee malware returns after recent law enforcement disruption 00:02:57 - SEC charges tech companies for downplaying SolarWinds breaches 00:04:42 - Hackers exploit 52 zero-days on the first day of Pwn2Own Ireland 00:06:16 - Fortinet warns of new critical FortiManager flaw used in zero-day attacks 00:08:21 - Insurance admin Landmark says data breach impacts 800,000 people 00:09:23 - Henry Schein discloses data breach a year after ransomware attack 00:10:44 - UnitedHealth says data of 100 million stolen in Change Healthcare breach 00:12:05 - Russia sentences REvil ransomware members to over 4 years in prison 00:13:15 - The End _______ Sources: Internet Archive breached again through stolen access tokens https://www.bleepingcomputer.com/news/security/internet-archive-breached-again-through-stolen-access-tokens/ Bumblebee malware returns after recent law enforcement disruption https://www.bleepingcomputer.com/news/security/bumblebee-malware-returns-after-recent-law-enforcement-disruption/ SEC charges tech companies for downplaying SolarWinds breaches https://www.bleepingcomputer.com/news/security/sec-charges-tech-companies-for-downplaying-solarwinds-breaches/ Hackers exploit 52 zero-days on the first day of Pwn2Own Ireland https://www.bleepingcomputer.com/news/security/hackers-exploit-52-zero-days-on-the-first-day-of-pwn2own-ireland/ Fortinet warns of new critical FortiManager flaw used in zero-day attacks https://www.bleepingcomputer.com/news/security/fortinet-warns-of-new-critical-fortimanager-flaw-used-in-zero-day-attacks/ Insurance admin Landmark says data breach impacts 800,000 people https://www.bleepingcomputer.com/news/security/insurance-admin-landmark-says-data-breach-impacts-800-000-people/ Henry Schein discloses data breach a year after ransomware attack https://www.bleepingcomputer.com/news/security/henry-schein-discloses-data-breach-a-year-after-ransomware-attack/ UnitedHealth says data of 100 million stolen in Change Healthcare breach https://www.bleepingcomputer.com/news/security/unitedhealth-says-data-of-100-million-stolen-in-change-healthcare-breach/ Russia sentences REvil ransomware members to over 4 years in prison https://www.bleepingcomputer.com/news/security/russia-sentences-revil-ransomware-members-to-over-4-years-in-prison/ Want to make your own AI video? checkout invideo: invideo.sjv.io/kev ---------- Follow me: youtube @kevnowledgy instagram.com @kevnowledgyy X.com @kevnowledgy
3
Security Brief: Game Freak freakout, Newton MIT, Globe Life blackmail, 200 malicious apps PlayStore
11:05

Security Brief: Game Freak freakout, Newton MIT, Globe Life blackmail, 200 malicious apps PlayStore

Welcome to Security brief for week 42 Stay updated with the latest security news in our Security Brief video! We cover topics like Game Freak's security breach, MIT's Newton app security flaw, Globe Life's blackmail incident, and the discovery of 200 malicious apps on the PlayStore. #cybernews #cybersecurity #informationsecurity #infosec Outline: 00:24:13 - Stay Safe: Latest Security Update! 00:24:18 - Pokemon dev Game Freak confirms breach after stolen data leaks online 00:25:45 - Cisco investigates breach after stolen data for sale on hacking forum 00:26:37 - Over 200 malicious apps on Google Play downloaded millions of times 00:28:00 - Amazon says 175 million customers now use passkeys to log in 00:28:57 - Critical Kubernetes Image Builder flaw gives SSH root access to VMs 00:29:41 - Google: 70% of exploited flaws disclosed in 2023 were zero-days 00:30:27 - Iranian hackers act as brokers selling critical infrastructure access 00:31:26 - Hackers blackmail Globe Life after stealing customer data 00:32:30 - Tech giant Nidec confirms data breach following ransomware attack 00:33:31 - Google Scholar has a 'verified email' for Sir Isaac Newton 00:34:44 - The End _______ Sources: Pokemon dev Game Freak confirms breach after stolen data leaks online https://www.bleepingcomputer.com/news/security/pokemon-dev-game-freak-confirms-breach-after-stolen-data-leaks-online/ Cisco investigates breach after stolen data for sale on hacking forum https://www.bleepingcomputer.com/news/security/cisco-investigates-breach-after-stolen-data-for-sale-on-hacking-forum/ Over 200 malicious apps on Google Play downloaded millions of times https://www.bleepingcomputer.com/news/security/over-200-malicious-apps-on-google-play-downloaded-millions-of-times/ Amazon says 175 million customers now use passkeys to log in https://www.bleepingcomputer.com/news/security/amazon-says-175-million-customers-now-use-passkeys-to-log-in/ Critical Kubernetes Image Builder flaw gives SSH root access to VMs https://www.bleepingcomputer.com/news/security/critical-kubernetes-image-builder-flaw-gives-ssh-root-access-to-vms/ Google: 70% of exploited flaws disclosed in 2023 were zero-days https://www.bleepingcomputer.com/news/security/google-70-percent-of-exploited-flaws-disclosed-in-2023-were-zero-days/ Iranian hackers act as brokers selling critical infrastructure access https://www.bleepingcomputer.com/news/security/iranian-hackers-act-as-brokers-selling-critical-infrastructure-access/ Hackers blackmail Globe Life after stealing customer data https://www.bleepingcomputer.com/news/security/hackers-blackmail-globe-life-after-stealing-customer-data/ Tech giant Nidec confirms data breach following ransomware attack https://www.bleepingcomputer.com/news/security/tech-giant-nidec-confirms-data-breach-following-ransomware-attack/ Google Scholar has a 'verified email' for Sir Isaac Newton https://www.bleepingcomputer.com/news/security/tech-giant-nidec-confirms-data-breach-following-ransomware-attack/ Want to make your own AI video? checkout invideo: invideo.sjv.io/kev ---------- Follow me: youtube @kevnowledgy instagram.com @kevnowledgyy X.com @kevnowledgy
1 comment
4
Security Brief: Internet Archive hacked, Palo Alto hijack bug,Marriott settlement, ADT second breach
13:07

Security Brief: Internet Archive hacked, Palo Alto hijack bug,Marriott settlement, ADT second breach

Welcome to Security brief for week 41 #cybernews #cybersecurity #informationsecurity #infosec 00:00:00 - Stay Safe: Latest Security Update! 00:00:05 - ADT discloses second breach in 2 months, hacked via stolen credentials 00:01:17 - MoneyGram confirms hackers stole customer data in cyberattack 00:01:53 - Casio reports IT systems failure after weekend network breach 00:03:00 - European govt air-gapped systems breached using custom malware 00:04:17 - Marriott settles with FTC, to pay $52 million over data breaches 00:06:21 - New scanner finds Linux, UNIX servers exposed to CUPS RCE attacks 00:07:50 - Recent Dr.Web cyberattack claimed by pro-Ukrainian hacktivists 00:09:14 - Palo Alto Networks warns of firewall hijack bugs with public exploit 00:10:49 - Internet Archive hacked, data breach impacts 31 million users 00:11:55 - Fidelity Investments says data breach affects over 77,000 people 00:12:57 - The End _______ Sources: ADT discloses second breach in 2 months, hacked via stolen credentials https://www.bleepingcomputer.com/news/security/adt-discloses-second-breach-in-2-months-hacked-via-stolen-credentials/ MoneyGram confirms hackers stole customer data in cyberattack https://www.bleepingcomputer.com/news/security/moneygram-confirms-hackers-stole-customer-data-in-cyberattack/ Casio reports IT systems failure after weekend network breac https://www.bleepingcomputer.com/news/security/casio-reports-it-systems-failure-after-weekend-network-breach/ Casio confirms customer data stolen in a ransomware attack https://www.bleepingcomputer.com/news/security/casio-confirms-customer-data-stolen-in-a-ransomware-attack/ Underground ransomware claims attack on Casio, leaks stolen data https://www.bleepingcomputer.com/news/security/underground-ransomware-claims-attack-on-casio-leaks-stolen-data/ European govt air-gapped systems breached using custom malware https://www.bleepingcomputer.com/news/security/european-govt-air-gapped-systems-breached-using-custom-malware/ Marriott settles with FTC, to pay $52 million over data breaches https://www.bleepingcomputer.com/news/legal/marriott-settles-with-ftc-to-pay-52-million-over-data-breaches/ New scanner finds Linux, UNIX servers exposed to CUPS RCE attacks https://www.bleepingcomputer.com/news/software/new-scanner-finds-linux-unix-servers-exposed-to-cups-rce-attacks/ Recent Dr.Web cyberattack claimed by pro-Ukrainian hacktivists https://www.bleepingcomputer.com/news/security/recent-drweb-breach-claimed-by-dumpforums-pro-ukrainian-hacktivists/ Palo Alto Networks warns of firewall hijack bugs with public exploit https://www.bleepingcomputer.com/news/security/palo-alto-networks-warns-of-firewall-hijack-bugs-with-public-exploit/ Internet Archive hacked, data breach impacts 31 million users https://www.bleepingcomputer.com/news/security/internet-archive-hacked-data-breach-impacts-31-million-users/ Fidelity Investments says data breach affects over 77,000 people https://www.bleepingcomputer.com/news/security/fidelity-investments-says-data-breach-affects-over-77-000-people/ Want to make your own AI video? checkout invideo: invideo.sjv.io/kev ---------- Follow me: youtube @kevnowledgy instagram.com @kevnowledgyy X.com @kevnowledgy
1 comment
5
Security Brief: Temu denies breach, Disney dropps slack, AT&T settlement, Your BF cheated? QR-code
11:47

Security Brief: Temu denies breach, Disney dropps slack, AT&T settlement, Your BF cheated? QR-code

Welcome to Security brief for week 38 #cybernews #cybersecurity #informationsecurity #infosec Outline: 00:00:35 - Welcome 00:00:40 - US cracks down on spyware vendor Intellexa with more sanctions 00:01:33 - Over 1,000 ServiceNow instances found leaking corporate KB data 00:02:36 - Ransomware gangs now abuse Microsoft Azure tool for data theft 00:03:44 - Clickbaity or genius? 'BF cheated on you' QR codes pop up across UK 00:04:31 - AT&T pays $13 million FCC settlement over 2023 data breach 00:05:06 - Temu denies breach after hacker claims theft of 87 million data records 00:06:20 - Police dismantles phone unlocking ring linked to 483,000 victims 00:06:59 - Russian security firm Dr.Web disconnects all servers after breach 00:07:29 - Chinese botnet infects 260,000 SOHO routers, IP cameras with malware 00:08:24 - macOS Sequoia change breaks networking for VPN, antivirus software 00:09:21 - Disney ditching Slack after massive July data breach 00:10:25 - Europol takes down "Ghost" encrypted messaging platform used for crime 00:11:37 - The End _______ Sources: US cracks down on spyware vendor Intellexa with more sanctions https://www.bleepingcomputer.com/news/security/us-cracks-down-on-spyware-vendor-intellexa-with-more-sanctions/ Over 1,000 ServiceNow instances found leaking corporate KB data https://www.bleepingcomputer.com/news/security/over-1-000-servicenow-instances-found-leaking-corporate-kb-data/ Ransomware gangs now abuse Microsoft Azure tool for data theft https://www.bleepingcomputer.com/news/security/ransomware-gangs-now-abuse-microsoft-azure-tool-for-data-theft/ Clickbaity or genius? 'BF cheated on you' QR codes pop up across UK https://www.bleepingcomputer.com/news/security/clickbaity-or-genius-bf-cheated-on-you-qr-codes-pop-up-across-uk/ AT&T pays $13 million FCC settlement over 2023 data breach https://www.bleepingcomputer.com/news/security/atandt-pays-13-million-fcc-settlement-over-2023-data-breach/ Temu denies breach after hacker claims theft of 87 million data records https://www.bleepingcomputer.com/news/security/temu-denies-breach-after-hacker-claims-theft-of-87-million-data-records/ Police dismantles phone unlocking ring linked to 483,000 victims https://www.bleepingcomputer.com/news/security/police-dismantles-iserver-phone-unlocking-network-linked-to-483-000-victims/ Russian security firm Dr.Web disconnects all servers after breach https://www.bleepingcomputer.com/news/security/russian-security-firm-drweb-disconnects-all-servers-after-breach/ Chinese botnet infects 260,000 SOHO routers, IP cameras with malware https://www.bleepingcomputer.com/news/security/flax-typhoon-hackers-infect-260-000-routers-ip-cameras-with-botnet-malware/ macOS Sequoia change breaks networking for VPN, antivirus software https://www.bleepingcomputer.com/news/apple/macos-sequoia-change-breaks-networking-for-vpn-antivirus-software/ Disney ditching Slack after massive July data breach https://www.bleepingcomputer.com/news/security/disney-ditching-slack-after-massive-july-data-breach/ Europol takes down "Ghost" encrypted messaging platform used for crime https://www.bleepingcomputer.com/news/security/europol-takes-down-ghost-encrypted-messaging-platform-used-for-crime/ Want to make your own AI video? checkout invideo: invideo.sjv.io/kev ---------- Follow me: youtube @kevnowledgy instagram.com @kevnowledgyy X.com @kevnowledgy
6
Security Brief: AI-write malware, Telegram policy change, Kansas water, Android malware 11M devices
13:03

Security Brief: AI-write malware, Telegram policy change, Kansas water, Android malware 11M devices

Welcome to Security brief for week 39 #cybernews #cybersecurity #informationsecurity #infosec Outline: 00:00:37 - Stay Safe: Latest Security Update! 00:00:42 - Android malware 'Necro' infects 11 million devices via Google Play 00:01:48 - Telegram now shares users’ IP and phone number on legal requests 00:02:54 - US proposes ban on connected vehicle tech from China, Russia 00:04:02 - MoneyGram confirms a cyberattack is behind dayslong outage 00:05:19 - Hackers deploy AI-written malware in targeted attacks 00:06:33 - U.S. govt agency CMS says data breach impacted 3.1 million people 00:08:14 - Kansas water plant cyberattack forces switch to manual operations 00:09:13 - AutoCanada says ransomware attack "may" impact employee data 00:10:25 - Fake WalletConnect app on Google Play steals Android users’ crypto 00:11:41 - Iranian hackers charged for ‘hack-and-leak’ plot to influence election 00:12:53 - The End _______ Sources: Android malware 'Necro' infects 11 million devices via Google Play https://www.bleepingcomputer.com/news/security/android-malware-necro-infects-11-million-devices-via-google-play/ Telegram now shares users’ IP and phone number on legal requests https://www.bleepingcomputer.com/news/security/telegram-now-shares-users-ip-and-phone-number-on-legal-requests/ US proposes ban on connected vehicle tech from China, Russia https://www.bleepingcomputer.com/news/security/us-proposes-ban-on-connected-vehicle-tech-from-china-russia/ MoneyGram confirms a cyberattack is behind dayslong outage https://www.bleepingcomputer.com/news/security/moneygram-confirms-a-cyberattack-is-behind-dayslong-outage/ Hackers deploy AI-written malware in targeted attacks https://www.bleepingcomputer.com/news/security/hackers-deploy-ai-written-malware-in-targeted-attacks/ U.S. govt agency CMS says data breach impacted 3.1 million people https://www.bleepingcomputer.com/news/healthcare/us-govt-agency-cms-says-data-breach-impacted-31-million-people/ Kansas water plant cyberattack forces switch to manual operations https://www.bleepingcomputer.com/news/security/kansas-water-plant-cyberattack-forces-switch-to-manual-operations/ AutoCanada says ransomware attack "may" impact employee data https://www.bleepingcomputer.com/news/security/autocanada-says-ransomware-attack-may-impact-employee-data/ Fake WalletConnect app on Google Play steals Android users’ crypto https://www.bleepingcomputer.com/news/security/fake-walletconnect-app-on-google-play-steals-android-users-crypto/ Iranian hackers charged for ‘hack-and-leak’ plot to influence election https://www.bleepingcomputer.com/news/security/iranian-hackers-charged-for-hack-and-leak-plot-to-influence-election/ Want to make your own AI video? checkout invideo: invideo.sjv.io/kev ---------- Follow me: youtube @kevnowledgy instagram.com @kevnowledgyy X.com @kevnowledgy
1 comment
7
Security Brief: D-link not fixing four RCE, Cisco backdoor, PyPI package hijack, election disinfo
15:10

Security Brief: D-link not fixing four RCE, Cisco backdoor, PyPI package hijack, election disinfo

Welcome to Security brief for week 36 #cybernews #cybersecurity #informationsecurity #infosec Outline: 00:00:00 - Welcome 00:00:05 - Business services giant CBIZ discloses customer data breach 00:01:24 - Transport for London discloses ongoing “cyber security incident” 00:03:01 - Halliburton confirms data stolen in recent cyberattack 00:04:00 - D-Link says it is not fixing four RCE flaws in DIR-846W routers 00:05:03 - Revival Hijack supply-chain attack threatens 22,000 PyPI package 00:06:18 - Cisco warns of backdoor admin account in Smart Licensing Utility 00:07:25 - US cracks down on Russian disinformation before 2024 election 00:09:00 - Planned Parenthood confirms cyberattack as RansomHub claims breach 00:10:27 - Microchip Technology confirms data was stolen in cyberattack 00:11:35 - Microsoft removes revenge porn from Bing search using new tool 00:12:59 - Car rental giant Avis discloses data breach impacting customers 00:14:20 - The End _______ Sources: Business services giant CBIZ discloses customer data breach https://www.bleepingcomputer.com/news/security/business-services-giant-cbiz-discloses-customer-data-breach/ Transport for London discloses ongoing “cyber security incident” https://www.bleepingcomputer.com/news/security/transport-for-london-discloses-ongoing-cyber-security-incident/ Halliburton confirms data stolen in recent cyberattack https://www.bleepingcomputer.com/news/security/halliburton-confirms-data-stolen-in-recent-cyberattack/ D-Link says it is not fixing four RCE flaws in DIR-846W routers https://www.bleepingcomputer.com/news/security/d-link-says-it-is-not-fixing-four-rce-flaws-in-dir-846w-routers/ Revival Hijack supply-chain attack threatens 22,000 PyPI package https://www.bleepingcomputer.com/news/security/revival-hijack-supply-chain-attack-threatens-22-000-pypi-packages/ Cisco warns of backdoor admin account in Smart Licensing Utility https://www.bleepingcomputer.com/news/security/cisco-warns-of-backdoor-admin-account-in-smart-licensing-utility/ US cracks down on Russian disinformation before 2024 election https://www.bleepingcomputer.com/news/security/us-cracks-down-on-russian-disinformation-before-2024-election/ Planned Parenthood confirms cyberattack as RansomHub claims breach https://www.bleepingcomputer.com/news/security/planned-parenthood-confirms-cyberattack-as-ransomhub-claims-breach/ Microchip Technology confirms data was stolen in cyberattack https://www.bleepingcomputer.com/news/security/microchip-technology-confirms-data-was-stolen-in-cyberattack/ Microsoft removes revenge porn from Bing search using new tool https://www.bleepingcomputer.com/news/security/microsoft-removes-revenge-porn-from-bing-search-using-new-tool/ Car rental giant Avis discloses data breach impacting customers https://www.bleepingcomputer.com/news/security/car-rental-giant-avis-discloses-data-breach-impacting-customers/ Want to make your own AI video? checkout invideo: invideo.sjv.io/kev ---------- Follow me: youtube @kevnowledgy instagram.com @kevnowledgyy X.com @kevnowledgy
8
Security Brief: Palo Alto backdoor, DICK's, Patelco ransomware, Voldemort malware, IT research sued
14:31

Security Brief: Palo Alto backdoor, DICK's, Patelco ransomware, Voldemort malware, IT research sued

Welcome to Security brief for week 35 #cybernews #cybersecurity #informationsecurity #infosec Outline: 00:00:00 - Welcome 00:00:05 - Seattle-Tacoma Airport IT systems down due to a cyberattack 00:01:03 - Patelco notifies 726,000 customers of ransomware data breach 00:02:17 - Google tags a tenth Chrome zero-day as exploited this year 00:03:46 - Park’N Fly notifies 1 million customers of data breach 00:04:56 - BlackSuit ransomware stole data of 950,000 from software vendor 00:06:43 - DICK'S shuts down email, locks employee accounts after cyberattack 00:07:59 - New Tickler malware used to backdoor US govt, defense orgs 00:09:08 - Employee arrested for locking Windows admins out of 254 servers in extortion plot 00:10:20 - Fake Palo Alto GlobalProtect used as lure to backdoor enterprises 00:11:36 - Researcher sued for sharing data stolen by ransomware with media 00:13:08 - New Voldemort malware abuses Google Sheets to store stolen data 00:14:05 - The End _______ Sources: Seattle-Tacoma Airport IT systems down due to a cyberattack https://www.bleepingcomputer.com/news/security/seattle-tacoma-airport-it-systems-down-due-to-a-cyberattack/ Patelco notifies 726,000 customers of ransomware data breach https://www.bleepingcomputer.com/news/security/patelco-notifies-726-000-customers-of-ransomware-data-breach/ Google tags a tenth Chrome zero-day as exploited this year https://www.bleepingcomputer.com/news/security/google-tags-a-tenth-chrome-zero-day-as-exploited-this-year/ Park’N Fly notifies 1 million customers of data breach https://www.bleepingcomputer.com/news/security/parkn-fly-notifies-1-million-customers-of-data-breach/ BlackSuit ransomware stole data of 950,000 from software vendor https://www.bleepingcomputer.com/news/security/blacksuit-ransomware-stole-data-of-950-000-from-software-vendor/ Hackers steal banking creds from iOS, Android users via PWA apps https://www.bleepingcomputer.com/news/security/hackers-steal-banking-creds-from-ios-android-users-via-pwa-apps/ DICK'S shuts down email, locks employee accounts after cyberattack https://www.bleepingcomputer.com/news/security/dicks-shuts-down-email-locks-employee-accounts-after-cyberattack/ New Tickler malware used to backdoor US govt, defense orgs https://www.bleepingcomputer.com/news/security/APT33-Iranian-hacking-group-uses-new-tickler-malware-to-backdoor-us-govt-defense-orgs/ Employee arrested for locking Windows admins out of 254 servers in extortion plot https://www.bleepingcomputer.com/news/security/employee-arrested-for-locking-windows-admins-out-of-254-servers-in-extortion-plot/ Fake Palo Alto GlobalProtect used as lure to backdoor enterprises https://www.bleepingcomputer.com/news/security/fake-palo-alto-globalprotect-used-as-lure-to-backdoor-enterprises/ Researcher sued for sharing data stolen by ransomware with media https://www.bleepingcomputer.com/news/security/researcher-sued-for-sharing-data-stolen-by-ransomware-with-media/ New Voldemort malware abuses Google Sheets to store stolen data https://www.bleepingcomputer.com/news/security/new-voldemort-malware-abuses-google-sheets-to-store-stolen-data/ Want to make your own AI video? checkout invideo: invideo.sjv.io/kev ---------- Follow me: youtube @kevnowledgy instagram.com @kevnowledgyy X.com @kevnowledgy
9
Security Brief: Keytronic, Delta AirLines refuses Crowdstrike, 13,000 devices wiped, laptop farm
11:37

Security Brief: Keytronic, Delta AirLines refuses Crowdstrike, 13,000 devices wiped, laptop farm

Welcome to Security brief for week 32 #cybernews #cybersecurity #informationsecurity #infosec Outline: 00:00:00 - Stay Safe Online: Latest Cybersecurity Update! 00:00:06 - Keytronic reports losses of over $17 million after ransomware attack 00:01:16 - Crowdstrike: Delta Air Lines refused free help to resolve IT outage 00:02:30 - Hacker wipes 13,000 devices after breaching classroom management platform 00:03:23 -France's Grand Palais discloses cyberattack during Olympic games 00:04:16 - INTERPOL recovers over $40 million stolen in a BEC attack 00:05:15 - UK IT provider faces $7.7 million fine for 2022 ransomware breach 00:06:30 - FBI: BlackSuit ransomware behind over $500 million in ransom demands 00:07:44 - Ronin Network hacked, $12 million returned by "white hat" hackers 00:08:51 - CSC ServiceWorks discloses data breach after 2023 cyberattack 00:10:00 - US dismantles laptop farm used by undercover North Korean IT workers 00:11:20 - The End Want to make your own AI video? checkout invideo: invideo.sjv.io/kev ---------- Follow me: youtube @kevnowledgy instagram.com @kevnowledgyy X.com @kevnowledgy
10
Security Brief: CrowdStrike crashes Windows, Trello users leaked, LockBit, Life360, Kaspersky,
17:47

Security Brief: CrowdStrike crashes Windows, Trello users leaked, LockBit, Life360, Kaspersky,

Welcome to Security brief for week 29 #cybernews #cybersecurity #informationsecurity #infosec ---------- Outline 00:00:00 - Welcome 00:00:04 - CrowdStrike update crashes Windows systems, causes outages worldwide 00:02:31 - Facebook ads for Windows desktop themes push info-stealing malware 00:04:36 - Kaspersky is shutting down its business in the United States 00:06:38 - Email addresses of 15 million Trello users leaked on hacking forum 00:08:46 - Yacht giant MarineMax data breach impacts over 123,000 people 00:10:26 - Over 400,000 Life360 user phone numbers leaked via unsecured API 00:12:05 - Notorious FIN7 hackers sell EDR killer to other threat actors 00:13:56 - Revolver Rabbit gang registers 500,000 domains for malware campaigns 00:15:53 - Russians plead guilty to involvement in LockBit ransomware attacks 00:17:42 - The End _______ Sources: CrowdStrike update crashes Windows systems, causes outages worldwide https://www.bleepingcomputer.com/news/security/crowdstrike-update-crashes-windows-systems-causes-outages-worldwide/ Facebook ads for Windows desktop themes push info-stealing malware https://www.bleepingcomputer.com/news/security/facebook-ads-for-windows-themes-push-sys01-info-stealing-malware/ Kaspersky is shutting down its business in the United States https://www.bleepingcomputer.com/news/security/kaspersky-is-shutting-down-its-business-in-the-united-states/ Email addresses of 15 million Trello users leaked on hacking forum https://www.bleepingcomputer.com/news/security/email-addresses-of-15-million-trello-users-leaked-on-hacking-forum/ Yacht giant MarineMax data breach impacts over 123,000 people https://www.bleepingcomputer.com/news/security/yacht-giant-marinemax-data-breach-impacts-over-123-000-people/ Over 400,000 Life360 user phone numbers leaked via unsecured API https://www.bleepingcomputer.com/news/security/over-400-000-life360-user-phone-numbers-leaked-via-unsecured-android-api/ Notorious FIN7 hackers sell EDR killer to other threat actors https://www.bleepingcomputer.com/news/security/notorious-fin7-hackers-sell-edr-killer-to-other-threat-actors/ Revolver Rabbit gang registers 500,000 domains for malware campaigns https://www.bleepingcomputer.com/news/security/revolver-rabbit-gang-registers-500-000-domains-for-malware-campaigns/ Russians plead guilty to involvement in LockBit ransomware attacks https://www.bleepingcomputer.com/news/security/russians-plead-guilty-to-involvement-in-lockbit-ransomware-attacks/
11
Security Brief: Ticketmaster, Fujitsu, Rite Aid,AT&T breach, GitLab pipelines, Roblox, CloudSorcerer
18:10

Security Brief: Ticketmaster, Fujitsu, Rite Aid,AT&T breach, GitLab pipelines, Roblox, CloudSorcerer

Welcome to Security brief for week 28 #cybernews #cybersecurity #informationsecurity #infosec ---------- Outline: 00:00:00 - Welcome 00:00:05 - Roblox vendor data breach exposes dev conference attendee info 00:01:35 - CloudSorcerer hackers abuse cloud services to steal Russian govt data 00:03:09 - Hackers leak 39,000 print-at-home Ticketmaster tickets for 154 events 00:05:07 - Evolve Bank says data breach impacts 7.6 million Americans 00:07:19 - US disrupts AI-powered bot farm pushing Russian propaganda on X 00:08:46 - GitLab: Critical bug lets attackers run pipelines as other users 00:10:17 - Massive AT&T data breach exposes call logs of 109 million customers 00:12:29 - Rite Aid confirms data breach after June ransomware attack 00:14:31 - Dallas County: Data of 200,000 exposed in 2023 ransomware attack 00:16:33 - Fujitsu confirms customer data exposed in March cyberattack 00:18:06 - The End _______ Sources: Roblox vendor data breach exposes dev conference attendee info https://www.bleepingcomputer.com/news/security/roblox-vendor-data-breach-exposes-dev-conference-attendee-info/ CloudSorcerer hackers abuse cloud services to steal Russian govt data https://www.bleepingcomputer.com/news/security/cloudsorcerer-hackers-abuse-cloud-services-to-steal-russian-govt-data/ Hackers leak 39,000 print-at-home Ticketmaster tickets for 154 events https://www.bleepingcomputer.com/news/security/hackers-leak-39-000-print-at-home-ticketmaster-tickets-for-154-events/ Evolve Bank says data breach impacts 7.6 million Americans https://www.bleepingcomputer.com/news/security/evolve-bank-says-data-breach-impacts-76-million-americans/ US disrupts AI-powered bot farm pushing Russian propaganda on X https://www.bleepingcomputer.com/news/security/us-disrupts-ai-powered-bot-farm-pushing-russian-propaganda-on-x/ GitLab: Critical bug lets attackers run pipelines as other users https://www.bleepingcomputer.com/news/security/gitlab-warns-of-critical-bug-that-lets-attackers-run-pipelines-as-an-arbitrary-user/ Massive AT&T data breach exposes call logs of 109 million customers https://www.bleepingcomputer.com/news/security/massive-atandt-data-breach-exposes-call-logs-of-109-million-customers/ Rite Aid confirms data breach after June ransomware attack https://www.bleepingcomputer.com/news/security/rite-aid-confirms-data-breach-after-june-ransomware-attack/ Dallas County: Data of 200,000 exposed in 2023 ransomware attack https://www.bleepingcomputer.com/news/security/dallas-county-data-of-200-000-exposed-in-2023-ransomware-attack/ Fujitsu confirms customer data exposed in March cyberattack https://www.bleepingcomputer.com/news/security/fujitsu-confirms-customer-data-exposed-in-march-cyberattack/ ---------- Follow me: youtube @kevnowledgy instagram.com @kevnowledgyy X.com @kevnowledgy
12
Security Brief: Ticketmaster, Ethereum breach, Europol CobaltStrike, KVM, Evil Twin, NX-OS, OpenSSH.
18:29

Security Brief: Ticketmaster, Ethereum breach, Europol CobaltStrike, KVM, Evil Twin, NX-OS, OpenSSH.

Welcome to Security brief for week 27 #cybernews #cybersecurity #informationsecurity #infosec _______ 00:00:00- Welcome 00:00:06 - New regreSSHion OpenSSH RCE bug gives root on Linux servers 00:01:33 - Cisco warns of NX-OS zero-day exploited to deploy custom malware 00:03:23 - Australian charged for ‘Evil Twin’ WiFi attack on plane 00:04:53 - Prudential Financial now says 2.5 million impacted by data breach 00:06:35 - Google now pays $250,000 for KVM zero-day vulnerabilities 00:08:31 - Europol takes down 593 Cobalt Strike servers used by cybercriminals 00:10:36 - Hackers abused API to verify millions of Authy MFA phone numbers 00:12:33 - HealthEquity data breach exposes protected health information 00:14:24 - Ethereum mailing list breach exposes 35,000 to crypto draining attack 00:16:36 - Hackers leak alleged Taylor Swift tickets, amp up Ticketmaster extortion 00:18:24 - The End _______ Sources: New regreSSHion OpenSSH RCE bug gives root on Linux servers https://www.bleepingcomputer.com/news/security/new-regresshion-openssh-rce-bug-gives-root-on-linux-servers/ Cisco warns of NX-OS zero-day exploited to deploy custom malware https://www.bleepingcomputer.com/news/security/cisco-warns-of-nx-os-zero-day-exploited-to-deploy-custom-malware/ Australian charged for ‘Evil Twin’ WiFi attack on plane https://www.bleepingcomputer.com/news/security/australian-charged-for-evil-twin-wifi-attack-on-plane/ Prudential Financial now says 2.5 million impacted by data breach https://www.bleepingcomputer.com/news/security/prudential-financial-now-says-25-million-impacted-by-data-breach/ Google now pays $250,000 for KVM zero-day vulnerabilities https://www.bleepingcomputer.com/news/security/google-now-pays-250-000-for-kvm-zero-day-vulnerabilities/ Europol takes down 593 Cobalt Strike servers used by cybercriminals https://www.bleepingcomputer.com/news/security/europol-takes-down-593-cobalt-strike-servers-used-by-cybercriminals/ Hackers abused API to verify millions of Authy MFA phone numbers https://www.bleepingcomputer.com/news/security/hackers-abused-api-to-verify-millions-of-authy-mfa-phone-numbers/ HealthEquity data breach exposes protected health information https://www.bleepingcomputer.com/news/security/healthequity-data-breach-exposes-protected-health-information/ Ethereum mailing list breach exposes 35,000 to crypto draining attack https://www.bleepingcomputer.com/news/security/ethereum-mailing-list-breach-exposes-35-000-to-crypto-draining-attack/ Hackers leak alleged Taylor Swift tickets, amp up Ticketmaster extortion https://www.bleepingcomputer.com/news/security/hackers-leak-alleged-taylor-swift-tickets-amp-up-ticketmaster-extortion/ ---------- Follow me: youtube @kevnowledgy instagram.com @kevnowledgyy X.com @kevnowledgy
13
Security Brief: TeamViewer, Medus, Snowblind malware, CoinStats, Polyfil, Neiman Marcus breach, CISA
15:43

Security Brief: TeamViewer, Medus, Snowblind malware, CoinStats, Polyfil, Neiman Marcus breach, CISA

Welcome to Security brief for week 26 #cybernews #cybersecurity #informationsecurity #infosec _______ OUTLINE: 00:00:00 - Welcome 00:00:05 - CoinStats says North Korean hackers breached 1,590 crypto wallets 00:01:50 - Chemical facilities warned of possible data theft in CISA CSAT breach 00:03:38 - Neiman Marcus confirms data breach after Snowflake account hack 00:05:36 - New Medusa malware variants target Android users in seven countries 00:08:40 - Polyfill.io JavaScript supply chain attack impacts over 100K sites 00:11:15 - Snowblind malware abuses Android security feature to bypass security 00:13:40 - TeamViewer's corporate network was breached in alleged APT hack 00:15:40 - The End _______ Sources: CoinStats says North Korean hackers breached 1,590 crypto wallets https://www.bleepingcomputer.com/news/cryptocurrency/coinstats-says-north-korean-hackers-breached-1-590-crypto-wallets/ Chemical facilities warned of possible data theft in CISA CSAT breach https://www.bleepingcomputer.com/news/security/chemical-facilities-warned-of-possible-data-theft-in-cisa-csat-breach/ Neiman Marcus confirms data breach after Snowflake account hack https://www.bleepingcomputer.com/news/security/neiman-marcus-confirms-data-breach-after-snowflake-account-hack/ New Medusa malware variants target Android users in seven countries https://www.bleepingcomputer.com/news/security/new-medusa-malware-variants-target-android-users-in-seven-countries/ Polyfill.io JavaScript supply chain attack impacts over 100K sites https://www.bleepingcomputer.com/news/security/polyfillio-javascript-supply-chain-attack-impacts-over-100k-sites/ Polyfill claims it has been 'defamed', returns after domain shut down https://www.bleepingcomputer.com/news/security/polyfill-claims-it-has-been-defamed-returns-after-domain-shut-down/ Cloudflare: We never authorized polyfill.io to use our name https://www.bleepingcomputer.com/news/security/cloudflare-we-never-authorized-polyfillio-to-use-our-name/ Polyfill.io, BootCDN, Bootcss, Staticfile attack traced to 1 operator https://www.bleepingcomputer.com/news/security/polyfillio-bootcdn-bootcss-staticfile-attack-traced-to-1-operator/ Snowblind malware abuses Android security feature to bypass security https://www.bleepingcomputer.com/news/security/snowblind-malware-abuses-android-security-feature-to-bypass-security/ TeamViewer's corporate network was breached in alleged APT hack https://www.bleepingcomputer.com/news/security/teamviewers-corporate-network-was-breached-in-alleged-apt-hack/ TeamViewer links corporate cyberattack to Russian state hackers https://www.bleepingcomputer.com/news/security/teamviewer-links-corporate-cyberattack-to-russian-state-hackers/ ---------- Follow me: youtube @kevnowledgy instagram.com @kevnowledgyy X.com @kevnowledgy
14
Security Brief:sim-swapper, Medibank, Panera Bread, AMD , Crown Equipment, VMware , Kaspersky banned
13:18

Security Brief:sim-swapper, Medibank, Panera Bread, AMD , Crown Equipment, VMware , Kaspersky banned

Welcome to Security brief for week 25 #cybernews #cybersecurity #informationsecurity #infosec ---------- OUTLINE: 00:00:00 - Welcome 00:00:05 - Alleged Scattered Spider sim-swapper arrested in Spain 00:01:30 - Panera Bread likely paid a ransom in March ransomware attack 00:02:46 - Two men guilty of breaching law enforcement portal in blackmail scheme 00:03:41 - Scathing report on Medibank cyberattack highlights unenforced MFA 00:04:51- AMD investigates breach after data for sale on hacking forum 00:05:51 - Advance Auto Parts confirms data breach exposed employee information 00:06:54 - Crown Equipment confirms a cyberattack disrupted manufacturing 00:07:57 - Linux version of RansomHub ransomware targets VMware ESXi VMs 00:08:54 - Biden bans Kaspersky antivirus software in US over security concerns 00:10:00 - Tor Browser 13.5 brings Android enhancements, better bridge management 00:11:02 - CDK Global outage caused by BlackSuit ransomware attack 00:12:05 - Los Angeles Unified confirms student data stolen in Snowflake account hack 00:13:12 - End _______ Sources: Alleged Scattered Spider sim-swapper arrested in Spain https://www.bleepingcomputer.com/news/legal/alleged-scattered-spider-sim-swapper-arrested-in-spain/ Panera Bread likely paid a ransom in March ransomware attack https://www.bleepingcomputer.com/news/security/panera-bread-likely-paid-a-ransom-in-march-ransomware-attack/ Two men guilty of breaching law enforcement portal in blackmail scheme https://www.bleepingcomputer.com/news/security/two-men-guilty-of-breaching-law-enforcement-portal-in-blackmail-scheme/ Scathing report on Medibank cyberattack highlights unenforced MFA https://www.bleepingcomputer.com/news/security/scathing-report-on-medibank-cyberattack-highlights-unenforced-mfa/ AMD investigates breach after data for sale on hacking forum https://www.bleepingcomputer.com/news/security/amd-investigates-breach-after-data-for-sale-on-hacking-forum/ Advance Auto Parts confirms data breach exposed employee information https://www.bleepingcomputer.com/news/security/advance-auto-parts-confirms-data-breach-exposed-employee-information/ Crown Equipment confirms a cyberattack disrupted manufacturing https://www.bleepingcomputer.com/news/security/crown-equipment-confirms-a-cyberattack-disrupted-manufacturing/ Linux version of RansomHub ransomware targets VMware ESXi VMs https://www.bleepingcomputer.com/news/security/linux-version-of-ransomhub-ransomware-targets-vmware-esxi-vms/ Biden bans Kaspersky antivirus software in US over security concerns https://www.bleepingcomputer.com/news/security/biden-bans-kaspersky-antivirus-software-in-us-over-security-concerns/ Tor Browser 13.5 brings Android enhancements, better bridge management https://www.bleepingcomputer.com/news/security/tor-browser-135-brings-android-enhancements-better-bridge-management/ CDK Global outage caused by BlackSuit ransomware attack https://www.bleepingcomputer.com/news/security/cdk-global-outage-caused-by-blacksuit-ransomware-attack/ Los Angeles Unified confirms student data stolen in Snowflake account hack https://www.bleepingcomputer.com/news/security/los-angeles-unified-confirms-student-data-stolen-in-snowflake-account-hack/ ---------- Follow me: youtube @kevnowledgy instagram.com @kevnowledgyy X.com @kevnowledgy
15
Security Brief: Veeam, Life360 extortion, Black Basta, TellYouThePass, 23andMe, Apple iAI, Cleveland
21:45

Security Brief: Veeam, Life360 extortion, Black Basta, TellYouThePass, 23andMe, Apple iAI, Cleveland

Welcome to Security brief for week 24 #cybernews #cybersecurity #informationsecurity #infosec _______ Outline: 00:00:00 - Welcome 00:00:06 - 23andMe data breach under investigation in UK and Canada 00:01:31 - Exploit for critical Veeam auth bypass available, patch now 00:03:14 - London hospitals face blood shortage after Synnovis ransomware attack 00:04:51 - Apple enters AI arms race with new Apple Intelligence feature 00:06:10 - TellYouThePass ransomware exploits recent PHP RCE flaw to breach servers 00:08:31 - Chinese hackers breached 20,000 FortiGate systems worldwide 00:11:14 - City of Cleveland shuts down IT systems after cyberattack 00:12:59 - Black Basta ransomware gang linked to Windows zero-day attacks 00:15:27 - Police arrest Conti and LockBit ransomware crypter specialist 00:16:59 - Life360 says hacker tried to extort them after Tile data breach 00:18:37 - Phishing emails abuse Windows search protocol to push malicious scripts 00:20:05 - Exploit for Veeam Recovery Orchestrator auth bypass available, patch now 00:21:40 - The End _______ Sources: 23andMe data breach under investigation in UK and Canada https://www.bleepingcomputer.com/news/security/23andme-data-breach-under-investigation-in-uk-and-canada/ Exploit for critical Veeam auth bypass available, patch now https://www.bleepingcomputer.com/news/security/exploit-for-critical-veeam-auth-bypass-available-patch-now/ London hospitals face blood shortage after Synnovis ransomware attack https://www.bleepingcomputer.com/news/security/london-hospitals-face-blood-shortage-after-synnovis-ransomware-attack/ Apple enters AI arms race with new Apple Intelligence feature https://www.bleepingcomputer.com/news/apple/apple-enters-ai-arms-race-with-new-apple-intelligence-feature/ TellYouThePass ransomware exploits recent PHP RCE flaw to breach servers https://www.bleepingcomputer.com/news/security/tellyouthepass-ransomware-exploits-recent-php-rce-flaw-to-breach-servers/ Chinese hackers breached 20,000 FortiGate systems worldwide https://www.bleepingcomputer.com/news/security/chinese-hackers-breached-20-000-fortigate-systems-worldwide/ City of Cleveland shuts down IT systems after cyberattack https://www.bleepingcomputer.com/news/security/city-of-cleveland-shuts-down-it-systems-after-cyberattack/ Black Basta ransomware gang linked to Windows zero-day attacks https://www.bleepingcomputer.com/news/security/black-basta-ransomware-gang-linked-to-windows-zero-day-attacks/ Police arrest Conti and LockBit ransomware crypter specialist https://www.bleepingcomputer.com/news/security/police-arrest-conti-and-lockbit-ransomware-crypter-specialist/ Life360 says hacker tried to extort them after Tile data breach https://www.bleepingcomputer.com/news/security/life360-says-hacker-tried-to-extort-them-after-tile-data-breach/ Phishing emails abuse Windows search protocol to push malicious scripts https://www.bleepingcomputer.com/news/security/phishing-emails-abuse-windows-search-protocol-to-push-malicious-scripts/ Exploit for Veeam Recovery Orchestrator auth bypass available, patch now https://www.bleepingcomputer.com/news/security/exploit-for-veeam-recovery-orchestrator-auth-bypass-available-patch-now/ ---------- Follow me: youtube @kevnowledgy instagram.com @kevnowledgyy X.com @kevnowledgy
16
Security Brief: Christie’s, Check Point, Sav-Rx, Fortinet siem, Okta, Cooler Master Stack Overflow
18:42

Security Brief: Christie’s, Check Point, Sav-Rx, Fortinet siem, Okta, Cooler Master Stack Overflow

Welcome to Security brief for week 22 #cybernews #cybersecurity #informationsecurity #infosec 00:00:00 - Welcome 00:00:05 - Sav-Rx discloses data breach impacting 2.8 million Americans 00:02:05 - Hackers target Check Point VPNs to breach enterprise networks 00:04:35 - Christie’s confirms breach after RansomHub threatens to leak data 00:05:49 -Exploit released for maximum severity Fortinet RCE bug, patch now 00:07:26 - US govt sanctions cybercrime gang behind massive 911 S5 botnet 00:09:32 - Over 90 malicious Android apps with 5.5M installs found on Google Play 00:11:36 - First American December data breach impacts 44,000 people 00:13:20 - Okta warns of credential stuffing attacks targeting its CORS feature 00:14:44 - US dismantles 911 S5 botnet used for cyberattacks, arrests admin 00:15:59 - Cooler Master hit by data breach exposing customer information 00:17:19 - Cybercriminals pose as "helpful" Stack Overflow users to push malware 00:18:33 - The End Sources: Sav-Rx discloses data breach impacting 2.8 million Americans https://www.bleepingcomputer.com/news/security/sav-rx-discloses-data-breach-impacting-28-million-americans/ Hackers target Check Point VPNs to breach enterprise networks https://www.bleepingcomputer.com/news/security/hackers-target-check-point-vpns-to-breach-enterprise-networks/ Christie’s confirms breach after RansomHub threatens to leak data https://www.bleepingcomputer.com/news/security/christies-confirms-breach-after-ransomhub-threatens-to-leak-data/ Exploit released for maximum severity Fortinet RCE bug, patch now https://www.bleepingcomputer.com/news/security/exploit-released-for-maximum-severity-fortinet-rce-bug-patch-now/ US govt sanctions cybercrime gang behind massive 911 S5 botnet https://www.bleepingcomputer.com/news/security/us-govt-sanctions-cybercrime-gang-behind-massive-911-s5-proxy-botnet-linked-to-illegitimate-residential-proxy-service/ Over 90 malicious Android apps with 5.5M installs found on Google Play https://www.bleepingcomputer.com/news/security/over-90-malicious-android-apps-with-55m-installs-found-on-google-play/ First American December data breach impacts 44,000 people https://www.bleepingcomputer.com/news/security/first-american-december-data-breach-impacts-44-000-people/ Okta warns of credential stuffing attacks targeting its CORS feature https://www.bleepingcomputer.com/news/security/okta-warns-of-credential-stuffing-attacks-targeting-its-cors-feature/ US dismantles 911 S5 botnet used for cyberattacks, arrests admin https://www.bleepingcomputer.com/news/security/us-dismantles-911-s5-residential-proxy-botnet-used-for-cyberattacks-arrests-admin/ Cooler Master hit by data breach exposing customer information https://www.bleepingcomputer.com/news/security/cooler-master-hit-by-data-breach-exposing-customer-information/ Cybercriminals pose as "helpful" Stack Overflow users to push malware https://www.bleepingcomputer.com/news/security/cybercriminals-pose-as-helpful-stack-overflow-users-to-push-malware/ ---------- Follow me: youtube @kevnowledgy instagram.com @kevnowledgyy X.com @kevnowledgy
17
Security Brief: Synnovis, NTLM deprecate , V3B, ARRL, RansomHub, BianLian leaks data, PandaBuy
16:23

Security Brief: Synnovis, NTLM deprecate , V3B, ARRL, RansomHub, BianLian leaks data, PandaBuy

Welcome to Secirty brief for week 23 #cybernews #cybersecurity #informationsecurity #infosec ---------- Outline: 00:00:00 - Welcome 00:00:06 - Microsoft India’s X account hijacked in Roaring Kitty crypto scam 00:01:35 - Collection agency FBCS ups data breach tally to 3.2 million people 00:02:32 - Major London hospitals disrupted by Synnovis ransomware attack 00:04:15 - Microsoft deprecates Windows NTLM authentication protocol 00:05:59 - New V3B phishing kit targets customers of 54 European banks 00:06:57 - ARRL says it was hacked by an "international cyber group" 00:08:06 - RansomHub extortion gang linked to now-defunct Knight ransomware 00:10:08 - Australian mining company discloses breach after BianLian leaks data 00:11:48 - Qilin ransomware gang linked to attack on London hospitals 00:13:13 - FBI recovers 7,000 LockBit keys, urges ransomware victims to reach out 00:14:55 - PandaBuy pays ransom to hacker only to get extorted again 00:16:18 - End ---------- Sources: Microsoft India’s X account hijacked in Roaring Kitty crypto scam https://www.bleepingcomputer.com/news/security/microsoft-indias-x-account-hijacked-in-roaring-kitty-crypto-scam-to-push-wallet-drainers/ Collection agency FBCS ups data breach tally to 3.2 million people https://www.bleepingcomputer.com/news/security/collection-agency-fbcs-ups-data-breach-tally-to-32-million-people/ Major London hospitals disrupted by Synnovis ransomware attack https://www.bleepingcomputer.com/news/security/major-london-hospitals-disrupted-by-synnovis-ransomware-attack/ Microsoft deprecates Windows NTLM authentication protocol https://www.bleepingcomputer.com/news/microsoft/microsoft-deprecates-windows-ntlm-authentication-protocol/ New V3B phishing kit targets customers of 54 European banks https://www.bleepingcomputer.com/news/security/new-v3b-phishing-kit-targets-customers-of-54-european-banks/ ARRL says it was hacked by an "international cyber group" https://www.bleepingcomputer.com/news/security/american-radio-relay-league-says-it-was-hacked-by-an-international-cyber-group/ RansomHub extortion gang linked to now-defunct Knight ransomware https://www.bleepingcomputer.com/news/security/ransomhub-extortion-gang-linked-to-now-defunct-knight-ransomware/ Australian mining company discloses breach after BianLian leaks data https://www.bleepingcomputer.com/news/security/australian-mining-company-discloses-breach-after-bianlian-leaks-data/ Qilin ransomware gang linked to attack on London hospitals https://www.bleepingcomputer.com/news/security/qilin-ransomware-gang-linked-to-attack-on-london-hospitals/ FBI recovers 7,000 LockBit keys, urges ransomware victims to reach out https://www.bleepingcomputer.com/news/security/cooler-master-hit-by-data-breach-exposing-customer-information/ PandaBuy pays ransom to hacker only to get extorted again https://www.bleepingcomputer.com/news/security/pandabuy-pays-ransom-to-hacker-only-to-get-extorted-again/ ---------- Follow me: youtube @kevnowledgy instagram.com @kevnowledgyy X.com @kevnowledgy
18
Security Brief: LastPass, GhostEngine,Rockwel,OmniVision, QNAP QTS, Apple, Google, Incognito darkweb
17:05

Security Brief: LastPass, GhostEngine,Rockwel,OmniVision, QNAP QTS, Apple, Google, Incognito darkweb

Welcome to Security brief for week 21 #cybernews #cybersecurity #informationsecurity #infosec OUTLINE: 00:00:00 - Welcome 00:00:06 - QNAP QTS zero-day in Share feature gets public RCE exploit 00:01:33 - Owner of Incognito dark web drugs market arrested in New York 00:03:29 - OmniVision discloses data breach after 2023 ransomware attack 00:05:33 - Rockwell Automation warns admins to take ICS devices offline 00:06:34 - GhostEngine mining attacks kill EDR security using vulnerable drivers 00:08:30 - LastPass is now encrypting URLs in password vaults for better security 00:09:42 - Intercontinental Exchange to pay $10M SEC penalty over VPN breach 00:11:16 - Northern Ireland police faces £750k fine after exposing staff info 00:13:30 - Apple wasn’t storing deleted iOS photos in iCloud after all 00:14:26 - Microsoft spots gift card thieves using cyber-espionage tactics 00:16:05 - Google fixes eighth actively exploited Chrome zero-day this year 00:17:01 - End Sources: QNAP QTS zero-day in Share feature gets public RCE exploit https://www.bleepingcomputer.com/news/security/qnap-qts-zero-day-in-share-feature-gets-public-rce-exploit/ Owner of Incognito dark web drugs market arrested in New York https://www.bleepingcomputer.com/news/security/owner-of-incognito-dark-web-drugs-market-arrested-in-new-york/ OmniVision discloses data breach after 2023 ransomware attack https://www.bleepingcomputer.com/news/security/omnivision-discloses-data-breach-after-2023-ransomware-attack/ Rockwell Automation warns admins to take ICS devices offline https://www.bleepingcomputer.com/news/security/rockwell-automation-warns-admins-to-take-ics-devices-offline/ GhostEngine mining attacks kill EDR security using vulnerable drivers https://www.bleepingcomputer.com/news/security/ghostengine-mining-attacks-kill-edr-security-using-vulnerable-drivers/ LastPass is now encrypting URLs in password vaults for better security https://www.bleepingcomputer.com/news/security/lastpass-is-now-encrypting-urls-in-password-vaults-for-better-security/ Intercontinental Exchange to pay $10M SEC penalty over VPN breach https://www.bleepingcomputer.com/news/security/intercontinental-exchange-to-pay-10m-sec-penalty-over-vpn-breach/ Northern Ireland police faces £750k fine after exposing staff info https://www.bleepingcomputer.com/news/security/northern-ireland-police-faces-750k-fine-after-exposing-staff-info/ Apple wasn’t storing deleted iOS photos in iCloud after all https://www.bleepingcomputer.com/news/security/apple-wasnt-storing-deleted-ios-photos-in-icloud-after-all/ Microsoft spots gift card thieves using cyber-espionage tactics https://www.bleepingcomputer.com/news/security/microsoft-spots-gift-card-thieves-using-cyber-espionage-tactics/ ---------- Follow me: youtube @kevnowledgy instagram.com @kevnowledgyy X.com @kevnowledgy
19
Security Brief:pig butchering,MediSecure,Kimsuky,Brothers arrested,Breach Forums down,Apple, Google
17:57

Security Brief:pig butchering,MediSecure,Kimsuky,Brothers arrested,Breach Forums down,Apple, Google

Welcome to Secirty brief for week 20 #cybernews #cybersecurity #informationsecurity #infosec ---------- Outline: 00:00:00 - Welcome 00:00:06 -Helsinki suffers data breach after hackers exploit unpatched flaw 00:00:58 - Botnet sent millions of emails in LockBit Black ransomware campaign 00:02:02 - INC ransomware source code selling on hacking forums for $300,000 00:03:00 - Apple backports fix for zero-day exploited in attacks to older iPhones 00:04:05 - Apple and Google add alerts for unknown Bluetooth trackers to iOS, Android 00:05:00 - Singing River Health System: Data of 895,000 stolen in ransomware attack 00:06:20 - UFBI seize BreachForums hacking forum used to leak stolen data 00:07:40 - Brothers arrested for $25 million theft in Ethereum blockchain attack 00:09:11 - Nissan North America data breach impacts over 53,000 employees 00:10:53 - Kimsuky hackers deploy new Linux backdoor in attacks on South Korea 00:12:35 - MediSecure e-script firm hit by ‘large-scale’ ransomware data breach 00:13:56 - Norway recommends replacing SSL VPN to prevent breaches 00:15:54 - US arrests suspects behind $73M ‘pig butchering’ laundering scheme 00:17:52 - The end ---------- Sources: Helsinki suffers data breach after hackers exploit unpatched flaw https://www.bleepingcomputer.com/news/security/helsinki-suffers-data-breach-after-hackers-exploit-unpatched-flaw/ Botnet sent millions of emails in LockBit Black ransomware campaign https://www.bleepingcomputer.com/news/security/botnet-sent-millions-of-emails-in-lockbit-black-ransomware-campaign/ INC ransomware source code selling on hacking forums for $300,000 https://www.bleepingcomputer.com/news/security/inc-ransomware-source-code-selling-on-hacking-forums-for-300-000/ Apple backports fix for zero-day exploited in attacks to older iPhones https://www.bleepingcomputer.com/news/apple/apple-backports-fix-for-zero-day-exploited-in-attacks-to-older-iphones/ Apple and Google add alerts for unknown Bluetooth trackers to iOS, Android https://www.bleepingcomputer.com/news/security/apple-and-google-add-alerts-for-unknown-bluetooth-trackers-to-ios-android/ Singing River Health System: Data of 895,000 stolen in ransomware attack https://www.bleepingcomputer.com/news/security/singing-river-health-system-data-of-895-000-stolen-in-ransomware-attack/ FBI seize BreachForums hacking forum used to leak stolen data https://www.bleepingcomputer.com/news/security/fbi-seize-breachforums-hacking-forum-used-to-leak-stolen-data/ Brothers arrested for $25 million theft in Ethereum blockchain attack https://www.bleepingcomputer.com/news/security/brothers-arrested-for-25-million-theft-in-ethereum-blockchain-attack/ Nissan North America data breach impacts over 53,000 employees https://www.bleepingcomputer.com/news/security/nissan-north-america-data-breach-impacts-over-53-000-employees/ Kimsuky hackers deploy new Linux backdoor in attacks on South Korea https://www.bleepingcomputer.com/news/security/kimsuky-hackers-deploy-new-linux-backdoor-in-attacks-on-south-korea/ MediSecure e-script firm hit by ‘large-scale’ ransomware data breach https://www.bleepingcomputer.com/news/security/medisecure-e-script-firm-hit-by-large-scale-ransomware-data-breach/ Norway recommends replacing SSL VPN to prevent breaches https://www.bleepingcomputer.com/news/security/norway-recommends-replacing-ssl-vpn-to-prevent-breaches/ US arrests suspects behind $73M ‘pig butchering’ laundering scheme https://www.bleepingcomputer.com/news/security/us-arrests-suspects-behind-73m-pig-butchering-laundering-scheme/ ---------- Follow me: youtube @kevnowledgy instagram.com @kevnowledgyy X.com @kevnowledgy
20
Security Brief: Ransomware, Sandworm, APT28, UnitedHealth, Brokewell, WP, CrushFTP, Flowmon
16:22

Security Brief: Ransomware, Sandworm, APT28, UnitedHealth, Brokewell, WP, CrushFTP, Flowmon

Welcome to Security Brief for week 17 #cybernews #cybersecurity #informationsecurity #infosec OUTLINE: 00:00:00 - Welome 00:00:06 - Ransomware payments drop to record low of 28% in Q1 2024 00:00:54 - Russian Sandworm hackers targeted 20 critical orgs in Ukraine 00:02:10 - Synlab Italia suspends operations following ransomware attack 00:03:02 - Microsoft: APT28 hackers exploit Windows flaw reported by NSA 00:04:12 - UnitedHealth confirms it paid ransomware gang to stop data leak 00:04:58 - DPRK hacking groups breach South Korean defense contractors 00:05:37 - Hackers hijack antivirus updates to drop GuptiMiner malware 00:06:51 - US govt sanctions Iranians linked to government cyberattacks 00:07:44 - ArcaneDoor hackers exploit Cisco zero-days to breach govt networks 00:08:51 - Maximum severity Flowmon bug has a public exploit, patch now 00:10:16 - WP Automatic WordPress plugin hit by millions of SQL injection attacks 00:11:40 - New Brokewell malware takes over Android devices, steals data 00:12:37 - Over 1,400 CrushFTP servers vulnerable to actively exploited bug 00:14:05 - Kaiser Permanente: Data breach may impact 13.4 million patients 00:15:36 - Fake job interviews target developers with new Python backdoor 00:16:16 - The end Sources: Ransomware payments drop to record low of 28% in Q1 2024 https://www.bleepingcomputer.com/news/security/ransomware-payments-drop-to-record-low-of-28-percent-in-q1-2024/ Russian Sandworm hackers targeted 20 critical orgs in Ukraine https://www.bleepingcomputer.com/news/security/russian-sandworm-hackers-targeted-20-critical-orgs-in-ukraine/ Synlab Italia suspends operations following ransomware attack https://www.bleepingcomputer.com/news/security/synlab-italia-suspends-operations-following-ransomware-attack/ Microsoft: APT28 hackers exploit Windows flaw reported by NSA https://www.bleepingcomputer.com/news/security/microsoft-apt28-hackers-exploit-windows-flaw-reported-by-nsa/ UnitedHealth confirms it paid ransomware gang to stop data leak https://www.bleepingcomputer.com/news/security/unitedhealth-confirms-it-paid-ransomware-gang-to-stop-data-leak/ DPRK hacking groups breach South Korean defense contractors https://www.bleepingcomputer.com/news/security/dprk-hacking-groups-breach-south-korean-defense-contractors/ Hackers hijack antivirus updates to drop GuptiMiner malware https://www.bleepingcomputer.com/news/security/hackers-hijack-antivirus-updates-to-drop-guptiminer-malware/ US govt sanctions Iranians linked to government cyberattacks https://www.bleepingcomputer.com/news/security/us-govt-sanctions-iranians-linked-to-government-cyberattacks/ CArcaneDoor hackers exploit Cisco zero-days to breach govt networks https://www.bleepingcomputer.com/news/security/arcanedoor-hackers-exploit-cisco-zero-days-to-breach-govt-networks/ Maximum severity Flowmon bug has a public exploit, patch now https://www.bleepingcomputer.com/news/security/maximum-severity-flowmon-bug-has-a-public-exploit-patch-now/ WP Automatic WordPress plugin hit by millions of SQL injection attacks https://www.bleepingcomputer.com/news/security/wp-automatic-wordpress-plugin-hit-by-millions-of-sql-injection-attacks/ New Brokewell malware takes over Android devices, steals data https://www.bleepingcomputer.com/news/security/new-brokewell-malware-takes-over-android-devices-steals-data/ Over 1,400 CrushFTP servers vulnerable to actively exploited bug https://www.bleepingcomputer.com/news/security/over-1-400-crushftp-servers-vulnerable-to-actively-exploited-bug/ Kaiser Permanente: Data breach may impact 13.4 million patients https://www.bleepingcomputer.com/news/security/kaiser-permanente-data-breach-may-impact-134-million-patients/ Fake job interviews target developers with new Python backdoor https://www.bleepingcomputer.com/news/security/fake-job-interviews-target-developers-with-new-python-backdoor/ Follow me: youtube: @kevnowledgyy instagram.com @kevnowledgyy X.com @kevnowledgy
21
Security Brief: Finland bank breach, Locbit, BetterHelp settlement,MOVEit ,Lottery ransomware,Citrix
15:33

Security Brief: Finland bank breach, Locbit, BetterHelp settlement,MOVEit ,Lottery ransomware,Citrix

Security brief for week 19 Security Brief: #Finland bank breach,#Locbit, #BetterHelp settlement,#MOVEit ,#Lottery ransomware,#Citrix #cybernews #cybersecurity #informationsecurity #infosec OUTLINE: 00:00:00 - Welcome 00:00:06 - Finland warns of Android malware attacks breaching bank accounts 00:02:03 - City of Wichita shuts down IT network after ransomware attack 00:02:56 - LockBit ransomware admin identified, sanctioned in US, UK, Australia 00:04:31 - BetterHelp to pay $7.8 million to 800,000 in health data sharing settlement 00:05:09 - Over 50,000 Tinyproxy servers vulnerable to critical RCE flaw 00:05:53 - UK confirms Ministry of Defence payroll data exposed in data breach 00:06:45 - DocGo discloses cyberattack after hackers steal patient health data 00:07:45 - Massive webshop fraud ring steals credit cards from 850,000 people 00:08:51 - Ascension healthcare takes systems offline after cyberattack 00:09:55 - University System of Georgia: 800K exposed in 2023 MOVEit attack 00:11:18 - Zscaler takes "test environment" offline after rumors of a breach 00:12:17 - Dell warns of data breach, 49 million customers allegedly affected 00:13:29 - Ohio Lottery ransomware attack impacts over 538,000 individuals 00:14:24 - Citrix warns admins to manually mitigate PuTTY SSH client bug 00:15:29 - The End Sources: Finland warns of Android malware attacks breaching bank accounts https://www.bleepingcomputer.com/news/security/finland-warns-of-android-malware-attacks-breaching-bank-accounts/ City of Wichita shuts down IT network after ransomware attack https://www.bleepingcomputer.com/news/security/city-of-wichita-shuts-down-it-network-after-ransomware-attack/ LockBit ransomware admin identified, sanctioned in US, UK, Australia https://www.bleepingcomputer.com/news/security/lockbit-ransomware-admin-identified-sanctioned-in-us-uk-australia/ BetterHelp to pay $7.8 million to 800,000 in health data sharing settlement https://www.bleepingcomputer.com/news/security/betterhelp-to-pay-78-million-to-800-000-in-health-data-sharing-settlement/ Over 50,000 Tinyproxy servers vulnerable to critical RCE flaw https://www.bleepingcomputer.com/news/security/over-50-000-tinyproxy-servers-vulnerable-to-critical-rce-flaw/ UK confirms Ministry of Defence payroll data exposed in data breach https://www.bleepingcomputer.com/news/security/uk-confirms-ministry-of-defence-payroll-data-exposed-in-data-breach/ DocGo discloses cyberattack after hackers steal patient health data https://www.bleepingcomputer.com/news/security/docgo-discloses-cyberattack-after-hackers-steal-patient-health-data/ Massive webshop fraud ring steals credit cards from 850,000 people https://www.bleepingcomputer.com/news/security/massive-webshop-fraud-ring-steals-credit-cards-from-850-000-people/ Ascension healthcare takes systems offline after cyberattack https://www.bleepingcomputer.com/news/security/ascension-healthcare-takes-systems-offline-after-cyberattack/ University System of Georgia: 800K exposed in 2023 MOVEit attack https://www.bleepingcomputer.com/news/security/university-system-of-georgia-800k-exposed-in-2023-moveit-attack/ Zscaler takes "test environment" offline after rumors of a breach https://www.bleepingcomputer.com/news/security/zscaler-takes-test-environment-offline-after-rumors-of-a-breach/ Dell warns of data breach, 49 million customers allegedly affected https://www.bleepingcomputer.com/news/security/dell-warns-of-data-breach-49-million-customers-allegedly-affected/ Ohio Lottery ransomware attack impacts over 538,000 individuals https://www.bleepingcomputer.com/news/security/ohio-lottery-ransomware-attack-impacts-over-538-000-individuals/ Citrix warns admins to manually mitigate PuTTY SSH client bug https://www.bleepingcomputer.com/news/security/citrix-warns-admins-to-manually-mitigate-putty-ssh-client-bug/ ---------- Follow me: youtube @kevnowledgy instagram.com @kevnowledgyy X.com @kevnowledgy
Security Brief: DropBox, CEO in jail, Cuttlefish, Latrodectus, Wpeeper, FBI warns dating app
13:02

Security Brief: DropBox, CEO in jail, Cuttlefish, Latrodectus, Wpeeper, FBI warns dating app

Security news for 18 Security Brief: #DropBox , CEO in jail, #Cuttlefish, #Latrodectus, #Wpeeper google pays up #cybersecurity #cybernews ---------- OUTLINE: 00:00:00 - Welcome 00:00:05 - Collection agency FBCS warns data breach impacts 1.9 million people 00:01:01 - Google rejected 2.28 million risky Android apps from Play store in 2023 00:01:27 - FBI warns of fake verification schemes targeting dating app users 00:02:11 - Change Healthcare hacked using stolen Citrix account with no MFA 00:02:46 - New Wpeeper Android malware hides behind hacked WordPress sites 00:03:44 - Google now pays up to $450,000 for RCE bugs in some Android apps 00:04:32 - Philadelphia Inquirer: Data of over 25,000 people stolen in 2023 breach 00:05:34 - New Latrodectus malware attacks use Microsoft, Cloudflare themes 00:06:30 - New Cuttlefish malware infects routers to monitor traffic for credentials 00:08:22 - French hospital CHC-SV refuses to pay LockBit extortion demand 00:09:07 - Panda Restaurants discloses data breach after corporate systems hack 00:09:50 - DropBox says hackers stole customer data, auth secrets from eSignature service 00:10:30 - Mullvad VPN: Android bug leaks DNS queries even when VPN kill switch is enabled 00:11:49 - CEO who sold fake Cisco devices to US military gets 6 years in prison 00:12:55 - The End ---------- Sources: Collection agency FBCS warns data breach impacts 1.9 million people https://www.bleepingcomputer.com/news/security/collection-agency-fbcs-warns-data-breach-impacts-19-million-people/ Google rejected 2.28 million risky Android apps from Play store in 2023 https://www.bleepingcomputer.com/news/security/google-rejected-228-million-risky-android-apps-from-play-store-in-2023/ FBI warns of fake verification schemes targeting dating app users https://www.bleepingcomputer.com/news/security/fbi-warns-of-fake-verification-schemes-targeting-dating-app-users/ Change Healthcare hacked using stolen Citrix account with no MFA https://www.bleepingcomputer.com/news/security/change-healthcare-hacked-using-stolen-citrix-account-with-no-mfa/ New Wpeeper Android malware hides behind hacked WordPress sites https://www.bleepingcomputer.com/news/security/new-wpeeper-android-malware-hides-behind-hacked-wordpress-sites/ Google now pays up to $450,000 for RCE bugs in some Android apps https://www.bleepingcomputer.com/news/security/google-now-pays-up-to-450-000-for-rce-bugs-in-some-android-apps/ Philadelphia Inquirer: Data of over 25,000 people stolen in 2023 breach https://www.bleepingcomputer.com/news/security/philadelphia-inquirer-data-of-over-25-000-people-stolen-in-2023-breach/ New Latrodectus malware attacks use Microsoft, Cloudflare themes https://www.bleepingcomputer.com/news/security/new-latrodectus-malware-attacks-use-microsoft-cloudflare-themes/ New Cuttlefish malware infects routers to monitor traffic for credentials https://www.bleepingcomputer.com/news/security/new-cuttlefish-malware-infects-routers-to-monitor-traffic-for-credentials/ French hospital CHC-SV refuses to pay LockBit extortion demand https://www.bleepingcomputer.com/news/security/french-hospital-chc-sv-refuses-to-pay-lockbit-extortion-demand/ Panda Restaurants discloses data breach after corporate systems hack https://www.bleepingcomputer.com/news/security/panda-restaurants-discloses-a-data-breach-after-corporate-systems-hack/ DropBox says hackers stole customer data, auth secrets from eSignature service https://www.bleepingcomputer.com/news/security/dropbox-says-hackers-stole-customer-data-auth-secrets-from-esignature-service/ Android bug leaks DNS queries even when VPN kill switch is enabled https://www.bleepingcomputer.com/news/security/android-bug-leaks-dns-queries-even-when-vpn-kill-switch-is-enabled/ CEO who sold fake Cisco devices to US military gets 6 years in prison https://www.bleepingcomputer.com/news/security/ceo-who-sold-fake-cisco-devices-to-us-military-gets-6-years-in-prison/ -------- Follow me: instagram.com @kevnowledgyy X.com @kevnowledgy
23
Security Brief: Telegram zero-day , SMS phishing, 2.8M leak ,PuTTY ,Sandworm,, Akira, SoumniBot
15:01

Security Brief: Telegram zero-day , SMS phishing, 2.8M leak ,PuTTY ,Sandworm,, Akira, SoumniBot

Security Brief for week 16, new related to cybersecurity, hacks, breach and leaks Like, share and subscribe. #cybersecurity , #cyberreport, #informationsecurity OUTLINE: 00:00:00 - Welcome 00:00:07 - Telegram fixes Windows app zero-day used to launch Python scripts 00:01:00 - FBI warns of massive wave of road toll SMS phishing attacks 00:01:27 - Hacker claims Giant Tiger data breach, leaks 2.8M records online 00:02:32 - Palo Alto Networks fixes zero-day exploited to backdoor firewalls 00:03:50 - Cisco Duo warns third-party data breach exposed SMS MFA logs 00:04:18 - Chipmaker Nexperia confirms breach after ransomware gang leaks data 00:04:58 - PuTTY SSH client flaw allows recovery of cryptographic private keys 00:05:37 - Cisco warns of large-scale brute-force attacks against VPN services 00:07:25 - Cerebral to pay $7 million settlement in Facebook pixel data leak case 00:08:47 - Russian Sandworm hackers pose as hacktivists in water utility breaches 00:09:57 - Cybercriminals pose as LastPass staff to hack password vaults 00:11:44 - SoumniBot malware exploits Android bugs to evade detection 00:12:42 - Akira ransomware raked in $42 million from 250+ victims 00:13:40 - 840-bed hospital in France postpones procedures after cyberattack 00:14:55 - End Sources: Telegram fixes Windows app zero-day used to launch Python scripts https://www.bleepingcomputer.com/news/security/telegram-fixes-windows-app-zero-day-used-to-launch-python-scripts/ FBI warns of massive wave of road toll SMS phishing attacks https://www.bleepingcomputer.com/news/security/fbi-warns-of-massive-wave-of-road-toll-sms-phishing-attacks/ Hacker claims Giant Tiger data breach, leaks 2.8M records online https://www.bleepingcomputer.com/news/security/hacker-claims-giant-tiger-data-breach-leaks-28m-records-online/ Palo Alto Networks fixes zero-day exploited to backdoor firewalls https://www.bleepingcomputer.com/news/security/palo-alto-networks-fixes-zero-day-exploited-to-backdoor-firewalls/ Cisco Duo warns third-party data breach exposed SMS MFA logs https://www.bleepingcomputer.com/news/security/cisco-duo-warns-third-party-data-breach-exposed-sms-mfa-logs/ Chipmaker Nexperia confirms breach after ransomware gang leaks data https://www.bleepingcomputer.com/news/security/chipmaker-nexperia-confirms-breach-after-ransomware-gang-leaks-data/ PuTTY SSH client flaw allows recovery of cryptographic private keys https://www.bleepingcomputer.com/news/security/putty-ssh-client-flaw-allows-recovery-of-cryptographic-private-keys/ Cisco warns of large-scale brute-force attacks against VPN services https://www.bleepingcomputer.com/news/security/cisco-warns-of-large-scale-brute-force-attacks-against-vpn-services/ Cerebral to pay $7 million settlement in Facebook pixel data leak case https://www.bleepingcomputer.com/news/security/cerebral-to-pay-7-million-settlement-in-facebook-pixel-data-leak-case/ Russian Sandworm hackers pose as hacktivists in water utility breaches https://www.bleepingcomputer.com/news/security/russian-sandworm-hackers-pose-as-hacktivists-in-water-utility-breaches/ Cybercriminals pose as LastPass staff to hack password vaults https://www.bleepingcomputer.com/news/security/cybercriminals-pose-as-lastpass-staff-to-hack-password-vaults/ SoumniBot malware exploits Android bugs to evade detection https://www.bleepingcomputer.com/news/security/soumnibot-malware-exploits-android-bugs-to-evade-detection/ Akira ransomware raked in $42 million from 250+ victims https://www.bleepingcomputer.com/news/security/fbi-akira-ransomware-raked-in-42-million-from-250-plus-victims/ 840-bed hospital in France postpones procedures after cyberattack https://www.bleepingcomputer.com/news/security/chc-sv-hospital-in-france-postpones-procedures-after-cyberattack/ Follow me: instagram.com @kevnowledgyy X.com @kevnowledgy
24
Security Brief: HTTP/2 DoS Alert, XZ Backdoor, Chrome Fix, OWASP Leak, Credit Card Theft in Russia
5:55

Security Brief: HTTP/2 DoS Alert, XZ Backdoor, Chrome Fix, OWASP Leak, Credit Card Theft in Russia

Security Brief covers cybersecurity news in a short, "straight to the point" manner #cybersec #infosec #informationsecurity #cybersecurity #news #cybernews OUTLINE: 00:00:00 - Shopping platform PandaBuy data leak impacts 1.3 million users 00:00:32 - Yacht retailer MarineMax discloses data breach after cyberattack 00:01:10 - OWASP discloses data breach caused by wiki misconfiguration 00:01:45 - New XZ backdoor scanner detects implant in any Linux binary 00:02:16 - Russia charges suspects behind theft of 160,000 credit cards 00:02:39 - AT&T faces lawsuits over data breach affecting 73 million customers 00:03:12 - Google fixes one more Chrome zero-day exploited at Pwn2Own 00:03:58 - US cancer center data breach exposes info of 827,000 patients 00:04:24 - New HTTP/2 DoS attack can crash web servers with a single connection 00:05:04 - Acuity confirms hackers stole non-sensitive govt data from GitHub repos 00:05:28 - Closing Links: Shopping platform PandaBuy data leak impacts 1.3 million users https://www.bleepingcomputer.com/news/security/shopping-platform-pandabuy-data-leak-impacts-13-million-users/ Yacht retailer MarineMax discloses data breach after cyberattack https://www.bleepingcomputer.com/news/security/yacht-retailer-marinemax-discloses-data-breach-after-cyberattack/ OWASP discloses data breach caused by wiki misconfiguration https://www.bleepingcomputer.com/news/security/owasp-discloses-data-breach-caused-by-wiki-misconfiguration/ New XZ backdoor scanner detects implants in any Linux binary https://www.bleepingcomputer.com/news/security/new-xz-backdoor-scanner-detects-implant-in-any-linux-binary/ Russia charges suspects behind theft of 160,000 credit cards https://www.bleepingcomputer.com/news/security/russia-charges-suspects-behind-theft-of-160-000-credit-cards/ AT&T faces lawsuits over data breach affecting 73 million customers https://www.bleepingcomputer.com/news/security/atandt-confirms-data-for-73-million-customers-leaked-on-hacker-forum/ Google fixes one more Chrome zero-day exploited at Pwn2Own https://www.bleepingcomputer.com/news/security/google-fixes-one-more-chrome-zero-day-exploited-at-pwn2own/ US cancer center data breach exposes info of 827,000 patients https://www.bleepingcomputer.com/news/security/us-cancer-center-data-breach-exposes-info-of-827-000-patients/ New HTTP/2 DoS attack can crash web servers with a single connection https://www.bleepingcomputer.com/news/security/new-http-2-dos-attack-can-crash-web-servers-with-a-single-connection/ Acuity confirms hackers stole non-sensitive govt data from GitHub repos https://www.bleepingcomputer.com/news/security/acuity-confirms-hackers-stole-non-sensitive-govt-data-from-github-repos/ Follow me: instagram.com @kevnowledgyy X.com @kevnowledgy
25
Security Brief: Notepad++ , spyware attacks iPhone, LastPass hacked, PAN-OS firewall zero-day, BMC
17:19

Security Brief: Notepad++ , spyware attacks iPhone, LastPass hacked, PAN-OS firewall zero-day, BMC

This weeks security brief #cybernews #cybernewsreview #cybernewsreport OUTLINE: 00:00:00 - Notepad++ wants your help in "parasite website" shutdown 00:01:50 - Cyberattack on UK’s CVS Group disrupts veterinary operations 00:03:19 - Malicious Visual Studio projects on GitHub push Keyzetsu malware 00:05:10 - AT&T now says data breach impacted 51 million customers 00:06:28 - Malicious PowerShell script pushing malware looks AI-written 00:07:54 - Apple: Mercenary spyware attacks target iPhone users in 92 countries 00:09:39 - Intel and Lenovo servers impacted by 6-year-old BMC flaw 00:10:47 - CISA makes its "Malware Next-Gen" analysis system publicly available 00:12:23 - LastPass: Hackers targeted employee in failed deepfake CEO call 00:13:47 - Palo Alto Networks warns of PAN-OS firewall zero-day used in attacks 00:15:30 - Roku warns 576,000 accounts hacked in new credential stuffing attacks Sources: Notepad++ wants your help in "parasite website" shutdown https://www.bleepingcomputer.com/news/security/notepad-plus-plus-wants-your-help-in-parasite-website-shutdown/ Cyberattack on UK’s CVS Group disrupts veterinary operations https://www.bleepingcomputer.com/news/security/cyberattack-on-uks-cvs-group-disrupts-veterinary-operations/ RUBYCARP hackers linked to 10-year-old cryptomining botnet https://www.bleepingcomputer.com/news/security/rubycarp-hackers-linked-to-10-year-old-cryptomining-botnet/ Malicious Visual Studio projects on GitHub push Keyzetsu malware https://www.bleepingcomputer.com/news/security/malicious-visual-studio-projects-on-github-push-keyzetsu-malware/ AT&T now says data breach impacted 51 million customers https://www.bleepingcomputer.com/news/security/att-now-says-data-breach-impacted-51-million-customers/ Malicious PowerShell script pushing malware looks AI-written https://www.bleepingcomputer.com/news/security/malicious-powershell-script-pushing-malware-looks-ai-written/ Apple: Mercenary spyware attacks target iPhone users in 92 countries https://www.bleepingcomputer.com/news/security/apple-mercenary-spyware-attacks-target-iphone-users-in-92-countries/ Intel and Lenovo servers impacted by 6-year-old BMC flaw https://www.bleepingcomputer.com/news/security/intel-and-lenovo-servers-impacted-by-6-year-old-bmc-flaw/ Intel and Lenovo servers impacted by 6-year-old BMC flaw CISA makes its "Malware Next-Gen" analysis system publicly available https://www.bleepingcomputer.com/news/security/cisa-makes-its-malware-next-gen-analysis-system-publicly-available/ LastPass: Hackers targeted employee in failed deepfake CEO call https://www.bleepingcomputer.com/news/security/lastpass-hackers-targeted-employee-in-failed-deepfake-ceo-call/ Palo Alto Networks warns of PAN-OS firewall zero-day used in attacks https://www.bleepingcomputer.com/news/security/palo-alto-networks-warns-of-pan-os-firewall-zero-day-used-in-attacks/ Roku warns 576,000 accounts hacked in new credential stuffing attacks https://www.bleepingcomputer.com/news/security/roku-warns-576-000-accounts-hacked-in-new-credential-stuffing-attacks/ Follow me: instagram.com @kevnowledgyy X.com @kevnowledgy

Security Brief: DropBox, CEO in jail, Cuttlefish, Latrodectus, Wpeeper, FBI warns dating app

Save
1 year ago
33
News Education cybersecurity information technology IT hacking hacker infosec Cuttlefish Latrodectus CEO

Security news for 18
Security Brief: #DropBox , CEO in jail, #Cuttlefish, #Latrodectus, #Wpeeper google pays up #cybersecurity #cybernews
----------
OUTLINE:

00:00:00 - Welcome
00:00:05 - Collection agency FBCS warns data breach impacts 1.9 million people
00:01:01 - Google rejected 2.28 million risky Android apps from Play store in 2023
00:01:27 - FBI warns of fake verification schemes targeting dating app users
00:02:11 - Change Healthcare hacked using stolen Citrix account with no MFA
00:02:46 - New Wpeeper Android malware hides behind hacked WordPress sites
00:03:44 - Google now pays up to $450,000 for RCE bugs in some Android apps
00:04:32 - Philadelphia Inquirer: Data of over 25,000 people stolen in 2023 breach
00:05:34 - New Latrodectus malware attacks use Microsoft, Cloudflare themes
00:06:30 - New Cuttlefish malware infects routers to monitor traffic for credentials
00:08:22 - French hospital CHC-SV refuses to pay LockBit extortion demand
00:09:07 - Panda Restaurants discloses data breach after corporate systems hack
00:09:50 - DropBox says hackers stole customer data, auth secrets from eSignature service
00:10:30 - Mullvad VPN: Android bug leaks DNS queries even when VPN kill switch is enabled
00:11:49 - CEO who sold fake Cisco devices to US military gets 6 years in prison
00:12:55 - The End

----------
Sources:

Collection agency FBCS warns data breach impacts 1.9 million people
https://www.bleepingcomputer.com/news/security/collection-agency-fbcs-warns-data-breach-impacts-19-million-people/

Google rejected 2.28 million risky Android apps from Play store in 2023
https://www.bleepingcomputer.com/news/security/google-rejected-228-million-risky-android-apps-from-play-store-in-2023/

FBI warns of fake verification schemes targeting dating app users
https://www.bleepingcomputer.com/news/security/fbi-warns-of-fake-verification-schemes-targeting-dating-app-users/

Change Healthcare hacked using stolen Citrix account with no MFA
https://www.bleepingcomputer.com/news/security/change-healthcare-hacked-using-stolen-citrix-account-with-no-mfa/

New Wpeeper Android malware hides behind hacked WordPress sites
https://www.bleepingcomputer.com/news/security/new-wpeeper-android-malware-hides-behind-hacked-wordpress-sites/

Google now pays up to $450,000 for RCE bugs in some Android apps
https://www.bleepingcomputer.com/news/security/google-now-pays-up-to-450-000-for-rce-bugs-in-some-android-apps/

Philadelphia Inquirer: Data of over 25,000 people stolen in 2023 breach
https://www.bleepingcomputer.com/news/security/philadelphia-inquirer-data-of-over-25-000-people-stolen-in-2023-breach/

New Latrodectus malware attacks use Microsoft, Cloudflare themes
https://www.bleepingcomputer.com/news/security/new-latrodectus-malware-attacks-use-microsoft-cloudflare-themes/

New Cuttlefish malware infects routers to monitor traffic for credentials
https://www.bleepingcomputer.com/news/security/new-cuttlefish-malware-infects-routers-to-monitor-traffic-for-credentials/

French hospital CHC-SV refuses to pay LockBit extortion demand
https://www.bleepingcomputer.com/news/security/french-hospital-chc-sv-refuses-to-pay-lockbit-extortion-demand/

Panda Restaurants discloses data breach after corporate systems hack
https://www.bleepingcomputer.com/news/security/panda-restaurants-discloses-a-data-breach-after-corporate-systems-hack/

DropBox says hackers stole customer data, auth secrets from eSignature service
https://www.bleepingcomputer.com/news/security/dropbox-says-hackers-stole-customer-data-auth-secrets-from-esignature-service/

Android bug leaks DNS queries even when VPN kill switch is enabled
https://www.bleepingcomputer.com/news/security/android-bug-leaks-dns-queries-even-when-vpn-kill-switch-is-enabled/

CEO who sold fake Cisco devices to US military gets 6 years in prison
https://www.bleepingcomputer.com/news/security/ceo-who-sold-fake-cisco-devices-to-us-military-gets-6-years-in-prison/

--------
Follow me:
instagram.com @kevnowledgyy
X.com @kevnowledgy

Loading comments...