Skip to main content
InfoSec Newsletter Logo
Latest Issue

Don't be the Fool: Protect Yourself from Cyber Tricks Year-round!

Download
Download
March 2024

Guarding Against Social Engineering Threats During National Fraud Awareness Month

  • Cyberattack Paralyzes the Largest U.S. Health Care Payment System
  • Lockbit Cybercrime Gang Disrupted by Britain, US and EU
  • Apple Rolls Out Quantum-Resistant Cryptography for iMessage
  • Ransomware Extortion is Evolving
  • 95% of Websites Run on Outdated Software with Known Vulnerabilities
  • Ads for Zero-Day Exploit Sales Surge 70% Annually
  • U.S. State Government Network Breached via Former Employee's Account
  • Is Now the Right Time for a Ransomware Payment Ban?
  • How GenAI and Custom GPTs Could Impact Government in 2024
  • Out-of-Bounds Memory Access and Arbitrary Code Execution Risk on Apple Devices
  • Google Warns: Critical Vulnerability Poses Local Privilege Escalation Risk
Download
February 2024

Navigating Love and Cybersecurity Awareness in February

  • GTA 5 Used to Lure Torrent Users with Malicious File
  • Cyberattacks on Clorox, Johnson Controls Cost Companies $76M Combined
  • Malware-as-a-Service Now the Top Threat to Organizations
  • Tax Return Scammers Flood Google with Fake Ads
  • 79% of Organizations Faced a Ransomware Attack in H2 2023
  • Hackers Exploit Job Boards, Stealing Millions of Resumes and Personal Data
  • NIST researchers warn of top AI security threats
  • National Cybersecurity Plans Lack Performance Measures and Estimated Costs, GAO Says
  • Romance Scam Victims Surge in 2023
  • Google Chrome vulnerability facilitated remote code execution via a crafted HTML page
  • Apple WebKit flaw allows code execution via crafted web content
Download
January 2024

Mobile Cybersecurity Trends in 2024

  • Comcast Says Data of 36 Million Accounts Was Compromised in Breach
  • Google Settles $5 Billion Privacy Lawsuit Over Tracking Users in 'Incognito Mode'
  • Cybercriminals using fewer than 1% of thousands of potential exploits
  • Top 10 biggest security incidents of 2023
  • Top 10 Cybersecurity Predictions for 2024 and Beyond
  • Cyber-Attacks Drain $1.84bn from Web3 in 2023
  • Log4j Vulnerability Enables Arbitrary Code Execution
  • OpenSSH, Key Networking Tool, Vulnerable to Exploit
  • Using Stronger Passwords Among Top 2024 Digital Resolutions
  • An innocent-looking Instagram trend could be a gift to hackers, according to a cyber-security expert
  • New data reveals the states at highest risk of cybercrime
Download
December 2023

Tis the Season for Cyber-Smart Shopping: Protect Yourself While Embracing the Holiday Spirit

  • Kremlin-backed hackers attacking unpatched Outlook systems, Microsoft says
  • Booking.com clients prone to cyber fraud, warns analyst
  • Google Unveils RETVec - Gmail's New Defense Against Spam and Malicious Emails
  • Apple Patches Actively Exploited iOS Zero-Days
  • Cybersecurity Trends Point to More Sophisticated Attacks Ahead
  • Don’t click December: feds warn of three most common scams
  • Microsoft Outlook Elevation of Privilege Vulnerability
  • Chrome versions had a renderer exploit allowing sandbox escape via a file
Download
November 2023

Critical Infrastructure Security and Resilience Month

  • Largest DDoS attacks ever reported by Google, Cloudflare and AWS
  • US SEC sues SolarWinds for concealing cyber risks before massive hacking
  • Data Encrypted in 75% of Ransomware Attacks on Healthcare Organizations
  • Israeli Entities Under Attack By MuddyWater’s Advanced Tactics
  • Microsoft pledges to bolster security as part of ‘Secure Future’ initiative
  • The People Hacker: AI a Game-Changer in Social Engineering Attacks
  • AI ChatBot plugin for WordPress is vulnerable to Arbitrary File Deletion
  • DHCP Server Service Denial of Service Vulnerability
Download
October 2023

Empowering IT and InfoSec Teams During Cybersecurity Awareness Month

  • MGM Resorts Hit: Cyberattack Inflicts $100 Million Blow
  • NSA Unveils AI Security Center: Fortifying National Defense
  • FDA Tightens Cybersecurity for Medical Devices, Empowering Vigilance
  • RICO Lawsuit: H&R Block, Google, Meta Accused in Data Privacy Case
  • Signal Boosts Security: Quantum-Resistant Encryption in E2EE
  • Microsoft AI Blunder: Terabytes of Sensitive Data Exposed
  • Critical Privilege Escalation Flaw in Windows CNG Service
  • Apple iOS and iPadOS at Risk: Kernel Privilege Escalation
Download
September 2023

Elevate Security: National Insider Threat Awareness Month 2023

  • Chinese Hackers Breach Japan's Cyber Agency, Prompting Cybersecurity Boost
  • Univ. of Michigan Halts Internet After Cyberattack: Classes Unaffected
  • US Govt Email Services Hacked via Barracuda Zero-Day
  • Cybercriminals Threaten Ransom Over GDPR Fines: 'Digital Peace Tax' Scheme
  • UK Cyber Agency Warns Against Chatbot Prompt Injection Threats
  • Cisco VPNs Breached: Brute Force Attacks by Akira Ransomware Group
  • WinRAR < 6.23 allows code execution via malicious ZIP archives
  • Adobe ColdFusion allows arbitrary code execution without user interaction.
Download
August 2023

Strengthening Password Security: A Vital Guide for IT and Infosec Pros

  • Facebook Zero-Day Phishing Attack
  • Hackers Exploiting Windows Search for Remote Access Trojans
  • Israel's Top Oil Refinery Site Offline Following DDoS Attack
  • You can have security without privacy, but you can't have privacy without security.
  • Canon Inkjet Printers Expose Wi-Fi Threat
  • AI-Enhanced Phishing Driving Ransomware Surge
  • Heart Monitoring Tech Provider Confirms Cyberattack
  • Memory Safety Bugs Present in Firefox
  • Apple Apps May be Able to Modify Sensitive Kernel State
Download
July 2023

The Evolution of Phishing Attacks and Detection Best Practices

  • Japan's Largest Port Hit with a Ransomware Attack
  • CISA Issues Warning for Cardiac Device System Vulnerability
  • Microsoft Denies Major 30 Million Customer-Breach
  • New Tools Capable of Sending External Malware to Microsoft Teams
  • Threat Actors are Exploiting WordPress Zero-Day to Create Secret Admin Accounts
  • UK's Law Could Allow for Real-Time Internet Logs
  • Google Chromium V8 Type Confusion Vulnerability
  • Samsung Mobile Devices Improper Input Validation Vulnerability
Download
June 2023

The Dangers of Using AI in Handling Sensitive Information

  • Microsoft to Pay $20 Million Penalty for Illegally Collecting Kids' Data on Xbox
  • US Aerospace Contractor Hacked With 'PowerDrop' Backdoor
  • 2.5M Impacted by Enzo Biochem Data Leak After Ransomware Attack
  • New Zero-Click Hack Targets iOS Users with Stealthy Root-Privilege Malware
  • New PowerDrop Malware Targeting U.S. Aerospace Industry
  • Idaho Hospitals Hit by a Cyberattack that Impacted their Operations
  • Cisco IOS 12.2(15) and earlier allows remote attackers to cause a denial of service
  • Firefox for Android Memory corruption and a potentially exploitable
Download
May 2023

Reducing Phishing Attacks

  • The DOJ Detected the SolarWinds Hack 6 months Earlier than First Disclosed
  • Malware-Free Cyberattacks on the Rise
  • Google’s New Two-Factor Authentication Isn’t End-to-End Encrypted, Tests Show
  • Microsoft Edge is Leaking User Browsing Data to Bing
  • Trigona Ransomware Targets Microsoft SQL Servers
  • Google Gets Court Order to Take Down CryptBot That Infected Over 670,000 Computers
  • Apache Log4j2 Deserialization of Untrusted Data Vulnerability
  • Oracle WebLogic Server Unspecified Vulnerability
Download
April 2023

MFA for Webcourses

  • Microsoft Introduces Microsoft Security Copilot
  • Jefferson County Schools Hit by Ransomware
  • Genesis Market Platform Seized by Police
  • Hackers Exploiting WordPress Elementor Pro Vulnerability
  • UK Bans TikTok from Government Mobile Phones
  • Bing Search Results Hijacked via Misconfigured Microsoft App
  • Multiple Google Chrome Vulnerabilities Could Allow for Arbitrary Code Execution
  • Microsoft Internet Explorer Memory Corruption Vulnerability
Download
March 2023

Password Vaults

  • LastPass Says Employee’s Home Computer Was Hacked, Corporate Vault Taken
  • Dole, Food Giant, Was Hit by Ransomware and Temporarily Halts North American Production
  • Ransomware Gang Uses New Zero-Day to Steal Data on 1 Million Patients
  • News Corp Revealed That Attackers Remained on Its Network for Two Years
  • Multiple Vulnerabilities in Google Chrome Could Allow for Arbitrary Code Execution
  • Samsung Message Guard Protects Mobile Devices Against Zero-Click Exploits
  • Sensitive US Military Emails Spill Online
  • Hackers Steal Activision Games and Employee Data
Download
February 2023

Vulnerability Management

  • ChatGPT Writes Malware
  • NortonLifeLock Breached, Password Manager Accounts
  • Unknown Hackers Steal 124,000 Patient Files from Texas Care Center
  • Ransomware Attack Against University of Duisburg-Essen
  • Azure Services SSRF Vulnerabilities Exposed Internal Endpoints
  • Microsoft Exchange Server Elevation of Privilege Vulnerability
  • Critical Patches Issued for Microsoft Products
Download
January 2023

Security Operations Center (SOC)

  • LOG4SHELL Anniversary
  • LastPass Data Breach
  • McGraw Hill Data Leak
  • Multiple Vulnerabilities In Apple Products Could Allow For Arbitrary Code Execution
  • A Vulnerability In KSMBD For Linux Could Allow For Remote Code Execution
  • Lockbit Ransomware Gang Apologizes, Provides Decryptor
  • CISA Adds Two Known Exploited Vulnerabilities To Catalog
  • Upcoming Security Initiatives