March 2024
Guarding Against Social Engineering Threats During National Fraud Awareness Month
- Cyberattack Paralyzes the Largest U.S. Health Care Payment System
- Lockbit Cybercrime Gang Disrupted by Britain, US and EU
- Apple Rolls Out Quantum-Resistant Cryptography for iMessage
- Ransomware Extortion is Evolving
- 95% of Websites Run on Outdated Software with Known Vulnerabilities
- Ads for Zero-Day Exploit Sales Surge 70% Annually
- U.S. State Government Network Breached via Former Employee's Account
- Is Now the Right Time for a Ransomware Payment Ban?
- How GenAI and Custom GPTs Could Impact Government in 2024
- Out-of-Bounds Memory Access and Arbitrary Code Execution Risk on Apple Devices
- Google Warns: Critical Vulnerability Poses Local Privilege Escalation Risk
February 2024
Navigating Love and Cybersecurity Awareness in February
- GTA 5 Used to Lure Torrent Users with Malicious File
- Cyberattacks on Clorox, Johnson Controls Cost Companies $76M Combined
- Malware-as-a-Service Now the Top Threat to Organizations
- Tax Return Scammers Flood Google with Fake Ads
- 79% of Organizations Faced a Ransomware Attack in H2 2023
- Hackers Exploit Job Boards, Stealing Millions of Resumes and Personal Data
- NIST researchers warn of top AI security threats
- National Cybersecurity Plans Lack Performance Measures and Estimated Costs, GAO Says
- Romance Scam Victims Surge in 2023
- Google Chrome vulnerability facilitated remote code execution via a crafted HTML page
- Apple WebKit flaw allows code execution via crafted web content
January 2024
Mobile Cybersecurity Trends in 2024
- Comcast Says Data of 36 Million Accounts Was Compromised in Breach
- Google Settles $5 Billion Privacy Lawsuit Over Tracking Users in 'Incognito Mode'
- Cybercriminals using fewer than 1% of thousands of potential exploits
- Top 10 biggest security incidents of 2023
- Top 10 Cybersecurity Predictions for 2024 and Beyond
- Cyber-Attacks Drain $1.84bn from Web3 in 2023
- Log4j Vulnerability Enables Arbitrary Code Execution
- OpenSSH, Key Networking Tool, Vulnerable to Exploit
- Using Stronger Passwords Among Top 2024 Digital Resolutions
- An innocent-looking Instagram trend could be a gift to hackers, according to a cyber-security expert
- New data reveals the states at highest risk of cybercrime
December 2023
Tis the Season for Cyber-Smart Shopping: Protect Yourself While Embracing the Holiday Spirit
- Kremlin-backed hackers attacking unpatched Outlook systems, Microsoft says
- Booking.com clients prone to cyber fraud, warns analyst
- Google Unveils RETVec - Gmail's New Defense Against Spam and Malicious Emails
- Apple Patches Actively Exploited iOS Zero-Days
- Cybersecurity Trends Point to More Sophisticated Attacks Ahead
- Don’t click December: feds warn of three most common scams
- Microsoft Outlook Elevation of Privilege Vulnerability
- Chrome versions had a renderer exploit allowing sandbox escape via a file
November 2023
Critical Infrastructure Security and Resilience Month
- Largest DDoS attacks ever reported by Google, Cloudflare and AWS
- US SEC sues SolarWinds for concealing cyber risks before massive hacking
- Data Encrypted in 75% of Ransomware Attacks on Healthcare Organizations
- Israeli Entities Under Attack By MuddyWater’s Advanced Tactics
- Microsoft pledges to bolster security as part of ‘Secure Future’ initiative
- The People Hacker: AI a Game-Changer in Social Engineering Attacks
- AI ChatBot plugin for WordPress is vulnerable to Arbitrary File Deletion
- DHCP Server Service Denial of Service Vulnerability
October 2023
Empowering IT and InfoSec Teams During Cybersecurity Awareness Month
- MGM Resorts Hit: Cyberattack Inflicts $100 Million Blow
- NSA Unveils AI Security Center: Fortifying National Defense
- FDA Tightens Cybersecurity for Medical Devices, Empowering Vigilance
- RICO Lawsuit: H&R Block, Google, Meta Accused in Data Privacy Case
- Signal Boosts Security: Quantum-Resistant Encryption in E2EE
- Microsoft AI Blunder: Terabytes of Sensitive Data Exposed
- Critical Privilege Escalation Flaw in Windows CNG Service
- Apple iOS and iPadOS at Risk: Kernel Privilege Escalation
September 2023
Elevate Security: National Insider Threat Awareness Month 2023
- Chinese Hackers Breach Japan's Cyber Agency, Prompting Cybersecurity Boost
- Univ. of Michigan Halts Internet After Cyberattack: Classes Unaffected
- US Govt Email Services Hacked via Barracuda Zero-Day
- Cybercriminals Threaten Ransom Over GDPR Fines: 'Digital Peace Tax' Scheme
- UK Cyber Agency Warns Against Chatbot Prompt Injection Threats
- Cisco VPNs Breached: Brute Force Attacks by Akira Ransomware Group
- WinRAR < 6.23 allows code execution via malicious ZIP archives
- Adobe ColdFusion allows arbitrary code execution without user interaction.
August 2023
Strengthening Password Security: A Vital Guide for IT and Infosec Pros
- Facebook Zero-Day Phishing Attack
- Hackers Exploiting Windows Search for Remote Access Trojans
- Israel's Top Oil Refinery Site Offline Following DDoS Attack
- You can have security without privacy, but you can't have privacy without security.
- Canon Inkjet Printers Expose Wi-Fi Threat
- AI-Enhanced Phishing Driving Ransomware Surge
- Heart Monitoring Tech Provider Confirms Cyberattack
- Memory Safety Bugs Present in Firefox
- Apple Apps May be Able to Modify Sensitive Kernel State
July 2023
The Evolution of Phishing Attacks and Detection Best Practices
- Japan's Largest Port Hit with a Ransomware Attack
- CISA Issues Warning for Cardiac Device System Vulnerability
- Microsoft Denies Major 30 Million Customer-Breach
- New Tools Capable of Sending External Malware to Microsoft Teams
- Threat Actors are Exploiting WordPress Zero-Day to Create Secret Admin Accounts
- UK's Law Could Allow for Real-Time Internet Logs
- Google Chromium V8 Type Confusion Vulnerability
- Samsung Mobile Devices Improper Input Validation Vulnerability
June 2023
The Dangers of Using AI in Handling Sensitive Information
- Microsoft to Pay $20 Million Penalty for Illegally Collecting Kids' Data on Xbox
- US Aerospace Contractor Hacked With 'PowerDrop' Backdoor
- 2.5M Impacted by Enzo Biochem Data Leak After Ransomware Attack
- New Zero-Click Hack Targets iOS Users with Stealthy Root-Privilege Malware
- New PowerDrop Malware Targeting U.S. Aerospace Industry
- Idaho Hospitals Hit by a Cyberattack that Impacted their Operations
- Cisco IOS 12.2(15) and earlier allows remote attackers to cause a denial of service
- Firefox for Android Memory corruption and a potentially exploitable
May 2023
Reducing Phishing Attacks
- The DOJ Detected the SolarWinds Hack 6 months Earlier than First Disclosed
- Malware-Free Cyberattacks on the Rise
- Google’s New Two-Factor Authentication Isn’t End-to-End Encrypted, Tests Show
- Microsoft Edge is Leaking User Browsing Data to Bing
- Trigona Ransomware Targets Microsoft SQL Servers
- Google Gets Court Order to Take Down CryptBot That Infected Over 670,000 Computers
- Apache Log4j2 Deserialization of Untrusted Data Vulnerability
- Oracle WebLogic Server Unspecified Vulnerability
April 2023
MFA for Webcourses
- Microsoft Introduces Microsoft Security Copilot
- Jefferson County Schools Hit by Ransomware
- Genesis Market Platform Seized by Police
- Hackers Exploiting WordPress Elementor Pro Vulnerability
- UK Bans TikTok from Government Mobile Phones
- Bing Search Results Hijacked via Misconfigured Microsoft App
- Multiple Google Chrome Vulnerabilities Could Allow for Arbitrary Code Execution
- Microsoft Internet Explorer Memory Corruption Vulnerability
March 2023
Password Vaults
- LastPass Says Employee’s Home Computer Was Hacked, Corporate Vault Taken
- Dole, Food Giant, Was Hit by Ransomware and Temporarily Halts North American Production
- Ransomware Gang Uses New Zero-Day to Steal Data on 1 Million Patients
- News Corp Revealed That Attackers Remained on Its Network for Two Years
- Multiple Vulnerabilities in Google Chrome Could Allow for Arbitrary Code Execution
- Samsung Message Guard Protects Mobile Devices Against Zero-Click Exploits
- Sensitive US Military Emails Spill Online
- Hackers Steal Activision Games and Employee Data
February 2023
Vulnerability Management
- ChatGPT Writes Malware
- NortonLifeLock Breached, Password Manager Accounts
- Unknown Hackers Steal 124,000 Patient Files from Texas Care Center
- Ransomware Attack Against University of Duisburg-Essen
- Azure Services SSRF Vulnerabilities Exposed Internal Endpoints
- Microsoft Exchange Server Elevation of Privilege Vulnerability
- Critical Patches Issued for Microsoft Products
January 2023
Security Operations Center (SOC)
- LOG4SHELL Anniversary
- LastPass Data Breach
- McGraw Hill Data Leak
- Multiple Vulnerabilities In Apple Products Could Allow For Arbitrary Code Execution
- A Vulnerability In KSMBD For Linux Could Allow For Remote Code Execution
- Lockbit Ransomware Gang Apologizes, Provides Decryptor
- CISA Adds Two Known Exploited Vulnerabilities To Catalog
- Upcoming Security Initiatives