April 29, 2022
- Apple Launches Self-Service Repair Store
- French Fiber Cables Cut in Acts of Sabotage
- Google Play Store App Data Safety Section
- Microsoft Edge Secure Network
- Google Will Now Let You Remove Some PII from Their Search Results
- Breach Reporting: 30 days? 4 days? 6 hours? Get ready!
- CFPB to use Dormant Authority to Examine Non-Bank Fintechs
- FDA Releases Medical Device Cybersecurity Draft Guidance
- State of Alaska Discovers that Cybersecurity is a Real Thing
- T-Mobile Compromised AGAIN
- Kansas Hospital Breached For Almost a Year Before Detection
Security News Bites for the Week Ending April 29th, 2022
This week’s news bites: Sungard files for chapter 11 bankruptcy protection again, is there any
sign of the supply chain returning to normal, AWS locks up NSA cloud deal, Brazil’s Senate passes bill to regulate cryptocurrency and China, Russia and India do not agree not to
undermine future elections using misinformation.
Read the newsletter here
April 15, 2022
- Lakeview Loan Servicing Reports Breach
- Police Pull Over Driverless Vehicle – Not Sure What Comes Next
- Windows Autopatch Coming This Summer
- Hackers Are Exploiting Spring4Shell to Spread Mirai
- NIST Plans to Update the NIST Cybersecurity Framework
- Cisco Patches Wireless Controller Login Bypass
- Apache Says Struts 2 Patch – Well, Not Really Patched
- Login.Gov to Hold Off on Facial Recognition – For Now
- Google is the Latest Player to Sell Phone Parts to Consumers
- Apple Says Loading iPhone Apps from Other Places, Uh, Affects Our Income and Control
- Feds Say North Korean’s Responsible for $500 Million Hack of DeFi Firm Ronin
- Microsoft Discloses New Way to Hide Malware
- FOX News Exposes Almost 60 Gigabytes of Data, Including PII
- VCs and Competitors Come Together to Bail Out Axie Infinity After $624M Crypto Hack
- Yet Another Russia Hack
Security News Bites for the Week Ending April 15th, 2022
This week’s news bites: Cyber Command says chip shortage is a national security issue,
Russian crooks worried sanctions will delete their ill-gotten gains, CISA advises D-Link users to
take vulnerable routers offline, new bug in MS RPC runtime – zero click remote code execution
and reminder, 3G cell networks shutting down, old devices will stop working.
Read the newsletter here
April 8, 2022
- ATMs and Medical Devices at Risk Due to Access:7 Bugs
- NSA Says OpenSSL Vulnerability Can ‘Definitely be Weaponized’
- Windows Autopatch Coming This Summer
- PHP Package Manager PEAR Had Critical Flaw – Undiscovered for 15 Years
- VMWare Patches Spring4Shell RCE Flaw in Multiple Products
- Senate Confirms Maj. Gen. Maria Barrett as Head of Army Cyber Command
- Vendors Try to Get in Front of Right to Repair Laws
- SEC Breach Disclosure Rule: You Have Four Days
- CaféPress Settles with the Feds Over Breaches
- Ransomware Gang BREACHED 52 US Critical Infrastructure Organizations
- Square (AKA Block) Confirms Breach After Employee Stole 8 million Customer Records
Security News Bites for the Week Ending April 8th, 2022
Security news for the week ending April 8th: hackers hack Russia’s largest state-owned media
corporation, Apple AirTags are useful for stalking, Russia’s great firewall has some holes in it,
hotels are now prime targets for hackers and government-sponsored hacks are not limited to
Russia-Ukraine.
Read the newsletter here
April 1, 2022
- Kaspersky Deemed National Security Threat
- Administrator at Yale Admitted to Stealing Tens of Millions of Dollars – Insider Threat on Steroids
- Opt-Out from Major Credit Bureaus Selling Your Data
- Hacked WordPress Sites Make Visitors DDoS Ukrainian Targets
- Sonicwall Releases Critical Patch for Some of its Firewalls
- Gitlab Patches Critical Account Highjack Bug
- Russia Mandates Users Install Russia Root CA for HTTPS
- HHS: Health Sector Cybersecurity 2021 Retrospective and 2022 Look Ahead
- Axie Infinity’s Blockchain Network Hacked; $625 Million Stolen
- Partnership HealthPlan of California Hacked
- Hackers Steal 70 Gigabytes of Data from Software Development Company Globant
- Lapsus$ Also Stolen Almost 200 Gigabytes of Samsung Source Code
- HHS Office of Civil Rights Tally of Healthcare Breaches Surges
Security News Bites for the Week Ending April 1st, 2022
This week’s news: how many times do I need to say – crypto is software, software has bugs,
your money is at risk, Russia faces Internet outages due to equipment shortages,
cryptocurrency was fun while it lasted, Senate asks companies about hackers creating fake
warrants, Apple fixes more Mac, iPhone zero days.
Read the newsletter here
