March 31st, 2024

• Apple Fans Being Bombed by Password Reset Requests
• ChatBots Help Hackers – but Not in the Way You Might Think
• Cisco IOS Bugs Allow Unauthenticated Remote Denial of Service Attacks
• Florida Passes Law Barring Kids From Social Media
• Crypto-Crook Sam Bankman-Fried Gets 25 Years
• Who Gets to Notify Millions From Change Healthcare Breach
• Panera Bread Joins the World of the Hacked
• KuCoin and Founders Charged Criminally
• Two More Municipalities Hit by Ransomware: Gilmer County,GA and Fort Worth, TX

Security News for the Week Ending March 29th, 2024

This week’s news includes: Mozilla drops Onerep after CEO admits to running people-search
networks, DoD reiterates whistleblower rights in DoD contracts, insurance for your car and NIST
run vulnerability database may be in peril.

Read details here.

If a 429 percent increase in cyberattacks doesn’t concern you, maybe it should. If that
concern translates to are we doing enough to protect our company and our intellectual
property, maybe you should call us. Just a suggestion.

Mitch
www.CyberCecurity.com
www.TurnkeyCybersecurityAndPrivacySolutions.com
Mitch@CyberCecurity.com

March 23rd, 2024

• Your Security is Only as Good as the Third Parties that you Trust
• At Least 900 Websites Using Google’s Firebase Cloud Database Expose Passwords and Billing Information
• Microsoft IDs Source of Domain Controller Crashes
• 3 Million Hotel Room Door Locks Vulnerable
• Pentagon Has Received Over 50,000 Vulnerability Reports Since it Started its Bug Bounty
• CISA, FBI and MS-ISAC Release Updated Guidance to DDoS Techniques
• Another Mortgage Company Hacked

Security News for the Week Ending March 22nd, 2024

This week’s news: like everyone else, Reddit plans to sell user content to AI model devs, are
porn age verification laws a sales tool for VPN software, researchers say truck logging devices
can be hacked to take over trucks, Apple’s “elastic shield” and hacking, even legal hacking, can
earn you $1,132,500.

Read details here.

If you are a defense contractor, you need to figure out whether you need to find a new
MSP. Since there are contracts to deal with and timelines, you need to start now. If you
need help with this, please contact us.

Mitch
www.CyberCecurity.com
www.TurnkeyCybersecurityAndPrivacySolutions.com
Mitch@CyberCecurity.com

March 22nd, 2024

• Your Security is Only as Good as the Third Parties that you Trust
• At Least 900 Websites Using Google’s Firebase Cloud Database Expose Passwords and Billing Information
• Microsoft IDs Source of Domain Controller Crashes
• 3 Million Hotel Room Door Locks Vulnerable
• Pentagon Has Received Over 50,000 Vulnerability Reports Since it Started its Bug Bounty
• CISA, FBI and MS-ISAC Release Updated Guidance to DDoS Techniques
• Another Mortgage Company Hacked

Security News for the Week Ending March 22nd, 2024

This week’s news: like everyone else, Reddit plans to sell user content to AI model devs, are
porn age verification laws a sales tool for VPN software, researchers say truck logging devices
can be hacked to take over trucks, Apple’s “elastic shield” and hacking, even legal hacking, can
earn you $1,132,500.

Read details here.

If you are a defense contractor, you need to figure out whether you need to find a new
MSP. Since there are contracts to deal with and timelines, you need to start now. If you
need help with this, please contact us.

Mitch
www.CyberCecurity.com
www.TurnkeyCybersecurityAndPrivacySolutions.com
Mitch@CyberCecurity.com
720-891-1663

March 17th, 2024

• Another China Threat – Security Locks with Back Doors
• Apple Allows Downloading Apps from Websites
• Will Apple be The First to Feel the Pain of EU’s Digital Markets Act
• Google Changes Safe Browsing – Sends Your Browsing Data to Big Brother to Check
• Apple Releases MacOS Sonoma 14.4 With 64 Bug Fixes
• Chip Makers (Intel, AMD, Arm and IBM) Impacted by new Speculative Race Attack
• Fortinet Releases Security Updates
• DoD to Fire Up New Cyber Policy Office, Maybe Next Week
• The Water Industry Wants to Write its Own Security Rules
• Potential Compromise on Section 702 Renewal
• Houser Law Firm Hit With Class Action After Breach
• Change Health Parent United Healthcare to Offer Free Loans to Providers After Attack
• Nissan Confirms Breach of 100,000 Employees and Customers

Security News for the Week Ending March 17th, 2024

This week’s news bites: No honor among crooks, hacktivist group attacks French government
networks, insider threat: ex-Meta VP steals proprietary information, FCC sets new standard for
broadband and how much does it cost to hijack someone’s cell phone number.

Read details here.

Boeing learned the hard way that protecting ITAR data is not something to be taken
lightly. If you are a government contractor are you protecting it appropriately? ITAR
penalties can be both civil and criminal. If you are not sure whether you are doing what
you need to do to protect ITAR data, please contact us.

Mitch
www.CyberCecurity.com
www.TurnkeyCybersecurityAndPrivacySolutions.com
Mitch@CyberCecurity.com
720-891-1663

March 10th, 2024

• Multiple Underwater Fiber Internet Cables Under Red Sea Cut
• Global Pig-Butchering Scams Net as Much as $75 BILLION Globally
• Twitter Adds In-App Calling Feature – And Turns It On by Default
• Microsoft is Killing Off Android for Windows
• Pair of Apple Critical Zero-days Allows For Complete System Compromise
• Agencies Concerned Over iPhone ‘Sideloading’
• Jack Teixeira, Former Airman Who Leaked Secrets, Pleads Guilty
• Apple Blames Spotify for $2 Billion Fine Over App Store Rules
• Change Health Owner Paid $22 Million in Ransom

Security News for the Week Ending March 8th, 2024

This week’s news bites: Five Eyes says SolarWinds hackers are adopting new techniques, NIST
releases Cybersecurity Framework 2.0, employees input sensitive data into AI tools despite
risks, Brazilian appeals court tells Meta to stop calling itself Meta and White House EO blocks
mass transfer of sensitive data to countries of concern.

Read details here.

AI tools are advancing at warp speed. If your policies, training and controls are not
doing the same, you are cruising for a problem. Do you have this under control? If you
are not sure, please contact us.

Mitch
www.CyberCecurity.com
www.TurnkeyCybersecurityAndPrivacySolutions.com
Mitch@CyberCecurity.com
720-891-1663

March 3rd, 2024

• Apple’s “Stolen Device Protection” Has a Security Hole
• BEAST AI Only Needs a GPU for a Minute to Make an LLM Go Bonkers
• Want Some Malware With That Wine Tasting
• Intel Announces New Processors – Core Ultra vPro
• Broadcom Hacking Up VMWare and Selling Off the Parts
• It is Amazing What a Company Can Do When Threatened with an $8 Billion Fine
• Palo Alto Investor Sues After Vendor Plans to Bundle Software Resulted in 28 Percent Share Price Tumble
• Trump Sued by Truth Social Business Partners
• White House Asks FISA Court To Renew Section 702 Because Congress Won’t
• Steel Giant ThyssenKrupp Hit By Cyberattack
• Change Healthcare’s Ransomware Attack Blamed on Missing Patch
• Therapy Provider Compromises Data on 4 Million Due to Third-Party Breach
• Pharma Giant Cencora Hacked, Personal Data Stolen
• I Call Your Bluff

Security News for the Week Ending March 1st, 2024

This week’s news bites: Five Eyes says SolarWinds hackers are adopting new techniques, NIST
releases Cybersecurity Framework 2.0, employees input sensitive data into AI tools despite
risks, Brazilian appeals court tells Meta to stop calling itself Meta and White House EO blocks
mass transfer of sensitive data to countries of concern.

Read details here.

AI tools are advancing at warp speed. If your policies, training and controls are not
doing the same, you are cruising for a problem. Do you have this under control? If you
are not sure, please contact us.

Mitch
www.CyberCecurity.com
www.TurnkeyCybersecurityAndPrivacySolutions.com
Mitch@CyberCecurity.com
720-891-1663