May 28, 2023

• Microsoft Says Business Email Compromise Attackers Evade Impossible Travel Alert
• FBI Says Human Trafficking Rings Force Job Seekers into Crypto Jacking Schemes
• Biden Nominates Lt. Gen. Timothy Haugh to Head NSA and Cybercom
• CISA Warns of Samsung ASLR Bypass Flaw Being Exploited
• FTC Sues VoIP Provider Over Billions of Robocalls
• The AI Wars Continue – Twitter vs. Microsoft
• Google Set to Roll Out Privacy Sandbox in Chrome in July
• PharMerica Breach Exposes Patient Data of Six Million
• Apria Healthcare Breach Affects Almost 2 Million
• City of Augusta, Georgia Hit by Cyber Incident

Security News for the Week Ending May 26th, 2023

News bites for the week ending May 26th: sometimes a patch goes sideways, Chinese hackers
behind Guam breach have been spying on the US military for years, OAuth flaw exposes social
media login accounts to account takeover, Capita issued erroneous breach details and feds use
AI tool to analyze social media of citizens and refugees.

Read the details here.

If you are worried that your patch management program might not be adequate, please
contact us.

Mitch

www.CyberCecurity.com
www.TurnkeyCybersecurityAndPrivacySolutions.com

Mitch@CyberCecurity.com

May 19, 2023

• Dish Loses 81,000 Wireless Customers and 552,000 TV Customers After Cyber Attack
• Feds Warn to Lock Down Remote Desktop or Catch a Virus (BianLian)
• Microsoft WIll Choose Secure Login Method You WIll Use
• Apple Patches 3 Zero-Days Exploited in the Wild
• Montana Becomes First State to Totally Ban TikTok, First Lawsuit Filed
• Do You Have a Social Media Music License
• Details Emerge on Dish Ransomware/Data Breach
• Uintah Basin Healthcare (Utah) Affects 100k Patients Over Ten Years
• Ransomware Group Leaks 5 GB of Lowell, Mass. Data
• Defense Contractor L3Harris May Have Been Hacked; Defense Data Stolen
• Debt Collector Credit Control Leaks Info on 286.000+

Security News for the Week Ending May 19th, 2023
News bites for the week ending May 19th: part time hackers get rich, cops sell seized phones
without wiping them, Alabama legislature votes on bill to block porn on phones automatically,
why go to all of the trouble of clicking on infected links when you can buy electronics with
malware preinstalled from Amazon and not everyone is in love with ChatGPT-Apple bans it.

Read the details here.

Dish discovered that having your backups online is convenient. Convenient for
ransomware gangs to encrypt. Are your backups safe? If you are concerned about this,
please contact us.

Yet another third party breach. This time, it is a third party debt collector who leaked info
on more than 250,000. While the debt collector will be sued, so will all of its clients. Are
you prepared to defend yourself at your expense when one of your vendors is
compromised? You can reduce that risk. Want to improve the odds? Give us a shout.

Mitch

www.CyberCecurity.com
www.TurnkeyCybersecurityAndPrivacySolutions.com

Mitch@CyberCecurity.com

May 12, 2023

• MSI Hackers Leak Stolen Code Including Private Code SIgning Keys
• NIST Releases Draft of Cybersecurity Framework 2.0 Core
• China Raids Offices of Western Companies; Pot Calls Kettle Black
• Microsoft Patches Symptoms of Outlook Exploit – Workaround Found – New Patch
• Whistleblowers Rejoice as SEC issues $279 Million Reward – Business Beware
• Justice Delayed is … Too Normal
• NextGen Healthcare Breach Affects 1.1 million customers
• City of Dallas Ransomware – Other City Agencies Previously Paid Ransom
• Maybe They Should Use Their Own Software
• French Tourism Company Leaks Info on 90,000 Customers

Security News for the Week Ending May 12th, 2023
This week’s news bites include: Google adds dark web monitoring to GMail users, YouTube
tests blocking videos if you use modern browsers, US probes possible leak of critical
infrastructure data at Rockwell facility in China, smart cars are a hacker’s dream and hackers
could destabilize the power grid due to Siemens bug.

Read the details here.

Are you concerned that the cyber insurance you are paying for might not pay out if you
have a claim? That is a reasonable concern. Want to improve the odds? Give us a
shout.

Mitch

www.CyberCecurity.com
www.TurnkeyCybersecurityAndPrivacySolutions.com

Mitch@CyberCecurity.com
720-891-1663

May 5, 2023

• Beware – Your MSP Likely Doesn’t Care About Your Cybersecurity
• Verified Twitter Accounts Warn of (Fake) Imminent Nuclear Strike
• Researchers Publish New BGP Routing Flaws in Open Source Routing Software
• SANS Institute releases Volumes 1,2 and 3 of the ICS Cybersecurity Field Manual
• Privacy4Cars Releases a Tool to Help People Understand What Data Your Car Collecting
• CISA Releases Draft Secure Software Self-Attestation Form
• Court Says Pay Up To Merck’s Insurer After $1.4 Bil Not-Petya Claim Denied
• Operation SpecTor Seizes $53 Mil and Arrests 288 in Dark Web Drug Bust
• DoJ Detected SolarWinds Hack Months Earlier than First Disclosed
• The FBI Says Don’t Pay the Ransom; the San Bernardino Sheriff Paid a $1 Mil+ Ransom
• Fake Postal Service Jobs Site … in Pakistan … Leaks Personal Data, Credit Cards
• IT Giant Bitmarck Shuts Down Systems After Ransomware Attack
• MeritServus and MeritKapital Who Register Shell Companies Hacked
• Dallas, Texas Hit by Ransomware Attack
• City of Lowell, Mass. Hit by Ransomware; Systems Taken Offline

Security News Bites for the Week Ending May 5th, 2023:

This week’s news bites include: government contractors affected by TikTok ban too, Google
and Apple work together to stop AirTag stalking, Google to remove “secure” icon in Chrome,
expect more of this: PornHub says if you are in Utah, you cannot access the site and National
Guard to the rescue.

Read the details here.

If you are not sure that your Managed Service Provider understands your cybersecurity
needs – and it is likely that they do not, please contact us.

Mitch
www.CyberCecurity.com
www.TurnkeyCybersecurityAndPrivacySolutions.

Mitch@CyberCecurity.com