May 25th, 2025
- Student Makes Tool to Engage Social Media Users Using AI Bots
- Brian Krebs (Krebs On Security . Com) Hit with 6.3 Terabit per Second Attack
- Grocery Chain Kroger is Selling Enhanced Loyalty Program Data
- CMMC Q&A
- Are You More Like Marks & Spencer or Co-Op?
- Cyber Fraud and the False Claims Act
- Signal Updates Windows App to Block Microsoft Recall
- Terrorists Still Able to Buy Check Marks on Twitter
- Dutch Government Passes Law to Criminalize Cyber Espionage
- The Ever Evolving Threat of the Russian-Speaking Criminal Underground
- HealthTech Provider Exposes 100+ Gigabytes of Customer Data
- Ohio’s Kettering Health Goes Back to #2 Pencils and Big Chief Tablets
- Facebook Leaks 1.2 Billion Records
- Trimble Cityworks Used to Manage Public Infrastructure Exploited
- Unprotected Database of Credentials Exposes Tens of Millions of Credentials
Security News for the week ending May 23rd, 2025
This week’s news: lazy passwords still prevail, good hackers earn over $1 million at Pwn2Own
Berlin, foreign intelligence services recruit government workers fired by DOGE, FCC bars
Chinese firms from testing electronics for US consumers and polymorphic phishing attacks flood
inboxes.
Read details here.
Is your company prepared for a cyber disaster? I am sure that British retailer Marks &
Spencer thought they were. The reality is very, very different. British food and funeral
service provider Co-Op (no, that is not a typo) recovered from a cyber attack in just days.
Customer data was stolen from both of them. Hackers were inside for too long in both
cases. M&S says it will be months before they fully recover. Do you need help testing
your disaster recovery and business continuity plans? Please contact us for assistance.
Mitch
www.CyberCecurity.com
www.TurnkeyCybersecurityAndPrivacySolutions.com
[email protected]
May 18th, 2025
- Be Careful What You Wish For – You May Get it and not Like It
- CMMC Q&A
- DoD (DCSA) Releases New SF-328 for Foreign Ownership Interests
- Apple Patches 30 Vulnerabilities
- Of Course Microsoft isn’t Going to Let Apple Out-Patch Them
- Researcher Says Commvault Patch Didn’t Fix Problem – But it Did
- CISA Adds TeleMessage Bug to KEV List After Breach
- Zoom Fixes Multiple Vulnerabilities; Says Windows Users, Especially, Should Patch
- Pro-Ukraine Hackers Erase a Third of Russian Court Case Archive
- Marks & Spencer Admits Customers’ Data Stolen
- Alabama Says “Cybersecurity Event” Could Disrupt State Services
- UK Retailer Marks & Spencer May be Ready to File 100 Million Pound Insurance Claim
- Largest US Steelmaker Hit by Cyber Attack
This week’s news: FTC says it won’t regulate AI until after it causes harm, Chinese hackers
going after Taiwan and South Korea supply chains, another reason to get off Windows 10, Israel
arrests suspect behind $190 million crypto hack and Coinbase users lose tens of millions a
week while Coinbase ignores it.
Read details here.
Are you prepared to deal with an insider threat? If you are not sure, please contact us.
Mitch
www.CyberCecurity.com
www.TurnkeyCybersecurityAndPrivacySolutions.com
[email protected]
May 11th, 2025
- Experts Say US Phone/Internet Carriers No More Secure After Chinese Hacks
- Delta Has to Face Passenger Lawsuits Over Crowdstrike Meltdown
- CISA Says Unsophisticated Attacks on Energy, Transportation Work Due to Weak Security
- CMMC Q&A
- SonicWall SMAxxx VPN Vulnerabilities Being Exploited Now
- Researcher Says Commvault Patch Didn’t Fix Problem
- Cisco Gets Another 10 – IOSXE This Time
- France Fines Apple $162 Million for HOW They Use Privacy Tool
- Court Says Apple Violated Requirement to Open Up App Store
- Jury Orders NSO Spyware Company to Pay WhatsApp $168 Million
- Florida Roots Out Waste, etc. In a Good Way – Before it is Spent
- Hackers Ramp Up Efforts Targeting Developers
- FBI Explains How Chinese Use AI to Swindle US Businesses
- Harrods Department Store Joins Club – UK Businesses Hacked This Year
- HHS Settles with PIH Health for $600K for HIPAA Violations
- Medical Device Giant Masimo Hit by Cyberattack
Security News for the Week Ending May 9th, 2025
This week’s news: wrong number text messages, Real-ID is now real, this is why paying a
ransom is not a good plan, Google rolling out on-device AI protections to detect scams and
Real-ID is a real bullseye for every hacker.
Read details here.
There are multiple stories this week about failed business continuity and disaster
recovery strategies. Are you confident that yours will hold up if the worst happens. If
you are just a bit nervous, please contact us.
Mitch
www.CyberCecurity.com
www.TurnkeyCybersecurityAndPrivacySolutions.com
[email protected]
May 4th, 2025
- And Another One Bites the Dust – Settles with DoJ Over Lying About Cybersecurity Practices
- CISOs Say Reconsider Use of Microsoft RDP Due to Password Flaw/Feature
- Physical Therapist Sued Over Accessing Nude Pictures of Other Doctors’ Patients
- CMMC Q&A
- After Signalgate – Interest in Chat Archiving Skyrockets
- “Take it Down” Act Passes House 409-2
- Score Two for the Feds – Take Down Kiddie Porn Group Leaders
- Indian Court Orders Blocking of Proton Mail
- EU Fines TikTok $600 Million for Sending Data to China
- Yale New Haven Health System Hacked; 5.5 Million Patients’ Data Stolen
- Western New Mexico University Hacked
Security News for the Week Ending March 2nd, 2025
This week’s news: 4Chan cesspool is back online, are you sharing the wrong data with Google,
phishing as a service is pretty affordable, NSC official says administration will get more cyber
offensive and FBI steps in after politicians get swatted.
Read details here.
Are you getting more nervous about your CMMC compliance after reading about this
most recent DoJ CMMC compliance lawsuit settlement? It seems like they are settling
with another company for fraudulently claiming they are compliant every month and
rumors are that they have about a hundred cases in different stages of settlement.
Please contact us if you need assistance.
Mitch
www.CyberCecurity.com
www.TurnkeyCybersecurityAndPrivacySolutions.com
[email protected]
