September 29th, 2024

• ALERT Google’s Mandiant Warns of Northern Korea Fake IT Worker Attack
• No Big Surprise – US Intelligence Says Russia is Pushing Fake Videos of Kamala Harris
• Cybercriminals Target Transportation Sector
• FTC Fines DoNotPay $193k for Telling Consumers That Their AI Replaces Lawyers
• Rockwell Automation PLC has Remote Code Execution Bug
• And Another One Bites the Dust – UK Stops LinkedIn from Massively Using Your Data to Train its AI
• Millions of Vehicles Could be Hacked
• Another Water Facility Hit by Cyberattack
• MoneyGram Says it is Making Progress in Recovering from a Cyberattack
• Dell Faces Third Data Leak in a Week

Security News for the Week Ending September 27th, 2024

This week’s news bites include: White House proposes ban of Chinese, Russian connected
vehicles and software, Telegram gets religion after France throws its CEO in jail, don’t join the
MetaVerse – fined $101 million for dumbness, when cyber meets physical-Russia might be
planning to cut ocean fiber cables, industrial IoT attack surface sprawl is a problem.

Read details here.

Are you really prepared for third party risk? It seems that a lot of companies thought they
were prepared. Before they discovered that they were not prepared. Concerned?
Nervous? Contact us.

Mitch
www.CyberCecurity.com
www.TurnkeyCybersecurityAndPrivacySolutions.com
Mitch@CyberCecurity.com
720-891-1663

September 22nd, 2024

• Could What Happened in German Politics Happen Here?
• After Cyber-Physical Attack Exploded Pagers, Now Walkie-Talkies Blow Up in Lebanon
• Feds Release Cybersecurity Alignment Plan for the Executive Branch
• Google Upgrading Chrome to use Post-Quantum Encryption
• Apple Patches iOS to Stop Siri From Giving Away Your Info , Many macOS Patches
• Progress Software Announces a Perfect 10 Bug and Releases Fix
• Hackers Arrested in Miami Charged with Trying to Steal and Launder $230 Mil in Crypto
• Delta Prime DeFi Protocol Loses $6 Mil After Private Key Leaked
• Finally! A Good Cyber Attack (Against a Russian Security Firm)
• MoveIT Breach Still Bearing Gifts More Than a Year Later

Security News for the Week Ending September 20th, 2024

This week’s news bites include: Tennessee school district sends $3 to money mules – mules
may wind up becoming felons, be glad you are not London Transit; they have to reset 30,000
employees passwords in person, two months before the election Trump announces crypto
venture, Craigslist founder Craig Newmark to donate $100 million to strengthen US
cybersecurity and YouTube removes TenetMedia as Russian disinformation channel.

Read details here.

CMMC is getting very real and DoD will soon have a partner in the Department of
Education. If you are not already deep into getting ready, you are behind the power
curve. If you need help, please contact us.

Mitch
www.CyberCecurity.com
www.TurnkeyCybersecurityAndPrivacySolutions.com
Mitch@CyberCecurity.com
720-891-1663

September 15th, 2024

• CISA Says SonicWall Bug Being Exploited
• Feds Say Russia Today Media in Bed With Russia’s Spies
• Department of Education to Issue Proposed Rule on Protecting CUI Like Student Data
• Data Broker Whitepages Sued by West Virginia Over Publishing Information
• EU’s High Court Upholds $2.7 Billion Fine for Abusing Monopoly
• Not A Good Day for Apple Either – ECJ Upholds $14 Billion Tax Preference Fine
• Beware if Your Doctor Wants to Take Pictures of You
• Musk Calls Australia Fascists
• The Government Isn’t Ready for Cyber Chaos in the Food and Agriculture Sector
• Credit Card Processor Discloses Year-Old Breach
• Highline Public K-12 Schools Shut Down All Schools After Cyberattack
• London’s Transit Agency Drops Claim That it Has no Evidence of Customer Data Theft
• Avis Loses Data of 300,000
• Fortinet Confirms Data Breach – Only After Hacker Offered 440 Gig of Data for Sale

Security News for the Week Ending September 13th, 2024

This week’s news bites include: unregistered crypto trading platform settles with the SEC, FBI
says cryptocurrency losses in 2023 reached $5.6 billion, Netflix wins rights to new Silicon Valley
Drama, Thumblite, which might not be very Valley friendly, Port of Seattle warns of data leak
after refusing to pay ransom and even if your phone is secure, the radio that runs it might not
be.

Read details here.

CMMC is getting very real and not just for DoD contractors; the next department is
Education. If you need help with CMMC, please contact us.

Mitch
www.CyberCecurity.com
www.TurnkeyCybersecurityAndPrivacySolutions.com
Mitch@CyberCecurity.com
720-891-1663

September 8th, 2024

• Trump’s Daughter and Daughter in Law’s Twitter Accounts Hacked to Promote Crypto (Scam?)
• Intel Responds to Secure Enclave Hacking Research
• Running AI on Your Phone (Apple Intelligence) – Don’t Fall For the Marketing Hype
• Cisco Reveals Yet Another Hard Coded Credential in Their Software
• LiteSpeed WordPress Plugin Exposes 6 Million Sites to Takeover
• Brazil Suspends Twitter, Including Via VPNs
• EU Closes Case Against Twitter AI – After They Agree to Stop Processing EU Data
• Yubikey 5 Security Flaw Unfixable
• London Underground Riders Having Payment Issues After Hack
• RansomHub Steals 93GB of Sensitive Data from Intermountain Planned Parenthood

Security News for the Week Ending September 6th, 2024

This week’s news bites include: every time I think hackers can’t get more sleazy, they do,
millions lost when Mbappe’s account promotes $460 mil crypto scam, police may seize your
Tesla if parked near a crime scene, Twitter is hiring staff for security and safety after years of
layoffs and CISA finally talks about airport security bypass – sort of.

Read details here.

AI is great and people are moving forward with using it at breakneck speed, but there are
speed bumps. If you need help avoiding some of those bumps, please contact us.

Mitch
www.CyberCecurity.com
www.TurnkeyCybersecurityAndPrivacySolutions.com
Mitch@CyberCecurity.com
720-891-1663

September 1st, 2024

• Industrial Control System (ICS) Bugs Are Rampant
• ‘Malfunction’ at Dutch Defense Ministry Data Center Causing Mass Disruption
• SolarWinds in the News Again – Hardcoded Credentials
• Cross Fork Object Reference (CFOR) Design Flaw in GitHub Grants Access to Private, Deleted Data
• Critical Bug in WordPress Plugin With 1 Million + Installs
• Dutch Privacy Regulator Fines Uber $324 Mil for GDPR Failure
• Pavel Durov, Telegram Founder, Indicted. Paid 5 Mil Euro Bail, Can’t Leave the Country
• Is This a “Get Out The Vote” Text or a Phishing Scam
• Patelco Credit Union Breach Affects 726,000
• Port of Seattle and Sea-Tac Airport Hit by ‘Possible Cyberattack’
• Two Terabytes of Sensitive Customer Info Stolen from ServiceBridge

Security News for the Week Ending August 30th, 2024

This week’s news bites include: Trump threatens Zuckerberg with life in prison, is a republican
mega donor changing Trump’s opinion of TikTok, cybertruck windows are peelable and thieves
love it, user says Pixel 9 eavesdropped on him 24/7, after Telegram CEO arrest, will other CEOs
be wary of travel and researcher bypasses TSA security, DHS says nothing to see.

Read details here.

The DoJ prosecution of Georgia Tech will have a very significant effect on their ability to
close new business as well as existing customers taking out their security microscopes.
Large customers, especially the government, are done with hoping that companies do
the right thing. If they thought that companies would just “do right” there would be no
requirement for CMMC, but they don’t believe that. The next step is a lawsuit and in the
case of government agencies, potential criminal charges. If you need help with your
cybersecurity compliance program contact us.

Mitch
www.CyberCecurity.com
www.TurnkeyCybersecurityAndPrivacySolutions.com
Mitch@CyberCecurity.com
720-891-1663