kevnowledgy

Welcome to Security brief for week 34 #cybernews #cybersecurity #informationsecurity #infosec Outline 00:00:00 - Welcome 00:00:05 - Ransomware rakes in record-breaking $450 million in first half of 2024 00:02:10 - Toyota confirms third-party data breach impacting customers 00:03:39 - Oregon Zoo warns visitors their credit card details were stolen 00:04:59 - Microchip Technology discloses cyberattack impacting operations 00:06:07 - CannonDesign confirms Avos Locker ransomware data breach 00:07:11 - Hackers steal banking creds from iOS, Android users via PWA apps 00:08:35 - Man sentenced for hacking state registry to fake his own death 00:10:03 - Qilin ransomware now steals credentials from Chrome browsers 00:11:13 - Russian laundering millions for Lazarus hackers arrested in Argentina 00:12:46 - US oil giant Halliburton confirms cyberattack behind systems shutdown 00:13:56 - American Radio Relay League confirms $1 million ransom payment 00:14:52 - The End _______ Sources: Ransomware rakes in record-breaking $450 million in first half of 2024 https://www.bleepingcomputer.com/news/security/ransomware-rakes-in-record-breaking-450-million-in-first-half-of-2024/ Toyota confirms third-party data breach impacting customers https://www.bleepingcomputer.com/news/security/toyota-confirms-third-party-data-breach-impacting-customers/ Oregon Zoo warns visitors their credit card details were stolen https://www.bleepingcomputer.com/news/security/oregon-zoo-warns-visitors-their-credit-card-details-were-stolen/ Microchip Technology discloses cyberattack impacting operations https://www.bleepingcomputer.com/news/security/microchip-technology-discloses-cyberattack-impacting-operations/ CannonDesign confirms Avos Locker ransomware data breach https://www.bleepingcomputer.com/news/security/cannondesign-confirms-avos-locker-ransomware-data-breach/ Hackers steal banking creds from iOS, Android users via PWA apps https://www.bleepingcomputer.com/news/security/hackers-steal-banking-creds-from-ios-android-users-via-pwa-apps/ Man sentenced for hacking state registry to fake his own death https://www.bleepingcomputer.com/news/legal/man-sentenced-for-hacking-state-registry-to-fake-his-own-death/ Qilin ransomware now steals credentials from Chrome browsers https://www.bleepingcomputer.com/news/security/qilin-ransomware-now-steals-credentials-from-chrome-browsers/ Russian laundering millions for Lazarus hackers arrested in Argentina https://www.bleepingcomputer.com/news/legal/russian-laundering-millions-for-lazarus-hackers-arrested-in-argentina/ US oil giant Halliburton confirms cyberattack behind systems shutdown https://www.bleepingcomputer.com/news/security/us-oil-giant-halliburton-confirms-cyberattack-behind-systems-shutdown/ American Radio Relay League confirms $1 million ransom payment https://www.bleepingcomputer.com/news/security/american-radio-relay-league-confirms-1-million-ransom-payment/ Want to make your own AI video? checkout invideo: invideo.sjv.io/kev ---------- Follow me: youtube @kevnowledgy instagram.com @kevnowledgyy X.com @kevnowledgy

Want to make your own AI video? Checkout invideo: invideo.sjv.io/kev ---------- Office of Personnel Management (OPM) Breach (2015): In what was described as one of the most damaging breaches to U.S. national security until that time, hackers accessed sensitive personal information of approximately 22 million current and former federal employees. The breach included highly personal background investigation data. ---------- OUTLINE: 00:00:00 - The Intriguing Question 00:00:34 - Introduction to OPM 00:01:45 - The Prelude to the Breach 00:04:07 - The Breach Unveiled 00:07:04 - The Aftermath 00:10:13 - The Impact 00:13:07 - The Significance 00:15:37 - The Recap ---------- Follow me: instagram.com @kevnowledgyy X.com @kevnowledgy

Welcome to Security brief for week 33 #cybernews #cybersecurity #informationsecurity #infosec Outline: 00:00:00 - Welcome 00:00:05 - National Public Data confirms breach exposing Social Security numbers 00:01:40 - Australian gold producer Evolution Mining hit by ransomware 00:02:44 - Hackers posing as Ukraine’s Security Service infect 100 govt PCs 00:04:42 - 3AM ransomware stole data of 464,000 Kootenai Health patients 00:06:10 - Ivanti warns of critical vTM auth bypass with public exploit 00:07:45 - Microsoft August 2024 Patch Tuesday fixes 9 zero-days, 6 exploited 00:08:54 - NIST releases first encryption tools to resist quantum computing 00:10:17 - Zero-click Windows TCP/IP RCE impacts all systems with IPv6 enabled, patch now 00:11:46 - Russian who sold 300,000 stolen credentials gets 40 months in prison 00:13:09 - The End _______ Sources: National Public Data confirms breach exposing Social Security numbers https://www.bleepingcomputer.com/news/security/national-public-data-confirms-breach-exposing-social-security-numbers/ Australian gold producer Evolution Mining hit by ransomware https://www.bleepingcomputer.com/news/security/australian-gold-producer-evolution-mining-hit-by-ransomware/ Hackers posing as Ukraine’s Security Service infect 100 govt PCs https://www.bleepingcomputer.com/news/security/hackers-posing-as-ukraines-security-service-infect-100-govt-pcs/ 3AM ransomware stole data of 464,000 Kootenai Health patients https://www.bleepingcomputer.com/news/security/3am-ransomware-stole-data-of-464-000-kootenai-health-patients/ Ivanti warns of critical vTM auth bypass with public exploit https://www.bleepingcomputer.com/news/security/ivanti-warns-of-critical-vtm-auth-bypass-with-public-exploit/ Microsoft August 2024 Patch Tuesday fixes 9 zero-days, 6 exploited https://www.bleepingcomputer.com/news/microsoft/microsoft-august-2024-patch-tuesday-fixes-9-zero-days-6-exploited/ NIST releases first encryption tools to resist quantum computing https://www.bleepingcomputer.com/news/security/nist-releases-first-encryption-tools-to-resist-quantum-computing/ Zero-click Windows TCP/IP RCE impacts all systems with IPv6 enabled, patch now https://www.bleepingcomputer.com/news/microsoft/zero-click-windows-tcp-ip-rce-impacts-all-systems-with-ipv6-enabled-patch-now/ Russian who sold 300,000 stolen credentials gets 40 months in prison https://www.bleepingcomputer.com/news/security/russian-who-sold-300-000-stolen-credentials-gets-40-months-in-prison/ Want to make your own AI video? checkout invideo: invideo.sjv.io/kev ---------- Follow me: youtube @kevnowledgy instagram.com @kevnowledgyy X.com @kevnowledgy

Discover the chilling insights into the minds of cyber criminals in this deep dive into the dark psychology behind their actions. From cybersecurity threats to information technology breaches, learn how hackers use their knowledge of IT to exploit vulnerabilities and compromise systems. Explore the world of infosec and understand the motives driving these individuals to engage in illicit activities. Stay informed and vigilant against cyber threats by understanding the psychology of those who seek to harm our digital world. OUTLINE: 00:00:00 - The Digital Shadows 00:00:21 - Unmasking the Cyber Criminal Mind 00:01:00 - The Human Factor 00:01:34 - Loneliness and the Lure of Cybercrime 00:01:59 - Finding Solace in the Digital Shadows 00:02:27 - A False Sense of Belonging 00:02:52 - Bullying and the Birth of a Hacker 00:03:15 - Seeking Revenge in the Digital Realm 00:03:39 - The Seductive Power of Anonymity 00:04:03 - The Digital Scales of Justice 00:04:25 - When Hacktivism Blurs the Lines 00:04:50 - The Slippery Slope of Self-Righteousness 00:05:13 - The Illusion of Control 00:05:40 - The Thrill of the Hack 00:06:05 - The Addictive Nature of Cybercrime 00:07:18 - The Intoxication of Power 00:08:30 - Exploring the Link Between Cybercrime and Mental Health 00:09:13 - A World Built on Code and Ego 00:10:46 - When Empathy Fails to Compute 00:12:01 - A Call for Empath ---------- Want to make your own AI video? checkout invideo: invideo.sjv.io/kev ---------- Follow me: youtube @kevnowledgy instagram.com @kevnowledgyy X.com @kevnowledgy

Want to make your own AI video? Checkout invideo: invideo.sjv.io/kev ---------- Home Depot Breach (2014): Cyber attackers stole email and payment card information of about 56 million Home Depot customers. The breach was attributed to malware that had been installed on its payment systems. ---------- OUTLINE: 00:00:00 - The Digital Dilemma 00:01:11 - An Overview 00:02:50 - The Timeline of the Attack 00:05:09 - The Aftermath 00:08:03 - The 2024 Third-Party Breach 00:10:09 - The Key Takeaways 00:12:28 - Final Thoughts ---------- Follow me: instagram.com @kevnowledgyy X.com @kevnowledgy

Explore the intricate relationship between technology and daily life in our deep dive into how technology reshapes supply chains, online marketplaces, and digital payment systems. We unveil the double-edged sword of convenience versus vulnerability, revealing how integrated systems can both streamline our lives and expose us to cyber threats. Witness real-world disruptions like the major online retailer outage and the ransomware attack on Colonial Pipeline, illustrating the fragility and potential chaos tied to our digital dependencies. From the journey of products across continents to the critical importance of data in personalization and targeted advertising, we analyze how a single cyberattack can trigger a domino effect, impacting businesses and consumers alike. We also discuss consumer behavior changes in response to cyber threats and the economic ripple effects. Join us as we navigate through these digital landscapes, highlighting the urgent need for robust cybersecurity measures, consumer awareness, and collective efforts to safeguard our interconnected world. Like and share this video to spread awareness about the importance of digital security! #CyberSecurity #DigitalEconomy #TechIntegration #OnlineSafety #dataprotection ---------- OUTLINE: 00:00:00 - The Fragile Fabric of Modern Commerce 00:00:33 - When Systems Crumble 00:00:57 - The Price Tag of Disruption 00:01:37 - From Warehouses to Doorsteps 00:02:13 - When Data Becomes a Liability 00:02:40 - The Illusion of Abundance 00:03:26 - Panic in the Digital Aisles 00:04:05 - The Trust Deficit 00:05:00 - The Rise of the Digital Black Market 00:06:04 - The Crumbling Foundation of Consumer Confidence 00:07:06 - The Retreat from the Digital Marketplace 00:08:02 - The Psychology of Scarcity and Fear 00:08:58 - A Survival Guide 00:09:49 - Knowledge is Your Strongest Defense 00:10:23 - A Collective Effort 00:11:03 - No Time for Complacency 00:12:06 - A Holistic Approach to Cyber Resilience 00:12:47 - Charting a Course Toward Digital Trust ---------- Follow me: instagram.com @kevnowledgyy X.com @kevnowledgy

Explore the global CrowdStrike outage of 2024 with us as we unravel the causes, impacts, and aftermath of this significant cybersecurity event. Discover what led to the widespread disruption, how it affected businesses and individuals worldwide, and what steps have been taken to prevent future occurrences. Join our deep exploration into the intricacies of this major outage and its implications for the cybersecurity landscape. If you find this analysis insightful, please like and share the video. Want to make your own AI video? Checkout invideo: invideo.sjv.io/kev ---------- OUTLINE: 00:00:00 - The Day of the Outage 00:01:53 - The Cause 00:04:18 - The Impact 00:07:13 - The Remediation 00:10:25 - The Aftermath 00:13:20 - The Lessons Learned ---------- Follow me: youtube @kevnowledgy instagram.com @kevnowledgyy X.com @kevnowledgy

This breach impacted more than 412 million accounts on FriendFinder Networks, which operates adult content and casual hookup sites. Hackers exposed personal details, including email addresses and passwords, making it one of the largest data breaches of personal information. #DataBreach #CyberSecurity #AdultFriendFinder #OnlineSafety #TechNews ---------- OUTLINE: 00:00:00 - The Illusion of Safety 00:02:02 - A timeline 00:04:41 - The Hackers Revealed 00:06:56 - Impact on Users 00:09:21 Lessons from the Breach 00:11:47 - Key Points to Remember ---------- Follow me: instagram.com @kevnowledgyy X.com @kevnowledgy

Welcome to Security brief for week 32 #cybernews #cybersecurity #informationsecurity #infosec Outline: 00:00:00 - Stay Safe Online: Latest Cybersecurity Update! 00:00:06 - Keytronic reports losses of over $17 million after ransomware attack 00:01:16 - Crowdstrike: Delta Air Lines refused free help to resolve IT outage 00:02:30 - Hacker wipes 13,000 devices after breaching classroom management platform 00:03:23 -France's Grand Palais discloses cyberattack during Olympic games 00:04:16 - INTERPOL recovers over $40 million stolen in a BEC attack 00:05:15 - UK IT provider faces $7.7 million fine for 2022 ransomware breach 00:06:30 - FBI: BlackSuit ransomware behind over $500 million in ransom demands 00:07:44 - Ronin Network hacked, $12 million returned by "white hat" hackers 00:08:51 - CSC ServiceWorks discloses data breach after 2023 cyberattack 00:10:00 - US dismantles laptop farm used by undercover North Korean IT workers 00:11:20 - The End Want to make your own AI video? checkout invideo: invideo.sjv.io/kev ---------- Follow me: youtube @kevnowledgy instagram.com @kevnowledgyy X.com @kevnowledgy

Welcome to Security brief for week 31 #cybernews #cybersecurity #informationsecurity #infosec Outline; 00:00:00 - Welcome 00:00:10 - HealthEquity says data breach impacts 4.3 million people 00:01:51 - Android spyware 'Mandrake' hidden in apps on Google Play since 2022 00:03:20 - UK govt links 2021 Electoral Commission breach to Exchange server 00:05:08 - Dark Angels ransomware receives record-breaking $75 million ransom 00:07:14 - New Android malware wipes your device after draining bank accounts 00:08:37 - CISA and FBI: DDoS attacks won’t impact US election integrity 00:09:52 - UK takes down major 'Russian Coms' caller ID spoofing platform 00:11:37 - Credit card users get mysterious shopify-charge.com charges 00:13:05 - Fake AI editor ads on Facebook push password-stealing malware 00:14:15 - The end _______ Sources: HealthEquity says data breach impacts 4.3 million people https://www.bleepingcomputer.com/news/security/healthequity-says-data-breach-impacts-43-million-people/ Android spyware 'Mandrake' hidden in apps on Google Play since 2022 https://www.bleepingcomputer.com/news/security/android-spyware-mandrake-hidden-in-apps-on-google-play-since-2022/ UK govt links 2021 Electoral Commission breach to Exchange server https://www.bleepingcomputer.com/news/security/uk-govt-links-2021-electoral-commission-breach-to-exchange-server/ Dark Angels ransomware receives record-breaking $75 million ransom https://www.bleepingcomputer.com/news/security/dark-angels-ransomware-receives-record-breaking-75-million-ransom/ Cencora confirms patient health info stolen in February attack https://www.bleepingcomputer.com/news/security/cencora-confirms-patient-health-info-stolen-in-february-attack/ New Android malware wipes your device after draining bank accounts https://www.bleepingcomputer.com/news/security/new-android-malware-wipes-your-device-after-draining-bank-accounts/ CISA and FBI: DDoS attacks won’t impact US election integrity https://www.bleepingcomputer.com/news/security/cisa-and-fbi-ddos-attacks-wont-impact-us-election-integrity/ UK takes down major 'Russian Coms' caller ID spoofing platform https://www.bleepingcomputer.com/news/security/uk-takes-down-russian-comms-caller-id-spoofing-platform-used-to-scam-170-000-people/ Credit card users get mysterious shopify-charge.com charges https://www.bleepingcomputer.com/news/security/credit-card-users-get-mysterious-shopify-chargecom-charges/ Fake AI editor ads on Facebook push password-stealing malware https://www.bleepingcomputer.com/news/security/fake-ai-editor-ads-on-facebook-push-password-stealing-malware/ ______ Want to make your own AI video? checkout invideo: invideo.sjv.io/kev ---------- Follow me: youtube @kevnowledgy instagram.com @kevnowledgyy X.com @kevnowledgy

This video discuss the implications for national security, public records, and essential services like law enforcement and emergency response. Consider the impact on public trust and governance. #cybersecurity #informationsecurity _______ OUTLINE: 00:00:00 - Painting a Picture of Cyber Siege 00:00:46 - Beyond the Bits and Bytes 00:01:32 - Cyberattacks Cripple Law Enforcement 00:02:13 - When Investigation Hits a Firewall 00:02:57 - A Treasure Trove for Criminals 00:03:40 - The Need for Cyber-Resilient Policing 00:04:31 - When Emergency Response is Paralyzed 00:05:23 - Communication Breakdown in Disaster 00:06:11 - The Price of System Failure 00:07:03 - Preparing for the Unthinkable 00:07:58 - Public Records Under Fire 00:08:44 - A Nation Held Hostage by Data 00:09:33 - When Trust in Institutions Crumbles 00:10:19 - Safeguarding Our Collective Memory 00:11:02 - Cybersecurity and the Erosion of Faith 00:11:56 - Rebuilding Trust Through Openness 00:12:39 - Empowering Citizens in the Digital Age 00:13:19 - Forging a Secure Future Together 00:13:45 - Strengthening Our Cyber Defenses 00:14:11 - Building a More Secure Digital Future --------- Want to make your own AI video? Checkout invideo: invideo.sjv.io/kev --------- Follow me: instagram.com @kevnowledgyy X.com @kevnowledgy

Welcome to Security brief for week 30 #cybernews #cybersecurity #informationsecurity #infosec Want to make your own AI video? checkout invideo: invideo.sjv.io/kev 00:00:00 - Welcome 00:00:06 - Spain arrests three for using DDoSia hacktivist platform 00:01:58 - Police infiltrates, takes down DigitalStress DDoS-for-hire service 00:03:59 - Greece’s Land Registry agency breached in wave of 400 cyberattacks 00:05:56 - Fake CrowdStrike repair manual pushes new infostealer malware 00:08:07 - Verizon to pay $16 million in TracFone data breach settlement 00:09:47 - BreachForums v1 hacking forum data leak exposes members’ info 00:11:11 - Hamster Kombat’s 250 million players targeted in malware attacks 00:13:30 - US offers $10M for tips on DPRK hacker linked to Maui ransomware attacks 00:15:11 - Russian ransomware gangs account for 69% of all ransom proceeds 00:16:51 - The End _____ Sources: Spain arrests three for using DDoSia hacktivist platform https://www.bleepingcomputer.com/news/security/spain-arrests-three-for-using-ddosia-hacktivist-platform/ Police infiltrates, takes down DigitalStress DDoS-for-hire service https://www.bleepingcomputer.com/news/security/police-infiltrates-takes-down-digitalstress-ddos-for-hire-service/ Greece’s Land Registry agency breached in wave of 400 cyberattacks https://www.bleepingcomputer.com/news/security/greeces-land-registry-agency-breached-in-wave-of-400-cyberattacks/ Fake CrowdStrike repair manual pushes new infostealer malware https://www.bleepingcomputer.com/news/security/fake-crowdstrike-repair-manual-pushes-new-daolpu-infostealer-malware/ Verizon to pay $16 million in TracFone data breach settlement https://www.bleepingcomputer.com/news/security/verizon-to-pay-16-million-in-tracfone-data-breach-settlement/ BreachForums v1 hacking forum data leak exposes members’ info https://www.bleepingcomputer.com/news/security/breachforums-v1-hacking-forum-data-leak-exposes-members-info/ Hamster Kombat’s 250 million players targeted in malware attacks https://www.bleepingcomputer.com/news/security/hamster-kombats-250-million-players-targeted-in-malware-attacks/ US offers $10M for tips on DPRK hacker linked to Maui ransomware attacks https://www.bleepingcomputer.com/news/security/us-offers-10m-for-tips-on-dprk-hacker-linked-to-maui-ransomware-attacks/ Russian ransomware gangs account for 69% of all ransom proceeds https://www.bleepingcomputer.com/news/security/russian-ransomware-gangs-account-for-69-percent-of-all-ransom-proceeds/ ---------- Follow me: youtube @kevnowledgy instagram.com @kevnowledgyy X.com @kevnowledgy

Welcome to Security brief for week 29 #cybernews #cybersecurity #informationsecurity #infosec ---------- Outline 00:00:00 - Welcome 00:00:04 - CrowdStrike update crashes Windows systems, causes outages worldwide 00:02:31 - Facebook ads for Windows desktop themes push info-stealing malware 00:04:36 - Kaspersky is shutting down its business in the United States 00:06:38 - Email addresses of 15 million Trello users leaked on hacking forum 00:08:46 - Yacht giant MarineMax data breach impacts over 123,000 people 00:10:26 - Over 400,000 Life360 user phone numbers leaked via unsecured API 00:12:05 - Notorious FIN7 hackers sell EDR killer to other threat actors 00:13:56 - Revolver Rabbit gang registers 500,000 domains for malware campaigns 00:15:53 - Russians plead guilty to involvement in LockBit ransomware attacks 00:17:42 - The End _______ Sources: CrowdStrike update crashes Windows systems, causes outages worldwide https://www.bleepingcomputer.com/news/security/crowdstrike-update-crashes-windows-systems-causes-outages-worldwide/ Facebook ads for Windows desktop themes push info-stealing malware https://www.bleepingcomputer.com/news/security/facebook-ads-for-windows-themes-push-sys01-info-stealing-malware/ Kaspersky is shutting down its business in the United States https://www.bleepingcomputer.com/news/security/kaspersky-is-shutting-down-its-business-in-the-united-states/ Email addresses of 15 million Trello users leaked on hacking forum https://www.bleepingcomputer.com/news/security/email-addresses-of-15-million-trello-users-leaked-on-hacking-forum/ Yacht giant MarineMax data breach impacts over 123,000 people https://www.bleepingcomputer.com/news/security/yacht-giant-marinemax-data-breach-impacts-over-123-000-people/ Over 400,000 Life360 user phone numbers leaked via unsecured API https://www.bleepingcomputer.com/news/security/over-400-000-life360-user-phone-numbers-leaked-via-unsecured-android-api/ Notorious FIN7 hackers sell EDR killer to other threat actors https://www.bleepingcomputer.com/news/security/notorious-fin7-hackers-sell-edr-killer-to-other-threat-actors/ Revolver Rabbit gang registers 500,000 domains for malware campaigns https://www.bleepingcomputer.com/news/security/revolver-rabbit-gang-registers-500-000-domains-for-malware-campaigns/ Russians plead guilty to involvement in LockBit ransomware attacks https://www.bleepingcomputer.com/news/security/russians-plead-guilty-to-involvement-in-lockbit-ransomware-attacks/

While not a direct attack on Russia, the hacking of the French TV network TV5Monde in April 2015 was initially attributed to ISIS. However, further investigations linked it to a group known as APT28 or Fancy Bear, which has connections to Russian military intelligence. This incident demonstrated the complexity of attributing cyberattacks and the use of cyber operations in geopolitical strategies. ---------- Follow me: youtube @kevnowledgy instagram.com @kevnowledgyy X.com @kevnowledgy

Welcome to Security brief for week 26 #cybernews #cybersecurity #informationsecurity #infosec _______ OUTLINE: 00:00:00 - Welcome 00:00:05 - CoinStats says North Korean hackers breached 1,590 crypto wallets 00:01:50 - Chemical facilities warned of possible data theft in CISA CSAT breach 00:03:38 - Neiman Marcus confirms data breach after Snowflake account hack 00:05:36 - New Medusa malware variants target Android users in seven countries 00:08:40 - Polyfill.io JavaScript supply chain attack impacts over 100K sites 00:11:15 - Snowblind malware abuses Android security feature to bypass security 00:13:40 - TeamViewer's corporate network was breached in alleged APT hack 00:15:40 - The End _______ Sources: CoinStats says North Korean hackers breached 1,590 crypto wallets https://www.bleepingcomputer.com/news/cryptocurrency/coinstats-says-north-korean-hackers-breached-1-590-crypto-wallets/ Chemical facilities warned of possible data theft in CISA CSAT breach https://www.bleepingcomputer.com/news/security/chemical-facilities-warned-of-possible-data-theft-in-cisa-csat-breach/ Neiman Marcus confirms data breach after Snowflake account hack https://www.bleepingcomputer.com/news/security/neiman-marcus-confirms-data-breach-after-snowflake-account-hack/ New Medusa malware variants target Android users in seven countries https://www.bleepingcomputer.com/news/security/new-medusa-malware-variants-target-android-users-in-seven-countries/ Polyfill.io JavaScript supply chain attack impacts over 100K sites https://www.bleepingcomputer.com/news/security/polyfillio-javascript-supply-chain-attack-impacts-over-100k-sites/ Polyfill claims it has been 'defamed', returns after domain shut down https://www.bleepingcomputer.com/news/security/polyfill-claims-it-has-been-defamed-returns-after-domain-shut-down/ Cloudflare: We never authorized polyfill.io to use our name https://www.bleepingcomputer.com/news/security/cloudflare-we-never-authorized-polyfillio-to-use-our-name/ Polyfill.io, BootCDN, Bootcss, Staticfile attack traced to 1 operator https://www.bleepingcomputer.com/news/security/polyfillio-bootcdn-bootcss-staticfile-attack-traced-to-1-operator/ Snowblind malware abuses Android security feature to bypass security https://www.bleepingcomputer.com/news/security/snowblind-malware-abuses-android-security-feature-to-bypass-security/ TeamViewer's corporate network was breached in alleged APT hack https://www.bleepingcomputer.com/news/security/teamviewers-corporate-network-was-breached-in-alleged-apt-hack/ TeamViewer links corporate cyberattack to Russian state hackers https://www.bleepingcomputer.com/news/security/teamviewer-links-corporate-cyberattack-to-russian-state-hackers/ ---------- Follow me: youtube @kevnowledgy instagram.com @kevnowledgyy X.com @kevnowledgy

Welcome to Security brief for week 25 #cybernews #cybersecurity #informationsecurity #infosec ---------- OUTLINE: 00:00:00 - Welcome 00:00:05 - Alleged Scattered Spider sim-swapper arrested in Spain 00:01:30 - Panera Bread likely paid a ransom in March ransomware attack 00:02:46 - Two men guilty of breaching law enforcement portal in blackmail scheme 00:03:41 - Scathing report on Medibank cyberattack highlights unenforced MFA 00:04:51- AMD investigates breach after data for sale on hacking forum 00:05:51 - Advance Auto Parts confirms data breach exposed employee information 00:06:54 - Crown Equipment confirms a cyberattack disrupted manufacturing 00:07:57 - Linux version of RansomHub ransomware targets VMware ESXi VMs 00:08:54 - Biden bans Kaspersky antivirus software in US over security concerns 00:10:00 - Tor Browser 13.5 brings Android enhancements, better bridge management 00:11:02 - CDK Global outage caused by BlackSuit ransomware attack 00:12:05 - Los Angeles Unified confirms student data stolen in Snowflake account hack 00:13:12 - End _______ Sources: Alleged Scattered Spider sim-swapper arrested in Spain https://www.bleepingcomputer.com/news/legal/alleged-scattered-spider-sim-swapper-arrested-in-spain/ Panera Bread likely paid a ransom in March ransomware attack https://www.bleepingcomputer.com/news/security/panera-bread-likely-paid-a-ransom-in-march-ransomware-attack/ Two men guilty of breaching law enforcement portal in blackmail scheme https://www.bleepingcomputer.com/news/security/two-men-guilty-of-breaching-law-enforcement-portal-in-blackmail-scheme/ Scathing report on Medibank cyberattack highlights unenforced MFA https://www.bleepingcomputer.com/news/security/scathing-report-on-medibank-cyberattack-highlights-unenforced-mfa/ AMD investigates breach after data for sale on hacking forum https://www.bleepingcomputer.com/news/security/amd-investigates-breach-after-data-for-sale-on-hacking-forum/ Advance Auto Parts confirms data breach exposed employee information https://www.bleepingcomputer.com/news/security/advance-auto-parts-confirms-data-breach-exposed-employee-information/ Crown Equipment confirms a cyberattack disrupted manufacturing https://www.bleepingcomputer.com/news/security/crown-equipment-confirms-a-cyberattack-disrupted-manufacturing/ Linux version of RansomHub ransomware targets VMware ESXi VMs https://www.bleepingcomputer.com/news/security/linux-version-of-ransomhub-ransomware-targets-vmware-esxi-vms/ Biden bans Kaspersky antivirus software in US over security concerns https://www.bleepingcomputer.com/news/security/biden-bans-kaspersky-antivirus-software-in-us-over-security-concerns/ Tor Browser 13.5 brings Android enhancements, better bridge management https://www.bleepingcomputer.com/news/security/tor-browser-135-brings-android-enhancements-better-bridge-management/ CDK Global outage caused by BlackSuit ransomware attack https://www.bleepingcomputer.com/news/security/cdk-global-outage-caused-by-blacksuit-ransomware-attack/ Los Angeles Unified confirms student data stolen in Snowflake account hack https://www.bleepingcomputer.com/news/security/los-angeles-unified-confirms-student-data-stolen-in-snowflake-account-hack/ ---------- Follow me: youtube @kevnowledgy instagram.com @kevnowledgyy X.com @kevnowledgy

Welcome to Security brief for week 24 #cybernews #cybersecurity #informationsecurity #infosec _______ Outline: 00:00:00 - Welcome 00:00:06 - 23andMe data breach under investigation in UK and Canada 00:01:31 - Exploit for critical Veeam auth bypass available, patch now 00:03:14 - London hospitals face blood shortage after Synnovis ransomware attack 00:04:51 - Apple enters AI arms race with new Apple Intelligence feature 00:06:10 - TellYouThePass ransomware exploits recent PHP RCE flaw to breach servers 00:08:31 - Chinese hackers breached 20,000 FortiGate systems worldwide 00:11:14 - City of Cleveland shuts down IT systems after cyberattack 00:12:59 - Black Basta ransomware gang linked to Windows zero-day attacks 00:15:27 - Police arrest Conti and LockBit ransomware crypter specialist 00:16:59 - Life360 says hacker tried to extort them after Tile data breach 00:18:37 - Phishing emails abuse Windows search protocol to push malicious scripts 00:20:05 - Exploit for Veeam Recovery Orchestrator auth bypass available, patch now 00:21:40 - The End _______ Sources: 23andMe data breach under investigation in UK and Canada https://www.bleepingcomputer.com/news/security/23andme-data-breach-under-investigation-in-uk-and-canada/ Exploit for critical Veeam auth bypass available, patch now https://www.bleepingcomputer.com/news/security/exploit-for-critical-veeam-auth-bypass-available-patch-now/ London hospitals face blood shortage after Synnovis ransomware attack https://www.bleepingcomputer.com/news/security/london-hospitals-face-blood-shortage-after-synnovis-ransomware-attack/ Apple enters AI arms race with new Apple Intelligence feature https://www.bleepingcomputer.com/news/apple/apple-enters-ai-arms-race-with-new-apple-intelligence-feature/ TellYouThePass ransomware exploits recent PHP RCE flaw to breach servers https://www.bleepingcomputer.com/news/security/tellyouthepass-ransomware-exploits-recent-php-rce-flaw-to-breach-servers/ Chinese hackers breached 20,000 FortiGate systems worldwide https://www.bleepingcomputer.com/news/security/chinese-hackers-breached-20-000-fortigate-systems-worldwide/ City of Cleveland shuts down IT systems after cyberattack https://www.bleepingcomputer.com/news/security/city-of-cleveland-shuts-down-it-systems-after-cyberattack/ Black Basta ransomware gang linked to Windows zero-day attacks https://www.bleepingcomputer.com/news/security/black-basta-ransomware-gang-linked-to-windows-zero-day-attacks/ Police arrest Conti and LockBit ransomware crypter specialist https://www.bleepingcomputer.com/news/security/police-arrest-conti-and-lockbit-ransomware-crypter-specialist/ Life360 says hacker tried to extort them after Tile data breach https://www.bleepingcomputer.com/news/security/life360-says-hacker-tried-to-extort-them-after-tile-data-breach/ Phishing emails abuse Windows search protocol to push malicious scripts https://www.bleepingcomputer.com/news/security/phishing-emails-abuse-windows-search-protocol-to-push-malicious-scripts/ Exploit for Veeam Recovery Orchestrator auth bypass available, patch now https://www.bleepingcomputer.com/news/security/exploit-for-veeam-recovery-orchestrator-auth-bypass-available-patch-now/ ---------- Follow me: youtube @kevnowledgy instagram.com @kevnowledgyy X.com @kevnowledgy

OUTLINE: 00:00:00 - Setting the Stage for Cyber Interference 00:00:48 - DDoS Attacks and Their Devastating Impact 00:01:38 - Media and Election Monitors Under Siege 00:02:26 - Silencing Dissent in the Digital Age 00:03:15 - Tracing the Digital Breadcrumbs 00:04:02 - The Global Implications of Cyber Election Interference 00:04:52 - Strategies for Countering Cyber Threats 00:05:34 - The Future of Cyber Warfare in Elections 00:06:13 - A Call to Action for a Secure Digital Future 00:06:56 - Safeguarding Democracy in the Digital Age ---------- Follow me: instagram.com @kevnowledgyy X.com @kevnowledgy

Welcome to Security brief for week 28 #cybernews #cybersecurity #informationsecurity #infosec ---------- Outline: 00:00:00 - Welcome 00:00:05 - Roblox vendor data breach exposes dev conference attendee info 00:01:35 - CloudSorcerer hackers abuse cloud services to steal Russian govt data 00:03:09 - Hackers leak 39,000 print-at-home Ticketmaster tickets for 154 events 00:05:07 - Evolve Bank says data breach impacts 7.6 million Americans 00:07:19 - US disrupts AI-powered bot farm pushing Russian propaganda on X 00:08:46 - GitLab: Critical bug lets attackers run pipelines as other users 00:10:17 - Massive AT&T data breach exposes call logs of 109 million customers 00:12:29 - Rite Aid confirms data breach after June ransomware attack 00:14:31 - Dallas County: Data of 200,000 exposed in 2023 ransomware attack 00:16:33 - Fujitsu confirms customer data exposed in March cyberattack 00:18:06 - The End _______ Sources: Roblox vendor data breach exposes dev conference attendee info https://www.bleepingcomputer.com/news/security/roblox-vendor-data-breach-exposes-dev-conference-attendee-info/ CloudSorcerer hackers abuse cloud services to steal Russian govt data https://www.bleepingcomputer.com/news/security/cloudsorcerer-hackers-abuse-cloud-services-to-steal-russian-govt-data/ Hackers leak 39,000 print-at-home Ticketmaster tickets for 154 events https://www.bleepingcomputer.com/news/security/hackers-leak-39-000-print-at-home-ticketmaster-tickets-for-154-events/ Evolve Bank says data breach impacts 7.6 million Americans https://www.bleepingcomputer.com/news/security/evolve-bank-says-data-breach-impacts-76-million-americans/ US disrupts AI-powered bot farm pushing Russian propaganda on X https://www.bleepingcomputer.com/news/security/us-disrupts-ai-powered-bot-farm-pushing-russian-propaganda-on-x/ GitLab: Critical bug lets attackers run pipelines as other users https://www.bleepingcomputer.com/news/security/gitlab-warns-of-critical-bug-that-lets-attackers-run-pipelines-as-an-arbitrary-user/ Massive AT&T data breach exposes call logs of 109 million customers https://www.bleepingcomputer.com/news/security/massive-atandt-data-breach-exposes-call-logs-of-109-million-customers/ Rite Aid confirms data breach after June ransomware attack https://www.bleepingcomputer.com/news/security/rite-aid-confirms-data-breach-after-june-ransomware-attack/ Dallas County: Data of 200,000 exposed in 2023 ransomware attack https://www.bleepingcomputer.com/news/security/dallas-county-data-of-200-000-exposed-in-2023-ransomware-attack/ Fujitsu confirms customer data exposed in March cyberattack https://www.bleepingcomputer.com/news/security/fujitsu-confirms-customer-data-exposed-in-march-cyberattack/ ---------- Follow me: youtube @kevnowledgy instagram.com @kevnowledgyy X.com @kevnowledgy

Welcome to Security brief for week 27 #cybernews #cybersecurity #informationsecurity #infosec _______ 00:00:00- Welcome 00:00:06 - New regreSSHion OpenSSH RCE bug gives root on Linux servers 00:01:33 - Cisco warns of NX-OS zero-day exploited to deploy custom malware 00:03:23 - Australian charged for ‘Evil Twin’ WiFi attack on plane 00:04:53 - Prudential Financial now says 2.5 million impacted by data breach 00:06:35 - Google now pays $250,000 for KVM zero-day vulnerabilities 00:08:31 - Europol takes down 593 Cobalt Strike servers used by cybercriminals 00:10:36 - Hackers abused API to verify millions of Authy MFA phone numbers 00:12:33 - HealthEquity data breach exposes protected health information 00:14:24 - Ethereum mailing list breach exposes 35,000 to crypto draining attack 00:16:36 - Hackers leak alleged Taylor Swift tickets, amp up Ticketmaster extortion 00:18:24 - The End _______ Sources: New regreSSHion OpenSSH RCE bug gives root on Linux servers https://www.bleepingcomputer.com/news/security/new-regresshion-openssh-rce-bug-gives-root-on-linux-servers/ Cisco warns of NX-OS zero-day exploited to deploy custom malware https://www.bleepingcomputer.com/news/security/cisco-warns-of-nx-os-zero-day-exploited-to-deploy-custom-malware/ Australian charged for ‘Evil Twin’ WiFi attack on plane https://www.bleepingcomputer.com/news/security/australian-charged-for-evil-twin-wifi-attack-on-plane/ Prudential Financial now says 2.5 million impacted by data breach https://www.bleepingcomputer.com/news/security/prudential-financial-now-says-25-million-impacted-by-data-breach/ Google now pays $250,000 for KVM zero-day vulnerabilities https://www.bleepingcomputer.com/news/security/google-now-pays-250-000-for-kvm-zero-day-vulnerabilities/ Europol takes down 593 Cobalt Strike servers used by cybercriminals https://www.bleepingcomputer.com/news/security/europol-takes-down-593-cobalt-strike-servers-used-by-cybercriminals/ Hackers abused API to verify millions of Authy MFA phone numbers https://www.bleepingcomputer.com/news/security/hackers-abused-api-to-verify-millions-of-authy-mfa-phone-numbers/ HealthEquity data breach exposes protected health information https://www.bleepingcomputer.com/news/security/healthequity-data-breach-exposes-protected-health-information/ Ethereum mailing list breach exposes 35,000 to crypto draining attack https://www.bleepingcomputer.com/news/security/ethereum-mailing-list-breach-exposes-35-000-to-crypto-draining-attack/ Hackers leak alleged Taylor Swift tickets, amp up Ticketmaster extortion https://www.bleepingcomputer.com/news/security/hackers-leak-alleged-taylor-swift-tickets-amp-up-ticketmaster-extortion/ ---------- Follow me: youtube @kevnowledgy instagram.com @kevnowledgyy X.com @kevnowledgy

Welcome to Security brief for week 21 #cybernews #cybersecurity #informationsecurity #infosec OUTLINE: 00:00:00 - Welcome 00:00:06 - QNAP QTS zero-day in Share feature gets public RCE exploit 00:01:33 - Owner of Incognito dark web drugs market arrested in New York 00:03:29 - OmniVision discloses data breach after 2023 ransomware attack 00:05:33 - Rockwell Automation warns admins to take ICS devices offline 00:06:34 - GhostEngine mining attacks kill EDR security using vulnerable drivers 00:08:30 - LastPass is now encrypting URLs in password vaults for better security 00:09:42 - Intercontinental Exchange to pay $10M SEC penalty over VPN breach 00:11:16 - Northern Ireland police faces £750k fine after exposing staff info 00:13:30 - Apple wasn’t storing deleted iOS photos in iCloud after all 00:14:26 - Microsoft spots gift card thieves using cyber-espionage tactics 00:16:05 - Google fixes eighth actively exploited Chrome zero-day this year 00:17:01 - End Sources: QNAP QTS zero-day in Share feature gets public RCE exploit https://www.bleepingcomputer.com/news/security/qnap-qts-zero-day-in-share-feature-gets-public-rce-exploit/ Owner of Incognito dark web drugs market arrested in New York https://www.bleepingcomputer.com/news/security/owner-of-incognito-dark-web-drugs-market-arrested-in-new-york/ OmniVision discloses data breach after 2023 ransomware attack https://www.bleepingcomputer.com/news/security/omnivision-discloses-data-breach-after-2023-ransomware-attack/ Rockwell Automation warns admins to take ICS devices offline https://www.bleepingcomputer.com/news/security/rockwell-automation-warns-admins-to-take-ics-devices-offline/ GhostEngine mining attacks kill EDR security using vulnerable drivers https://www.bleepingcomputer.com/news/security/ghostengine-mining-attacks-kill-edr-security-using-vulnerable-drivers/ LastPass is now encrypting URLs in password vaults for better security https://www.bleepingcomputer.com/news/security/lastpass-is-now-encrypting-urls-in-password-vaults-for-better-security/ Intercontinental Exchange to pay $10M SEC penalty over VPN breach https://www.bleepingcomputer.com/news/security/intercontinental-exchange-to-pay-10m-sec-penalty-over-vpn-breach/ Northern Ireland police faces £750k fine after exposing staff info https://www.bleepingcomputer.com/news/security/northern-ireland-police-faces-750k-fine-after-exposing-staff-info/ Apple wasn’t storing deleted iOS photos in iCloud after all https://www.bleepingcomputer.com/news/security/apple-wasnt-storing-deleted-ios-photos-in-icloud-after-all/ Microsoft spots gift card thieves using cyber-espionage tactics https://www.bleepingcomputer.com/news/security/microsoft-spots-gift-card-thieves-using-cyber-espionage-tactics/ ---------- Follow me: youtube @kevnowledgy instagram.com @kevnowledgyy X.com @kevnowledgy

Welcome to Secirty brief for week 23 #cybernews #cybersecurity #informationsecurity #infosec ---------- Outline: 00:00:00 - Welcome 00:00:06 - Microsoft India’s X account hijacked in Roaring Kitty crypto scam 00:01:35 - Collection agency FBCS ups data breach tally to 3.2 million people 00:02:32 - Major London hospitals disrupted by Synnovis ransomware attack 00:04:15 - Microsoft deprecates Windows NTLM authentication protocol 00:05:59 - New V3B phishing kit targets customers of 54 European banks 00:06:57 - ARRL says it was hacked by an "international cyber group" 00:08:06 - RansomHub extortion gang linked to now-defunct Knight ransomware 00:10:08 - Australian mining company discloses breach after BianLian leaks data 00:11:48 - Qilin ransomware gang linked to attack on London hospitals 00:13:13 - FBI recovers 7,000 LockBit keys, urges ransomware victims to reach out 00:14:55 - PandaBuy pays ransom to hacker only to get extorted again 00:16:18 - End ---------- Sources: Microsoft India’s X account hijacked in Roaring Kitty crypto scam https://www.bleepingcomputer.com/news/security/microsoft-indias-x-account-hijacked-in-roaring-kitty-crypto-scam-to-push-wallet-drainers/ Collection agency FBCS ups data breach tally to 3.2 million people https://www.bleepingcomputer.com/news/security/collection-agency-fbcs-ups-data-breach-tally-to-32-million-people/ Major London hospitals disrupted by Synnovis ransomware attack https://www.bleepingcomputer.com/news/security/major-london-hospitals-disrupted-by-synnovis-ransomware-attack/ Microsoft deprecates Windows NTLM authentication protocol https://www.bleepingcomputer.com/news/microsoft/microsoft-deprecates-windows-ntlm-authentication-protocol/ New V3B phishing kit targets customers of 54 European banks https://www.bleepingcomputer.com/news/security/new-v3b-phishing-kit-targets-customers-of-54-european-banks/ ARRL says it was hacked by an "international cyber group" https://www.bleepingcomputer.com/news/security/american-radio-relay-league-says-it-was-hacked-by-an-international-cyber-group/ RansomHub extortion gang linked to now-defunct Knight ransomware https://www.bleepingcomputer.com/news/security/ransomhub-extortion-gang-linked-to-now-defunct-knight-ransomware/ Australian mining company discloses breach after BianLian leaks data https://www.bleepingcomputer.com/news/security/australian-mining-company-discloses-breach-after-bianlian-leaks-data/ Qilin ransomware gang linked to attack on London hospitals https://www.bleepingcomputer.com/news/security/qilin-ransomware-gang-linked-to-attack-on-london-hospitals/ FBI recovers 7,000 LockBit keys, urges ransomware victims to reach out https://www.bleepingcomputer.com/news/security/cooler-master-hit-by-data-breach-exposing-customer-information/ PandaBuy pays ransom to hacker only to get extorted again https://www.bleepingcomputer.com/news/security/pandabuy-pays-ransom-to-hacker-only-to-get-extorted-again/ ---------- Follow me: youtube @kevnowledgy instagram.com @kevnowledgyy X.com @kevnowledgy

Marriott International Breach (2018): Hackers accessed the reservation system of Marriott's Starwood division, compromising the data of approximately 500 million guests. #cybersecurity #ifosec ---------- OUTLINE: 00:00:00 - The Unthinkable Breach 00:01:45 - The Impact on Marriott 00:03:35 - The Impact on Customers 00:05:47 - Lessons from the Breach 00:07:58 - Protecting Your Own Data ---------- Follow me: youtube @kevnowledgy instagram.com @kevnowledgyy X.com @kevnowledgy

Welcome to Security brief for week 22 #cybernews #cybersecurity #informationsecurity #infosec 00:00:00 - Welcome 00:00:05 - Sav-Rx discloses data breach impacting 2.8 million Americans 00:02:05 - Hackers target Check Point VPNs to breach enterprise networks 00:04:35 - Christie’s confirms breach after RansomHub threatens to leak data 00:05:49 -Exploit released for maximum severity Fortinet RCE bug, patch now 00:07:26 - US govt sanctions cybercrime gang behind massive 911 S5 botnet 00:09:32 - Over 90 malicious Android apps with 5.5M installs found on Google Play 00:11:36 - First American December data breach impacts 44,000 people 00:13:20 - Okta warns of credential stuffing attacks targeting its CORS feature 00:14:44 - US dismantles 911 S5 botnet used for cyberattacks, arrests admin 00:15:59 - Cooler Master hit by data breach exposing customer information 00:17:19 - Cybercriminals pose as "helpful" Stack Overflow users to push malware 00:18:33 - The End Sources: Sav-Rx discloses data breach impacting 2.8 million Americans https://www.bleepingcomputer.com/news/security/sav-rx-discloses-data-breach-impacting-28-million-americans/ Hackers target Check Point VPNs to breach enterprise networks https://www.bleepingcomputer.com/news/security/hackers-target-check-point-vpns-to-breach-enterprise-networks/ Christie’s confirms breach after RansomHub threatens to leak data https://www.bleepingcomputer.com/news/security/christies-confirms-breach-after-ransomhub-threatens-to-leak-data/ Exploit released for maximum severity Fortinet RCE bug, patch now https://www.bleepingcomputer.com/news/security/exploit-released-for-maximum-severity-fortinet-rce-bug-patch-now/ US govt sanctions cybercrime gang behind massive 911 S5 botnet https://www.bleepingcomputer.com/news/security/us-govt-sanctions-cybercrime-gang-behind-massive-911-s5-proxy-botnet-linked-to-illegitimate-residential-proxy-service/ Over 90 malicious Android apps with 5.5M installs found on Google Play https://www.bleepingcomputer.com/news/security/over-90-malicious-android-apps-with-55m-installs-found-on-google-play/ First American December data breach impacts 44,000 people https://www.bleepingcomputer.com/news/security/first-american-december-data-breach-impacts-44-000-people/ Okta warns of credential stuffing attacks targeting its CORS feature https://www.bleepingcomputer.com/news/security/okta-warns-of-credential-stuffing-attacks-targeting-its-cors-feature/ US dismantles 911 S5 botnet used for cyberattacks, arrests admin https://www.bleepingcomputer.com/news/security/us-dismantles-911-s5-residential-proxy-botnet-used-for-cyberattacks-arrests-admin/ Cooler Master hit by data breach exposing customer information https://www.bleepingcomputer.com/news/security/cooler-master-hit-by-data-breach-exposing-customer-information/ Cybercriminals pose as "helpful" Stack Overflow users to push malware https://www.bleepingcomputer.com/news/security/cybercriminals-pose-as-helpful-stack-overflow-users-to-push-malware/ ---------- Follow me: youtube @kevnowledgy instagram.com @kevnowledgyy X.com @kevnowledgy

In 2019, Capital One, a significant financial institution, faced a major data breach that affected approximately 106 million of its credit card customers and applicants. This breach involved unauthorized access by an individual who obtained sensitive personal information, such as names, addresses, dates of birth, and credit history details. A portion of the data even included Social Security numbers and bank account information. #cybersecurity #infosec #creditcard #databreach ---------- OUTLINE: 00:00:00 - The Unseen Threat 00:02:01 - The Breach Unveiled 00:03:43 - The Hacker's Identity 00:05:52 - The Aftermath 00:07:33 - Lessons Learned ---------- Follow me: instagram.com @kevnowledgyy X.com @kevnowledgy