Telsa Hacked, The DNC wars staffers about Dating Apps, and the electric grid is a prime target, and more this week.

Links to the Articles

- www.wired.com: A Former Uber Exec's Indictment Is a Warning Shot

- www.zdnet.com: Elon Musk confirms Russian hacking plot targeted Tesla factory

- www.reuters.com: New Zealand's stock exchange not to reopen on Thursday after cyber attacks

- threatpost.com: Hackers Exploit Autodesk Flaw in Recent Cyberespionage Attack

- duo.com: Medical Data Leaks Linked to Hardcoded Credentials in Code

- www.scmagazine.com NCR confirms malware in lab environment, says clients not at risk

- www.zdnet.com: Your email threads are now being hijacked by the QBot Trojan

r- www.zdnet.com: Report claims a popular iOS SDK is stealing click revenue from other ad networks

- www.theregister.com: Canadian shipping company Canpar gets an unwanted delivery – ransomware

- www.bleepingcomputer.com: Freepik data breach: Hackers stole 8.3M records via SQL injection

- www.darkreading.com DNC Warns Campaign Staffers of Dating App Dangers

Ransomeware and Universities, Government Authorities, and CSOs going to Trial all this week.

- www.cyberscoop.com: FBI, DHS expose North Korean government malware used in fake job posting campaign

- www.theregister.com: Australian government wants power to run cyber-response for businesses under attack

- threatpost.com: Cyberattacks Hit Thousands of Canadian Tax, Benefit Accounts

- attheu.utah.edu: University of Utah update on data security incident

- www.zdnet.com: University of Utah pays $457,000 to ransomware gang

- www.zdnet.com: Google fixes major Gmail bug seven hours after exploit details go public

- www.scmagazine.com: Hackers hijack design platform to go phishing

- www.zdnet.com: Ritz London suspects data breach, fraudsters pose as staff in credit card data scam

- www.zdnet.com: World's largest cruise line operator discloses ransomware attack

- www.bleepingcomputer.com: U.S. spirits and wine giant hit by cyberattack, 1TB of data stolen

- www.scmagazine.com: Maze delivers on threat to publish data stolen from Canon

- www.darkreading.com – Smart Locks, hackers, and larger IoT Problems 

- www.darkreading.com – Former Uber CSO Charged in Hack Cover up 

Referenced Articles:

www.bleepingcomputer.com: Canon confirms ransomware attack in internal memo

www.wired.com: Chinese Hackers Have Pillaged Taiwan's Semiconductor Industry

www.wired.com: Voting Machine Makers Are Finally Playing Nice With Hackers

www.zdnet.com: Capital One fined $80 million for 2019 hack

arstechnica.com: More than 20GB of Intel source code and proprietary data dumped online

www.theregister.com: 'We stopped ransomware' boasts Blackbaud CEO. And by 'stopped' he means 'got insurance to pay off crooks'

threatpost.com: Garmin Pays Up to Evil Corp After Ransomware Attack — Reports

www.theregister.com: First rule of Ransomware Club is do not pay the ransom, but it looks like Carlson Wagonlit Travel didn't get the memo

www.govtech.com: Texas School District Forks Over $50K in Ransomware Attack

www.securityweek.com: Colorado City Pays $45,000 Ransom After Cyber-Attack

arstechnica.com: Red Hat and CentOS systems aren’t booting due to BootHole patches

arstechnica.com: Florida teen charged as “mastermind” in Twitter hack hitting Biden, Bezos, and others

www.darkreading.com Digital Clones Could Cause Problems for Identity Systems

www.darkreading.com 400+ Qualcomm Chip Vulnerabilities Threaten Millions of Android Phones

www.zdnet.com: FBI issues warning over Windows 7 end-of-life FBI Issues Warning on Windows 7 EOL

- www.bleepingcomputer.com: New ‘Meow’ attack has deleted almost 4,000 unsecured databases- us-cert.cisa.gov: Alert (AA20-209A) | Potential Legacy Risk from Malware Targeting QNAP NAS Devices

- www.theregister.com: If you own one of these 45 Netgear devices, replace it: Firm won't patch vulnerable gear despite live proof-of-concept code

- threatpost.com: Lazarus Group Brings APT Tactics to Ransomware

- www.mcafee.com: McAfee Defender’s Blog: Operation North Star Campaign

- arstechnica.com: New flaw neuters Secure Boot, but there’s no reason to panic. Here’s why

- www.bleepingcomputer.com: Zoom bug allowed attackers to crack private meeting passwords

- www.reuters.com: EU sanctions Russian intelligence, North Korean, Chinese firms over alleged cyberattacks

- www.justice.gov: Massachusetts Man Sentenced for Illegally Retaining Classified National Defense Information Regarding U.S. Military Programs

- rackcdn.com: Private Industry Notification | Cyber Actors Exploiting Built-In Network Protocols to Carry Out Larger, More Destructive Distributed Denial of Service Attacks (PDF)

- www.federaltimes.com : Will COVID finally kick-start federal telework efforts?

In this week's podcast, hacks abound in multiple sectors, some of which happened months back, and we are only getting details on now.

www.justice.gov: Two Alleged Criminals – A Hezbollah Associated Narco-Money Launderer and a Computer Hacker - Extradited from Cyprus to the United States

www.wired.com: Chinese Hackers Charged in Decade-Long Crime and Spying Spree

www.bbc.com: Blackbaud Hack: Universities lose data to ransomware attack

arstechnica.com: Ongoing Meow attack has nuked >1,000 databases without telling anyone why

www.reuters.com: Twitter says hackers saw messages from 36 accounts, including Netherlands official

www.scmagazine.com: New cryptominer botnet spreads payload, less intrusive

www.zdnet.com: Ransomware gang demands $7.5 million from Argentinian ISP

www.theregister.com: UK.gov admits it has not performed legally required data protection checks for COVID-19 tracing system

www.zdnet.com: Why the internet went haywire last week

www.zdnet.com: Two more cyber-attacks hit Israel's water system

www.bleepingcomputer.com: Lorien Health Services discloses ransomware attack affecting nearly 50,000

www.c4isrnet.com: The new ways the military is fighting against information warfare tactics

In this episode, we go over cybersecurity news that stuck out to me over the past week, as things we all need to pay attention to. Article links listed below. This episode's format is based on a segment I teach in my class on cybersecurity risk management, to help students better understand the reading materials by using world events that are current and topical.

www.ncsc.gov.uk: Advisory: APT29 targets COVID-19 vaccine development

www.usatoday.com: A game of 'cat and mouse': Hacking attacks on hospitals for patient data increase during coronavirus pandemic

www.theregister.com: Privacy Shield binned after EU court rules transatlantic data protection

arstechnica.com: Twitter lost control of its internal systems to Bitcoin-scamming hackers

www.vice.com: Hackers Are Finding Footage on Police Body Cams They Bought on eBay

www.carbonblack.com: TAU Threat Discovery: Conti Ransomware

www.secretservice.gov: Secret Service Announces the Creation of the Cyber Fraud Task Force

www.infosecurity-magazine.com: Belgium Suffers First Jackpotting Attack