News Roundup — August 7th 2024 edition.

This week in cybersecurity, North Korean hackers targeted developers worldwide with spyware disguised as job offers. The US Senate introduced bills aimed at streamlining cybersecurity regulations, while concerns grew over smart cars sharing driver data, prompting calls for federal investigation.

OneBlood’s virtual machines were encrypted in a ransomware attack, and Microsoft revealed that a massive Azure outage was caused by a DDoS attack. Cencora confirmed that patient health information was stolen in a February attack, and Singapore’s Cybersecurity Agency warned of rising cybercrime and ransom demands.

In Toronto, 10 suspects were arrested in a SIM swap scam, while the US traded five cybercriminals to Russia in a prisoner swap. The EPA faced scrutiny over water system cybersecurity, and CISA named Lisa Einstein as its Chief AI Officer. Meanwhile, CrowdStrike was sued by investors over a global IT outage, and a GitHub token leak potentially endangered the Python programming language.

Cybercriminals deployed 100,000 malware samples targeting various systems, while a hacker wiped 13,000 devices after breaching a classroom management platform. French Olympic venues and cultural sites were targeted in a cyberattack, and the open-source port scanner RustScan received attention for its security capabilities. Finally, Signal faced blocks in Venezuela and Russia, raising concerns over communication privacy.

North Koreans Target Devs Worldwide With Spyware, Job Offers

Cyber bills on federal regs, health security and workforce clear Senate panel

Smart Cars Share Driver Data, Prompting Calls for Federal Scrutiny

OneBlood's virtual machines encrypted in ransomware attack

Microsoft says massive Azure outage was caused by DDoS attack

LockBit ransomware titan now hangs by a thread

Cencora confirms patient health info stolen in February attack

3 out of 5 Singaporean firms paid ransoms during cyberattacks in 2023: Survey

10 suspects arrested in SIM swap scam, Toronto police say

U.S. Trades Cybercriminals to Russia in Prisoner Swap

EPA 'urgently' needs to step up cybersecurity assistance for the water sector, GAO says

CISA names Lisa Einstein as its first chief AI officer

Education in Secure Software Development

Summer Heat Ramping Up: FedRAMP Releases Final OMB Memo and Announces Update on Roadmap Progress…

TikTok sued for 'massive' invasion of child privacy

CrowdStrike sued by investors over massive global IT outage

A GitHub token leak could have put the entire Python language at risk

New SideWinder Cyber Attacks Target Maritime Facilities in Multiple Countries

Hackers directly email customers of immigration firm after damaging cyberattack

Cybercriminals Deploy 100K+ Malware Android Apps to Steal OTP Codes

2.9 billion hit in one of the largest data breaches ever - full names, addresses and SSNs exposed

Hacker wipes 13,000 devices after breaching classroom management platform

French Olympic venue and cultural site targeted in cyberattack

RustScan: Open-source port scanner - Help Net Security

Signal has been blocked by Venezuela and Russia