Cybersecurity News

Keeping You Updated

Cybersecurity is a field requiring knowledge of current cybersecurity vulnerabilities, tactics, techniques, and procedures, adversaries, and the progress being made in cyber defense. College of Western Idaho is committed to increasing your knowledge about cybersecurity events by providing a cybersecurity news feed that keeps you up-to-date.

April 2024
U.S. Cyber Safety Board Slams Microsoft Over Breach by China-Based Hackers

Critical Security Flaw Found in Popular LayerSlider WordPress Plugin

Harnessing the Power of CTEM for Cloud Security
March 2024
Key Lesson from Microsoft's Password Spray Hack: Secure Every Account

Crafting and Communicating Your Cybersecurity Strategy for Board Buy-In

Microsoft Confirms Russian Hackers Stole Source Code, Some Customer Secrets

LockBit Ransomware Hacker Ordered to Pay $860,000 After Guilty Plea in Canada

Ex-Google Engineer Arrested for Stealing AI Technology Secrets for China
February 2024
Cybersecurity for Healthcare—Diagnosing the Threat Landscape and Prescribing Solutions for Recovery

U.S. State Government Network Breached via Former Employee's Account

How Businesses Can Safeguard Their Communication Channels Against Hackers

Hackers Exploit Job Boards, Stealing Millions of Resumes and Personal Data

Former CIA Engineer Sentenced to 40 Years for Leaking Classified Documents

Cloudflare Breach: Nation-State Hackers Access Source Code and Internal Docs
January 2024
Tech Giant HP Enterprise Hacked by Russian Hackers Linked to DNC Breach

BreachForums Founder Sentenced to 20 Years of Supervised Release, No Jail Time

MFA Spamming and Fatigue: When Security Measures Go Wrong

Russian Hackers Had Covert Access to Ukraine's Telecom Giant for Months
December 2023
Generative AI Security: Preventing Microsoft Co-Pilot Data Exposure

Crafting Shields: Defending Minecraft Servers Against DDoS Attacks

Unveiling the Cyber Threats to Healthcare: Beyond the Myths

Remote Encryption Attacks Surge: How One Vulnerable Device Can Spell Disaster

Cost of a Data Breach Report 2023: Insights, Mitigators and Best Practices

FBI Takes Down BlackCat Ransomware, Releases Free Decryption Tool

China's MIIT Introduces Color-Coded Action Plan for Data Security Incidents

New Hacker Group 'GambleForce' Targeting APAC Firms Using SQL Injection Attacks
November 2023
Researchers Find 34 Windows Drivers Vulnerable to Full Device Takeover

HelloKitty Ransomware Group Exploiting Apache ActiveMQ Vulnerability

U.S. Treasury Sanctions Russian Money Launderer in Cybercrime Crackdown

StripedFly Malware Operated Unnoticed for 5 Years, Infecting 1 Million Devices

Kinsing Actors Exploiting Recent Linux Flaw to Breach Cloud Environments

Predictive AI in Cybersecurity: Outcomes Demonstrate All AI is Not Created Equally

Offensive and Defensive AI: Let's Chat(GPT) About It

Beware, Developers: BlazeStealer Malware Discovered in Python Packages on PyPI

Researchers Uncover Undetectable Crypto Mining Technique on Azure Automation
October 2023
Warning: PyTorch Models Vulnerable to Remote Code Execution via ShellTorch

PEACHPIT: Massive Ad Fraud Botnet Powered by Millions of Hacked Android and iOS

North Korea's Lazarus Group Launders $900 Million in Cryptocurrency

New PEAPOD Cyberattack Campaign Targeting Women Political Leaders

Researchers Unveil ToddyCat's New Set of Tools for Data Exfiltration

FBI, CISA Warn of Rising AvosLocker Ransomware Attacks Against Critical Infrastructure

Discord: A Playground for Nation-State Hackers Targeting Critical Infrastructure

Exploring the Realm of Malicious Generative AI: A New Digital Security Challenge

Lazarus Group Targeting Defense Experts with Fake Interviews via Trojanized VNC Apps

Critical Citrix NetScaler Flaw Exploited to Target from Government, Tech Firms

Qubitstrike Targets Jupyter Notebooks with Crypto Mining and Rootkit Campaign

Who's Experimenting with AI Tools in Your Organization?

Ex-NSA Employee Pleads Guilty to Leaking Classified Data to Russia

Google Expands Its Bug Bounty Program to Tackle Artificial Intelligence Threats

Arid Viper Targeting Arabic Android Users with Spyware Disguised as Dating App
September 2023
Chinese-Speaking Cybercriminals Launch Large-Scale iMessage Smishing Campaign in U.S.

Beware of MalDoc in PDF: A New Polyglot Attack Allowing Attackers to Evade Antivirus

Everything You Wanted to Know About AI Security but Were Afraid to Ask

Meta Takes Down Thousands of Accounts Involved in Disinformation Ops from China and Russia

Researchers Warn of Cyber Weapons Used by Lazarus Group's Andariel Cluster

New Python Variant of Chaes Malware Targets Banking and Logistics Industries

Ukraine's CERT Thwarts APT28's Cyberattack on Critical Energy Infrastructure

W3LL Store: How a Secret Phishing Syndicate Targets 8,000+ Microsoft 365 Accounts

Mirai Botnet Variant 'Pandora' Hijacks Android TVs for Cyberattacks

New HijackLoader Modular Malware Loader Making Waves in the Cybercrime World

Cybercriminals Weaponizing Legitimate Advanced Installer Tool in Crypto-Mining Attacks

U.K. and U.S. Sanction 11 Russia-based TrickBot Cybercrime Gang Members

Chinese Redfly Group Compromised a Nation's Critical Grid in 6-Month ShadowPad Campaign

Charming Kitten's New Backdoor 'Sponsor' Targets Brazil, Israel, and U.A.E.

How Cyberattacks Are Transforming Warfare

Microsoft Warns of New Phishing Campaign Targeting Corporations via Teams Messages
August 2023
Russian Cyber Adversary BlueCharlie Alters Infrastructure in Response to Disclosures

Major Cybersecurity Agencies Collaborate to Unveil 2022's Most Exploited VulnerabilitiesMajor Cybersecurity Agencies Collaborate to Unveil 2022's Most Exploited Vulnerabilities

Microsoft Flags Growing Cybersecurity Concerns for Major Sporting Events

New 'Deep Learning Attack' Deciphers Laptop Keystrokes with 95% Accuracy

FBI Alert: Crypto Scammers are Masquerading as NFT Developers

U.K. Electoral Commission Breach Exposes Voter Data of 40 Million Britons

CISA Adds Microsoft .NET Vulnerability to KEV Catalog Due to Active Exploitation

Charming Kitten Targets Iranian Dissidents with Advanced Cyber Attacks

India Passes New Digital Personal Data Protection Bill (DPDPB), Putting Users' Privacy First

What's the State of Credential theft in 2023?

Syrian Threat Actor EVLF Unmasked as Creator of CypherRAT and CraxsRAT Android Malware
July 2023
Evasive Meduza Stealer Targets 19 Password Managers and 76 Crypto Wallets

Researchers Uncover New Linux Kernel 'StackRot' Privilege Escalation Vulnerability

Vishing Goes High-Tech: New 'Letscall' Malware Employs Voice Traffic Routing

Ransomware Extortion Skyrockets in 2023, Reaching $449.1 Million and Counting

Chinese Hackers Deploy Microsoft-Signed Rootkit to Target Gaming Sector

Decoy Dog: New Breed of Malware Posing Serious Threats to Enterprise Networks

Fenix Cybercrime Group Poses as Tax Authorities to Target Latin American Users

New AI Tool 'FraudGPT' Emerges, Tailored for Sophisticated Attacks

GameOver(lay): Two Severe Linux Vulnerabilities Impact 40% of Ubuntu Users

Researchers Expose Space Pirates' Cyber Campaign Across Russia and Serbia
June 2023
Camaro Dragon Strikes with New TinyNote Backdoor for Intelligence Gathering

Chinese PostalFurious Gang Strikes UAE Users with Sneaky SMS Phishing Scheme

Asylum Ambuscade: A Cybercrime Group with Espionage Ambitions

Password Reset Hack Exposed in Honda's E-Commerce Platform, Dealers Data at Risk

Apple's Safari Private Browsing Now Automatically Removes Tracking Parameters in URLs

Microsoft Warns of New Russian State-Sponsored Hacker Group with Destructive Intent

New Golang-based Skuld Malware Stealing Discord and Browser Data from Windows PCs

Vidar Malware Using New Tactics to Evade Detection and Anonymize Activities

Microsoft Blames Massive DDoS Attack for Azure, Outlook, and OneDrive Disruptions

Chinese Hacker Group 'Flea' Targets American Ministries with Graphican Backdoor

Chinese Hackers Using Never-Before-Seen Tactics for Critical Infrastructure Attacks

Alert: New Electromagnetic Attacks on Drones Could Let Attackers Take Control

MITRE Unveils Top 25 Most Dangerous Software Weaknesses of 2023: Are You at Risk?
May 2023
APT28 Targets Ukrainian Government Entities with Fake "Windows Update" Emails

Chinese Hacker Group Earth Longzhi Resurfaces with Advanced Malware Tactics

Researchers Discover 3 Vulnerabilities in Microsoft Azure API Management Service

Dragon Breath APT Group Using Double-Clean-App Technique to Target Gambling Industry

Why Honeytokens Are the Future of Intrusion Detection

New APT Group Red Stinger Targets Military and Critical Infrastructure in Eastern Europe

Bl00dy Ransomware Gang Strikes Education Sector with Critical PaperCut Vulnerability

New 'MichaelKors' Ransomware-as-a-Service Targeting Linux and VMware ESXi Systems

Threat Group UNC3944 Abusing Azure Serial Console for Total VM Takeover

GoldenJackal: New Threat Group Targeting Middle Eastern and South Asian Governments
April 2023
Arid Viper Hacking Group Using Upgraded Malware in Middle East Cyber Attacks

Supply Chain Attacks and Critical Infrastructure: How CISA Helps Secure a Nation's Crown Jewels

Top 10 Cybersecurity Trends for 2023: From Zero Trust to Cyber Insurance

CISA Warns of 5 Actively Exploited Security Flaws: Urgent Action Required

Lazarus Hacker Group Evolves Tactics, Tools, and Targets in DeathNote Campaign

Israel-based Spyware Firm QuaDream Targets High-Risk iPhones with Zero-Click Exploit

Google Uncovers APT41's Use of Open Source GC2 Tool to Target Media and Job Sites

Blind Eagle Cyber Espionage Group Strikes Again: New Attack Chain Uncovered

Charming Kitten's New BellaCiao Malware Discovered in Multi-Country Attacks

Lazarus Subgroup Targeting Apple Devices with New RustBucket macOS Malware
March 2023
BlackLotus Becomes First UEFI Bootkit Malware to Bypass Secure Boot on Windows 11

Core Members of DoppelPaymer Ransomware Gang Targeted in Germany and Ukraine

Sharp Panda Using New Soul Framework Version to Target Southeast Asian Governments

CISA Issues Urgent Warning: Adobe ColdFusion Vulnerability Exploited in the Wild

Winter Vivern APT Group Targeting Indian, Lithuanian, Slovakian, and Vatican Officials

Emotet Rises Again: Evades Macro Security via OneNote Attachments

ScarCruft's Evolving Arsenal: Researchers Reveal New Malware Distribution Techniques

U.K. National Crime Agency Sets Up Fake DDoS-For-Hire Sites to Catch Cybercriminals
February 2023
Experts Warn of 'Ice Breaker' Cyberattacks Targeting Gaming and Gambling Industry

New SH1MMER Exploit for Chromebook Unenrolls Managed ChromeOS Devices

Is Your EV Charging Station Safe? New Security Vulnerabilities Uncovered

NewsPenguin Threat Actor Emerges with Malicious Campaign Targeting Pakistani Entities

NIST Standardizes Ascon Cryptographic Algorithm for IoT and Other Lightweight Devices

3 Overlooked Cybersecurity Breaches

Hackers Create Malicious Dota 2 Game Modes to Secretly Access Players' Systems

Honeypot-Factory: The Use of Deception in ICS/OT Environments

Python Developers Beware: Clipper Malware Found in 450+ PyPI Packages!

Researchers Link SideWinder Group to Dozens of Targeted Attacks in Multiple Countries

New Threat Actor WIP26 Targeting Telecom Service Providers in the Middle East

Cyber Espionage Group Earth Kitsune Deploys WhiskerSpy Backdoor in Latest Attacks

U.S. Cybersecurity Agency CISA Adds Three New Vulnerabilities in KEV Catalog

Hydrochasma: New Threat Actor Targets Shipping Companies and Medical Labs in Asia
January 2023
PyTorch Machine Learning Framework Compromised with Malicious Dependency

Blind Eagle Hackers Return with Refined Tools and Sophisticated Infection Chain

Bluebottle Cybercrime Group Preys on Financial Sector in French-Speaking African Nations

Millions of Vehicles at Risk: API Vulnerabilities Uncovered in 16 Major Car Brands

Dark Pink APT Group Targets Governments and Military in APAC Region

New Backdoor Created Using Leaked CIA's Hive Malware Discovered in the Wild

Roaming Mantis Spreading Mobile Malware That Hijacks Wi-Fi Routers' DNS Settings
December 2022
LastPass Suffers Another Security Breach; Exposed Some Customers Information

SiriusXM Vulnerability Lets Hackers Remotely Unlock and Start Connected Cars

Open Source Ransomware Toolkit Cryptonite Turns Into Accidental Wiper Malware

Vice Society Ransomware Attackers Targeted Dozens of Schools in 2022

Top 4 SaaS Security Threats for 2023

Why PCI DSS 4.0 Should Be on Your Radar in 2023

Minecraft Servers Under Attack: Microsoft Warns About Cross-Platform DDoS Botnet

Cybercrime (and Security) Predictions for 2023

FIN7 Cybercrime Syndicate Emerges as a Major Player in Ransomware Landscape
November 2022
These Android Apps with a Million Play Store Installations Redirect Users to Malicious Sites

Inside Raccoon Stealer V2

OPERA1ER APT Hackers Targeted Dozens of Financial Organizations in Africa

Hackers Using Rogue Versions of KeePass and SolarWinds Software to Distribute RomCom RAT

APT29 Exploited a Windows Feature to Compromise European Diplomatic Entity Network

New "Earth Longzhi" APT Targets Ukraine and Asian Countries with Custom Cobalt Strike Loaders

Chinese 'Mustang Panda' Hackers Actively Targeting Governments Worldwide

LodaRAT Malware Resurfaces with New Variants Employing Updated Functionalities
October 2022
Cybersecurity Summit

Back to Basics: Cybersecurity's Weakest Link

Mitigation for Exchange Zero-Days Bypassed! Microsoft Issues New Workarounds

FBI, CISA, and NSA Reveal How Hackers Targeted a Defense Industrial Base Organization

Eternity Group Hackers Offering New LilithBot Malware-as-a-Service to Cybercriminals

BlackByte Ransomware Abuses Vulnerable Windows Driver to Disable Security Solutions

New Report Uncovers Emotet's Delivery and Evasion Techniques Used in Recent Attacks

Researchers Detail Malicious Tools Used by Cyber Espionage Group Earth Aughisky

Hackers Using Vishing to Trick Victims into Installing Android Banking Malware

Mirai Botnet Hits Wynncraft Minecraft Server with 2.5 Tbps DDoS Attack

Black Basta Ransomware Hackers Infiltrate Networks via Qakbot to Deploy Brute Ratel C4
September 2022
Iranian Hackers Target High-Value Targets in Nuclear Security and Genomic Research

Asian Governments and Organizations Targeted in Latest Cyber Espionage Attacks

Apple Releases iOS and macOS Updates to Patch Actively Exploited Zero-Day Flaw

High-Severity Firmware Security Flaws Left Unpatched in HP Enterprise Devices

Why Vulnerability Scanning is Critical for SOC 2

Hacktivist Group GhostSec Compromises 55 Berghof PLCs Across Israel

Cisco Releases Security Patches for New Vulnerabilities Impacting Multiple Products

New Stealthy Shikitega Malware Targeting Linux Systems and IoT Devices

Ransomware Attackers Abuse Genshin Impact Anti-Cheat System to Disable Antivirus

TikTok Denies Data Breach Reportedly Exposing Over 2 Billion Users' Information

Google Releases Urgent Chrome Update to Patch New Zero-Day Vulnerability

Over 1,800 Android and iOS Apps Found Leaking Hard-Coded AWS Credentials
August 2022
CISA Adds 10 New Known Actively Exploited Vulnerabilities to its Catalog

Cybercrime Group TA558 Targeting Hospitality, Hotel, and Travel Organizations

Cybersecurity stakeholders seek to bolster industry education through summer camps
July 2022
Unpatched GPS Tracker Bugs Could Let Attackers Disrupt Vehicles Remotely

Over a Dozen Android Apps on Google Play Store Caught Dropping Banking Malware

Vendor data breach at St. Luke's

Idaho schools looking to help fill cybersecurity workforce need

What Idahoans Need to Know as Cyber Crime Increases

How 2021’s Record for Cyber Attacks Affected Idaho Residents

U of I Earns $4.46M Toward Cybersecurity Student Training Scholarships
June 2022
Log4Shell Still Being Exploited to Hack VMWare Servers to Exfiltrate Sensitive Data

NSO Confirms Pegasus Spyware Used by at least 5 European Countries

National Guard Soldiers, Airmen Train on Cybersecurity
May 2022
Task Force: Idaho Must Shore Up Cybersecurity

Idaho maps out cybersecurity strategy

SHIELDS UP in bite sized chunks

FBI: Rise in Business Email-based Attacks is a $43B Headache

US Cyber Command Team Helps Lithuania Protect Its Networks

Gov. Brad Little highlights recommendations in new Cybersecurity Task Force Report

Governor's Cybersecurity Task Force releases 18 recommendations

Cyber-security chiefs warn of malicious app risk

Attackers Use Event Logs to Hide Fileless Malware
April 2022
Ukrainian power grid 'lucky' to withstand Russian cyber-attack

Ukraine foiled Russian cyberattack that tried to shut down energy grid

Why Ransomware Should Be On Every Cybersecurity Team's Radar

How US cybersecurity trends can help the UK prepare itself

FCC Chair Claims Cybersecurity Role Congress Crafted for CISA

Learn the latest cybersecurity techniques at the Microsoft Security Summit

5 dangerous cybersecurity mistakes you’re probably making

Boise State 'CyberDome' program boosts rural cybersecurity throughout Idaho

Could we see a passwordless future?

What are the safety risks of removable media?

War, fear, ‘hacktivist’ zeal are upending energy cybersecurity

No plain sailing: modern pirates hack superyachts' cybersecurity
March 2022
MSPAlliance Launches Initiative to Solve MSP Cybersecurity Talent Crisis

INL Chooses Cybersecurity Company to Participate in Mentor-Protege Program

Cybersecurity experts: everyone should be taking precautions
February 2022
Missouri DNR warns of water and wastewater cybersecurity threat amid Ukraine tensions
January 2022
Everything Blockchain Expands Operations in Cybersecurity Everything Blockchain Expands Operations in Cybersecurity

CWI Cybersecurity News

CWI Recognized as Top Cybersecurity Associate Degree Program

CWI’s Cybersecurity program was ranked 22 out of 150 Associate of Applied Science programs nationally in a new ranking by Cybersecurity Guide.

Cyber students working on a operating system

CWI and Boise State Host Cyber Summer Camp

The week-long daytime event is aimed at teaching high school students the basics of computing, cybersecurity, and information technology through a hands-on, fun, and engaging experience.

CWI to Host Idaho Cyber Range Day

College of Western Idaho’s Computer Science and Information Technology Department will host a day of education and training to expand cybersecurity knowledge around the state.

Cybersecurity Student Awarded National Cyber Competition Scholarship

Cybersecurity student, Stanley Ward, was selected out of thousands of students for a national scholarship through his participation in a national cybersecurity competition.

College of Western Idaho's Cybersecurity team

Cybersecurity Team Advances to Finals of Nationwide Cybersecurity Competition

Congratulations to College of Western Idaho's Cybersecurity team who advanced to the finals and placed fourth at the Future of Work Academy cybersecurity incubator competition.

2022 Annual Preparedness and Cybersecurity Conference

Cyber Defense Center Leadership Attends Cybersecurity Summit

Cybersecurity Representatives from College of Western Idaho’s Cyber Defense Center took part in the Idaho Office of Emergency Management’s annual Cybersecurity Summit Thursday, Oct. 13.

Need More Info?

Cyber Defense Center

Email: cyberdefense@cwi.edu

Sara Hoyt

Director, Cyber Defense Center

MS, MBA
Center of Academic Excellence - Cyber Defense Accreditation Alternate Point of Contact

Phone: 208.562.2553

Email: sarahoyt@cwi.edu

You are here

Keeping You Updated

April 2024

March 2024

February 2024

January 2024

December 2023

November 2023

October 2023

September 2023

August 2023

July 2023

June 2023

May 2023

April 2023

March 2023

February 2023

January 2023

December 2022

November 2022

October 2022

September 2022

August 2022

July 2022

June 2022

May 2022

April 2022

March 2022

February 2022

January 2022