☝️ TWA

Fake LastPass death claims used to breach password vaults

🤷‍♀️ What now?: Advice for LastPass Users (and everyone else):

• Never enter your Master Password on a link received via email or text message.

• Only log in to your password manager through the official application or a saved bookmark.

• Be wary of messages demanding immediate action.

Tools: Self. You are the best security system.

Meanwhile … New Android malware mimics human typing to evade detection, steal money

📰 Headline Highlights

• Researchers exploit OpenAI's Atlas by disguising prompts as URLs

• Year-Old WordPress Plugin Flaws Exploited to Hack Websites

• Iran's school for cyberspies could've used a few more lessons in preventing breaches

• F5 asserts limited impact from prolonged nation-state attack on its systems

• Oracle EBS Attack Victims May Be More Numerous Than Expected

  • Industrial Giants Schneider Electric and Emerson Named as Victims of Oracle Hack

• LG Uplus is latest South Korean telco to confirm cybersecurity incident

• Dentsu confirms cyberattack on U.S. subsidiary Merkle exposed employee and client data

• Gmail passwords confirmed in 183 million account data breach

  • Google says reports of a Gmail breach have been greatly exaggerated

• Hackers steal Discord accounts with RedTiger-based infostealer

• WSUS attacks hit 'multiple' orgs as Google and other infosec sleuths ring Redmond’s alarm bell

In other news, Armed police handcuff teen after AI mistakes crisp packet for gun in US

GOOD READ: Ransomware profits drop as victims stop paying hackers

This week, we have compiled a limited number of stories, adhering to our weekly tradition of sharing only ten. Phishing scams have regained prominence in the news this week, highlighting the importance of maintaining vigilance in safeguarding our cybersecurity practices.

Inside Hexagon

Happy Halloween!

As we conclude Cybersecurity Awareness Month, we extend a warm invitation to all. Hexagon Center stands ready to assist you in safeguarding your cyber life and technology. Volunteering with us is an integral part of our mission to ensure your safety. We encourage you to join us or spread the word about our services.

HOUSEKEEPING

Glossary/Legend:

• Personal Identifier - A unique word or phrase shared exclusively with an individual or a group, serving as a means of identification and affirmation within the established relationship. It is recommended that 2 or more Personal Identifiers be established per person.

• MFA (Multi-factor authentication or 2FA or 2-Factor Authentication) - a multi-step or 2-step account login process that requires users to enter more information than just one.

• Cyber hygiene - the regular practices and procedures individuals and organizations use to maintain the health and security of their devices, networks, and data.

• Cyberattack - A malicious attempt to gain unauthorized access to a computer system, network, or device. The goal of a cyberattack is to disrupt or damage the target, or to steal data, intellectual property, or money.

• Malware (short for malicious software) - refers to any intrusive software developed by cybercriminals (often called hackers) to steal data and damage or destroy computers and computer systems.

• Ransomware - A type of malware that locks or encrypts a victim's files and demands a ransom payment to unlock and decrypt them. Ransomware can infect a variety of devices, including computers, smartphones, printers, and more.

Spread cybersecurity culture

Do you have any suggestions on how we can further share this newsletter? Tell your friends and family about us by sharing with them the Hexagon Center official website:

hexagoncenter.org

View archives at hxweekly.beehiiv.com

You may reply to this newsletter or email us at
[email protected]

Send us any questions or things you want to talk about. Please share some fun facts with us. We welcome feedback and suggestions.

_{Hexagon Center is formed as a nonprofit corporation in California for public benefit,
and is tax-exempt under section 501(c)(3) of the Internal Revenue Code.}

_DISCLAIMER

_{Cybersecurity is an ever-changing field, and threats may evolve. While Hexagon Center strives to provide accurate and timely information, we cannot guarantee absolute security. Users are responsible for implementing their security measures and staying informed about the latest cybersecurity developments. Hexagon Center is not responsible for any cyber or scam attacks by our readers. HX Weekly tips are advice are not official positions of Hexagon Center nor is Hexagon Center responsible for its content.}

Content of this newsletter is not an official representation of Hexagon Center.

_{SEE MORE DISCLAIMER HERE}