Your quick weekend update and reminder.

☝️ TWA

FBI Flags Quishing Attacks From North Korean APT

🤷‍♀️ What now?: Just like links, do not scan any QR codes you are not expecting to find.

Tools: Think twice before you scan. Tell your friends.

Meanwhile … New OPCOPRO Scam Uses AI and Fake WhatsApp Groups to Defraud Victim

📰 Headline Highlights

• BreachForums hacking forum database leaked, exposing 324,000 accounts

• Instagram says accounts 'are secure' after wave of suspicious password reset requests

• University of Hawaii Cancer Center hit by ransomware attack

• Spanish energy giant Endesa discloses data breach affecting customers

• Long-Running Web Skimming Campaign Steals Credit Cards From Online Checkout Pages

• After Goldman, JPMorgan Discloses Law Firm Data Breach

• Betterment confirms data breach after wave of crypto scam emails

• New Linux malware targets the cloud, steals creds, and then vanishes

• South Korean giant Kyowon confirms data theft in ransomware attack

• Eurail passengers taken for a ride as data breach spills passports, bank details

• Massive breach leaks 45 million French records: demographic, healthcare, and financial data all leaked, here's what we know

• Canadian investment regulator confirms hackers hit 750,000 investors

In other news, Windows App forgets how to log in with first security update of the year

GOOD READ: Microsoft may soon allow IT admins to uninstall Copilot

This week has been particularly challenging due to the alarming number of cyber breaches reported in the news. To effectively convey the severity of these attacks, we have incorporated a significant portion of the newsworthy events into this newsletter, which commenced at the beginning of the year.

We trust that this comprehensive coverage will enhance your vigilance and awareness regarding cybersecurity threats.

Inside Hexagon

Phasing in this new logo is not only an exciting milestone but inspiring as ideas kept pouring in on how we can use it and how we will be seeing two logos for a while. While it is impossible to completely erase the old logo, we are having fun replacing and showing people the new logo. If you haven’t seen it yet, go to hexagoncenter.org.

HOUSEKEEPING

Glossary/Legend:

• Quishing, short for QR code phishing - is a cyberattack where scammers use QR codes to trick people into visiting malicious websites, downloading malware, or giving up personal/financial data like passwords or bank details. Attackers place fake QR codes in public places (over legitimate ones) or send them via email/text, exploiting the trust people have in QR codes to bypass traditional security and steal information through spoofed sites or harmful downloads. 

• LLM or Large Language Model - an advanced AI trained on vast text data to understand and generate human-like text for tasks like chatbots and content creation.

• Holistic security - a comprehensive strategy that integrates various protection layers—physical, digital, psycho-social, and organizational—to safeguard individuals, communities, or systems, recognizing that true security involves overall well-being, not just isolated technical defenses.

• Personal Identifier - A unique word or phrase shared exclusively with an individual or a group, serving as a means of identification and affirmation within the established relationship. It is recommended that 2 or more Personal Identifiers be established per person.

• Malware (short for malicious software) - refers to any intrusive software developed by cybercriminals (often called hackers) to steal data and damage or destroy computers and computer systems.

• Ransomware - A type of malware that locks or encrypts a victim's files and demands a ransom payment to unlock and decrypt them. Ransomware can infect a variety of devices, including computers, smartphones, printers, and more.

Spread cybersecurity culture

Do you have any suggestions on how we can further share this newsletter? Tell your friends and family about us by sharing with them the Hexagon Center official website:

hexagoncenter.org

View archives at hxweekly.beehiiv.com

You may reply to this newsletter or email us at
[email protected]

Send us any questions or things you want to talk about. Please share some fun facts with us. We welcome feedback and suggestions.

_{Hexagon Center is formed as a nonprofit corporation in California for public benefit,
and is tax-exempt under section 501(c)(3) of the Internal Revenue Code.}

_DISCLAIMER

_{Cybersecurity is an ever-changing field, and threats may evolve. While Hexagon Center strives to provide accurate and timely information, we cannot guarantee absolute security. Users are responsible for implementing their security measures and staying informed about the latest cybersecurity developments. Hexagon Center is not responsible for any cyber or scam attacks by our readers. HX Weekly tips are advice are not official positions of Hexagon Center nor is Hexagon Center responsible for its content.}

Content of this newsletter is not an official representation of Hexagon Center.

_{SEE MORE DISCLAIMER HERE}