Your quick weekend update and reminder.

☝️ TWA

Fake LastPass support email threads try to steal vault passwords

🤷‍♀️ What now?: Keep a look out for phishing emails of all types. Remember, the war makes everything possible and very vulnerable.

Tools: Best tool you can use if you have a password manager is to change your password very regularly.

Meanwhile … Iran intelligence backdoored US bank, airport, software outfit networks

📰 Headline Highlights

• Hackers Weaponize Claude Code in Mexican Government Cyberattack

• Samsung TVs to stop collecting Texans’ data without express consent

• CrowdStrike says attackers are moving through networks in under 30 minutes

• Musk's xAI and Pentagon reach deal to use Grok in classified systems

• Rapid AI-driven development makes security unattainable, warns Veracode

• New AirSnitch attack bypasses Wi-Fi encryption in homes, offices, and enterprises

• Vulnerability Allowed Hijacking Chrome’s Gemini Live AI Assistant

• Anthropic confirms Claude is down in a worldwide outage

• OpenAI Will Deploy AI in US Military Classified Networks

• Microsoft gets tired of “Microslop,” bans the word on its Discord, then locks the server after backlash

• LastPass Warns of New Phishing Campaign

• Hackers Expose The Massive Surveillance Stack Hiding Inside Your “Age Verification” Check

• TikTok won't protect DMs with controversial privacy tech, saying it would put users at risk

• Iranian APT Hacked US Airport, Bank, Software Company

• Wikipedia hit by self-propagating JavaScript worm that vandalized pages

• FBI investigating ‘suspicious activities’ on agency network following February incident

In other news, Western Cybersecurity Experts Brace for Iranian Reprisal

GOOD READ: Turns out most cybercriminals are old enough to know better

We are roundly overwhelmed. This week’s news came bombarding in like we are in a war. As significant world events take place, not only the parties at war are sending attacks, but the usual threat actors are doubling up on their efforts just to capitalize on the prevailing circumstances.

Inside Hexagon

Have you seen the Hexagon Center’s commercial? If not, you can lend your support by watching some of them below. A link to our YouTube channel will now be a mainstay in HX Weekly.

HOUSEKEEPING

Glossary/Legend:

• Zero Trust - a strategic cybersecurity framework based on the principle of "never trust, always verify," requiring strict identity authentication and authorization for every user and device, whether inside or outside the network perimeter. It assumes breach, removes implicit trust, and employs granular, least-privilege access controls to protect resources. 

• Holistic security - a comprehensive strategy that integrates various protection layers—physical, digital, psycho-social, and organizational—to safeguard individuals, communities, or systems, recognizing that true security involves overall well-being, not just isolated technical defenses.

1. Personal Identifier - A unique word or phrase shared exclusively with an individual or a group, serving as a means of identification and affirmation within the established relationship. It is recommended that 2 or more Personal Identifiers be established per person.

2. Malware (short for malicious software) - refers to any intrusive software developed by cybercriminals (often called hackers) to steal data and damage or destroy computers and computer systems.

3. Ransomware - A type of malware that locks or encrypts a victim's files and demands a ransom payment to unlock and decrypt them. Ransomware can infect a variety of devices, including computers, smartphones, printers, and more.

Spread cybersecurity culture

Do you have any suggestions on how we can further share this newsletter? Tell your friends and family about us by sharing with them the Hexagon Center official website:

hexagoncenter.org

View archives at hxweekly.beehiiv.com

You may reply to this newsletter or email us at
[email protected]

Send us any questions or things you want to talk about. Please share some fun facts with us. We welcome feedback and suggestions.

_{Hexagon Center is formed as a nonprofit corporation in California for public benefit,
and is tax-exempt under section 501(c)(3) of the Internal Revenue Code.}

_DISCLAIMER

_{Cybersecurity is an ever-changing field, and threats may evolve. While Hexagon Center strives to provide accurate and timely information, we cannot guarantee absolute security. Users are responsible for implementing their security measures and staying informed about the latest cybersecurity developments. Hexagon Center is not responsible for any cyber or scam attacks by our readers. HX Weekly tips are advice are not official positions of Hexagon Center nor is Hexagon Center responsible for its content.}

Content of this newsletter is not an official representation of Hexagon Center.

_{SEE MORE DISCLAIMER HERE}