☝️ TOP STORY

The North Korea worker problem is bigger than you think

🤷‍♀️ What now?: If you’re looking to hire, now you know. If you’re not hiring, please tell other people about it. This attack has been so successful, they are expanding! (See below)

Meanwhile … North Korean IT worker army expands operations in Europe

📰 Headline Highlights

• FBI WARNS OF MALICIOUS FREE ONLINE DOCUMENT CONVERTERS SPREADING MALWARE

• Hackers target Taiwan with malware delivered via fake messaging apps

• Morphing Meerkat pops up with easy email spoofing

  • Phishing-as-a-service operation uses DNS-over-HTTPS for evasion

• FTC says 23andMe purchaser must uphold existing privacy policy for data handling

• Phishing platform 'Lucid' behind wave of iOS, Android SMS attacks

• Hacker Leaks Samsung Customer Data

• Hackers abuse WordPress MU (must use)-Plugins to hide malicious code

• Surge in scans on PAN GlobalProtect VPNs hints at attacks

• Stripe API Skimming Campaign Unveils New Techniques for Theft

• Verizon Call Filter API flaw exposed customers' incoming call history

• Oracle Health breach compromises patient data at US hospitals

• New Malware Attacking Magic Enthusiasts to Steal Login Credentials

• Hackers Actively Scanning for Juniper’s Smart Router With Default Password

In other news, State Bar of Texas Says Personal Information Stolen in Ransomware Attack

GOOD READ: Lawmakers warn of impact HHS firings will have on medical device cybersecurity efforts

As stories keep coming out about the cybersecurity brain drain from the firings in the US government, we feel that our work is ever more critical.

You can help us with our mission by telling people about HX Weekly and asking your friends to subscribe to it.

Inside Hexagon

As we are fast approaching our second anniversary, Hexagon Center is making some exciting plans to mark this event.

We would also like to hear from you what you would like to see from us. Simply reply to this email to let us know.

HOUSEKEEPING

Glossary/Legend:

• Troy Adam Hunt - is an Australian web security consultant known for public education and outreach on security topics. He created and operates Have I Been Pwned?, a data breach search website that allows users to see if their personal information has been compromised.

  • Have I Been Pwned (HIBP) - is a website that aggregates data from breaches and allows users to check if their email addresses or passwords have been compromised in known data breaches.

• Phishing - a cybercrime that involves tricking people into giving away sensitive information.

• Cyberattack - A malicious attempt to gain unauthorized access to a computer system, network, or device. The goal of a cyberattack is to disrupt or damage the target, or to steal data, intellectual property, or money.

• Malware (short for malicious software) - refers to any intrusive software developed by cybercriminals (often called hackers) to steal data and damage or destroy computers and computer systems.

• Ransomware - A type of malware that locks or encrypts a victim's files and demands a ransom payment to unlock and decrypt them. Ransomware can infect a variety of devices, including computers, smartphones, printers, and more.

• Password manager - a software application that allows users to securely store, generate, and manage their online login credentials (passwords and usernames) across different websites and applications, typically requiring only one "master password" to access all stored information, promoting strong password hygiene by creating unique passwords for each site and automatically filling them in when needed.

Spread cybersecurity culture

Do you have any suggestions on how we can further share this newsletter? Tell your friends and family about us by sharing with them the Hexagon Center official website:

hexagoncenter.org

View archives at hxweekly.beehiiv.com

You may reply to this newsletter or email us at
[email protected]

Send us any questions or things you want to talk about. Please share some fun facts with us. We welcome feedback and suggestions.

_{Hexagon Center is formed as a nonprofit corporation in California for public benefit,
and is tax-exempt under section 501(c)(3) of the Internal Revenue Code.}

_DISCLAIMER

_{Cybersecurity is an ever-changing field, and threats may evolve. While Hexagon Center strives to provide accurate and timely information, we cannot guarantee absolute security. Users are responsible for implementing their security measures and staying informed about the latest cybersecurity developments. Hexagon Center is not responsible for any cyber or scam attacks by our readers. HX Weekly tips are advice are not official positions of Hexagon Center nor is Hexagon Center responsible for its content.}

Content of this newsletter is not an official representation of Hexagon Center.

_{SEE MORE DISCLAIMER HERE}