☝️ TOP STORY

Beware: PayPal "New Address" feature abused to send phishing emails

But advertisements is not the only place where you have to “not click so fast.” Your emails.

🤷‍♀️ What now?: Search “malvertising” for Google News.

Meanwhile … A single default password exposes access to dozens of apartment buildings

📰 Headline Highlights

• APPLE REMOVES ICLOUD ENCRYPTION IN UK FOLLOWING BACKDOOR DEMAND

• New Malware Campaign Uses Cracked Software to Spread Lumma and ACR Stealer

• US employee screening giant DISA says hackers accessed data of more than 3M people

• ‘Cyber incident’ shuts down Cleveland Municipal Court for third straight day

• Orange Group confirms breach after hacker leaks company documents

• China's Silver Fox spoofs medical imaging apps to hijack patients' computers

• Cookies; not just a scrumptious snack. How Pass-the-Cookie attacks can bypass your MFA

• New Pass-the-Cookie Attack Bypass Microsoft 365 & YouTube MFA Logins

In other news, HaveIBeenPwned Adds 244 Million Passwords Stolen By Infostealers

MUST READ: Former NSA, Cyber Command chief Paul Nakasone says U.S. falling behind its enemies in cyberspace

We are not shocked to learn that phishing attacks perpetuated through this week, we are surprised that malvertising is quickly gaining traction.

While this sounds like a reiteration of our Top Story, we are indeed reiterating that, as well as watching the emails we are getting. Are you sure you know the email sender?

Inside Hexagon

Hexagon Center is looking for volunteers who will help us in our mission to reduce cyber attacks while learning about this institution. Meanwhile, we are working hard to keep you safe.

HOUSEKEEPING

Glossary/Legend:

• Malvertising - a cybercrime that uses online ads to spread malware. It's a significant threat that can infect a user's device without their knowledg

• Phishing - a cybercrime that involves tricking people into giving away sensitive information.

• Cyberattack - A malicious attempt to gain unauthorized access to a computer system, network, or device. The goal of a cyberattack is to disrupt or damage the target, or to steal data, intellectual property, or money.

• Ransomware - A type of malware that locks or encrypts a victim's files and demands a ransom payment to unlock and decrypt them. Ransomware can infect a variety of devices, including computers, smartphones, printers, and more.

• Password manager - a software application that allows users to securely store, generate, and manage their online login credentials (passwords and usernames) across different websites and applications, typically requiring only one "master password" to access all stored information, promoting strong password hygiene by creating unique passwords for each site and automatically filling them in when needed.

Spread cybersecurity culture

Do you have any suggestions on how we can further share this newsletter? Tell your friends and family about us by sharing with them the Hexagon Center official website:

hexagoncenter.org

View archives at hxweekly.beehiiv.com

You may reply to this newsletter or email us at
[email protected]

Send us any questions or things you want to talk about. Please share some fun facts with us. We welcome feedback and suggestions.

_{Hexagon Center is formed as a nonprofit corporation in California for public benefit,
and is tax-exempt under section 501(c)(3) of the Internal Revenue Code.}

_DISCLAIMER

_{Cybersecurity is an ever-changing field, and threats may evolve. While Hexagon Center strives to provide accurate and timely information, we cannot guarantee absolute security. Users are responsible for implementing their security measures and staying informed about the latest cybersecurity developments. Hexagon Center is not responsible for any cyber or scam attacks by our readers. HX Weekly tips are advice are not official positions of Hexagon Center nor is Hexagon Center responsible for its content.}

Content of this newsletter is not an official representation of Hexagon Center.

_{SEE MORE DISCLAIMER HERE}