Editor's Message

Welcome to DBD. On March 8th we officially celebrated our first anniversary. What started as a small idea unexpectedly evolved into a larger project, thanks to an overwhelming interest in the website and the information we provide. Therefore we would like to take this opportunity to thank each and every one of you who has supported us in our first year of operation, and we pledge to endeavour to continue providing you with the service you have come to expect from us going forward. Thank you for your support. Stay safe. :)

Monday, 13 September 2021

33.8% Of Industrial Control Systems Targeted With Cyber Attacks As Reported Vulnerabilities Increased By 41% In H1 2021

Olympus: Japanese Medical Technology Company's EMEA Division Suffers "BlackMatter" Ransomware Attack

Data Breaches Digest - Week 37 2021

Welcome to this week's Data Breaches Digest, a catalogue of links concerning Data Breaches and Cyber Security that were published on the Internet during the period between 13th September and 19th September 2021.

16th September

All Data Breaches of all time – An Alarming Timeline

APT-C-23 Using New Android Spyware in the Middle East

Are Asian businesses really prepared to deal with ransomware attacks

Attacks reach record highs in 2021

Banks Slammed for Low Fraud Reimbursement Rates

Bitcoin ledger as a secret weapon in war against ransomware

Bitdefender releases REvil master decryptor

Bot attack volumes growing 41% year over year, human-initiated attacks down 29%

Chinook School Division student information exposed during accidental data breach

Communicating in the midst of a cyber attack

Data breach in networks of Indonesian ministries and agencies

Ensuring Business Continuity In A Modern-Day Threat Landscape

Find the balance between security and privacy in a BYOD world

Ford Faces Class Action Lawsuit for Storing and Sharing Private Conversations

Free REvil ransomware master decrypter released for past victims

Health apps 'playing fast and loose' with user data, warns Federal Trade Commission (FTC) chief

Household Names Hit with £500K Fine for Spamming Consumers

How much are data breaches costing Canadian businesses?

HSE chief says cost of cyber attack could reach €100m

Increase in Phishing Attacks on Nigerian Organisations Hits 66%

Make or Break: What To Do When Security Solutions Fail

Microsoft announces passwordless authentication option for consumers

Misconfigured APIs Account for Two-Thirds of Cloud Breaches

New Go malware Capoae targets WordPress installs, Linux systems

Newcastle Grammar School reveals post-mortem of ransomware infection

Nigeria Records 13% Decline In Phishing Attack In H1

One-in-seven Nasdaq-100 companies ranked as highly susceptible to a ransomware attack

Ransomware: A market problem deserves a market solution

Ransomware attackers targeted app developers with malicious Office docs, says Microsoft

Ransomware attacks and crypto-currency scams on the rise

Ransomware gang threatens to remove key when victim contacts negotiator

Ransomware incidents continue to rise

Rethinking Security When Identity is the Ultimate Attack Surface

The 5 Ws for building a strong cybersecurity plan

The Massachusetts Attorney General will probe the T-Mobile data breach

The Ransomware Killchain: How It Works, and How to Protect Your Systems

Third Critical Bug Affects Netgear Smart Switches — Details and PoC Released

Travel-themed phishing lures spiked this summer

When attackers strike

Why Understanding Data Privacy is More Important Than Ever

Windows MSHTML 0-Day Exploited to Deploy Cobalt Strike Beacon in Targeted Attacks

15th September

3 Former U.S. Intelligence Officers Admit to Hacking for UAE Company

9 tips to avoid cloud configuration conundrums

46% of all on-prem databases are vulnerable to attack, breaches expected to grow

A cyber security threat is now reported in Australia every eight minutes

A Phishing Kit Scammed Thousands Of People

Americans Fined After Hacking for Foreign Government

Arizona Medical Practice Permanently Loses EHR Data

Attackers Impersonate Department of Transportation (DoT) in Two-Day Phishing Scam

Australia and Singapore have higher incidences of insecure databases

Brand abuse attacks dominate list of fraud trends

California Attorney General Issues Bulletin on Health Data Breach Reporting Requirements

Call to eliminate 'human error' causing Guernsey data breaches

Critical Azure security vulnerabilities affect large organizations

Critical Flaws Discovered in Azure App That Microsoft Secretly Installed on Linux VMs

Customer Care Giant TTEC Hit By Ransomware

Cyber Crime Attacks on Australians Increase to 1 Every 8 Minutes

Cyber crime in Australia increased 13% in the last year

Cyber crime spreads in Australia as COVID-19 pushes more people online

Cyber insurance – the year of change

Cybercriminals recreate Cobalt Strike in Linux

Cybercriminals use pandemic to attack schools and colleges

Cybersecurity tips for online learning as schools tap hybrid learning amid delta variant

Data Breach In Networks Of Indonesian Ministries And Agencies

Defeating Ransomware with Multi-Factor Authentication (MFA)

Department of Justice (DOJ) fines NSA hackers who assisted UAE in attacks on dissidents

Email scammers posed as DOT officials in phishing messages focused on $1 trillion bill

Employees are losing thousands of dollars to this ‘boss scam’

Execs concerned about software supply chain security, but not taking action

Experian data breach suspect nabbed

Financial services organisations spend over $2.62 million on ransomware recovery

Financial Services Sector Hit with $2m Ransomware Costs

Five Risks For Your Mission-Critical SaaS Data

Former U.S. intel operatives to pay $1.6M for hacking for foreign government

Google patches Chrome zero-day exploited in the wild

GSaaS: The Changing Dynamics of Cybersecurity

Half of on-prem databases contain security vulnerabilities

Hawks arrest suspect for massive Experian data breach

Health care data breach affects more than 100,000 Mainers

Health Care Providers Are Turning to Cyber Insurance

How to Prevent an Office of Foreign Asset Control (OFAC) Sanction When Responding to a Ransomware Attack

How to protect your on-premises databases from security vulnerabilities

Improving Backup Resiliency as the Last Line of Ransomware Defense

Individuals use two-factor authentication, biometrics to protect information

IoT: An Internet of Threats?

Ireland: Data Protection Commissioner launches two inquiries into TikTok

ISOMorph and HTML Smuggling

Justice department working to restore IT systems after ransomware attack

Lawsuit: Health System Failed to Heed Ransomware Warnings

Many companies are struggling to repel network attacks

Many employees can access millions of company files on their first day

McAfee Enterprise research links new RaaS gang to Babuk

Meris botnet assaults KrebsOnSecurity

Microsoft fixes critical bugs in secretly installed Azure Linux app

Microsoft just took another big step towards getting rid of passwords forever

Microsoft Patches OMIGOD, MSHTML and PrintNightmare Bugs

Microsoft rolls out passwordless login for all Microsoft accounts

MikroTik shares info on securing routers hit by massive Mēris botnet

Most Fortune 500 companies’ external IT infrastructure considered at risk

Multiple Flaws in Microsoft Azure Put Half of All Deployments at Risk

National Information Technology Development Agency (NITDA) warns of data breach via mobile apps

Nearly a Third of Brits Say They Feel Unsafe Online

No Patch for High-Severity Bug in Legacy IBM System X Servers

NSA Director Promises ‘Intense’ Crackdown On Foreign Cyber Attacks

OMIGOD: Azure users running Linux VMs need to update now

Open Web Application Security Project (OWASP) updates top 10 vulnerability ranking for first time since 2017

Phishers impersonate US DOT to target contractors after Senate passed $1 trillion infrastructure bill

Phishing Attacks in Nigeria Drop 13% in H1 2021

Phishing Attacks on the Rise: 60% of Organizations in the UAE

Phishing Scams In 2021

Phishing texts and emails target University of Oregon community in fall surge

Quarter of Fortune 500's External IT Assets Are a Cyber Risk

Ransomware crims saying 'We'll burn your data if you get a negotiator' can't be legally paid off anyway

Ransomware encrypts South Africa's entire Department of Justice network

Ransomware gang threatens to wipe decryption key if negotiator hired

Ransomware gangs’ methods match state-sponsored attackers as assaults get more sophisticated

Ransomware is exploding and evolving

Ransomware preparedness is low despite executives’ concerns

Rare bright cyber spot: Australian Cyber Security Centre (ACSC) reports total incidents down 28%

Remote work presents challenges for IT leaders

Rise in cyberattacks on healthcare organisations

Russia Has Taken No Action to Combat Ransomware, FBI Says

Russia is fully capable of shutting down cybercrime

SEC’s SolarWinds Probe Could Expose Undisclosed Security Breaches

Securing the Edge in a Hybrid Environment

Security Experts Witnessed a 55,239% Increase in Ransomware Activity in Q2

Serious Flaw Found in HP OMEN Driver

Software Supply Chain Attacks Surge 650% in a Year

South Africa: Suspect arrested for massive 2020 data breach

South African government entities hit by cyber attacks and services affected

South African organisations not confident they could survive a ransomware attack

Stale Microsoft 365 accounts are a security risk: Remove them now

Steganography explained and how to protect against it

T-Mobile, customers diverge on forum to transfer data breach suits

T-Mobile Data Breach to Be Investigated by Massachusetts Attorney General

Tape Won’t Work for Ransomware Protection. Here’s Why

Tech giant Olympus reportedly hit by BlackMatter ransomware

The fight against ransomware

The Hidden Risk the Defense Sector’s Probably Overlooking

The Ransomware Pandemic That COVID Started

The Top 5 Threats to Cyber Security

Traditional Fraudulent Tactics Like Spam Emails and Phishing Still Prevalent According to Kaspersky

Two-thirds of cloud attacks could be stopped by checking configurations, research finds

U.S. Operatives Responsible for “KARMA” Deployment in the U.A.E. Offered Costly Resolution

UAE organisations report increased cyberattacks during the pandemic

UK's General Data Protection Regulation (GDPR) Explained

Wisconsin Attorney General Warns Of Increased Ransomware Threats

You can now eliminate the password for your Microsoft account

You Can Now Sign-in to Your Microsoft Accounts Without a Password

Your Security Debt is Due. Here’s How to Pay it Off

ZLoader is back: uses ads for spreading and disables Windows defender

14th September

60 Million records exposed: Fitbit, Apple, Google health info leaked in massive data breach

2020 Expensive Year For Ransomware Victims: Sophos

2021’s Most Dangerous Software Weaknesses

Adobe Snuffs Critical Bugs in Acrobat, Experience Manager

After a Short Summer Vacation, REvil Ransomware Group Shows Signs of Returning to Business

Apple Fixes Pegasus-Exploited Zero-Day Through iOS 14.8 and macOS 11.6

Apple fixes “zero-click” iMessage zero-day exploited to deliver spyware (CVE-2021-30860)

Apple Patches Pegasus Spyware Flaw for iOS Devices, Macs

Apple patches spyware flaw affecting all operating systems

Apple releases emergency patch to protect all devices against Pegasus spyware

Apple Releases Urgent Patch Following Discovery of Pegasus Spyware

Australia: Ransomware shows why we need a bipartisan federal cybersecurity policy

Automotive Industry Faces Severe Data Breaches and Ransomware Threats, CybelAngel Investigation Reveals

BlackMatter Ransomware Hits Japanese Tech Giant Olympus

Bot attacks grow 41% in first half of 2021

Child maintenance payments delayed after ransomware attack disables important system

Clinic: EHR Data Too Damaged to Recover Post-Attack

Cloud Misconfigurations: The Hidden but Preventable Threat to Cloud Data

Close to half of on-prem databases contain vulnerabilities, with many critical flaws

Constant threat of ransomware causing data protection headaches

Corporate corruption, fraud and bribery have significant impacts to the enterprise

Cost of ransomware attack in financial sector exceeds $2m

Create a ransomware playbook

Cyber attack on Justice Dept spills over to South Africa's new information watchdog

Dangers of DNS poisoning and how to prevent it

Deloitte Poll: Most US Executives Lack Ransomware Response Plan

Don’t get held to ransom: Cause, prevention, recovery

Executives' ransomware concerns are high, yet few are prepared for attacks

Explained: How safe is my iPhone after Apple’s no-click security flaw?

FBI ends GCSD cyber attack investigation

FBI Official: Russia Is Not Cooperating with U.S. Against Ransomware Threat

Financial Services Firms Spend Over $2m on Ransomware Recovery

Finding your PII data before someone else does

Fitness Tracking Platform Exposed 61 Million User Records

Five ways to improve your cyber resilience with robust ransomware recovery

General promises US 'surge' against foreign cyberattacks

Global Databases Riddled with an Average of 26 Vulnerabilities

Google patches two Chrome zero-days

Hackers Are Laying Siege to Critical Infrastructure: Here’s How to Fight Back

Healthcare cybersecurity: How to prevent the compromise of patient records?

Here's what smishing means as reports of text message scams jump - and how it differs from phishing

Houston Provider Delayed Notice of Ransomware Attack for Months

How the Digital Business is Keeping Up with Compliance

How to defeat cyber threats with AI-powered, real time threat intelligence

How to evaluate the security risk of your databases

HP OMEN Gaming Hub Flaw Affects Millions of Windows Computers

HP patches severe OMEN driver privilege escalation vulnerability

Improving Cyber Resilience Against Ransomware Attacks in the U.S.

Indonesia denies report of Chinese hacking group breaching intelligence agency servers

Information Regulator hit by ‘ransomware attack’

IT teams forced into compromising security for business continuity during pandemic

Krita art app users targeted by ransomware posing as paid 'collaboration' opportunities

Massachusetts Attorney General (AG) Launches Investigation Into T-Mobile Data Breach

Massachusetts Attorney General (AG) Launches Probe into T-Mobile Data Breach

Massachusetts probing huge T-Mobile data breach

Microsoft fixes remaining Windows PrintNightmare vulnerabilities

Microsoft fixes Windows CVE-2021-40444 MSHTML zero-day bug

Microsoft patches actively exploited MSHTML zero-day RCE (CVE-2021-40444)

Microsoft Patches Actively Exploited Windows Zero-Day Bug

Microsoft Releases Patch for Actively Exploited Windows Zero-Day Vulnerability

Millions of HP OMEN gaming PCs impacted by driver vulnerability

More Aussies at risk as Google finds phishing, scams ramp up

‘New battleground’: Cyber attackers targeting Australia’s health system

New Stealthier ZLoader Variant Spreading Via Fake TeamViewer Download Ads

New York County IT Supervisor Charged with Crypto-Mining

New Zloader attacks disable Windows Defender to evade detection

Olympus insists medical services ‘uninterrupted’ by malware attack

One Stolen Password Took Down The Colonial Pipeline — Is Your Business Next?

Online Safety Starts With Using a Password Manager

OSI Layer 1: The soft underbelly of cybersecurity

Outsmart Cybersecurity Threats By Modernizing Your ERP

Pair of Google Chrome Zero-Day Bugs Actively Exploited

Perfect Storm Expands Opportunities For Cyber Investment

Personal information of North East ISD (NEISD) employees may have been compromised in cyber attack, district says

Phishing Attacks Getting Sneakier with Open Redirects

Phishing attacks on the decline as cybercrims focus efforts

Phishing puts South African companies under fire

Ragnar Locker Ransomware Gang Employs New Tactics: Leaking Data if Victims Contact the FBI

Ransomware Operators Ramp Up Pressure on Victims via Multiple Extortion Attacks

Ransomware prevention tips for SMEs: The threat from within

Response Plans, Backup Strategies Underpin Cyber Resilience

REvil: Ransomware gang active again in a new line-up

Rise in cyberattacks, ransomware during COVID-19 boosts IT security skills

Romance, BEC Scams Lands Soldier in Jail for 46 Months

Russia is fully capable of shutting down cybercrime

Scammers already targeting people with iPhone 13 offers

Seven signs your mobile phone has been hacked and your personal or financial details hijacked

‘Significant threat’: cyber attacks increasingly targeting Australia’s critical infrastructure

Smishing attacks increased 700% in first six months of 2021

SolarWinds CEO: Breach transparency 'painful' but necessary

South African Justice Department hit by ransomware attack

Texas GOP Website Down After Anonymous Hack

The Rise in Ransomware: Here's How to Fight It

The Rise of Ransomware

The state of ransomware: national emergencies and million-dollar blackmail

This phishing kit is wreaking havoc on thousands of victims

Thousands of UNM Health records breached

Three ways to keep your organization safe from cyberattacks

Training creators say cybersecurity drills don't have to be 'fight or flight'

US general in charge of cybersecurity pledges ‘surge’ to address ransomware attacks

What Is Cyber Insurance and Do I Need It?

What is Driving the Surge of Ransomware Attacks?

Why AI and Automation Provides Superhuman Security

Why cyber criminals are targeting schools

Why you should avoid those fun social media "tell us about yourself" questions

Wisconsin officials report increase in ransomware threats

Zero Trust Requires Cloud Data Security with Integrated Continuous Endpoint Risk Assessment

ZLoader’s Back, Abusing Google AdWords, Disabling Windows Defender

13th September

5 ways to better prepare your organization for a ransomware attack

5 ways to improve cyber resilience against ransomware, supply chain attacks

91% of IT teams feel pressure to compromise security

A Third of Industrial Control Systems Attacked in H1 2021

Anonymous hacks Texas Republican Party website against abortion law

Apple fixes iOS zero-day used to deploy NSO iPhone spyware

Apple Issues Emergency Fix for NSO Zero-Click Zero Day

Apple Issues Urgent Updates to Fix New Zero-Day Linked to Pegasus Spyware

Apple releases update fixing NSO spyware vulnerability affecting Macs, iPhones, iPads and Watches

Attackers' fumble gave out Kaseya decryptor key

Bad News: Innovative REvil Ransomware Operation Is Back

Beginning a more mature conversation about cybersecurity

Beware of these 5 common scams you can encounter on Instagram

BlackMatter attack on Olympus shows troubling rise of ransomware-as-a-service

BlackMatter ransomware hits medical technology giant Olympus

Brazil debates creation of national strategy to tackle cybercrime

Camera giant Olympus hit by ransomware attack

CISA Adds Single-Factor Authentication to the List of Bad Cybersecurity Practices

Class action targets Georgia health system over ransomware attack that exposed 1.4 million patients' info

Cloudflare CEO says crypto exchanges are a popular target for cyber attackers

Critical Bug Reported in NPM Package With Millions of Downloads Weekly

Cyber Insurance Carriers, Increasingly Targeted by Hackers, Impose New Coverage Conditions

Disincentivizing ransomware criminals across the federal government

Elevated Cyber-risk as Companies Choose Speed Over Security

Enterprise automation adoption surging, security and compliance area jump by 171%

Federal Trade Commission (FTC) warns of extortionists targeting LGBTQ+ community on dating apps

Fitbit, Apple user data exposed in breach impacting 61M fitness tracker records

Gone phishing: The escalation in global cyberattacks is an unintended consequence of Fourth Industrial Revolution (4IR) technologies

Google patches 10th Chrome zero-day exploited in the wild this year

Hacker-made Linux Cobalt Strike beacon used in ongoing attacks

Hackers leak California hospital patients' data online after ransomware attack

Honing Cybersecurity Strategy When Everyone’s a Target for Ransomware

How Intrusion Risk Controls Ward off Ransomware Hackers

How Likely Is Your Employee To Cause A Data Breach?

How Nonprofits Can Defend Against Ransomware Attacks

How To Defend Against Increasingly Convincing Phishing Attacks

Information Regulator of South Africa concerned by breaches and ransomware attacks

IoT device attacks double in the first half of 2021, and remote work may shoulder some of the blame

Kaspersky Records Over 2 Million Phishing Attacks in South Africa, Kenya and Nigeria in H1 2021 and Spam Email Still a Threat

Linux Implementation of Cobalt Strike Beacon Targeting Organizations Worldwide

Looking for election threats in all the wrong places

Mobile app creation: Why data privacy and compliance should be at the forefront

‘MskHost’ Taken Down by Hacktivists Who Will Now Pass Stolen Clientele to the Police

Mustang Panda Compromises Indonesian Intelligence Agency

MyRepublic reports data breach to customers

New SpookJS Attack Bypasses Google Chrome's Site Isolation Protection

Now Is The Time To Update Your Risk Management Strategy And Prioritize Cybersecurity

Nuspire Report Confirms Massive Spike in Ransomware Attacks

Olympus Admitted the ‘BlackMatter’ Ransomware Gang Got Them

Olympus Allegedly Falls Victim to BlackMatter Ransomware Attack

Olympus hit by suspected ransomware attack

Olympus investigating reported ransomware attack with BlackMatter hallmarks

Olympus likely victim of BlackMatter ransomware

Only 30% of enterprises use cloud services with E2E encryption for external file sharing

Open redirect on UK council website was being used for Royal Mail-themed parcel payments scam

Over 60 million wearable, fitness tracking records exposed via unsecured database

People, places, and spaces: Edge data centers’ biggest security challenges

Phishing attacks vs employees skyrocketed during the pandemic

Prevention is better than cure: The ransomware evolution

Ransomware attacks are about to get worse. But there are ways to stop them

REvil is back - and wants to rebuild its reputation

REvil Ransomware Is Back Online After A Brief Hiatus

REvil’s Back; Coder Fat-Fingered Away Its Decryptor Key?

Securing a Hybrid Work Environment: The Worst of Both Worlds

Securities and Exchange Commission (SEC) Probe into Russian Hacking of SolarWinds has corporate America worried

Security Advisory Regarding Remote Code Execution in MSHTML

Security Experts Witnessed a 55,239% Increase in Ransomware Activity in Q2

South Africa: Calls for transparency after justice department cyber attack

Technology giant Olympus hit by BlackMatter ransomware

Tesla targeted in failed ransomware extortion scheme

The Evolution of Disruptionware and the Growth of Ransomware as a Service (RaaS)

The great data robbery

The Three Pillars of Unified Risk Management for Product Security

The top cyber security risks of 2022

Third-party cloud providers: Expanding the attack surface

Tips For Protecting Yourself Against Rising Cybercrime

Top 5 Enterprise Security Threats and How To Avoid Them

Update Google Chrome to Patch 2 New Zero-Day Flaws Under Attack

US Locks Up Key Player in Nigerian Romance Scam

Virginia National Guard suffers cyberattack as Marketo leaks data

What’s Behind the Leaks of Customer Data From Retailer Databases?

Why a Zero-Trust Model for Email Security Is Critical

Ransomware Operator Claims - Week 36 2021

Welcome to last week's ROC Report, an exclusive summary of Ransomware Operator's global victims that were claimed during the period between 6th September and 12th September 2021, kindly provided by our partners.

Flag Icons created by Freepik and provided by Flaticon.

Thursday, 9 September 2021

SANSA: South African National Space Agency Suffers "CoomingProject" Data Breach Resulting In Students' Data Leaked On Dark Web

LifeLong Medical Care: Californian Healthcare Provider's Third-Party Ransomware Attack Exposed 115,448 Patients' Health Data

EskyFun: Chinese Android Game Developer's Unsecure Server Exposed 1 Million Gamers' Accounts And Personal Information

Fortinet: 498,908 VPN Account Passwords Leaked By Hacker Associated With "Groove" Ransomware Operator On The Dark Web

Monday, 6 September 2021

Conti: Ransomware Operator's Infrastructure Disrupted As Irish Authorities Seize Domains Used In Irish Health Service Attack

Data Breaches Digest - Week 36 2021

Welcome to this week's Data Breaches Digest, a catalogue of links concerning Data Breaches and Cyber Security that were published on the Internet during the period between 6th September and 12th September 2021.

12th September

Crypto Miners in Africa at Risk from Cyber Criminals with East Africa the Largest Target Market in 2021

Cyber in the boardroom

Experts concerned over emergence of new Android banking trojan S.O.V.A

How to Avoid Paying Ransoms

How to shut down a phishing operation in 48 hours

New cybersecurity report from HP reveals 91% of IT teams feel pressure to compromise security

Phishing campaign uses UPS.com vulnerability to distribute malware

‘Please Provide Your Credit Card and Code’: New Israeli Facebook Scam Is a Lesson in Online Fraud

PYSA Ransomware Gang Targets Linux

REvil Returns With Fresh Attacks, New Representative

Qatar: Communications Regulatory Authority (CRA) raises awareness against online fraud, hacking

Scamming activity intensifies ahead of world famous auto racing event

SME breach response

State of Cybersecurity: We Can Do More to Protect Our Supply Chain and Critical Infrastructure

Why Is Ransomware Such a Big Threat to Universities?

Windows MSHTML zero-day exploits shared on hacking forums

11th September

3 Trends to Understand the Evolving Cybersecurity Landscape

20 years later, unchecked data collection is part of 9/11’s legacy

After the T-Mobile breach, companies are preventing customers from securing their accounts

Alert! More than 19,000 apps on Google Play Store could leak your personal data - Check details

Assume breach position does not mean firms get to skip due diligence in cybersecurity

Bitcoin scams: How to spot and avoid the 5 worst cryptocurrency frauds

Class-action lawsuit filed against St. Joseph's/Candler after ransomware attack

Computer vision and deep learning provide new ways to detect cyber threats

Cybersecurity: Rising risk for airlines

Cybersecurity seen as rising risk for airlines after 9/11

Enable these 3 easy Windows settings to drastically improve your PC’s security

Gun owners reportedly targeted by animal rights activists following data breach

Here’s how much your credit card is now worth on the Dark Web – and the one account worth a lot more

How CISOs are Building a Modern Cybersecurity Partnership

How outdated medical systems leave patient records at risk

Insurance Regulatory and Development Authority of India (IRDAI) urges insurance companies to launch cyber-attack cover

Is Telemedicine a Security Risk?

Mēris Botnet Hit Russia's Yandex With Massive 22 Million RPS DDoS Attack

‘MyRepublic’ Singapore Announced a Customer-Affecting Data Breach Incident

No, the Department of Motor Vehicles (DMV) Doesn’t Really Owe You $922

Oklahoma Man Sentenced to 4 Years in Prison for Laundering Romance Scam Money

Ransomware groups continue assault on healthcare orgs as COVID-19 infections increase

Report Shows 10x Spike in Ransomware

REvil ransomware is back in full attack mode and leaking data

Russia’s SolarWinds Hack: Explaining President Biden’s Retaliatory Measures

Scammers Stole Surfside Condo Collapse Victims’ IDs To Buy Louboutin And Versace, Cops Claim

Stimulus check scams soared over the summer – Here’s what the IRS says to watch out for so you’re not next

Suspected of Being Part Of TrickBot Group Arrested in South Korea

Taking Guard

The Inconvenient Truth About Windows 11 Malware

The largest DDoS attack in history hits Russian tech giant Yandex

U.S. healthcare hit by yet another cyberattack

10th September

13 Troubling Tech Vulnerabilities The Industry Needs To Address

50% Of Companies Have Experienced Cybercrime at the Hands of the Same Attacker

A third of suspicious emails reported by employees are phishing

A zero-trust future: Why cybersecurity should be prioritized for the hybrid working world

Active Directory sits in a dangerous security blind spot

AI Is No Longer Optional, And That’s A Good Thing

Application Security a Growing Priority Among Security Pros

Arizona Ransomware Attack Leads to Unrecoverable EHRs, Data Loss

Azurescape attack allows cross-container cloud compromise

Beware: The newest cyber attacks to keep an eye out for

Beware! These Google Play Store apps can leak your personal data

Building a Unified BCDR Strategy to Protect Data

Cannabis companies considered ripe targets for ransomware attacks

City of Yonkers Hacked, No Computers for the Past Week: Ransom Demanded, City Hall Says No

Colorado County Clerk Charged with Cybercrime

Combating Cyber-Threats in the Age of Big Tech

Computer vision and deep learning provide new ways to detect cyber threats

Cybersecurity and Infrastructure Security Agency (CISA) tells agencies they don’t have to go it alone on zero trust

DDoS Attacks Overwhelming Mitigations Through Short and Sharp Doses

Digital currency-related attacks among top cyber threats in Africa

Dignity Health patient data exposed after laptop stolen from anesthesiology vendor

Employee Email Misuse Puts Patient PHI in Jeopardy in California, Florida

Employees, IT Staff at Odds Over Security Policies

Evil Corp: A Deep Dive Into One of the World’s Most Notorious Hacker Groups

Experts Link Sidewalk Malware Attacks to Grayfly Chinese Hacker Group

Four critical data storage security questions CIOs must ask

Fujitsu Confirms Stolen Data Marketed By Cybercriminals in Marketo is Not Theirs

Gearing Up Security for the Deepfake Era

Germany probes claims of pre-election MP hacking by Russia

Germany probes claims of pre-election MP hacking by Russia

Go read this report about the horrifying leaks coming from school ransomware attacks

Groove Ransomware Gang Tries New Tactic to Attract Affiliates

Hackers are leaking children’s data — and there’s little parents can do

Hackers get data trove in U.N. breach

Half a million VPN passwords leaked – Has your info has been compromised?

HAProxy found vulnerable to critical HTTP request smuggling attack

HAProxy urges users to update after HTTP request smuggling vulnerability found

Healthcare organizations in California, Arizona send out breach letters for nearly 150,000 after SSNs accessed during ransomware attacks

HHS cybersecurity arm warns against BlackMatter ransomware

How Current, Former Dallas ISD Students Can Get Free Credit Monitoring, ID Protection After Massive Data Breach

How Hackers Use PowerShell And How To Take Action

How to avoid student loan scams, fraud and phishing according to the Student Loans Company

How To Protect Your Small Business From Cyberattacks (And Their Financial Fallout)

Improper disposal of hard drives exposes data of 116,000 patients at Maine clinic

Incident Of The Week: Medical data of more than 73,000 patients shared in Singapore breach

IoT interest is growing, but so are cybersecurity concerns

IT leaders facing backlash from remote workers over cybersecurity measures: HP study

Justice Department assures South Africa there was no breach of data in cyberattack

Justice department battles to contain ransomware attack

Keeping remote and hybrid workforces safe

Key Cybersecurity Trends 2021

Manufacturing’s Newest (and Biggest) Challenge

McDonald’s Email Blast Includes Password to Monopoly Game Database

More Japanese firms fell victim to ransomware attacks in 2021, rise accelerating

Most companies have little idea how to recover from a ransomware attack

MyRepublic Data Breach Raises Data-Protection Questions

MyRepublic discloses data breach exposing government ID cards

MyRepublic discloses data breach exposing government ID cards

National cyber director says hospitals under attack have no choice but to pay ransom

New York State fixes vulnerability in COVID-19 passport app that allowed storage of fake vaccine credentials

Not All Hackers Are Cybercriminals

Personal Information of Nearly 80,000 MyRepublic Customers Accessed After Breach

Phishing attacks on employees increased during the pandemic in 70% of organizations

Phishing attempts: Employees can be the first line of defense

Poland Extradites Alleged Botnet Operator to US

Preparing for Ransomware: Are Backups Enough?

Prioritize the Fraud Epidemic Arising from the Pandemic

Protecting businesses from ransomware at the edge

Ransomware: Hot or Not? Here's Attackers' Ideal Target

Ransomware group irked by US extradition of Ukrainian

Ransomware group that carried out major attacks reappears after brief absence

Ransomware Stopper: Mandatory Ransom Payment Disclosure

SANSA Responds to Data Leak Incident Saying It’s Nothing Serious

Sensitive Data Exposure: What Do Hackers Want the Most?

SOVA: New Android Banking Trojan Emerges With Growing Capabilities

SOVA, Worryingly Sophisticated Android Trojan, Takes Flight

Stolen Credentials Led to Data Theft at United Nations

T-Mobile’s Hack Of 50 Million Users Leaves Black Community At Risk

Thailand: Hospital hackers based in US

The 20th anniversary of September 11: Reflections on the evolution of enterprise security

The impact of ransomware on cyber insurance driving the need for broader cybersecurity knowlege

The Rise of Disruptive Ransomware Attacks: A Call To Action

There Are Over 2 Million Vulnerable Microsoft Web Servers Online

‘Third-party data storage platform’ behind MyRepublic breach, 80,000 customers impacted

Three actions miners can take to limit growing cybersecurity risks

Top Steps for Ransomware Recovery and Preparation

UK to Revamp ICO as Part of Data Rules Reform

Ukrainian Extradited to US Faces Credential Theft Charges

Ukrainian man extradited to the US to face botnet, data theft charges

UN computer networks were breached by cybercriminals

UN Data Breach: Expert Commentary on a High-Profile Attack

United Nations Says Attackers Breached Its Systems

University Hacker Sent to Prison

US military reservist lands himself prison sentence for operating romance scams

Waikato DHB: 4200 patients had data shared on dark web in cyber attack

Waikato DHB to tell 4200 people their personal information was disclosed on the dark web, following May cyber attack

What are endpoint security threats, and how can they enter your device?

What’s the Total Cost of Fraud — And How Can You Reduce It?

Why a unified approach is the future of backup

Wide-ranging SolarWinds probe sparks fear in Corporate America

With botnet attacks increasing, how can businesses deal with them?

Yandex claims to have seen off the world's largest DDoS

Yandex hit by largest DDoS attack involving 200,000 hacked devices

Yandex Pummeled by Potent Meris DDoS Botnet

Your voiceprint could be your new password as companies look to increase security for remote workers

9th September

1 in 5 companies fully confident infrastructure security can support long-term remote work

91% of IT teams have felt 'forced' to trade security for business operations

ANZ New Zealand back online after outage from DDoS attack

Attacker Breakout Time Now Less Than 30 Minutes

Attacker releases credentials for 87,000 FortiGate SSL VPN devices

‘Azurescape’ Kubernetes Attack Allows Cross-Container Cloud Compromise

BlackMatter Ransomware Attacks Threaten Healthcare, Health Sector Cybersecurity Coordination Center (HC3) Says

BladeHawk Attackers Target Kurds with Android Apps

Business Associate Ransomware Attack Impacts 115K in California

Cyber-criminal Targets Dadsnet Founders

Cybercriminal Sentenced to 140 Months in Prison for Laundering Over $30 Million

Department of Justice victim of latest security breach

FBI agent: Growth of cybercrime ‘unbelievable,’ tougher penalties needed

Financial Cybercrime: Why Cryptocurrency is the Perfect ‘Getaway Car’

Fraud Facts for Freshers

GitHub tackles severe vulnerabilities in Node.js packages

Groove Promises Maximum Profits for Ransomware Affiliates

Groove ransomware gang is a motley crew of disgruntled hackers, researchers say

Guntrader users to take legal action over data breach concerns

Hackers dump login credentials of Fortinet VPN users in plain-text

Hackers go phishing for naive Australians

Hackers Leak VPN Account Passwords From 87,000 Fortinet FortiGate Devices

Hackers Steal Data from United Nations

How to remove ransomware, step by step

Howard University’s Devastating Ransomware Attack Can Teach Other Colleges a Valuable Lesson

Infamous criminal ransomware group REvil is back

Malicious office documents: The latest trend in cybercriminal exploitation

Manufacturers face a significant cybersecurity risk from ransomware

Microsoft: We've fixed Azure container flaw that could have leaked data

Microsoft fixes bug letting hackers take over Azure containers

Microsoft Says Nothing Bad Happened Due to the Azure Container Instances Blunder

Microsoft Warns Azure Customers of Flaw That Could Have Led to Data Breach

Microsoft warns of Azure vulnerability which exposed users to data theft

Microsoft Warns of Cross-Account Takeover Bug in Azure Container Instances

National Cyber Director Sees Ransomware As Continuing Threat

New Mēris botnet breaks DDoS record with 21.8 million RPS attack

Organizations struggling to develop cloud applications that meet security requirements

PayPal phishing email claims payment to Asda Store

Phishing attacks: One in three suspect emails reported by employees really are malicious

Prison for BEC Scheme Money Launderer

Protecting your company from fourth-party risk

Ransomware Attack Disrupts Online, Hybrid Classes at Howard University

Ransomware attack wipes out Arizona clinic's EHR, corrupts 35,000 patients' records

Ransomware Attacks Preparation And Off-line READ-ONLY Storage Saves The Day

Ransomware Attacks Ramp Up

Ransomware attacks up by 518% in the last year

Ransomware is ‘a solvable problem’, expert maintains

Researchers Add More Pieces to the ‘EGoManiac’ Turkish Actor Puzzle

REvil Ransomware Group's Sudden Re-emergence Sparks Concerns

REvil ransomware may be set to return

Russian Ransomware Group REvil Back Online After 2-Month Hiatus

SANSA breach: International hacker group claims responsibility for Space Agency leak

Security Now a "Thankless Task" For 80% of IT Teams

SideWalk Backdoor Linked to China-Linked Spy Group ‘Grayfly’

Sonic Data Breach Lawsuit Continues After US Judge Finds Fast-Food Chain Guilty of Putting Credit Card Info at Risk

Sophos Releases Phishing Insights 2021 Report

South Africa: Department of Justice IT services disrupted by ransomware attack

South Africa's government entities under attack as space agency hit by data breach

Stop using your web browser security wrong

T-Mobile data breach 2021: Here's what it means for securing your data

Texas Now Publicly Posting Names Of Companies That Lose Personal Data In Cyberattack

The best way to protect against ‘strategic’ cybercrime? Keep moving your data

The role of automation in staying on top of the evolving threat landscape

The top keywords used in phishing email subject lines

Thousands of Fortinet VPN Account Credentials Leaked

Virginia National Guard confirms cyberattack hit Virginia Defense Force email accounts

WFH is a cybersecurity "ticking time bomb," according to a new report

When a scammer calls: 3 strategies to protect customers from call spoofing

Why Ransomware Hackers Love Holidays

Why the Pegasus Mobile Spyware Incident is a Wake-Up Call

Windows MSHTML zero-day defenses bypassed as new info emerges

Yandex is battling the largest DDoS in Russian Internet history

Zoho ManageEngine Password Manager Zero-Day Gets a Fix, Amid Attacks

8th September

10 Dangerous Phishing Attack Trends To Know About In 2021

25 years later, phishing attacks are the cybercrime that keep on giving

A Widely Deployed Mitsubishi Industrial Controller Is Vulnerable to Remote Exploitation

Afghanistan becomes the primary target for ransomware attacks following Taliban takeover

Attackers are exploiting zero-day RCE flaw to target Windows users (CVE-2021-40444)

Attacks on IoT Devices Double Over Past Year

BladeHawk attackers spy on Kurds with fake Android apps

Busted: Taking Down Ransomware Attackers

CISA Urges Firms to Mitigate New Windows RCE Bug

Credential-Hinting Domain Names: A Phishing Lure?

Crypto exchanges and their customers must protect themselves as attacks continue

Dark web prices drop for credit cards but soar for PayPal accounts

Data Breach Lawsuit Against Sonic Will Proceed

Defending data, protecting privacy: Understanding cybersecurity in Canada

Dos and don'ts for managing ransomware risk in healthcare

Enhancing cybersecurity skills for the entire workforce must be a priority for cyber-resilience

Experts Uncover Mobile Spyware Attacks Targeting Kurdish Ethnic Group

GitHub finds 7 code execution vulnerabilities in 'tar' and npm CLI

Hackers Bribe Employees to Deploy Ransomware on Company Computers

Hackers leak passwords for 500,000 Fortinet VPN accounts

HAProxy Found Vulnerable to Critical HTTP Request Smuggling Attack

How do I select a container security solution for my business?

Howard University shuts down network after ransomware attack

Indian Taxpayers Targeted by Fake App Distributed by Phishing Actors

JP Morgan Chase data breach affects Montana customers

Machine learning technique detects phishing sites based on markup visualization

Malware droppers for hire targeting users on fake pirated software sites

Metro social media users becoming increasing targets of ransomware attacks

Microsoft Releases Mitigations and Workarounds for Office Zero-Day RCE Flaw

Microsoft warns of attacks targeting Office documents

Microsoft, CISA Urge Mitigations for Zero-Day RCE Flaw in Windows

New Zealand Suffering From a Wave of Massive DDoS Attacks Again

Operation Chimaera: TeamTNT hacking group strikes thousands of victims worldwide

Ransomware: Take these three steps to protect yourself from attacks and make it easier to recover

Ransomware Attackers Don’t Take Holidays

Ransomware attacks: The power of adaptation

Ransomware attacks up by 518% in the last year

Ransomware Group Ragnar Locker Threatens Data Leaks if Law Enforcement Contacted

Ransomware has increased tenfold in one year, FortiGuard Labs finds

Researchers pinpoint ransomware gangs’ ideal enterprise victims

REvil ransomware gang is back after disappearing amid Kaseya attack

REvil ransomware gang may be back in town

REvil Ransomware Group is Back as "Happy Blog" Returns

Spoofing Bug Highlights Cybersecurity for Digital Vaccine Passports

TeamTNT’s New Tools Target Multiple OS

The File Data Factor in Ransomware Defense: 3 Best Practices

Tooling Network Detection & Response for Ransomware

Top tips for preventing SQL injection attacks

Toronto police warn of cryptocurrency phishing scam

UK businesses vulnerable as back-ups remain exposed to ransomware attacks

Ukrainian extradited for selling 2,000 stolen logins per week

What Ragnar Locker Got Wrong About Ransomware Negotiators

Why your IoT devices may be vulnerable to malware

Zoho patches actively exploited critical ADSelfService Plus bug

7th September

3 ransomware detection techniques to catch an attack

39% of all internet traffic is from bad bots

50% of Organizations Experience Recurrent Cyberattacks From the Same Hacker

Asian Hackers Targeting Job Seekers in the UK Through Fake App

Authorities Arrest Another TrickBot Gang Member in South Korea

California AG says some hospitals not reporting ransomware attacks

Central Bank took two months to inform credit unions of data breach

Claims of ransomware attacks on factoring firm eCapital shrouded in mystery

Cyber attacks in Further Education (FE) are escalating: how can institutions ensure their data and systems are secure?

Cyber-Attack on Washington DC University

Data breach at US restaurant and gambling chain Dotty’s may have leaked sensitive customer information

Data Privacy Day 6 months later: A look at privacy trends and solutions

Data Protection in the Era of the Cloud

Eight financial services fined over BEC data breaches

From fake streaming sites to adware, Tokyo has lesson for future Olympics

Germany Accuses Russia of Election Meddling Through Cyber-Attacks

Germany Points the Finger to Russian Hackers for Cyberattacks Prior to the Election

Google says NZ's lack of cybersecurity knowledge is putting users at risk

Healthcare Ransomware Attack in California Involves PHI of 57K

Hit with ransomware attack, Howard University forced to cancel classes

Howard University announces ransomware attack, shuts down classes on Tuesday

Howard University cancels classes amid ransomware attack

Howard University closes campus after ransomware attack

Howard University investigating alleged ransomware attack

Jenkins Hit as Atlassian Confluence Cyberattacks Widen

Jenkins project's Confluence server hacked to mine Monero

Large US businesses are hackers' ideal ransomware targets

Latest Atlassian Confluence Flaw Exploited to Breach Jenkins Project Server

Malware-as-a-service is the growing threat every security team must confront today

McDonald's leaks password for Monopoly VIP database to winners

Message, video call, blackmail: Modus operandi of a new phishing crime wave

Microsoft Outlook exposed to old-school phishing attacks due to bug

Microsoft Outlook shows real contact details in some phishing emails

Microsoft Outlook shows real person’s contact info for IDN phishing emails

Microsoft shares temp fix for ongoing Office 365 zero-day attacks

Microsoft, CISA urge use of mitigations and workarounds for Office document vulnerability

Netgear Smart Switches Open to Complete Takeover

New 0-Day Attack Targeting Windows Users With Microsoft Office Documents

Operational Technology (OT) security in APAC remains work in progress

Pakistani Software Firm ‘We Code Solutions’ Linked With Underground Spam Operations

Palantir Misconfiguration Allowed Unauthorized FBI Access

Personal Details of 8,700 French Visa Applicants Exposed by Cyber Attack

ProtonMail Forced to Log IP Address of French Activist

Ragnar Locker Gang Warns Victims Not to Call the FBI

Ransomware gang threatens to leak data if victim contacts FBI, police

Ransomware Gang, Ragnar Locker, Issues Threat to Victims that will Contact FBI or Authorities

'Ransomware incidents aren’t personal attacks against an organization's management'

Rethinking backups to combat ransomware

REvil ransomware group resurfaces after brief hiatus

REvil ransomware's servers mysteriously come back online

Scouring Eastern Europe’s Crypto Crime Landscape

Securing Networks in a Perimeterless World

Securing your WordPress website against ransomware attacks

Security Best Practices for Hybrid Work Environments

Security fears after Central Bank mistakenly gave out names and addresses of credit union bosses

South Africa: Phishing alert - Don’t fall for these scams

The importance of patching - ransomware attackers gain access in under a minute

Traditional SIEM platforms no longer meet the needs of security practitioners

Underground forum posts reveal types of company most at risk of ransomware

Watch out for digital Hurricane Ida scams: SEC

What is ransomware? 5 facts IT leaders should understand now

You’ve been hacked. Now what?

6th September

1 in 3 Indians store confidential personal information like bank account, debit/credit card, ATM Pin, Aadhaar/Pan card in mobile, computer or email; 11% even store it in their mobile phone contact list

3 Important Updates By SBI & HDFC Bank To Avoid Banking Scams And Frauds

3 most common schemes of business email compromise

3 ways to protect yourself from cyberattacks in the midst of an IT security skill shortage

6 Credit Card Scams And How To Avoid Them

7 Ways to Defend Mobile Apps and APIs from Cyberattacks

91% of Industrial Companies Face Information Security Threats

Affected by Wawa Data Breach? You May Be Eligible for a Gift Card

Beware - that Windows 11 document is probably a scam

Big data, analog bureaucracy

Building A Solid Defense Against Insider Attacks

Catch the spy in your phone

Climate Activist Arrested After ProtonMail Was Forced to Give Away User’s IP Address

Consumers satisfied with mobile security, yet account privacy and protection concerns remain

Could IoT Implementation in Renewable Energy Create Cyber Attack Risks?

Critical Auth Bypass Bug Affect NETGEAR Smart Switches — Patch and PoC Released

Cybersecurity: Watch out for these unique fraudster tricks Loki would be proud of

Cybersecurity is crucial for small businesses

Dallas School District Reveals Major Data Breach

Enterprises are missing the warning signs of insider threats

Enterprising criminals are selling direct access to cloud accounts

FBI Warns of OnePercent Group Ransomware in New Flash Alert

French government visa website hit by cyber-attack that exposed applicants’ personal data

Four ways retail businesses can stay safe online

Garda National Cyber Crime Bureau seize domains used in ransomware attacks

Gardaí make major strides in fighting HSE cyber attackers

Germany protests to Russia over pre-election cyberattacks

Has Ragnarok Ransomware Called It Quits?

Has Your Credit Card Number Been Leaked?

Healthcare cybersecurity under attack: How the pandemic affected rural hospitals

How can businesses avoid data breach blind spots?

How easy are you making it for hackers to hack you?

HSE Ransomware Actors’ Infrastructure Disrupted by Irish Authorities

Human Fraud: Detecting Them Before They Detect You

ICS Vulnerabilities Increased by 41% In Six Months Amidst High Profile Attacks on Critical Infrastructure

India: People’s carelessness blamed for card theft

Introducing zero trust security

IoT Attacks Skyrocket, Doubling in 6 Months

Ireland's Gardai Clamps Down on HSE Cyber-Attackers

Irish police seize Conti domains used in HSE ransomware attack

IRS is warning about these payment scams after receiving record number of complaints

JIPMER suspends tele-consultation following ransomware attack

Massive Pack Containing Details of 39 Million French Is for Sale on the Darkweb

Multi-Million Dollars in Crypto Ransom Payments, Half of Them Occurred in the U.S

Netgear fixes severe security bugs in over a dozen smart switches

New Zealand Internet Outages Highlights Need for Enhanced Cyber Security Measures

Popular Voice Assistant Companion Apps Are a Hazard for User Privacy

ProtonMail Shares Activist's IP Address With Authorities Despite Its "No Log" Claims

Ransomware attacks are evolving — here’s how to protect yourself

Ransomware attacks can hurt businesses further down the supply chain

Ransomware attacks increased by 288% in H1 2021

Ransomware gangs target companies using these criteria

Recent Cyber Attack on Transnet Serves as a Warning to South African Businesses

Responding to a Cybersecurity Breach

SEC: Beware Hurricane Ida Investment Scams

South Africa: No room for complacency in e-mail security

Storing personal, financial information digitally increases risk of data breach

The growing cybersecurity menace that is Droppers-as-a-Service

The MENA is subject to cyberattacks and HR is a prime target

The real cost of a prolonged data breach lifecycle

The State of Consumer Data Privacy Laws in the US (And Why It Matters)

This is the perfect ransomware victim, according to cybercriminals

Traffic Exchange Networks Distributing Malware Disguised as Cracked Software

TrickBot gang developer arrested when trying to leave Korea

‘Uninsurable’ businesses face boom in cyber attacks

US Cyber Command: Patch Critical Atlassian Bug Now

WhatsApp Data Breach 2021 Could Expose 2 Billion Users: Update Now on Android, iOS to Fix Security Risk

WhatsApp Flaw Casts Doubt on End-to-End Encryption

Yet another prey of Accellion Data Breach has been disclosed

Zero trust and cybersecurity: Here's what it means and why it matters

Zimbabweans careless online