Editor's Message
Welcome to DBD. Due to legal concerns, we have removed our detailed ransomware attack reports, but will continue to report on these attacks as and when they are announced in the public domain. Any feedback, positive or negative, would be gratefully received to enable us to give you the best experience on any device. Thank you for your support. Stay safe. :)
PLEASE NOTE: DUE TO ILL HEALTH WE ARE SLIGHTLY BEHIND WITH UPDATES BUT WILL BE WORKING THROUGH THE WEEK TO CATCH UP. THANK YOU FOR YOUR UNDERSTANDING...NORMAL SERVICE WILL RESUME AS SOON AS POSSIBLE ;)
PLEASE NOTE: DUE TO ILL HEALTH WE ARE SLIGHTLY BEHIND WITH UPDATES BUT WILL BE WORKING THROUGH THE WEEK TO CATCH UP. THANK YOU FOR YOUR UNDERSTANDING...NORMAL SERVICE WILL RESUME AS SOON AS POSSIBLE ;)

Wednesday, 3 March 2021
Prisma Promotora: Brazilian Finance Company's Third-Party Unsecure Database Exposes 717,068 Files With Customers' Personal And Financial Data
PrismHR: US Online Payroll And HR Company's Suspected Ransomware Attack Potentially Compromises 2 Million Employees' Data
Tuesday, 2 March 2021
Monday, 1 March 2021
Data Breaches Digest - Week 09 2021

3rd March
1-in-5 Americans Had a Healthcare Provider Impacted By a Cyberattack as Ransomware Targeting Hospitals Escalated During the Pandemic
Attackers turn delivery method for Gootkit malware into multi-payload “Gootloader” platform
Backup Is Feeble Protection Against Ransomware
Cash App phishing kit deployed in the wild, courtesy of 16Shop
Cloud Services Are Top-of-Mind for Phishers
Cybercrime report reveals extent of COVID-19 exploitation
Cybercriminals take bold steps forward as confidence soars
Cybersecurity firm Qualys likely latest victim of Accellion hacks
Cybersecurity Trends and Emerging Threats in 2021
Data extortion ransomware attacks on retailers up over 1,000% during pandemic
Don't Be Fooled by These Advanced Phishing Techniques
DoS Vulnerability in Eclipse Jetty Calls for Urgent Updates
Gootkit malware creators expand their distribution platform
Hackers share methods to bypass 3D Secure for payment cards
Here are 7 Ways to Protect Yourself Online
If Your Business Doesn’t Have Automatic Cloud Backups, You Could be in Trouble
Insider data leaks: Causes and remedies
Key Lessons from the Malaysia Airlines Nine-Year Data Breach
Lazarus Group Tied to TFlower Ransomware
Microsoft Pushes Urgent Updates for Exchange Server After the Discovery of Multiple 0-Days
New WhatsApp and Just Eat scams are trying to steal your personal and financial information
Over 50% Increase of Unique Cyber Threats in the Wild in 2020, Cymulate's Continuous Security Testing Report Reveals
Protecting Against Brand-Impersonating Phishing Messages
Ripe for extortion? Navajo Nation hospital targeted by large-scale ransomware hack
Scammers Target Wall Street In New Capital Call Fraud Schemes
Technical controls to prevent business email compromise attacks
The Ryuk Ransomware Is Now Turning Into a Dangerous Worm
This dangerous ransomware is using a new trick to encrypt your network
Ursnif Trojan has targeted over 100 Italian banks
Venture capital firm in data breach
Why Cybersecurity is More Important than Ever for SMBs in 2021
Why paying off ransomware gangs is not a good idea
Zee5 may have leaked data of 9 million users - Not for the first time
2nd March
10 types of cyberattacks to know and avoid
$21 Million in New 2020 Ransomware Payments were Made According to Chainalysis Review of Uncovered Crypto Addresses
50% Phishing Emails Seek Credential Theft, as Malware Delivery Declines
10,000s of Brazilians Exposed to Fraud in Massive Data Breach
Alarming Cybersecurity Stats: What You Need To Know For 2021
Alexa Skills: Security gaps and data protection problems
Americans are at risk of being dragged into global cyber warfare, FireEye's CEO warns: 'It's as simple as if you can be hacked, you are hacked'
Browser Extension Developers Turn to Code Injection for Monetization
California Department of Motor Vehicles (DMV) warns residents of REAL ID phishing scam
Central Piedmont Community College systems restored, classes resume after ransomware attack
Civil Service Commission (CSC) takes steps to protect data privacy after reported website breach
Compromised Website Images Camouflage ObliqueRAT Malwaree
Countering the evolving threat of ransomware
Cryptocurrency Firm Tether Refuses to Pay Ransom to Hackers
CSX probes ‘security incident’ as hackers leak data
Customers willing to share personal data in exchange for personalized services
Cybercriminals continue to target trusted cloud apps
Data extortion ransomware attacks on financial sector up 350 per cent during Covid-19 pandemic
‘DDoSecrets’ Is Soon to Publish 70GB of Far-Right Detestation Coming Straight From ‘Gab’
Dealing With Ransomware Threats
Department of Justice (DoJ) Steps Up Investigation into NSO Group
Eight Rules for Effective Password Protection
Far-right platform Gab confirms it was hacked
Gift of the Gab? CEO of Alt-right Social Network Publishes Tirade Following Data Breach
Google addresses customer data protection, security in Workspace
Healthcare firms saw a rise in ransomware attacks last year
Malaysia Airlines: Personal data of Enrich members may have been compromised
Malaysia Airlines discloses a nine-year-long data breach
Malaysia Airlines discloses frequent flyer data breach that lasted nine years
Malaysia Airlines Suffers Data Breach Involving Enrich Members
Malaysia Airlines suffers data security 'incident' spanning nine years
Malicious NPM packages target Amazon, Slack with new dependency attacks
‘Mariana Tek’ Exposes 1.5 Million User Records via Unprotected AWS Bucket
Marriott hotel data leak and why travellers should know what’s going on
Medal of Honor Holders’ Identities Stolen
Multi-payload Gootloader platform stealthily delivers malware and ransomware
NSA issues guidance on Zero Trust Security Model
ObliqueRAT Trojan now lurks in images on compromised websites
Oxfam Australia confirms data breach after stolen info sold online
Oxfam Australia supporters embroiled in new data breach
Payroll giant PrismHR outage likely caused by ransomware attack
Payroll/HR Giant PrismHR Hit by Ransomware?
Phishing Attacks: What Are They, What They Can Do, and How to Avoid One
Preparing for the Cybersecurity Maturity Model Certification onslaught
Ransomware Attack's Economic Impact: $67 Million
Ransomware attacks in manufacturing tripled in 2020
Ransomware puzzle: These two pieces of malware look very different, but they evolved from the same root
Ryuk Ransomware: Now with Worming Self-Propagation
Should you pay up when hit by ransomware? There are several things to consider first
SolarWinds reports $3.5 million in expenses from supply-chain attack
Universal Health Services Estimates $67 Million in Ransomware Losses
What hacking attacks can teach us about defending networks
What is cyber insurance? Everything you need to know about what it covers and how it works
Working Windows and Linux Spectre exploits found on VirusTotal
Zee5 Once Again Caught In Data Breach; Info Of 9 Million Users Exposed
1st March
5 Easy Ways to Protect Yourself From Web Hackers and Eavesdroppers
37 billion data records leaked in 2020, 140% year on year
70% of Orgs Facing New Security Challenges Due to #COVID19 Pandemic
An ounce of cybersecurity prevention is worth a pound of cure
AOL Phishing Campaign in Wild to Steal Account Credentials
Berlin Resident Jailed for NHS Bomb Threats
Building a Next-Generation SOC Starts With Holistic Operations
Business Email Compromise Attacks Raise Corporate, Bank Alarms
Businessman charged with intent to steal General Electric’s secret silicon technology
Can robotics and AI really fill cybersecurity skills gap?
Chinese State-Supported Actors Target India’s Power Grid
Chinese state-sponsored Red Echo group targeted India’s power infrastructure
City Has Opportunity To Learn From Ransomware Attack
Civil Service Commission (CSC): Remedial measures put in place to prevent data breach
Criminals are ‘selling’ vaccines and appointments in latest wave of COVID-19 scams
Critical flaw in Rockwell PLCs allows attackers to fiddle with them (CVE-2021-22681)
Cyber Mercenaries in Demand as Organizations Hire Their Services
Cyber threats lurking in the humble email
Data is most at risk on email, with 83% of organizations experiencing email data breaches
Did COVID-19 Usher In Cybercrime’s Golden Age?
Email is Still the Top Vector for Data Loss
Essential guide to operation-centric security
European e-ticketing platform Ticketcounter extorted in data breach
Firewall Vendor Patches Critical Auth Bypass Flaw
Five ways to protect your organization from ransomware attacks
Free cybersecurity tool aims to help smaller businesses stay safer online
Gab data breach may include 70GB of data on 15,000 users
Gab hacked – DDoSecrets leak profiles, posts, DMs, passwords online
Go Malware Detections Increase 2000%
Google: Bad bots are on the attack, and your defence plan is probably wrong
Hackers cause delay to decision on Largs windfarm
Hackers exploit websites to give them excellent SEO before deploying malware
Hackers hit State Bank of India users with text phishing scam
Hackers hit State Bank of India users with text phishing scam, request them to redeem credit points worth Rs 9,870
Hackers seized on the pandemic; states fighting back
Hackers use black hat SEO to push ransomware, trojans via Google
Half of Orgs Concerned Remote Working Puts Them at Greater Risk of Cyber-Attacks
“Hey, what’s your password?” How to encourage cyber-safe behaviour at work
Highly skilled & well-funded: The new booming threat in cybercrime
Hong Kong: $130,000 lost in latest bank con
How do I select a cloud security solution for my business?
How teenagers may be compromising your data
How to manage the security challenges triggered by remote work
If you're still using AOL, watch out for this phishing scam
India: No data breach in Chinese hacking attempt at power grid system, says government
India: No impact or data breach due to Chinese cyber attacks, says power ministry
Indian hackers could be infecting Pakistani users with malware through fake apps
Indian pharma companies and hospitals targeted by Chinese, Russian and Korean hackers groups
Indian Vaccine Makers, Oxford Lab Reportedly Hacked
Insights for navigating a drastically changing threat landscape
It is time to be proactive towards cybersecurity threats
It’s Raining Malware: Understanding and Protecting Against Today’s Threats
Jones Day Law Firm Associated With Donald Trump Leaks Confidential Client Information in a Third-Party Data Breach
Judge approves $650m settlement for Facebook users in privacy, biometrics lawsuit
Lazarus, advanced persistent threat group, targets the defense industry
List of data breaches and cyber attacks in February 2021 – 2.3 billion records breached
LogMein And IDG Study Reveals Half Of Organisations Fear Remote Work And Access Has Put Them At Risk Of Cyber Breaches
Malware Loader Abuses Google SEO to Expand Payload Delivery
Malware researcher speculates on the future of ransomware
Many Businesses Have Governance, Risk and Compliance (GRC) Software, Yet Most Still Struggle to Manage IT Risks Consistently
Many healthcare apps have serious security flaws
Metrobank lists ways on how to avoid the bait of phishing
Minion privilege escalation exploit patched in SaltStack Salt project
Ministry of Power denies impact from Chinese hacking attempt at power facilities, says 'all systems cleaned by antivirus'
Mobile Adware Booms, Online Banks Become Prime Target for Attacks
Most IT security leaders lack confidence in their company’s security posture
Namibia: Government Institutions Pension Fund (GIPF) warns members of cyber threats
New Forms of Ransomware and 5G Smart City Attacks Could Cause Real Harm, Expert Warns
Nottinghamshire shop owner loses 50% of business after being hit by hacker
NSW Transport agency extorted by ransomware gang after Accellion attack
Passwords, Private Posts Exposed in Hack of Gab Social Network
Philippines: Grave data breach
Phishing attacks in Europe soared 718% in 2020, according to Allot
Phishing Attacks Increase 718% in Europe According to Allot Research
Power Ministry Says No Impact on Any Functionalities of POSOCO Due to Malware Attack
Preparing For Tomorrow – Why Weathering The Initial Covid-19 Storm Isn’t Enough For Security
Protecting Against Evolving Ransomware Attack Trends
Protecting the digital workplace with an integrated security strategy
Ransomware operators are exploiting VMware ESXi flaws
Ryuk Ransomware Updated With 'Worm-Like Capabilities'
Same cyber threats, better solutions as impact of data breaches skyrocketed in 2020
Securing the digital space amid the new normal
Self-Assessment Tool Aims to Enhance Small Biz Security
SolarWinds security fiasco may have started with simple password blunders
Sophos details delivery method of financial malware Gootkit
State Bank of India (SBI) customers hit by text phishing scam - Here's how fraudsters operate
Study suggests Chinese cyber campaign targeted India's power grid after Galwan Valley clash
Tether cryptocurrency firm says docs in $24 million ransom are 'forged'
Tether faces 500 Bitcoin ransom: We are ‘not paying’
The other pandemic
The Phishing Problem in Healthcare
Threats expand to impact the edge and digital supply chains
Three steps to prevent your company from being a victim
Tips to stop cyber attacks during the COVID-19 vaccine rollout
U.S. Customs and Border Protection (CBP) Warns of Telephone Scam
Universal Health Services lost $67 million due to Ryuk ransomware attack
Universal Health Services Ransomware Attack Cost $67M in Lost Revenue, Recovery Efforts
Universal Health Services Suffered $67 Million Loss Due to Ransomware Attack
Washington State Auditor to notify 1.3 million unemployment claimants of data breach last year
What is Social Engineering?
When it Comes to Cybersecurity and Compliance, there is no Room for Error
Why data privacy isn’t just a compliance concern, it’s an essential asset
Why organisations should embrace long-term cybersecurity planning
Why what you watch can make you a target for cybercriminals
World's leading dairy group Lactalis hit by cyberattack
“ZEE5” Has Leaked the Data of Nine Million Users but Didn’t Disclose It
Ransomware Operator Claims - Week 08 2021

Flag Icons created by Freepik and provided by Flaticon.
Labels:
#ROCreport
Friday, 26 February 2021
Lazarus Group: North Korean State-Sponsored APT Group Targeting Defence Industry With Custom Malware To Obtain Highly Sensitive Data
Subscribe to:
Posts (Atom)