Editor's Message

Welcome to DBD. On March 8th we celebrated our 4th Anniversary and the 1st Anniversary of our PRiSM application, officially endorsed by the SANS Institute. Despite recent personal issues that have impacted the amount of time I have been able to dedicate to both projects, I have been doing my best to keep everything as up-to-date as possible, and I would like to take this opportunity to thank everyone for their patience and support whilst I navigate through this very difficult time. Stay safe. :)

Friday 29 January 2021

Sainsbury's: UK Supermarket Chain's Customers Targeted With Fake 'Gift Card Giveaway' Phishing Campaign

Woodland Trust: UK Woodland Conservation Charity Suffers Cyber Attack Resulting In IT Systems And Services Offline

66% Of UK Remote Employees Admit To Have Potentially Breached GDPR Guidelines By Printing Sensitive Work-Related Documents At Home

Volatile Cedar: Hezbollah Linked APT Group's Malware Attacks On Global Telecom Companies Compromises 250 Oracle And Atlassian Servers

DFAT: Australian Government Department's Accidental Email Data Breach Compromises 230 Repatriation Flight Passengers' Personal Information

US Cellular: Chicago Mobile Network Operator Suffers CRM System Data Breach Compromising Customers' Accounts

Thursday 28 January 2021

DVLA: UK Motorists Targeted With Fake 'Overpaid Car Tax Refund' Phishing Campaign Stealing Online Banking Details

WordPress: 70 Million Malware Files Found On More Than 1.2 Million WordPress Sites In 2020 Distributed By Pirated Themes And Plugins

Crisp Regional Health Services: US Healthcare Provider Suffers Ransomware Attack Disabling Regional Hospital Phone Lines

Bykea: Pakistan On Demand Bike-Hailing And Parcel Delivery Service's Unsecure Server Exposes Over 400 Million Customers' Personal Information

Data Privacy Day: Reasons Why Data Privacy Should Be Practiced Every Day

Data Privacy Day: 94% Of Global Malware Was Delivered By Email In 2020

Data Privacy Day: 93% Increase In Global Data Breaches And Leaks Of Sensitive Data In 2020

Data Privacy Day: Data Privacy Laws Around The World

Wednesday 27 January 2021

Lazarus Group: North Korean State-Sponsored APT Group Targeting Security Researchers With Social Engineering Attacks On Social Media

Dairy Farm Group: Hong Kong Retail Chain Company Suffers "REvil" Ransomware Attack Resulting In $30 Million Ransom Demand

Facebook: US Social Media Giant's Vulnerability Results In 533 Million Users' Phone Numbers Leaked On Telegram

UK Insurers Defend Covering Ransomware Payments In Cyber Insurance Policies After Accusations Of Funding Organized Crime

Emotet: German Federal Police Agency Starts Distributing Module That Will Uninstall Malware On Infected Devices On April 25th 2021

NetWalker: US And Bulgarian Authorities Seize Ransomware Operator's Domains, $454,530.19 In Bitcoin And Arrest Affiliate

Tuesday 26 January 2021

NHS: UK Citizen's Targeted With Fake 'COVID-19 Vaccine Eligibility' Phishing Campaign Stealing Personal Data

82% Of Global Organizations Unknowingly Give Third-Parties Privileged Access To All Of Their Cloud Data Leading To Unintended Data Exposure

Chqbook: Indian Online Banking Service's Data Breach Results In 2.5 Million Customers' Personal And Financial Data Leaked On Dark Web

Tampa Bay Breast Care Specialists: US Breast Cancer Clinic Suffers Data Breach Exposing Patients' Personal Health Information

VIP Games: Bulgarian Online Card Game And Board Game Platform's Unsecure Server Exposes 66,000 Users' Accounts And Personal Information

ASIC: Australian Regulator Suffers Data Breach Through "Accellion" Software Vulnerability Compromising Credit License Applications

Monday 25 January 2021

WestRock: US Paper And Corrugated Packaging Company's Ransomware Attack Results In IT Systems And Operational Disruption

BuyUcoin: Indian Cryptocurrency Exchange's "ShinyHunters" Data Breach Results In 161,487 Members' Personal Data Leaked On Dark Web

PupBox: Californian Puppy Toys And Treats Online Retailer Suffers Data Breach Exposing 30,000 Customers' Personal Information

Cook County: Illinois County Clerk's Office's Unsecure Database Exposes 323,277 Court Records Containing Personally Identifiable Information

Palfinger AG: Austrian Hydraulic Crane Manufacturer Suffers Cyber Attack Resulting In IT Systems And Operational Disruption

MeetMindful: US Online Dating Website's "ShinyHunters" Data Breach Results In 2.28 Million Users' Personal Data Leaked On Dark Web

Data Breaches Digest - Week 04 2021

Welcome to this week's Data Breaches Digest, a catalogue of links concerning Data Breaches and Cyber Security that were published on the Internet during the period between 25th January and 31st January 2021.

31st January

7 Tips on How to Keep Your Business Data Protected

Amazon warning: Britons targeted by scam ‘Amazon Prime subscription’ phone call

COVID-19: NHS Test and Trace 'unaffected' by cyber attack at Serco, firm says

Data privacy: Behavioural analytics, data hoarding and government crackdowns to dominate 2021

Governments Tap Covid Data for Other Uses, Risking Backlash

Malicious Actors Reserving Their Cyber Attacks for the Hospitality Industry

Victor Central Schools Closed Monday Due to Ransomware Attack

Warning! WhatsApp text can install a WORM on your smartphone

Wrexham Trading Standards issues warning over scam covid-19 vaccine email

30th January

Action Fraud received over 500 reports of fraudsters sending fake Sainsbury's emails

Amazon warning: Britons urged to stay alert as many targeted by scam call

“Banks Never Ask That” campaign educates on scams

Beware: Malicious Home Depot ad gets top spot in Google Search

Beware - that Steam link could be dangerous malware

Capcom Confirms That Hackers Had "No Major Impact" On Planned Release Dates

Check Point researchers discover security vulnerability on TikTok - again

Cryptocurrency Crimes Plummeted by a Stunning 57%

Cryptocurrency related Ransomware Attacks “Skyrocketed” Last Year but there May be “Fewer Culprits” than Expected

Department of Justice Launches Global Action Against NetWalker Ransomware

FBI reports Emotet Botnet Disrupted in International Cyber Operation

FonixCrypter ransomware gang releases master decryption key

FonixCrypter Ransomware Group Throws in the Towel With MasterKey Release

Hackers Breach U.S. Cellular Customer Database After Scamming Employees

How Healthcare Industry can deal with Cyberattacks

How your personal information can be abused online

Is Trickbot Botnet Making a Comeback?

Let's Reminisce About Last Year's Most Memorable Data Breaches

Mensa Website Hacked After Britain’s Smartest Folk Failed To Secure Passwords

More Arrests for GGD Data Breach

Ramsey County ransomware attack exposes personal data of thousands

Ransomware: The rise of Misfortune 500 businesses

Telegram data breach could put Facebook users at risk

The latest telephone scam sees 'HMRC officer' threaten victim with arrest warrant

The ‘Perl.com’ Domain Was Snatched by Malware Distributors

UK Research and Innovation (UKRI) suffers ransomware attack

Understanding Android Malware Families (UAMF) – The Foundations

US authorities disrupt $46M ransomware NetWalker

Warning as Brexit scam starts to circulate

29th January

3 Cyber Threat Predictions for 2021

66% of Workers Risk Breaching GDPR by Printing Work-Related Docs at Home

A Fifth of Sunburst Backdoor Victims from Manufacturing Industry

A network of Twitter bots has attacked the Belgian government's Huawei 5G ban

Adoption of passwordless security takes off amid COVID-19

Apprenticeships Could Solve Cyber-Skills Crisis, Say Experts

Attention! ₹1.6 crore UN Covid-19 compensation mail from Reserve Bank of India (RBI) is fake

Australia: Most federal government data breaches caused by human error, report finds

Australian Government in top five industry sectors for data breaches

Beware of these scarily convincing Covid-19 vaccine emails

Beware the latest Royal Mail con doing the rounds: Fake text tells consumers they owe £2.99 as it warns of 17 separate scam messages

Bykea Data Breach Exposes 200GB of Personal User Information

'Clone Firm' Fraudsters Stealing Millions From UK Investors

Combating extortionware in 2021: A rising attack method for the modern day hacker

Cryptocurrency crime drops in 2020 but 'DeFi' breaches rise

Cyberthreats to Combat in 2021

#DataPrivacyDay: Organizations Must Increase Focus on Data Privacy in 2021

Delivery Biz Exposes 400 Million Records in Privacy Snafu

Distributed denial of service (DDoS) attacks: A cheat sheet

Don't make these cyber resiliency mistakes

Double blow: new data breach hits stranded Australians as Emirates suspends flights out of UK

Due to a flaw in the famous video-sharing app TikTok, private information such as phone numbers and profile have leaked

Extortion demands grow as cybercriminals target new online industries

FBI Takes On Ransomware Giant NetWalker

Fonix ransomware shuts down and releases master decryption key

Fraud and COVID: New exposures, more roadblocks

Google Search Found 25 Billion Spammy Pages Each Day

Hacked therapy centre Vastaamo goes into liquidation

Here's how law enforcement's Emotet malware module works

Hezbollah linked hackers hit companies in global malware attack

How a takeaway delivery order can lead to your personal data being sold on the dark web

How Companies Can Prepare for Ransomware Attacks

How educators can secure their online learning environments

How retailers can manage data loss threats during remote work

How to avoid being a victim of Covid-19 vaccine fraud and how to report a scam

Human error driving increased data breaches in Australia

Human factor dominates Australia’s latest data breach numbers

International Operation Disrupts Ransomware Group Netwalker by Tracing Cryptos With the Help of Blockchain Analysis

Is it Time for Some Threat Hunting?

Is your firm's data safe?

Let's End The Endless Detect-Protect-Detect-Protect Cybersecurity Cycle

Media coverage, not legislation, prompts businesses to reveal data breaches

Miss England Held to Ransom by Cyber-attackers

Navigating the Storm of SMEs and Cybersecurity During COVID-19

New Pro-Ocean malware worms through Apache, Oracle, Redis servers

New text scam poses as Westpac to steal banking details

Office of the Australian Information Commissioner (OAIC) puts MSPs on notice over data breach reporting

Own up if your data is hacked, ShinyHunters tells Indian firms

Perl.com domain stolen, now using IP address tied to malware

Personal data stolen from Dutch coronavirus track-and-trace program

Phishing Kit Can Change Lures and Text

Police warn elderly Londoners over fake NHS Covid vaccine scams after one victim lost £30,000

Post Office Phishing Campaign Targets People in 26 Countries

Privacy and security practices are essential for post-pandemic recovery

Putting a price on a data breach

Ramsey County says illegal ransomware hack compromised info of 8,700 clients

Ransom-related DDoS attacks see major increase

Ransomware attack targets major US logistics firm DSC

Reported US Data Breaches Declined by 19% in 2020

Residents warned over Covid vaccine scams

Reserve Bank of New Zealand (RBNZ) appoints KPMG to report on data breach

Reserve Bank of New Zealand responds to data breach

Ride-Hailing Firm ‘Bykea’ Leaked Out Sensitive Data of Drivers and Customers

Sainsbury's urgent scam warning after Action Fraud receives 500 reports of fake giveaway emails

Scammers target Britons in lockdown with fake text messages and calls claiming they must pay a fine for breaching rules

Scams, terror, and national security: Problems with Chinese microloan apps in India

Security researchers find Azure Functions vulnerability

Security’s role in winning consumer trust in the post-pandemic economy

“Serious” vulnerability found in Libgcrypt, GnuPG’s cryptographic library

Should we be insuring against ransomware?

SOC challenges within the current cyber skilling climate

SOC experts report cyber skilling obstacles

SolarWinds attack: Cybersecurity experts share lessons learned and how to protect your business

SolarWinds attack is not an outlier, but a moment of reckoning for security industry, says Microsoft exec

Stolen UK consumer data up for sale on sale online

The ABCs of TLAs: MDR, EDR and XDR

These are the biggest threats facing WordPress sites today

Top 5 healthcare security and privacy events of 2020

Top 10 cybersecurity predictions for 2021

Top IT security threats in 2021

Track-and-Trace Personal Data Stolen In The Netherlands

Triage Attacks More Efficiently With AI for Cybersecurity

Trickbot is back again - with fresh phishing and malware attacks

US Breach Volumes Fell 19% in 2020 as Ransomware Surges

USCellular Resets Customer Credentials After Disclosing Data Breach

USCellular suffers data breach; hackers accessed its CRM software

Vovalex is likely the first ransomware written in D

Windows Installer zero-day vulnerability gets free micropatch

28th January - Data Privacy Day

A month after a high-level cyberattack, charity says many IT systems are still offline

AI, machine learning effective in cyber defence, but can also present challenges

As vaccine program begins, COVID scams also are reported

Australia: 519 data breach notifications include 33 from Australian government entities

Babuk Locker: Mediocre, But Gets the Job Done

BYKEA data breach: Pakistani ride-hailing app exposed 400m records

CISOs increasingly focus on mitigating mobile security risks

Consumers Falling for $100m Clone Firm Scams

Covid-19 Vaccine Makers Under Attack As Criminals Target 'Liquid Gold'

COVID-19 Vaccine Scams are Rampant

Crisp Regional Health Services falls victim to ransomware attack

Customer emails and phone numbers exposed in massive data breach at Bykea with more than 400 million files leaked

Data Privacy Day: 10 experts give advice for protecting your business

#DataPrivacyDay: Are Your Employees Putting You at Risk?

#DataPrivacyDay: Leaks and Breaches Soared 93% in 2020

Data privacy laws: A mini glossary

DDoS attacks: Big rise in threats to overload business networks

Dead System Admin's Credentials Used for Ransomware Attack

Department of Justice (DOJ) charges suspect in NetWalker ransomware attacks

EMOTET and NetWalker Actors Busted on the Same Day

Emotet Botnet Infrastructure Disrupted in International Takedown

Everyone’s talking about Data Privacy Day, but who’s listening?

“Ghost” account credentials facilitate ransomware attacks

Hezbollah hackers attack unpatched Atlassian servers at telcos, ISPs

Hezbollah's cyber unit hacked into telecoms and ISPs

How to Achieve Next Level Security Automation

How to Prevent Your Remote Workers From Causing a Data Breach

How to protect your organization's remote endpoints against ransomware

Identity thieves raked in billions with your data, even as breaches fell in 2020

Illinois warns of Real ID text messaging scam targeting state unemployment insurance system

International Data Privacy Day: 94% of malware was delivered by email in 2020

International Law Enforcement Takedown of NetWalker and Emotet

Law Enforcement Aims to Take Down Netwalker Ransomware

LifeShield Security Cameras Could Live-Stream Your Home to Hackers

Microsoft: DPRK hackers 'likely' hit researchers with Chrome exploit

Mobile payment is in the crosshairs of online scams

Most network outages exceed $1 million in damages

NetWalker ransomware mastermind indicted in Florida

New cybercrime tool can build phishing pages in real-time

New Illumio Report Reveals Poor Endpoint Visibility and High Risk of Ransomware Spreading

Onslaught of phishing attacks prompt tighter security for student emails

Organizations Must Prepare for New #COVID19 Data Privacy Challenges

Phishing Campaign Spoofed DHL Delivery Service

Pirated themes and plugins are the most widespread threat to WordPress sites

Police seize thousands of computers running Emotet trojan

Remote Workers Could Offer Brexit Britain Cybersecurity Lifeline

Return to SMS as Security Feature

See if your credentials have been compromised with this new data leak tool

Sophos identifies source of ‘MrbMiner’ attacks targeting database servers

Stack Overflow: Here's what happened when we were hacked back in 2019

Tesco, McDonald's and Deliveroo customers hit as fraudsters 'sell' stolen data on the dark web

The 5 Best Cybersecurity Tips for Small Businesses for 2021

The top 5 reasons data privacy should be practiced every day

This malware hides behind free VPN, pirated security software keys

US Government Takes Aim at NetWalker Ransomware Attacks

US Launches Global Action Against NetWalker

USCellular hit by a data breach after hackers access CRM software

What to prioritize this Data Privacy Day

You're Constantly Being Stalked Online—and You Don't Even Know It

27th January

3/4 of Americans have had to change password due to security breach

10-year-old Sudo bug lets Linux users gain root-level access

2020 mobile phishing trends

A virtually unhackable quantum internet: is it possible or a shot in the dark?

Apple fixes three actively exploited iOS zero-days

Australian Financial Regulator Hit by Data Breach

Australian Government ordered to pay asylum seekers compensation for data breach

Australian Securities and Investments Commission (ASIC) breached in Accellion hack

Australian Securities and Investments Commission (ASIC) reports server breached via Accellion vulnerability

Authorities plan to mass-uninstall Emotet from infected hosts on April 25, 2021

Barclays issues advice as farmers at 'high risk of fraud'

Careless cybercriminals leave phishing credentials in plain sight

Claroty finds critical flaws in OPC protocol implementations

#COVID19 Fundamentally Altered Global Attack Surface

Criminals continue to take advantage of coronavirus vaccine roll-out as phishing email reports soar

Cybercops derail malware botnet, FBI makes ransomware arrest

Cybersecurity: Companies in Africa need to do more to fight off attacks

Cybersecurity marketing: Always think of the customer

Data Of 20 Lakh Credit Score Records Leaked From Chqbook

Data Privacy Day: 5 Most Common Data Mistakes

Database of 176 million Pakistani mobile phone users sold online

Department of Justice (DoJ), Chainalysis work to break up ransomware network that targets hospitals

Do I really need internet security if I only use my phone?

Emotet: The world's most dangerous malware botnet was just disrupted by a major police operationr

Emotet botnet disrupted after global takedown operation

Emotet Disrupted Through Global Action

Emotet malware taken down by global law enforcement effort

Europol: Emotet malware will uninstall itself on March 25th

Federal Government ordered to pay almost 1300 people compensation after leaking personal data, in Australian first

Five tips to protect your business from hackers

Global Public-Private Partnerships Key to Fighting Cybercrime

Google: North Korean hackers target security researchers

Grindr Faces $11.7m Data Privacy Fine

Growing Digital Adoption Providing Extra Opportunities for Cyber-Criminals

Hacker using Telegram bot to sell Facebook users' data

Hackers leave stolen passwords searchable on Google

Home Affairs ordered to compensate asylum seekers over 2014 data breach

Home Affairs ordered to pay asylum seekers over data breach

Home Affairs ordered to pay compensation after breaching the privacy of almost 10,000 asylum seekers

How Cloud Services Are Exploited for Cyber-Espionage

How Does Artificial Intelligence Help in Data Protection and HIPAA Compliance?

How ghost accounts could leave your organization vulnerable to ransomware

How To Set Up A Successful Cybersecurity Training Program

Instagram shares 6 tips to protect your account from phishing attacks

Insurers defend covering ransomware payments

International law enforcement effort pulls off Emotet botnet takedown

Is ransomware insurance funding a black market?

Isolation-based security technologies are gaining prominence

Law enforcement strikes back at Emotet, one of the world’s most popular ransomware loaders

LinkedIn favoured in phishing attempts during Q4 2020

Linux malware uses open-source tool to evade detection

Linux security and growing cyberthreats: Everything you need to know

Manufacturing Giant Suffers Major Cyber-Disruption

Many more companies have suffered cyberattacks since moving to remote work

More Security Vendors Admit to SolarWinds Attacks

Most with in-house security teams are considering outsourcing security efforts

National Crime Agency warns novice and veteran traders alike of rise in clone company scams

NetWalker ransomware dark web sites seized by law enforcement

NetWalker Ransomware Suspect Charged: Tor Site Seized

New Google cloud service aims to bring zero trust security to the web

Notorious cybersecurity attacks in history and how to prevent them

Office of Australian Information Commissioner (OAIC) orders Home Affairs to compensate asylum seekers over data breach

Only 20% of Indians are not confident in their ability to prevent a cyber attack

Over 13,000 malware threats detected every hour in 2020

Philippines: SIM registration bid may lead to ‘heightened risk’ in personal data breach

Phishing Campaign Features Fake Office 365 Update

Phone scam warning as would-be fraudsters pose as National Crime Agency

Police dismantle world's 'most dangerous' criminal hacking network

Preventing the next Malwarebytes breach: Get rid of passwords?

Privacy is not a one-time, check the box activity

Protecting your charity from social engineering

Ransomware attacks increasingly exposing gaps in large firms

SIM card registration may lead to 'heightened risk' of data breach

Sudo vulnerability allows attackers to gain root privileges on Linux systems (CVE-2021-3156)

The Biggest Data Breaches of the 21st Century and How to Avoid Them

The National Insurance scam you need to be aware of

Threat group abuses cloud services, targets semiconductor companies, airline industry

Top Cyber Attacks of 2020

UK association defends ransomware payments in cyber insurance policies

UK Insurers Defend Covering Ransomware Payments

US and Bulgarian authorities disrupt NetWalker ransomware operation

US charges NetWalker ransomware affiliate, seizes ransom payments

What Cyber Issues We Expect to See in 2021

What's in store for cybersecurity in 2021?

Why Enterprises Must Take Ransomware Attacks Seriously

Will Recent Treasury Guidance Reduce Ransomware Payments in the US?

World Economic Forum ranks cybersecurity failure as a significant global risk

26th January

82% of companies give third parties access to all cloud data

500 million Facebook users' phone numbers leaked on Telegram

2020 cyber security statistics

2020 Data Breaches Set Cybersecurity Tone for New Year

A CISO’s 2021 Cybersecurity Wishlist

A Sinister Telegram Bot Is Selling Stolen Facebook User Data For $20 Each

A Telegram bot is flogging the phone numbers of Facebook users

Bad actors launched an unprecedented wave of DDoS attacks in 2020

Bonobos Clothing Company Suffers Massive Data Breach

Bonobos Suffers Huge Data Breach

Brexit themed text message scam circulating around the UK

Business executives targeted with Office 365-themed phishing emails

BuyUCoin data breach exposes personal data of nearly 325k users

‘Chqbook.com’ Data Leak Exposes 2 Million Credit Score Reports

Class-action lawsuit launched against TransLink for data breach in December

Cook County Leaks 320,000 Court Records

Criminal, Domestic Violence Case Info Exposed in Cook County Leak

‘Cyber trauma’ leaves online victims with psychological scars

Cybercriminals use deceased staff accounts to spread Nemty ransomware

Cybersecurity Automation for the Federal Government

Cybersecurity investments will increase up to 10% in 2021

Data Integrity Is Vital for The COVID-19 Vaccine Rollout

Dating Site Hacked With 2.28 Million Users Data Made Public

Essex residents targeted by scam email offering Covid vaccine

Four security vendors disclose SolarWinds-related incidents

Ghost hack – criminals use deceased employee’s account to wreak havoc

Google: North Korean hackers have targeted security researchers via social media

Google fixes severe Golang Windows RCE vulnerability

Google Meet’s Open redirects can lead the user to a spoof website where they may become victims of phishing

Google releases alarming report about North Korean hackers posing as security analysts

Grindr faces £8.5m fine for selling user data

Healthcare Ransomware Attacks Continue Climbing

How Can You Secure Your Company Against Cyber Attacks?

How Educational Institutions can Disrupt Ransomware Attackers

How secure configurations meet consensus

Human and Software Flaws Leave Remote Workers Vulnerable

Internet regulation: Not a matter of freedom of speech, but freedom to conduct business

IT leaders see outsourcing cybersecurity as one solution to increased attacks

Mastercard Introduces Quantum-Resistant Specs to Enhance Contactless Security

Mimecast links security breach to SolarWinds hackers

Misconfigured Cloud Server Exposes 66,000 Gamers

Nefilim Ransomware Attack Uses “Ghost” Credentials

New Linux SUDO flaw lets local users gain root privileges

New M&S Facebook and Netflix scams are trying to steal your personal and financial information

New ransomware variants emerged in late 2020

North Koreans social engineer and hack vulnerability developers

Ohio Department of Job and Family Services (ODJFS) says 146 applicants' information may have been exposed during December data breach

Pan-Asian retail giant Dairy Farm suffers REvil ransomware attack

Patient Sues Rady Children’s Hospital Over Blackbaud Data Breach

Patients fall victim to health ransomware

Phishing scheme shows CEOs may be ‘most valuable asset,’ and ‘greatest vulnerability’

Ransomware Accounted for 81% of Financial Cyberattacks in 2020

Ransomware and lateral movement

Ransomware Disrupts Operations at Packaging Giant WestRock

Realtor warns clients of hackers’ data breach

Red kite or grey squirrel: which kind of organisation are you?

Researchers Identify Enterprise Attack Using New Ransomware

Scammers target small businesses seeking disaster assistance

Security researchers targeted by North Korean hackers

Sick fraudsters are offering Scots fake Covid vaccine in exchange for cash

Small security teams overwhelmed by onslaught of cyber attacks

Sophos Identifies Source Of “MrbMiner” Attacks Targeting Database Servers

Targeted Phishing Attacks Strike High-Ranking Company Executives

Tenable’s analysis reveals over 22 billion records exposed

The Dos and Don’ts for SMB Cybersecurity in 2021

TikTok Bug Gave Access to Contacts’ Profile Details

TikTok fixes flaws allowing theft of private user information

TikTok Flaw Lay Bare Phone Numbers, User IDs For Phishing Attacks

TrickBot’s Survival Instinct Prevails — What’s Different About the TrickBoot Version?

Two arrested for selling data stolen from health board coronavirus systems

Understanding Cybersecurity Efforts as a Stakeholder

US government organizations lose millions in an average network outage or data breach

Victims of SolarWinds Cyberattack Face Investigation Costs, Liability Issues

VIP Games exposes user data through unsecured Elasticsearch server

VPN abuse needs to be stamped out

Warning over Brexit-themed text message scam

WestRock Provides Update on Ransomware Incident

Your password could be hacked in under one hour

25th January

2.28 Million MeetMindful Daters Compromised in Data Breach

2.3 million hit by dating site data breach: What to do

4 ways to minimize the risk of IT supply chain attacks

7 cyber threat actors to watch for in 2021

2020 Brought a 311% Increase in Crypto Ransomware Attacks

2021 predictions: Quantifying and prioritizing cyber and business risk

323,277 Cook County, Illinois records exposed

A Look at the Legal Consequence of a Cyber Attack

ADT technician hacked hundreds of customers' security cameras

Adult website hacked: Millions of porn user accounts stolen

Another data breach at Ohio’s unemployment benefits office reveals 146 applicants’ personal information

Atlanta paper and packaging giant WestRock Co. faces ransomware attack

Australian securities regulator discloses security breach

Bank of New Zealand (BNZ) customers warned about scammers asking for personal details in text messages

Beware: If You Get a Text From Netflix Offering a Free One-Year Subscription, It's a Scam

Beware cyberattacks disguised as Covid-19 handouts

Beware of Online Learning Cyber Scams and Phishing: How to Know if Online Degree Is Fake or Real? From University Accreditation to Tuition Fees, 6 Ways to Detect ELearning Scam

Beware of this active UK NHS COVID-19 vaccination phishing attack

BuyUCoin is affected by a breach and exposes 325K user’s personal data

CISA launches ransomware awareness campaign

CISA releases resources to help organizations combat ransomware

Cisco DNA Center Bug Opens Enterprises to Remote Attack

CISOs of small and medium enterprises need to rethink cybersecurity strategy

Comparing Different AI Approaches to Email Security

Controversial Google Investigation Centers On AI Ethicist Data Breach

Cyber Incident Knocks Construction Firm Palfinger Offline

Cyber risks: Need to popularise cyber insurance

Cyberattack disrupts services at crane manufacturer Palfinger

Cybercrime Soars, and Online Retailers More Vulnerable Than Ever

Cybersecurity experts warn UAE residents against WhatsApp phishing

Data breach fines ‘wake-up call’ for businesses to prioritise cyber security

Data of BuyUcoin cryptocurrency exchange traders allegedly leaked online

DDoS extortions making its way back

Delete these 164 malicious Android apps from your phone right now!

DreamBus botnet targets enterprise apps running on Linux servers

Driving scam warning: DVLA scam messages may 'fool motorists' to give away details

Dutch COVID-19 patient data sold on the criminal underground

European Regulators Have Imposed £245.3 Million in GDPR Fines To Date; 39% More Issued in 2020

Fake vaccines and bogus jobs - 4 ways scammers are exploiting Covid-19

Florida breast cancer practice takes EHR offline following cyber attack

Former transit worker launches class action against TransLink after data breach

Former UK Cybersecurity Chief Says Laws Needed to Stop Ransomware Payouts

Fraud epidemic 'is now national security threat'

Global Regulators Taking A Hard-line Approach To Data Protection

Got a weird text about a package delivery? It could be a scam

Hacked! Malicious Group Leaks Data of 161,400 Crypto Traders on BuyUCoin

Hackers Release Data Stolen In Sepa Ransomware Attack

Help employees prevent online identity theft?

How much is a vulnerability worth?

How To Avoid Being Breached

How to Better Secure Your Microsoft 365 Environment

Indian Crypto Exchange BuyUCoin Suffers Data Breach, 325K Users Affected

Intel: Earnings Leak Down to Internal Error

Intel issues earnings report early after sensitive data was ‘inadvertently made publicly accessible’

IoT Security Trends, 2021: COVID-19 Casts Long Shadow

Keep your WFH safe with these top tips

Leading crane maker Palfinger hit in global cyberattack

Maintaining Secure Connectivity in the Virtual World

Mobile payment is in the crosshairs of online scams

New Zealand Facing Rampant Cybercrime Threats In 2021

North Carolina School System Sends Data Breach Notices

North Korean hackers are targeting security researchers with malware, 0-days

P2P vulnerabilities show IoT security camera risks

Phishing email attacks targeting remote workers on the rise

QR codes are back, but are they a cybersecurity threat?

Ransomware Attack Discovered At WestRock

Ransomware gang taunts IObit with repeated forum hacks

Ransomware payouts are "propping up the system"

Republic Day sale: Tips to prevent cyber attackers from duping shoppers

Risk Based Security releases its Year-End 2020 Data Breach Report

Russian Government Agency Warns Firms of US Attack

Sabre Travel Services Settles Data Breach Charges with State Attorneys General for $2.4 Million

San Francisco Law Firm Investigating PupBox Data Breach

Scammers looking to take advantage of streaming popularity

Scottish Environment Protection Agency says it will not use public funds in ransomware attack

Secure Content Management (SCM) market to reach $2.2B in total web and email security revenues by 2024

SonicWall Breach Stems from ‘Probable’ Zero-Days

SonicWall hit by attackers leveraging zero-day vulnerabilities in its own products?

SonicWall Probes Attack Using Zero-Days in Own Products

SonicWall warns customers about zero-day vulnerabilities

Sophos identifies source of 'MrbMiner' attacks

Tata Sky, Croma Site Vulnerabilities Exposed Sensitive Customer Data of Millions of Customers; Fixed Now

Telegram bot lets hackers look up your phone number easily

Tesla sues ex-employee over alleged 'brazen' theft of confidential code, files

Threat Actors Can Leverage RDP Servers to Amplify DDoS Attacks

Today’s security threats require a bold, new ‘Triple Zero’ mindset

UAE: Beware! WhatsApp phishing on the rise, here's how to safeguard

Warning over insurance scam text that could drain your bank account

WestRock Reports Ransomware Incident

What’s Old is New Again

Who Are The Ransomware Groups Raising The Stakes And Running Double-extortion Rackets In Today’s Cybercrime Ecosystem?

Worried about malware? Don’t make these mistakes with your iPhone or iPad

Yet more ransomware operators are using DDoS attacks as leverage

Zero trust: A solution to many cybersecurity problems