Editor's Message

Welcome to DBD. Due to legal concerns, we have removed our detailed ransomware attack reports, but will continue to report on these attacks as and when they are announced in the public domain. Any feedback, positive or negative, would be gratefully received to enable us to give you the best experience on any device. Thank you for your support. Stay safe. :)

PLEASE NOTE: DUE TO ILL HEALTH WE ARE SLIGHTLY BEHIND WITH UPDATES BUT WILL BE WORKING THROUGH THE WEEK TO CATCH UP. THANK YOU FOR YOUR UNDERSTANDING...NORMAL SERVICE WILL RESUME AS SOON AS POSSIBLE ;)



Friday, 26 February 2021

Lazarus Group: North Korean State-Sponsored APT Group Targeting Defence Industry With Custom Malware To Obtain Highly Sensitive Data

25% Of US Work-From-Home Employees Admit Using Work Emails And Passwords To Access Personal Apps And Websites

CMHA: Cleveland Housing Authority's "DoppelPaymer" Ransomware Attack Results In Employees' Data Leaked On The Dark Web

Saginaw Township Community Schools: Michigan School District Suffers Ransomware Attack Resulting In IT Disruption

Oxford University Laboratory Researching COVID-19 Virus And Vaccine Suffers Cyber Attack Compromising Biochemical Equipment

T-Mobile: US Telecommunications Provider Discloses Data Breach After Customers' Targeted With SIM Swap Attacks

Thursday, 25 February 2021

Gamaredon: Russian State-Sponsored APT Group Targets Ukrainian Government's File-Sharing System With Malware Infected Documents

Florida Studio Theatre: US Professional Theatre Suffers Ransomware Attack Resulting In IT Systems And Business Disruption

Covenant HealthCare: US Healthcare Provider Suffers Third-Party Data Breach Potentially Exposing 45,000 Patients' Information

Harvard Business School: US School Suffers Third-Party Data Breach Compromising Students' Personal Information

Npower: UK Energy Company's Mobile App Data Breach Exposes Customers' Personal And Financial Information

NWO: Dutch Research Council Suffers "DoppelPaymer" Ransomware Attack Resulting In Data Leaked On The Dark Web

Wednesday, 24 February 2021

VMware: 6,700 vCenter Servers With Critical Severity Remote Code Execution Vulnerability Discovered Exposed Online

Ocean Lotus: Vietnam State-Sponsored APT Group Targeting Vietnamese Freedom Of Speech And Human Rights Activists

West Bengal Health And Welfare: Indian Government Department's Flawed System Exposes 8 Million Citizens' COVID-19 Test Results Online

10,000 Microsoft Email Users Targeted With Fake "FedEx" And "DHL Express" Phishing Campaigns Designed To Steal Credentials

491,840 French Citizens' Sensitive Medical Information Stolen From 30 Medical Laboratories Leaked Online

Bombardier: Canadian Business Jet Manufacturer's Third-Party "Clop" Ransomware Attack Results In Data Leaked On Dark Web

Tuesday, 23 February 2021

86% Of UK Critical National Infrastructure Organizations Experienced Cyber Attacks In 2020

Silver Sparrow: 29,139 Apple macOS Machines Powered By New M1 Chip Discovered Infected With Mysterious Malware Across 153 Countries

Transport For New South Wales: Australian Government Agency's Third-Party Data Breach Results In Data Stolen

Clubhouse: Californian Audio-Only Social Network Suffers Data Breach Compromising Private Audio Streams From Multiple Chatrooms

TietoEVRY: Finnish IT Services Company Suffers Ransomware Attack Forcing IT Systems Shutdown

Sequoia Capital: US Venture Capital Company's Data Breach Results In Investors' Personal And Financial Information Stolen

Monday, 22 February 2021

Typosquatting: 5,933% Increase In Malformed URL Prefix Phishing Attacks Discovered Between January And Early February 2021

RMIT University: Melbourne Research University Suffers Phishing Attack Resulting In IT Systems Outage And Suspended Classes

Cryptopia: New Zealand Cryptocurrency Exchange Suffers Cyber Attack In Liquidation Resulting In NZD 62,000 Stolen From US Customer

Lakehead University: Canadian Research University Suffers Cyber Attack Resulting In Campuses IT Systems Shutdown

Cashalo: Philippines Online Lending Platform Suffers Data Breach Compromising Customers' Personal Information

NurseryCam: UK Nursery School Webcam Service Suffers Data Breach Affecting Up To 40 Nurseries And Forcing IT Systems Shutdown

Data Breaches Digest - Week 08 2021

Welcome to this week's Data Breaches Digest, a catalogue of links concerning Data Breaches and Cyber Security that were published on the Internet during the period between 22nd February and 28th February 2021.


27th February

Avoiding the bait of a phishing expedition

26th February

45,000 patients at Covenant HealthCare potentially exposed by data breach

Attacks on industries supporting Covid-19 response efforts have doubled

Australia: Government must help business tackle ransomware

Australia: Ministers’ private email accounts in historical data breach

Berlin resident jailed for threatening to bomb NHS hospital unless Bitcoin ransom was paid

Chinese Hackers Target Tibetans with Malicious Firefox Extension

Comparing different AI approaches to email security

Covid-19 sees rapid cloud adoption, rise in double-extortion ransomware

COVID-19 vaccine security: an assessment of the risks, both physical and cyber

Cyberattack rate per healthcare organisation up 37% in 2020

Cybercrime groups are selling their hacking skills. Some countries are buying

Cyberpunk 2077 Developers get locked out of their systems after Ransomware attack

Data breach investigation in Indian Army

Dozens of institutional abuse victims to sue over data breach

FBI Investigating Michigan School District Hack

Fifty percent of all ransomware attacks are against manufacturers, research

Four tips to help businesses navigate today’s threat landscape

Go malware is now common, having been adopted by both APTs and e-crime groups

Hackers hold jeweller’s Instagram account to ransom

Hackers Leaked Secret Details of This Military Spy Plane

Hackers using malicious Firefox extension to phish Gmail credentials

Healthcare Cyber Attacks Rise by 55%, Over 26 Million in the U.S. Impacted

Healthcare security services firms tackle ransomware spike

How stalkerware can threaten your safety and privacy, and how to avoid it

ICS threat landscape highlights

Identity Theft Attacks Channeled Millions in Jobless Claims to Inmates

India: Army probes data breach as massive Northern Command espionage case could see heads roll soon

India: Officials targeted in new phishing bid via government IDs

LastPass for Android Is Using Seven Trackers and Several Risky Permissions

Lazarus Targets Defense Companies with ThreatNeedle Malware

Legal firm to have accidentally leaked 15,000 cases via the cloud

Majority of malware now delivered via cloud apps

Making this Year Better for Cybersecurity

Malicious Firefox extension allowed hackers to hijack Gmail accounts

Malware Gangs Partner Up in Double-Punch Security Threat

Malwarebytes unveils a new APT group: LazyScripter

Massive rise in threats across expanding attack surfaces

NCSC reveals plan to help secure UK SMBs

Nearly half of SMBs believe they are too small to be hacked

New York Cyber Task Force launches report revealing national cybersecurity response readiness

North Dakota hospital informs 1,500 patients of data breach

Notices to go out to 1.3 million Washingtonians affected by unemployment data breach

Npower Ditches App After Credential Stuffing Attacks

Npower shuts down mobile app following data breach

Npower takes down app after customer data breach

One in four people use work password to log on to personal sites, increasing the risk to the enterprise

One in four people use work passwords for consumer websites

Oxford University lab with COVID-19 research links targeted by hackers

Oxford University says Covid-19 lab hacked, research not affected

Pandemic Cyber Crime, By the Numbers

Ransomware: Beware of 13 Tactics, Tools and Procedures

Ransomware gang hacks Ecuador's largest private bank, Ministry of Finance

Ransomware still a huge cyber threat in 2021

Ryuk ransomware now self-spreads to other Windows LAN devices

Securing data in a telework environment: modern defense solutions

Sequoia Capital discloses data breach after failed BEC attack

T-Mobile discloses data breach after SIM swapping attacks

Tax scams still pose a risk after you file your taxes. Key details and how to protect yourself

The rise, fall and rise of ransomware

The rise of non-English language spear phishing emails

TikTok Agrees to Pay $92 Million in Class-Action Settlement

TikTok agrees to pay $92 million to settle teen privacy class-action lawsuit

TikTok Set for Massive $92m Payout Over Privacy Suit

TikTok Settles $92 Million Lawsuit For Privacy Data Breach On Minors

Twitter scammers earned over $145k this week in Bitcoin, Ethereum, Doge

Understand Your Staff: How Insiders Shape Defenses

USA Third Most Affected by Stalkerware

25th February

4 Common Myths About Cyber Resilience

16 Critical Things Every Business Leader Should Know About Ransomware

6,000 VMware vCenter Devices Vulnerable to Remote Attacks

Amazon data breach fears: 'Millions of people's security' at risk – Insiders raise alarm

Army CID offers recommendations regarding ransomware attacks

Attackers scan for vulnerable VMware servers after PoC exploit release

Australia: Labor calls for national ransomware strategy

Babuk ransomware targets five industries

CD Projekt staff reportedly locked out of computers after ransomware attack

Chinese cyberspies targeted Tibetans with a malicious Firefox add-on

CISA warns of vulnerabilities in file transfer services after ransomware attacks on Centene, Kroger

Cleveland FBI investigating Cuyahoga Metropolitan Housing Authority (CMHA) computer ransomware attack

Cloud Ransomware Hit Nearly 40% of Healthcare Organizations in 2020

Cryptocurrency exchange in liquidation due to hack, hacked again

Cyber-pandemic: The most notable cyber attacks of 2020

Cyberattack rate per healthcare organisation up 37% in 2020

Data breaches have lasting financial effects on hospitals

DDoS Ransom Attacks: What You Need to Know

Don’t Make Friends With Social Media Phishing Scammers

Dutch Analysis Council (NWO) confirms ransomware assault, information leak

Dutch research funding agency, paralyzed by ransomware attack, refuses to pay up

ENISA Releases Guidelines for Cloud Security for Healthcare Services

FBI, Michigan State Police investigating cyber attack on Saginaw Township schools

Four ways proxies can help shield businesses

Harvard Business School Data Breach Tests MBA Students’ Trust

Healthcare Cyberattacks Doubled in 2020, with 28% Tied to Ransomware

Indian Army orders probe in alleged data breach in Northern Command

Indian Army Probes Alleged Data Breach In Northern Command Amid Border Tensions

Insider Cloud Data Theft Plagues Healthcare Sector

Ireland: More than 6,600 data security breaches notified last year

Lazarus Hits Defense Firms with ThreatNeedle Malware

Nearly 30% of cyberattacks on hospitals in 2020 were ransomware

Nearly Half of All Credential Phishing Lures Feature a Microsoft Product

New Jersey hospital warns consumers of data breach

Nominet Announces Expansion of Initiative to Educate Online Users on Cybercrime

Npower scraps app after financial details stolen in data hack - what you need to know

NurseryCam daycare monitor suffers data breach, according to UK media

One Ransomware Victim Every 10 Seconds in 2020

Personal data of 45,000 people potentially exposed in Covenant HealthCare data breach

Phishing fuels proliferation of profiteering practices in pandemic

Proposed settlement could give Wawa shoppers affected by data breach up to $500

Ransomware, Phishing Will Remain Primary Risks in 2021

Royal Mail sends urgent warning to millions of UK customers over new delivery scam

Sensitive data breach reported at Army Northern Command

So far, ransomware attacks way down at schools, hospitals in 2021

Students’ Information Compromised by Data Breach at Harvard Business School

The Fault in Our Emails: Why Everyone Still Falls for Phishing Attacks

These four new hacking groups are targeting critical infrastructure, warns security company

This chart shows the connections between cybercrime groups

TietoEVRY hit by ransomware group

Top ransomware group profits more than $123M in 2020

Venture Capital giant Sequoia Capital discloses data breach after failed BEC attack

Washington State Auditor's Office (SAO) To Begin Notifying Victims Of Unemployment Data Breach

Wawa would pay customers $9M in cash, gift cards in proposed settlement

Why 2021 Can be a Year to Change the Trajectory of Cyber Adversaries

24th February

3 Security Flaws in Smart Devices & IoT That Need Fixing

£3.5 billion Bitcoin stolen; recoverable. Hope for thousands of others

5 Reasons Hackers Target Mobile Devices And How To Stop Them

5 tips to protect your organization against the next cyberattack

10 tips for protecting your cloud data and accounts

10K Microsoft users targeted by FedEx and DHL phishing attack

39% of Healthcare Organizations Suffered Ransomware Attacks in the Cloud in 2020

2021 X-Force Threat Intelligence Index Reveals Peril From Linux Malware, Spoofed Brands and COVID-19 Targeting

A Powerful New Approach to Phishing — the Biggest Issue in Cybersecurity

Along with COVID, France’s Hospitals Battle Cyberattacks

Babuk ransomware unsophisticated, but highly dangerous

BlackBerry 2021 Threat Report: Are Hackers Increasingly Targeting MSSPs

Bombardier Suffers Cyber Attack

Botnet Abusing Bitcoin Blockchain To Evade Detection

Chatham County: What to do if your personal data has been stolen

Cisco fixes maximum severity MSO auth bypass vulnerability

Cl0p ransomware gang hits Aviation giant Bombardier, leaks sensitive data

Clop Ransomware Leak Portal Publishes Bombardier Data

Cloud apps are increasingly being used to deliver malware

CNAME-based tracking increasingly used to bypass browsers’ anti-tracking defenses

Coronavirus vaccine scams – fraud experts give their top tips to help you stay safe

CrowdStrike Slams Microsoft Over SolarWinds Hack

CybelAngel Reveals How Cybercriminals Target Healthcare Sector

Cyber resilience: Protecting the vaccine supply chain

Cybercrime cases in the Netherlands more than doubled in 2020

Cybercrime Could Cost the World $10.5 Trillion Annually by 2025

Cybercriminals are continuously changing their ways for attacks through a new phishing scam which is capable of bypassing old-style URL defense

Cybercriminals Target QuickBooks Databases

Cybersecurity Agencies Warn of Accellion Vulnerability Exploits

Dark Web Analysis: Healthcare Risks Tied to Database Leaks, Credentials

Experts warn cyber crime threat for car dealers increasing as conmen use pandemic quirks to steal cash

Experts Warns of Notable Increase in QuickBooks Data Files Theft Attacks

Five Eyes members warn of Accellion FTA extortion attacks

Healthcare bore brunt of cyberattacks in 2020, study says

Heavily used Node.js package has a code injection vulnerability

How to combat the latest security threats in 2021

How to make sure you are safe while surfing the web?

How to protect yourself from common job search scams

Human rights activists in Vietnam targeted by spyware

In major product update, Veeam rolls out ‘ransomware-safe’ backup repositories

Kia hit by ransomware? Reports say yes, carmaker says no

Kroger data breach highlights urgent need to replace legacy, end-of-life tools

LazyScripter hackers target airlines with remote access trojans

Legal Firm Leaks 15,000 Cases Via the Cloud

Medical Data of 500,000 French Residents Leaked Online

Microsoft Lures Populate Half of Credential-Swiping Phishing Emails

Mobile phishing against government surged with pandemic telework

Mobile Phishing to Steal Government Credentials Increased 67% in 2020

More than 6,700 VMware servers exposed online and vulnerable to major new bug

Most businesses see state-sponsored cyberattacks as a major threat

NASA and the FAA were also breached by the SolarWinds hackers

National Privacy Commission (NPC) probes data breach in lending app

Netskope Research Finds Majority of Malware Now Delivered via Cloud Apps

New APT Group Targets Airline Industry & Immigration

New York State Education Department (NYSED) warns of phishing scam targeting licensed professionals

NHS in Leeds urges people not to fall for these Covid vaccine scams

NurseryCam data breach: Personal data records accessed by hacker

Over 8 million COVID-19 test results leaked online

Personal info might have been hacked after January Clearfield County cyber attack

Phishing scam targets New York medical professionals

Phone scam reports tripled in January, says HMRC

Poor Remote Working Behaviors and Procedures Putting Orgs at Risk

Premier League Teams Train Together in Defense Against Cyber-Attacks

Prevention of Phishing Attacks in 2021

Ransomware Attack Delays Cyberpunk 2077's Next Major Patch

Ransomware Attacks Double Against Global Universities

Ransomware gang extorts jet maker Bombardier after Accellion breach

Ransomware threats to watch for in 2021 include crimeware-as-a-service

Report sheds light on how cybercriminals target healthcare

Royal Mail warns customers of new scam that targets people by text and email

Russian hackers linked to attack targeting Ukrainian government

Russian Hacking Group Deploys IronPython Malware Loader

Startups and SMEs need to be more vigilant about cyber-attacks in 2021

Study Finds 50% of SMBs Have Experienced a Website Breach And 40% Are Being Attacked Monthly

Successful Phishers Make Slim Gains in 2020

Telework exposes U.S. government employees to increasing credential-theft mobile attacks

The world is facing a 'global cybercrime pandemic'

These phishing scams impersonate popular shipping companies

Three Ways MSPs Can Improve Supply Chain Security

TransLink response to data breach angers Unifor local unions

TransLink slow to reveal crucial details about ransomware attack, says union

U.S. municipalities are the perfect target for cybercriminals in 2021

Ukraine reports cyber-attack on government document management system

Union says TransLink has been slow to reveal details about ransomware attack

Universities Face Double Threat of Ransomware, Data Breaches

Updated Minebridge RAT Targets Security Researchers

Using Insurance Data to Better Tackle Ransomware

Vietnam: Activists targeted by notorious hacking group

Vietnamese Hackers of “Ocean Lotus” Are Targeting Human Rights Activists

Want to pass on your old PCs to good causes? Here's how to do it while staying secure

Wawa Expected to Pay $9 Million to Customers for Data Breach

What do users and IT have in common? They're both to blame for poor remote security practices

Why phishing and ransomware should be at the top of your c-suite's security concerns

Why Ransomware Protection and Digital Services Are Key State Government Concerns

Will Clubhouse's recent breach throw a wrench in its momentum?

23rd February

5 Dangers Caused by Ransomware for Businesses of All Sizes

10K Microsoft Email Users Hit in FedEx Phishing Attack

10K Targeted in Phishing Attacks Spoofing FedEx, DHL Express

84% of Critical National Infrastructure (CNI) Orgs Experienced Cyber-Attacks in the Last Year

95% of IT leaders say that client and company data is at risk on email

119k Threats Per Minute Detected in 2020

Accellion FTA attacks, extortion attempts might be the work of FIN11

Access all areas: Flourishing trade for black hats who specialize in the initial breach of organizations exposed

Active Directory Security and Hardening: An Ethical Hacker’s Guide to Reducing AD Risks

Adversaries exploit supply chains, double down on COVID-19 and ransomware

Airplane maker Bombardier data posted on ransomware leak site following FTA hack

APT32 state hackers target human rights defenders with spyware

Best Practices for Managing Cyber Risks in a Cyber World

BlueVoyant Report Reveals Ransomware is the Number One Cyber Threat facing Higher Education

Bombardier: Confidential information exposed in recent data breach

Bombardier says confidential information was exposed in recent data breach

Center for Internet Security (CIS) Offers All US Hospitals Free Ransomware Protection Service

Cloud Infrastructure Misconfigurations Take 25 Days to Fix

Clubhouse confirms data spillage of its audio streams

Clubhouse suffers data breach

Companies Under Cyber Attack

Cyber security firm saw attacks rise by 20% during 2020

Cybersecurity: Prevention Better than Cure

Daycare Webcam Service Exposes 12,000 User Accounts

Deleted Keybase chat images retrievable on Windows, macOS, Linux

Everything You Need to Know About Phishing and Pharming

Filipino credit app Cashalo suffers data breach

Finnish IT Giant Hit with Ransomware Cyberattack

Finnish IT services giant TietoEVRY discloses ransomware attack

FireEye: Accellion FTA Attacks Could be FIN11

FireEye researchers spot patterns in Accellion FTA attacks

Hackers hit 10,000 mailboxes in phishing attacks on FedEx and DHL Express

How cyberattacks can threaten colleges and universities

IBM issues patches for Java Runtime, Planning Analytics Workspace, Kenexa LMS

IBM Squashes Critical Remote Code-Execution Flaw

Images Deleted on ‘Keybase’ Chat Are Still Retrievable

In-House Legal Teams Increasingly Responsible for Cybersecurity

India’s IT Protection Centre Compromised by ‘Sakura Samurai’ Hackers

Inside a ransomware attack on a small trucking company

Is your company losing data amid remote work?

Keybase patches bug that kept pictures in cleartext storage on Mac, Windows clients

Lone wolves exist but say hello to Ransomware Inc

Louisiana College Cyber-Thief Sentenced

Microsoft users targeted by fake FedEx and DHL emails

Most Firms Now Fear Nation State Attack

Networks and breaches

New Partnership Launched to Improve Cyber-Resilience in Scotland

NurseryCam suffers data breach after security concerns raised

Organizations are at growing risk from Initial Access Brokers

Personal data of 600 people exposed by Scottish Borders Council data breach

Physical cyber threats: What do criminals leave when they break in?

Ransomware: Sharp rise in attacks against universities as learning goes online

Ransomware attack or not, Kia’s resilience is under the microscope

Regulator investigating Cashalo data breach

Scammers Are Now Tricking Texans Through Impersonated Calls

Sophos explains the workings of 'Conti' ransomware

Surge in ZLoader Attacks Observed

These hackers sell network logins to the highest bidder. And ransomware gangs are buying

Think Tank Warns of “Silent Stealing” Fraud

Top 5 things to know about network attacks

Top cloud infrastructure risks faced by real-world organizations

TransLink workers sent letters saying what info hackers were able to copy

Transport for New South Wales confirms data taken in Accellion breach

Twitter removes accounts of Russian government-backed actors

Ukraine: DDoS attacks on govt sites originated from Russia

VMware fixes critical RCE bug in all default vCenter installs

Warning as criminals sell fake Covid vaccines

22nd February

8 Ways Ransomware Operators Target Your Network

10 COVID-19-related lessons for future-ready cybersecurity

30,000 Macs infected with new Silver Sparrow malware

Accellion Data Breach Resulted in Extortion Attempts Against Multiple Victims

Accellion FTA Zero-Day Attacks Show Ties to Clop Ransomware, FIN11

Assume Clubhouse Conversations Are Being Recorded, Researchers Warn

BBC Reports Theft of 105 Electrical Devices

Center for Internet Security (CIS) Offers Free DNS Security Tool for US Hospitals

Chinese hackers cloned attack tool belonging to NSA’s Equation Group

Chinese Hackers Hijacked NSA-Linked Hacking Tool

Chinese Hackers of the ‘APT31’ Had Reportedly Stolen NSA Spyware Code

Chinese hackers used NSA exploit years before Shadow Brokers leak

Clubhouse suffers ‘data breach’ after third-party developer designs app for Android users

Concern as Attacker “Breakout” Time Halves in 2020

Council apologises for free school meals payment data breach

Criminals leveraging shift to remote work to develop targeted attacks

Cyber fraudsters switching from big money scams to ‘silent stealing’

Cyber-risk to critical infrastructure reaches all-time high

Data protection fines could be pushed to 2022 in Brazil

Database encryption: Protecting the crown jewels

Emmanuel Macron pledges €1bn for cybersecurity after hospital ransomware attacks

Exponential increase in malware and exploit activities

FireEye links 0-day attacks on FTA servers & extortion campaign to FIN11 group

Former Employee Behind Earthquakes Stadium Hack

Fraudsters leveraging the NHS brand in fresh COVID-19-related phishing scam

Fraudsters Using Telegram API to Harvest Credentials

Global Accellion data breaches linked to Clop ransomware gang

Hackers expose Hyundai logistics data after apparent ransomware attack

Hackers have eye on 6 Bangladeshi organisations

If you receive an email that invites you to play the beta, do not open it, it is phishing

Kia and Hyundai recovering from days-long network outages

Kia Motors says major IT outage was not because of a ransomware attack

Kroger is latest victim of third-party software data breach

Kroger reports data breach from third-party file transfer service

Mysterious malware infects 30,000 Mac computers

New cloud security analysis finds default configurations and identity management are the biggest concerns

New report reveals evolving risks and insecure defaults in the cloud

New Silver Sparrow malware infects 30,000 Macs for unknown purpose

Organisations turn the tide on ransomware attackers

Powerhouse VPN products can be abused for large-scale DDoS attacks

Python programming language hurries out update to tackle remote code vulnerability

Ransomware Attacks Remain Persistent and Pervasive

RMIT claims 'significant progress' in bouncing back from Friday's IT outage

Scottish Borders Council suffers data breach

Security researchers discover VMware bug that could allow remote command execution

Sequoia Capital is hacked due to phishing scam

Sequoia Capital Suffers Data Breach

SHAREit fixes security bugs in app with 1 billion downloads

Silicon Valley Venture Capital Firm Phished

Silver Sparrow malware on 30,000 Macs leaves security pros confused

“Silver Sparrow” Malware Perched Inside 30,000 M1 Macs

SolarWinds hackers continued attacking Microsoft until January

Stored XSS bug in Apple iCloud domain disclosed by bug bounty hunter

Telephony Denial-of-Service (TDoS) Attacks Take Aim at Emergency First-Responder Services

Texas electric company warns of scammers threatening to cut power

Top-clicked phishing tests

US Prosecutors Unveils New Charges Against North Korean Hackers

US Retailer Kroger Admits Accellion Breach

Venture Capital firm Sequoia Capital suffers data breach, investor information stolen

Why non-human workers can increase security issues in your business

Ransomware Operator Claims - Week 07 2021

Welcome to last week's ROC Report, an exclusive summary of Ransomware Operator's global victims that were claimed during the period between 15th February and 21st February 2021, kindly provided by our partners.

Flag Icons created by Freepik and provided by Flaticon.

Friday, 19 February 2021

SolarWinds: White House Confirms 9 US Government Agencies And 100+ Private Sector Organizations Were Breached In Supply Chain Attack

Hacking Group Targeting UK Online Banking Customers With Two-Factor Authentication Bypassing Smishing Attacks

Hackley Community Care: Michigan Healthcare Provider's Phishing Attack Exposes 2,500 Patients' Health Information

University Of Alabama In Huntsville: Alabama University Suffers Phishing Attack Compromising 272 Individuals' Personal Data

Underwriters Laboratories: Illinois Safety Certification Company Suffers Ransomware Attack Forcing IT Systems Shutdown

Kroger: US Grocery Chain's Pharmacy And "Little Clinic" Suffers Third-Party Data Breach Compromising Patients' Personal Data

Thursday, 18 February 2021

SolarWinds: Microsoft Discloses That Azure, Exchange And Intune Source Code Was Stolen In Supply Chain Attack

Spy Pixels: Invisible Tracker Pixels Hidden In Marketing Emails Have Now Become An Endemic Privacy Concern

California Department Of Motor Vehicles Suffers Third-Party Data Breach Following Contractor's "Cuba" Ransomware Attack

Lazarus Group: US Department Of Justice Indicts Three Members Of North Korean APT Group Responsible For Stealing Over $1.3 Billion

Scottish Borders Council: Scottish Local Government's Accidental Email Data Breach Exposed 600 Residents' Email Addresses

SBI: Californian Medical Imaging Provider's 18 Month Third-Party Data Breach Compromises 580,000 Patients' Health Information

Grand River Medical Group: Iowa Healthcare Provider Suffers Data Breach Potentially Compromising 34,000 Patients' Information

RIPE NCC: Dutch International Internet Registry Suffers Credential Stuffing Attack Targeting Members' Single Sign-On Accounts