Editor's Message

Welcome to DBD. On March 8th we celebrated our 4th Anniversary and the 1st Anniversary of our PRiSM application, officially endorsed by the SANS Institute. Despite recent personal issues that have impacted the amount of time I have been able to dedicate to both projects, I have been doing my best to keep everything as up-to-date as possible, and I would like to take this opportunity to thank everyone for their patience and support whilst I navigate through this very difficult time. Stay safe. :)

Monday 30 August 2021

Data Breaches Digest - Week 35 2021

Welcome to this week's Data Breaches Digest, a catalogue of links concerning Data Breaches and Cyber Security that were published on the Internet during the period between 30th August and 5th September 2021.

5th September

4 Ransomware Trends That Companies Should Be Aware Of

5 Ways to Navigate the Threat Landscape Conveyed in Verizon’s DBIR 2021

70% of IT staff reported a rise in phishing emails throughout 2020

Attacking a country with a hacked eBook: They find a vulnerability in Kindle

Back-to-School internet safety tips

Conti ransomware gang is targeting unpatched Microsoft Exchange servers

Cryptojackers among the top malware threats in Africa according to Kaspersky

Dark Web vs. Deep Web: What's the Difference?

Data Breaches: A Chance for Opportunistic Scammers & What You Should Watch for

Endpoint Detection and Response (EDR) Reaches Wide Adoption Paving Way for XDR, SASE

Garda National Cyber Crime Bureau seizes websites used in ransomware attacks

Google's TensorFlow drops YAML support due to code execution flaw

Here are some tips that can help you to keep your account safe from cyber frauds

Here’s Why the FBI Issued a Warning for Hive Ransomware

Ireland: Gardaí seize 'several' websites used in ransomware attacks

Irony at its peak, Marketo gang claims to have bids on stolen data of an IT service company, Fujitsu

IRS Criminal Investigation sees surge in scams

IRS Scams: How to Stay Protected Online?

Lock down your Microsoft 365 account and keep hackers out in 5 easy steps

Massachusetts Lawmakers Set To Examine Cybersecurity After Recent Attacks

New hacking group emerges, claims two Canadian victims

One in three Indians stores confidential info digitally

Online Fraud Is Rising as the Economy Recovers. Here's How to Protect Yourself

Scamdemic Britain: how we’re being conned out of billions

Scammers using stimulus payment and tax credit hoping to lure victims

Source code of extortion trojan “Babuk Locker” leaked

South African enterprises can’t ignore the risk of cyber attacks

The big reason the spam in your inbox is about to get a lot more convincing

The common vulnerabilities leaving industrial systems open to attack

‘This is a scam!’ National Insurance warning as Britons told 'number will be cancelled'

University of California (UC) Refuses To Disclose Information Regarding Accellion Data Hack

Warning: Hackers Taking Advantage of Holidays

Welsh Government Broke Data Protection Laws at Least 300 Times Since 2019

WhatsApp fined $235,000 by Turkey over alleged data breach

Why ransomware hackers love a holiday weekend

Why Should You Merge Physical Security and Cybersecurity?

Windows 11 Alpha: New Scam Deceives Users With Word Document

4th September

5 Surefire Things That’ll Get You Targeted by Ransomware

Android user data exposure shows just how vulnerable our data really is

British ISPs ‘Voip Unlimited’ and ‘Voipfone’ Still Struggling With DDoS Disruption

Car Hacking Danger Is Likely Closer Than You Think

Conti ransomware affiliates hit Exchange Servers with ProxyShell exploits

Cyber Criminal Actors are Targeting the Food and Agriculture Sector with Ransomware Attacks

Gmail and Outlook users warned about new email threat that has experts concerned

Have a Gmail or Hotmail account? Microsoft says to keep your eyes out for this scam

Hive is dangerous new ransomware threat, FBI says

Microsoft Says Chinese Hackers Were Behind SolarWinds Serv-U SSH 0-Day Attack

PlayStation users warned of scam risks in popular PS4 game

Ransomware attacks are rising, and cities are taking some of the biggest hits

Ransomware Attacks on Labor Day: FBI Warns as Hackers Work when Offices Close

REvil gang hits UK ITSPs with series of extortion-based DDoS attacks

The U.S. Government Suddenly Gets Serious About ‘Dangerous’ Passwords

Turkey fines WhatsApp over data breach

U.S. Cyber Command Warns of Ongoing Attacks Exploiting Atlassian Confluence Flaw

US SEC: Watch out for Hurricane Ida-related investment scams

Warning to MPs: New cyberattacks from abroad

Watch out for new malware campaign’s 'Windows 11 Alpha' attachment

What Is a YouTube Spambot? How Can You Stop Them?

What Is Flubot Malware on Android?

3rd September

6 cybersecurity training best practices for SMBs

6 Major Data Breach Cases in Indonesia in Past 1.5 Years

7 steps to defend your business against cybercrime

11 Secrets That Will Make You More Secure On The Internet

Accellion Breach Impacts Beaumont Health

As Labor Day Nears, Security Teams Watch for Holiday-Timed Hacks

Babuk ransomware's full source code leaked on hacker forum

BitConnect director pleads guilty to role in $2 billion cryptocurrency fraud

Brute-Force Attacks Target Inboxes for Gift Card Data

California AG reminds hospitals to report cyberattacks

CISA, FBI Post Ransomware Alert Ahead of Holiday Weekend

CISA urges IT teams to address critical vulnerability affecting Cisco Enterprise Network Function Virtualization Infrastructure Software

Confessions of a ransomware negotiator: Well, somebody's got to talk to the criminals holding data hostage

Conti ransomware now hacking Exchange servers with ProxyShell exploits

Conti Ransomware Threat Rising as Group Gains Affiliates

Could Lessons From Plane Hijackings Help Fight Ransomware?

Criminals recruit employees to hijack data

Critical Heap Buffer Overflow in Sudo Plaguing Tyco Illustra Cameras

Cyber Command alerts US firms of 'ongoing' hacks targeting Atlassian enterprise software

Dallas Independent School District reports data breach impacting current and former students, staff

Dallas school district admits SSNs and more of all employees and students since 2010 accessed during security incident

Data breaches decoded: Understanding threats and information security risks

Data protection for business: the challenges of keeping critical company data secure

FBI: Spike in sextortion attacks cost victims $8 million this year

FBI Warns Food and Agriculture Firms of Ransomware Threat

FBI warns of ransomware attacks against Food and Agriculture sectors

FBI warns of ransomware attacks targeting food and agriculture sector as White House pushes for proactive measures

FBI warns of ransomware uptick ahead of Labor Day holiday

Fed up with constant cyberattacks, one country is about to make some big changes

Federal Trade Commission (FTC) Bans Stalkerware App in Industry First

FIN7 Capitalizes on Windows 11 Release in Latest Gambit

FIN7 Hackers Using Windows 11 Themed Documents to Drop Javascript Backdoor

Five tough questions you need to answer about ransomware

FTC orders SpyFone to delete all of its surveillance data

German intelligence warns MPs over cyberattacks ahead of September election

Here’s why academic institutions are legitimate targets for cyberwarfare

How vulnerable is South Africa to cyber attacks?

Hybrid working: how to build on existing cybersecurity

Illinois medical group sued over data breach that exposed 655K patients' info

Kentucky Transportation Cabinet (KYTC) warn of phishing text scam

Modernizing Health Care Security with SASE

New Digital Realities That Executives Can’t Afford To Ignore

New report shows phishing attacks in Malaysia increases since pandemic starts

Out with the old, in with the new: From VPNs to ZTNA

Over 60,000 parked domains were vulnerable to AWS hijacking

Patched: Critical bug with public PoC exploit in Cisco infrastructure virtualization software (CVE-2021-34746)

Personal data of hundreds compromised in phishing attack at Oulu University

Phishing Actors Prey on Luno Crypto Exchange Users to Steal Their Coins

Ransomware: Qakbot follows in Emotet’s footsteps

Ransomware, the Parasite of Digital Transformation

Risk considerations for Managed Service Provider Customers

Sneaky cyber attacks coming for businesses facing ‘zero-click’ ransomware

Student files class action lawsuit against Syracuse University over data breach that affected 10,000

Student Sues Syracuse University Over Data Breach

Tech CEOs: Multi-Factor Authentication Can Prevent 90% of Attacks

The CIO’s evolving role in an altered world

The growing importance of cybersecurity in schools

The State of Incident Response: Measuring Risk and Evaluating Your Preparedness

This New Malware Family Using CLFS Log Files to Avoid Detection

Turkey fines WhatsApp over data breach

UK Gun Owners' Data Exposed

US Cybercom says mass exploitation of Atlassian Confluence vulnerability 'ongoing and expected to accelerate'

US government warns orgs to patch massively exploited Confluence bug

Warning To Michiganders About New Phishing Scam From IRS

What Is Ryuk Ransomware?

When Cyber-Attacks Lead to Disasters, Does the Stafford Act Apply?

Why Ransomware Hackers Love a Holiday Weekend

Why should enterprises invest in machine identity management tools?

2nd September

0.71% of 1,500 fraudulent attacks aimed at Nigerian crypto investors

7 Ways to Defend Mobile Apps, APIs from Cyberattacks

71% of surveyed facility managers state concerns about operational cybersecurity

A dropper-as-a-service miscreants pay to push their malware onto potentially 1,000s of victims

African businesses’ vulnerability to cyber attacks worsened by pandemic

Atlassian Confluence flaw actively exploited to install cryptominers

Australia's insurers, banks alarmed at having to pay victims for data breaches

Autodesk reveals it was targeted by Russian SolarWinds hackers

Bad Bots Focus Attacks on E-Commerce Targets

Biden’s alliance with Big Tech signals a power shift in the US

Bluetooth BrakTooth bugs could affect billions of devices

Bluetooth Bugs Open Billions of Devices to DoS, Code Execution

Business Leaders Need to Quantify Their Cyber Risk

Chinese Authorities Arrest Hackers Behind Mozi IoT Botnet Attacks

Cisco fixes critical authentication bypass bug with public exploit

Cisco Patches Critical Authentication Bug With Public Exploit

Comcast flaw could have turned remotes into listening devices

Comcast RF Attack Leveraged Remotes for Surveillance

Critical infrastructure today: Complex challenges and rising threats

Cyber Security Trends: What’s Ahead, And How To Respond

Digital State IDs Start Rollouts Despite Privacy Concerns

DuPage Medical Group sued over data breach that exposed patients' identities, health information

Execs don't sound very confident about long-term network security in the WFH era

FBI and CISA warn of potential cyberattacks this holiday weekend, citing past trends

FBI warns of ransomware gangs targeting food, agriculture orgs

Gmail and Outlook users are being targeted by a disturbing new email threat, which experts are concerned about

Google Play Sign-Ins Allow Covert Location-Tracking

How companies can keep cybercriminals at bay

How DMARC Can Protect Against Ransomware

How do I select a hardware security module for my business?

How SMBs can prevent QR code abuse

IRS Criminal Investigation sees surge in scams tied to Economic Impact Payments

Is Traffic Mirroring for NDR Worth the Trouble? We Argue It Isn't

Layered security strategy vital to combat Microsoft 365 phishing threat

LockFile Ransomware Attacks Exploit ProxyShell Vulnerabilities on Unpatched Microsoft Exchange Servers

LockFile Ransomware Using New Techniques to Evade Detection

Most local civil society organisations vulnerable to cyber risks

Native English Speakers Increasingly Sought Out For Email Scams

NCC Group Reveals Threefold Increase in Targeted Ransomware Attacks in 2021

New BrakTooth Flaws Leave Millions of Bluetooth-enabled Devices Vulnerable

NFT Collector Tricked into Buying Fake Banksy

OEMs should take control of security when it comes to vehicle hacking

Official website of Banksy hacked for fake NFT scam

Phishing attacks rising since pandemic struck

Previous employees with access to corporate data remain a threat to businesses

Ransomware Gangs: the Newest Form of International Cyber Criminals

Ransomware gangs target organizations during holidays and weekends

Ransomware’s Path to Product/Market Fit

Report highlights the threat of malicious crypto miners in Africa

Research firm says popular Wi-Fi security system can be remotely disarmed by hackers

Sacked Employee Deletes 21GB of Credit Union Files

Scam email targets Spark customers

SEC fines eight investment firms for cybersecurity breaches that leaked client info

Security risks to your mobile app and how to avoid them

Sophos discovers Gootloader mothership controls malicious content

SpyFone & CEO Banned From Stalkerware Biz

The cybersecurity of industrial companies remains low, potential damage can be severe

The Emergence of Killware: The next lethal malware CISOs need to worry about

These Russian “Dumbphones” Come Pre-Loaded With Malware

Translated Conti ransomware playbook gives insight into attacks

UK Researchers Invent Device to Thwart USB Malware

Vulnerabilities allow attackers to remotely deactivate home security system (CVE-2021-39276, CVE-2021-39277)

We cannot allow cyberattacks to be the new normal

What Businesses Should Know About Encryption

What is AS-REP Roasting attack, really?

What to Do If a Ransomware Attack Hits Your Computer

WhatsApp Fined €225m for GDPR Violations

WhatsApp patches vulnerability related to image filter functionality

WhatsApp Photo Filter Bug Could Have Exposed Your Data to Remote Attackers

WhatsApp to appeal $266 million fine for violating EU privacy laws

White House Warns Of Cyberthreats Over Labor Day Weekend

Working from home raises risk of cyber attacks

1st September

3 ways partners can advise customers through cybersecurity needs

75 percent of merchants report increases in fraud rates after the pandemic

91% of Industrial Organizations Can Be Penetrated by Hackers

A Very Kind Scammer Returned $336,000 to Pranksy, the Digital Art Collector Who Bought a Fake Bansky NFT

Accenture Clients Breached By LockBit Ransomware Gang

Addressing U.S. cybersecurity concerns through biometrics

Android game developer EskyFun exposed 1 million gamers to hackers

Attack Vector vs. Attack Surface: What’s the Difference?

Attackers Keep Refining Business Email Compromise Schemes

Australian Couple Admits “Serious Cyber Hacking Offenses”

Banksy NFT Scammer Returns £240,000 to Victim

BEC Scammers Seek Native English Speakers on Underground

Beware of Fake Vacation Booking Websites Posing as Airbnb

Beware this new phishing attack that's after your passwords!

Breach notification window, accountability are focus of coming fight on cyber legislation in Congress

Central Bank Of Malta Latest To Be Hit In Phishing Scam

CISA: Examine cybersecurity posture ahead of Labor Day holiday

CISA: Plan Now to Avoid Labor Day Breach

CISA and FBI release holiday ransomware alert

CISA Warns About the Ransomware Risk During the Upcoming Labor Day Holiday

Combating cybercrime has never been more important

Companies are tired of spending money on cybersecurity. Here's how to change their minds

Cream Finance platform pilfered for over $34 million in cryptocurrency

Crypto Hacks Highlight Need for More Cybersecurity

Cryptocurrency payments to scams outpace ransomware jackpots in Eastern Europe

Cyber criminals recruiting native English speakers to sharpen BEC scams

Cyberattacks against outpatient, specialty clinics on the rise as data breaches double from 2018

Cybercriminals Abusing Internet-Sharing Services to Monetize Malware Campaigns

Cybersecurity: The megatrend that EVERY business must consider

Cybersecurity attacks in Kenya, South Africa and Zimbabwe have increased

Data breach hits Bangkok Airways

Eight US financial services firms given six-figure fines over BEC data breaches

Enterprises struggle to identify insider attacks

Experts warn on Office 365 phishing attacks

FBI warns healthcare systems of Hive ransomware following Memorial Health System attack

Federal Trade Commission (FTC) Bans Stalkerware App SpyFone; Orders Company to Erase Secretly Stolen Data

Federal Trade Commission (FTC) bans stalkerware maker Spyfone from surveillance business

Feds Warn of Ransomware Attacks Ahead of Labor Day

Finding and using the right cybersecurity incident response tools

Fired credit union employee admits: I wiped 21GB of files from company's shared drive in retaliation

Fired New York credit union employee nukes 21GB of data in revenge

Five MDR Service Principles to Reduce Risk in Small Enterprises

Getting ahead of a major blind spot for CISOs: Third-party risk

GPDPR vs GDPR: Nottinghamshire law firm explains how new NHS system sharing data works as patient records in Gedling borough begin getting uploaded

Gutenberg Template Library & Redux Framework Bugs Plague WordPress Sites

Half of businesses can't spot these signs of insider cybersecurity threats

Higher education IT teams are struggling to enforce password rules

Hospital Cybersecurity Ratings Catch Up to Other Industries

Housing association residents hit by phishing emails after Plentific cyber attack

How to Get Rid of Computer Viruses and Other Malware

How to Guard Against 3 Cannabis Cyber Attack Risks

How to Stop Supply Chain Attacks in Their Tracks

Hybrid work is here to stay, but security concerns are high

ICO Issues Record Fines in 2020/21

Illinois Health-Care Group Informs 600K Patients of Data Breach

Indonesian Government’s COVID-19 test, trace app leak impacting 1.3m users

Indonesian health ministry probes alleged data breach of 1.3m users on COVID-19 app

Investigation into hacked "map" of UK gun owners

Kaspersky Detects Over 1,500 Fraudulent Global Resources Targeting Potential Crypto Investors and Highlights the Threat of Malicious Crypto Miners in Africa

Linphone SIP Stack Bug Could Let Attackers Remotely Crash Client Devices

List of data breaches and cyber attacks in August 2021 – 61 million records breached

LockBit gang leaks Bangkok Airways data, hits Accenture customers

LockBit Jumps Its Own Countdown, Publishes Bangkok Air Files

LockFile Ransomware Uses Encryption to Avoid Detection

Maintaining Cybersecurity During Rapid Digital Transformation

Massachusetts hospital sued over February ransomware attack after paying hackers to restore data

Microsoft database vulnerable serves as a wakeup call

Microsoft warns about open redirect phishing campaign

New credential phishing campaign abuses open redirector links

New standard enhances the cybersecurity of pipeline control systems

Number of Ransomware Attacks Increased by 288%

Officials warn of unemployment insurance phishing scam

OpenSSL Flaws Discovered and Fixed Last Week Affect a Large Number of Products

'ProxyToken' Bug Put Microsoft Exchange Email at Risk

QNAP Working on Patches for OpenSSL Flaws Affecting its NAS Devices

Ransomware Attacks Soar 288% in First Half of 2021

Ransomware Causing Security Insurance Costs To Spike

Ransomware Gangs Using Data Leak Sites to Recruit New Affiliates

Research reveals phishing attacks on crypto are increasing all over the world, as the volume of phishing threats in 2021 continues to overtake 2020 by 22 percent

REvil, DarkSide and Now BlackMatter. It Never Ends!

Scam artists are recruiting English speakers for business email campaigns

SEC Sanctions Eight Firms Over Deficient Cybersecurity Procedures

Security Experts Say These Are The 5 Scary Ways To Know If Your Email Has Been Hacked

Senate proposes Cybersecurity Law: Mexico ranks 52 on the list of countries most vulnerable to cyber attacks

Shift to Hybrid Work Led to Steep Rise in Cost of Data Breaches: IBM Report

Single‑factor authentication for admin now officially a CISA 'bad practice'

Solana: an attack on an NFT project caused great losses

Stimulus Check Scams Account For Highest Level Of Phishing Attempts In More Than A Decade

Stop Sleepwalking Through Your Cybersecurity

The convincing new scam that's targeting Outlook and Gmail users

The cybersecurity metrics required to make Biden’s Executive Order impactful

The Taliban reportedly have control of US biometric devices - a lesson in life-and-death consequences of data privacy

This is why the Mozi botnet will linger on

Top 8 Recent Cyber Attacks on Government Institutions Worldwide

Types of Spamming

U.S. Security Dilemma from Russian Federation Government

Unpatched Exchange Servers an overlooked risk

Using zero trust to mitigate 5G security challenges

Wawa Data Breach Settlement Will Cost Company $9 Million in Cash and Gift Cards. Are You Eligible?

Wawa paying up to $9M in cash, gift cards to settle class action lawsuit after 2019 data breach

Why cybersecurity and regulatory compliance are one and the same

Why retailers are the most targeted sector for cyber attacks

Why you shouldn't rely on texts when using two-factor authentication to sign into accounts

With cybersecurity, take all the precautions you can

31st August

7 Ways AI Can Help Your Business Improve Cybersecurity

A CISO's Perspective on Ransomware Payments

A Hacker Used “BlueBomb” to Unlock the Nintendo Wii Mini

A passwordless future isn't close: It's here

Afghanistan’s reported data breach has life-and-death consequences

Attackers Can Remotely Disable Fortress Wi-Fi Home Security Alarms

Bangkok Airways Admits Attackers Stole Passenger Data

Bangkok Airways Hit By LockBit Ransomware Attack

BBB Scam Alert: Watch out for fraudulent QR codes

Can CISOs afford to have data breach fatigue?

Chinese Developers Reveal Android Gamers' Data

CISA Issues Ransomware Warning Ahead of Labor Day Holiday

CISA Warns About the Perils of Single-Factor Authentication (SFA) as Brute-Force Attacks Reach New Levels

Companies go scot-free despite breach of customer data

Cream Finance DeFi Platform Rooked For $29M

Crypto Exchange Bilaxy Loses $21M in Hack

Cyberattackers are now quietly selling off their victim's internet bandwidth

Cyberattacks Use Office 365 to Target Supply Chain

Cybercrime will not be left behind by tech innovation

Cybercriminal sells tool to hide malware in AMD, NVIDIA GPUs

Cybercriminals are holding schools ransom for billions and some are paying up

Cybercriminals buy up admin credentials to sharpen attacks on cloud deployments

Cybersecurity awareness is one of the skills needed for a post-pandemic economy

D.C. Unemployment Recipients Are Being Targeted By Official-Looking Scam Emails

Data Breaches in the Financial Sector

Data Compromises have increased in the First Half of 2021

Denton County Data Breach Exposes Health Records, Including COVID Vaccination Details

Do you measure your third-party breach-likelihood in real-time?

Don't want to get hacked? Then avoid these three 'exceptionally dangerous' cybersecurity mistakes

Double the threat

Expired driver's licenses open lanes for cybercriminals, text and email scams

Fake vacation websites hope to trick you into forking over your hard-earned money

FBI, CISA: Ransomware attack risk increases on holidays, weekends

FBI, CISA warn of potential cyberattacks over Labor Day weekend

FBI Flash Alert Warns Organizations of Hive Ransomware Group

Financial services firms face high incidence of phishing attacks

Fines Issued by the ICO Surge by 1580% in 2020/21

Five Ways To Sustain A Healthy Security Culture In A Hybrid World

Fortress Home Security Open to Remote Disarmament

Fujitsu customer data is being sold on the dark web

Fujitsu customer data is reportedly being sold on the dark web

Government Efforts Take Cyber Awareness to the Next Level, but an Ocean of Obstacles Lies Ahead

Hackers Steal Data from Neuch√Ętel Cantonal Bank

Hackers targeting outpatient healthcare facilities

Here’s why cybersecurity is the bare bones of Environmental, Social, and Governance (ESG)

How behavioral biometrics can stop social engineering and malware scams dead in their tracks

How Merchants Can Foolproof Against Data Breaches

How much Canadian insurers have lost on cyber liability so far in 2021

How ransomware runs the underground economy

Illinois Physicians Notify 600K Patients of Data Breach

Illinois Provider Faces Healthcare Data Breach, 171K Patients Exposed

Incenting A Collaborative Approach To Putting Out Cyber Fires

Increase in credential phishing and brute force attacks causing financial and reputational damage

Indonesia Launches Investigation for Possible Breach on Its COVID-19 Tracing App

Indonesia Probes Million Data Breach at Old Covid Tracking App

Indonesia probes suspected data breach on COVID-19 app

Indonesians Told to Delete Unsecured Tracing App

Initial Access Broker use, stolen account sales spike in cloud service cyberattacks

Internal Revenue Service (IRS) Warns About Stimulus Check Scams After Receiving Record Number of Reports

Kaspersky blocked 5.8M malware attacks 'disguised as popular PC games' last year

Leaked Guntrader firearms data file shared. Worst case scenario? Criminals plot UK gun owners' home addresses in Google Earth

Legal Consequences Possible by Cybersecurity Standards Non-Compliance

Lessons from Kaseya

LockFile ransomware uses intermittent encryption to evade detection

LockFile Ransomware Uses Never-Before Seen Encryption to Avoid Detection

Lojas Renner claims that cyberattack did not result in data leakage

LokiBot took the “old is gold” phrase seriously, as it uses old techniques to steal information

Microsoft warns of credential phishing attack abusing open redirect links

Mum-of-three wins legal data breach fight against Hampshire County Council after school in Havant gives ex-partner her address

New Mirai Version Adds WebSVN Command Injection to Its Arsenal

New record for UK data watchdog as it handed out £42m in fines last year

Philippines: Strengthen e-wallet laws to protect consumers

Proxyware Services Open Orgs to Abuse

QNAP Is Latest to Get Dinged by OpenSSL Bugs Fallout

Ragnarok Ransomware Group Joins List of Disbanded Cybercrime Gangs

Ransomware: What’s Next In 2021?

Ransomware May Have Cost US Schools Over $6bn in 2020

Report Warns of COP26 Cyber-Threat to Glasgow

Scammers Impersonate OpenSea Customer Support

Securities and Exchange Commission (SEC) fines brokerage firms over email hacks, customer data exposure

Securities and Exchange Commission (SEC) to Monitor Illicit Activity on DeFi Platforms

Singapore government expands bug hunt with hacker rewards scheme

SteelSeries Bug Can Grant Hackers Admin Rights on Windows 10

Store says customer data has not been leaked

Texas, California, New York, Louisiana, Missouri lead list of states with most ransomware attacks on schools

The consumerization of the Cybercrime-as-a-Service market

The Hybrid Workplace: The Next Frontier of Cyber Security

The new era of email authentication

The rise of ransomware within healthcare

The truth about your data: why cloud infrastructure needs to be better protected

This phishing attack is using a sneaky trick to steal your passwords, warns Microsoft

Top 3 API Vulnerabilities: Why Apps are Pwned by Cyberattackers

Top 25 College Football Teams found on breached password lists

Victim of Cyber-Theft Sues Parents of Alleged Culprits

Victorian council ‘infiltrated’ in cyber incident

Watchdogs crack down on inaccurate disclosures amid cybersecurity debates

What are 51% attacks in cryptocurrencies?

What is Carding? How do you protect yourself against this credit card fraud?

What is website spoofing and what can be done about it?

What to Do if You’re the Victim of a Data Breach

What you need to know about cyberattacks and ransomware

Why Are Viruses and Malware Threats Rising against Macs?

Why companies should never hack back

Why EU Data Laws Remain Important to UK Businesses Post-Brexit

WooCommerce Pricing Plugin Allows Malicious Code-Injection

Your Internet Attack Surface – What is it and how do you secure it

30th August

A Recent Study Reveals That Phishing Websites Increased In Amount Across 2020

Advanced Persistent Threats: 6 Ways Healthcare Orgs Can Stay Safe

An Evolving Cyber Threat: Ransomware-as-a-Service

Android users: Do not click on this text message

Azure customers warned of critical Cosmos DB vulnerability

Bangkok Airways apologizes for passport info breach as LockBit ransomware group threatens data leak

Businesses warned to be vigilant of scams, hacking during lockdown

Chinese company EskyFun exposes over 1 million Android gamers’ data

CISA Adds Single-Factor Authentication to the List of Bad Practices

CISA Releases Guidance on Protecting PII From Ransomware Attacks

Consumers value privacy more than potential savings when purchasing insurance

Costly cyberattacks are avoidable: 5 easy ways to protect your business from ransomware

Cyber threats, passenger vessels and superyachts: The current state of play

Cyber-thieves Hit DeFi Platform Again

Dallas Data Breach Gets Worse

Data Collection Ethics: Bridging the Trust Gap

Debunking myths about consumer expectations around mobile apps security

Double-Extortion Ransomware: Double The Threat, Double The Challenges For Businesses

DuPage Medical Group notifying 600,000 patients about a data breach

Expired Driver’s Licenses Open Lane for Cyber Criminals

File upload security best practices rarely implemented to protect web applications

Firewalls Are Useless and Blockchains are ‘Hackable’

Fujitsu says stolen data being sold on dark web 'related to customers'

'Good thing you double checked' - Barclays confirms convincing text message is a SCAM

Hackers attack AMELI and FranceConnect accounts, be vigilant

Hewlett Packard Enterprise (HPE) Warns Sudo Bug Gives Attackers Root Privileges to Aruba Platform

Hit by ransomware? You really need to report it

How Does Mail Transfer Agent Strict Transport Security (MTA-STS) Improve Your Email Security?

How enterprises use security operations to modernize their business

How To Accelerate the Enterprise Journey to Passwordless

Hybrid work here to stay: What does that mean for security?

iCloud phishing scam – Man stole private photos of 620,000 women

In Wake of Colonial Pipeline Attack, Biden Calls on Energy, Tech Leaders to Ramp Up Cybersecurity Investments

Indicators of Compromise Associated with OnePercent Group Ransomware

Ireland ranks sixth worst cybersecurity State in Europe, study shows

Is The World Ready For A Cyberwar?

Lessons Learned from a REvil Ransomware Attack

LockBit Gang to Publish 103GB of Bangkok Air Customer Data

LockFile ransomware uses intermittent encryption to evade detection

Microsoft: Beware Phishing Attacks with Open Redirect Links

Microsoft Data Breach Exposes 38 Million Records

Microsoft Exchange ‘ProxyToken’ Bug Allows Email Snooping

Microsoft Exchange ProxyToken bug can let hackers steal user email

Microsoft shares guidance on securing Azure Cosmos DB accounts

Microsoft to Azure Cosmos DB Users: Your Data May Have Been Exposed

New Microsoft Exchange 'ProxyToken' Flaw Lets Attackers Reconfigure Mailboxes

New phishing campaign is after your credentials, Microsoft warns

Northern Ontario police force recovering from ransomware attack

Out $2.3M, Peterborough looks to insurance, but email fraud sometimes not covered

Outpatient Facilities Now Top Targets for Healthcare Data Breaches

Over 13 million malware events targeted Linux-based cloud environments in first half 2021

Passport info and healthcare data leaked from Indonesia's COVID-19 test-and-trace app for travelers

Phishing Attack Used Spoofed COVID-19 Vaccination Forms

Ragnarok ransomware gang shuts down and releases its decryption key

Ransomware attack in Indiana affects 49K patients

Ransomware Attack on Swiss City Exposed Citizens' Data

Ransomware Has Been a ‘Game Changer’ for Cyber Insurance

Rights Group Advises Afghans to Delete Data

SaaS and Unmanaged Enterprise Data Access Pose Cybersecurity Risks

Sault police dealing with a ransomware attack; emphasize public safety not affected

Sault Ste. Marie Police Services, Victim of Virtual Ransomware Attack

Shift to cyber resilience: 7 steps to a better security approach

Singapore eye clinic suffers massive cyberattack as healthcare data value increases

Social engineering still South Africa’s number one cyber security risk

T-Mobile CEO Issues Apology For Massive Data Breach

The Dangerous New Email Scams Combining Phishing and Voice

The Underground Economy: Recon, Weaponization & Delivery for Account Takeovers

Unmanaged SaaS Data Brings Supply Chain Risks

Vulnerability in Bumble dating app reveals user's exact location

Wawa Reaches Settlement in Data Breach Suit

‘Web Hosting Canada’ Informs of a Major Ongoing Security Incident

What Florida Companies Need to Know About Ransomware

What is phishing and how can you prevent your business from becoming a victim?

What IT security teams can learn from the Colonial Pipeline ransomware attack

When ransomware strikes, can you recover fast enough?

Why should you buy cyber insurance for your business?

Zero trust is not enough: The case for continuous control validation