Editor's Message

Welcome to DBD. On March 8th we celebrated our 4th Anniversary and the 1st Anniversary of our PRiSM application, officially endorsed by the SANS Institute. Despite recent personal issues that have impacted the amount of time I have been able to dedicate to both projects, I have been doing my best to keep everything as up-to-date as possible, and I would like to take this opportunity to thank everyone for their patience and support whilst I navigate through this very difficult time. Stay safe. :)

Monday 13 September 2021

Data Breaches Digest - Week 37 2021

Welcome to this week's Data Breaches Digest, a catalogue of links concerning Data Breaches and Cyber Security that were published on the Internet during the period between 13th September and 19th September 2021.

19th September

8 Job Security Tips That Every Freelancer Should Know

A 10-Point Guide to Establish Supply Chain Cybersecurity

AT&T lost $200M in seven years to illegal phone unlocking scheme

Cracks in the crypto utopia: How a surge of scams is exposing DeFi’s dark side

Crypto Investors Slap Apple With Class-Action Lawsuit, Claim Tech Giant Authorized Distribution of Malicious Application

Cybercrime gang backdoors U.S. finance organizations with malware

Data Security Trends 2021

DDoS Attacks In Healthcare: Just How Dangerous Can They Get?

Digital Marketers Should Be Aware of These 3 Email Security Threats

Exabytes Falls Victim To Ransomware Attack: Causes Disruptions To Certain Services

Facebook account hacked? Here’s how to get it back

Financial sector suffers costliest cyberattacks

How to spot cryptocurrency Bitcoin scams trying to steal your money

Industrial control systems spyware scripts on rise in UAE

Malaysia: Companies on guard after falling victim to online attacks

Malaysia: Online threats continue to spike

New "Elon Musk Club" crypto giveaway scam promoted via email

Numando: A New Banking Trojan Targeting Latin American Users

Pandemic fuelling financial crime, says UAE Central Bank

Ransomware attack on Tamil Nadu Public Department systems

Ransomware attacks on the rise

Received a text with a surprising pandemic offer? Don’t click that link!

‘Smishing’: the rising threat for business owners that brings scams to smartphones

Tamil Nadu government systems under cyber attack, probe on

Telegram Is Reportedly Harboring More Cyber Criminals Ever Since The Attempted WhatsApp Policy Change

The Digital Pandemic – Ransomware

The United States will punish illegal payments in cryptocurrency

The vicious cycle that makes ransomware such a potent threat

Time to embrace identity-based authentication for cybersecurity

U.S. Vows “Surge” to Fight Nation-state Ransomware Backers

Vulnerabilities in Operational Tech Devices Up 46% in H1’21

Warning over fake NHS PCR test text

18th September

China: Cybersecurity defenses lacking in many companies

Do Menu QR Codes Pose a Risk to Your Privacy?

Exploit for Recently Discovered Azure Flaw Already Added to Mirai Botnet

Fixing a Common Active Directory Weakness: Poor Authentication Security

How to get scammed using a QR code

India: Uttar Pradesh ‘cybercrime capital’ with over 11,000 cases

Kamikaze satellites and shuttles adrift: Why cyberattacks are a major threat to humanity's ambitions in space

Keeping data under control

Microsoft’s ‘passwordless future’ runs risk of shutting out older users, experts warn

National Information Technology Development Agency (NITDA) alerts Nigerian employees against ransomware group trying to spread viruses

‘Nude video call’ sextortion emerging as major cybercrime in Nagaland

Poste Italiane revealed a new phishing attempt under its name

Ransomware attack on Tamil Nadu Public Department systems

Researchers compile list of vulnerabilities abused by ransomware gangs

Stop election cyberattacks, Germans warn Russia

Tamil Nadu Public Department attacked by ransomware, sensitive documents encrypted

U.S. Officials Eye Ransomware Payments for Sanctions

U.S. to target ransomware payments in cryptocurrency with sanctions

US Plans Sanctions for Ransomware Payment Facilitators

US to target crypto ransomware payments with sanctions

Ways to find out if your smartphone has malware

With cyber crimes rising, cyber insurance is a must

You need to protect yourself from zero-click attacks

17th September

5 Steps for Securing Your Remote Work Space

6 vendor cybersecurity breaches: 10 million patients, 200+ hospitals affected in last year

$133 million lost in online romance scams in 2021: FBI

Admin of DDoS service behind 200,000 attacks faces 35 years in prison

Alaska Department of Health reveals data breach potentially exposing residents’ financial, health information

‘Any Alaskan’ Could Have Been Impacted by Health Data Breach

APT actors exploiting newly identified vulnerability in ManageEngine ADSelfService Plus

AT&T Phone-Unlocking Malware Ring Costs Carrier $200M

Australians ‘struggle’ up against network security breaches

Bad Apples: How Computer And Network Attack (CNA) Attacks Put Everyone At Risk

CISA: Patch Zoho Bug Being Exploited by APT Groups

CISA Warns About APT Actors Targeting Zoho ManageEngine ADSelfService Plus Flaw

CISA warns of APT actors exploiting newly identified vulnerability in ManageEngine ADSelfService Plus

Class Action Filed After Hospital Ransomware Attack

Cloud Misconfigurations Still Cause Two-Thirds of Security Incidents

Combatting complex cybercrimes require predictive and proactive cyber security

Common online threats that all businesses face

Council secrets for sale on dark web, says Darlington IT firm

Councils and universities tackle cybersecurity issues but Bondgate IT investigation reveals dark web threat

CREST Concludes Investigation and Responds to NCC Group Exam Leak Scandal

Critical Infrastructure Providers Need To Shape Up And Focus On Cybersecurity

Crooks hijack bank OTPs to make fraudulent card payments

Cyberattack led to IT outage at 8 Texas cancer clinics: 36,000 exposed

Cyberattackers Target Missouri Hospital At Epicenter Of COVID Outbreak, Post Patient Data

Cyberattacks against the aviation industry linked to Nigerian threat actor

Cybercriminals Use Pandemic to Attack Schools and Colleges

Data protection and security: Crucial to business sustainability

Dell study finds most organizations don't think they can recover from a ransomware attack

Democrat senator lobbies agencies over the use of crypto in ransomware

Despite Huge Budgets, Cyber-Rich Banks Are Not Paying It Forward In Cybersecurity

Ditch the Alert Cannon: Modernizing Intrusion Detection Systems (IDS) is a Security Must-Do

Dotty's parent company announces data breach, says private info may have been released

Epik hack exposes lax security practices at controversial web host

Experts Concerned Over New Digital Secretary's Lack of Cyber Knowledge

Few Organizations are Actually Preparing for a Ransomware Attack

Fighting Digital Banking’s Fraud Problem

Five behaviours that indicate a social engineering scam

Five pharma cybersecurity breaches to know and learn from

Free decryption tool for previous REvil attack victims

Free REvil Decryptor Launched

FTC: Health Apps Must Notify Consumers of Data Breaches

Germans See Russian Meddling in Tight Election Intensifying

Good News: REvil Ransomware Victims Get Free Decryptor

Grief Gang’s New Quadruple Extortion Scheme Doesn’t Change the Game

Have you tried to guess your boss's password? Lots of workers have, according to a report

Health Department Cyber Attack Exposes Most Alaskans’ Personal Data

How an organization should face its greatest cybersecurity issues

How brute-force attacks are spearheading ransomware campaigns

How insurers can approach cybersecurity risk

How to Protect Against Deepfake Attacks and Extortion

How to protect your phone from malware and cybercriminals

How to safeguard yourself from financial frauds, online and offline

How To Secure Bank Accounts, Funds From Fraudsters

Infrastructure, Security, and the Need for Visibility

Ireland probes TikTok's handling of children's data

Key Differences Between PHI and PII, How They Impact HIPAA Compliance

Malware Attack on Aviation Sector Uncovered After Going Unnoticed for 2 Years

Mankato Clinic notifies patients of health data breach

Medical Center Rebuilding EMR Following Ransomware Attack

Man Sentenced to 12 Years in Prison for Defrauding AT&T by Unlocking Phones

Microsoft asks Azure Linux admins to manually patch OMIGOD bugs

Microsoft MSHTML Flaw Exploited by Ryuk Ransomware Gang

Misconfigured APIs make up two-thirds of cloud breaches

Modern security strategies key to support remote workforce demands

New Malware Targets Windows Subsystem for Linux to Evade Detection

No business is too small to be a target of cyberattacks

OMIGOD: Microsoft Azure VMs exploited to drop Mirai, miners

Online scam hits 16 Arabic-speaking countries and more than 130 brands

Open Redirects: The Latest and Ugliest Face of Phishing Attacks

Open source cyberattacks increasing by 650%, popular projects more vulnerable

Over 500,000 Records Belonging to Offrea.be Were Leaked Online

Pandemic leading to ‘ticking time bomb’ for cybersecurity

Porn Problem: Adult Ads Persist on US Government, Military Sites

Prison for AT&T Phone-Unlocking Fraudster

Protecting business from ransomware at the edge

Ransomware Attack Encrypts South Africa’s Department of Justice, System Still Being Restored

Ransomware Data Recovery An Urgent Priority

Ransomware incidents continue to rise

Ransomware is More Than a Cybersecurity Issue

Ransomware realities in 2021 and your first step to protect your business

Recently reported Microsoft zero-day gaining popularity with attackers, Kaspersky says

Romance Scammers Make $133m in First Half of 2021

Securing the Network of the Future for Remote Work

Securing your network when the prevention gap is too wide to fill

Senator lobbies agencies over the use of crypto in ransomware

South Africa: Justice department processes child maintenance payment following delays due to system breach

SushiSwap Crypto Platform Victimized by $3M Hack

Texas healthcare provider waits seven months to notify patients of ransomware breach

The best methods to trace suspicious user activities

The threat and the solution: Why DNS management is imperative for business protection

This banking Trojan abuses YouTube to manage remote settings

Threat Actor Leaks Login Credentials Of About 500,000 Fortinet VPN Accounts

Top 5 Tips to Protect Your Online Business from Cybercriminals

Treasury Takes Aims to Curb Crypto Ransoms

Treasury to issue new cryptocurrency sanctions after ransomware attacks

Trend Micro blocks 41 billion threats in 1H 2021

TTEC hit with ransomware attack, hampering work for major clients

U.S. to sanction crypto exchanges, wallets used by ransomware

Understanding & Surviving Ransomware

US: Urgent warning about surge in student loan forgiveness scams – see if you’re at risk of being targeted

US aims to hit revenue streams of ransomware groups with sanctions

US government sites showing porn, viagra ads share a common software vendor

Wake-up calls and eye-opening statistics reveal the full extent of cyber risk

What Microsoft going passwordless means for users going forward

Why it’s Critical that Midmarket Organizations Bridge the Ransomware Security Gap

Why MFA isn’t enough to protect you

Working From Home Isn’t Going Away, But It Isn’t Getting Safer

Zero-day attacks are putting the squeeze on Apple, Google, and Windows devices

16th September

5 Things to Know About DDoS Attacks in Healthcare

7 tips for building a strong security culture

10 Eye-Opening Data Breach Statistics (and How You Can Better Protect Your Network)

15% of the Nasdaq 100 Is Highly Susceptible to a Ransomware Attack, New Black Kite Research Finds

61 Million Fitbit, Apple Users Had Data Exposed in Wearable Device Data Breach

87% of Indian companies victims of security breach last year

Airline Credential-Theft Takes Off in Widening Campaign

All Data Breaches of all time – An Alarming Timeline

API Security: A Security Weak Link in Digital Transformation

Apple faces class action over app that led to cryptocurrency theft

Apple patches operating systems due to 'no click' spyware exploit

APT-C-23 Using New Android Spyware in the Middle East

Are Asian businesses really prepared to deal with ransomware attacks

Attacks reach record highs in 2021

Azure Zero-Day Flaws Highlight Lurking Supply-Chain Risk

Banks Slammed for Low Fraud Reimbursement Rates

Bitcoin ledger as a secret weapon in war against ransomware

Bitdefender offers free decryptor for REvil ransomware victims

Bitdefender releases REvil master decryptor

Bitdefender releases universal decryptor for REvil/Sodinokibi victims hit before July 13

Bot attack volumes growing 41% year over year, human-initiated attacks down 29%

Brute force attacks, unpatched software and malicious emails behind most incidents investigated by Kaspersky last year

California Attorney General Reminds Healthcare Entities to Comply with Data Breach Laws

Canada: Police issue warning to public regarding Business Email Compromise attacks

Chinook School Division student information exposed during accidental data breach

Communicating in the midst of a cyber attack

CVE-2021-40444 exploitation: Researchers find connections to previous attacks

Cyber threats surge 13% in FY21

Cybercriminals Are Threatening to Delete Victims’ Data

Cybercriminals Use Pandemic To Attack Schools and Colleges, Two Texas Schools Pay Over Half A Million in Ransom

Data breach in networks of Indonesian ministries and agencies

Dutch education administrators underestimate threat of cyber crime

Ensuring Business Continuity In A Modern-Day Threat Landscape

Fake TeamViewer download ads distributing new ZLoader variant

FBI: $113 million lost to online romance scams this year

FBI and CISA warn of state hackers exploiting critical Zoho bug

Few Organizations are Actually Preparing for a Ransomware Attack

Financial Cybercrime: Following Cryptocurrency via Public Ledgers

Find the balance between security and privacy in a BYOD world

Ford Faces Class Action Lawsuit for Storing and Sharing Private Conversations

Four out of five organizations plan to begin zero trust rollout within one year

Free REvil ransomware master decrypter released for past victims

FTC says it will fine digital health companies that don't disclose data breaches

Google and Microsoft had the most vulnerabilities in the first half of 2021

Hackers steal Covid test data of 1.4 million people from Paris hospital system

Health apps 'playing fast and loose' with user data, warns Federal Trade Commission (FTC) chief

Hive is a new and potentially devastating type of ransomware. Here’s what you need to know

Household Names Hit with £500K Fine for Spamming Consumers

How much are data breaches costing Canadian businesses?

How Phishing Actors Impersonated the U.S. Department of Transportation

How to Protect and Support a Remote Workforce

How Zero Trust approach can resolve your top security challenges

Howard University Ransomware Attack Prompts Georgetown To Take Additional Precautions

HP Omen Hub Exposes Millions of Gamers to Cyberattack

HSE chief says cost of cyber attack could reach €100m

Increase in Phishing Attacks on Nigerian Organisations Hits 66%

Is Grief's Threat to Wipe Decryption Key Believable?

Make or Break: What To Do When Security Solutions Fail

Making the Cybersecurity Grade: How Schools Can Protect Data and IT Resources

Medical Center Rebuilding EMR Following Ransomware Attack

Microsoft: Windows MSHTML bug now exploited by ransomware gangs

Microsoft announces passwordless authentication option for consumers

Microsoft Ditches Passwords. Will the World Follow?

Microsoft offers passwordless login to all customers

Misconfigured APIs Account for Two-Thirds of Cloud Breaches

MSHTML Zero Day Exploits Used Shared Infrastructure With Ransomware Group

New Go malware Capoae targets WordPress installs, Linux systems

New malware uses Windows Subsystem for Linux for stealthy attacks

Newcastle Grammar School reveals post-mortem of ransomware infection

Nigeria Records 13% Decline In Phishing Attack In H1

‘OMIGOD’ Microsoft Azure vulnerabilities expose users to hacking

One-in-seven Nasdaq-100 companies ranked as highly susceptible to a ransomware attack

Phishers aim to get Office 365 credentials by impersonating the US Department of Transportation

Phishing through your QR or Qrishing: that is how this rip-off works that the Police in Spain warn about

Phone, Email Scams Target Asian, Other Boston University Students

Popular slot machine chain Dotty's reveals data breach exposing SSNs, financial account numbers, biometric data, medical records and more

Puma has also been added to the victim list of Marketo Gang

Ransomware: A market problem deserves a market solution

Ransomware: What Financial Firms Need to Know

Ransomware, crypto scams & brute-forced passwords: Highlights from CERT NZ's Q2 report

Ransomware attackers targeted app developers with malicious Office docs, says Microsoft

Ransomware attacks and crypto-currency scams on the rise

Ransomware gang threatens to remove key when victim contacts negotiator

Ransomware incidents continue to rise

Ransomware mitigation sees focus from AWS, Azure, Google Cloud

Ransomware-as-a-service pandemic must be interrupted, says Cambridge cybersecurity specialist Darktrace

Ransomware-hit law firm secures High Court judgment against unknown criminals

Republican Governors Association was hacked earlier this year

Rethinking Security When Identity is the Ultimate Attack Surface

REvil Ransomware Victims Get A Reprieve As Master Decryption Key Is Released

REvil/Sodinokibi Ransomware Universal Decryptor Key Is Out

Security hygiene for the 2020s

Senator calls on agencies to take action to prevent criminal cryptocurrency use

South African Child Maintenance Payments Delayed by Ransomware Attack

T-Mobile US presses to consolidate class action suits

The 5 Ws for building a strong cybersecurity plan

The 8 Most Notorious Malware Attacks of All Time

The Massachusetts Attorney General will probe the T-Mobile data breach

The Ransomware Killchain: How It Works, and How to Protect Your Systems

The weak points where hackers could hijack the food and drink supply chain

There Is No Evidence Russia-based Ransomware Is Slowing Down

Think Your End-of-Life Data is Destroyed? Think Again!

Third Critical Bug Affects Netgear Smart Switches — Details and PoC Released

Tourist warning - Popular holiday scam 'exploiting' travellers is on the rise

Travel-themed phishing lures spiked this summer

Travis CI Flaw Exposes Secrets of Thousands of Open Source Projects

Triple Extortion Ransomware: A New Challenge For Defenders

United Nations Data Breach: Hackers Obtained Employee Login From Dark Web, Are Executing Ongoing Attacks on UN Agencies

Universal decryptor key for Sodinokibi, REvil ransomware released

Using Machine Learning for Anomaly Detection and Ransomware Recovery

What Is Shoulder Surfing and How Do You Prevent It?

When attackers strike

Why Understanding Data Privacy is More Important Than Ever

Windows MSHTML 0-Day Exploited to Deploy Cobalt Strike Beacon in Targeted Attacks

Yonkers fought off cyberattack over Labor Day weekend as virtual threat grows regionally

15th September

3 Former U.S. Intelligence Officers Admit to Hacking for UAE Company

9 tips to avoid cloud configuration conundrums

46% of all on-prem databases are vulnerable to attack, breaches expected to grow

A cyber security threat is now reported in Australia every eight minutes

A Phishing Kit Scammed Thousands Of People

Americans Fined After Hacking for Foreign Government

Americans Fined After Hacking for Foreign Government

Anonymous steals ‘decade’s worth of data’ from far-right web host Epik

Attackers Impersonate Department of Transportation (DoT) in Two-Day Phishing Scam

Australia and Singapore have higher incidences of insecure databases

Brand abuse attacks dominate list of fraud trends

California Attorney General Issues Bulletin on Health Data Breach Reporting Requirements

Call to eliminate 'human error' causing Guernsey data breaches

Critical Azure security vulnerabilities affect large organizations

Critical Flaws Discovered in Azure App That Microsoft Secretly Installed on Linux VMs

Customer Care Giant TTEC Hit By Ransomware

Cyber Crime Attacks on Australians Increase to 1 Every 8 Minutes

Cyber crime in Australia increased 13% in the last year

Cyber crime spreads in Australia as COVID-19 pushes more people online

Cyber insurance – the year of change

Cybercriminals recreate Cobalt Strike in Linux

Cybercriminals use pandemic to attack schools and colleges

Cybersecurity tips for online learning as schools tap hybrid learning amid delta variant

Data Breach In Networks Of Indonesian Ministries And Agencies

Defeating Ransomware with Multi-Factor Authentication (MFA)

Department of Justice (DOJ) fines NSA hackers who assisted UAE in attacks on dissidents

Did you take a COVID test at Walgreens? Records of it were left open online

Email scammers posed as DOT officials in phishing messages focused on $1 trillion bill

Employees are losing thousands of dollars to this ‘boss scam’

Execs concerned about software supply chain security, but not taking action

Experian data breach suspect nabbed

Financial services organisations spend over $2.62 million on ransomware recovery

Financial Services Sector Hit with $2m Ransomware Costs

Five Risks For Your Mission-Critical SaaS Data

Former U.S. intel operatives to pay $1.6M for hacking for foreign government

German election authority confirms likely cyber attack

Google patches Chrome zero-day exploited in the wild

GSaaS: The Changing Dynamics of Cybersecurity

Half of on-prem databases contain security vulnerabilities

Hawks arrest suspect for massive Experian data breach

Health care data breach affects more than 100,000 Mainers

Health Care Providers Are Turning to Cyber Insurance

How to Prevent an Office of Foreign Asset Control (OFAC) Sanction When Responding to a Ransomware Attack

How to protect your on-premises databases from security vulnerabilities

Improving Backup Resiliency as the Last Line of Ransomware Defense

Individuals use two-factor authentication, biometrics to protect information

IoT: An Internet of Threats?

Ireland: Data Protection Commissioner launches two inquiries into TikTok

ISOMorph and HTML Smuggling

Justice department working to restore IT systems after ransomware attack

Lawsuit: Health System Failed to Heed Ransomware Warnings

Many companies are struggling to repel network attacks

Many employees can access millions of company files on their first day

McAfee Enterprise research links new RaaS gang to Babuk

Meris botnet assaults KrebsOnSecurity

Microsoft fixes critical bugs in secretly installed Azure Linux app

Microsoft just took another big step towards getting rid of passwords forever

Microsoft Patches OMIGOD, MSHTML and PrintNightmare Bugs

Microsoft rolls out passwordless login for all Microsoft accounts

MikroTik shares info on securing routers hit by massive Mēris botnet

Most Fortune 500 companies’ external IT infrastructure considered at risk

Multiple Flaws in Microsoft Azure Put Half of All Deployments at Risk

National Information Technology Development Agency (NITDA) warns of data breach via mobile apps

Nearly a Third of Brits Say They Feel Unsafe Online

No Patch for High-Severity Bug in Legacy IBM System X Servers

NSA Director Promises ‘Intense’ Crackdown On Foreign Cyber Attacks

OMIGOD: Azure users running Linux VMs need to update now

Open Web Application Security Project (OWASP) updates top 10 vulnerability ranking for first time since 2017

Phishers impersonate US DOT to target contractors after Senate passed $1 trillion infrastructure bill

Phishing Attacks in Nigeria Drop 13% in H1 2021

Phishing Attacks on the Rise: 60% of Organizations in the UAE

Phishing Scams In 2021

Phishing texts and emails target University of Oregon community in fall surge

Quarter of Fortune 500's External IT Assets Are a Cyber Risk

Ransomware crims saying 'We'll burn your data if you get a negotiator' can't be legally paid off anyway

Ransomware encrypts South Africa's entire Department of Justice network

Ransomware gang threatens to wipe decryption key if negotiator hired

Ransomware gangs’ methods match state-sponsored attackers as assaults get more sophisticated

Ransomware is exploding and evolving

Ransomware preparedness is low despite executives’ concerns

Rare bright cyber spot: Australian Cyber Security Centre (ACSC) reports total incidents down 28%

Remote work presents challenges for IT leaders

Rise in cyberattacks on healthcare organisations

Russia Has Taken No Action to Combat Ransomware, FBI Says

Russia is fully capable of shutting down cybercrime

SEC’s SolarWinds Probe Could Expose Undisclosed Security Breaches

Securing the Edge in a Hybrid Environment

Security Experts Witnessed a 55,239% Increase in Ransomware Activity in Q2

Serious Flaw Found in HP OMEN Driver

Software Supply Chain Attacks Surge 650% in a Year

South Africa: Suspect arrested for massive 2020 data breach

South African government entities hit by cyber attacks and services affected

South African organisations not confident they could survive a ransomware attack

Stale Microsoft 365 accounts are a security risk: Remove them now

Steganography explained and how to protect against it

T-Mobile, customers diverge on forum to transfer data breach suits

T-Mobile Data Breach to Be Investigated by Massachusetts Attorney General

Tape Won’t Work for Ransomware Protection. Here’s Why

Tech giant Olympus reportedly hit by BlackMatter ransomware

The fight against ransomware

The Hidden Risk the Defense Sector’s Probably Overlooking

The Ransomware Pandemic That COVID Started

The Top 5 Threats to Cyber Security

Traditional Fraudulent Tactics Like Spam Emails and Phishing Still Prevalent According to Kaspersky

Two-thirds of cloud attacks could be stopped by checking configurations, research finds

U.S. Operatives Responsible for “KARMA” Deployment in the U.A.E. Offered Costly Resolution

UAE organisations report increased cyberattacks during the pandemic

UK's General Data Protection Regulation (GDPR) Explained

Wisconsin Attorney General Warns Of Increased Ransomware Threats

You can now eliminate the password for your Microsoft account

You Can Now Sign-in to Your Microsoft Accounts Without a Password

Your Security Debt is Due. Here’s How to Pay it Off

ZLoader is back: uses ads for spreading and disables Windows defender

14th September

60 Million records exposed: Fitbit, Apple, Google health info leaked in massive data breach

2020 Expensive Year For Ransomware Victims: Sophos

2021’s Most Dangerous Software Weaknesses

Adobe Snuffs Critical Bugs in Acrobat, Experience Manager

After a Short Summer Vacation, REvil Ransomware Group Shows Signs of Returning to Business

Apple Fixes Pegasus-Exploited Zero-Day Through iOS 14.8 and macOS 11.6

Apple fixes “zero-click” iMessage zero-day exploited to deliver spyware (CVE-2021-30860)

Apple Patches Pegasus Spyware Flaw for iOS Devices, Macs

Apple patches spyware flaw affecting all operating systems

Apple releases emergency patch to protect all devices against Pegasus spyware

Apple Releases Urgent Patch Following Discovery of Pegasus Spyware

Australia: Ransomware shows why we need a bipartisan federal cybersecurity policy

Automotive Industry Faces Severe Data Breaches and Ransomware Threats, CybelAngel Investigation Reveals

BlackMatter Ransomware Hits Japanese Tech Giant Olympus

Bot attacks grow 41% in first half of 2021

Child maintenance payments delayed after ransomware attack disables important system

Clinic: EHR Data Too Damaged to Recover Post-Attack

Cloud Misconfigurations: The Hidden but Preventable Threat to Cloud Data

Close to half of on-prem databases contain vulnerabilities, with many critical flaws

Constant threat of ransomware causing data protection headaches

Corporate corruption, fraud and bribery have significant impacts to the enterprise

Cost of ransomware attack in financial sector exceeds $2m

Create a ransomware playbook

Cyber attack on Justice Dept spills over to South Africa's new information watchdog

Dangers of DNS poisoning and how to prevent it

Deloitte Poll: Most US Executives Lack Ransomware Response Plan

Don’t get held to ransom: Cause, prevention, recovery

Executives' ransomware concerns are high, yet few are prepared for attacks

Explained: How safe is my iPhone after Apple’s no-click security flaw?

FBI ends GCSD cyber attack investigation

FBI Official: Russia Is Not Cooperating with U.S. Against Ransomware Threat

Financial Services Firms Spend Over $2m on Ransomware Recovery

Finding your PII data before someone else does

Fitness Tracking Platform Exposed 61 Million User Records

Five ways to improve your cyber resilience with robust ransomware recovery

General promises US 'surge' against foreign cyberattacks

Global Databases Riddled with an Average of 26 Vulnerabilities

Google patches two Chrome zero-days

Hackers Are Laying Siege to Critical Infrastructure: Here’s How to Fight Back

Healthcare cybersecurity: How to prevent the compromise of patient records?

Here's what smishing means as reports of text message scams jump - and how it differs from phishing

Houston Provider Delayed Notice of Ransomware Attack for Months

How the Digital Business is Keeping Up with Compliance

How to defeat cyber threats with AI-powered, real time threat intelligence

How to evaluate the security risk of your databases

HP OMEN Gaming Hub Flaw Affects Millions of Windows Computers

HP patches severe OMEN driver privilege escalation vulnerability

Improving Cyber Resilience Against Ransomware Attacks in the U.S.

Indonesia denies report of Chinese hacking group breaching intelligence agency servers

Information Regulator hit by ‘ransomware attack’

IT teams forced into compromising security for business continuity during pandemic

Krita art app users targeted by ransomware posing as paid 'collaboration' opportunities

Massachusetts Attorney General (AG) Launches Investigation Into T-Mobile Data Breach

Massachusetts Attorney General (AG) Launches Probe into T-Mobile Data Breach

Massachusetts probing huge T-Mobile data breach

Microsoft fixes remaining Windows PrintNightmare vulnerabilities

Microsoft fixes Windows CVE-2021-40444 MSHTML zero-day bug

Microsoft patches actively exploited MSHTML zero-day RCE (CVE-2021-40444)

Microsoft Patches Actively Exploited Windows Zero-Day Bug

Microsoft Releases Patch for Actively Exploited Windows Zero-Day Vulnerability

Millions of HP OMEN gaming PCs impacted by driver vulnerability

More Aussies at risk as Google finds phishing, scams ramp up

‘New battleground’: Cyber attackers targeting Australia’s health system

New Stealthier ZLoader Variant Spreading Via Fake TeamViewer Download Ads

New York County IT Supervisor Charged with Crypto-Mining

New Zloader attacks disable Windows Defender to evade detection

Olympus insists medical services ‘uninterrupted’ by malware attack

One Stolen Password Took Down The Colonial Pipeline — Is Your Business Next?

Online Safety Starts With Using a Password Manager

OSI Layer 1: The soft underbelly of cybersecurity

Outsmart Cybersecurity Threats By Modernizing Your ERP

Pair of Google Chrome Zero-Day Bugs Actively Exploited

Perfect Storm Expands Opportunities For Cyber Investment

Personal information of North East ISD (NEISD) employees may have been compromised in cyber attack, district says

Phishing Attacks Getting Sneakier with Open Redirects

Phishing attacks on the decline as cybercrims focus efforts

Phishing puts South African companies under fire

Ragnar Locker Ransomware Gang Employs New Tactics: Leaking Data if Victims Contact the FBI

Ransomware Operators Ramp Up Pressure on Victims via Multiple Extortion Attacks

Ransomware prevention tips for SMEs: The threat from within

Response Plans, Backup Strategies Underpin Cyber Resilience

REvil: Ransomware gang active again in a new line-up

Rise in cyberattacks, ransomware during COVID-19 boosts IT security skills

Romance, BEC Scams Lands Soldier in Jail for 46 Months

Russia is fully capable of shutting down cybercrime

Scammers already targeting people with iPhone 13 offers

Seven signs your mobile phone has been hacked and your personal or financial details hijacked

‘Significant threat’: cyber attacks increasingly targeting Australia’s critical infrastructure

Smishing attacks increased 700% in first six months of 2021

SolarWinds CEO: Breach transparency 'painful' but necessary

South African Justice Department hit by ransomware attack

Texas GOP Website Down After Anonymous Hack

The Rise in Ransomware: Here's How to Fight It

The Rise of Ransomware

The state of ransomware: national emergencies and million-dollar blackmail

This phishing kit is wreaking havoc on thousands of victims

Thousands of UNM Health records breached

Three ways to keep your organization safe from cyberattacks

Training creators say cybersecurity drills don't have to be 'fight or flight'

US general in charge of cybersecurity pledges ‘surge’ to address ransomware attacks

What Is Cyber Insurance and Do I Need It?

What is Driving the Surge of Ransomware Attacks?

Why AI and Automation Provides Superhuman Security

Why cyber criminals are targeting schools

Why you should avoid those fun social media "tell us about yourself" questions

Wisconsin officials report increase in ransomware threats

Zero Trust Requires Cloud Data Security with Integrated Continuous Endpoint Risk Assessment

ZLoader’s Back, Abusing Google AdWords, Disabling Windows Defender

13th September

5 ways to better prepare your organization for a ransomware attack

5 ways to improve cyber resilience against ransomware, supply chain attacks

91% of IT teams feel pressure to compromise security

A Third of Industrial Control Systems Attacked in H1 2021

Anonymous hacks Texas Republican Party website against abortion law

Apple fixes iOS zero-day used to deploy NSO iPhone spyware

Apple Issues Emergency Fix for NSO Zero-Click Zero Day

Apple Issues Urgent Updates to Fix New Zero-Day Linked to Pegasus Spyware

Apple releases update fixing NSO spyware vulnerability affecting Macs, iPhones, iPads and Watches

Attackers' fumble gave out Kaseya decryptor key

Bad News: Innovative REvil Ransomware Operation Is Back

Beginning a more mature conversation about cybersecurity

Beware of these 5 common scams you can encounter on Instagram

BlackMatter attack on Olympus shows troubling rise of ransomware-as-a-service

BlackMatter ransomware hits medical technology giant Olympus

Brazil debates creation of national strategy to tackle cybercrime

Camera giant Olympus hit by ransomware attack

CISA Adds Single-Factor Authentication to the List of Bad Cybersecurity Practices

Class action targets Georgia health system over ransomware attack that exposed 1.4 million patients' info

Cloudflare CEO says crypto exchanges are a popular target for cyber attackers

Critical Bug Reported in NPM Package With Millions of Downloads Weekly

Cyber Insurance Carriers, Increasingly Targeted by Hackers, Impose New Coverage Conditions

Disincentivizing ransomware criminals across the federal government

Elevated Cyber-risk as Companies Choose Speed Over Security

Enterprise automation adoption surging, security and compliance area jump by 171%

Federal Trade Commission (FTC) warns of extortionists targeting LGBTQ+ community on dating apps

Fitbit, Apple user data exposed in breach impacting 61M fitness tracker records

Gone phishing: The escalation in global cyberattacks is an unintended consequence of Fourth Industrial Revolution (4IR) technologies

Google patches 10th Chrome zero-day exploited in the wild this year

Hacker-made Linux Cobalt Strike beacon used in ongoing attacks

Hackers leak California hospital patients' data online after ransomware attack

Honing Cybersecurity Strategy When Everyone’s a Target for Ransomware

How Intrusion Risk Controls Ward off Ransomware Hackers

How Likely Is Your Employee To Cause A Data Breach?

How Nonprofits Can Defend Against Ransomware Attacks

How To Defend Against Increasingly Convincing Phishing Attacks

Information Regulator of South Africa concerned by breaches and ransomware attacks

IoT device attacks double in the first half of 2021, and remote work may shoulder some of the blame

Kaspersky Records Over 2 Million Phishing Attacks in South Africa, Kenya and Nigeria in H1 2021 and Spam Email Still a Threat

Linux Implementation of Cobalt Strike Beacon Targeting Organizations Worldwide

Looking for election threats in all the wrong places

Mobile app creation: Why data privacy and compliance should be at the forefront

‘MskHost’ Taken Down by Hacktivists Who Will Now Pass Stolen Clientele to the Police

Mustang Panda Compromises Indonesian Intelligence Agency

MyRepublic reports data breach to customers

New SpookJS Attack Bypasses Google Chrome's Site Isolation Protection

Now Is The Time To Update Your Risk Management Strategy And Prioritize Cybersecurity

Nuspire Report Confirms Massive Spike in Ransomware Attacks

Olympus Admitted the ‘BlackMatter’ Ransomware Gang Got Them

Olympus Allegedly Falls Victim to BlackMatter Ransomware Attack

Olympus hit by suspected ransomware attack

Olympus investigating reported ransomware attack with BlackMatter hallmarks

Olympus likely victim of BlackMatter ransomware

Only 30% of enterprises use cloud services with E2E encryption for external file sharing

Open redirect on UK council website was being used for Royal Mail-themed parcel payments scam

Over 60 million wearable, fitness tracking records exposed via unsecured database

People, places, and spaces: Edge data centers’ biggest security challenges

Phishing attacks vs employees skyrocketed during the pandemic

Prevention is better than cure: The ransomware evolution

Ransomware attacks are about to get worse. But there are ways to stop them

REvil is back - and wants to rebuild its reputation

REvil Ransomware Is Back Online After A Brief Hiatus

REvil’s Back; Coder Fat-Fingered Away Its Decryptor Key?

Securing a Hybrid Work Environment: The Worst of Both Worlds

Securities and Exchange Commission (SEC) Probe into Russian Hacking of SolarWinds has corporate America worried

Security Advisory Regarding Remote Code Execution in MSHTML

Security Experts Witnessed a 55,239% Increase in Ransomware Activity in Q2

South Africa: Calls for transparency after justice department cyber attack

Technology giant Olympus hit by BlackMatter ransomware

Tesla targeted in failed ransomware extortion scheme

The Evolution of Disruptionware and the Growth of Ransomware as a Service (RaaS)

The great data robbery

The Three Pillars of Unified Risk Management for Product Security

The top cyber security risks of 2022

Third-party cloud providers: Expanding the attack surface

Tips For Protecting Yourself Against Rising Cybercrime

Top 5 Enterprise Security Threats and How To Avoid Them

Update Google Chrome to Patch 2 New Zero-Day Flaws Under Attack

US Locks Up Key Player in Nigerian Romance Scam

Virginia National Guard suffers cyberattack as Marketo leaks data

What’s Behind the Leaks of Customer Data From Retailer Databases?

Why a Zero-Trust Model for Email Security Is Critical