Editor's Message

Welcome to DBD. On March 8th we celebrated our 4th Anniversary and the 1st Anniversary of our PRiSM application, officially endorsed by the SANS Institute. Despite recent personal issues that have impacted the amount of time I have been able to dedicate to both projects, I have been doing my best to keep everything as up-to-date as possible, and I would like to take this opportunity to thank everyone for their patience and support whilst I navigate through this very difficult time. Stay safe. :)

Monday 20 September 2021

Data Breaches Digest - Week 38 2021

Welcome to this week's Data Breaches Digest, a catalogue of links concerning Data Breaches and Cyber Security that were published on the Internet during the period between 20th September and 26th September 2021.

26th September

2021 Sets the Bar for DDoS Cyber Attacks

A Brief Guide to Understanding and Preventing Cyber Attacks

Don't click text link for COVID-themed discount

Eighty-Six percent of Saudi organizations attribute damaging cyberattacks to vulnerabilities in technology put in place during the Pandemic

How to Make Sure Your Business is Cyber Secure

Increasing Visibility in the Federal Threat Landscape

It’s time to bring in the cybersecurity experts

Keeping Your Money Secure In Your Bank Account

NFT scams: how to protect yourself from being duped online

Paying Hackers’ Ransom Demands Is Getting Harder

Privacy is not for sale

Ransomware attacks are another tool in the political warfare toolbox

Ransomware is Rampant: Is Your HVAC Business Safe?

Ransomware shame: More than half of business owners conceal cyber-breach

Scam hitting accounts 20 times had helpline ‘hopping’ on Saturday

Scan QR-code menus with a side of caution, say privacy experts

SIM card registration deemed inadequate for fraud deterrence

Supply chain and ransomware threats drove increase in cyber intelligence sharing

The Ever-Growing Iranian Cyber Threat

The Top 7 Ways Cyberscammers and Malware Operators Abuse Google Forms, According to Sophos Research

Thief stealing thief: REvil sells security breach ransomware and scams hackers

Tips to keep safe from scams

Tracking stolen crypto is a booming business: How blockchain sleuths recover digital loot

US imposes sanctions against Russian cryptocurrency exchange

Why Implementing Ethical Phishing Campaigns Aren’t Enough to Protect Against Data Breaches

Yes, the FBI held back REvil ransomware keys

25th September

€1,000 Decathlon competition scam targets facebook users in France

A crippling ransomware assault hits one of Europe’s major customer service and call centre providers

Alert! THIS Android malware steals banking data; Here’s how to remain safe

Beware of this Venmo text phishing scam

Bitcoin.org hackers steal $17,000 in 'double your cash' scam

Data leak: Details on billions of Facebook and Clubhouse users shared online

Fallout begins for far-right trolls who trusted Epik to keep their identities secret

Federal Lawsuit Filed Against Paxton Media Group, Targets Data Breach

Here are the top 5 digital scams in South Africa to be aware of

India: Government agency issues high alert over security threat to routers from this company. What you need to do

Lastpass Releases Psychology of Passwords Report

Microsoft WPBT flaw lets hackers install rootkits on Windows devices

One out of every three organizations experienced cyberattack during the last year

Passwords: Your First and Often Weakest Defence

Ransomware strike targets US agriculture industry, White House quietly hits back

REvil Ransomware Group's Latest Victim: Its Own Affiliates

TangleBot: New Malware Uses COVID-19 Misinformation to Target Android Users

Tessian Finds Employees Receive Nearly 50% Malicious Emails in the Last Three Months of the Year

Top 5 difficulties in penetration testing

Traditional Firewalls vs. Next Gen Firewalls – What’s the Difference?

UK: Ben Wallace apologizes for the “unacceptable breach” that “may cost interpreters their lives.”

US imposes sanctions on Russian cryptocurrency exchange SUEX

When the FBI seizes your messages from Big Tech, you may not know it for years

24th September

3.8 Billion Facebook & Clubhouse User Records Put On Sale

4 Ways Organizations Can Prevent Healthcare Phishing Attacks

A crippling ransomware assault hits one of Europe’s major customer service and call centre providers

A duet of new scams is climbing the charts

A New APT Hacker Group Spying On Hotels and Governments Worldwide

A new zero-day is being exploited to compromise Macs (CVE-2021-30869)

A Ransomware Loader Is Being Spread Through Google Ads

'Anonymous' Hackers Claim to Hit Website Hosting Firm Popular With Far-Right Groups

Another co-op reports ransomware attack

Apple Patches 3 More Zero-Days Under Active Attack

Apple's New iCloud Private Relay Service Leaks Users' Real IP Addresses

As House passes breach reporting requirement, gaps remain with Senate bills

“Attackers only need to be correct once”: tackling the new frontier of ransomware

China’s New Data Security Law: What International Companies Need to Know

CISA, FBI, and NSA issue a Conti ransomware advisory

Cisco fixes highly critical vulnerabilities in IOS XE Software

Cisco Releases Patches 3 New Critical Flaws Affecting IOS XE Software

Clubhouse leaked data trove including phone numbers isn’t as bad as it sounds

Complex New SMS Malware Discovered

Coos Health attacked by ransomware

COVID-19 response, third-party vendor management risks to patient safety

Critical Cisco Bugs Allow Code Execution on Wireless, SD-WAN

Cyber Threats Result in 60% Increase in Cyber Intelligence Sharing Among Financial Firms

Cybersecurity Vulnerability Could Affect Millions of Hikvision Cameras

Delete unused online accounts to protect from hackers, trackers

Emergency Google Chrome update fixes zero-day exploited in the wild

EU 'denounces' Russian malicious cyber activity aimed at member states

EU officially blames Russia for 'Ghostwriter' hacking activities

Exchange/Outlook Autodiscover Bug Spills $100K+ Email Passwords

Exploits imminent for critical VMware vCenter CVE-2021-22005 bug

Faced with ransomware, the US sanctions a cryptocurrency platform

FBI decision to withhold Kaseya ransomware decryption keys stirs debate

Federal Advisory Warns of Increasing Conti Ransomware Attacks

Frustrated developer drops three zero-day vulnerabilities affecting Apple iOS 15 after six-month wait

Google Warns of a New Way Hackers Can Make Malware Undetectable on Windows

How to prevent ransomware: 6 key steps to safeguard assets

How XDR Technology is Helping Businesses Thwart Cyber Attacks

Lawsuits: Negligence Led to UC San Diego Health Incident

LinkedIn URLs are being hijacked for phishing

Microsoft issues warning against dangerous new phishing campaign

Microsoft rushes to register Autodiscover domains leaking credentials

Millions of South Africans caught up in security incident after debt recovery firm suffers ‘significant data breach’

Most IT leaders prioritize cloud migration, yet security concerns remain

NIST Issues Cybersecurity Framework for Ransomware Risk Management

OFAC Helps Those Who Help Themselves: How a Ransomware Response Plan Can Help Avoid Sanctions Enforcement for Ransom Payments

Office of Foreign Assets Control (OFAC) Warns Companies Again Not to Pay Ransomware Demands and Offers Helpful Hints for Mitigating Risks

Policy and patience key in Biden’s cybersecurity battle

Preventive Care for Your Business’s Online Data

Quarter of providers saw mortality rates rise after ransomware attacks

Ransomware: Double The Trouble In 2021

Ransomware attack shuts down New Hampshire clinics

Ransomware attacks impact patient care, including increased mortality rates

Ransomware attacks reach ‘stratospheric’ levels finds new research

Ransomware sanctions and the U.S. Government's latest strategy to address cyber threats

Ransomware Victims Told to Think Twice Before Paying Hackers

Red forest is gone, now what?

Researcher drops three iOS zero-days that Apple refused to fix

RTL Nederland paid hackers 8,500 euros after ransomware attack

Social Engineering Trends in Cybersecurity

SonicWall fixes critical bug allowing SMA 100 device takeover

SonicWall Issues Patches for a New Critical Flaw in SMA 100 Series Devices

TangleBot Malware Reaches Deep into Android Device Functions

The Benefits and Challenges of Passwordless Authentication

The threat hanging over back to school: Howard University cyberattack

This ransomware-dropping malware has swapped phishing for a sneaky new attack route

Top 10 Ways to Prevent Cyber Attacks

UC San Diego Health is sued over data breach that may have exposed records of 500,000 patients

United Health Centers ransomware attack claimed by Vice Society

Urgent Chrome Update Released to Patch Actively Exploited Zero-Day Vulnerability

We're still making terrible choices with passwords, even though we know better

What Is URL Phishing and How to Identify It?

23rd September

5 ways to stay ahead of government-targeted ransomware

85% Of UK’s Top 20 Universities Putting Staff, Students, And Suppliers At Risk Of Email Fraud

85% of UK's Top Universities at Risk of Email Fraud

100M IoT Devices Exposed By Zero-Day Bug

A New Bug in Microsoft Windows Could Let Hackers Easily Install a Rootkit

Afghanistan: Details of another MoD data breach emerge

Afghanistan: Second Interpreters Email Data Breach Uncovered In Ministry of Defence (MOD)

Apple patches new zero-day bug used to hack iPhones and Macs

Apple releases patches for Catalina and iOS 12.5.5 vulnerabilities

Artificial Intelligence: The Future Of Cybersecurity?

Australia and New Zealand Group (ANZ) reports a 73% year-on-year increase in scams for the first eight months of 2021

Best Practices for ICS and OT Security

Breached passwords: Popular TV shows don't make for the best security credentials

CISA and the FBI Publish Second Alert on the Conti Ransomware Group

CISA releases advisory on Conti ransomware, notes increase in attacks after more than 400 incidents

CISA, FBI, and NSA issue a Conti ransomware advisory

Cloud Security Alliance (CSA) Offers Guidance on Preventing Ransomware in the Healthcare Cloud

Colombian Real Estate Agency Leak Exposes Records of Over 100,000 Buyers

Consumers taking action to protect themselves online, though confidence is low

Conti Ransomware Attacks Surging, US Government Warns

Data Breach: How to Prevent and Mitigate Data Breaches in 2021

Data breach affecting 1.4 million South Africans highlights importance of ID protection

DDoS attacks increased 11% in 1H 2021, fueling a global security crisis

DDoS Attacks Increasing As Record-Setting Year Is Anticipated

Details of another MoD data breach revealed

Education sector has improving window of exposure despite lower remediation rates and higher than average time to fix

'Facilitating' ransomware payments could land companies in hot water

Fake WhatsApp backup message delivers malware to Spanish speakers’ devices

FamousSparrow APT Wings in to Spy on Hotels, Governments

FBI and CISA Issue Conti Warning

Fresh alert over Conti ransomware surge

Future of work: Cybersecurity and hybrid working as top two enterprise priorities

Google Forms is fast becoming a favorite tool for cybercriminals

Google Report Spotlights Uptick in Controversial ‘Geofence Warrants’ by Police

Hackers hit Russian ministry, rocket center using MSHTML vulnerability

Hacking group used ProxyLogon exploits to breach hotels worldwide

Hive Ransomware Continues to Attack Healthcare Providers

How African businesses and individuals can protect themselves from phishing scams

How phishing-as-a-service operations pose a threat to organizations

How to avoid being the next ransomware headline

In a first, US sanctions Russian crypto exchange linked to ransomware

Interisle reports a 70% increase in phishing in annual study

Is remote working putting your business at risk of attack?

It doesn’t pay to pay a ransom – especially in healthcare

Jet2 urgently warns all customers over social media 'phishing' scam

Large-Scale Phishing-as-a-Service Operation Exposed

Malware devs trick Windows validation with malformed certs

Microsoft Exchange Bug Exposes ~100,000 Windows Domain Credentials

Microsoft exposes BulletProofLink 'phishing as a service' criminal enterprise

Minnesota farm coop caught in ransomware attack

More Afghan Citizens' Data Exposed in Second MoD Breach

Morgan Stanley ‘ignored industry standards’ in data breach

Nagios XI vulnerabilities open enterprise IT infrastructure to attack

New advanced hacking group targets governments, engineers worldwide

New Android Malware Targeting US, Canadian Users with COVID-19 Lures

New Treasury sanctions take aim at blocking ransomware groups from cashing out

‘Ninja Forms’ Pushed a Very Important Update Affecting 1 Million Sites

NIST Issues Cybersecurity Framework for Ransomware Risk Management

Olympus Suffers a Suspected BlackMatter Ransomware Attack

Protecting IoT devices requires a DNS-based solution

Quarter of providers saw mortality rates rise after ransomware attacks, survey finds

Ransomware and Targeted Attacks in the Healthcare Sector

Ransomware attackers targeted this company. Then defenders discovered something curious

Ransomware attacks have reached 'stratospheric' levels

Ransomware costing financial firms $3.61m per breach

Ransomware detections dropped by almost half, but the threat is only getting worse

Ransomware is Harming Cybersecurity Strategy: What Can Organizations Do?

Ransomware Isn't Back. It Never Left

Ransomware now accounts for 69% of all attacks that use malware

REvil Affiliates Confirm: Leadership Were Cheating Dirtbags

REVil ransomware devs added a backdoor to cheat affiliates

Second farming cooperative shut down by ransomware this week

Second UK Data Breach Exposes Details of More Imperiled Afghans

South Africa: 1.4 million people at risk after Justice Department’s data breach

South African banks say latest Debt-IN data breach could have exposed customer data

State acknowledges possible data breach 10 months after incident

State of SecOps 2021: 5 Trends That Should Shape Your Security Approach

Supply Chain and Ransomware Threats Drove 60% Increase in Global Cyber Intelligence Sharing Among Financial Firms

The Norwegian Data Protection Authority Won’t Use Facebook

Tips to protect yourself from cyber attacks, as another 1.4m South Africans hit by data breach

U.S. Department of the Treasury announces set of actions to counter ransomware

U.S. Imposes Sanctions on Crypto Exchange to Crack Down on Ransomware

UC San Diego Health sued over data breach that may have exposed records of 500,000 patients

UK suspends official behind data breach revealing details of 250 Afghan interpreters

Urgent Apple iOS and macOS Updates Released to Fix Actively Exploited Zero-Days

US Eye-Care Providers Report Data Breaches

US releases restrictions on cryptocurrencies used for ransomware recovery

VoIP company battles massive ransom DDoS attack

Warning as Covid phishing sites impersonate police forces

‘Wish We Would Have Had’ Kaseya Ransomware Decryption Key Sooner, Says One MSP

22nd September

2 million malicious emails bypassed secure email gateways in 12 months

A malicious document could lead to RCE in Apache OpenOffice (CVE-2021-33035)

Afghanistan: second Ministry of Defence email data breach emerges

Brazilian government launches data protection campaign

Cloud presents biggest vulnerability to ransomware

Constella Publishes Energy Sector Exposure Report

Could You Be a Ransomware Target? Here’s What Attackers Look For

Creepy data collection and sharing remain common on popular apps

Crystal Valley Cooperative becomes latest agriculture business hit with ransomware

Crystal Valley Farm Coop Hit with Ransomware

DDoS attacks are becoming more prolific and more powerful, warn cybersecurity researchers

Double-extortion ransomware: Double the threat, double the challenges for businesses

Enterprises Need 27 New IT Hires to Manage Security Debt

FBI, CISA, and NSA warn of escalating Conti ransomware attacks

Feds Sanctions SUEX Cryptocurrency Exchange for Laundering Ransomware Payouts

Five lessons everyone needs to learn about phishing attacks

Hackers are scanning for VMware CVE-2021-22005 targets, patch now!

Half of Web Owners Don't Know if Their Site Has Been Attacked

How REvil May Have Ripped Off Its Own Affiliates

How to protect the corporate network from spyware

Internet users stressed out by cyberattack news

Introducing a new schema to track ransomware vulnerabilities

Marcus & Millichap hit with possible BlackMatter ransomware

Marketron Plans Re-Rollout After Ransomware Attack

Microsoft Analyzes Phishing-as-a-Service Operation

Microsoft Autodiscover abused to collect web requests, credentials

Microsoft Exchange Autodiscover bugs leak 100K Windows credentials

Microsoft Unearths Large-Scale Phishing Operation Involving 300,000 Subdomains

Microsoft Warns of a Wide-Scale Phishing-as-a-Service Operation

Mitigating a Company’s Liability When a Data Breach Is Suffered by a Vendor or Service Provider

More than 1 in 3 people have tried to guess someone else's password: 3 in 4 succeed

Netgear Releases Fixing Update for a Wide Range of Router Products

Netgear SOHO Security Bug Allows RCE, Corporate Attacks

New Nagios Software Bugs Could Let Hackers Take Over IT Infrastructures

New version of Jupyter infostealer delivered through MSI installer

Phishing-as-a-service operation uses double theft to boost profits

Plug critical VMware vCenter Server flaw before ransomware gangs start exploiting it (CVE-2021-22005)

Police investigating City of Helsinki data breach involving over 140 victims

Ponemon study finds link between ransomware, increased mortality rate

RaidForums data marketplace accidentally exposes private staff page

Ransomware attack levels soaring, now accounting for 69% of all attacks involving malware

Ransomware Attacks Have Gone Stratospheric

Ransomware Attacks Reach ‘Stratospheric’ Levels

Ransomware dominates attacks and new malware targets Unix systems

Ransomware is a patient mortality risk, driven by COVID, third-party vendors

Ransomware is rampant: Is your facility safe?

Ransomware threats more frequent, sophisticated

RCE is back: VMware details file upload vulnerability in vCenter Server

Researchers Discover Remotely Exploitable Flaw that Results in File Exposure on Gurock TestRail

Second farming cooperative shut down by ransomware this week

Securing Software: The Root Cause Conundrum

Shadow Code remains a high security risk

South Africa-based debt collector hit by massive ransomware attack

South Korea Commits to Combatting Increased Ransomware Attacks

Stop ransomware attacks by hackers! Here is how to do so

This cryptocurrency miner is exploiting the new Confluence remote code execution bug

This phishing-as-a-service operation is responsible for many attacks against businesses, says Microsoft

Threat Analysis Report: PrintNightmare and Magniber Ransomware

Treasury Sanctions Russian Crypto Exchange

Unpatched Apple Zero-Day in macOS Finder Allows Code Execution

US DHS, FBI Face Ransomware Questions from Congress

US Treasury sanctions crypto exchange over role in ransomware attacks

VMware issues critical patch for ransomware vulnerability

VMware Warns of Ransomware-Friendly Bug in vCenter Server

We cannot afford for healthcare security to be the “lowest-hanging fruit”

Wearable Fitness Trackers the Target of a Data Breach

What does the U.S. data breach bill mean for your organization?

Why Are Industrial Control System Attacks Increasing?

Yes, the FBI held back REvil ransomware keys

21st September

$5.9 million ransomware attack on farming co-op may cause food shortage

7 unexpected ransomware costs

46% of On-Prem Databases Globally Contain Vulnerabilities: Is Yours Safe?

77% of execs concerned about security tools gaps in their company

Afghan Interpreters’ Data Exposed in MoD Breach

After ransomware attack, company finds 650+ breached credentials from NEW Cooperative CEO, employees

Biden administration to issue sanctions to counter ransomware payments

Biden sanctions cryptocurrency exchange over ransomware attacks

BlackMatter Strikes Iowa Farmers Cooperative, Demands $5.9M Ransom

BlackMatter's ransomware attack on NEW Cooperative may impact food supply chain

Canadian firm VoIP.ms hit by non-stop extortion-based DDoS attacks

Challenges CISOs face in a rapidly evolving cybersecurity landscape

Cring Ransomware Exploits 11-Year-Old Adobe ColdFusion Software To Launch Advanced Attack

Cring Ransomware Gang Exploits 11-Year-Old ColdFusion Bug

Crypto Channels Targeted in Biden’s Fight Against Ransomware

Crystal Valley hit by ransomware, systems go offline

Cybersecurity Priorities in 2021: How Can CISOs Re-Analyze and Shift Focus?

Education sector sees rising security concerns

Epik Confirms Hack, Gigabytes of Data on Offer

EventBuilder misconfiguration put 100K users’ data at risk

Farming Group Warns of Supply Chain Chaos After Ransomware Attack

FBI Had Ransomware Decryption Key for Weeks Before Giving It to Victims

FBI reportedly withheld ransomware key from business for 3 weeks in failed sting

French shipping giant CMA CGM suffers data breach

Google, Microsoft and Oracle amassed the most cybersecurity vulnerabilities in the first half of 2021

'Grotesque betrayal' Afghan interpreters in 'greater danger' after MoD data breach

Hacker Steals $12M from DeFi Platform

Hackers Are Going ‘Deep-Sea Phishing,’ So What Can You Do About It?

High-Severity RCE Flaw Disclosed in Several Netgear Router Models

How privacy and security challenges may cause people to abandon your website

How the Ransomware Gangs Stay One Step Ahead

How to find out if your information was part of a data breach

Improper Hard Drive Disposal Leads to Health Data Breach for 100K

India: Phishing attacks on organisations rose to 83% during Covid-19 pandemic

Iowa farm cooperative hit by ransomware, systems go offline

Is hacking back effective, or does it just scratch an evolutionary itch?

Major American Agriculture Cooperative Hit by the ‘BlackMatter’ Ransomware Gang

Malicious Email Surge Predicted for Q4

Marketron marketing services hit by Blackmatter ransomware

Medical Device Cybersecurity Center Launches in Minnesota

Microsoft Power Apps data exposure: Prioritizing sensitive data with secure configuration settings

Netgear fixes dangerous code execution bug in multiple routers

New Capoae Malware Infiltrates WordPress Sites and Installs Backdoored Plugin

NEW Cooperative ransomware: BlackMatter tests Biden’s critical infrastructure mandate

New macOS zero-day bug lets attackers run commands remotely

Office of Foreign Assets Control (OFAC) Announces New Measures to Address Ransomware Attacks

Office workers unwilling to change their behavior, despite being aware of the cybersecurity challenges

Organizations prioritize strategic security programs, but lack fundamentals

Phishing Attacks More Sophisticated, Malicious Emails Timed To Coincide With Periods of Low Energy and Inattentiveness

Phishing emails target victims with fake vaccine passport offer

Python exploit gives access to 10,000+ API keys

Ransomware attack: Personal information may have been accessed, says justice department

Ransomware Defense: The File Data Factor

Researcher Discovers Major Exposure in the EventBuilder App

Russian state hackers use new TinyTurla malware as secondary backdoor

Should companies pay ransomware, and is it illegal to?

The complexities of vulnerability remediation and proactive patching

The Dutch Government Wants to Outlaw Ransomware Payments

The five most important ransomware attacks of 2021

Treasury Sanctions First Cryptocurrency Exchange to Combat Ransomware

Treasury unleashes cryptocurrency sanctions to fight ransomware

Turla APT Plants Novel Backdoor In Wake of Afghan Unrest

U.S. companies excel at limiting shadow IT, according to a new report

Ukrainian Hackers Hit Michigan Health Company With Ransomware

Unpatched High-Severity Vulnerability Affects Apple macOS Computers

US agricultural co-op hit by ransomware, expects food supply chain disruption

US optometry provider Simon Eye hit by data breach impacting 144,000 patients

US Sanctions Cryptocurrency Exchange SUEX for Aiding Ransomware Gangs

US sanctions cryptocurrency exchange used by ransomware gangs

VMware warns of critical bug in default vCenter Server installs

VMware Warns of Critical File Upload Vulnerability Affecting vCenter Server

Want To Avoid A Multi-Million Dollar Data Breach? You Need These Three Things

“Water Basilisk” Campaign Exploiting File Hosting Services to Deliver Multiple RAT Payloads

White House blacklists Russian ransomware payment ‘enabler’

20th September

5 Ransomware Protection Tips for Your Small Business...From a Hacker

7 unexpected ransomware costs

83% organizations in India saw rise in phishing attacks during pandemic

83% organisations in India say phishing attacks on the rise; attackers exploited users' need for information on Covid-19

A New Wave of Malware Attack Targeting Organizations in South America

Adopting A Post-Breach Mindset To Limit Ransomware Damages

Americans Stressed Out by Cyber-attack Coverage

Apple Sued for Crypto Loss After User Unknowingly Installed Phishing App

Avoiding the Achilles Heel of Non-European Cybersecurity

Banco de Venezuela Still Struggling to Restore Services After Last Week’s Cyberattack

Banking industry sees 1318% increase in ransomware attacks in 2021

Banning Crypto For Ransomware Payments Misses The Real Point

Bring Your APIs Out of the Shadows to Protect Your Business

CMA CGM Confirms Reports of Customer Data Breach

CMA CGM hit by another cyber attack

Data Breaches: A potential dent to brand-customer relationships

Data of 106 Million Visitors to Thailand Breached

Debunking Hard Drive Destruction Misconceptions

Epik data breach impacts 15 million users, including non-customers

Europol Busts Major Crime Ring, Arrests Over 100 Online Fraudsters

Europol Dismantled Massive Online Fraud Operation With 106 Members

Europol links Italian Mafia to million-dollar phishing scheme

EventBuilder misconfiguration exposes Microsoft event registrant data

EventBuilder misconfiguration exposes personal details of 100,000 event registrants

Finland: Millions lost to phishing scams – victims turn to arbitration

Hacked sites push TeamViewer using fake expired certificate alert

Health apps have to publicize data breaches, but that won’t stymie consumer uptake

Health Care Interoperability: What Are the Security Considerations?

How Tech Companies Can Boost Cyber Defenses: Building a Cyber-First Culture

How to Report a Data Breach per GDPR

How To Secure Distributed Infrastructures

How to see who is trying to break into your Office 365 and what they're trying to hack

Issues found with REvil decryptor issued by Bitdefender

Keeping ransomware at bay - the basics

Keeping up with the growing data protection challenge – Is regulation working?

Keeping Your Hybrid Workforce Secure with Cyber Hygiene Training

Mirai botnet starts exploiting OMIGOD security flaw

Ministry of Defence (MoD) data breach ‘put lives at risk’ for more than 250 Afghan interpreters

Most organizations do not believe they can recover from ransomware attacks

New Yorkers lost an average of $12,051 per person to cyberattacks in 2020

Payment API Vulnerabilities Exposed "Millions" of Users

Protecting Data From Insider Threats

Project Veritas scammed out of $165,000 by a phishing email

Ransomware payments made in half of global attacks

Ransomware still a primary threat as cybercriminals evolve tactics

Received a suspicious call, text or email claiming to be from Amazon? Here's how to tell if it's a scam

Republican Governors Association email server breached by state hackers

Researchers disclose top flaws abused by ransomware gangs

REvil Decryptor Helps Bring Kaseya Ransomware Attack to an End

Russian electronic voting system hit by 19 DDoS attacks in one day

Smishing and Phishing, and Vishing, Oh My!

T-Mobile’s Recent Data Breach and Two-Factor Authentication

The rise of cyber-criminal threat for law firms since Covid-19

United States set to launch attacks on ransomware payments

US farmer cooperative hit by $5.9M BlackMatter ransomware attack

US government ready to roll out the big guns against crypto ransomware payments

US policy change states healthcare apps must follow data breach notification rules

US Set to Sanction Cryptocurrency Firms Involved in Ransomware

US to target ransomware payments in cryptocurrency with sanctions

US Treasury to announce crypto sanctions to mitigate ransomware attacks

VoIP.ms phone services disrupted by DDoS extortion attack

We are at war; a cyber war

Web hosting service Exabytes hit by ransomware attack, still restoring services

What businesses need to know about data decay

Why aren't schools required to report ransomware?

Zero trust security solutions widely adopted, spurred by surge in ransomware

Zero-trust mindset the only way to build cyber risk immunity