Editor's Message

Welcome to DBD. On March 8th we celebrated our 4th Anniversary and the 1st Anniversary of our PRiSM application, officially endorsed by the SANS Institute. Despite recent personal issues that have impacted the amount of time I have been able to dedicate to both projects, I have been doing my best to keep everything as up-to-date as possible, and I would like to take this opportunity to thank everyone for their patience and support whilst I navigate through this very difficult time. Stay safe. :)



Monday, 11 October 2021

Data Breaches Digest - Week 41 2021

Welcome to this week's Data Breaches Digest, a catalogue of links concerning Data Breaches and Cyber Security that were published on the Internet during the period between 11th October and 17th October 2021.


17th October

Acer data breach in India: Delighted hackers show-off users' accounts in public

Ad-blocker Chrome extension AllBlock injected ads in Google searches

British Horseracing Authority (BHA) left red-faced after contents of investigation into bullying of Bryony Frost leaked

British Horseracing Authority (BHA) under fire over investigation into Bryony Frost bullying allegations

Cloud security is an ongoing struggle to keep sensitive data safe. Is it getting any easier?

Former Microsoft Security Analyst Claims Office 365 Knowingly Hosted Malware For Years

From Fortnite to Fifa, online video game players warned of rise in fraud

Gmail and Outlook warning: Delete these emails now or pay a heavy price

Google sent 50K warnings to targets of government-backed hackings

Hacking groups execute ransomware attacks worth $5.2 billion in Bitcoin

Infosec expert Beaumont slams Microsoft over hosting malware 'for years'

Iran’s Islamic Revolutionary Guard Behind Massive Hacking Campaign in the U.S.

Ransomware – $590 million recovered in the first half of the year

REvil Ransomware Gang Goes Underground After Tor Sites Were Compromised

REvil ransomware shuts down again after Tor sites were hijacked

Several Israeli Medical Facilities Targeted With Ransomware Attacks

Supply chain cybersecurity breaches have hit alarming percentage of firms

Telegram Bots, a new way used by hackers to access One Time Passwords (OTPs)

The True Cost of DDoS Attacks

Twitch confirms no user data was leaked in recent data breach

When It Comes to Cybercrime Beware of Social Engineers

16th October

5 Tools and Strategies To Protect Your Family From Cyber Crime

$590m in ransomware payments reported to US in 2021 as attacks surge

An AdBlocker Was Caught Ironically Injecting Ads Into The Browsers Of Other Users

Data leak at the 3D printing platform Thingiverse

Data shows $590m in ransomware payments reported to US in 2021 as attacks surge

Everything You Need to Know About Phishing And How to Avoid It

Google sending warning to users of possible phishing, malware attack

Maine water systems are under threat from cyber threat risks, feds warn

Man Scams Amazon Textbook Rental Service for $1.5 Million

Minecraft declared the most malware-infected game

Missouri to Prosecute ‘Hacker’ Who Informed State About Data Leak

New report suggests Israel is country most affected by ransomware since 2020

Philippines registers highest attack from banking Trojans

Ransomware gangs targeted 3 different US water treatment plants this year in previously unreported attacks, according to federal agencies

Ransomware hackers targeted three US water facilities in 2021, cyber officials say

Ransomware paralyzes the administration of Schwerin and the neighboring district

Researchers Find Multiple Vulnerabilities in WP Fastest Cache Plugin

Safeguard yourself from phishing attacks

Smishing: BSI warns of new scams in SMS phishing

State-sponsored attackers infiltrate Play Store with fake VPN app

Top 10 hackers behind $5.2 billion worth ransomware attacks in Bitcoin

Twitch Confirms Source Code Leak; User Passwords Not Compromised

What Is The Risk Of A Data Breach In Cloud eLearning?

What Role Can Artificial Intelligence Play in Fixing the Security Skills Shortage?

15th October

3D printing site Thingiverse suffers major user data breach

5 Ways to Help Your Customers Avert Ransomware Attacks

$5.2 billion in BTC transactions tied to top 10 ransomware variants: US Treasury

7-Eleven Breached Customer Privacy Collecting Images of People’s Faces

30 countries announce crackdown on ransomware payments

70% of businesses can’t ensure the same level of protection for every endpoint

$590 million in ransomware payments reported to US in 2021 as attacks surge

$590 million ransomware payments reported to US in 2021

A timeline of the biggest ransomware attacks

Accenture confirms data breach after August ransomware attack

Accenture sheds more light on August data breach

Acer hacked (for the second time this year)

Ad-Blocking Chrome Extension Caught Injecting Ads in Google Search Pages

Allianz report highlights growing threat of ‘ransomware pandemic’

Almost all ransomware targets Windows devices

Android data sharing remains significant, no opt-out available to users

Attackers Behind Trickbot Expanding Malware Distribution Channels

Average Cost of Data Breach Frames Debate on Security Costs

Bracing for the Data Security ‘Bang’

Brazilian insurance giant Porto Seguro hit by cyberattack

CISA – Ransomware targeted SCADA systems of 3 US water facilities

CISA Issues Warning On Cyber Threats Targeting Water and Wastewater Systems

CISA warns of ongoing cyber threats to US water and wastewater systems sector facilities

Cisco Report Shows Shift Away from Traditional Passwords

'Clumsy' BlackByte Malware Reuses Crypto Keys, Worms Into Networks

Code Execution Vulnerabilities Discovered in Nitro Pro PDF Reader

Community Medical Centers of Stockton’s communications network shut down over ‘unusual’ activity

Countries agree to ‘urgent action’ on ransomware, but issue few specifics

Critical infrastructure security dubbed 'abysmal' by researchers

Cyber Economics And Ransomware: To Pay Or Not To Pay?

Cyber-attack Response Takes More than Two Working Days

Cybersecurity lessons learned in the K-12 sector

Cybersecurity risks could disrupt businesses on their return to the workplace

Data Stolen from American Osteopath Group

DDoS attacks on VoIP and the urgent need for DDoS protection

DocuSign phishing campaign targets low-ranking employees

Don't be fooled by this crafty new vishing attack, Microsoft customers warned

Education sector suffers series of cyber attacks in 2021

Google: We're sending out lots more phishing and malware attack warnings - here's why

Google Issues Customers 50,000+ Warnings of State-Backed Attacks

Governments worldwide to crack down on ransomware payment channels

HHS: Ransomware groups will continue focus on healthcare, leveraging legacy tech

How to Protect Yourself from Phishing Attacks

How will DOJ’s new crypto enforcement team change the game for industry players, good and bad?

HP Wolf Security Report Shows Threat Landscape Getting Scarier

Human hacking increased as apps and browsers moved completely to the cloud

India 6th most affected country by ransomware in list of 140 countries: Google

Killware: Hype is Bigger Than the Threat, For Now

Macquarie Health making 'good progress' in recovery from Windows ransomware attack

Microsoft Azure Attack Illustrates Ongoing DDoS Threats

MirrorBlast phishing campaign targets financial companies

Missouri governor demands prosecution of reporter for 'decoding HTML source code' and reporting a data breach

Missouri Governor Slammed for Vow to Prosecute Researcher

Missouri Vows to Prosecute ‘Hacker’ Who Informed State About Data Leak

Most damaging cybercrime services are cheap on the dark web, study finds

Most SMEs under digital attack over past year

Nations vow to combat ransomware as Australia outlines new action plan against cyber criminals

New Jersey Acting Attorney General Announces Data Breach Settlement with Fertility Clinic

New Ransomware Encrypts Data and Makes Nasty Threats

New tech to the rescue in cyber security crisis

One in 10 Irish workers would not report malware to boss, survey finds

Organizations failing to give users the login experience they want

Pentesting vs. threat hunting: What’s the difference?

Policy automation to eliminate configuration errors

Prioritizing Cybersecurity Awareness Training in the Wake of Phishing Attacks

Ransomware: The Global Cybersecurity Pandemic

Ransomware An Evolving Cyber Threat, Culprits Becoming Agile

Ransomware Attack on Israeli Medical Center Raises Alarm

Ransomware Payments in 2021 Already Dwarf Last Year’s Total, FinCEN Reports

Ransomware rises as a national security threat as bigger targets fall

Ransomware suspects nabbed in international probe involving South Korea

Russian cybercrime gang targets finance firms with stealthy macros

Shoring up cybersecurity in critical infrastructure and the nation's defense supply chain

Six steps to a ransomware response plan

SnapMC Rapidly Steals Data, Demands Payment Without Ransomware

Social Engineering Threats Rose 270% in 2021 – Indicating a Shift to Multi-Channel Phishing Attacks as Apps and Browsers Move to the Cloud

South Korea seeks Interpol notice for two cyber gang leaders

Staggering growth of cybercrime and how data science helps improve online security

Sunderland University cyber-attack fix date unknown

Survey: Customers will abandon a poor login experience

Suspects of Ransomware Attacks on Korean Entities Apprehended in Ukraine

The Australian government is making reporting ransomware attacks mandatory

The White House's international summit on ransomware: Biggest cybersecurity takeaways

Thingiverse Data Breach Reveals Passwords, User Addresses

This malware botnet gang has stolen millions with a surprisingly simple trick

Top 8 best practices to keep your cloud applications secure

Top Seven Obligations Concerning Employee Data Privacy

Treasury Analysis Identifies Cryptocurrency Exchanges Associated With Ransomware

TrickBot Gang Enters Cybercrime Elite with Fresh Affiliates

Twitch Data Breach, Payout List Leak: Live Streaming Service Drops Update on Exposed Passwords

Twitch Downplays Fallout From Massively Embarrassing Security Breach

Twitch downplays this month's hack, says it had minimal impact

Twitch says no passwords or login credentials leaked in massive breach

U.S. Treasury Puts Crypto Industry on Notice Over Rising Ransomware Attacks

UK’s Banking Protocol Helps Stop Cybercriminals in Their Tracks, But Hundreds of Millions Remain Lost Each Year

United States Department of Justice Announces National Cryptocurrency Enforcement Team and Civil Cyber-Fraud Initiative

US Agencies to Water Facilities: You May Be Next Target

US expected to break data breach record in 2021

US government discloses more ransomware attacks on water plants

US Government Warns of Insider and Ransomware Threat to Water Plants

US links $5.2 billion worth of Bitcoin transactions to ransomware

What Happens to Information After a Data Breach?

What To Do in the Case of Brand Reputation Impersonation

White House ransomware summit calls for virtual asset crackdown, without mentioning cryptocurrency

Windows has been the most popular ransomware target, report finds

Workers unwilling to shoulder responsibility for cybersecurity

Zero-trust helps to regain control after a ransomware attack

14th October

3D printing site Thingiverse suffers breach of 228,000 email addresses amid sluggish disclosure

7-Eleven breached customer privacy by collecting facial imagery without consent

15 Strategies For Securing Company Data In A Remote Workplace

10,000 “High Risk” Targets of Nation-State Hacking Groups Get USB Security Keys From Google

Acer confirms breach after cyber attack on Indian servers

Acer confirms breach of after-sales service systems in India

Acer confirms second cyberattack in 2021 after ransomware incident in March

Acer Confirms Second Security Breach

Add a new dimension to ransomware defenses

Agencies warn of cyber threats to water, wastewater systems

Attackers exploiting zero-day vulnerability before enterprises can patch

Auxilion survey reveals more than one in 10 Irish office workers would hide a malware or ransomware breach from employer

Becoming a Cybercriminal Keeps Getting Easier

Beware of Cryptocurrency Scams

Broadcom Software's Symantec Threat Hunter Team discovers first-of-its-kind ransomware

CISA outlines cyberthreats targeting US water and wastewater systems

Cloud Security Holes Are Invites for Ransomware

Coinbase Hack Attributed to a Multi-factor Authentication Flaw That Allowed Scammers To Steal Cryptocurrency From 6,000 Accounts

Collaboration Seen as Key to Defending Critical Infrastructure

COVID scams continue through the pandemic

Crypto adoption in sights: Regulators and industry join to fight ransomware

CryptoRom Scam Rakes in $1.4M by Exploiting Apple Enterprise Features

Cyber attacks on hospitals can kill - here's why

Damaging Cybercrime Services Sold Between Hackers

Data breach sees millions of Acer customers' data being sold by hackers

DocuSign phishing campaign targets low-ranking employees

Dutch government considers ban on ransomware cover

"Enormous" data breach result of Imperial College blunder

Enterprise Data Storage Environments Riddled With Vulnerabilities

Enterprises ask Washington to step up cyber collaboration

EU Proposals Could Unmask Domain Name Registrants

Everyday cybersecurity practices inadequate among many online consumers

Federal Agencies Unite to Prevent Ransomware Attacks

Financial Regulator Warns of Hybrid Working Security Risks

Four common cyber-attacks that organisations face

Google: We're Tracking 270 State-Sponsored Hacker Groups From Over 50 Countries

Google analysed 80 million ransomware samples: Here's what it found

Google sent 50,000 warnings of state-sponsored attacks in 2021

Google's VirusTotal reports that 95% of ransomware spotted targets Windows

Hackers a growing risk for insurers

Hackers can STEAL your Bitcoin with simple trick that hijacks your cryptocurrency

Hackers used MSHTML exploit a week before patches were ready

Health Apps Pose Potential Health Data Breach Risks, FTC Warns

How a vishing attack spoofed Microsoft to try to gain remote access

How shape-shifting threat actors complicate attack attribution

How to Prevent Phishing Damage Using SSO, MFA, and Policies

How to Report Scam Calls and Phishing Attacks

How to safeguard yourself from phishing attacks

HP Wolf report highlights widespread exploitation of MSHTML, typosquatting and malware families hosted on Discord

India, US among 30 countries pledge to act against safe havens for ransomware players

Is it time for small businesses to rethink their cyber security strategies?

Israeli hospital cancels non-urgent procedures following ransomware attack

Key Zero Trust Practices for a Cyber-Secure Hybrid Workforce

Malicious Chrome ad blocker injects ads behind the scenes

Malware, Unauthorized Access Lead to Healthcare PHI Breaches

Met Police Loses 2280 Electronic Devices in Last Two Years

Microsoft’s Failure to Prioritize Security Puts Everyone at Risk

Missouri governor faces backlash and ridicule for threatening reporter who discovered exposed teacher SSNs

More than 30 countries outline efforts to stop ransomware after White House virtual summit

NCSC warns of “devastating” Russian ransomware attacks

New Jersey infertility practice to pay $500K after data breach, state says

New Russian Based Ransomware Group Targeting Large Companies and Hospitals

New Yanluowang ransomware used in targeted enterprise attacks

New "Yanluowang" Ransomware Variant Discovered

North America has become world's biggest ransomware target as DeFi and crypto use expands

Olympus Investigates Potential Cyber-Attack

OpenSea vulnerability allowed crypto stealing with malicious NFTs

Organizations losing business due to connected product security concerns

Password spraying attacks: What they are and how to avoid them

Personal data of 228,000 subscribers leaked in Thingiverse breach

Phishing Attack To Your Business: The Unprecedented Risk

Phishing Campaign Stole Coinbase Users One-Time Passwords

Playing dumb no longer an option against ransomware reporting

Protecting schools in hybrid and remote learning environments

Ransomware - The Pirate’s Perspective

Ransomware warranties offer user community another form of cyber insurance

Russia missing from US-organised international ransomware event

Save your mobile from dangerous phishing email! Here is how to report it to Google

Scammers Target Medical Conferences

Schools face a growing risk of a cyber-breach

South African consumers most unforgiving of brands who don't keep them safe

Storage systems vulnerabilities: Act now to avoid disasters

Supply chain cybersecurity trends: What professionals should be aware of and how to prepare for 2022

Tesco advises customers to be vigilant over scams as warning issued after shoppers targeted

The Madness of Ransomware 'as a Service'

The U.S. Federal Government Continues Its Focus on Ransomware Attacks: CISA, FBI, and NSA Publish Technical Advisory on the Conti Group

The White House is having a big meeting about fighting ransomware. It didn't invite Russia

Thingiverse Data Leaked — Check Your Passwords

This new ransomware encrypts your data and makes some nasty threats, too

Twitch takedown: Is extortion the new ransomware?

UK ranks in top 10 countries worst affected by ransomware

UK's 'outdated' cyberlaws preventing experts infiltrating cybercriminals' networks without THEIR permission must be reformed, campaigners say, as two thirds of Britons back call to update Computer Misuse Act

'Underdeveloped' New Ransomware Yanluowang Identified

University of Sunderland announces outage following cyberattack

‘Urgent Pizza’: The Untold Story of the Largest Hack in Twitch’s History

US, allies to promise ‘disruptive action’ against ransomware gangs

US diplomat asks Albanian prosecutors to investigate mass citizen data breach

Verizon-owned Visible acknowledges hack, confirms account manipulations

Verizon’s Visible cell customers hacked, leading to unauthorized purchases

Verizon’s Visible Wireless Carrier Confirms Credential-Stuffing Attack

What Corporations Can Do to Avoid Ransomware Attacks

Why Proactive Cybersecurity Is Vital To Keep Your Company Safe

Windows security: 20 years on from Bill Gates' Trustworthy Computing memo, how much has changed?

You Won’t Believe What Hackers Can Do With Your SSN

13th October

1 in 15 organizations runs actively exploited version of SolarWinds

1/15 enterprises still vulnerable to SolarWinds

30 Mins or Less: Rapid Attacks Extort Orgs Without Ransomware

Accidental Data Deletion: The Fear Is Real

Account takeover named top fraud risk for businesses

AGCS warns 75% of firms are failing its cyber standards amid ransomware ‘pandemic’

Allianz warns of ransomware “pandemic”

Analysis of 80 million ransomware samples reveals a world under attack

Analyzing the Twitch Hack and a Potential Security Hole Around IRC

Apple silently fixes iOS zero-day, asks bug reporter to keep quiet

Aussie officials: Cyber insurance should not cover ransomware attacks

Australia to tackle ransomware data breaches by deleting stolen files

Australia's new ransomware plan to create ransomware offences and reporting regime

Australia: Palo Alto welcomes Government ransomware crackdown

Backups against ransomware

Barracuda Networks Sees Rise in RCE Attacks

Biden Left Russia Out of Ransomware Meet. Can’t Imagine Why

Brazilian e-commerce firm Hariexpress leaks 1.75 billion sensitive files

Brazilian marketplace integrator Hariexpress exposed 1.75 billion records

Brizy WordPress Plugin Exploit Chains Allow Full Site Takeovers

Bugs allowing malicious NFT uploads uncovered in OpenSea marketplace

Combatting supply chain ransomware: it’s time for superhuman cyber security

Critical Flaw in OpenSea Could Have Let Hackers Steal Cryptocurrency From Wallets

Crypto Romance Scam Drains $1.4M

Customers On Alert as E-Commerce Player Leaks 1.7+ Billion Records

Cyber controls need to strengthen to combat ransomware

Cybercriminals to face new offences as ransomware attacks grow in Australia

Cybersecurity shortcomings exposed by the pandemic

Dark Web: Many cybercrime services sell for less than $500

DDoS booter customers received warning letters by Dutch police

DOJ Announces National Cryptocurrency Enforcement Team

EU legislation introduced to ban anonymous domain registration

Ex-camera biz Olympus investigating 'suspicious' network activity again a month after ransomware hit

Fertility clinic reaches $495K settlement over lax cybersecurity, 2017 data breach

Fertility Testing Lab Says Ransomware Breach Affects 350,000

Hackers strike computers at California healthcare provider

Here's what the Twitch data breach means for your data and steps to take now

Homeland Security Warns of Cyberattacks Intended to Kill People

How Coinbase Phishers Steal One-Time Passwords

How Many Companies Suffer Ransomware Attacks And Pay the Ransom?

How to get the most bang for your buck out of your cybersecurity budget

IFA warns advice firms to be 'on alert' after phishing attack

International cooperation key to deal with ransomware ecosystem

International cryptocurrency scam ring targets European dating app users

Irish regulators support Facebook's 'consent bypass' legal maneuver, suggest $42 million fine for GDPR violations

Israel on heightened alert after hospital hit with ransomware attack

Israel Repelling Ransomware Attack Against Major Hospital

Israeli hospital hit with ransomware attack

Is Your Organization Adequately Protecting Itself From Ransomware?

Lancaster media group LNP attacked by ransomware

Lawmakers, security experts call for beefing up cybersecurity

List of IT assets an attacker is most likely to target for exploitation

Mandating a Zero-Trust Approach for Software Supply Chains

Microsoft Patches Multiple Zero-Day Bugs

Mumbai cyber cell’s email hacked, infected file sent to other units

MyKings botnet still active and making massive amounts of money

Nations reveal ransomware pain at US-led summit

Nearly 100% of Organisations Suffered a Cloud Data Breach in Past 18 Months

New Australian ransomware plan allows for seizure of crypto

Not ransomware, 'killware' is the new threat, top US security official explains

Olympus shuts down IT systems following ransomware attack

OpenSea ‘Free Gift’ NFTs Drain Cryptowallet Balances

OpenSea NFT platform bugs let hackers steal crypto wallets

OpenSea Says It Patched an NFT Phishing Vulnerability

Password-Stealing Attacks Surge 45% in Six Months

Phishing campaign uses math symbol to imitate Verizon logo

Phishing scams target your email and steal money from your bank account – here’s how to avoid hackers

Ransomware and patient safety: The dangers facing hospitals and how they can adapt

Ransomware attacks preparedness lagging, despite organizations being aware of the risks

Ransomware defence starts with vulnerability management

Russia and China left out of global anti-ransomware meetings

Russia excluded from virtual White House meeting on ransomware

Scammers abused Apple developer program to steal millions from victims on Tinder, Bumble, Grindr, Facebook Dating

Seasonal Attacks: The Cybersecurity Implications of Children Returning to School

Sunderland University cyber attack causes extensive IT problems

The government’s response to cybersecurity threats is not enough

The Role of Security Frameworks in Determining Cyber Insurance Risks

Treasury Actions to Counter Ransomware

Trickbot Expands Malware Distribution Channels

Trickbot Rising — Gang Doubles Down on Infection Efforts to Amass Network Footholds

U.S. Convenes International Summit on Ransomware

Ultimatum for Booter Service Users

University of Sunderland Hit by Suspected Cyber-Attack

University of Sunderland under suspected 'cyber attack'

US calls on Russia to do more to crack down on ransomware groups as White House hosts meeting with allies

US pursuing global strategy to curb ransomware

Verizon digital carrier Visible customer accounts were hacked

Verizon-owned Visible network suffers suspected data breach

What Is the True Cost of a Health Care Data Breach?

White House brings together 30 nations to combat ransomware

White House hosts global anti-ransomware meeting without Russia

White House is hosting a global ransomware summit - without Russia

White House Unveils 32 Countries Invited to Participate in Ransomware Meeting

Why Aren’t More SMEs Using Multi-Factor Authentication?

Why enterprises are massively subcontracting cybersecurity work

Worldwide supply chains vulnerable as businesses lack visibility into suppliers

12th October

6 Ways To Recover Data From Ransomware Attacks

10 Phishing Stats That’ll Make Your C-Suite Think

2021 nastiest malware: Here to stay and ever evolving

Addressing the evolving cyber threat environment

Apache OpenOffice users should upgrade to newest security release

Apple Releases Urgent iOS Updates to Patch New Zero-Day Bug

As battle against cybercrime continues during Cybersecurity Awareness Month, Check Point research reports 29% increase in cyber attacks in the UAE

AWS ransomware attacks: Not a question of if, but when

Biden signs school cybersecurity act into law

BrewDog exposed PII details of more than 200,000 shareholders and customers

Chinese hackers use Windows zero-day to attack defense, IT firms

Columbus Regional Health (CRH) on alert after online attacks hit nearby hospitals

Columbus Regional on high alert after cyberattacks hit nearby hospitals

Cyberattack shuts down Ecuador's largest bank, Banco Pichincha

Data Breaches are More Expensive than Last Year, New IBM Security Report Finds

Did a hospital ransomware attack cause a baby's death?

Digital Signature Spoofing Flaws Uncovered in OpenOffice and LibreOffice

Do Bitcoin Benefits Overshadow Its Risks?

DOJ Sees Crypto Seizures as a Priority in Anti-Ransomware Push

Dutch police send warning letters to DDoS booter customers

Euro Police Disrupt $17m Fake Investment Scheme

Evaluating Your Defenses: The Importance of Establishing Mature SOC Processes

FBI stings monero chasing couple for selling secrets of nuke powered subs

Fight Phishing Attacks with Machine Learning Powered Security Analytics

FIN12 Ransomware Group Specializes in Healthcare Cyberattacks

Formula for success: How to determine the optimal investment in cybersecurity protection

FreakOut botnet now attacks vulnerable video DVR devices

Google creates cybersecurity team to help respond to attacks

How to protect your organization from security threats across your supply chain

If Government Leaders Aren’t Worried About Ransomware, They Should Be

Incident Of The Week: Anonymous hacker posts salaries of ‘Twitchers’ to 4chan

Iran-linked hackers hit Israeli, US and EU defense tech firm

Is the NHS investment in data security paying dividends?

Justice department recovering after IT services ‘hacked’

Macquarie Health says Windows Hive ransomware attack still having an effect

Majority of IT security professionals find patching overly complex

Many UK firms hit by data breaches during pandemic

Microsoft: Azure customer hit by record DDoS attack in August

Microsoft Azure customer hit by 2.4 Tbps DDoS attack

Microsoft Azure fends off huge DDoS Attack

Microsoft Fended Off a Record 2.4 Tbps DDoS Attack Targeting Azure Customers

Microsoft October Patch Tuesday Squashes 4 Zero-Day Bugs

Microsoft warns over password attacks against these Office 365 customers

National Security Agency (NSA) warns of wildcard certificate risks, provides mitigations

NCSC CEO: Ransomware the "Most Immediate Threat" Facing UK Businesses

NHS and data breach threat

Non-Human Identities Sprawl Challenges Security

Olympus confirms US cyberattack, weeks after BlackMatter ransomware hit EMEA systems

Olympus suffers second cyberattack in 2021

Olympus US systems hit by cyberattack over the weekend

Over 90% of Firms Suffered Supply Chain Breaches Last Year

Phishing attacks: how to stay vigilant

Phishing campaign uses math symbols to evade detection

Photo editor Android app STILL sitting on Google Play store is malware

Prepare for the next ransomware attack, not the last

President Biden signs K-12 Cybersecurity Act

Private hospital group Macquarie Health takes system offline following cyber incident

Ransomware attack on Quest’s ReproSource impacts data of 350K patients

Ransomware criminals exploiting enterprises’ switch to cloud

Report urges ban on insurer-funded ransomware payments

SaaS adoption growing, but so are security concerns

Safely and Securely Bringing Employees Back to the Office

Schools Prove Easy Targets For Hackers

Should you Adopt Deception-based Tools to Protect Against Cyber-threats?

SnapMC hackers skip file encryption and just steal your files

Sneaky new phishing campaign uses a math symbol in the Verizon logo

Software supply chain breaches are ‘staggeringly high,’ report finds

South Africa in the spotlight as top malware target

Study reveals Android phones constantly snoop on their users

The five core controls that can prevent cyber attacks

The Many Masks of the Phisher

The next big cyberthreat isn't ransomware. It's killware. And it's just as bad as it sounds

The UK Parliament's expenses watchdog accidentally leaked the names and home addresses of an MP's staffers

Ukraine Police Cuff Botnet Herder Who Controlled 100K Machines

University of Sunderland hit by suspected major cyber attack, with IT systems out of action and website down

Update Your Windows PCs Immediately to Patch New 0-Day Under Active Attack

Vaccine supply chains top target for cybercriminals

Visitor management and access control in the hybrid workplace

Warren's ransomware bill victimizes targets to collect data

What is Ransomware-as-a-Service and How Does it Work?

What it costs to hire a hacker on the Dark Web

What Steps Can K–12 IT Teams Take in the Face of Increasing Cyberattacks?

WhatsApp scam circulating where fraudsters pose as friends and family to collect information

Why Businesses Need To Go Lean With Cybersecurity

Why Password Security Should Be a Qualifier for Cyber Insurance

Why security strategies should involve decision-making from the C-Suite

11th October

6 Ways to Fortify Active Directory Before it Lands in the Wrong Hands

8 Ways to Create a Strong Security Culture and Strengthen Incident Response in Healthcare

16 Tools, Technologies And Strategies For MSPs To Fight Phishing Attacks

A 360° view of the cost of data breaches in Australia and how to mitigate them

Amnesty International accuses Indian cyber security firm of spyware attacks

Android Phones Sharing Significant User Data Without Opt-Outs

Apple Releases Urgent iOS Updates to Patch New Zero-Day Bug

Attempted ransomware attack will hit Weir Group profits

Banking Insider Accused of Role in $1m BEC Scheme

Beer going flat? BrewDog in data security issues

Businesses under threat as attackers target Active Directory

Chinese tycoon’s socially influential son adds to Meituan’s antitrust woes with claims of data breach, stolen Dianping account

Couple Arrested Over Sale of Nuclear Secrets

Couple sold nuclear warship data hidden in peanut butter sandwich

Crypto Criminals, Beware

Cyber insurers raising premiums, reducing coverage limits

Cyberattacks concerning to most in US

Cybercriminals exploiting SMEs as remote working continues

Cybersecurity Is A Journey, Not A Destination

Data Privacy Challenges for Automotive Retailers

Disadvantaged Groups More Likely to Experience Cybercrime, Experience Disproportionately Damaging Results

Democratic Lawmakers Urge Agencies to Act on Ransomware

Emergency Apple iOS 15.0.2 update fixes zero-day used in attacks

FBI arrests engineer for selling nuclear warship data hidden in peanut butter sandwich

FIN12 Ransomware Attacks Aggressively Targeting Healthcare

FontOnLake malware strikes Linux systems in targeted attacks

Four trends for the future of US privacy law

Google Sending Security Keys to 10,000 Users at High Risk of Attack

Gloucestershire County Council is 'second worst in UK for private data breaches'

Google says it will give 10 thousand free security keys to high-risk users in phishing attacks

Google To Give Security Keys to High-Risk Users

Hackers target the Swiss town of Montreux

Hacking the World – Part 2: What’s Being Hacked (And What Changed with Covid)

Hospital Hacker Steals Patients’ Data

How Access Reviews Can Prevent Access Creep

How businesses can combat data security and GDPR issues when working remotely

How Can Your Company Stay Safe Amid Skyrocketing Cyber Attacks?

How SMBs Can Protect Themselves Against a Successful Cyber-Attack

How To Avoid Credential Abuse

How to combat the most prevalent ransomware threats

How to Create an Effective Incident Response Plan for Your School District

How to Protect Your Enterprise’s Data in a Remote Attack World

How to protect your Instagram account from phishing and scams

Huawei Cloud targeted by updated cryptomining malware

Human error, psychology and specificity: The power of spear phishing

Implementing Zero-Trust in an ICS environment

India now becomes the 2nd most targeted nation in cloud hacking after the U.S.

Indian-Made Mobile Spyware Targeted Human Rights Activist in Togo

Indiana system saw record number of cyberattacks last month after attacks on 3 nearby hospitals

Ireland: Electrician leaked pics of garda intelligence leading to leaked info on 108 people, court hears

IT leaders confident in their organization’s network security, IT managers have doubts

Justice Department: Systems 'recovering' following ransomware attack

Justice Department contains ransomware attack

Justice department slowly recovering after crippling ransomware attack

LibreOffice, OpenOffice bug allows hackers to spoof signed docs

Macquarie Health Corporation hit by cyberattack as hackers claim 6700 people affected

Man charged with hack which shared COVID-19 test details in protest against vaccine pass

Manufacturing and Production Companies Hit by Ransomware Least Likely To Pay The Ransom

Microsoft: Iran-linked hackers target US defense tech companies

Microsoft offers some key advice for foiling ransomware attacks in Windows 11

Microsoft Warns of Iran-Linked Hackers Targeting US and Israeli Defense Firms

Ministry of Defence (MoD) Web Gaffe Exposes Special Forces Weapon Data

Most Insurers Mandate MFA, But Premiums Are Still Soaring

Mounting zero-day hacks mean enterprises need better visibility to be secure online

New Danger: Ransomware hits finance industry hard

Nuclear engineer's espionage plans unraveled by undercover FBI agent

Office 365 Spy Campaign Targets US Military Defense

Oregon Eye Specialists discloses data breach following employee email compromise

Our critical infrastructure is vulnerable – better cyber security can fix it

Overly Complex IT Infrastructures Pose Security Risk

Pacific City Bank confirms it was hit by ransomware

Pacific City Bank discloses ransomware attack claimed by AvosLocker

Pacific City Bank, the world’s largest banking service provider encountered a ransomware attack

Quest-owned fertility clinic announces data breach after August ransomware attack

Ransomware: Even when the hackers are in your network, it might not be too late

Ransomware: Relationship breakdowns have never been so satisfying

Ransomware actors target VoIP service with another wave of DDoS attacks

Ransomware and Covid-related cybercrime ‘biggest threats to UK security’

Ransomware cost US companies almost $21 billion in downtime in 2020

Ransomware forensics research reveals cybercrime tradecraft secrets

Ransomware Intrusion Group FIN12 Ramps-Up in Europe

Ransomware is the biggest cyber threat to business. But most firms still aren't ready for it

Ransomware operators use more DDoS attacks to VoIP service

Ransomware presents 'the most immediate danger to UK businesses', with cyberattacks linked to Covid-19 also likely to be prevalent for years to come, cyber-crime head warns

Remote work exposing SMEs to increased cybersecurity risk

Remote Work Leads to Increased Cybersecurity Risk

Reports of vaccine passport scam in Darlington

REvil/Sodinokibi accounting for 73% of ransomware detections in Q2 2021

Russia and neighbours are source of most ransomware, says UK cyber chief

Security threats are evolving too quickly for businesses to keep up

Sky denies it suffered a significant network breach

South Africa: Beware data breaches that leak private information — or be prepared to face costly Popia class action lawsuits

Staying Ahead of Ransomware With the Cloud

Steps to perform cybersecurity Risk Assessment in startups

Strategic Security for the Post-pandemic Era: How to Close Crucial Gaps in Protection

The Fight against Financial Cyber Crime

Trickbot back as most wanted malware

Twitch hit by huge data breach

Twitch suffers from major data breach

UK cyber head says Russia responsible for 'devastating' ransomware attacks

Ukraine Arrests Operator of DDoS Botnet with 100,000 Compromised Devices

Ukrainian police arrest DDoS operator controlling 100,000 bots

Verify End-Users at the Helpdesk to Prevent Social Engineering Cyber Attack

Verizon customers: Watch out for this sneaky new scam text message that’s making the rounds

Warning: 24 Million webcam video records up for grabs on the Dark Web

What the SolarWinds cyber attackers lifted from the US government

When criminals go corporate: Ransomware-as-a-service, bulk discounts and more

Where Enterprise Mobile Security Falls Short

Why we need an industry-focused approach to cybersecurity

Windows Zero-Day Actively Exploited in Widespread Espionage Campaign

Your HR department should start preparing for the next ransomware attack