Editor's Message

Welcome to DBD. On March 8th we celebrated our 4th Anniversary and the 1st Anniversary of our PRiSM application, officially endorsed by the SANS Institute. Despite recent personal issues that have impacted the amount of time I have been able to dedicate to both projects, I have been doing my best to keep everything as up-to-date as possible, and I would like to take this opportunity to thank everyone for their patience and support whilst I navigate through this very difficult time. Stay safe. :)

Monday 15 November 2021

Data Breaches Digest - Week 46 2021

Welcome to this week's Data Breaches Digest, a catalogue of links concerning Data Breaches and Cyber Security that were published on the Internet during the period between 15th November and 21st November 2021.

21st November

7 Crucial Safety Tips as Nigerian Communications Commission (NCC) Cries Out Over Iranian Hacking Group Targeting Nigerian Telcos

23 apps identified with PhoneSpy malware that spies on you

88% of board of directors find cybersecurity as business risk

Android Users Beware! New PhoneSpy Malware Steals Sensitive Info, Uninstalls Security Apps

Are we ready for mass-market malicious updates?

Baby elephant? Chinese state media warns of threat from Indian hacker group

Black Friday, Cyber Monday Warning: Expert Cautions Retailers of Ransomware Attacks

California Pizza Kitchen breach affected over 100,000 employees

Digital currency hackers camping out at Russia’s popular skyscraper

Hospital seeks dismissal of patient’s lawsuit over ransomware attack

How to Protect Private Keys?

How to protect your online identify

Insurance companies cutting cybersecurity coverage amid surge in ransomware attacks

Insurers run from ransomware cover as losses mount

Nearly 600,000 records stolen from Utah medical services provider

Nevada Department of Motor Vehicles (DMV) warns of latest text scam targeting MyDMV

New hacker group from India targeting defense units in China and Pakistan

New Zealand: Ransomware might not exist without cryptocurrencies, top cop tells MPs

Online shopping scams on the rise, phishing email targeting Wisconsinites

‘Ransomware as a Service’ now in vogue

Ransomware rising

Retail warning: Ransomware attacks are happening every 11 seconds

Taking the lead: Why the C-suite needs to make cybersecurity a business priority

The Evolving Threat of Ransomware

US Securities and Exchange Commission (SEC) warns investors of ongoing government impersonation attacks

Vulnerability in Punjab National Bank (PNB) server exposed customer data for about seven months

Watch Out for These New Netflix Phishing Scams

Windows 10 Zero-Click Security Exploit Wanted. Reward: $3 Million

You'd better watch out: 'Tis the season for holiday shopping scams

20th November

$3.5 Billion Worth of Crypto Seized by the IRS Cybercrime Unit in 2021

5 silly mistakes putting your online privacy and security at huge risk

Are Institutions Doing Enough to Protect Your Data?

Beware the Chinese Ransomware Attack With No Ransom

Can you guess the most common internet password in India?

Cyberattacks: What Happens to Hardcore Gamers?

Cybersecurity Is Hot - But Did It Ever Cool Off?

Diamond Looks To Returning Closer To Normal After Ransomware Attack

Do You Have These Apps in Your Android Smartphone? Delete Them Before the Joker Malware Harms Them

Dorset Council investigated over potential data breach

EuroMillions scam: watch out for the increasingly common email scam

Hackers flood FBI server with hoax messages

Hardcore gamers are more likely to suffer a cyberattack

How to block Brute Force Attacks on Windows Server

How to Secure Your Content Management System

Intel processors are getting highly affected by flaws in BIOS

Investors cash in as users fight a perpetual cyberwar

Iranian Hacking Groups Have Evolved according to Microsoft

IRS Seized $3,500,000,000 in Crypto Assets in Fiscal Year 2021

Israel: Gantz’s house cleaner wanted for just $7,000 to spy on it for Iran

Malware alert: Dozen plus Joker trojan-laced Android apps detected on Play Store

Microsoft: Office 365 will boost default protection for all users

Microsoft Exchange servers hacked in internal reply-chain attacks

Microsoft Sees Growing Iranian Spying Threat on IT Sector

Mid-sized businesses are 490% more likely to experience security breach since 2019

More avid gamers will be more likely be the victim of cyberattacks

Nigerian held for duping people by hacking their WhatsApp accounts

North Korean Hackers Found Behind a Range of Credential Theft Campaigns

Protecting Against the Danger From Within: How Digital Forensics Can Identify Insider Threats

Ransomware: should your company pay?

RedCurl Corporate Espionage Hackers Return With Updated Hacking Tools

Reduce Risk of Security Problems for Remote Workers

Securing patient data in healthcare facilities

Six Million Sky Broadband Users at Risk of Being Hacked with Admin Password - Here's the List of Potentially Risky Units

Social Engineering: How Cybercriminals Use Your Emotions to Hack You

The FIFA World Cup in Qatar is a ‘major cybersecurity risk’

The havoc of Emotet malware is back and is upgrading itself using TrickBot

The weaponization of Information Technology raises the stakes for cybersecurity

University of Victoria wards off phishing attack

Void Balaur explained - a stealthy cyber mercenary group that spies on thousands

Watch out for these Netflix scams that are running rampant online

Youth in $37 Million Crypto Heist; BitConnect Ponzi Payout

Zero-Day Exploitation in FatPipe VPN by Cybercriminals

19th November

8 advanced threats Kaspersky predicts for 2022

11 Malicious PyPI Python Libraries Caught Stealing Discord Tokens and Installing Shells

52% of SMBs have experienced a cyberattack in the last year

100,000 California Pizza Kitchen employee SSNs compromised in data breach

A Simple 5-Step Framework to Minimize the Risk of a Data Breach

Agencies Approve Cybersecurity Notification Rule

An Overview of Website Reinfection Vectors

Are Ransomware Payments Covered by Cyberinsurance?

Beware Monzo phishing scams via SMS

California Pizza Kitchen data breach exposed 100,000 employee SSNs

California Pizza Kitchen Serves Up Employee SSNs in Data Breach

Companies are getting better at bouncing back from ransomware

Companies Get Better at Fighting Ransomware Despite Escalating Threats

Cybercriminals discuss new business model for zero-day exploits

Defense Contractors Highly Susceptible to Ransomware

Emotet botnet comeback orchestrated by Conti ransomware gang

Fake TSA PreCheck sites scam US travelers with fake renewals

FBI Issues Flash Alert on Actively Exploited FatPipe VPN Zero-Day Bug

FBI warning: This zero-day VPN software flaw was exploited by APT hackers

How to handle third-party security risk management

How to recognize and avoid a phishing scam

How to strengthen incident response in the health sector

Incomplete data from ransomware victims leave lawmakers concerned where attacks stand

Insurers run from ransomware cover as losses mount

Iranian Hackers Charged for Disinformation and Threat Campaign to Influence the 2020 US Presidential Election

IRS Loads Enforcement Gun For Billions In Crypto Seizures In 2022, 93 Percent Of All Seizures Were Crypto In 2021

Is a coordinated cyberattack brewing in the escalating Russian-Ukrainian conflict?

Israel: Gantz's Employee Intended to Spy for Iran for $7,000, Report Says

Lack of API visibility undermines basic principle of security

Less than Half of Consumers Change Passwords Post-Breach

Malicious PyPl Packages Downloaded 40,000+ Times

Microsoft Defender gets AI-assisted ransomware brakes

Microsoft warning: Now Iran's hackers are attacking IT companies, too

Mitigating the risk posed by remote work

North Korean APT Group Steps Up Espionage Ops in 2021

Only half of companies employ a CISO

Philips, CISA Warn of Medical Device Product Security Flaws

Premier Property Lawyers: Police investigate firm's IT incident

Puppies, Fake Apps Among Scams Better Business Bureau Says to Watch for in Holiday Season

Putnam County Sheriff’s Department’s Facebook page got hacked

Ransomware actors have found a cunning way to bypass your endpoint protection

Ransomware attacks can wreak havoc

Ransomware is now a giant black hole that is sucking in all other forms of cybercrime

Ransomware Rascals Busted Hawaii Five-O Style

Significant Security Flaw Left 6 Million Sky Routers Customers Exposed

Six million Sky routers exposed to takeover attacks for 17 months

Sky Slow to Fix Bug in Routers

Suspected Chinese Cyber Espionage Campaign Breached Nine and Targeted 370 Critical Organizations

The unforeseen risks of sharing smartphone location data

Transition from Cybersecurity to Cyber-Immunity, Says Eugene Kaspersky

U.S. Charged 2 Iranian Hackers for Threatening Voters During 2020 Presidential Election

US Banks Will Have 36 Hours to Report Cyberattacks, Regulators Say

US regulators order banks to report cyberattacks within 3 days

Using AI to deal with ransomware attacks

Utah medical center hit by data breach affecting 582k patients

Watch out - that Netflix offer might be a phishing scam

Zero Trust: An Answer to the Ransomware Menace?

18th November

3 Top Tools for Defending Against Phishing Attacks

Android malware BrazKing returns as a stealthier banking trojan

Are cybercriminals actively recruiting your employees to attack you with ransomware?

Black Kite Report: 20% of US Defense Companies Vulnerable to Ransomware Attacks

Bots are lurking in your zombie and shadow APIs

California Pizza Kitchen Warns Employees of Personnel Data Breach

China's APT41 Manages Library of Breached Certificates

College for cyber criminals: Dark web crooks are teaching courses on how to build botnets

Companies Still Struggling with Implementing Backup Plans

Critical Root RCE Bug Affects Multiple Netgear SOHO Router Models

Cyber complexity negatively impacts a company’s ability to respond to threats

Cyber insurance is a fallback, not a solution for a ransomware attack

Dark web crooks are now teaching courses on how to build botnets

Department Of Justice (DOJ) Battles Ransomware Attacks

Experts Expose Secrets of Conti Ransomware Group That Made 25 Million from Victims

FBI: FatPipe VPN Zero-Day Exploited by APT for 6 Months

FBI attack shows all are vulnerable to phishing

FBI warns of APT group exploiting FatPipe VPN zero-day since May

Federal government still in the dark on ransomware

Gartner: Ransomware top risk priority for auditors in 2022

Glitch service abused to host short-lived phishing sites

Hackers deploy Linux malware, web skimmer on e-commerce servers

High severity Intel chip flaw left cars, medical and IoT devices vulnerable

How Common Are Ransomware Attacks? Lawmakers Want to Find Out

How to avoid phishing scams in times of COVID-19

How to improve your SaaS security posture and reduce risk

Iran-backed hackers accused of targeting US with ransomware, other cyber threats

Memento ransomware gang quick to retool for ‘optimum’ outcome

Microsoft: Iranian state hackers increasingly target IT sector

New Memento ransomware switches to WinRar after failing at encryption

New phishing scheme targeting Netflix, other streaming users

New Ransomware Group Retools Attacks On the Fly

New Ransomware Reporting Rules for US Financial Institutions: Proposed Bill Would Require Government Permission for Payments Over $100,000

New Side Channel Attacks Re-Enable Serious DNS Cache Poisoning Attacks

North Korean Cyber-criminal Recycles Tactics and Targets

North Korean cyberspies target government officials with custom malware

Out-of-hours ransomware attacks have a greater impact on revenue

Palo Alto Networks’ Unit 42 Warns Cloud Attacks, Ransomware on the Rise

'PerSwaysion' Phishing Campaign Still Ongoing, and Pervasive

Ransomware, Supply Chain, Trojans Drive Cyber Risk for Asia Pacific Financial Firms

Ransomware, supply chain and trojans top cyber risks against financial institutions

Ransomware and your business

Ransomware Phishing Emails Sneak Through Secure Email Gateways (SEGs)

Ransomware to RansomOps: Why APAC Enterprises are Increasingly Vulnerable

Reality check: Your security hygiene is worse than you think it is

RedCurl corporate espionage hackers resume attacks with updated tools

Revealed: The 200 Most used and Worst Passwords of 2021

Russian Cybercrime Forums Open Doors to Chinese-Speakers

Russian language hacking forums warming up to Chinese hackers

Security Industry Should Change the Rhetoric Around Cyber-Threats

Security leaders need more data and context to conduct cloud investigations

Singapore: 378 people fall prey to phishing scams in the first half of November

Singapore: Nearly 400 victims of phishing scams via email, texts in first 2 weeks of November

Singaporean regulator punishes biggest-ever data breach: Almost 5.9 million hotel customers' info exposed

Spear-Phishing Campaign Exploits Glitch Platform to Steal Credentials

Survey Shows Companies Recovering Quicker from Ransomware Attacks Despite Rise in Frequency

The COVID-19 crisis has fueled the increase of cybercrime in all its forms

The Extortion Economy: North Carolina's New Legislation to Counter Ransomware

The Facebook Outage and the Case for Cyber-Resilience

The six most common threats against the device that knows you best

The surge in ransomware attacks is finally throwing information security in sharp relief

Threat Actors Discuss Leasing Zero-Day Exploits

TikTok influencers are being targeted by this dangerous new phishing threat

U.S. Lawmakers Push for Laws Requiring Increased Reporting of Ransomware Attacks

Understanding the Reality of Cyber Threats to Improve Defenses

US, Israel to combat ransomware attacks

US, UK, and Australia pin Iran for exploiting Fortinet and Exchange holes

US and UK agencies say Iran is behind ‘ongoing’ ransomware campaign

US indicts Iranian hackers for Proud Boys voter intimidation emails

WordPress Sites Face Wave of Fake Ransomware Scams

17th November

10 tips for staying digitally secure during the holidays

20% of Defense Contractors at Risk for Ransomware Attack

48% Of Employees At Surveyed Companies Asked By Hackers To Aid Ransomware Attacks

76% of gamers were financially affected by a cyberattack, losing $700+ on average

93% of UAE businesses concerned about a ransomware attack this upcoming holiday season

Actionable tips to create a business cybersecurity plan

Afghanistan: UK Defense Ministry not aware of harm in data breach involving Afghan interpreter email addresses

Australia: Is it legal to pay a ransomware demand - and other critical questions

Beware the Chinese Ransomware Attack With No Ransom

Businesses are forced to adopt new cybersecurity measures

Chris 21 payroll software provider hit by suspected ransomware attack

CISA releases cybersecurity response plans for federal agencies

Combating cybercrime: Lessons from a CIO and Marine veteran

Cryptomixers are helping hackers to launder ransomware payments

Cyber Changes Made by Organizations to Tackle Ransomware

Cyberthreats continue to grow in sub-Saharan Africa, with some threats reemerging

DDoS Attacks Surge 35% in Q3 as VoIP is Targeted

Decoding Biden's Push for Zero Trust: Why Should the Indian Government Adopt It?

DVLA's urgent scam warning as drivers hit by phishing texts and fake emails

Ethical Hackers Prevented $27B in Cybercrime

Evil Corp: 'My hunt for the world's most wanted hackers'

Exchange, Fortinet Flaws Being Exploited by Iranian APT, CISA Warns

Facebook says hackers from Pakistan targeted people in the previous Afghan government

Fake Ransomware Encryption Alert Targets WordPress Websites

Fake Ransomware Infection Hits WordPress Sites

Federal Cybersecurity Leaders Testify on State of Ransomware

Ghostwriter Disinformation Operation Linked to Belarus

GitHub fixed serious npm registry vulnerability, will mandate 2FA use for certain accounts

Gmail bait attacks targeting business

Governments Warn Iran Is Targeting Microsoft and Fortinet Flaws to Plant Ransomware

Hackers backed by Iran are targeting US critical infrastructure, US warns

Hackers targeted University of Oxford’s Covid vaccine research, cyber spies reveal

Hackers Targeting Myanmar Use Domain Fronting to Hide Malicious Activities

How to protect your organization from ransomware attacks during the holiday season

How Virtualization Helps Secure Connected Cars

HTML Smuggling Evades Many Cyberdefenses

Human Error, Blame Culture and Ransomware Combine to Undermine the Benefits of Cloud Adoption in Singapore

Illuminating the path: Compliance as the key to security-by-design

Indiana hospital notifying 1.5 million of ransomware attack after hackers leak PHI

Interisle study shows 663% increase in malware reports, alarming spike in IoT malware

Israel's Candiru Spyware Found Linked to Watering Hole Attacks in U.K and Middle East

Lawmakers seek metrics for Russian ransomware cooperation

Microsoft Warns about 6 Iranian Hacking Groups Turning to Ransomware

Most SS7 exploit service providers on dark web are scammers

Netflix Bait: Phishers Target Streamers with Fake Service Signups

Network Detection and Response (NDR) meets ransomware threat head on

Now Iran's state-backed hackers are turning to ransomware

Organizations More Susceptible to Ransomware Attacks During Weekends and Holidays

Phishing Scam Aims to Hijack TikTok ‘Influencer’ Accounts

Ransomware: How to mitigate Attacks

Rapid shift to digital is outpacing the ability of banks to respond to cyber threats

Record number of cyber attacks stopped as vaccine research is targeted

Revised FinCEN Advisory Warns Financial Institutions to Report Suspected Illegal Ransomware Payments

Risk & Repeat: Are ransomware busts having an effect?

Russian ransomware gangs start collaborating with Chinese hackers

Securing multi-cloud environments: Why DIY privilege access management doesn’t work

Security Threats, They Are a Changin’

Sophos Threat Report Identifies Key Trends in Ransomware Attacks

South Africa: Organisation warns community members against phishing scams

South Korea: 'Face-to-face phishing' on rise

Stripchat database mess up exposes 200M adult cam models, users’ data

The latest trends in online cybersecurity learning and training

The ransomware threat is getting worse. But businesses still aren't taking it seriously

The Rise of Device Encryption

Threat actors offer millions for zero-days, developers talk of exploit-as-a-service

TikTok phishing threatens to delete influencers’ accounts

Top Industries Attacked by Ransomware Include Manufacturing, Construction

U.S., U.K. and Australia Warn of Iranian Hackers Exploiting Microsoft, Fortinet Flaws

UK fighting hacking epidemic as Russian ransomware attacks increase

UK GDPR Post-Brexit: Everything You Need to Know

UK Spooks Handled Record Number of Cyber-Incidents Last Year

US, Australia and UK warn Iranian hackers leveraging known vulnerabilities to deploy ransomware

US, UK warn of Iranian hackers exploiting Microsoft Exchange, Fortinet

US says Iran-backed hackers are now targeting organizations with ransomware

US to Sell $56m in Seized Crypto-Currency

Vaccine research among cyber attack targets

Victims of $2 billion BitConnect fraud to get back $57 million

Wealden District Council investigating data breach

What is challenging secure application development?

What’s preventing organisations from protecting themselves from cyberattacks?

Why are you still using QWERTY? 2021's most common passwords revealed

Why Breach Notification Matters

Why cyber crime groups are some of the world’s most effective startups

Your weak passwords can be cracked in less than a second

16th November

5 Ways to Avoid Getting Hacked (Again)

8 cybersecurity predictions for 2022 and beyond

14 tactics to use during a ransomware negotiation

200 Million Adult Cam Model, User Records Exposed in Stripchat Breach

A.I. is helping detect cyberattacks. It needs to do more

Affiliates of REvil Ransomware Group Arrested, $6 Million Seized

Alternative ways to improve business email security

An Application-Led Approach to Security Challenges

Anatomy of a Ransomware Attack: Immutable Cloud Blob to the Rescue!

Are You the Victim of a Data Breach? The most common ways data breaches occur

Avast Q3/2021 Threat Report Reveals Elevated Risk for Ransomware and RAT Attacks

Bad Santa: Amazon, Facebook top Mozilla's naughty list of privacy-crushing gifts

Belarus government accused of 'partial responsibility' for Ghostwriter campaigns

Black Fog concludes a ransomware report on how many attacks were observed this year

Black Friday scammers are ready and waiting!

Can You Predict the Likelihood of a Ransomware Attack? Yes, You Can

Creating A World In Which Data Breaches Are Improbable, Not Inevitable

Cryptojackers Disable Alibaba Cloud Security Agent

Cryptomixers Enable Ransomware Payment Laundering

Cultural divide between IT and OT teams leaves 65% of organizations unable to secure both environments

Cyber attack affects Federal Group payroll system but staff will still be paid

Cybercrime: how to not make the headlines

Cybercriminals Increasingly Employ Crypto-Mixers to Launder Stolen Profits

Cybersecurity experts say public-private partnership is the key to preventing future attacks

Data and the Cat-and-Mouse Game of Security

Data Breach Pulse Check: On-Prem Database Security

Data Breach Rule for Health Apps Leaves Developers in the Dark

Doubling Down on Ransomware Protection

Eliminate the growing pains from your security strategy

Emotet, once the world's most dangerous malware, is back

Emotet is Rebuilding its Botnet

Emotet malware reemerges, building botnet via Trickbot malware

Emotet Resurfaces on the Back of TrickBot After Nearly a Year

Ethical hackers reduce $27 billion in risk during COVID-19

Ethical Hackers Stymie $27bn of Cybercrime

Examples of Large & Small Business Cyber Attacks: Fighting for Survival Against a New Wave of Cyber Criminals

Exploit-as-a-service: Cybercriminals exploring potential of leasing out zero-day vulnerabilities

Facebook Bans Pakistani and Syrian Hacker Groups for Abusing its Platform

Facebook says hackers in Pakistan targeted Afghan users amid government collapse

FBI Hack Called ‘Tipping Point’ in Struggle Against Cybercrime

FBI Email Hoaxer ID’ed by the Guy He Allegedly Loves to Torment

Fear and shame are making it harder to fight ransomware and accidental data loss, report finds

Government Plans Regulation to Bolster Supply Chain Security

Hackers Have Approached Employees from Nearly 50% of Businesses to Assist in Ransomware Attacks

Hackers try to obtain passwords for email accounts of Taiwan government staff

Hacking Group MosesStaff Targets Israeli Groups

Here are the new Emotet spam campaigns hitting mailboxes worldwide

How To Spot A Sophisticated Phishing Scam Targeting Transportation Security Administration (TSA) PreCheck Members

HTML Smuggling Techniques on the Rise

If cybercriminals can’t see data because it’s encrypted, they have nothing to steal

Information Sharing to Counter Cybercrime

K-12 School Districts Failing at Cloud Security

Lawmakers Dig for Details in Federal Response to Ransomware

Microsoft adds AI-driven ransomware protection to Defender

Microsoft warns of the evolution of six Iranian hacking groups

MosesStaff attacks organizations with encryption malware - no payment demand made

MosesStaff Locks Up Targets, with No Ransom Demand, No Decryption

New banking Trojan SharkBot makes waves across Europe, US

New Blacksmith Exploit Bypasses Current Rowhammer Attack Defenses

New Zealand: National Cyber Security Centre reports a surge in criminal cyber attacks

Nine percent of parents say their child’s school has been hit with ransomware

Notorious Emotet Botnet Makes a Comeback with the Help of TrickBot Malware

NPM fixes private package names leak, serious authorization bug

Operational technology and zero trust

Overcoming the 3 Biggest Challenges in System Hardening

OWASP Addresses API Security

Personal Data Protection Commission (PDPC) fines RedDoorz Singapore's site operator over data leak of 5.9m consumers

Phishing scam attempt to steal more than $3 million in Washington County funds thwarted

Preventing Major Data Leaks: A Cybersecurity Explainer

Protect your digital marketing toolbox with email security

Protecting today’s web applications requires more than a firewall

ProxyShell vulnerabilities exploited in domain-wide ransomware attacks

RansomOps: Detecting Complex Ransomware Operations

Ransomware gangs are now rich enough to buy zero-day flaws, say researchers

Ransomware Susceptibility High for Leading U.S. Defense Contractors

Report implicates Belarus in anti-NATO cyber campaign

Researchers Demonstrate New Way to Detect MitM Phishing Kits in the Wild

Researchers Spot Comeback of the Emotet Botnet

Retail, Food & Beverage (F&B) breaches spell cyber risks heading into holiday season

Robinhood Hack Also Included Thousands of Phone Numbers

Rooting Malware Is Back for Mobile. Here’s What to Look Out For

Should you pay the ransom? Here’s why that’s the wrong question

Shrinking cyber budgets are leaving businesses at risk

Study finds knowledge gaps in K-12 cloud security

The dead live longer: Emotet is back

The Evolution of Ransomware Extortion Schemes

The infamous Gamaredon threat group reportedly linked to Russia

The inside story of ransomware repeatedly masquerading as a popular JS library for Roblox gamers

The three C's of supply chain risk

The Top 10 Ways Ransomware Operators Ramp Up the Pressure to Pay

These are the cryptomixers hackers use to clean their ransoms

This new attack bypasses Rowhammer defenses in most DRAM, say researchers

TikTok scammers tried hacking 125 targets that followed famous accounts, researchers find

Tips for Surviving Big Game Ransomware Attacks

Trend Micro blocked over 8 million threats in Kuwait: H1 report

TrickBot operators teamed with Shathak Attackers; deploying Conti ransomware

U.S. Partners With Israel to Tackle Growing Crypto-related Ransomware Attacks

U.S. Treasury sanctions Latvia-registered "mailbox" company over money-laundering allegations

US Partnering with Israel to Counter Ransomware, Regulate FinTech

Veritas Study Reveals Office Workers Often Neglect to Report Data Loss

We Have to Change the Decision Calculus’ to Stop Ransomware

We need a Cyber Awareness Century

Wealden District Council statement following personal data breach

What Online Retailers Can Do To Protect Customer Data

Why traditional email security solutions and training alone aren’t enough

WordPress sites are being hacked in fake ransomware attacks

Zoom patches vulnerabilities in its range of conferencing apps

15th November

6 Tips To Keep in Mind for Ransomware Defense

7 million Robinhood user email addresses for sale on hacker forum

42% of UK Gamers Have Experienced a Cyber-Attack on Their Account or Device

60% of orgs hit by ransomware-as-a-service attacks in the past 18 months

91% of IT leaders affected by supply chain disruption

10,000+ websites and apps are vulnerable to Magecart

A tidal wave of ransomware is changing the cyber insurance game

Adult Cam Website ‘Stripchat’ Exposes User and Model Info in Data Leak

Afghanistan: Ministry of Defence not aware of any harm following data breaches

Alibaba ECS instances actively hijacked by cryptomining malware

As ransomware attacks rise, US government advice to protect K-12 schools is “vastly outdated”

Bad form: FBI server sending fake emails taken offline and fixed, no data impacted

Center for Human Development (CHD) warns of data breach exposing employees, individuals served

China looks to classify online data in draft security laws

CISA: Patch These ICS Flaws Across Multiple Vendors

Costco says card skimmers were found at Chicago-area warehouses, less than 500 people affected

Cyber Insurance Claims Spike With Major Attacks, but Ransomware Costs Down Sharply From 2020

Cybercriminals Target Alibaba Cloud for Cryptomining, Malware

Cybersecurity for Sports and Entertainment

Cybersecurity Lessons Learned from Working in Diplomacy and International Trade

Cybersecurity Report Details Phishing Threats And Their Respective Trends Across 2020 To 2021

Data Breach of Robinhood Trading Platform Blamed on Social Engineering, Similar to 2020 Twitter Breach

Digital life after death: Do you have a password-sharing plan in place?

Don't fall for LinkedIn phishing: How to watch for this credential-stealing attack

DVLA issues urgent scam warning as drivers get phishing texts and fake emails

DVLA warning to drivers over new scams – how to avoid them

Email safety and why it matters

Emotet malware is back and rebuilding its botnet via TrickBot

Facebook and Google "listening" is more pervasive than you think

Fake emails exploited FBI email service to warn of phony cyberattacks

Fake Ransomware Infection Spooks Website Owners

FBI Fixes Misconfigured Server After Hoax Email Alert

FBI Says Its System Was Exploited to Email Fake Cyberattack Alert

FBI sends fake cyber threat alert after being hacked by spammer

FBI Server Was Hacked to Send Over 100,000 Spam Emails With Fake Information

Fraud Awareness Week: Addressing Surging Business Fraud

Hacker accessed FBI server to send fake email threats

Hacker Compromises FBI Server to Send Fake Emails

Hackers leak Kent school files in 'highly sophisticated' cyber attack

Healthcare organizations at risk: The attack surface is expanding

High severity BIOS flaws affect numerous Intel processors

High-Severity Intel Processor Bug Exposes Encryption Keys

How big data analytics helps enterprises improve cybersecurity

How can I protect myself from ransomware?

How organizations are beefing up their cybersecurity to combat ransomware

How to achieve permanent server hardening through automation

How to Negotiate With Ransomware Attackers

How To Protect Critical Infrastructure from Cyber-Criminals

How to Tackle SaaS Security Misconfigurations

HPE says Aruba customer data compromised after data breach

'HTML Smuggling' technique identified in increasing Russian-backed NOBELIUM spear-phishing attacks

Intel chip flaw could enable attacks on laptops, cars, medical devices (CVE-2021-0146)

Keeping Up With the Botnets

Malicious shopping websites surge in number in advance of Black Friday

Microsoft 365: Should Your Organization be Worried About Microsoft 365 Vulnerabilities?

Moses Staff hackers wreak havoc on Israeli orgs with ransomless encryptions

Nation-state threat actors are motivated by intelligence, cash

New 'Moses Staff' Hacker Group Targets Israeli Companies With Destructive Attacks

New Rowhammer technique bypasses existing DDR4 memory defenses

New vulnerabilities allowed attackers to intercept Zoom meetings

New York needs to get ahead of cyberattacks, audit finds

North Korean Hackers Target Cybersecurity Researchers with Trojanized IDA Pro

Old Vulnerabilities, New Ransomware Attacks: A Dangerous Combo

Post-pandemic Growth Starts With Understanding Cyber Risk

Privacy commissioner orders probe into government data leak that may have put Afghans in danger

ProxyShell leads to domain-wide ransomware attack

Ransomware Hogs the Spotlight, but It's Not the Only Malware to Watch Out For

Ransomware Prevention: Insurance is Not Enough

Researchers Demonstrate New Fingerprinting Attack on Tor Encrypted Traffic

Russian National Charged With Laundering Ryuk Ransoms

Secure Data in Work-from-Home Situations

Singapore's RedDoorz Hotel Chain Hit by Cyberattack, 5.9mn Users' Data Breached

Someone Hacked the FBI & Sent Fake Cybersecurity Email Warnings

The Best Ransomware Response, According to the Data

The Evolution of Ransomware

The Spamhaus Project has discovered a new e-mail phishing scam that has put the personal data of 100,000 Netizens at risk

The Troubling Rise of Internet Access Brokers

This mysterious malware could threaten millions of routers and IoT devices

U.S. Seeks Extradition of Russian Suspect For Ransomware Money Laundering

Uptick in Major Hacking Incidents Sparks 'Priority' Hiring of More Cyber Security Experts

US and Israel Agree Anti-Ransomware Coalition

US and Israel join forces to fight ransomware

Was Your Data Breached? Reporting Requirements Vary By State, Angering Customers and Advocates

We have failed to stop phishing, even after 2 decades. Can we finally agree that emails need digital signatures?

What Is Cyber Extortion?

What Online Retailers Can Do To Protect Customer Data This Holiday Season

When cybersecurity becomes terrifying

When it comes to securing systems against quantum computers, there is no one-size-fits-all solution

While Still Recovering, Global Supply Chains Threatened by Hackers Launching Cyberattacks

Why Cloud Security Posture Management Is Essential to Your Overall Security Plan

Why is healthcare cybersecurity dismal? Inconsistencies, poor investments

Windows 10 Phishing Attack Targets App Installer Process