Welcome to this week's Data Breaches Digest, a catalogue of links concerning Data Breaches and Cyber Security that were published on the Internet during the period between 13th December and 19th December 2021.
19th December
2021 Cyber Review: The Year Ransomware Disrupted Infrastructure
Blackmail group Conti uses “Log4Shell” vulnerability for its ransomware
Caution: Log4j and TellYouThePass ransomware are attacking your servers!
Correos explains how to avoid being scammed this Christmas
Crypto Security in 2022: Prepare for More DeFi Hacks, Exchange Outages, and Noob Mistakes
Crypto Users Should Prepare For More Security Threats In 2022
Difficult to determine full blast radius of Internet bugs: Google
Facebook Bans Delhi-based IT Firm BellTroX for Hacking Accounts of Senior Government Officials, Journalists and Others
Grim Finance hacked – $30 million worth of tokens stolen
Hackensack Healthcare Providers Settle Investigation with OAG Following Two Data Breaches
Hive: A terribly lively ransomware franchise
Lessons India Can Draw From Sri Lanka’s Efforts With Data Protection Legislation
Many phishers impersonate government institutions, data shows
Meta bans cyber spying firms from its platforms
NASA: Mars helicopter Ingenuity does not use Log4j
New cyberespionage campaign discovered, possibly linked to Iran
New stealthy DarkWatchman malware hides in the Windows Registry
Over 500,000 Android Users Downloaded a New Joker Malware App from Play Store
Pro Wrestling Tees Issues Out Statement To Customers Following Data Breach
Pro Wrestling Tees Suffers Security Breach, Statement Released
Protecting yourself from cybercrime
'Residents should be wary' - Councils issue warning on Amazon scam ahead of Christmas
Return of Emotet lights up warning of new ransomware attacks
Russian hackers leak confidential UK police data on the 'dark web' after their ransom was rejected
The biggest cyber hacks of 2021
Urgent Phishing Alert: Warn Your Customers Against AdultFriendFinder Cons Today
18th December
5 tell-tale signs of scam emails
Apache Issues 3rd Patch to Fix New High-Severity Log4j Vulnerability
Apache Log4j: New Attack Vectors, Ransomware Seen
Apache releases new 2.17.0 patch for Log4j to solve denial of service vulnerability
Conti Ransomware Group Exploiting Log4j Vulnerability
German audio tech giant Sennheiser exposed 55GB of customers’ data
Hall County’s ‘crippling’ cyberattack last year cost $1.7M. Here’s what else we’ve learned since then
Holiday Cyber Storm Warnings
How to Successfully Handle Press Releases After a Data Breach
Mean Time To Detect (MTTD)
New Local Attack Vector Expands the Attack Surface of Log4j Vulnerability
Privacy Commissioner Notified After Data Breach At Five Counties Children’s Centre
Ransomware persists even as high-profile attacks have slowed
Rising ransomware attacks doubles premium for cyber cover
Telcos Are on Phishers’ Radar, Who Is at Risk?
The game of fraud also runs in the name of Cryptocurrency! In this way you can make safe investments
Three-fourths of organisations in India have been hit by ransomware threat this year
Upgraded to log4j 2.16? Surprise, there's a 2.17 fixing DoS
17th December
5 tips for a stronger cybersecurity posture for retailers
5 trends that will shape the fraud and security landscape in 2022
9 Essential Steps To Take When Your Business Is Hit By A Ransomware Attack
39 Ransomware Groups Targeted Healthcare in the Past 18 Months
91% baiting attacks are launched through Gmail
A Sommelier's Guide To Cybersecurity New Year's Resolutions
All Log4j, logback bugs we know so far and why you MUST ditch 2.15
Android malware warning: Over 500,000 users have been infected after downloading this app from Google Play
Anubis malware resurfaces targeting crypto wallets and banking apps
Apache Log4j Vulnerability – Why It’s Dangerous and How to Prevent a Breach
Are companies unknowingly helping cybercriminals to launch ransomware attacks?
Attacks on UK Firms Increase Five-Fold During Pandemic
B&K Issues Cyber-attack Notice
Barracuda makes nine predictions of what 2022 has in store for cybersecurity
Botnet hijacking hundreds of crypto transactions in India
Brand-New Log4Shell Attack Vector Threatens Local Hosts
Canada’s Desjardins Group Reaches Settlement Over Massive Data Breach in 2019
CISA: Prepare Now for Holiday Cyber Onslaught
Coles, Westpac, AMP and Department of Defence caught up in 'significant' data breach of Finite Recruitment
Companies Face Payroll Problems Following Kronos Ransomware Attack
Conti Gang Suspected of Ransomware Attack on McMenamins
Conti Ransomware Hitting VMware vCenter With Log4j Exploit
Conti ransomware uses Log4j bug to hack VMware vCenter servers
Convergence Ahoy: Get Ready for Cloud-Based Ransomware
Cybersecurity Risks Around Smart City Development
Cybersecurity risks in medical devices
Desjardins could pay $200 million to settle lawsuit from data breach
Desjardins data breach: Class action lawsuit agreement reaches $201 million
Desjardins settles 2019 data breach class action lawsuit for up to nearly $201M
Egyptian exiles targeted with Predator spyware resembling NSO Group's Pegasus
Facebook Bans 7 'Cyber Mercenary' Companies for Spying on 50,000 Users
FBI thinks Ukrainian hackers are behind HelloKitty ransomware
FBI Warns That Cuba Ransomware Gang Made $44 Million After Compromising 49 Critical Infrastructure Entities in Five Sectors
Five things to consider before choosing an MFA solution
Forget Holiday Cheer, The Cream Cheese Shortage Is Here
Freezing Your Credit Can Protect You Against Identity Theft, but Few Consumers Take Advantage
Government alert over new Carte vitale reimbursement scams in France
How falling for a phishing email led to a crippling ransomware attack in Ireland
How password troubles could cost your online business potential sales
How this Delhi IT firm continues to hack influential people globally
How to Block Robotexts and Spam Messages
How To Get Rid of Crypto Virus
How to protect yourself, your finances from scams while doing your holiday shopping
Identity Theft Is Out and Identity Fraud Is In; The Identity Theft Resource Center’s 2022 Predictions Indicate Major Shifts
Increasing cyber risks requires organizations to have extra visibility
India: Data breach to be reported in 72 hours
India Stands Third In Data Breaches! Over 86 Million People Affected Till 2021
Key takeaways from the Log4Shell vulnerability
Khonsari ransomware exploiting Log4j bug to target Minecraft servers, Microsoft confirms
Log4j: Conti ransomware attacking VMware servers and TellYouThePass ransomware hits China
Log4j: Major IT vendors rush out fixes for this flaw and more ahead of Christmas
Log4j vulnerability opened the door to the ransomware operators
Log4Shell – The API Security Challenge
Malicious Joker App Scores Half-Million Downloads on Google Play
Meta: Surveillance-for-Hire Firms Hit 50,000 Victims
Mitigating against DDoS attacks
Nearly a quarter of employees are likely to fall for phishing attacks
Neuberger: Change Your Passwords Now
New Jersey Provider Settles Two Healthcare Data Breach Investigations For $425K
New PseudoManuscrypt Malware Infected Over 35,000 Computers in 2021
New South Wales (NSW) government casual recruiter suffers ransomware hit
Next generation human firewall
Now is a good time to run a simple check and make sure your data is protected
One in Five Employees Fail the Gone Phishin’ Test as Security Hygiene Remains a Chronic Problem
Pengertur Cautions Finnish Consumers Following Massive Malware Attack & Offers Advice to Impacted Mobile Phone Users
Ransomware Actors Attack Most Often on Fridays
Ransomware affects the entire retail supply chain this holiday season
Ransomware Takes Down HR as A Service (HRaaS) for Weeks!
Russian cyber terrorists main suspects for 'very significant' ransomware attack on Irish hospital
Security firm Blumira discovers major new Log4j attack vector
Spider-Man: No Way Home exploited to push phishing and malware scams
Spider-Man Fans Warned About Scams Leveraging New Movie
Spider-Man Movie Release Frenzy Bites Fans with Credit-Card Harvesting
'Supply chain' ransomware attacks like University of Utah's on the rise
Tell your phone carrier to stop selling your personal data (and why you should care)
TellYouThePass ransomware revived in Linux, Windows Log4j attacks
Tens of thousands locked out of Australian Taxation Office (ATO) Online accounts after payroll hack
The Importance of Password Protection for Your Business
The Playbook for Human-Operated Ransomware
The Role Of Endpoint Detection And Response In Today’s Enterprise Security
The Salt Lake City Police Department has issued a warning to residents about a phishing scam using phone calls
This company was hit with ransomware, but didn't have to pay up. Here's how they did it
This Holiday Season, Don't Forget to Prepare Your Organization for Cyber-Threats
Top 5 Ways to Improve Your CyberSecurity Small Businesses
U.S., Australian Law Enforcement Enter Into Partnership Against Cybercrimes
Unauthorized EHR access may have exposed data of 883 Baylor Scott & White patients
What Is Ransomware And How Does It Work?
What you Need to Know About Phishing Malware
Why the healthcare cloud may demand zero trust architecture
Why We Need To Beat ‘Breach Fatigue’ — At Work and at Home
Widely-Used Kronos Payroll Provider Down for “Weeks” Due to Ransomware Attack; Was Log4Shell Involved?
16th December
3 Ways Zero-Trust Network Access (ZTNA) Improves Remote Access Security
4 Ways IP Data Can Help Fight Cybercrime
4-fold rise in data theft in a year, 86.6 million Indian users had personal info stolen, says report
6 life-changing tech habits you need in 2022
60% of UK Workers Have Been Victim of a Cyber-Attack, Yet Awareness Remains Low
2021 in cybersecurity: How did America fare?
Adoption of private 5G networks accelerates, as organizations look to improve security and speed
All Change at the Top as New Ransomware Groups Emerge
Anubis Android malware is targeting your banking apps
Anubis campaign targets hundred of financial apps
Australia: Home Affairs releases second Critical Infrastructure Bill with leftover obligations
Australia: Little oversight over Notifiable Data Breach scheme
Australia and US sign CLOUD Act data-sharing deal to support criminal investigations
Australia's Information Commissioner (OAIC) determines Australian Federal Police (AFP) interfered with privacy of Australians after using Clearview AI
Australian government under a 'significant' ransomware attack disrupting all IT services
Become a ‘smart’ Internet user
Botnet steals half a million dollars in cryptocurrency from victims
Brazil investigates use of staff credentials in cyberattacks against government bodies
CISA, White House urge organizations to get ready for holiday cyberattacks
Cohesity says Philippines customers taking ransomware seriously
Coombe Hospital hit by new ransomware attack
Cryptocurrency, edge, esports are new targets of cyberthreats in 2022
'Cyber is the most dangerous weapon in the world,' JPMorgan council warns
Cyberattack threats likely to increase in new year
Cybersecurity Experts Issue Warning for Google Chrome Users
Cybersecurity in the Higher Education (HE) sector – getting the basics right
‘DarkWatchman’ RAT Shows Evolution in Fileless Malware
Data security is critical to your organization’s reputation strategy
Deepfakes: a future threat to watch as cybercriminals develop their skills in this area
Europe’s quantum communication plans: Defending against state-sponsored cyber attacks
Even the Ingenuity Mars helicopter might be vulnerable to log4j
Experts: All Breach Victims Should Freeze Credit
Facebook disrupts operations of seven surveillance-for-hire firms
FCS Financial Data Breach Alert
Five cybersecurity lessons learned in 2021
France Orders Clearview AI to Delete Data
From ransomware to RansomOps: What you need to know about the newest threat
Google: This zero-click iPhone attack was incredible and terrifying
Growing Cyberthreats, Surging Insurance Costs
Gumtree classifieds site leaked personal info via the F12 key
Homeland Security Offering $5,000 Bug Bounty to Hack DHS
How Universities Can Modernize Their Ransomware Protection
Hive ransomware enters big league with hundreds breached in four months
How expired web domains help criminal hackers unlock enterprise defenses
How organizations should prioritize security vulnerabilities
How SMEs can ensure business IT security measures are sufficient in an evolving threat landscape
How to implement security into software design from the get-go
Iranian hackers target Israel using coding flaw
Iranian Ransomware Is Coming for the United States
Irish health service missed several chances to stop devastating ransomware attack
It’s not all about the C-suite: How to digitally protect employees
Lenovo laptops vulnerable to bug allowing admin privileges
Log4j attackers switch to injecting Monero miners via RMI
Log4j flaw: This new threat is going to affect cybersecurity for a long time
Log4j worm fears arise
Maryland COVID data access ‘partially restored’ after security incident
McMenamins breweries hit by a Conti ransomware attack
McMenamins says it was hit by a ransomware attack
Meta expands bug bounty programme to cover data scraping
Meta removes accounts of spyware company Cytrox after Citizen Lab report on government hacks
Microsoft: Khonsari ransomware hits self-hosted Minecraft servers
MobileIron customers urged to patch systems due to potential Log4j exploitation
Most risk-based vulnerability management programs ineffective
Nation-State, Ransomware Groups Using Log4j Bug In Attacks
Neighboring States Hit By Ransomware Attacks in Two Weeks
New Fileless Malware Uses Windows Registry as Storage to Evade Detection
New Jersey Cancer Care Providers Settle Data Breach Claim
New Phorpiex Botnet Variant Steals Half a Million Dollars in Cryptocurrency
New Zealand: Teaching Council Addresses Inadvertent Data Breach
Newfoundland and Labrador rebuilding 'from scratch' systems downed by cyberattack using backups
NSO zero-click iMessage exploit hacks iPhone without need to click links
Omicron PCR test phishing email scams and all of the other warnings you need to beware of
One Of North America’s Largest Propane Distributors Reports Ransomware Attack
Online Shoppers Could Face Eight Million Credential Stuffing Attacks Per Day Over Christmas
Online shopping at risk: Mobile application and API cyber attacks at critical high
Phorpiex botnet returns with new tricks making it harder to disrupt
‘PseudoManuscrypt’ Mass Spyware Campaign Targets 35K Systems
Ransom DDoS Enters its Fourth Wave
Ransomware attack at HR software provider Ultimate Kronos Group could impact clients for weeks
Ransomware attack impacts University of Utah payroll software
Ransomware Attack on McMenamins Systems May Compromise Personal Information of Employees
Ransomware Attackers Have ‘Industry Standards’ Too
Ransomware strikes widely in Japan, from hospitals to local shops
Researchers Uncover New Coexistence Attacks On Wi-Fi and Bluetooth Chips
Ripon man scammed out of house deposit by fraudsters posing as courier
Sainsbury's payroll hit by Kronos attack
Security priorities are geared toward ongoing remote and hybrid work
Several bank hacking victims claim being doxed by fraudsters
Sounds Phishy – The Rise of Vishing Scams
Spain: Message From Banco Bilbao Vizcaya Argentaria (BBVA) Is A Phishing Scam That Steals Your Personal And Banking Details
Suspected Iranian hackers target airline with new backdoor
The biggest healthcare data breaches of 2021
The impact of the Log4j vulnerability on OT networks
The Inevitability Of Ransomware Attacks: An End-To-End Solution To Recover Without Paying
‘The Internet is on fire’: Why you need to be concerned about Log4Shell
The Long and Short Roads to Security Maturity
The Philippines: Bank fraud probe tags 6 ‘persons of interest’
The security flaw that’s freaked out the internet
The State of Security Assurance in 2021 and Outlook on 2022
‘Tropic Trooper’ Reemerges to Target Transportation Outfits
Trust in Legacy Vendors Sinks as Ransomware Spikes
UK National Cyber Strategy welcomed
UK Venues Must Protect User Privacy During COVID-19 Checks
Understanding the Difference Between Ransomware and Killware
US, EU working to ‘operationalize’ relationship on ransomware
US and Australia Enter CLOUD Act Agreement
US concerns grow over potential Russian cyber targeting of Ukraine amid troop buildup
US cyber security officials see mainly low-impact attacks from logging flaw
Variant of Phorpiex botnet used for cryptocurrency attacks in Ethopia, Nigeria, India and more
What should be Australia’s public sector response to strengthening online security?
What the heck is smishing?
When done right, network segmentation brings rewards
Why the arrests of cyber criminals in 2021 will incentize attackers in 2022
Will Cyber Attack on Payroll Company Keep Some Massachusetts Employees From Being Paid on Time?
15th December
10 Critical Steps to Take After a Ransomware Attack
A ransomware attack has hit a Virginia state agency
After theft of $77.7 million, crypto platform AscendEX to reimburse customers
Allegheny Health Network Says Payroll System Was Hit By Ransomware Attack
Almost every second security event handled by Kaspersky’s incident response team connected to ransomware
Apache’s Fix for Log4Shell Can Lead to DoS Attacks
Attackers Target Log4J to Drop Ransomware, Web Shells, Backdoors
Beating back the ransomware threat in financial services
Chattanooga Chamber of Commerce investigating data breach, up to 2,000 members possibly affected
CISA warns critical infrastructure to stay vigilant for ongoing threats
Covid Pass scam: How to avoid the NHS Covid passport scam texts and where to get a legitimate one
Cyberattacks hit at least 3 Hawaii government systems in past week
Cybercrime can make your Christmas more costly. Here’s what to watch out for
Cybercrime peaks over popular shopping seasons
Cybersecurity: Offers too good to be true? Be wary
Cybersecurity, risk and compliance: What’s in store for 2022?
Cybersecurity experts debate concern over potential Log4j worm
Cybersecurity Standards, Ransomware, and Zero Trust: 3 Key Considerations for the UK Government
Data centre risks: steps to protect the backbone of your business
Debevoise & Plimpton Say Phishing Scam Is Using Firm’s Trademark
Don’t give a Christmas gift to cybercriminals this holiday season
Emotet starts dropping Cobalt Strike again for faster attacks
Endpoint Detection and Response (EDR) vs. Managed Detection and Response (MDR) Services: Which is Right for You?
Facebook to Pay Hackers for Reporting Data Scraping Bugs and Scraped Datasets
Fake Martin Lewis emails spark police warning over scammers after 300 reports
FBI Recovers Oregonians' Stolen Data
Ferndale Warns of Email Virus
Find network breaches before they crush your business
Four financial crime predictions for 2022
Google Disrupts Glupteba Cryptojacking Botnet With Removal of Hosted Ads, Documents and Accounts, & Notifications to Web Hosts
Government Experts in Last Minute Seasonal Scam Warning
Grindr Fined €6.5m for Selling User Data Without Explicit Consent
Grindr’s £8.5m fine slashed despite illegally sharing users’ data in worrying breach
Growing ransomware threat requires greater FSI preparation
Hackers approach staff to assist in ransomware attacks
Hackers Begin Exploiting Second Log4j Vulnerability as a Third Flaw Emerges
Hackers Trying To Exploit Technical Flaw That Could Give Them Access To Computer Systems Around The World
Hackers Using Malicious IIS Server Module to Steal Microsoft Exchange Credentials
HHS: Majority of health systems faced cyberattack in last 18 months
HMRC reported 17 serious data breaches to the ICO in last 15 months
How to beat the cybergrinches when festive shopping online
How to Determine if Your Network Security is Working
How to execute a successful ransomware tabletop exercise
How to protect your Phone from Smishing attacks
Initial access brokers: How are IABs related to the rise in ransomware attacks?
Iranian and Chinese State Hackers Exploiting Log4j Vulnerability
Iranian Hackers Abuse Slack For Cyber Spying
Just in time for Christmas, Kronos payroll and HR cloud software goes offline due to ransomware
Large-scale phishing study shows who bites the bait more often
Law firm Debevoise & Plimpton files lawsuit against domains used in phishing
Less than 2% of businesses use segmentation to protect mission-critical assets
Log4j: How to protect yourself from this security vulnerability
Log4j flaw: Now state-backed hackers are using bug as part of attacks, warns Microsoft
Log4j Looms Large Over Patch Tuesday
Log4j Threat Worsens As Microsoft Warns Of Multiple State-Sponsored Hackers On The Warpath
Log4j vulnerability: Why your hot take on it is wrong
Log4j vulnerability now used by state-backed hackers, access brokers
Log4Shell: A new fix, details of active attacks, and risk mitigation recommendations
Log4Shell: The New Zero-Day Vulnerability in Log4j
Log4Shell Vulnerability: What Security Operations Teams Need to Know Now and How SOAR Can Help You Detect and Respond
Malicious Exchange Server Module Hoovers Up Outlook Credentials
Many SMBs admit they are getting lazy with cybersecurity
McMenamins hit by ransomware attack; chain says customer data appears secure but employee info at risk
Meta targets user information, database scraping in bug bounty expansion
Microsoft confirms new ransomware family deployed via Log4j vulnerability
More than 50% of web servers still use insecure key exchanges
MSSPs Among Hardest Hit by Cyberattacks Targeting Backup Vulnerabilities
New "Hack DHS" program will pay up to $5,000 for discovered vulnerabilities
Notorious HelloKitty hackers tracked to unexpected country
Ongoing evolution of modern ransomware
Only 44% of Patients Trust Healthcare Providers to Safeguard PII
Oregon medical group notifies 750,000 patients of breach, says FBI seized accounts from HelloKitty ransomware
Password offenders: Who’s the naughtiest of them all?
Personal records of 80,000 Australian government employees stolen in cyber attack
Preventing cyber attacks at your home and business
Propane distributor Superior Plus admits ransomware breach
Protect Yourself From Cyber Attacks this Holiday Season
Protection, not cure, is the key to fending off ransomware criminals
Public urged to be vigilant against Covid vaccine and testing scams
Ransomware Attack Delays Pandemic Hazard Pay for Prince George's Health Workers
Ransomware attack has companies, including Giant, trying to find ways to pay employees this week
Ransomware attack threatens paychecks just before Christmas
Ransomware groups will target smaller businesses in 2022
Ransomware in 2022: We're all screwed
Ransomware trends to continue upward in 2022
Relentless Log4j Attacks Include State Actors, Possible Worm
Romanian Authorities Arrests Ransomware Affiliate
SAP Kicks Log4Shell Vulnerability Out of 20 Apps
Scams leave nasty bite & Australians $33m out of pocket in November
Securing The New Hybrid Workplace And Keeping Your Employees Protected
Shopping safely online this festive season
Sites hacked with credit card stealers undetected for months
South Africa: Info watchdog reveals 139 data breaches since POPIA
State-sponsored hackers abuse Slack API to steal airline data
The Cyber Crime Monster Will Only Grow Bigger & Dangerous
The cyber risk future doesn’t look good, but organizations are ready
The Log4J Software Flaw Is ‘Christmas Come Early’ for Cybercriminals
The Strategic Intelligence Value of Ransomware
There's a security flaw that's freaking the internet out
These Companies Had the Worst and Dumbest Password Breaches in 2021
This ransomware may have stolen Christmas in cities, states, and companies across the US
Threat actors to cause significantly more damage through malware and cloud computing
'Tis the Season for Holiday Online Shopping Scams - Don’t Be a Victim
Transamerica sued for allegedly failing to protect against identity theft
U.S. cybersecurity officials see mainly low-impact attacks from logging flaw, so far
UK's New Cyber Strategy Designed to Boost Position as 'Global Cyber Power'
United States and Australia Enter CLOUD Act Agreement to Facilitate Investigations of Serious Crime
Urgent Microsoft warning as hackers target huge weakness to hold you to ransom
US and Australia enter CLOUD Act agreement for cross-border access to electronic evidence
Virginia Reeling from Ransomware
Volvo Cars expansion ambitions dealt serious data security blow
Warning over 'NHS Covid pass' scam and what to do if you receive fraudulent message
We Have Your Files. To Get Them Back, Send Money
Web App Attacks Surge 251% in Two Years
What One University Learned After a Ransomware Attack
When it comes to cyber risk, are you still insurable?
When Not to Trust Zero-Trust
Why Cloud Storage Isn't Immune to Ransomware
Why fraudsters pretend to have better credentials than they actually do
Why Payroll Is The Next Company Security Battleground?
14th December
5 Ways AI Will Revolutionize Cybersecurity
6 Online Shopping Security Threats and How to Avoid Them
400 Banks’ Customers Targeted with Anubis Trojan
Actively Exploited Microsoft Zero-Day Allows App Spoofing, Malware Delivery
Anubis Android malware returns to target 394 financial apps
Apache takes off, nukes insecure feature at the heart of Log4j from orbit with v2.16
Attackers Target Log4J to Drop Ransomware, Web Shells, Backdoors
Australia: Government confirms almost 80,000 public sector employees affected in Frontier Software cyber attack
Azerbaijan turns to international agencies over Armenian cyberattacks
Bangko Sentral ng Pilipinas (BSP) creates task force to investigate hacking incident
Bank warning: HSBC alerts customers to convincing email fraud
Billion-dollar natural gas supplier Superior Plus hit with ransomware
BlackCat, a new ransomware variant has been discovered in the wild
Brazilian Ministry of Health hit by second cyberattack in less than a week
Broad Exposure to Log4shell CVE-2021-44228 Highlights How the Attack Surface Has Exploded
Canada’s health-care cybersecurity is in critical condition
Chinese, Iranian threat groups said to exploit Log4j
Christmas Payroll Fears After Ransomware Hits Software Provider
CISA orders federal agencies to patch Log4Shell by December 24th
CISA orders federal civilian agencies to patch Log4j vulnerability and 12 others by December 24
Cleveland City Hall affected by worldwide ransomware attack
CNC Intelligence Warns that Scammers are Using Misspelled Cryptocurrency URLs to Steal Crypto
Colorado cybersecurity expert explains the Log4j bug that's led to 'tens of thousands' of attacks
Company That Supplies Timesheet Software for Oregon Department of Transportation (ODOT) Suffered Ransomware Attack Over the Weekend
Current state of security operations center performance
Cyber and you: Why it should matter in 2022
Cyber-attack on Financial Apps
Cyberattack on BHG opioid treatment network disrupts patient care
Cyberattacks hit at least 3 Hawaii government systems in past week
Cyberattacks in 2022 Will Look Familiar
Cybercrime incidents on the rise during the pandemic
CyberSaint’s Security and Risk Predictions for 2022
Cybersecurity incident prevents Maryland Health Department from publishing Covid-19 case data
Cybersecurity trends that will change 2022
Department of Homeland Security (DHS) announces 'Hack DHS' bug bounty program for vetted researchers
Digital Safety This Holiday Season
Don’t Become a Victim of This TSA PreCheck Scam
E-commerce: How to build customer trust without sacrificing security
Employees think they’re safe from cyberthreats on company devices
Europe’s Railway Cybersecurity: The importance of continuous credential monitoring
FBI: Pennsylvania led nation in data breach losses in 2020
Five ways to recognise a phishing email to stay safe online
Government unveils national cyber strategy in bid to protect UK from hostile states and ransomware plots
Hackers Exploit Log4j Vulnerability to Infect Computers with Khonsari Ransomware
Hackers steal Microsoft Exchange credentials using IIS module
Hive ransomware claims hundreds of victims in six-month span
How to keep your business safe from cybersecurity threats?
Here We Go Again: Second Log4j Flaw Surfaces
How SMBs Can Arm Employees to Defend Against Cyberattacks
How to Buy Precious Patching Time as Log4j Exploits Fly
How to prevent cyber attacks during remote learning?
How to thwart SIM swapping attacks?
In 2022, Expect More Supply Chain Pain and Changing Security Roles
In-Home Security for Your Devices
IT priorities 2022: Ransomware and cloud drive storage and backup
It Takes A Village To Fight Ransomware
Khonsari ransomware, Iranian group Nemesis Kitten seen exploiting Log4j vulnerability
Kronos ransomware attack: How will this impact paychecks? What we know so far
Kronos ransomware hack threatens businesses
Kronos Sends Clients Elsewhere After Ransomware Attack
Kronos services knocked offline by ransomware attack
Let Customers Know Their Data Is Safe: Cybersecurity As A Marketing Tool
Log4j: List of vulnerable products and vendor advisories
Log4j Bug Could Be Exploited for “Years”
Log4j exploits attempted on 44% of corporate networks; ransomware payloads spotted
Log4j flaw: Nearly half of corporate networks have been targeted by attackers trying to use this vulnerability
Log4j flaw could be a problem for industrial networks 'for years to come'
Log4j flaw puts hundreds of millions of devices at risk, says US cybersecurity agency
Log4j Vulnerability: The Perfect Holiday Present that Nobody Wants
Log4j zero-day flaw: What you need to know and how to protect yourself
Log4j 2 - Beyond Patching: What's Next?
Martin Lewis shares urgent scam warning ahead of Christmas
Microsoft fixes Windows AppX Installer zero-day used by Emotet
Microsoft Issues Windows Update to Patch 0-Day Used to Spread Emotet Malware
Microsoft patches spoofing vulnerability exploited by Emotet (CVE-2021-43890)
Microsoft Patches Zero-Day Spreading Emotet Malware
Microsoft product related login pages are commonly impersonated by cyber criminal
Modern cars: A growing bundle of security vulnerabilities
Most common online scam you need to watch out for
New Microsoft Exchange credential stealing malware could be worse than phishing
New ransomware now being deployed in Log4Shell attacks
New threat intelligence from Sophos following the Apache Log4Shell vulnerability
New York Department of Financial Services (NYDFS) Issues Guidance on Multi-Factor Authentication
Ninety-seven percent of South African IT professionals say their environments don’t prioritise cyber security
Payment Fraud – Top 5 Scams To Look Out For
Personal details of 80,000 South Australian public servants stolen in cyber-attack
Phishing Attacks – Rising Concern in Israel
Police Arrest Suspected Ransomware Actor in Romania
Popular security best practices for hybrid cloud
Preparing for Evolving Phishing Scams
Privileged Access Management (PAM) guidance for the hospitality sector
Propane Gas Distributor Hit With Ransomware
Protect Your Personal Information while Gaming
Ransomware accounts for nearly 50% of security events: Kaspersky
Ransomware attack on national HR company will not impact payroll, says City of Tallahassee
Ransomware Cyberattack Hits Maryland Health Department
Ransomware hits HR solutions provider Kronos, locking customers out of vital services
Ransomware post-mortem: Ireland HSE cyberattack, recovery dogged by missteps
Romanian arrested for ransomware attacks and data theft
Second Log4j Vulnerability (CVE-2021-45046) Discovered — New Patch Released
Second Log4j vulnerability discovered, patch already released
‘Seedworm’ Attackers Target Telcos in Asia, Middle East
Shannon Hospital caught in crossfire of ransomware attack on tech giant, payroll software
Singapore firms warned to quickly fix Log4j software security hole that world experts call worst in years
Squid Game Used as Lure for Malware Campaigns, Phishing Attacks
Superior Plus Hit by Ransomware Attack
Supply Chain Attacks and Cyberinsurance
Tax identity theft: How to protect your credit and finances
Telecom operators targeted in recent espionage hacking campaign
The 10 worst password offenders of 2021
The 10 worst password snafus of 2021
These are the worst password offenders of the year - you'll probably guess a few
This dangerous video scam on Facebook is back to trap users
TinyNuke Banking Trojan Resurfaces, Attacks French Entities
Top workforce management firm Kronos hit by ransomware attack
Truth kept in dark on CS Energy security incident
Understanding how you're targeted by cyberattackers is key to prevention
Virginia legislative agencies and commissions hit with ransomware attack
Virginia legislature hit with ransomware
What Every CEO Should Know About Modern Ransomware Attacks
What the Log4Shell Bug Means for SMBs: Experts Weigh In
Whitehouse ISD gives update on June ransomware attack
With ransomware, hindsight is 20/20
Yes – Vaccine Cold Storage Can Be Hacked
Your company’s payroll service may have been crippled by attack
13th December
7 Cloud Vulnerabilities Endangering Your Data!
51 Arrested in Ukraine for Selling Data of 300M people in EU & US
73 Percent Of Phishing Sites Impersonate Microsoft Product-Related Login Pages
Already Compromised by Apache Log4j? Check Before You Patch
Apache Log4j security flaw presents critical risk to organizations
Are your home security cameras vulnerable to hacking?
Ascendex cryptocurrency exchange hacked – $77 million stolen
AscendEX suspends crypto withdrawals as hack wipes out $77.7 million worth of Ethereum, Polygon and other tokens
As Log4Shell wreaks havoc, payroll service reports ransomware attack
Attackers can get root by crashing Ubuntu’s AccountsService
Biggest Breaches of 2021 – Looking Back at the Year’s Top Cyberattacks
Bugs in billions of WiFi, Bluetooth chips allow password, data theft
Communication Security in IoT
Cork cyber-attack expert warns criminals can ‘re-hit’ organisations
Critical Log4Shell security flaw lets hackers compromise vulnerable servers
Cyber and data security: are employees too ashamed to do the right thing?
Cyber Attack Partially Paralyzes Brazilian Healthcare System
Cyber attack victim bounces back
Cyber resilience will need to be taken more seriously by healthcare in 2022
Cyber-attacks against organisations increase by 13%, mobile devices targeted
Cyberattack on HR company affects West Virginia payroll system; officials roll out backup plans
Cyberattacks Increasing Against Health Care Providers
Cyberattacks on our energy infrastructure: The need for a national response to a national security threat
Cyberattacks target IT and communications sector in 2021
Cybereason Makes Log4Shell ‘Vaccine’ Available
Cybersecurity attack could delay paychecks for some city workers
Cybersecurity in a hybrid world: It takes more than just technology
Cybersecurity ‘Vaccines’ Emerge as Ransomware, Vulnerability Defense
Dell driver fix still allows Windows Kernel-level attacks
Did half of New Zealand businesses really get hit by ransomware this year?
EV certificate usage declining: Is the internet becoming more secure?
Five ways SMBs can combat the growing threat and cost of cyberattacks
Global Ransomware Crisis to Deepen in 2022, Says Avast Researcher
Google pushes emergency Chrome update to fix zero-day used in attacks
Hacker-powered pentests gaining momentum
Hackers Target India’s Prime Minister
Health systems are fighting back against the onslaught of email data breaches
How C-suite executives perceive their organizations’ readiness for ransomware attacks
How can SMBs efficiently move towards Zero Trust?
How Cybersecurity Awareness Shifted in 2021
How Malware Gets On Your Website
How to avoid phishing scams during the holiday season
How To Prevent Insider Threats in Your Organization
How to safeguard your business from cybercrime
How worried should organizations be about their phishing click rate?
Hundreds of SPAR stores forced to shut following a major cyber incident
Indian Prime Minister Modi’s Twitter Account HACKED for Bitcoin scam
Inside Ireland’s Public Healthcare Ransomware Scare
Karakurt: A New Emerging Data Theft and Cyber Extortion Hacking Group
Kronos hit with ransomware, warns of data breach and 'several week' outage
Kronos Payroll Provider Used By Yeshiva University Suffers Ransomware Attack, Expecting ‘Several Weeks’ Unavailability
Kronos ransomware attack may cause weeks of HR solutions downtime
Kronos Ransomware Outage Drives Widespread Payroll Chaos
Kronos Suffers Ransomware Attack, Expects Full Restoration to Take 'Weeks'
Lewis & Clark Community College to resume classes from Tuesday in the midst of ransomware attack
Lexington, Kentucky Takes Systems Offline After ‘External Threat’
Log4j actively exploited, serious complications can occur according to CERT NZ
Log4j exploits suggest attackers gearing up for ransomware
Log4j flaw: Attackers are making thousands of attempts to exploit this severe vulnerability
Log4j RCE activity began on December 1 as botnets start using vulnerability
Log4j update: Experts say log4shell exploits will persist for 'months if not years'
Log4j zero-day flaw: What you need to know and how to protect yourself
Log4Shell Is Spawning Even Nastier Mutations
Log4Shell update: Attack surface, attacks in the wild, mitigation and remediation
Malicious PyPI Code Packages Rack Up Thousands of Downloads
Malicious PyPI packages with over 10,000 downloads taken down
Microsoft Details Building Blocks of Widely Active Qakbot Banking Trojan
MSPs Versus Ransomware in 2022: Where Multi-Layer Security Fits In
Nearly 69,000 affected in San Juan Regional data breach
NHS Covid pass scam warning amid Boris Johnson's booster jab expansion
Nuclear ransomware 3.0, new malware among KnowBe4’s predictions for 2022
One-third of phishing pages only stay active for a day
One-Time Password Security Might Fail 80% of the Time. IAM is Better
Paying a debt by gift card? Don't fall for this scam
Phishing campaign uses PowerPoint macros to drop Agent Tesla
Planned Parenthood LA sued over data theft, ransomware attack affecting 409K
Police arrests ransomware affiliate behind high-profile attacks
Privacy watchdog checks if 'data breach' occurred in BDO hacking complaints
Ransomware: what SMBs needs to know
Ransomware Affiliate Arrested in Romania; 51 Stolen Data Brokers Arrested in Ukraine
Ransomware attack hits Virginia Legislature
Ransomware attacks Shelley School District computers
Ransomware Is Everywhere: What To Do If You Are Hit
Ransomware or Revenge? Former Employee Charged With Extortion
Ransomware Recovery: The Need For Modern Data Protection
Ransomware suspect arrested over attacks on 'high-profile' organisations
Recognizing the Importance of Operational Security
Resolve to Beef up Your Cyber Health
Rise of a new breed of hackers: Initial access brokers break into company networks for other crooks
“Sadistic” Online Extortionist Jailed for 32 Years
Security company offers Log4j 'vaccine' for systems that can't be updated immediately
Seven common types of Phishing attacks that you should be aware of
Sophos threat intelligence shows cyberattackers are exploiting Apache Log4Shell vulnerability to exploit unpatched systems
Standard Bank on delay in telling public about data breach: 'We complied with the law'
State and Local Government Cybersecurity: 2021 Threats, 2022 Strategies
Tales from the Dark Web: Fingerprinting Access Brokers on Criminal Forums
TheBus, Handi-Van websites remain offline following cyberattack
Timekeeping biz Kronos hit by ransomware and warns customers to engage biz continuity plans
TinyNuke info-stealing malware is again attacking French users
Top 3 SaaS Security Threats for 2022
Transamerica Hit With Lawsuit Over Data Breach
Trust in Legacy IT Vendors Drops as Supply Chain Security Issues Increase
Ukraine arrests 51 for selling data of 300 million people in US, EU
Unused identities: A growing security threat
Update Google Chrome to Patch New Zero-Day Exploit Detected in the Wild
Using Zero Trust to Prevent Agency Ransomware Attacks
Virginia IT agency hit with ransomware attack
Virginia's General Assembly is dealing with a cyberattack
Volvo Cars confirm data theft of ‘limited amount’ of its R&D property
Volvo Cars suffers a ransomware attack, loses precious R&D property
What cyber insurance costs by sector
What Is SASE, and How Can It Protect Higher Ed from Ransomware?
What is the Log4Shell vulnerability?
When the question is paying ransom, the answer isn’t always clear
Where the Latest Log4Shell Attacks Are Coming From
Why Classifying Ransomware as a National Security Threat Matters
Why is trust in legacy vendors on shaky ground?
Worldwide Log4j Attacks That Can Deploy Malware Affect Steam, Minecraft, and iCloud
“Worst-Case Scenario” Log4j Exploit Travels the Globe