Editor's Message

Welcome to DBD. On March 8th we celebrated our 4th Anniversary and the 1st Anniversary of our PRiSM application, officially endorsed by the SANS Institute. Despite recent personal issues that have impacted the amount of time I have been able to dedicate to both projects, I have been doing my best to keep everything as up-to-date as possible, and I would like to take this opportunity to thank everyone for their patience and support whilst I navigate through this very difficult time. Stay safe. :)

Monday 13 December 2021

Data Breaches Digest - Week 50 2021

Welcome to this week's Data Breaches Digest, a catalogue of links concerning Data Breaches and Cyber Security that were published on the Internet during the period between 13th December and 19th December 2021.

19th December

2021 Cyber Review: The Year Ransomware Disrupted Infrastructure

Blackmail group Conti uses “Log4Shell” vulnerability for its ransomware

Caution: Log4j and TellYouThePass ransomware are attacking your servers!

Correos explains how to avoid being scammed this Christmas

Crypto Security in 2022: Prepare for More DeFi Hacks, Exchange Outages, and Noob Mistakes

Crypto Users Should Prepare For More Security Threats In 2022

Difficult to determine full blast radius of Internet bugs: Google

Facebook Bans Delhi-based IT Firm BellTroX for Hacking Accounts of Senior Government Officials, Journalists and Others

Grim Finance hacked – $30 million worth of tokens stolen

Hackensack Healthcare Providers Settle Investigation with OAG Following Two Data Breaches

Hive: A terribly lively ransomware franchise

Lessons India Can Draw From Sri Lanka’s Efforts With Data Protection Legislation

Many phishers impersonate government institutions, data shows

Meta bans cyber spying firms from its platforms

NASA: Mars helicopter Ingenuity does not use Log4j

New cyberespionage campaign discovered, possibly linked to Iran

New stealthy DarkWatchman malware hides in the Windows Registry

Over 500,000 Android Users Downloaded a New Joker Malware App from Play Store

Pro Wrestling Tees Issues Out Statement To Customers Following Data Breach

Pro Wrestling Tees Suffers Security Breach, Statement Released

Protecting yourself from cybercrime

'Residents should be wary' - Councils issue warning on Amazon scam ahead of Christmas

Return of Emotet lights up warning of new ransomware attacks

Russian hackers leak confidential UK police data on the 'dark web' after their ransom was rejected

The biggest cyber hacks of 2021

Urgent Phishing Alert: Warn Your Customers Against AdultFriendFinder Cons Today

18th December

5 tell-tale signs of scam emails

Apache Issues 3rd Patch to Fix New High-Severity Log4j Vulnerability

Apache Log4j: New Attack Vectors, Ransomware Seen

Apache releases new 2.17.0 patch for Log4j to solve denial of service vulnerability

Conti Ransomware Group Exploiting Log4j Vulnerability

German audio tech giant Sennheiser exposed 55GB of customers’ data

Hall County’s ‘crippling’ cyberattack last year cost $1.7M. Here’s what else we’ve learned since then

Holiday Cyber Storm Warnings

How to Successfully Handle Press Releases After a Data Breach

Mean Time To Detect (MTTD)

New Local Attack Vector Expands the Attack Surface of Log4j Vulnerability

Privacy Commissioner Notified After Data Breach At Five Counties Children’s Centre

Ransomware persists even as high-profile attacks have slowed

Rising ransomware attacks doubles premium for cyber cover

Telcos Are on Phishers’ Radar, Who Is at Risk?

The game of fraud also runs in the name of Cryptocurrency! In this way you can make safe investments

Three-fourths of organisations in India have been hit by ransomware threat this year

Upgraded to log4j 2.16? Surprise, there's a 2.17 fixing DoS

17th December

5 tips for a stronger cybersecurity posture for retailers

5 trends that will shape the fraud and security landscape in 2022

9 Essential Steps To Take When Your Business Is Hit By A Ransomware Attack

39 Ransomware Groups Targeted Healthcare in the Past 18 Months

91% baiting attacks are launched through Gmail

A Sommelier's Guide To Cybersecurity New Year's Resolutions

All Log4j, logback bugs we know so far and why you MUST ditch 2.15

Android malware warning: Over 500,000 users have been infected after downloading this app from Google Play

Anubis malware resurfaces targeting crypto wallets and banking apps

Apache Log4j Vulnerability – Why It’s Dangerous and How to Prevent a Breach

Are companies unknowingly helping cybercriminals to launch ransomware attacks?

Attacks on UK Firms Increase Five-Fold During Pandemic

B&K Issues Cyber-attack Notice

Barracuda makes nine predictions of what 2022 has in store for cybersecurity

Botnet hijacking hundreds of crypto transactions in India

Brand-New Log4Shell Attack Vector Threatens Local Hosts

Canada’s Desjardins Group Reaches Settlement Over Massive Data Breach in 2019

CISA: Prepare Now for Holiday Cyber Onslaught

Coles, Westpac, AMP and Department of Defence caught up in 'significant' data breach of Finite Recruitment

Companies Face Payroll Problems Following Kronos Ransomware Attack

Conti Gang Suspected of Ransomware Attack on McMenamins

Conti Ransomware Hitting VMware vCenter With Log4j Exploit

Conti ransomware uses Log4j bug to hack VMware vCenter servers

Convergence Ahoy: Get Ready for Cloud-Based Ransomware

Cybersecurity Risks Around Smart City Development

Cybersecurity risks in medical devices

Desjardins could pay $200 million to settle lawsuit from data breach

Desjardins data breach: Class action lawsuit agreement reaches $201 million

Desjardins settles 2019 data breach class action lawsuit for up to nearly $201M

Egyptian exiles targeted with Predator spyware resembling NSO Group's Pegasus

Facebook Bans 7 'Cyber Mercenary' Companies for Spying on 50,000 Users

FBI thinks Ukrainian hackers are behind HelloKitty ransomware

FBI Warns That Cuba Ransomware Gang Made $44 Million After Compromising 49 Critical Infrastructure Entities in Five Sectors

Five things to consider before choosing an MFA solution

Forget Holiday Cheer, The Cream Cheese Shortage Is Here

Freezing Your Credit Can Protect You Against Identity Theft, but Few Consumers Take Advantage

Government alert over new Carte vitale reimbursement scams in France

How falling for a phishing email led to a crippling ransomware attack in Ireland

How password troubles could cost your online business potential sales

How this Delhi IT firm continues to hack influential people globally

How to Block Robotexts and Spam Messages

How To Get Rid of Crypto Virus

How to protect yourself, your finances from scams while doing your holiday shopping

Identity Theft Is Out and Identity Fraud Is In; The Identity Theft Resource Center’s 2022 Predictions Indicate Major Shifts

Increasing cyber risks requires organizations to have extra visibility

India: Data breach to be reported in 72 hours

India Stands Third In Data Breaches! Over 86 Million People Affected Till 2021

Key takeaways from the Log4Shell vulnerability

Khonsari ransomware exploiting Log4j bug to target Minecraft servers, Microsoft confirms

Log4j: Conti ransomware attacking VMware servers and TellYouThePass ransomware hits China

Log4j: Major IT vendors rush out fixes for this flaw and more ahead of Christmas

Log4j vulnerability opened the door to the ransomware operators

Log4Shell – The API Security Challenge

Malicious Joker App Scores Half-Million Downloads on Google Play

Meta: Surveillance-for-Hire Firms Hit 50,000 Victims

Mitigating against DDoS attacks

Nearly a quarter of employees are likely to fall for phishing attacks

Neuberger: Change Your Passwords Now

New Jersey Provider Settles Two Healthcare Data Breach Investigations For $425K

New PseudoManuscrypt Malware Infected Over 35,000 Computers in 2021

New South Wales (NSW) government casual recruiter suffers ransomware hit

Next generation human firewall

Now is a good time to run a simple check and make sure your data is protected

One in Five Employees Fail the Gone Phishin’ Test as Security Hygiene Remains a Chronic Problem

Pengertur Cautions Finnish Consumers Following Massive Malware Attack & Offers Advice to Impacted Mobile Phone Users

Ransomware Actors Attack Most Often on Fridays

Ransomware affects the entire retail supply chain this holiday season

Ransomware Takes Down HR as A Service (HRaaS) for Weeks!

Russian cyber terrorists main suspects for 'very significant' ransomware attack on Irish hospital

Security firm Blumira discovers major new Log4j attack vector

Spider-Man: No Way Home exploited to push phishing and malware scams

Spider-Man Fans Warned About Scams Leveraging New Movie

Spider-Man Movie Release Frenzy Bites Fans with Credit-Card Harvesting

'Supply chain' ransomware attacks like University of Utah's on the rise

Tell your phone carrier to stop selling your personal data (and why you should care)

TellYouThePass ransomware revived in Linux, Windows Log4j attacks

Tens of thousands locked out of Australian Taxation Office (ATO) Online accounts after payroll hack

The Importance of Password Protection for Your Business

The Playbook for Human-Operated Ransomware

The Role Of Endpoint Detection And Response In Today’s Enterprise Security

The Salt Lake City Police Department has issued a warning to residents about a phishing scam using phone calls

This company was hit with ransomware, but didn't have to pay up. Here's how they did it

This Holiday Season, Don't Forget to Prepare Your Organization for Cyber-Threats

Top 5 Ways to Improve Your CyberSecurity Small Businesses

U.S., Australian Law Enforcement Enter Into Partnership Against Cybercrimes

Unauthorized EHR access may have exposed data of 883 Baylor Scott & White patients

What Is Ransomware And How Does It Work?

What you Need to Know About Phishing Malware

Why the healthcare cloud may demand zero trust architecture

Why We Need To Beat ‘Breach Fatigue’ — At Work and at Home

Widely-Used Kronos Payroll Provider Down for “Weeks” Due to Ransomware Attack; Was Log4Shell Involved?

16th December

3 Ways Zero-Trust Network Access (ZTNA) Improves Remote Access Security

4 Ways IP Data Can Help Fight Cybercrime

4-fold rise in data theft in a year, 86.6 million Indian users had personal info stolen, says report

6 life-changing tech habits you need in 2022

60% of UK Workers Have Been Victim of a Cyber-Attack, Yet Awareness Remains Low

2021 in cybersecurity: How did America fare?

Adoption of private 5G networks accelerates, as organizations look to improve security and speed

All Change at the Top as New Ransomware Groups Emerge

Anubis Android malware is targeting your banking apps

Anubis campaign targets hundred of financial apps

Australia: Home Affairs releases second Critical Infrastructure Bill with leftover obligations

Australia: Little oversight over Notifiable Data Breach scheme

Australia and US sign CLOUD Act data-sharing deal to support criminal investigations

Australia's Information Commissioner (OAIC) determines Australian Federal Police (AFP) interfered with privacy of Australians after using Clearview AI

Australian government under a 'significant' ransomware attack disrupting all IT services

Become a ‘smart’ Internet user

Botnet steals half a million dollars in cryptocurrency from victims

Brazil investigates use of staff credentials in cyberattacks against government bodies

CISA, White House urge organizations to get ready for holiday cyberattacks

Cohesity says Philippines customers taking ransomware seriously

Coombe Hospital hit by new ransomware attack

Cryptocurrency, edge, esports are new targets of cyberthreats in 2022

'Cyber is the most dangerous weapon in the world,' JPMorgan council warns

Cyberattack threats likely to increase in new year

Cybersecurity Experts Issue Warning for Google Chrome Users

Cybersecurity in the Higher Education (HE) sector – getting the basics right

‘DarkWatchman’ RAT Shows Evolution in Fileless Malware

Data security is critical to your organization’s reputation strategy

Deepfakes: a future threat to watch as cybercriminals develop their skills in this area

Europe’s quantum communication plans: Defending against state-sponsored cyber attacks

Even the Ingenuity Mars helicopter might be vulnerable to log4j

Experts: All Breach Victims Should Freeze Credit

Facebook disrupts operations of seven surveillance-for-hire firms

FCS Financial Data Breach Alert

Five cybersecurity lessons learned in 2021

France Orders Clearview AI to Delete Data

From ransomware to RansomOps: What you need to know about the newest threat

Google: This zero-click iPhone attack was incredible and terrifying

Growing Cyberthreats, Surging Insurance Costs

Gumtree classifieds site leaked personal info via the F12 key

Homeland Security Offering $5,000 Bug Bounty to Hack DHS

How Universities Can Modernize Their Ransomware Protection

Hive ransomware enters big league with hundreds breached in four months

How expired web domains help criminal hackers unlock enterprise defenses

How organizations should prioritize security vulnerabilities

How SMEs can ensure business IT security measures are sufficient in an evolving threat landscape

How to implement security into software design from the get-go

Iranian hackers target Israel using coding flaw

Iranian Ransomware Is Coming for the United States

Irish health service missed several chances to stop devastating ransomware attack

It’s not all about the C-suite: How to digitally protect employees

Lenovo laptops vulnerable to bug allowing admin privileges

Log4j attackers switch to injecting Monero miners via RMI

Log4j flaw: This new threat is going to affect cybersecurity for a long time

Log4j worm fears arise

Maryland COVID data access ‘partially restored’ after security incident

McMenamins breweries hit by a Conti ransomware attack

McMenamins says it was hit by a ransomware attack

Meta expands bug bounty programme to cover data scraping

Meta removes accounts of spyware company Cytrox after Citizen Lab report on government hacks

Microsoft: Khonsari ransomware hits self-hosted Minecraft servers

MobileIron customers urged to patch systems due to potential Log4j exploitation

Most risk-based vulnerability management programs ineffective

Nation-State, Ransomware Groups Using Log4j Bug In Attacks

Neighboring States Hit By Ransomware Attacks in Two Weeks

New Fileless Malware Uses Windows Registry as Storage to Evade Detection

New Jersey Cancer Care Providers Settle Data Breach Claim

New Phorpiex Botnet Variant Steals Half a Million Dollars in Cryptocurrency

New Zealand: Teaching Council Addresses Inadvertent Data Breach

Newfoundland and Labrador rebuilding 'from scratch' systems downed by cyberattack using backups

NSO zero-click iMessage exploit hacks iPhone without need to click links

Omicron PCR test phishing email scams and all of the other warnings you need to beware of

One Of North America’s Largest Propane Distributors Reports Ransomware Attack

Online Shoppers Could Face Eight Million Credential Stuffing Attacks Per Day Over Christmas

Online shopping at risk: Mobile application and API cyber attacks at critical high

Phorpiex botnet returns with new tricks making it harder to disrupt

‘PseudoManuscrypt’ Mass Spyware Campaign Targets 35K Systems

Ransom DDoS Enters its Fourth Wave

Ransomware attack at HR software provider Ultimate Kronos Group could impact clients for weeks

Ransomware attack impacts University of Utah payroll software

Ransomware Attack on McMenamins Systems May Compromise Personal Information of Employees

Ransomware Attackers Have ‘Industry Standards’ Too

Ransomware strikes widely in Japan, from hospitals to local shops

Researchers Uncover New Coexistence Attacks On Wi-Fi and Bluetooth Chips

Ripon man scammed out of house deposit by fraudsters posing as courier

Sainsbury's payroll hit by Kronos attack

Security priorities are geared toward ongoing remote and hybrid work

Several bank hacking victims claim being doxed by fraudsters

Sounds Phishy – The Rise of Vishing Scams

Spain: Message From Banco Bilbao Vizcaya Argentaria (BBVA) Is A Phishing Scam That Steals Your Personal And Banking Details

Suspected Iranian hackers target airline with new backdoor

The biggest healthcare data breaches of 2021

The impact of the Log4j vulnerability on OT networks

The Inevitability Of Ransomware Attacks: An End-To-End Solution To Recover Without Paying

‘The Internet is on fire’: Why you need to be concerned about Log4Shell

The Long and Short Roads to Security Maturity

The Philippines: Bank fraud probe tags 6 ‘persons of interest’

The security flaw that’s freaked out the internet

The State of Security Assurance in 2021 and Outlook on 2022

‘Tropic Trooper’ Reemerges to Target Transportation Outfits

Trust in Legacy Vendors Sinks as Ransomware Spikes

UK National Cyber Strategy welcomed

UK Venues Must Protect User Privacy During COVID-19 Checks

Understanding the Difference Between Ransomware and Killware

US, EU working to ‘operationalize’ relationship on ransomware

US and Australia Enter CLOUD Act Agreement

US concerns grow over potential Russian cyber targeting of Ukraine amid troop buildup

US cyber security officials see mainly low-impact attacks from logging flaw

Variant of Phorpiex botnet used for cryptocurrency attacks in Ethopia, Nigeria, India and more

What should be Australia’s public sector response to strengthening online security?

What the heck is smishing?

When done right, network segmentation brings rewards

Why the arrests of cyber criminals in 2021 will incentize attackers in 2022

Will Cyber Attack on Payroll Company Keep Some Massachusetts Employees From Being Paid on Time?

15th December

10 Critical Steps to Take After a Ransomware Attack

A ransomware attack has hit a Virginia state agency

After theft of $77.7 million, crypto platform AscendEX to reimburse customers

Allegheny Health Network Says Payroll System Was Hit By Ransomware Attack

Almost every second security event handled by Kaspersky’s incident response team connected to ransomware

Apache’s Fix for Log4Shell Can Lead to DoS Attacks

Attackers Target Log4J to Drop Ransomware, Web Shells, Backdoors

Beating back the ransomware threat in financial services

Chattanooga Chamber of Commerce investigating data breach, up to 2,000 members possibly affected

CISA warns critical infrastructure to stay vigilant for ongoing threats

Covid Pass scam: How to avoid the NHS Covid passport scam texts and where to get a legitimate one

Cyberattacks hit at least 3 Hawaii government systems in past week

Cybercrime can make your Christmas more costly. Here’s what to watch out for

Cybercrime peaks over popular shopping seasons

Cybersecurity: Offers too good to be true? Be wary

Cybersecurity, risk and compliance: What’s in store for 2022?

Cybersecurity experts debate concern over potential Log4j worm

Cybersecurity Standards, Ransomware, and Zero Trust: 3 Key Considerations for the UK Government

Data centre risks: steps to protect the backbone of your business

Debevoise & Plimpton Say Phishing Scam Is Using Firm’s Trademark

Don’t give a Christmas gift to cybercriminals this holiday season

Emotet starts dropping Cobalt Strike again for faster attacks

Endpoint Detection and Response (EDR) vs. Managed Detection and Response (MDR) Services: Which is Right for You?

Facebook to Pay Hackers for Reporting Data Scraping Bugs and Scraped Datasets

Fake Martin Lewis emails spark police warning over scammers after 300 reports

FBI Recovers Oregonians' Stolen Data

Ferndale Warns of Email Virus

Find network breaches before they crush your business

Four financial crime predictions for 2022

Google Disrupts Glupteba Cryptojacking Botnet With Removal of Hosted Ads, Documents and Accounts, & Notifications to Web Hosts

Government Experts in Last Minute Seasonal Scam Warning

Grindr Fined €6.5m for Selling User Data Without Explicit Consent

Grindr’s £8.5m fine slashed despite illegally sharing users’ data in worrying breach

Growing ransomware threat requires greater FSI preparation

Hackers approach staff to assist in ransomware attacks

Hackers Begin Exploiting Second Log4j Vulnerability as a Third Flaw Emerges

Hackers Trying To Exploit Technical Flaw That Could Give Them Access To Computer Systems Around The World

Hackers Using Malicious IIS Server Module to Steal Microsoft Exchange Credentials

HHS: Majority of health systems faced cyberattack in last 18 months

HMRC reported 17 serious data breaches to the ICO in last 15 months

How to beat the cybergrinches when festive shopping online

How to Determine if Your Network Security is Working

How to execute a successful ransomware tabletop exercise

How to protect your Phone from Smishing attacks

Initial access brokers: How are IABs related to the rise in ransomware attacks?

Iranian and Chinese State Hackers Exploiting Log4j Vulnerability

Iranian Hackers Abuse Slack For Cyber Spying

Just in time for Christmas, Kronos payroll and HR cloud software goes offline due to ransomware

Large-scale phishing study shows who bites the bait more often

Law firm Debevoise & Plimpton files lawsuit against domains used in phishing

Less than 2% of businesses use segmentation to protect mission-critical assets

Log4j: How to protect yourself from this security vulnerability

Log4j flaw: Now state-backed hackers are using bug as part of attacks, warns Microsoft

Log4j Looms Large Over Patch Tuesday

Log4j Threat Worsens As Microsoft Warns Of Multiple State-Sponsored Hackers On The Warpath

Log4j vulnerability: Why your hot take on it is wrong

Log4j vulnerability now used by state-backed hackers, access brokers

Log4Shell: A new fix, details of active attacks, and risk mitigation recommendations

Log4Shell: The New Zero-Day Vulnerability in Log4j

Log4Shell Vulnerability: What Security Operations Teams Need to Know Now and How SOAR Can Help You Detect and Respond

Malicious Exchange Server Module Hoovers Up Outlook Credentials

Many SMBs admit they are getting lazy with cybersecurity

McMenamins hit by ransomware attack; chain says customer data appears secure but employee info at risk

Meta targets user information, database scraping in bug bounty expansion

Microsoft confirms new ransomware family deployed via Log4j vulnerability

More than 50% of web servers still use insecure key exchanges

MSSPs Among Hardest Hit by Cyberattacks Targeting Backup Vulnerabilities

New "Hack DHS" program will pay up to $5,000 for discovered vulnerabilities

Notorious HelloKitty hackers tracked to unexpected country

Ongoing evolution of modern ransomware

Only 44% of Patients Trust Healthcare Providers to Safeguard PII

Oregon medical group notifies 750,000 patients of breach, says FBI seized accounts from HelloKitty ransomware

Password offenders: Who’s the naughtiest of them all?

Personal records of 80,000 Australian government employees stolen in cyber attack

Preventing cyber attacks at your home and business

Propane distributor Superior Plus admits ransomware breach

Protect Yourself From Cyber Attacks this Holiday Season

Protection, not cure, is the key to fending off ransomware criminals

Public urged to be vigilant against Covid vaccine and testing scams

Ransomware Attack Delays Pandemic Hazard Pay for Prince George's Health Workers

Ransomware attack has companies, including Giant, trying to find ways to pay employees this week

Ransomware attack threatens paychecks just before Christmas

Ransomware groups will target smaller businesses in 2022

Ransomware in 2022: We're all screwed

Ransomware trends to continue upward in 2022

Relentless Log4j Attacks Include State Actors, Possible Worm

Romanian Authorities Arrests Ransomware Affiliate

SAP Kicks Log4Shell Vulnerability Out of 20 Apps

Scams leave nasty bite & Australians $33m out of pocket in November

Securing The New Hybrid Workplace And Keeping Your Employees Protected

Shopping safely online this festive season

Sites hacked with credit card stealers undetected for months

South Africa: Info watchdog reveals 139 data breaches since POPIA

State-sponsored hackers abuse Slack API to steal airline data

The Cyber Crime Monster Will Only Grow Bigger & Dangerous

The cyber risk future doesn’t look good, but organizations are ready

The Log4J Software Flaw Is ‘Christmas Come Early’ for Cybercriminals

The Strategic Intelligence Value of Ransomware

There's a security flaw that's freaking the internet out

These Companies Had the Worst and Dumbest Password Breaches in 2021

This ransomware may have stolen Christmas in cities, states, and companies across the US

Threat actors to cause significantly more damage through malware and cloud computing

'Tis the Season for Holiday Online Shopping Scams - Don’t Be a Victim

Transamerica sued for allegedly failing to protect against identity theft

U.S. cybersecurity officials see mainly low-impact attacks from logging flaw, so far

UK's New Cyber Strategy Designed to Boost Position as 'Global Cyber Power'

United States and Australia Enter CLOUD Act Agreement to Facilitate Investigations of Serious Crime

Urgent Microsoft warning as hackers target huge weakness to hold you to ransom

US and Australia enter CLOUD Act agreement for cross-border access to electronic evidence

Virginia Reeling from Ransomware

Volvo Cars expansion ambitions dealt serious data security blow

Warning over 'NHS Covid pass' scam and what to do if you receive fraudulent message

We Have Your Files. To Get Them Back, Send Money

Web App Attacks Surge 251% in Two Years

What One University Learned After a Ransomware Attack

When it comes to cyber risk, are you still insurable?

When Not to Trust Zero-Trust

Why Cloud Storage Isn't Immune to Ransomware

Why fraudsters pretend to have better credentials than they actually do

Why Payroll Is The Next Company Security Battleground?

14th December

5 Ways AI Will Revolutionize Cybersecurity

6 Online Shopping Security Threats and How to Avoid Them

400 Banks’ Customers Targeted with Anubis Trojan

Actively Exploited Microsoft Zero-Day Allows App Spoofing, Malware Delivery

Anubis Android malware returns to target 394 financial apps

Apache takes off, nukes insecure feature at the heart of Log4j from orbit with v2.16

Attackers Target Log4J to Drop Ransomware, Web Shells, Backdoors

Australia: Government confirms almost 80,000 public sector employees affected in Frontier Software cyber attack

Azerbaijan turns to international agencies over Armenian cyberattacks

Bangko Sentral ng Pilipinas (BSP) creates task force to investigate hacking incident

Bank warning: HSBC alerts customers to convincing email fraud

Billion-dollar natural gas supplier Superior Plus hit with ransomware

BlackCat, a new ransomware variant has been discovered in the wild

Brazilian Ministry of Health hit by second cyberattack in less than a week

Broad Exposure to Log4shell CVE-2021-44228 Highlights How the Attack Surface Has Exploded

Canada’s health-care cybersecurity is in critical condition

Chinese, Iranian threat groups said to exploit Log4j

Christmas Payroll Fears After Ransomware Hits Software Provider

CISA orders federal agencies to patch Log4Shell by December 24th

CISA orders federal civilian agencies to patch Log4j vulnerability and 12 others by December 24

Cleveland City Hall affected by worldwide ransomware attack

CNC Intelligence Warns that Scammers are Using Misspelled Cryptocurrency URLs to Steal Crypto

Colorado cybersecurity expert explains the Log4j bug that's led to 'tens of thousands' of attacks

Company That Supplies Timesheet Software for Oregon Department of Transportation (ODOT) Suffered Ransomware Attack Over the Weekend

Current state of security operations center performance

Cyber and you: Why it should matter in 2022

Cyber-attack on Financial Apps

Cyberattack on BHG opioid treatment network disrupts patient care

Cyberattacks hit at least 3 Hawaii government systems in past week

Cyberattacks in 2022 Will Look Familiar

Cybercrime incidents on the rise during the pandemic

CyberSaint’s Security and Risk Predictions for 2022

Cybersecurity incident prevents Maryland Health Department from publishing Covid-19 case data

Cybersecurity trends that will change 2022

Department of Homeland Security (DHS) announces 'Hack DHS' bug bounty program for vetted researchers

Digital Safety This Holiday Season

Don’t Become a Victim of This TSA PreCheck Scam

E-commerce: How to build customer trust without sacrificing security

Employees think they’re safe from cyberthreats on company devices

Europe’s Railway Cybersecurity: The importance of continuous credential monitoring

FBI: Pennsylvania led nation in data breach losses in 2020

Five ways to recognise a phishing email to stay safe online

Government unveils national cyber strategy in bid to protect UK from hostile states and ransomware plots

Hackers Exploit Log4j Vulnerability to Infect Computers with Khonsari Ransomware

Hackers steal Microsoft Exchange credentials using IIS module

Hive ransomware claims hundreds of victims in six-month span

How to keep your business safe from cybersecurity threats?

Here We Go Again: Second Log4j Flaw Surfaces

How SMBs Can Arm Employees to Defend Against Cyberattacks

How to Buy Precious Patching Time as Log4j Exploits Fly

How to prevent cyber attacks during remote learning?

How to thwart SIM swapping attacks?

In 2022, Expect More Supply Chain Pain and Changing Security Roles

In-Home Security for Your Devices

IT priorities 2022: Ransomware and cloud drive storage and backup

It Takes A Village To Fight Ransomware

Khonsari ransomware, Iranian group Nemesis Kitten seen exploiting Log4j vulnerability

Kronos ransomware attack: How will this impact paychecks? What we know so far

Kronos ransomware hack threatens businesses

Kronos Sends Clients Elsewhere After Ransomware Attack

Kronos services knocked offline by ransomware attack

Let Customers Know Their Data Is Safe: Cybersecurity As A Marketing Tool

Log4j: List of vulnerable products and vendor advisories

Log4j Bug Could Be Exploited for “Years”

Log4j exploits attempted on 44% of corporate networks; ransomware payloads spotted

Log4j flaw: Nearly half of corporate networks have been targeted by attackers trying to use this vulnerability

Log4j flaw could be a problem for industrial networks 'for years to come'

Log4j flaw puts hundreds of millions of devices at risk, says US cybersecurity agency

Log4j Vulnerability: The Perfect Holiday Present that Nobody Wants

Log4j zero-day flaw: What you need to know and how to protect yourself

Log4j 2 - Beyond Patching: What's Next?

Martin Lewis shares urgent scam warning ahead of Christmas

Microsoft fixes Windows AppX Installer zero-day used by Emotet

Microsoft Issues Windows Update to Patch 0-Day Used to Spread Emotet Malware

Microsoft patches spoofing vulnerability exploited by Emotet (CVE-2021-43890)

Microsoft Patches Zero-Day Spreading Emotet Malware

Microsoft product related login pages are commonly impersonated by cyber criminal

Modern cars: A growing bundle of security vulnerabilities

Most common online scam you need to watch out for

New Microsoft Exchange credential stealing malware could be worse than phishing

New ransomware now being deployed in Log4Shell attacks

New threat intelligence from Sophos following the Apache Log4Shell vulnerability

New York Department of Financial Services (NYDFS) Issues Guidance on Multi-Factor Authentication

Ninety-seven percent of South African IT professionals say their environments don’t prioritise cyber security

Payment Fraud – Top 5 Scams To Look Out For

Personal details of 80,000 South Australian public servants stolen in cyber-attack

Phishing Attacks – Rising Concern in Israel

Police Arrest Suspected Ransomware Actor in Romania

Popular security best practices for hybrid cloud

Preparing for Evolving Phishing Scams

Privileged Access Management (PAM) guidance for the hospitality sector

Propane Gas Distributor Hit With Ransomware

Protect Your Personal Information while Gaming

Ransomware accounts for nearly 50% of security events: Kaspersky

Ransomware attack on national HR company will not impact payroll, says City of Tallahassee

Ransomware Cyberattack Hits Maryland Health Department

Ransomware hits HR solutions provider Kronos, locking customers out of vital services

Ransomware post-mortem: Ireland HSE cyberattack, recovery dogged by missteps

Romanian arrested for ransomware attacks and data theft

Second Log4j Vulnerability (CVE-2021-45046) Discovered — New Patch Released

Second Log4j vulnerability discovered, patch already released

‘Seedworm’ Attackers Target Telcos in Asia, Middle East

Shannon Hospital caught in crossfire of ransomware attack on tech giant, payroll software

Singapore firms warned to quickly fix Log4j software security hole that world experts call worst in years

Squid Game Used as Lure for Malware Campaigns, Phishing Attacks

Superior Plus Hit by Ransomware Attack

Supply Chain Attacks and Cyberinsurance

Tax identity theft: How to protect your credit and finances

Telecom operators targeted in recent espionage hacking campaign

The 10 worst password offenders of 2021

The 10 worst password snafus of 2021

These are the worst password offenders of the year - you'll probably guess a few

This dangerous video scam on Facebook is back to trap users

TinyNuke Banking Trojan Resurfaces, Attacks French Entities

Top workforce management firm Kronos hit by ransomware attack

Truth kept in dark on CS Energy security incident

Understanding how you're targeted by cyberattackers is key to prevention

Virginia legislative agencies and commissions hit with ransomware attack

Virginia legislature hit with ransomware

What Every CEO Should Know About Modern Ransomware Attacks

What the Log4Shell Bug Means for SMBs: Experts Weigh In

Whitehouse ISD gives update on June ransomware attack

With ransomware, hindsight is 20/20

Yes – Vaccine Cold Storage Can Be Hacked

Your company’s payroll service may have been crippled by attack

13th December

7 Cloud Vulnerabilities Endangering Your Data!

51 Arrested in Ukraine for Selling Data of 300M people in EU & US

73 Percent Of Phishing Sites Impersonate Microsoft Product-Related Login Pages

Already Compromised by Apache Log4j? Check Before You Patch

Apache Log4j security flaw presents critical risk to organizations

Are your home security cameras vulnerable to hacking?

Ascendex cryptocurrency exchange hacked – $77 million stolen

AscendEX suspends crypto withdrawals as hack wipes out $77.7 million worth of Ethereum, Polygon and other tokens

As Log4Shell wreaks havoc, payroll service reports ransomware attack

Attackers can get root by crashing Ubuntu’s AccountsService

Biggest Breaches of 2021 – Looking Back at the Year’s Top Cyberattacks

Bugs in billions of WiFi, Bluetooth chips allow password, data theft

Communication Security in IoT

Cork cyber-attack expert warns criminals can ‘re-hit’ organisations

Critical Log4Shell security flaw lets hackers compromise vulnerable servers

Cyber and data security: are employees too ashamed to do the right thing?

Cyber Attack Partially Paralyzes Brazilian Healthcare System

Cyber attack victim bounces back

Cyber resilience will need to be taken more seriously by healthcare in 2022

Cyber-attacks against organisations increase by 13%, mobile devices targeted

Cyberattack on HR company affects West Virginia payroll system; officials roll out backup plans

Cyberattacks Increasing Against Health Care Providers

Cyberattacks on our energy infrastructure: The need for a national response to a national security threat

Cyberattacks target IT and communications sector in 2021

Cybereason Makes Log4Shell ‘Vaccine’ Available

Cybersecurity attack could delay paychecks for some city workers

Cybersecurity in a hybrid world: It takes more than just technology

Cybersecurity ‘Vaccines’ Emerge as Ransomware, Vulnerability Defense

Dell driver fix still allows Windows Kernel-level attacks

Did half of New Zealand businesses really get hit by ransomware this year?

EV certificate usage declining: Is the internet becoming more secure?

Five ways SMBs can combat the growing threat and cost of cyberattacks

Global Ransomware Crisis to Deepen in 2022, Says Avast Researcher

Google pushes emergency Chrome update to fix zero-day used in attacks

Hacker-powered pentests gaining momentum

Hackers Target India’s Prime Minister

Health systems are fighting back against the onslaught of email data breaches

How C-suite executives perceive their organizations’ readiness for ransomware attacks

How can SMBs efficiently move towards Zero Trust?

How Cybersecurity Awareness Shifted in 2021

How Malware Gets On Your Website

How to avoid phishing scams during the holiday season

How To Prevent Insider Threats in Your Organization

How to safeguard your business from cybercrime

How worried should organizations be about their phishing click rate?

Hundreds of SPAR stores forced to shut following a major cyber incident

Indian Prime Minister Modi’s Twitter Account HACKED for Bitcoin scam

Inside Ireland’s Public Healthcare Ransomware Scare

Karakurt: A New Emerging Data Theft and Cyber Extortion Hacking Group

Kronos hit with ransomware, warns of data breach and 'several week' outage

Kronos Payroll Provider Used By Yeshiva University Suffers Ransomware Attack, Expecting ‘Several Weeks’ Unavailability

Kronos ransomware attack may cause weeks of HR solutions downtime

Kronos Ransomware Outage Drives Widespread Payroll Chaos

Kronos Suffers Ransomware Attack, Expects Full Restoration to Take 'Weeks'

Lewis & Clark Community College to resume classes from Tuesday in the midst of ransomware attack

Lexington, Kentucky Takes Systems Offline After ‘External Threat’

Log4j actively exploited, serious complications can occur according to CERT NZ

Log4j exploits suggest attackers gearing up for ransomware

Log4j flaw: Attackers are making thousands of attempts to exploit this severe vulnerability

Log4j RCE activity began on December 1 as botnets start using vulnerability

Log4j update: Experts say log4shell exploits will persist for 'months if not years'

Log4j zero-day flaw: What you need to know and how to protect yourself

Log4Shell Is Spawning Even Nastier Mutations

Log4Shell update: Attack surface, attacks in the wild, mitigation and remediation

Malicious PyPI Code Packages Rack Up Thousands of Downloads

Malicious PyPI packages with over 10,000 downloads taken down

Microsoft Details Building Blocks of Widely Active Qakbot Banking Trojan

MSPs Versus Ransomware in 2022: Where Multi-Layer Security Fits In

Nearly 69,000 affected in San Juan Regional data breach

NHS Covid pass scam warning amid Boris Johnson's booster jab expansion

Nuclear ransomware 3.0, new malware among KnowBe4’s predictions for 2022

One-third of phishing pages only stay active for a day

One-Time Password Security Might Fail 80% of the Time. IAM is Better

Paying a debt by gift card? Don't fall for this scam

Phishing campaign uses PowerPoint macros to drop Agent Tesla

Planned Parenthood LA sued over data theft, ransomware attack affecting 409K

Police arrests ransomware affiliate behind high-profile attacks

Privacy watchdog checks if 'data breach' occurred in BDO hacking complaints

Ransomware: what SMBs needs to know

Ransomware Affiliate Arrested in Romania; 51 Stolen Data Brokers Arrested in Ukraine

Ransomware attack hits Virginia Legislature

Ransomware attacks Shelley School District computers

Ransomware Is Everywhere: What To Do If You Are Hit

Ransomware or Revenge? Former Employee Charged With Extortion

Ransomware Recovery: The Need For Modern Data Protection

Ransomware suspect arrested over attacks on 'high-profile' organisations

Recognizing the Importance of Operational Security

Resolve to Beef up Your Cyber Health

Rise of a new breed of hackers: Initial access brokers break into company networks for other crooks

“Sadistic” Online Extortionist Jailed for 32 Years

Security company offers Log4j 'vaccine' for systems that can't be updated immediately

Seven common types of Phishing attacks that you should be aware of

Sophos threat intelligence shows cyberattackers are exploiting Apache Log4Shell vulnerability to exploit unpatched systems

Standard Bank on delay in telling public about data breach: 'We complied with the law'

State and Local Government Cybersecurity: 2021 Threats, 2022 Strategies

Tales from the Dark Web: Fingerprinting Access Brokers on Criminal Forums

TheBus, Handi-Van websites remain offline following cyberattack

Timekeeping biz Kronos hit by ransomware and warns customers to engage biz continuity plans

TinyNuke info-stealing malware is again attacking French users

Top 3 SaaS Security Threats for 2022

Transamerica Hit With Lawsuit Over Data Breach

Trust in Legacy IT Vendors Drops as Supply Chain Security Issues Increase

Ukraine arrests 51 for selling data of 300 million people in US, EU

Unused identities: A growing security threat

Update Google Chrome to Patch New Zero-Day Exploit Detected in the Wild

Using Zero Trust to Prevent Agency Ransomware Attacks

Virginia IT agency hit with ransomware attack

Virginia's General Assembly is dealing with a cyberattack

Volvo Cars confirm data theft of ‘limited amount’ of its R&D property

Volvo Cars suffers a ransomware attack, loses precious R&D property

What cyber insurance costs by sector

What Is SASE, and How Can It Protect Higher Ed from Ransomware?

What is the Log4Shell vulnerability?

When the question is paying ransom, the answer isn’t always clear

Where the Latest Log4Shell Attacks Are Coming From

Why Classifying Ransomware as a National Security Threat Matters

Why is trust in legacy vendors on shaky ground?

Worldwide Log4j Attacks That Can Deploy Malware Affect Steam, Minecraft, and iCloud

“Worst-Case Scenario” Log4j Exploit Travels the Globe