Editor's Message

Welcome to DBD. 2023 has been the worst year on record for Data-Leaking Ransomware Attacks, and despite Law Enforcement gains, show no signs of slowing down. On a more positive note, our PRiSM platform continues to gain recognition and is now officially endorsed as a Ransomware Intelligence Resource by the SANS Institute. With that in mind, we would like to take this opportunity to thank you for all your very much appreciated and continued support. Stay safe. :)

Monday 10 January 2022

Data Breaches Digest - Week 02 2022

Welcome to this week's Data Breaches Digest, a catalogue of links concerning Data Breaches and Cyber Security that were published on the Internet during the period between 10th January and 16th January 2022.

16th January

3 Security Practices Entrepreneurs Are Adopting In 2022

A New Destructive Malware Targeting Ukrainian Government and Business Entities

ABFRL faces data breach, over 5.4 million emails allegedly released online

ABFRL faces data breach on its portal

Are Expired Domains a Security Concern? How to Avoid Domain Expiration

Belarus hackers behind the Ukraine cyberattack, Russia arrests ransomware hacker at US request

Beware the QR code scams

Crawford County grappling with ransomware attack aftermath

Custom-written malware discovered across Windows, macOS, and Linux systems

Cyber Threats and How Good Cyber Security Practices Keep Online Gambling Safe

Data breach at Palliser School Division has teachers furious

Don’t be prey to Microsoft edge update. It’s nothing, just a Ransomware attack

Email outage affects Shenandoah County businesses

Four steps to enhance ransomware protection for the firm

Google Ads Accidentally Approved Target Gift Card Scam, Phishing Website Caught by Redditor

Google Users at Risk of New Safari Bug! Logged-In Accounts and Browsing History Information Can Be Compromised

High-Severity Vulnerability in 3 WordPress Plugins Affected 84,000 Websites

Labour’s data breach means local parties not receiving their owed funds

'Lock it down and piss people off': How quick thinking stopped a ransomware attack from crippling a Florida hospital

Magniber ransomware being spread in the guise of a legit Microsoft Edge and Google Chrome update

Microsoft: Fake ransomware targets Ukraine in data-wiping attacks

Microsoft Discloses Malware Attack on Ukraine Government Networks

Microsoft finds 'destructive' malware in Ukraine

Microsoft says 'destructive malware' being used against Ukrainian organizations

Microsoft says it observed destructive malware in systems belonging to several Ukraine government agencies

Microsoft warns of destructive malware in computer systems of Ukrainian state institutions

Microsoft Warns Users of Fake Ransomware Spreading Data-Wiping Malware

New ransomware attacking organisational networks through ‘infected’ USB drives

New Unpatched Apple Safari Browser Bug Allows Cross-Site User Tracking

Nigerian Communications Commission (NCC) raises alarm over new ransomware attacking organizational networks

North Korean Cybercriminals Stole Nearly $400 Million Worth of Digital Assets in 2021

REvil ransomware group shuttered by Russian FSB

Singapore Central Bank considers action against OCBC for phishing scam

SnatchCrypto attack hits DeFi and Blockchain Platforms with backdoor

The importance of sandboxing for SMBs

Ukraine blames Russia for cyberattack against government websites

Ukraine claims Russia behind cyberattack in ‘hybrid war’

Ukraine government agencies' computer systems infected with malware, Microsoft says

Ukraine says Russia behind cyberattack in ‘hybrid war’ move

Ukrainian government computer systems infected with malware: Microsoft

Ukrainian Government Officially Accuses Russia of Recent Cyberattacks

‘We have to show strength’: Calls grow for U.S. to deter Russian hackers

15th January

9 Times Hackers Targeted Cyberattacks on Industrial Facilities

Aditya Birla Fashion (ABFRL) Data Allegedly Leaked Online, Over 5 Million Email Addresses Breached

Brunei Postal Department warns of phishing scams via WhatsApp

City of Tenino loses $280,309 to phishing email scam, state Auditor’s Office says

Considering a Move to Zero Trust Security? Keep these Identity Security Practices and Resources in Mind

Cybercriminals increase phishing attacks on social networks

Don’t download this COVID app! It’s spreading malware

Five cybersecurity myths that are compromising your data

‘Golden era’ for cyber attacks as criminals take advantage of pandemic

Hackers disrupt payroll for thousands of employers - including hospitals

Hackers Use Legitimate Adobe Emails to Harvest Credentials

Largest dark web market for stolen cards UniCC calls it quits

Linux malware sees 35% growth during 2021

macOS, Windows, Linux all targeted by new cross-platform exploit

Moscow court charges 8 alleged REvil ransomware hackers

New York City schools crippled by week-long data service systems outage

No lights, no heat, no money - that's life in Ukraine during cyber warfare

North Korean Hackers Carefully Stole $400 Million in Crypto Last Year

North Korean hackers said to have stolen nearly $400 million in cryptocurrency last year

Qlocker ransomware returns to target QNAP NAS devices worldwide

Russia Arrests REvil Ransomware Gang Responsible for High-Profile Cyber Attacks

Russia charges 8 suspected REvil ransomware gang members

Russia claims to have brought down the REvil ransomware ring

Russia ”neutralizes” REvil ransomware gang, arrests 14

Russia takes down REvil hacking group at U.S. request

SRT email service outage continues

The huge sums of money that explain why there are so many SMS and email phishing scams in Spain

U.S., France discuss measures to support Ukraine after cyberattack on government websites

Warning! DON'T Download this Update for Chrome, Microsoft Edge

14th January

3rd-party flaws allowed a teen hacker to track location of Tesla cars

2022 Cybersecurity Guide: The Security Gift For Your Loved Ones

A 'massive' hacking attack has hit government websites in Ukraine

Accellion claims no ‘guarantee’ of security in $8.1M breach settlement

Accellion to pay $8.1M in proposed data breach settlement

Amazon fixes security flaw in AWS Glue service

Amazon Web Services (AWS) Patches Glue Bug That Put Customer Data at Risk

Auto parts maker Denso targeted in ransomware cyberattack

‘Be Afraid:’ Massive Cyberattack Downs Ukrainian Government Sites

Be Ransom Wary: How Small Businesses Are Vulnerable To Cybercrime

Buckeye Broadband email accounts down due to ransomware attack

CISA Warning: Log4j Poses Long-Term Risk to Critical Infrastructure

Clinic Breach Affecting 200,000 Tied to Vendor's 2020 Attack

Cold calling O2 scam artists are offering 40% plan discounts, free phone contracts for your security code

Computer hackers apparently target City of North Port

Critical Cisco Contact Center Bug Threatens Customer-Service Havoc

Dark web carding platform UniCC shuts up shop after making millions

Data breach: Sheffield Council reprimanded after 8.6 million vehicle number plates were shared on the internet

Defense contractor Hensoldt confirms Lorenz ransomware attack

EHR vendor QRS sued over breach to patient portal server

Email Service Mail2World Reported Down

Financial Services Providers: Checklist for Ensuring Open Banking Apps are Secured

Flaw Found in Biometric ID Devices

Former DHS official charged with stealing govt employees' PII

Four Ways Retailers Can Prevent and Protect Customers from a Cyber Security Attack

Goodwill discloses data breach on its ShopGoodwill platform

Hacker group REvil arrested, dismantled at US request: Russian intelligence agency

Hacking Is the New Car Jacking: How To Secure Vehicle Data

How do you educate others about cybercrime?

How to protect yourself against Sim-swapping scams with mobile phone fraud on the rise

Husband-Wife Arrested in Ukraine for Ransomware Attacks on Foreign Companies

Husband and wife among ransomware operators arrested in Ukraine

In 2022, AI-based full-suite security is needed

In Government, Access Control Means Cybersecurity

Incident Of The week: VMware Horizon targeted by attackers exploiting Log4j

Insider Threats are a Quiet Risk in your System

Lasting Effects of Kronos Cyberattack Ripple Through Healthcare

Magniber Ransomware is becoming a nightmare for Edge users

Malaysia: Some 71% cyber frauds reported last year

Manufacturers are starting to realize the importance of Operational Technology (OT) security

Maryland Department of Health confirms ransomware attack

Maryland lawmaker: Officials misled on ransomware attack

Massive Cyber Attack Knocks Down Ukrainian Government Websites

Massive cyberattack hits Ukrainian government

‘Massive’ Cyberattack on Ukraine Cripples Government Websites

Measuring Cybersecurity Effectiveness Is the Only Way to Know if You Are Protected

Mitigate password spraying risks through decentralization

Mitigating Insider Security Threats with Zero Trust

Multi-day IT systems outage whacks umbrella biz Parasol Group amid fears of a cyber attack

Multiple Ukrainian government websites hacked and defaced

NatWest ‘new device registered’ scam texts: what to look out for

North Korea hackers stole US$400mln of crypto last year

North Korea hackers stole $400m of cryptocurrency in 2021, report says

North Korean Hackers Stole $400m in Cryptocurrency Last Year

North Korean hackers stole a record-breaking amount of cryptocurrency last year

North Korean Hackers Stole Millions from Cryptocurrency Startups Worldwide

OCBC Singapore scam victims, many who lost life savings, slam bank for underwhelming response

Open-Source Software Now Considered A Potential National Security Threat After Log4j Crisis

Oscar Health Plan of California Notice of Data Breach

Pandemic brings new data risks

Pegasus used to target El Salvador activists, journalists

Questions linger after Maryland Department of Health (MDH) ransomware attack

Ransomware attack at Durham Johnston School

Ransomware Detection Through Threat Hunting

Ransomware sets its sights on IOT/OT

Real Big Phish: Mobile Phishing & Managing User Fallibility

Researchers develop CAPTCHA solver to aid dark web research

REvil ransomware gang arrested in Russia

Russia Arrests 14 Suspected REvil Ransomware Group Members

Russia arrests ransomware gang responsible for high-profile cyberattacks

Russia arrests REvil ransomware gang members at request of US officials

Russia Nabs Colonial Pipeline Hacker In Raids On Ransomware Ring, U.S. Says

Russia Stops REvil

Russia takes down high-profile hackers

Russian authorities take down REvil ransomware gang

Russian government arrests REvil ransomware gang members

Russian Security Takes Down REvil Ransomware Gang

Security Service of Ukraine (SSU) Assures Of No Personal Data Breach Due To Cyberattack On Public Authorities

Singapore: Beware of scam calls claiming to be from government agencies

Smell something phishy? The rise of phishing scams

SnatchCrypto campaign plants backdoors in crypto startups, DeFi, blockchain networks

State police warn of new 'phishing' scam that involves parking meters

Tech Giants to Team-Up on Open Source Security After White House Meet

The Federal Government is Tired of Ransomware

The future of security protocols for remote work

The growing menace of QR Code scams - here's how to stay safe

The Philippines: ‘No evidence of data breach’

The race towards renewable energy is creating new cybersecurity risks

Three Plugins with Same Bug Put 84K WordPress Sites at Risk

Top 10 Cybersecurity Terms and Meanings that Professionals should Know

Top Illicit Carding Marketplace UniCC Abruptly Shuts Down

Transport for NSW finds more customers, employees impacted by Accellion breach

U.K. Hacker Jailed for Spying on Children and Downloading Indecent Images

Ukraine cyber-attack: Russia to blame for hack, says Kyiv

Ukraine says more than 70 government websites were defaced, 10 were subjected to 'unauthorized interference'

Ukrainian Cops Bust Suspected $1m Cybercrime Ring

Ukrainian Government Websites Forced Offline in "Massive" Cyber-Attack

US officials believe Russia arrested hacker responsible for Colonial Pipeline attack

Watch out, that Microsoft Edge update is actually ransomware

What is a ransomware recovery plan and does your company have one?

What Is Ransomware?

What is ransomware and how does it work?

What to do if you’re the victim of a ransomware attack in 5 steps

What’s on the security radar?

White House confirms person behind Colonial Pipeline ransomware attack nabbed during Russian REvil raid

White House reminds tech giants open source is a national security issue

Why Is Data Destruction the Best Way to Impede Data Breach Risks?

Why Third Parties are the Source of So Many Hacks

Windows 10 antivirus weakness lets attackers evade detection

Your Multi-Factor Authentication Technology is Already Compromised – Here's How

13th January

4 Biggest Security Threats to Startups

2021 Ransomware Attack Report

Accellion reaches $8.1 million settlement to resolve data breach litigation

Adobe Cloud Abused to Steal Office 365, Gmail Credentials

Advanced scams, data breaches, crypto and NFT attacks to shape cyberthreat landscape in 2022

Albuquerque real estate industry grappling with ransomware fallout

All 2 BILLION WhatsApp users warned of simple mistake that can get your account hacked

Amazon Web Services (AWS) fixes security flaws that exposed AWS customer data

Analytics Are Essential for Effective Database Security

Android users can now disable 2G to block Stingray attacks

Attackers use Adobe Cloud to host phishing documents

BlueNoroff hackers steal crypto using fake MetaMask extension

Broward Health sued over October data breach that exposed 1.3 million patients' info

Bunnings customers exposed in data breach

Carding site UniCC retires after generating $358 million in sales

China-Based Ransomware Operator Exploiting Log4j Vulnerability

Cisco Releases Patch for Critical Bug Affecting Unified CCMP and Unified CCDM

Cloudflare Radar releases surprising internet traffic and security statistics in 2021 review

Cops warn of increasing number of bank scams as fraudsters target residents in Spain’s Palma

Councillors refuse public release of IT audit of Hackney Pysa ransomware attack

Criminalising Cybercrime and Raising the Risk for Cyber-attackers

Cyberattack forces Albuquerque schools to close

Cyberattack shuts down Albuquerque schools; county copes with ransomware incident

Cybersecurity Trends for 2022

Data Breach and You: The Dark Side of the Net

Data Leak v Data Loss: What’s The Difference?

DDoS Attacks Broke All Records in 2021

Delivering vulnerable signed kernel drivers remains popular among attackers

El Salvador journalists and activists hacked with spyware

Fake Telegram App Distributes Purple Fox Malware

FBI arrests social engineer who allegedly stole unpublished manuscripts from authors

FBI Issues Warning on FIN7 USB Stick Exploit

FBI shifting cybercrime focus from arrests, indictments to payment seizures, incident response

Federal Communications Commission (FCC) proposes overhauling data breach reporting rules

Federal Communications Commission (FCC) Proposes Stricter Data Breach Reporting Requirements

Federal Communications Commission (FCC) wants new data breach reporting rules for telecom carriers

Financial Institutions Must Be Alert To Ransomware Attacks in 2022

Fingers point to Lazarus, Cobalt, FIN7 as key hacking groups attacking finance industry

GootLoader Hackers Targeting Employees of Law and Accounting Firms

Hackers attack Argentina’s Senate website, steal information and demand ransom

Hackers buying space from major cloud providers to distribute malware

Hot wallet hack: Hackers steal $18.7m from Animoca’s Lympo NTF platform

Hotel chain switches to Chrome OS after Windows ransomware attack

How Cybercriminals Are Cashing in on the Culture of 'Yes'

How Do I Protect Myself From Cyber Threats?

How Healthcare Organizations Can Reduce Their Security Risk

How small organizations can mitigate ransomware risk

How threat intelligence can help the financial industry prepare for cyber threats

How to Cyberproof the Private Sector

How to ensure a Zero-Trust approach for remote workers

IBM predicting what 2022 holds for cybersecurity

Iran-linked APT35 group exploits Log4Shell flaw

Iranian Hackers Exploit Log4j Vulnerability to Deploy PowerShell Backdoor

Is ransomware as a service going out of style?

Is there a path forward in Congress for mandatory cyber incident reporting?

Kaspersky lists 5 cyber threats to watch for in 2022

Kronos hackers stole personal info of Metro-North workers, MTA says

Largest darknet stolen credit card site closes

Lazarus, Cobalt, and FIN7 have all been identified as major hacker organisations targeting the financial sector

Log4j: Google and IBM call for list of critical open source projects

Maryland confirms ransomware attack at health agency

Maryland Department of Health Systems Down 1 Month After Ransomware Attack

Massachusetts State Police warn of parking scam that uses QR codes to steal bank account, credit card information

Microsoft Defender weakness lets hackers bypass malware detection

Microsoft RDP Bug Enables Data Theft, Smart-Card Hijacking

Microsoft Zero Trust Solutions Help Drive 50% Lower Chance of Data Breach, Says New Research Study

Most Users Are Unaware That Their Passwords Are Compromised, New Study Shows

New GootLoader Campaign Targets Accounting, Law Firms

New Mexico County Recovering from Ransomware Attack

New study reveals phishing simulations might not be effective in training users

New "Undetected" Backdoor Runs Across Three OS Platforms

New Zealand: 5 cyber threats to look out for this year

North Korean APTs Stole ~$400M in Crypto in 2021

NSO spyware found targeting journalists and NGOs in El Salvador

OCBC phishing scam underscores trade-off between convenience and security, with bank customers at risk

Phishers are targeting Office 365 users by exploiting Adobe Cloud

Putting Skin in the Cyber Insurance Game

QR code scams are on the rise. Here's how not to get duped

Ransomware attack impacts Buckeye Broadband email service vendor

Ransomware attack on New Mexico jail put prisoners in lockdown

Ransomware Attack on Portuguese Media Company Impresa Compromised AWS Account, Disrupted Expresso Newspaper and SIC TV Stations

Ransomware attack on vendor shuts down Buckeye email services

Ransomware attacks hammer some of Oregon’s best-known brands: McMenamins, Yoshida, Bob’s Red Mill

Ransomware is being rewritten in Go for joint attacks on Windows, Linux users

Ransomware locks down prison, knocks systems offline

Ransomware used to target reproductive health clinic

Rate Of Russian Ransomware Attacks Has Yet To Slow Down

Report Identifies Weaknesses in Online Banking Security

Researchers Decrypted Qakbot Banking Trojan's Encrypted Registry Keys

Scams involving QR codes have become increasingly common. Here’s how you can avoid being taken advantage of

Security Check in the Remote Work Age

Singapore: 1,200 phishing scams since December; some culprits impersonate officials and use stolen data to set up e-wallet

Singapore: Police warn of re-emergence of phishing scams involving e-wallets

The Boardroom Isn’t Ready for the Next SolarWinds

The Human Resources Impact Of The Kronos Ransomware Attack

The public sector is more concerned about external than internal threats

The Rhode Island Public Transit Authority (RIPTA) Data Breach May Provide Valuable Lessons About Data Collection and Retention

The rising threat of cyber criminals targeting cloud infrastructure in 2022

Trickbot takes top malware spot in Australia, Emotet returns

UK jails man for spying on kids, adults with Remote Access Trojans

Ukraine Police Bust Ransomware Suspects Tied to 50 Attacks

Ukrainian cops nab husband and wife suspected to be part of $1m ransomware operation

Ukrainian police arrest five members of ransomware affiliate

Ukranian police arrests ransomware gang that hit over 50 firms

US: MuddyWater is Iranian State-Backed Group

US Cyber Command Discloses MuddyWater Malware Samples

US Cyber Command links MuddyWater to Iranian intelligence

US Military Ties Prolific MuddyWater Cyberespionage APT to Iran

Want to improve corporate security? Prioritize personal security

What is ‘sextortion’ and why are cases on the rise?

What is the dark web?

What the Log4j vulnerability is and why you should be worried

When it comes to banking security, there’s no silver bullet

Why You Need Pentesting-as-a-Service (PtaaS)

Windows 'RemotePotato0' zero-day gets an unofficial patch

12th January

2-year prison for pervert who hacked webcams to spy on underage girls

3.7 Million FlexBooker Accounts Leaked to Hacker Forum After DDoS Attack

4 Terrible Effects Of Data Breaches On Businesses

10 tips for small businesses to prevent cyberattacks

2022 promises to be a challenging year for cybersecurity professionals

A new multi-platform backdoor is leveraged by an advanced threat actor

A ransomware attack has brought the New Mexico Jail to a standstill

Amazon, Azure Clouds Host RAT-ty Trio in Infostealing Campaign

An intelligent approach to ransomware

Apple fixes doorLock bug that can disable iPhones and iPads

Apple Releases iPhone and iPad Updates to Patch HomeKit DoS Vulnerability

Arizona lawmaker proposes ban on taxpayer-funded ransomware payouts

Attackers accessed Panasonic's job candidates PII

Attackers More Successful at Delivering Malware Payloads

Building cyber-resilience in 2022 & beyond

Bunnings shoppers put on alert as hardware giant is hit by major security breach - detailed in worrying email

Bunnings stresses little risk to customers from FlexBooker data leak

Can the CISO Reporting Line Reveal Intel on Data Breach Causation?

Check your Sender Policy Framework (SPF) records: Wide IP ranges undo email security and make for tasty phishes

Cisco Talos discovers a new malware campaign using the public cloud to hide its tracks

Clarins hit by security breach, Singapore customers' personal details at risk

Clinical Review Vendor Reports Data Breach

COMELEC exec denies data breach report

Comelec official calls data breach report 'fake news'

Cybercrime Will Increase — And 9 Other Obvious Cybersecurity Predictions for 2022

Cybercriminals are exploiting Omicron news to distribute RedLine malware

Cybersecurity Mistakes That Every SMB Must Avoid

Data breach in the state office in Lower Saxony: 25,000 customers may be affected

EA confirms dozens of high-profile FIFA accounts hacked

Electronic Arts (EA): 50 high-profile FIFA 22 accounts taken over by phishing actors

Europol Ordered to Delete Vast Trove of Personal Information

FBI, NSA and CISA Warns of Russian Hackers Targeting Critical Infrastructure

FBI Makes Arrest in Search for the Infamous “Spine Collector” Book Thief

Federal Communications Commission (FCC) Chair Proposes Updating Data Breach Reporting Requirements

Federal Communications Commission (FCC) Wants Stricter Data Breach Reporting Requirements

Federal Communications Commission (FCC) wants to revamp data breach laws for telecom carriers

FIFA Ultimate Team Account Takeovers Plague EA Gamers

Get Your Business Ready for Cyberdemic 2.0

Hackers take over diplomat's email, target Russian deputy minister

Hackers Use Cloud Services to Distribute Nanocore, Netwire, and AsyncRAT Malware

How Hackers Stole 50 High Profile FIFA 22 Accounts

How safe are cloud applications?

Internet’s Biggest Marketplace For Stolen Credit Cards Will Shut Down

Log4j: How hackers are using the flaw to deliver this new 'modular' backdoor

Magniber ransomware using signed APPX files to infect systems

Major hotel chain ditches Windows for Chrome OS after ransomware attack

Maryland Department Of Health Confirms Ransomware Attack Caused Disruption In COVID-19 Data Last Month

Maryland officials confirm ransomware attack shut down Department of Health

Mitigating Russian state-sponsored cyber threats to US critical infrastructure

Multi-platform SysJoker backdoor targeting Windows, macOS & Linux Devices

National Privacy Commission (NPC) orders Comelec to explain alleged data breach

Navigating the threat of cyber attacks on the transport sector

New SysJoker Espionage Malware Targeting Windows, macOS, and Linux Users

OCBC phishing scam underscores trade-off between convenience and security, with bank customers at risk

OceanLotus hackers turn to web archive files to deploy backdoors

Phishers Take Over FIFA 22 Accounts

Ransomware, supply chain, and deepfakes: The top threats the finance industry needs to prepare for

Ransomware Attack Leaves Exhausted Nurses at Suburban Hospital With Partial Paychecks

Ransomware attack locks down US prison

Remote Access Trojans spread through Microsoft Azure, AWS cloud service abuse

Resilient against ransomware risk

Sabbath Ransomware Gang Targets Critical Infrastructure, Backups

Scammers Are Using QR Codes to Plunder Parking Meter Payments

School’s out as cyberattack forces Albuquerque Public Schools (APS) to cancel classes

Singapore: Ransomware is always looking for a way in – what’s your defence?

SMEs still an easy target for cybercriminals

Teen Makes Tesla Hacking Claim

TellYouThePass ransomware returns as a cross-platform Golang threat

The latest phishing scam to watch out for: fraudulent QR codes on parking meters

This new malware wants to create backdoors and targets Windows, Linux and macOS

Threat actors use the power of Microsoft Azure and AWS to spread RATs

U.S. Security Agencies Warn About Russian Threat Gangs Amid Ukraine Tensions

UK jails man for spying on teenagers, stealing photos using RATs

US Cyber Command Links 'MuddyWater' Hacking Group to Iranian Intelligence

US Government Seeks Mandatory Cyber & Ransomware Reporting Requirements

US government urges organizations to prepare for Russian-sponsored cyber threats

US links MuddyWater hacking group to Iranian intelligence agency

Visalia Unified School District (VUSD) says personal info was obtained in data breach

Warning over post office shipping fee scam in Spain

Who is the Network Access Broker ‘Wazawaka?’

Why 2022 Should be a Year of Cybersecurity Optimism

Why file-borne malware has become the weapon of choice for attackers

Why you need a workplace culture that includes data security

Widespread, Easily Exploitable Windows RDP Bug Opens Users to Data Theft

Zero-Trust for Health Care in the Age of Ransomware

11th January

9 ways that cybersecurity may change in 2022

2021 was a terrible year for cybersecurity. Without action, 2022 could be even worse

2022 Cybersecurity Predictions from Lookout: Work From Anywhere Ends On-Premises Security

A ransomware attack took a New Mexico jail offline, leaving inmates in lockdown

Addressing the cybersecurity impact of employee relocation

Albania to Hire US Cybersecurity Firm After Data Breach

An intelligent approach to ransomware

Business email security

CISA: Russian state-sponsored groups exploited vulnerabilities in Microsoft, Cisco, Oracle tools

CISA alerts federal agencies of ancient bugs still being exploited

City of Grass Valley, California, suffers data breach

Comelec probes alleged data breach in its servers

Corporate Cyber-Attacks Spike 50% in 2021

Critical Infrastructure Falls Short on Ransomware Readiness, Mitigation, Recovery

Critical SonicWall NAC Vulnerability Stems from Apache Mods

Cyber Threats Are A Real Threat To Modern Agriculture’s Expanding Digital Infrastructure

Cyberattacks increased 50% globally in 2021

Cyberattacks on businesses saw a huge rise in 2021

Cybersecurity: Last year was a record year for attacks, and Log4J made it worse

Cybersecurity ‘blind spot’ putting Irish companies at risk

Cybersecurity in 2022: Addressing Insider Threats

Data security in the age of insider threats: A primer

DDoS attacks that come combined with extortion demands are on the rise

Don’t Get Caught! How to Spot Email and SMS Phishing Attempts

EHR vendor hit with lawsuit following data breach

FIN7 Mails Malicious USB Sticks to Drop Ransomware

Firms need better breach response, clear regulatory guidelines

‘Fully Undetected’ SysJoker Backdoor Malware Targets Windows, Linux & macOS

Google Drive accounted for the most malware downloads from cloud storage sites in 2021

Hackers access personal data of job candidates: Panasonic

Hackers Hit Healthcare Data Management Company

Hacking group accidentally infects itself with Remote Access Trojan horse

How Can You Leave Log4J in 2021?

How worried should we be about Windows 11 ransomware?

Indian APT exposes its Modus Operandi by infecting their own devices

KCodes NetUSB bug exposes millions of routers to RCE attacks

KCodes NetUSB kernel remote code execution flaw impacts millions of devices

Lessons learnt and what lies ahead – security concerns in the channel

MacOS Bug Could Let Creeps Snoop On You

Mespinoza, Pysa Ransomware Pose Threat to Healthcare Cybersecurity

Microsoft: China-based ransomware actor exploiting Log4Shell

Microsoft: Critical Windows HTTP vulnerability is wormable

Millions of Routers Exposed to RCE by USB Kernel Bug

New KCodes NetUSB Bug Affect Millions of Routers from Different Vendors

New RedLine malware version spread as fake Omicron stat counter

New SysJocker backdoor targets Windows, macOS, and Linux

Night Sky ransomware uses Log4j bug to hack VMware Horizon servers

Numerous FIFA 22 accounts have been hit by phishing attacks, EA admits

“Our Biggest Nightmare Is Here”

Over half a million transportation industry credit reports were left unsecured online

Phishing websites don’t last all that long say researchers

Ransomware: Hackers are using Log4j flaw as part of their attacks, warns Microsoft

Ransomware, OT/ICS threats remain at ‘all time high’

Ransomware Group Claims Successful Hack Of Broomfield Cybersecurity Firm

Ransomware Insights from Insiders

Researchers find critical RCE security vulnerability in H2 database console

Richland schools websites back up after ransomware discovered

Romance Scammers Stole £92m From Victims Last Year

Siriraj Hospital in Bangkok denies data breach after post lists patient records for sale

Small businesses are most vulnerable to growing cybersecurity threats

State hackers use new PowerShell backdoor in Log4j attacks

The Biggest Security Breaches of 2021 and What We Can Learn from Them

The Final Count: Vulnerabilities Up Almost 10% in 2021

The onward march of ransomware: What should businesses do?

The rise of double-extortion ransomware

This is the Year to Create a Cybersecurity Culture

US goverment warns of Russian hackers targeting critical infrastructure

US Issues Alert Over Russian Hackers

Vendor: Data Breach Involved Security Product Vulnerability

What are 2022’s biggest cyber threats?

Why cybercrime will continue to flourish in 2022

WordPress Bugs Exploded in 2021, Most Exploitable

World Economic Forum: Cybersecurity an Increasing Global Threat

World Economic Forum warns cyber risks add to climate threat

10th January

6 cloud security trends to watch for in 2022

10 Lessons Learned from the Top Cyber Threats of 2021

2021 cyber security review of the year

2022 is shaping up to be an epic fight to protect data

Abcbot botnet is linked to Xanthe cryptojacking group

Abcbot Botnet Linked to Operators of Xanthe Cryptomining malware

Are Ransomware And Terrorism Threats Equal?

Attackers exploit Google Docs with malware, phishing

AvosLocker ransomware resistant to safe mode

AvosLocker Ransomware Uses AnyDesk in Safe Mode to Launch Attacks, Sophos Reports

Bigger and more business-savvy: How ransomware will evolve in 2022

Bunnings customers among victims of FlexBooker data breach

California town announces data breach involving police department, loan provider

CISA director: 'We have not seen significant intrusions' from Log4j - yet

Cities in Texas hit by QR-code phishing scam

City of Grass Valley, California, suffers data breach – employee and citizen information exposed

Comelec investigating alleged data breach

Comelec validating report alleging data breach in its servers

Connecticut Utilities at High Risk of Phishing Attacks

Cryptocurrency crime reaches $14B in 2021

Cyber Attack Leads to New Mexico County Jail Lockdown

Cyber security: Keeping you and your family protected online

Cyber security experts predict emerging risks demand new approach

Cyber-Spike: Orgs Suffer 925 Attacks per Week, an All-Time High

Cyber-Thieves Raid Grass Valley

Cybersecurity: Why reactive management to remediation is no longer suitable

Cybersecurity firm unveils trends this year; all sorts of scams, attacks on crypto business to continue

Cybersecurity Risks a Major Global Threat, World Economic Forum Warns

Dangerous new text on Android phones lets hackers in – don’t tap it

Data breach at Rhode Island transit authority linked to file wrongly stored on employee's hard drive

DDoS attacks increasing year on year as cybercriminals demand extortionate payouts

Detect and identify IoT malware by analyzing electromagnetic signals

Email spam is breaking through again. Here’s what you can do to minimize it

Europol Ordered to Delete Data of Individuals With No Proven Links to Crimes

Europol ordered to erase data on those not linked to crime

Extortion DDoS attacks grow stronger and more common

Facebook and Instagram users urged to change passwords amid security breach

FBI Warns FIN7 Campaign Delivers Ransomware via BadUSB

Finalsite: All School Sites Now Restored After Ransomware Attack

FinalSite: No school data stolen in ransomware attack behind site outages

Finalsite Ransomware Attack Disrupts College Websites

Finalsite says no data stolen during ransomware attack affecting 3,000 US public schools

FlexBooker Reveals Major Customer Data Breach

Hackers attack scheduling platform Flexbooker, steal 3.7 million users’ data

HHS Warns Healthcare Sector of Pysa Ransomware Threats

How Do Cyberattacks on Pipelines and Other Industrial Installations Work?

How Ransomware Cost Ireland’s HSE $600 Million

How To Automate Your Security Processes

How to Get Your Organization Truly Engaged in Cybersecurity Training

How to lock down your Microsoft account and keep it safe from outside attackers

How to Protect Your Business From Cyberattacks

Human firewalling: Overcoming the human risk factor in cyber security

Identity Theft: Everything You Need to Know

Indian Patchwork hacking group infects itself with remote access Trojan

Is Your Supply Chain Secure?

LastPass Password Manager Says Your Master Password Is Safe Despite Users Receiving Unauthorized Login Security Alerts

Leveraging Least Privilege in Data Breach Management

Linux version of AvosLocker ransomware targets VMware ESXi servers

Loyola email breach exposes nearly 17,000 patients' info

Many South African healthcare providers use medical equipment with a legacy OS

Microsoft: powerdir bug gives access to protected macOS user data

Microsoft Details macOS Bug That Could Let Attackers Gain Access to User Data

Ministry of Justice caught up in multiple cyber incidents

More than 300 SPAR stores closed due to a cyber attack

Multiple Utah state agencies warn of bogus emails, phishing scam

NCSC hints people on how they can protect themselves from cyber security threats

New Data Suggests Cyberattacks Increased 50% in 2021

New hacking group Karakurt attacks six Canadian organizations

NHS cyber team sounds the alarm over Log4Shell attacks on VMware software

Oops: Cyberspies infect themselves with their own malware

Ongoing ransomware attack slows property deals in Bernalillo County

Over Half of SMEs Have Experienced a Cybersecurity Breach

Overcome These Three Challenges To Secure The New World Of Hybrid Work

Panasonic data breach compromised job applicant and business partner data

Panasonic says hackers accessed personal data of job candidates

Phishing and other SMS scams – shouldn’t banks bear the cost?

Phishing lures await in Google Docs comments

Public warning as scam coronavirus text message circulating in Northern Ireland

QNAP Issues a Security Alert to Customers With Insecure NAS Systems Regarding Ransomware Attacks

QNAP Tells Users to Take Immediate Action to Stop Ransomware

Ransomware attack closes local government operations in Albuquerque, Los Ranchos and Tijeras

Ransomware attack on Finalsite disrupts 5,000 school websites globally

Ransomware Attack on Software Provider Finalsite Shuts Down Thousands of School Websites

Ransomware Attack Takes Thousands Of U.S. School Websites Offline

Ransomware Group Claims Successful Hack Of Broomfield Cybersecurity Firm

Ransomware warning: Cyber criminals are mailing out USB drives that install malware

Recommendations to avoid falling into the cybernetic deception known as “phishing”

Researchers Find Bugs in Over A Dozen Widely Used URL Parser Libraries

Rhode Island Public Transit Authority: RIPTA data breach linked to file wrongly stored on employee's hard drive

Scheduling platform Flexbooker hacked, 3.7 million users' data stolen

Securing Onboarding and Offboarding in the Cloud

Security attack hits Illinois fertility centers

Singapore retailer hit by data breach

South African healthcare providers still use legacy OS

Survey claims 1,000 UK firms feel exposed to cyber attack

The Biggest Cybersecurity Trends Impacting Business Owners in 2022

The blame game: EU criticized for ‘fragmented and slow’ approach to cyber-attack attribution

The Evolution of Patch Management: How and When It Got So Complicated

The Impact Felt in Healthcare Breaches

The rise of the CISO: The escalation in cyberattacks makes this role increasingly important

Thousands of schools’ email systems are still being disrupted by a ransomware attack on FinalSite

Top tips to protect online networks in schools from cyber attacks

Understanding your data to prevent data breaches

URL parsing: A ticking time bomb of security exploits

URL Parsing Bugs Allow DoS, RCE, Spoofing & More

US Issues Warning Over Commercial Spyware

UScellular Discloses Data Breach Following A Cyber Attack

Users hit by Kronos payroll ransomware await recovery

Weekly cyberattacks jumped by 50% in 2021, with a peak in December due largely to the Log4J exploit

What to expect in 2022 privacy wise?

What will online privacy and security look like in 2022?

Why Are Small and Medium-Sized Professional Service Firms Targeted by Ransomware?

Why Data Security is crucial?

Why Politically Motivated Cyber-Attacks Are a Threat to Democracy

WordPress 5.8.3 security update fixes SQL injection, XSS flaws