Editor's Message

Welcome to DBD. On March 8th we celebrated our 4th Anniversary and the 1st Anniversary of our PRiSM application, officially endorsed by the SANS Institute. Despite recent personal issues that have impacted the amount of time I have been able to dedicate to both projects, I have been doing my best to keep everything as up-to-date as possible, and I would like to take this opportunity to thank everyone for their patience and support whilst I navigate through this very difficult time. Stay safe. :)

Monday 31 January 2022

Data Breaches Digest - Week 05 2022

Welcome to this week's Data Breaches Digest, a catalogue of links concerning Data Breaches and Cyber Security that were published on the Internet during the period between 31st January and 6th February 2022.

6th February

4 banking habits that can prevent scams

$4.4 million stolen in attack on blockchain infrastructure Meter

American hacker says he keeps turning off internet in North Korea

Attackers are using malicious PowerPoint files to take over computers

Australia: Nine Radio employees hit by Frontier cyber breach

Binance Phishing Attack Is Underway, CEO ‘CZ’ Warns

British Council Massive Data Breach Exposes 144,000 Student Files; Here's How To Stay Protected

Chinese Hackers Target Taiwanese Financial Institutions with a new Stealthy Backdoor

CISA Orders Federal Agencies to Patch Actively Exploited Windows Vulnerability

Computer and internet challenges and safeguards

Covid Related Phishing Scams See Massive Increase in January

Credit freeze effective against identity theft

Cyber Fraud: Reserve Bank of India (RBI) Lists Out Safe Digital Banking Practices

Deepfakes: Should we be concerned about this terrifying new form of cyber abuse?

Defending the NHS from cyber-attacks in 2022

Digital downwards spiral? Data breaches show a decline

Emerging 5th Dimension of War: Cyber Reaches Red Alert Zone

Equifax Finalizes Breach Settlement, to Start Fulfilling Claims

Fraudsters most active during peak business hours: HDFC Bank

Gamaredon, a Russian hacking outfit, has been revealed by Microsoft as a new threat

Gardai vow to continue global fight against Russian hackers behind HSE cyber attack as cyber cops join with FBI

Gloucester City Council cyber attack disrupts university consultation

Government Contractors Targeted in Ongoing "Fake Bid" Credential Phishing Campaign

Hackers hit Fortune 500 service provider, data of over 500k people leaked

How to stop the spread of ransomware attacks

India: Police twitter account hacked, probe ordered

Law enforcement action push ransomware gangs to surgical attacks

Nation-State Cyber-Attack Tools Enter Black Market, With Rise In Ransomware As A Service

New law to protect your smart devices from cybercriminals

New Mexico Health Insurance Company Sued Over Data Breach

News Corp. says China likely behind hack of emails and documents

North Carolina sees record year in data breaches in 2021

Phishing, vishing or smishing? These are the terms you need to know to keep you safe from online fraudsters

Phishing emails bait students with jobs too good to be true

Please, Mum! WhatsApp fraudsters pose as loved ones to steal money

Pollution data permanently lost because of cyber attack

Ransomware attack hits Morley; +500,000 individuals impacted

Ransomware to become more modular & uniform in the coming days: Sophos Threat Report 2022

Three tips to reduce data privacy risks

Ukraine accuses Russian hackers of cyber attack

Washington state data breach may have exposed personal details of licensed professionals

Washington state Department of Licensing hit by a potential data breach

‘We Don’t Want These Kinds of People’: NSO Employees Pay the Price for Pegasus Spyware Scandal

5th February

5 cybersecurity risks posed by ‘shadow IT’

Biden’s latest security message is based on ‘Zero Trust’

BlackCat (ALPHV) ransomware linked to BlackMatter, DarkSide gangs

Cyber attack on Gloucester City Council means more time for people to have say on Debenhams plans

Cybersecurity incident response: The 6 steps to success

FBI shares Lockbit ransomware technical details, defense tips

Federal Trade Commission (FTC) Announces Final Settlement Over Equifax’s 2017 Data Breach

FNB warns of new scams targeting customers

Fortune 500 service provider says ransomware attack led to leak of more than 500k SSNs

Hackers hold Hula Hoops hostage in cyber-raid on Britain’s KP Snacks

HKTVmall Announces Data Breach

How the growing Russian ransomware threat is costing companies dear

Increasing Adoption of Phishing Kits Puts MFA at Risk

India: Cyber Police crack online fraud; victims get back money

India: Private company duped of over Rs 22 lakh by cyber fraudster

Iranian APT group uses previously undocumented Trojan for destructive access to organisations

LockBit ransomware gang claims PayBito crypto exchange as new victim

Microsoft intercepted 35.7 billion phishing attempts in 2021

New Argo CD Bug Could Let Hackers Steal Secret Info from Kubernetes Apps

News Corp reports cyber data breach

Ransomware attack bill advances in Senate

That Zoom invite might be a clever phishing trick – Red flags to watch for

The digital world – Cyberwars, rumours or war and chess

The widespread impact of ransomware in the Asia Pacific

Tips on how to keep your family safe online

War in Ukraine could send 'cyber attacks' and 'refugees' to Estonia

Washington state agency discloses data breach impacting hundreds of thousands of licensed professionals

Wrong timing: Mumbai firm’s owner calls cyber fraudster’s bluff

4th February

3 Ways to Ensure Cybersecurity for Legacy Systems

A look at the new Sugar ransomware demanding low ransoms

Airport services firm Swissport reports ransomware incident

All Linux Distributions Affected by 12 Year-Old PwnKit Local Privilege Escalation Bug Allowing an Attacker to Execute Commands as Root

An ALPHV (BlackCat) representative discusses the group’s plans for a ransomware ‘meta-universe’

Another Israeli Firm, QuaDream, Caught Weaponizing iPhone Bug for Spyware

Argo CD releases patch for zero-day vulnerability

Argo CD Security Bug Opens Kubernetes Cloud Apps to Attackers

Argo CD vulnerability leaks sensitive info from Kubernetes apps

Attackers Target Intuit Users by Threatening to Cancel Tax Accounts

Attackers Use SEO Poisoning to Spread Malware, Steal Credentials

Bank executives mostly concerned about cybercrime

Banks’ cyber priorities

Beware of the Attacks of Zombie Botnet

Binance CEO Warns of ‘Massive’ SMS Phishing Scam

Business Services Firm Morley Discloses Data Breach Affecting 500,000 People

Businesses are far more confident in their ransomware protections than they should be

CISA issues advisory warning of critical vulnerabilities in Airspan Networks Mimosa

CISA orders federal agencies to patch actively exploited Windows bug

Consultation on Gloucester Debenhams redevelopment extended after 'cyber incident'

Conti ransomware encrypted 80% of Ireland's HSE IT systems

Critical Infrastructure Attacks Spur Cybersecurity Investment

Cryptocurrency has Become a Leading Threat for Cyber-Attacks on Young Adults

Cryptocurrency money laundering on DeFi skyrockets

Cyber attacks on European oil facilities spreading

Cyber crooks targeted The Sun in an attack backed by China

Cyber-Attacks Hobble Some of Europe's Largest Ports

Cybercrime: Darknet Markets Live On, Even as Players Change

Cybercrime Gang Tied to Ransomware Attacks in Germany, Colonial Pipeline Hackers

Cybersecurity Compliance Still Not a Priority for Companies, IBM Survey Shows

Data Breach Alert: SI Group Inc

Data breach numbers may not actually be declining, and reporting them is getting slower

Exposed corporate credentials threatening the pharma sector

FBI Warns Olympics/Paralympics Participants of Cyber “Activities”

Florida Lawmakers: Governments Should Not Pay Ransom to Hackers

Freeze out hackers during the 2022 Winter Olympic Games

Hackney Council in wrangle with UK data watchdog after refusing to answer questions on 2020 cyber attack

Halton residents warned over latest Covid email scam

How Cyberattacks Target Stakeholders

How MDR Helps MSPs Navigate an Unfriendly Cyber Landscape

How NGOs can better protect sensitive data

How threat actors are using npm to launch attacks

How to check if your Gmail, iPhone or Facebook has been HACKED in seconds

Inside the Battle Against Ransomware Attacks

Intuit releases security notices, warns of phishing emails ahead of tax season

Investment in data privacy in Brazil falls below global average

Knowledge is power: using threat intelligence to fight cyber-crime

KP Snacks supply chain shut down by Conti ransomware attack

Limited IP resources leave smaller ISPs vulnerable to judgement errors when making tough cybersecurity calls

Major Vulnerability Found in Argo CD

Managing cybersecurity threats

Microsoft: Russian FSB hackers hitting Ukraine since October

Microsoft Credits Multifactor Authentication in Blocking Second-Stage Phishing Attacks

Microsoft disables MSIX protocol handler abused in Emotet attacks

Microsoft Uncovers New Details of Russian Hacking Campaign Targeting Ukraine

Moody’s warns on the costs of cyber crime

More companies are using multi-factor authentication. Hackers are looking for a way to beat it

NATO Chief Says Alliance Helping Ukraine Bolster Cyber Defenses Against Russia

Neenah school district's insurance policy limits out-of-pocket expenses in Jan. 10 ransomware attack

New Cyber Safety Board Pivots to Tackle log4j Vulnerabilities

New research reveals vicious tactics of ransomware groups

News Corp cyber-attack: firm says it believes hack linked to China

News Corp discloses hack from "persistent" nation state cyber attacks

News Corp reports January cyberattack targeting Wall Street Journal, New York Post, Dow Jones

NFT Wash Trading Made Scammers at Least $9m in 2021

Now is the Time to Take Port Cyber Security Seriously

Oil shipments in European oil hub delayed after cyber attacks

Olympics might be a target for cyber espionage and surveillance

Operation EmailThief: Zero-day XSS vulnerability in Zimbra email platform revealed

Phishing, Malware Attacks Spike Amid Pandemic

Phishing and stealers dominate dark web forums (but don't mention ransomware)

Phishing Attacks That Bypass MFA Could Become The Norm

Phishing kits that bypass MFA protection are growing in popularity

Phishing remains a major cyber threat especially in busy times

PowerPoint add-on used to spread malicious files

Rhode Island Attorney General opens investigation into UnitedHealthCare after data breach

Russian APT Primitive Bear attacks Western government department in Ukraine through job hunt

Russian Gamaredon Hackers Targeted 'Western Government Entity' in Ukraine

Security's Role in Helping HealthTech Find Its Way

Seems Phishy? It Probably Is: Debunking 4 Myths That Put Your Clients at Risk

Segway’s Online Store Infected With a Credit Card Skimmer Used in a Large-Scale Magecart Attack Campaign

SEPA still unclear of cyber-attack financial impact

Strong authentication protects against phishing. So why aren't more people using it?

Swissport ransomware attack delays flights, disrupts operations

Talk to the board, not just IT, about ransomware

Tennessee College Hit with Ransomware

That Email About an Equifax Data Breach Settlement Is Real

The 3 Most Common Causes of Data Breaches in 2021

The Alpha and Omega of software supply chain security

Trio of RCE CVSS 10 vulnerabilities among 15 CVEs in Cisco small business routers

Ukraine Considers International Cyber Help

What Prescott, Arizona Learned 'Dodging a [Ransomware] Bullet'

What your organization can learn from the $324 million Wormhole blockchain hack

Where do cyber threats and climate change meet?

White House Issues Further Guidance for Federal Agencies on Cybersecurity Priorities

Why Cybersecurity is a Major Concern for Food Firms in 2022

Why the UK’s national cyber-security strategy is important

Will Private Sector Follow Government in Adopting Zero Trust?

Workers left without pay as Parasol hit by cyber attack

Wormhole restores stolen $326 million after major crypto bailout

3rd February

3 tips to offset security challenges created by the Great Resignation

$324 million stolen from blockchain platform Wormhole

A Majority Of Surveyed Companies Were Hit By Ransomware Attacks In 2021 - And Paid Ransom Demands

A ransomware attack at Pellissippi State compromised personal info. Here's what we know

Are IT and OT losing the ransomware battle?

BlackCat ransomware – what you need to know

"Bonus Payment" Phishing Emails Are Seeking New Ransomware Victims

Bring a burner to the Olympics, and other mobile device travel safety tips

Building resilience & strengthening your cyber procurement

CISA Warns of Critical Vulnerabilities Discovered in Airspan Networks Mimosa

Cisco fixes critical bugs in RV routers, exploit code available

Cisco plugs critical holes in small business routers

Companies woefully unprepared for CCPA compliance

Conti gang hits KP Snacks with a crippling ransomware attack

Crisp supply shortage looms after KP Snacks hit by ransomware

Critical Cisco Bugs Open VPN Routers to Cyberattacks

Critical Flaws Discovered in Cisco Small Business RV Series Routers

Cybersecurity: Many managers just don't want to understand the risks

Data Breach Alert: Professional Personnel Services dba Luttrell Staffing Group

Data Breach Alert: Unum Group

Data breach at International Council of the Red Cross (ICRC)

Distrust, feuds building among ransomware groups

European oil facilities hit by cyber-attacks

European oil port terminals hit by cyberattack

Fears cyber attack may cost Gloucester taxpayers millions

Financially Motivated Hackers Use Leaked Conti Ransomware Techniques in Attacks

Growing Number of Phish Kits Bypass MFA

Hackers Exploited 0-Day Vulnerability in Zimbra Email Platform to Spy on Users

HC3: BlackMatter Ransomware Threat Level Reduced

How organizations are arming themselves to combat threats

How Phishers Are Slinking Their Links Into LinkedIn

How to prevent Ransomware attacks: Steps you need to take today

Hula Hoops, Space Raiders and nuts shortage warning after KP Snacks ransomware attack

Hundreds of KP Snacks Billingham workers stood down after major cyber attack

Insurance Company Refuses to Pay Ransomware Claim

Intuit warns of phishing emails threatening to delete accounts

IT Staffing Company Settles Data Breach Class Action

Kaspersky: Many wearables and healthcare devices are open to attack due to vulnerable data transfer protocol

KP Snacks cyber attack could lead to a shortage of nuts, crisps and popular snacks

KP Snacks hack prompts crisp and nut supplies warning

KP Snacks Hit by Cyber-attack

KP Snacks supply chain shut down by Conti ransomware attack

Kronos Still Dragging Itself Back From Ransomware Hell

Law enforcement pressure forces ransomware groups to refine tactics in Q4 2021

Let’s go phishing: How we could enter a new era of email trust

Low-Detection Phishing Kits Increasingly Bypass MFA

Menlo Security Identifies New HEAT Cyberthreats

MFA adoption pushes phishing actors to reverse-proxy solutions

Microsoft: This Mac malware is getting smarter and more dangerous

Microsoft blocked billions of brute-force and phishing attacks last year

New SEO Poisoning Campaign Distributing Trojanized Versions of Popular Software

New Variant of UpdateAgent Malware Infects Mac Computers with Adware

New Wave of Cyber Attacks Target Palestine with Political Bait and Malware

Online Thieves Steal $320m from Crypto Firm Wormhole

People working in IT related roles equally susceptible to phishing attempts as the general population

Phishing kits' use of man-in-the-middle reverse proxies is growing, warns Proofpoint

PowerPoint Files Abused to Take Over Computers

Prosecutors investigating cyberattacks affecting multiple Belgian and Dutch ports

Ransomware Often Hits Industrial Systems, With Significant Impact

Ransomware Wants You to Like and Subscribe, Or Else

SEPA still dealing with the impact of 2020 cyber attack 12 months on

Shortage of KP Nuts and Hula Hoops looms after cyber-attack

South Africa 7th on list of countries most attacked by ransomware

St. Clair County Data Breach Impacted More Than 600 People

State hackers' new malware helped them stay undetected for 250 days

Symantec finds evidence of continued Russian hacking campaigns in Ukraine

Tackling the evolving threat of ransomware in 2022

Target open sources scanner for digital credit card skimmers

The Philippines: House seeks own probe on phishing scam that affected teachers

UEFI firmware vulnerabilities affecting Fujitsu, Intel and more discovered

What Does an Internal Attack Resulting in a Data Breach Look Like in Today’s Threat Landscape?

What is a ransomware attack? Meaning of term explained and how KP Snacks cyberattack could cause shortages

White House creates board to review cybersecurity incidents, members to start with Log4J

Wormhole Crypto Platform: ‘Funds Are Safe’ After $314M Heist

Wormhole hack – Hackers steal $320M in one of the largest crypto heists

Zimbra zero-day vulnerability actively exploited to steal emails

2nd February

1 in 7 ransomware extortion attacks leak Operational Technology (OT) data

5 Best Practices for Training Your Staff on Cybersecurity Awareness

32 new ransomware families identified in 2021

90% of security leaders face internal cybersecurity skills shortage

90% of Security Leaders Warn of Skills Shortage

A Ransomware Outlook for 2022

Achieving evidence-based security with threat-informed defense

Alleged Members Of REvil Ransomware Group Denied Bail In Russia

Altrincham GPs warn patients about fake NHS Covid passport scam

Are security teams equipped to handle overexposed data?

Arid Viper hackers strike Palestine with political lures - and Trojans

As Ukraine prepares for cyberattacks, officials warn of ransomware in disguise

Avast Threat Labs releases Q4 2021 Threat Report

BazarBackdoor Trojan Involved in a New Phishing Campaign - CSV Text Files Used to Spread Malware

Best online security practices to protect yourself from scammers

BlackCat ransomware implicated in attack on German oil companies

BlackMatter ransomware group may have shut down operations

British Council data breach leaks 10,000 student records

British Gas scam: Customers warned over ‘suspicious’ email

Business services provider Morley discloses ransomware incident

Charming Kitten Sharpens Its Claws with PowerShell Backdoor

Continued rise in cyber attacks warned for North West businesses

CVSS 9.9-Rated Samba Bug Requires Immediate Patching

Cybercriminals Excel-ing at tricking users

Cybercriminals Seek Ransomware Payments and Settlements

Cybersecurity – Identity and Access Management: Six ways to make sure your manufacturing business is cyber-secure

ESET antivirus bug let attackers gain Windows SYSTEM privileges

FBI asks athletes to use burner phones during Beijing Winter Olympics

FBI warning: Scammers are posting fake job ads on networking sites to steal your money and identity

Former South Georgia Medical Center Employee Arrested Over 41K-Record Data Breach

Government Accountability Office (GAO) Seeks Feedback on Healthcare Data Breach Reporting

How to combat the growth of digital vulnerabilities

How worried should we be about the rise in hospital ransomware attacks?

Inactive user accounts pose security threats for organizations

Initial Access Broker (IAB) Prophet Spider Seizes Opportunity to Exploit Log4j Vulnerability

Intel unveils Circuit Breaker bug bounty expansion for elite hackers

Is a Merger Between Information Security and Data Governance Imminent?

KP Snacks ‘compromised’ by Ransomware attack and “cannot safely process orders”

KP Snacks giant hit by Conti ransomware, deliveries disrupted

KP Snacks hit by ransomware attack with retailers warned of crisps and nuts shortage

KP Snacks hit with ransomware attack

KP Snacks Left with Crumbs After Ransomware Attack

Making sense of federal cybersecurity critical infrastructure guidance

Market research & conferencing service Civicom exposed 8TB of Data

Meet CoinStomp: New cryptojacking malware targets Asian cloud service providers

Microsoft Defender for Endpoint now spots unpatched bugs in iOS and Android devices

Modern Ransomware Attackers Risking Public Safety, Community Infrastructure

New Malware Used by SolarWinds Attackers Went Undetected for Years

New Sophos research into SolarMarker malware, campaigns, and the backdoors that just won’t die

Nuts and crisp supplies at risk after cyber attack hits KP Snacks

Office 365 boosts email security against MITM, downgrade attacks

Out-of-Control Cybercrime Will Cause More Real-World Harm

Over 1,200 Phishing Kits Found in the Wild With Ability to Steal 2FA Codes

Persistent data breaches fueling developer interest in cybersecurity

Police issue warning over Whatsapp scam

QNAP ransomware victims dealt double blow as firmware update hampers decryption

Remote work causing security issues for system and IT administrators

Remote working, ransomware, and the cloud: How to protect and utilise your data in 2022

Reviewing the UK's New Cybersecurity Strategy

Rhode Island Bus Service Says Data Breach Affected 22,000

Samba bug may allow code execution as root on Linux machines, NAS devices (CVE-2021-44142)

Scottish Agency Still Recovering from 2020 Ransomware Attack

Shoulder surfing: Watch out for eagle‑eyed snoopers peeking at your phone

SEO poisoning pushes malware-laced Zoom, TeamViewer, Visual Studio installers

Smart Cities and Cyber Security Trends to Watch Out in 2022

Some Ritz-Carlton Tahoe employees are not getting fully paid after Kronos payroll hack

South Africa is firmly in the ransomware sights

Supply-Chain Security Is Not a Problem...It’s a Predicament

Survey shows that 2 out of 5 organisations have been hit by ransomware in past two years

Testimony Shines New Light on Extent of RIPTA’s Data Breach

The Philippines: National Bureau of Investigation (NBI) starts probe of phishing attack on teachers

Third of Employees Admit to Exfiltrating Data When Leaving Their Job

Thousands of Malicious npm Packages Threaten Web Apps

Two initiatives that can move the needle for cybersecurity in 2022

UEFI firmware vulnerabilities affect at least 25 computer vendors

Walmart Dissects New 'Sugar' Ransomware

Why Cyber Due Diligence Is Imperative For Venture Capital (VC), Mergers and Acquisitions (M&A) And Private Equity Firms

Why is it important to train my employees in cyber security?

Why your organisation's human and technology cyber security challenges are inextricably linked

Wormhole cryptocurrency platform hacked to steal $326 million

1st February

After a Decline in 2020, Data Breaches Soar in 2021

Apple, SonicWall, Internet Explorer vulnerabilities added to CISA list

AWS S3 Bucket at Center of Data Breach, Again

Beware the HR phishing scam at work

Beyond the Gas Station: Cybersecurity and Industrial Infrastructure

BlackMatter Ransomware Group No Longer Active, Health Sector Cybersecurity Coordination Center (HC3) Says

BRATA Android malware factory resets phones after stealing funds

British Council exposed more than 100,000 files with student records

British Council Students' Data Exposed in Major Breach

Chelmsford's Sandon School confirms data breach after student details sent to parents

CISA Tells Organizations to Patch CVEs Dating Back to 2014

Concerning Healthcare Data Breach Reporting Trend

Concerns Linger Following Ultimate Kronos Group (UKG) Ransomware Attack

Connectivity and Cloud: A Chance for Zero Trust

Critical Bug Found in WordPress Plugin for Elementor with Over a Million Installations

Cyber crime’s new lethal weapon, how phishing abuses brand names for its advantages

Cyber-Attack on Oil Firms

Cyber-attack strikes German fuel supplies

Cybersecurity - Identity and Access Management: Five steps towards getting a ransomware attack on your company

Cybersecurity Trends For 2022: Why Staying Ahead Of The Threat Has Never Been So Critical

Cybersecurity worries at the Olympics range from personal phones to public water supplies

Cyberspies linked to Memento ransomware use new PowerShell malware

Data Breach Alert: Farmers Telephone Cooperative, Inc. (FTC)

Data breach as Corby vaccine trial participants' details inadvertently shared

Data Leak Exposes IDs of Airport Security Workers

Decryption key released for DeadBolt ransomware after QNAP NAS devices infected

Dozens of Security Flaws Discovered in UEFI Firmware Used by Several Vendors

Estimating Harm in Invasion of Privacy and Data Breach Disputes

EyeMed Fined $600K for 2020 Data Breach

FBI: Olympic Athletes Should Leave Devices at Home

FBI: Use a Burner Phone at the Olympics

FBI urges athletes to keep personal devices at home, use burners during Beijing Winter Olympics

FBI urges temporary phones for Olympic athletes

FBI urging Olympic athletes to keep personal phones at home

FBI warns Beijing Winter Olympics could be a big target for cyberattacks

FBI warns of fake job postings used to steal money, personal info

Finance industry revealed as sector most under threat by cyber attacks

Full cost of 2020 cyber attack on Scottish Environment Protection Agency (SEPA) still not known

German petrol supply firm Oiltanking paralyzed by cyber attack

Hacker Group 'Moses Staff' Using New StrifeWater RAT in Ransomware Attacks

Healthcare data breaches hit all-time high in 2021, impacting 45M people

How ready are federal agencies for zero trust implementation?

How to Ensure Your Social Media Accounts Are Secure

Inside Trickbot, Russia’s Notorious Ransomware Gang

Iranian Hackers Using New PowerShell Backdoor in Cyber Espionage Attacks

Iranian Hackers Using New PowerShell Backdoor Linked to Memento Ransomware

Iranian state-sponsored group APT35 linked to Memento ransomware

List of data breaches and cyber attacks in January 2022 – 66 million records breached

Malicious CSV text files used to install BazarBackdoor malware

Microsoft Defender now detects Android and iOS vulnerabilities

Mobile phone operator slapped with fine over data breach

MuddyWater hacking group targets Turkey in new campaign

Nigeria: Federal Government Probes 17 Firms Over Breach Of Customers’ Private Data

Oil and supply firms disrupted by cyberattack

One in seven ransomware extortion attempts leak key operational tech records

Organizations neglecting Microsoft 365 cybersecurity features

Over one-fifth of ransomware attacks target financial sector

Powerful new Oski variant ‘Mars Stealer’ grabbing 2FAs and crypto

QNAP's forced security update stopped ransomware, but some users are angry

Ransomware: Is the party almost over for the cyber crooks?

Ransomware attack cost Tasmania's pokies giant Federal Group millions of dollars

Ransomware Attackers Are The Modern Day Bank Robbers

Ransomware attacks continue to plague public services

Ransomware Attacks Grew 29% in 2021, May Cause Greater Carnage in 2022

Rhode Island Public Transit Authority (RIPTA) Data Breach Affected About 22,000 People

Rhode Island Public Transit Authority (RIPTA) data breach bigger than previously disclosed

Samba ‘Fruit’ Bug Allows RCE, Full Root User Access

Secure Web Browsers Tackle Ransomware, Insider Threat in Enterprises

Shell forced to reroute supplies after cyberattack on two German oil companies

Smishing: Short Message Service Phishing

Social Security Numbers Most Targeted Sensitive Data

Solarmarker Malware Uses Novel Techniques to Persist on Hacked Systems

State-sponsored Iranian hackers attack Turkish government, private organizations

Taking The Fight To The Ransomware Gangs: The Impact On Law Firms

Telco fined €9 million for hiding cyberattack impact to customers

The Account Takeover Cat-and-Mouse Game

The five most popular cognitive biases that result in phishing attacks

The State of Ransomware in 2022

These giveaway scams are all over Facebook, Instagram and Cash App – Don’t fall for it

These hackers are hitting victims with ransomware in an attempt to cover their tracks

Top attack trends every organization should build resilience against

Trend Micro blocks 94 billion threats in 2021

Ukraine Continues to Face Cyber Espionage Attacks from Russian Hackers

Unpatched Security Bugs in Medical Wearables Allow Patient Tracking, Data Theft

Update now: Samba prior to 4.13.17 hit with remote root code execution bug

Warning over rise in phishing email and SMS scams in France

Weeks after a ransomware attack, some workers still worry about paychecks

Why Apple’s improved 2FA protection matters to business

Why Facility Managers Have To Worry About Cybersecurity in Agile Workplaces

31st January

1 in 7 Ransomware Extortion Attacks Exposes Operational Technology (OT) Data

3 Cybersecurity Trends Certified Public Accountants (CPAs) Must Address This Tax Season

4 cybersecurity risks of web 3.0

100 day cybersecurity resilience plan for water and wastewater sector

2021 Was a Record Year for Data Breaches, But Scammers Now Have a New Focus

277,000 routers exposed to Eternal Silence attacks via UPnP

600,000 WordPress sites impacted by critical plugin RCE vulnerability

Aggressive BlackCat Ransomware on the Rise

Apple Pays $100.5K Bug Bounty for Mac Webcam Hack

Attacks Signal Coming Shift From ID Theft to ID Fraud

Aussie Tech Entrepreneur Extradited Over SMS Fraud

Behind The Buzzword: Four Ways to Assess Your Zero Trust Security Posture

Belgium: Covid Safe Ticket scam - Officials warn of phishing email

Beware of phishing scams offering packages, refunds, or rebates

Canadian establishment continues to be harassed by Snatch ransomware group

CISA adds 8 vulnerabilities to list of actively exploited bugs

CISA on Russia, Ukraine and Ransomware

Commonwealth Bank customers warned over ‘red flag’ scam email

Commonwealth Bank warns against convincing SCAM

Consolidating your incident response plan against cyber attacks

Cyber hacking soars as staff working from home can be vulnerable to data breaches, research suggests

Cyberattacks Against Health Plans, Business Associates Increase

Cyberattacks increasingly cause more problems for pandemic-weary US schools

Cyberattacks increasingly hobble pandemic-weary US schools

Cybercrime Has Gone Commercial (And It’s Easier Than Ever)

Cybersecurity - a preemptive necessity

Cybersecurity – Identity and Access Management: Protecting the digital identities of a diverse workforce

Data Breach Alert: McMenamins, Inc

DDoS attacks: Definition, examples, and techniques

Diligent Finds Cyberbreaches Due to Work-From-Home Have Cost Surveyed UK Businesses £374 Million in the Last 18 Months

Don't Ignore Security Updates: QNAP Fights Ransomware by Force-Installing NAS Patch

Education among ‘most-targeted’ breach sectors

Emerging Cybersecurity Trends in 2022

Emsisoft releases DeadBolt ransomware decryption tool

Enhancing Network Security with Automation

FBI warns of 2022 Beijing Olympics cyberattack, privacy risks

FCC Chairwoman pushes for change in waiting period for data breach reporting

Fighting cybercrime: How almost everything is under threat

Forget emails and texts – Ransomware hackers are calling and here’s what they want

How costly is an insider threat?

How to protect your network from a future attack

How to tell if your phone has been hacked

Log4j vulnerability continues to stress CISOs

Many organizations have no incident plan for security breaches

Microsoft: Here's how we stopped the biggest ever DDoS attack

Ministry of Defence (MoD) reported seven data incidents to the ICO between 2020 and 2021

New LockBit Ransomware Variant Evolves To Target Linux Systems

New Phishing Campaign Delivers AsyncRAT Malware

New Samba Bug Allows Remote Attackers to Execute Arbitrary Code as Root

New SureMDM Vulnerabilities Could Expose Companies to Supply Chain Attacks

New year, new rules – understanding the cybersecurity danger areas in 2022

NHS scam telling people to isolate after 'omicron' contact circulating in UK

North Korea's Lazarus uses Windows Update, GitHub to infect PCs in latest campaign

NSO Group Pegasus Spyware Aims at Finnish Diplomats

Number of COVID-19 Testing Scams Jumps Sharply

Number of data compromises reaching all-time high

OCBC Completes Goodwill Payouts to Phishing Victims

Outdated IoT healthcare devices pose major security threats

Phishing Campaign Registers Attacker’s Device With Victim Network

Prison for Dark Overlord Collaborator

Public Exploit Released for Windows 10 Bug

Public Health Ontario warning people about COVID-19 text message scam

QNAP: DeadBolt ransomware exploits a bug patched in December

QNAP Ransomware: Thousands Infected with DeadBolt

Ransomware: Over half of attacks are targeting these three industries

Ransomware: What is it and how to protect against it

Ransomware Affects 58% of Health Orgs

Ransomware attacks on schools rise during pandemic

Ransomware Gangs are Recruiting Your Employees

Ransomware groups to target financial services and retail sectors

Reasons Why Every Business is a Target of DDoS Attacks

Reducing the blast radius of credential theft

Researchers detail Russia-linked group's cyber-espionage tactics in Ukraine

Researchers Uncover New Iranian Hacking Campaign Targeting Turkish Users

Russian 'Gamaredon' hackers use 8 new malware payloads in attacks

Samba bug can let remote attackers execute code as root

Scammers are registering fake COVID related government websites

Security firm Securitas exposed airport employees in data breach

Security giant exposed 3TB of sensitive airport & employees data

Singapore: Police warn of new SMS scam, S$120,000 lost so far by at least 18 victims

Singapore smishing scams are a wakeup call for the financial sector

Surge in ransomware is driving zero trust adoption

The rise in ransomware is prompting the adoption of zero trust

The Top Vulnerabilities of 2021

The Vulnerability of the UK's 'Just in Time' Supply Chain

This Phishing Attack Meddles With Your Emails – Alerts Microsoft

Top 10 Human Error-led Data Breaches of 2021

Top-Ranking Banking Trojan Ramnit Out to Steal Payment Card Data

Two Israelis finally paying for doing illegal cyber activities

Understand your cyber training ‘need’ before committing to a programme

Understanding why UK digital supply chain cybersecurity is crucial

Unpatched Vulnerabilities Remain Primary Ransomware Attack Vector

Unsecured AWS server exposed 3TB in airport employee records

Updates released for multiple vulnerabilities found in 42 Gears' SureMDM products

Vulnerability in PostBus public transport platform exposed customer data

Warning US hospitals are ‘most vulnerable to cyber attack that will be more devastating than 9/11’ in wake of Covid

Why vulnerability scanners aren’t enough to prevent a ransomware attack on your business

With Tax Season Underway, IRS Warns to Watch out for Phone Scams, Phishing Emails

Your Graphics Card Fingerprint Can Be Used to Track Your Activities Across the Web