Editor's Message

Welcome to DBD. On March 8th we celebrated our 4th Anniversary and the 1st Anniversary of our PRiSM application, officially endorsed by the SANS Institute. Despite recent personal issues that have impacted the amount of time I have been able to dedicate to both projects, I have been doing my best to keep everything as up-to-date as possible, and I would like to take this opportunity to thank everyone for their patience and support whilst I navigate through this very difficult time. Stay safe. :)

Monday 14 March 2022

Data Breaches Digest - Week 11 2022

Welcome to this week's Data Breaches Digest, a catalogue of links concerning Data Breaches and Cyber Security that were published on the Internet during the period between 14th March and 20th March 2022.

20th March

75% of cyberattacks start with an email, reveals report

A Password Set To Password Leads To A $15 Million Ransom Demand

Anonymous: How hackers are trying to undermine Putin

Apple’s TestFlight Used to Distribute Malicious Crypto Apps to iOS Users

Bitcoin miners breached Land Information NZ cloud service

Canadian Government employee accused of crypto-ransomware scheme to face trial in US court

Cyber Insurance Business Is Becoming Unviable

Cybersecurity in an interconnected world

Cyclops Blink botnet is attacking and actively exploiting Asus routers

EPP/EDR: What Is It and How Can It Help to Keep Your Organization Safe?

Filipinos must be responsible digital citizens to protect themselves from cybercrime, says advocacy group

Global Cybersecurity Ramifications from the War in Ukraine

Hacker stole $790,000 from owners of Rare Bears NFT collection

How to avoid Amazon scams — 5 tips you need to know

How to avoid malicious macros when handling official looking tax season documents

It just got easier for scammers to fool you with fake Chrome windows

Lapsus$ hack leaves NVIDIA in a tight spot

More Conti ransomware source code leaked on Twitter out of revenge

Newer Conti ransomware source code leaked out of revenge

North Korean hackers stole $400m in cryptocurrency last year

Oil and gas industry scrutinized for weak cyber defenses

Perth mum and daughter win £2,500 pay out over council data breach

Ransomware puts organisations’ communications response in the spotlight

Standard virtual workspace security is improving but still not enough

The Growing Importance of The Cybersecurity Sector In Light Of The Russian-Ukraine War

TransUnion faces R10-million fine for hack

Typical Cybersecurity Mistakes Made by Contemporary Startups

US National Rifle Association confirms 2021 ransomware attack

We are headed for an ecosystem of cyber haves and cyber nots: Cisco advisory CISO

We are in the golden age of online fraud and internet scams

Western Digital app bug gives elevated privileges in Windows, macOS

Your co-workers have probably been involved in a data breach

19th March

75 Percent Of All Cyberattacks Start With An Email, How To Keep Safe

2021 Saw 153% Increase in Phishing and Scam Sites

Anonymous Leaks 79GB of Russian Oil Pipeline Giant’s Email Data

Attack behind news-app outage

BlockFi confirms unauthorized access to client data hosted on Hubspot

BlockFi crypto lending platform faces a security breach

Can malware go undetected?

Default Credentials Are Making Automated Cyber Attacks A Lot More Frequent

Devious phishing templates help create fake Chrome login windows

FBI: Avoslocker ransomware targets US critical infrastructure

From connoisseur to conned: How a Kalyani Group company got hacked

FTC Takes Action Against CafePress for Data Breach Cover Up

Google Exposes Initial Access Broker Ties to Ransomware

Hackers may be able to transform your favourite e-cigarette into a weapon against you

Here’s how a hacker stole $800,000 worth NFTs through Discord

Here's how hackers could turn your beloved vape against you

How to know if hackers are in your phone

Is Russia holding back from cyberwar?

Keeping your business safe from ransomware attacks

Leaked ransomware documents show Conti helping Putin from the shadows

National Rifle Association (NRA) confirms last year’s ransomware attack

Not using a password manager? Here’s why you should be

Russia's cyber war flops as 'hackers oppose invasion of Ukraine', security experts say

Singapore: Scams Spoofing Multiple Banks Are Still Active, Police Warns

The Microsoft Office productivity tool used in some ransomware attacks: Macros

The Transportation Security Administration’s First Crack at Protecting Pipelines From Hackers Falls Short

TransUnion data breach leaves 54 million South Africans exposed

Unchained Capital Discloses Data Leak at Email Marketing Partner

Why knowing your enemy is the best form of cyber defence

18th March

1 Million Texans Potentially Impacted By Dental Care Data Breach

75% of Cyberattacks Start With an Email, Report Says

76,000 online scams taken down after tip-offs to suspicious email reporting service

A Five-Step Plan To Protect Against Ransomware

A new model to automatically detect and filter spam emails

A Third of Malicious Logins Originate in Nigeria

Agencies Warn on Satellite Hacks & GPS Jamming Affecting Airplanes, Critical Infrastructure

Aircraft Disrupted by Satellite Jamming Following Russian Invasion

Albuquerque Schools Find No Data Compromised in Cyber Attack

All in a day's work: Google details Exotic Lily access broker for ransomware gangs

Arkansas Sues Health System for Abandoning Patient Files

Asus Wi-Fi routers attacked by Russian military hackers — what to do now

Belize: Financial Intelligence Unit (FIU) calls out ‘phishing scams’

Biometrics for ID Called More Useful by 58% of Digital Account Holders

Budget cuts undermining South African firms’ ability to protect against cyberattacks

Businesses should recalibrate their cybersecurity approach around these elements

CISOs face 'perfect storm' of ransomware and state-supported cybercrime

Cloud-Based Email Threats Surge 50% in 2021

Complexity and number of cyberattacks jumped in 2021

Conti, Karma ransomware launch attacks at the same time

Conti Ransomware Group Helping Russia? 60,000 Files, Chat Messages Reveal Alarming Details

Credit bureau TransUnion hacked – ‘R224m ransom sought’

Critical Vulnerabilities in the U.S. Food Sector and the Next Crippling Attack

Crypto collectors beware: why online wallets are increasingly vulnerable to theft

Crypto Phishing Groups Solicit Phony Aid Donations Amid Ukraine Conflict

Crypto-trading Scam ‘CryptoRom’ Demands Thousands of Dollars in Fake “Profit Tax” To Unlock Victims’ Accounts

Cryptocurrency Exchanges Binance, Huobi and FAMEEX Warn of Massive Imposter Websites and Phishing Scams

Cryptocurrency scams pose as Ukraine aid organizations

Cyber threats and the Ukraine conflict

Cyberattack on Wheeling Health Right, Inc. Results in Data Breach

Cyclops Blink Malware Expands to Target Asus

DarkHotel APT Targets Wynn, Macao Hotels to Rip Off Guest Data

DarkHotel hacking campaign targets luxury Macao resorts

Data breach affects workers at convenience food firm Greencore

Data Breach Alert: Absolute Results Productions, Ltd

Data Breach can be destructive: Cyber-Forensics.net explains what to do when company data is at risk

Data Privacy in 2022: Navigating the Ever-shifting Terrain

Domain Security: An Underused Cybersecurity Strategy and First Line of Defense in Your Zero Trust Model

Email Authentication Basics for SaaS Teams

Email Theats: Phishing Attacks Find New Ways to Trick Victims

Emotet Malware Sending Emails Disguised as IRS

Experts Find Some Affiliates of BlackMatter Now Spreading BlackCat Ransomware

FBI and CISA warn over threats to satellite communications networks

Fighting in Ukraine Raises Prospect of US Cyberattacks

Firm with 'negligent' security practices fined £100k after cyber attack

Franchises, partnerships emerge in Ransomware-as-a-Service operations

Free decryptor released for TrickBot gang's Diavol ransomware

FTC Reminds CafePress That There Are Consequences for Data Breach (In)actions

Google: Chinese state hackers target Ukraine’s government

Google Blows Lid Off Conti, Diavol Ransomware Access-Broker Ops

Google exposes 'uniquely personal' access broker behind worst Conti, FIN12 ransomware attacks

Google Uncovers 'Initial Access Broker' Working with Conti Ransomware Gang

Hackers Are Targeting Your March Madness Bracket

Hackers claim to breach TransUnion South Africa with 'Password' password

Hackers Target Bank Networks with new Rootkit to Steal Money from ATM Machines

Half of Orgs Use Web Application Firewalls to Paper Over Flaws

HHS: Health Sector Should Prepare for Ukraine-Russia Threats

HIPAA Security Rule Compliance Can Prevent and Mitigate Most Cyberattacks

How businesses can protect their data amid cyberattack concerns

How prepared are organizations to face a ransomware attack on Kubernetes?

How To Prevent Accidental Data Exposure Within Your Company

How to spot scams pretending to raise money for Ukraine during war with Russia

Japan's Bridgestone reports ransomware attack at U.S. subsidiary

JavaScript library updated to wipe files from Russian computers

Leaked Ransomware Docs Show Conti Helping Putin From the Shadows

Make your Outlook account super secure in under 5 minutes

Microsoft Defender Flagged Office Updates As Ransomware Activity

Microsoft releases open source Trickbot scanner for Mikrotik routers

Mobile gaming scams and dangers: What are they and how to avoid them

Mobile zero-day security vulnerabilities, phishing attacks continue to rise

Mydoom Virus: Why Is It Considered the Worst Computer Virus in History?

Nasty Phishing Hack Loses Enthusiastic Ape Coin Fans Over $75k

Nation of digital defenders blow the whistle on over 10 million suspect emails

National Rifle Association (NRA) Confirms It Got Pwned by Cybercriminals

NCSC Launches Awareness Campaign to Strengthen Password Practices

New LokiLocker ransomware can wipe your entire PC

'On high alert': Hospitals wary of cyber threats from Russia-Ukraine war

Over 74,000 scams axed after 10 million-plus reports to the Government - what to do if you've been scammed

Phishing attacks take aim at Singapore

Police warn of SMS phishing scam involving fake Singpass website

Ransomware crypto payments hit at least $602M last year

Rare Bears Discord phishing attack nabs $800K in NFTs

Rare Bears NFT loses $790,000 worth of NFTs in a phishing attack

Recent Ransomware Attacks & What We Learned

Russian Hackers Allegedly Compromise Ukrainian News Sites, Displaying ‘Z’ Symbol

Russian hackers exploit MFA and PrintNightmare security vulnerability in NGO breach

Sandworm APT Hunts for ASUS Routers with Cyclops Blink Botnet

Scammers Out In Full Force After ApeCoin Announcement

Securing the Perimeter is Not Enough to Protect Your Data

Security Experts Face Record Cyber Threats, Overwhelming Workload

Should the West Build its Own ‘Great Firewall’?

Six ways to ensure the safety of your cryptocurrency

South Denver Cardiology cyberattack, data access impacts 287K patients

Targeting Satellite? CISA, FBI Warns of Attacks on SATCOM Network Providers

Tech execs could face jail time under revised UK Online Safety Bill

The 5 Rules Of HIPAA Compliance

The Biggest Cyber Security Risks In 2022

The problem with multiple cloud security tools: Alert fatigue and burnout

The Road Ahead for Cyber and Infrastructure Security

The TTPs of Conti’s initial access broker

The vast majority of cyberattacks start with just an email

This browser-in-browser attack is perfect for phishing

Top 5 myths businesses believe about bots

TransUnion Confirms Data Breach at South Africa Business

TransUnion cyber attack – hackers demand R225 million ransom

Ukrainian cyber defences prove resilient

Urgent DVLA warning issued over scam costing drivers £1,000

US Critical Infrastructure Targeted by AvosLocker Ransomware

Wandsworth Council emails residents’ private electoral information to 43,000 strangers

What happens when you negotiate with a hacker?

What is Escobar malware?

What are the biggest ransomware trends facing US businesses?

Wheeling Health Right Victim Of Cyberattack

While questions about RaidForums remain unanswered, BreachForums opens

Why businesses should care about cloud, cybersecurity

Why Data Privacy & Compliance Is a Year-Round Event

Why EDR is not sufficient to protect your organization

Why the city of Fresno in US kept silent about losing US$600,000 to a phishing scam

Zero-Trust’s Foundation is Identity and Access Management

17th March

3 Ways to Improve Your Ability to Recover From Ransomware

5 Steps to Take Right After a Data Breach

6 Reasons Not to Pay Ransomware Attackers

10 Types of Phishing Attacks That Can Damage Your Business

2021 cyberattacks led by Russian hackers cost companies $600 million

4,749 KrisShop customers' personal data 'may have been exposed' after phishing attack

Alarm raised over ‘trickster’ LokiLocker ransomware

ASUS warns of Cyclops Blink malware attacks targeting routers

Attackers have come to love APIs as much as developers

Barracuda Research Uncovers New Insights Into the Ways Cybercriminals Are Targeting Businesses With Spear-Phishing Attacks

BazarLoader malware opens a new frontier in cyberspace

Best practices in securing today’s remote workforce

Beware Russian hackers, leading industry supplier warns estate agents

BIG sabotage: Famous npm package deletes files to protest Ukraine war

BlackCat is the newest ransomware group you should be aware of

Bridgestone confirms data loss in ‘ransomware attacks’

CafePress Data Breach: Owner Agrees to Feds' Settlement

CISA, FBI warn US critical orgs of threats to SATCOM networks

Cloud growth brings security concerns for e-commerce

Conversation Hijacking Soars 270% to Enable BEC

Credit bureau TransUnion hacked

Critical Veeam backup vulnerabilities exposed Windows users to ransomware assault

Cyber-Attackers Politically Aligned

Cybersecurity Awareness for Employees: Best Practices

Cybersecurity news: LokiLocker ransomware, Instagram phishing attack and new warnings from CISA

Data Breach Alert: Bonita Springs Utilities, Inc

Data Breach Alert: Bridgestone Americas, Inc

Data Breach Alert: PhySynergy, LLC

Dev Sabotages Popular NPM Package to Protest Russian Invasion

Devil-may-care Lapsus$ gang is not the aspirational brand infosec needs

Digital frauds and unhappy endings

DirtyMoe Botnet Gains New Exploits in Wormable Module to Spread Rapidly

Don’t fall for these malware-filled emails impersonating the IRS

Email authentication helps governments and private companies battle ransomware

Emotet malware impersonates IRS as 2022 tax season approaches

Escobar mobile malware targets 190 banking and financial apps, steals 2FA codes

Europe warns of aircraft GPS outages tied to Russian invasion

'Everyone loses': This new ransomware threatens to wipe Windows PCs if its victims don't pay up

Ex CafePress owner fined $500,000 for 'shoddy' security, covering up data breach

Fortifying Your Last Line Of Defense - Your Employees

Four key risks exacerbated by Russia’s invasion of Ukraine

FTC Takes Action Against CafePress for Alleged Data Breach 'Cover Up', Fines Former Owner $500K

Google discovers threat actor working as an ‘initial access broker’ for Conti ransomware hackers

Google exposes tactics of a Conti ransomware access broker

Greencore staff considering legal action after data breach

Guernsey cyber-security warning for islanders and businesses

Healthcare cybersecurity trends: Organizations not quite ready to deal with threats

HMRC warns of tax return scam for self assessment customers as 2022 deadline looms: How to protect yourself

HMRC warns Self Assessment customers to be aware of scam calls and texts from fraudsters as Self Assessment deadline passes

How can you protect yourself from cyber scams during a global crisis?

How CAPTCHAs can cloak phishing URLs in emails

How to clean up your passwords and boost online security

How to plan for increased security risks resulting from the Great Resignation

How to prepare for a cyberattack and set a backup plan

How to secure your cryptocurrencies

Irish regulator fines Meta $19M for 2018 data breaches

Japan's Bridgestone reports ransomware attack at U.S. subsidiary

Landmark Online Safety Bill Introduced to UK Parliament

Law firm issued fine from ICO over unpatched software and lack of MFA

Light at the End of the Ransomware Tunnel?

Malware and Phishing Attacks for Smartphones See Massive Year on Year Increase

Meta Hit with £14 Million Fine for a Dozen GDPR Breaches

Microsoft: Here's how this notorious botnet used hacked routers for stealthy communication

Microsoft Defender drops "downpour" of false ransomware alerts on customers

Misconfigured Firebase Databases Exposing Data in Mobile Apps

Most NASA Systems at Risk From Insider Threats

Multiple Automotive Manufacturers Infected With Emotet

New Phishing Attack Uses The Google Name & Icon In Emails

New report shows that the majority of organizations are not equipped to combat emerging Highly Evasive Adaptive Threats (HEAT) cyber attacks

New Unix rootkit used to steal ATM banking data

New Variant of Russian Cyclops Blink Botnet Targeting ASUS Routers

New Vulnerability in CRI-O Engine Lets Attackers Escape Kubernetes Containers

Phishers devise browser-in-the-browser attacks, 'chameleon' landing pages

Phishers Using Ukraine Invasion to Solicit Cryptocurrency

Popular NPM Package Updated to Wipe Russia, Belarus Systems to Protest Ukraine Invasion

Practical Tips for Creating Winning Cybersecurity Teams

Pro-Ukraine ‘Protestware’ Pushes Antiwar Ads, Geo-Targeted Malware

Pro-Ukrainian hacktivists are taking down Russian websites

Ransomware Through the Supply Chain: Are Organizations Prepared for the New Normal?

Raspberry Pi Users Urged to Change Default Passwords as Attacks Surge

Realizing the importance of data literacy

Russia gets triggered by Ukraine joining NATO cyberdefense hub

Russia Uses Deepfake of Zelensky to Spread Disinformation

Russia’s cyberattack threat: How serious is it and how can you protect yourself?

Russian ally ransomware group could target Australia, cyber security authorities warn

Sanctions could drive surge in cybercrime

Securities and Exchange Commission (SEC) filings show hidden ransomware costs and losses

Securities and Exchange Commission (SEC) Proposes New Rules on Cybersecurity Risk Management, Strategy, Governance, and Incident Disclosure

Security alerts from multiple cloud vendors are overwhelming IT professionals

Security Experts Face Record Cyber Threats, Overwhelming Workload

Seven ways U.S. businesses can protect themselves from Russian cyberattacks

Severity of mobile threats rising, 10+ million mobile endpoints impacted

Singapore: Police warn against phishing scams impersonating as banks

Singapore Airlines’ in-flight retailer KrisShop targeted in phishing attack, data of 4,749 customers exposed

Singapore Airlines’ KrisShop latest victim of phishing attack – personal data of over 4,000 customers leaked

South Denver Cardiology Associates (SDCA) confirms data breach affecting nearly 300k heart patients

The Big, Baffling Crypto Dreams of a $180 Million Ransomware Gang

The Chimera of Zero Trust

The Golden Hour of Incident Response

The keys to catching a cyber crook

The Phases Of Account Takeover Attacks And How To Stop Them

The Philippines: Data breach could impair elections

These four types of ransomware make up nearly three-quarters of reported incidents

Top data governance challenges and strategies for high-growth startups

Trickbot uses compromised MikroTik routers as C2 communication proxies

TrickBot Malware Abusing Hacked IoT Devices as Command-and-Control Servers

TrickBot Malware Abusing MikroTik Routers as Proxies for Command-and-Control

Trickbot uses compromised MikroTik routers as C2 communication proxies

Ukraine Secret Service Arrests Hacker Helping Russian Invaders

Ukrainian News Channel Hacked to Run Deepfake video of President Zelensky

Ukrainian Secret Service Arrested Hacker Helping Russian Troops

Understanding Features and Vulnerabilities of The Decentralized Finance Attack Surface is Key to Protecting Against Cyber Attacks

US Passes "Game-Changing" Cyber Incident Reporting Legislation

What is Phishing? A look at the latest trends in data breach protection

What Ukraine Shows About Cyber Defense and Partnerships

Why Email Security Matters

Why IoT Security is Important for Today’s Networks?

Why Ransomware is the Greatest Threat to Your Organisation

Your data could be more exposed than you think

Your K8s Environment Was Attacked: What to Do in the First 24 Hours

16th March

16 Ways to Stay Safe While Online Shopping

Another Destructive Wiper Targets Organizations in Ukraine

“Antivirus on steroids:” One way to protect your clients from ransomware

Attackers using default credentials to target businesses, Raspberry Pi and Linux top targets

Australia: Litigation Risks Arising From Cyber Attacks/Data Breach Incidents

Australia's cyber laws potentially harmful to security

Automotive components supplier Denso confirms cyber attack

Biden signs ransomware reporting mandate into law

Bridgestone Data Hacked in Attack

Building An Industry Response To Ransomware

CafePress owners settle with FTC over data breach 'cover up'

Can you be Hacked by Visiting a Website?

Chameleon phishing attack brings bad karma to email users

Chelan Douglas Health District Warning Residents of 2021 Data Breach

CISA: Fix MFA and Patch Promptly to Stop Russian Attackers

CISA adds 15 vulnerabilities to list of flaws exploited in attacks

CISA and FBI warning: Hackers used these tricks to dodge multi-factor authentication and steal email from Non-Government Organization (NGO)

‘CryptoRom’ Crypto-Scam is Back via Side-Loaded Apps

CTOs Talk Cybersecurity

Cyber insurance crisis to fuel enterprise shift in cyber protection

Data Breach Alert: FCI Constructors, Inc

Democratizing Cybersecurity: Why Converged SOAR and SIEM Can Up-Level Security Postures

Does Sandboxing Have A Future?

Electric vehicle cybersecurity has business owners worried

Emotet malware campaign impersonates the IRS for 2022 tax season

Emotet's tax-season phishing is back with new tricks

Employees consider legal action after cyber-attack on food manufacturer

Everything You Need to Know About Operation Aurora

Facebook and WhatsApp join UK anti-scam scheme amid alarming rise in phoney messages – how to stay safe

Facebook parent company Meta joins UK anti-scams initiative

FBI, CISA Warn of Russian Hackers Exploiting MFA and PrintNightmare Bug

Firms Must Report Hacks to Department of Homeland Security (DHS) in 72 Hours Under Law

Food bosses respond to staff data breach action

Fraudsters use intelligent bots to attack financial institutions

FTC accuses CafePress of covering up 2019 data breach

FTC fines CafePress over 2019 data breach coverup

FTC to fine CafePress for covering up 2019 data breach

German Authorities Warn Against Using Kaspersky Products

German Government Warns Against Using Russia's Kaspersky Antivirus Software

Hackers Spread BazarBackdoor Malware Via Website Contact Forms

Health district says data breach last summer led to loss of clients’ private information

Highly Evasive Adaptive Threats (HEAT): Are Companies Prepared for Modern Threats?

How can organisations reduce their cyber insurance premiums?

How fast can organizations respond to a cybersecurity crisis?

How to Avoid Being Scammed - What You Should Know

HSE to spend €1MILLION contacting individuals whose personal data stolen in cyber attack

Hundreds of GoDaddy-hosted sites backdoored in a single day

iPhone, Android users lose life savings to romance fraud, cryptocurrency operation

Irish Watchdog Fines Meta $19m Over Data Breach

Kaspersky complains about 'political' German advisory against it

Kaspersky Hits Back at "Politically Motivated" BSI Advisory

Kubernetes an Achilles Heel in Defense Against Ransomware Attacks

Kubernetes an “Achilles heel” in mitigating ransomware

Linux botnet spreads using Log4Shell flaw

LokiLocker ransomware family spotted with built-in wiper

Mastering Security in a Hybrid-Work Setting

Meta fined $18.6M by Irish regulator for GDPR violations

Microsoft Defender tags Office updates as ransomware activity

Multiple Flaws Uncovered in ClickHouse OLAP Database System for Big Data

Never-Mind the Gap: It Isn't Skills We're Short Of, It's Common Sense

New "B1txor20" Linux Botnet Uses DNS Tunnel and Exploits Log4J Flaw

New Infinite Loop Bug in OpenSSL Could Let Attackers Crash Remote Servers

New ransomware LokiLocker bundles destructive wiping component

NSA and CISA: Here's how to improve your Kubernetes cluster security

OpenSSL cert parsing bug causes infinite denial of service loop

Phony Instagram ‘Support Staff’ Emails Hit Insurance Company

Purchase market could exacerbate mortgage lenders’ cybersecurity weak spots

Ransomware: What You Need to Know About It and How to Protect Yourself

Russian Actors Exploit Known MFA Bug to Attack Organization

Securities and Exchange Commission (SEC) proposes cybersecurity risk management, incident disclosure rules for enterprises

Sensitive mobile app data found unprotected in the cloud

Simple Tips to Protect Youself From Being Catfished

Small Businesses Are More Frequent Targets Of Cyberattacks Than Larger Companies

Smaller financial firms face big challenges as cyberattacks increase

SolarWinds warns of attacks targeting Web Help Desk instances

South Africa: Organisations need to fortify online security governance – cybercrime costs R2.2 billion a year

Supply Chains are an Easy Target for Cybercriminals

Surviving digital war

TAC Security Survey Reveals: 88% of Businesses Rely on Manual Processes to Identify Network Vulnerabilities

Take a walk on the client side: The importance of front-end JavaScript security assessments

Tennessee Pediatric Hospital Responding to Cyber Incident

The challenge of securing healthcare organisations

The Hacker With a Back-Up Plan

The ICO’s First Ransomware Monetary Penalty Notice: Key Takeaways

The Role of Cyber in the Russia-Ukraine Conflict

The Rules and Regulations of HIPAA Compliance

The Workaday Life of Conti, the World’s Most Dangerous Ransomware Gang

This Scam is Tricking Instagram Users into Sharing Their Passwords

This sneaky type of phishing is growing fast because hackers are seeing big paydays

Thousands of Mobile Apps Expose User Data Via Cloud Misconfigurations

To Governance and Beyond: Cybersecurity as a Journey

Unpatched RCE Bug in dompdf Project Affects HTML to PDF Converters

Unsecured Microsoft SQL, MySQL servers hit by Gh0stCringe malware

US ranked 3rd largest cyberattack target, following Russia & Ukraine

What is Spear Phishing? Here's how to safeguard yourself from email frauds

When it comes to ransomware, don't forget the basics

Why a modern vulnerability management strategy requires state-of-the-art solutions

Why Crypto Hackers Always End Up Getting Caught Out

Why Fresno kept silent about losing $600,000 to a phishing scam

Why securing cyber insurance coverage is becoming more challenging

Why the city of Fresno kept silent about losing $600,000 to a phishing scam

15th March

3 Security Takeaways from 2021

6 Online Privacy and Security Tips

7 Cloud Security Trends That May Impact Your Cloud Security Planning

7 old attack vectors cybercriminals still use

70% of financial service providers are implementing API security

Android Malware ‘Escobar’ is After Google Authenticator Codes

Android trojan persists on the Google Play Store since January

Anonymous cripples Russian Federal Security Service (FSB) and other top sites

Anonymous steals 20TB data from Russian oil giant Rosneft

Are you willing to take a calculated risk? Quantifying your cyber risk and predicting future threats

Be prepared for a cyberattack

Behavior-based vs IOC-based Threat Detection Approaches: How to Prioritize?

Biden signs cyber incident reporting bill into law

By the Numbers: The Cost of Insider Data Breach vs The Cost of Protection

CaddyWiper: More destructive wiper malware strikes Ukraine

CaddyWiper: Yet Another Data Wiping Malware Targeting Ukrainian Networks

Class Action Filed in Logan Health Breach Affecting 214,000

Cyber Insurance Sees Price Hikes Ahead as Cyberwar Compounds Fraud Wave

Cyber Resilience and Its Role in Delivering Digital Public Services

Cyberattacks Against Israeli Government Sites: ‘Largest in the Country’s History’

Cyberattacks surrounding Ukraine crisis reach all-time high

Cybercriminals are targeting Ukrainian sympathizers, what can you do to remain safe?

Cybercriminals hiding malware in places you can’t imagine and this time it was in the YouTube descriptions

Cybersecurity Lessons CISOs Should Take from the Russia-Ukraine Conflict

Data Breach Alert: Lake Shore Savings Bank

Defending Against Ransomware: OSFI Updated Advisory on Cyber Incident Reporting

Dozens of ransomware variants used in 722 attacks over 3 months

DVLA issues urgent Vehicle Excise Duty (VED) tax scam warning that everyone should look out for

Employees still falling for business email compromise attacks

Facebook Hit With $18.6 Million GDPR Fine Over 12 Data Breaches in 2018

FBI issues ransomware attack warning after Canadian extradited to Tampa for alleged cybercrimes

FBI warns of MFA flaw used by state hackers for lateral movement

Federal Trade Commission (FTC) settlement requires CafePress owners to pay $500,000 to victims of 2019 data breach

Federal Trade Commission (FTC) Takes Action Against CafePress for Data Breach Cover Up

Federal Trade Commission (FTC) to fine CafePress for cover up of massive data breach

Financially motivated threat actors willing to go after Russian targets

Five data fundamentals to quash cybercrime

Five multifactor authentication challenges for CISOs

Fresno Lost $400,000 in an Electronic Phishing Scam

Fuel under attack: examining Europe’s newest cyber target

Furious employees demand answers from Greencore after it was targeted by online hackers - hundreds could be affected at Northampton branch

German government advises against using Kaspersky antivirus

Germany warns against Russian anti-virus use

Greencore hit by data breach - leaking bank details and insurance numbers

Hackers are finding a new weak point in calendar invites

Has Russia Already Hacked Our Gas Supply?

Healthcare Scores Poorly for Practicing the Cyber Incident Response

How and Why Health Systems Will Step Up Medical Device Cybersecurity in 2022

How Businesses Can Seamlessly Prioritize Security In Digital Transformation Plans In 2022 And Beyond

How insurers are rethinking ransom coverage

How Machine Identities Are Redefining Enterprise Security In A Perimeterless World

How retailers can mitigate the surge in ransomware attacks

How Security Can Keep Pace as IT and OT Converge

How to build a culture of cybersecurity

Importance Of Data Protection In 2022

Israeli Government Websites Taken Offline in Large-Scale Cyber-Attack

It’s Not Fair, But Cyber Crime Is Cheap

Labette Health, Capital Region Medical Center Confirm Data Breaches

Lapsus$: The New Name in Ransomware Gangs

Malicious actors on the prowl; Don’t let your guard down, ever!

Malicious web application attacks climb 88%

Malicious web application requests skyrocketing, bad actors stealthier than ever before

Massive DDoS Attack Knocked Israeli Government Websites Offline

Massive phishing campaign uses 500+ domains to steal credentials

Meta Fined $18.6M Over Facebook Data Breach

Mitigate To Accumulate – The Bottom Line Value of Data Risk Mitigation

Mobile Devices See 466% Annual Increase in Zero-Day Attacks

Mobile malware is on the rise: Know how to protect yourself from a virus or stolen data

Mobile Zero-Day, Phishing Attacks on the Rise

Months After Hack, Scripps Health COVID Nurses Finally Being Paid Overtime

More Than 230 Companies Lose Texans’ Personal Data In Cyberattacks Over Last 6 Months

Most QNAP NAS Devices Affected by ‘Dirty Pipe’ Linux Flaw

Nasty Linux netfilter firewall security hole found

Nearly 34 Ransomware Variants Observed in Hundreds of Cyberattacks in Q4 2021

Nearly 300k Heart Patients’ Data Exposed

Nearly a third of known, zero-days discovered in 2021 targeted mobile devices

New Linux botnet exploits Log4J, uses DNS tunneling for comms

New Zealand: 5% of Kiwis experienced identity theft in 2021

Nuna Baby Essentials Data Breach – Can California Residents Claim Damages?

Organizations should be cyber-ready for cyberattacks

Organizations Still Struggling With Cloud Security

Pandemic pushes cybersecurity to top agenda in Asean boardrooms

Pandora Ransomware Hits Giant Automotive Supplier Denso

Phishing attempts against smartphones are on the rise. And those small screens aren't helping

Protecting the enterprise from lateral movement attacks

Ransomware and Crypto Stealing Virus Are Among Top Threats on Linux

Ransomware gang member extradited to US from Canada, $28M in BTC seized

Russia faces IT crisis with just two months of data storage left

Russia's invasion of Ukraine tears open political rift between cybercriminals

SMBs Increasingly at Risk from Cyberattacks

State Bar of California breach of confidential attorney discipline records worse than originally reported

Stealing devices to steal data

Surveying the cyber threat landscape: 5 risks for your company today

Targeted threat intelligence is key to protecting enterprises against cyberattacks

Ten percent have clicked on fraudulent package notification link in 12 months

The Future of Security: Surveying Your Cybersecurity Landscape

The Lapsus$ Hacking Group Is Off to a Chaotic Start

The massive impact of vulnerabilities in critical infrastructure

The role of cloud services, public tools in the Russia-Ukraine cyber conflict

Top 3 Ways Hackers Get Into Your Supplier's Network to Launch a Supply Chain Attack

Top 3 Web3 security and business risks

Top automotive tech obstacles: Cybersecurity, software quality and functional safety

Top cyber security tips for the past-pandemic era

Top threats for the financial sector

Two Sides Of The Coin: Cybersecurity As The Cost And Enabler Of Business

UK Information Commissioners Office adds to ransomware impacts with a fine for firm of solicitors

Ukraine-based hackers support Russian invasion

Ukrainian Targets Hit by Another Destructive Malware Variant

US law passed forcing companies to report cyber attacks, ransomware payments

Veeam fixes critical RCEs in backup solution (CVE-2022-26500, CVE-2022-26501)

Watch out for this Royal Mail chatbot scam

What is Cyber Threat Management?

What To Do If Your VPN is Hacked?

Why the Cybersecurity Industry Needs to Change Its Siloed Perception

Working Remotely? 14 Bad Tech-Related Habits You Need To Avoid

Your personal data is exposed to hackers — alarming report reveals mobile apps are not protecting your info

14th March

3 Ways the Cybercriminals Getcha and How to Be Prepared

93% of Organizations Have Network Vulnerabilities: Here’s How to Beat the Odds

A common acts-of-war exclusion doesn’t apply here

An Investment in Cybersecurity is an Investment in Patient Care

Australia's electricity grid increasingly vulnerable to hackers via solar panels, smart devices

Automotive giant Denso confirms hack, Pandora ransomware group takes credit

Automotive giant DENSO hit by new Pandora ransomware gang

Awareness on cyberattacks low among many firms

Azerbaijan: Electronic Security Service warns of phishing attacks spreading on behalf of International Bank of Azerbaijan (IBA)

Bridgestone Cyberattack Timeline and Ransomware Recovery Details

Building trust in a zero-trust environment

Businesses urged to beware Russian hacking threat

Canada Cops Arrests Teen Cyber-Attack Suspect

Canadian extradited to U.S. in $27 million ransomware case affecting senior living

Capital Region Medical Center and Labette Health Announce Potential PHI Breaches

Car tax scam warning shared as fake texts and emails target drivers

Catching the Evasive REvil Ransomware Gang With AI

Check Point Research identifies top malware threats to New Zealand

China captures powerful US NSA cyberspy tool

China thrilled it has captured already-leaked NSA cyber-weapon

City of Amarillo prevents attempted data breach, email down until further notice

Clever new scam targets Instagram users

Cloud Services Under Attack: Closing the Virtual Open Doors to Cyber Crime

Congress Approves Cyber Attack Reporting Requirement for U.S. Companies

Convincing new Monzo scam impersonating fraud team could see customers lose thousands

Critical infrastructure now required to report cyber incidents to CISA

Critical Infrastructure Threat as Ransomware Groups Target 'Enemies of Russia'

Cyber Vulnerability Statistics — 2021 In Review

Cybercriminals taking advantage of geopolitical tensions likely to escalate

Cybercrooks’ Political In-Fighting Threatens the West

Cybersecurity: Attacker uses websites’ contact forms to spread BazarLoader malware

Data Breach Alert: IRA Financial Trust

Data Breach Alert: Labette Health

Data Breach Alert: LFI Ft. Pierce, Inc. dba Labor Finders

Data Breach Alert: Montrose Regional Health

Data Breach Alert: Ritchie Bros. Auctioneers

Data Breach Alert: South Denver Cardiology Associates, P.C

Data Breach Alert: Sudler Property Management

Data breach at US heart disease treatment center impacts 287,000 individuals

Denso ransomware attack – Pandora gang claims to steal 1.4 TB of data

'Dirty Pipe' Linux Flaw Affects a Wide Range of QNAP NAS Devices

Discord is plagued by hackers — and users say the company doesn’t care

Fake antivirus updates used to deploy Cobalt Strike in Ukraine

Farmers should take cyberattack threat seriously, expert warns

Fraudulent text messages from 'DHL' circulating in Luxembourg

Gaming Company Ubisoft Confirms It was Hacked, Resets Staff Passwords

Getting Your Vendors on the Same Cybersecurity Frequency

Hackers target German branch of Russian oil giant Rosneft

Health data security: Protecting patients from ransomware attacks

Hit by ransomware or paid a ransom? Now some companies will have to tell the government

How data governance can minimise cybersecurity risks for private equity firms

How hackers in Belarus are complicating Putin’s Ukraine invasion

How identity theft can ruin your life, and 6 ways to protect against it

How to contain a privileged access breach and make sure it doesn’t happen again

iboss Issues School District Cybersecurity Warning

Information Commissioner’s Office (ICO) ransomware guide includes checklist for businesses

Ireland on 'high alert' for dangerous Russian cyberattack as Minster for Foreign Affairs warns of rise in threat

Is Your Webcam Hacked? Here Are The Signs To Watch Out For

It’s time to attack your ransomware recovery strategy

Japan’s Denso hit by apparent ransomware attack

K-12 cyber incident report calls for more public disclosure of cyberattacks

Know the latest mobile phishing trends to secure your device from attacks

Kronos ransomware attack raises questions of vendor liability

Leaks reveal the surprisingly mundane reality of working for a ransomware gang

Legal Practice Fined £100k After Hacker Stole Court Info

Logan Health Faces Lawsuit in Wake of Hacking Incident

Make Cyber Protection a Team Effort

Manchester hospitals warned of 'phone calls and emails from hackers' as Russia-Ukraine war rages

New CaddyWiper data wiping malware hits Ukrainian networks

New Cyber Incident Reporting Requirements for Listed Companies: SEC Calls for 4-Day Window for Publicly Traded Companies

New Emotet botnet variant spreads to over 130,000 computers worldwide

New Linux Bug in Netfilter Firewall Module Lets Attackers Gain Root Access

NFTs: The growing cybercrime risks and how to avoid them

Over 60 per cent of mid-sized Indian firms faced data breach in 2021

Over 500,000 Patients Hit by Data Breaches at Healthcare Firms in Alabama, Colorado

Over 611K Impacted in Most Recent String of Healthcare Data Breaches

PayPal Impersonated in 38% of Phishing Attacks in 2021, More Than Mastercard, Visa and American Express Combined

PII Protect Cybersecurity - How to Secure your Data

Political fallout in cybercrime circles upping the threat to Western targets

Poor data sanitization practices put public sector data at risk

Pre-war spike in phishing attacks targeting infrastructure in Ukraine

Prison service for England and Wales recorded more than 2,000 data breaches over 12 months

Protect your financial information when travelling

Protecting patients from ransomware attacks

Qakbot Email Thread Hijacking Attacks Drop Multiple Payloads

RagnarLocker Targets Critical Infrastructure, Sidestepping Security

Ransomware Attacks Up, Overall Cyber Attacks Down for K-12

Ransomware gang pays high price for its support for Russia invasion

Ransomware Payments Keep Cybercriminals in Business

Ransomware Report Points to Leadership Problems

Researchers Find New Evidence Linking Kwampirs Malware to Shamoon APT Hackers

Russian cyberattack could send US ‘back to 19th century by targeting police, hospitals and local gov to stir up unrest’

Russian Ransomware Gang Retool Custom Hacking Tools of Other APT Groups

SEC Proposes New Cybersecurity Disclosure Regime for Public Companies

Securing the perimeter is not enough to protect your data – what happens if a bad actor is already inside?

Security lessons from Ukraine war: Is India prepared to counter state-sponsored 'hybrid-war'?

Teenagers more likely to fall for a scam than pensioners

The importance of building in security during software development

The story of mobile phishing through statistics

Top eight cybersecurity predictions for 2022

Toyota Parts Supplier Denso Confirms Ransomware Attack

Toyota supplier Denso under a ransomware attack, operations remain normal

Ubisoft confirms cyber incident

Ubisoft fans need to change their passwords now

Ubisoft reveals 'security incident' forcing company-wide password refresh

UK Ferry Service Wightlink Admitted Data Breach

Ukrainian hacker linked to REvil group extradited to the United States

US: New Law Would Require Companies to Disclose Hacking

Vodafone and Mercado Libre hit by ransomware attacks

What is Breach and Attack Simulation, and How Does It Expose Your Cybersecurity Vulnerabilities?

Who Is Behind Staggering 190GB Samsung Galaxy Hack?

Who's who in the cybercriminal underground

Why Enterprise Threat Mitigation Requires Automated, Single-Purpose Tools

Why Is Social Media Security Overlooked?

Why security pros should care about hardware security