Editor's Message

Welcome to DBD. On March 8th we celebrated our 4th Anniversary and the 1st Anniversary of our PRiSM application, officially endorsed by the SANS Institute. Despite recent personal issues that have impacted the amount of time I have been able to dedicate to both projects, I have been doing my best to keep everything as up-to-date as possible, and I would like to take this opportunity to thank everyone for their patience and support whilst I navigate through this very difficult time. Stay safe. :)

Monday 11 April 2022

Data Breaches Digest - Week 15 2022

Welcome to this week's Data Breaches Digest, a catalogue of links concerning Data Breaches and Cyber Security that were published on the Internet during the period between 11th April and 17th April 2022.

17th April

Beware Of These Scam Apps On The Mac

Concerns raised over Dorset Council's data protection

Contra Costa County reports 2021 data breach that may have exposed personal information

Critical RCE Flaw Reported in WordPress Elementor Website Builder Plugin

Cryptocurrency ransomware attacks cross milestone with Russian group Conti leaks

Cybersecurity expert shares information on cyber threats

How Blockchain Bridges Became Hackers’ Prime Targets

How to spot and avoid identity theft

Hydra Loses Head: Russia Collars Mastermind Of The World’s Biggest Darknet Marketplace

Instagram account warning: Don’t be fooled by Russian email scam

Intelligence Bureau (IB) & central cyber security agencies join probe into Oil India Limited (OIL) ransomware attack

Karakurt data thieves linked to larger Conti hacking group

Lessons learned from 633 destructive ransomware events

MetaMask warns Apple users over iCloud phishing attacks

Microsoft takes on the ZLoader criminal network

New Hacking Campaign Targeting Ukrainian Government with IcedID Malware

North Korea Targeting Crypto Companies, Says DeFiance Capital Founder

North Korean Hackers Pulled off $620 Million Crypto Heist, FBI Says

Pay up or play different? Five tips for beating ransomware with backups

Second round of patients receives ransomware breach notices nearly a year after Scripps Health attack

Strong password can prevent you from becoming cybercrime victim

Students should know the difference between spam and phishing

Surprising cybersecurity weak points business owners should look out for

Tech firms crack down on cybercrime gang

There’s A New Phishing Scam! Here’s How To Keep Your Metamask Safe

These scams are most successful at tricking South Africans out of their money

Top 10 Cybercrime Trends to Beware of in the Digital World

Why Mobile Protection Is a Critical Piece of Your Security Puzzle

16th April

5 ‘Social Engineering’ Scams - How to Identify Them and Avoid Getting Hacked

'Basic' spreadsheet error leads to more pain in Teaching Council privacy breach

California's privacy law was supposed to be a model. Then lobbyists got to work

Council tax rebate scam warning as fraudsters target £150 scheme

Estonia could become greater target for Russian cyber attacks

FBI Warns that Hackers Attack Users of Digital Payment Apps to Make Instant Money Transfers

Fighting cybercrime: What's next for Microsoft 365

Georgian National Bank warns consumers about phishing cases

GitHub: Hackers Stole OAuth Access Tokens to Target Dozens of Firms

Good websites, sketchy ads: Computer scientist explains how scams are marketed online

Here's why your digital footprints are more than a privacy risk

How to keep your online practice management software secure

Instagram warning: Don’t be fooled by Russian scam that’s trying to steal your account

Instagram's Free iPhone Promo is a Scam; Here's the Signs to Look Out For

Intelligence Bureau (IB), Central cyber security agencies to probe ransomware attack on Oil India

Latest Update for Google Chrome Fixes Actively Exploited 0-day Flaw

Lazarus Group Behind $540 Million Axie Infinity Crypto Hack and Attacks on Chemical Sector

Local municipality fights 'cyber security incident' after flood of spam emails

McDonald’s is Informing its Costa Rica Customers About a Data Breach

Mute Button of the Video Conferencing Apps May Not Be Working Like You Think It Does

New Industrial Spy stolen data market promoted through cracks, adware

Over 8 Million Customers Affected by Cash App Investing Security Breach

Police in Wales warn people to have their eyes open for this Easter scam

Russian ransomware group Conti hurt by leaks amid Ukraine fighting

Scripps notifies 'newly identified' patients impacted by cyberattack

Summit County warns of phishing email masquerading as official government news

The US Just Tied This Massive Crypto Theft To North Korean Hackers

The workforce can be cyber heroes if given the chance

Web3 technology users face new and recycled security risks, study shows

What Are the Relative Benefits of Cybersecurity Automation?

Why Art Buyers Fear Their Information is a Cyber Risk When Sharing Their ID Documents Via Email

Why Do Ransomware Attackers Use Bitcoin?

Why it is important to have a backup plan for cybersecurity breaches

Why organizations must detect ransomware as early as possible

15th April

3 critical elements of a K-12 cybersecurity strategy

4 reasons why you need cyber liability insurance in New Mexico

4 Things Your Employees Are Doing Right Now That Are Compromising Your Network

10 things CISOs need to know about zero trust

14% surge in data breach disclosures in Q1 2022

Almost half of businesses have suffered a data breach in recent years

Anonymous Targets Vladimir Putin, Claim To Have Hacked Into Kremlin’s Spy Satellite

Attack on Panasonic Canada Shows Conti is Still Dangerous

Attackers unleash LockBit ransomware on US government computers

Avoid falling victim to scammers

Can Russia and the West Avoid a Major Cyber Escalation?

CISA orders agencies to fix actively exploited VMware, Chrome bugs

Cisco vulnerability lets hackers craft their own login credentials

Conti Ransomware Gang Claims Cyberattack on Wind Turbine Giant Nordex

Conti Ransomware Gang Hits German Wind Turbine Giant Nordex

Corvus: Ransomware costs, ransom payments declining

Critical Microsoft RPC runtime bug: No PoC exploit yet, but patch ASAP (CVE-2022-26809)

Cryptocurrency DeFi platforms are now more targeted than ever

Cyber extortion group Karakurt linked to Conti and Diavol ransomware groups

Cyber warfare: How to empower your defense strategy with threat intelligence

Cybercriminals do their homework for latest banking scam

Dark data is a pain point for many security leaders

Data Breach Alert: Davis Instruments

Data Breach Alert: Jon-Don, LLC

Data Breach Alert: Rokstad Power, Inc

Data Breach Alert: TransNational Bankcard, LLC

Data Breach Update: CMG Mortgage, Inc

Data Breach Update: DNA Diagnostics Center, Inc

Digital transformation introduces security tradeoffs

Do you know how much a data breach can cost you?

Don’t be a 2-factor 'phushover'

Extortionist hacker group makes 2 attacks on Russian companies

Fake emails targeting Instagram accounts

Federal Motor Carrier Safety Administration (FMCSA) issues email phishing scam alert

Feds offer $5m reward for info on North Korean cyber crooks

Genetec warns public sector to reduce cyber vulnerability of physical security systems

Georgian central bank warns public of increased phishing cases

Getting to Zero-Trust Solution Design

GitHub: Attacker breached dozens of orgs using stolen OAuth tokens

GitHub Says Hackers Breached Dozens of Organizations Using Stolen OAuth Access Tokens

Google issues third emergency fix for Chrome this year

Government Advisory Warns of Pipedream Malware Aimed at ICS

Hardening physical security solutions to protect against cyberattacks

Haskers Gang Gives Away ZingoStealer Malware to Other Cybercriminals for Free

How Cryptocurrency Gave Birth to the Ransomware Epidemic

How MSSPs Can Create An Effective Ransomware Response Plan

How to Design an Effective Cybersecurity Awareness Training Program for SMB Employees

How To Tell Whether It’s Really Your Bank Contacting You — or a Scammer

Illicit crypto transactions hit a record high last year

In recent years, more than half of all businesses have experienced a data breach

Intelligence Bureau, Central cyber security agencies to probe ransomware attack on Oil India

IoT Device Discovery & Security: How Important Is It?

JekyllBot:5 Flaws Let Attackers Take Control of Aethon TUG Hospital Robots

Karakurt Ensnares Conti, Diavol Ransomware Groups in Its Web

Karakurt revealed as data extortion arm of Conti cybercrime syndicate

Learn How To Safe Your Data By Hackers

Microsoft intercepts ransomware-spreading botnet

Multiple lawsuits against SuperCare allege FTC, HIPAA violations in 2021 breach

'Mute' button in conferencing apps may not actually mute your mic

North Korea Is Targeting Entire Crypto Space

North Korea Targeting Prominent Crypto Organizations

North Korea's Lazarus cyber-gang caught 'spying' on chemical sector companies

North Korean hackers target gamers in $615m crypto heist

Philippines execs assume they'll never be attacked by ransomware

Prolific cyber extortion group Karakurt might be a Conti side hustle

Q1 Reported Data Compromises Up 14% Over 2021

Quick tips on how to make your home office secure

Ransomcloud: Ransomware's Latest Manifestation Targets the Cloud

Ransomware groups go after a new target: Russian organizations

Royal Spanish Football Federation loses confidential information to hackers

Scammers Are Using Fake SMS Bank Fraud Alerts to Phish Victims, FBI Says

Scammers use fake SMS bank fraud alerts to phishing victims

Scottish Power scam alert as cash prize fraud sent in texts

Second round of patients receives ransomware breach notices nearly one year after Scripps Health attack

Securities and Exchange Commission (SEC) Proposes New Cybersecurity Disclosure Rules on Incident Reporting, Risk Management, Strategy, and Governance

Security flaw in Rarible NFT platform allowed attackers to steal crypto assets

Spring4Shell Vulnerability Exploited To Spread Mirai Botnet Malware, According to Security Researchers

Star loses $500,000 NFT after crooks exploit Rarible market

SuperCare Health Class Action Alleges Negligence Led to Breach of Medical Records

T-Mobile customers warned of unblockable SMS phishing attacks

The 5 Most Common Security Concerns in the Emerging New Web 3.0 World

The Business Case For Simplifying Cybersecurity

The Irish Data Protection Commission Widens the Definition of “Personal Data Breach,” as Well as the Approach to Timely Notification

Ukraine Proves Cyber War Has No Borders

Understanding SASE and Zero-Trust to Strengthen Security

Unmanaged and unsecured digital identities are driving rise in cybersecurity debt

Urgent Team Holdings Reports Breach of the PHI of 166,600 Individuals

Warning of fake Instagram emails claiming someone is trying to 'recover your password from Russia'

What CISA Wants Critical Infrastructure Partners to Report on Cyber Incidents

What is rogue software?

What Should You Do if Your Information Is Found on the Dark Web?

Who Are The Hackers Behind $625 Million Crypto Theft?

Why You Need to Set Up Two-Factor Authentication ASAP

14th April

92% of data breaches in Q1 2022 due to cyberattacks

2021 average ransoms paid by quarter was $167K, down 44.2%

A robust security strategy starts with the hardware

APT group has developed custom-made tools for targeting ICS/SCADA devices

As State-Backed Cyber Threats Grow, Here's How the World Is Reacting

Attackers are exploiting VMware RCE to deliver malware (CVE-2022-22954)

Balooning growth of digital identities exposing organizations to greater cybersecurity risk

Broken password check algorithm lets anyone log into Cisco's Wi-Fi admin software

Business teams increase cybersecurity risk due to poor SaaS management

Businesses need to be as proactive about cyber defenses as they are about the ongoing digital revolution

Canada: Queen's University Life Sciences students facing mass data breach

Ciox health data breach at Mercy Health potentially exposes PHI, 32 other providers affected

Consumers feel data leakage is inevitable so many have stopped caring

Consumers have dwindling trust in companies to keep user information safe

Credit card industry standard revised to repel card-skimmer attacks

Critical Auth Bypass Bug Reported in Cisco Wireless LAN Controller Software

Critical VMware Cloud Director Bug Could Let Hackers Takeover Entire Cloud Infrastructure

Critical Windows RPC CVE-2022-26809 flaw raises concerns — Patch now

Data Breach Disclosures Surge 14% in Q1 2022

Don't let ransomware crooks spend months in your network – like this government agency did

Don't Want Your Phone Carrier Selling Your Personal Data? You Can Tell It to Stop

Doubts over mitigation advice for Microsoft remotely exploitable flaw

Elementor Fixes Critical Bug in Popular WordPress Plugin

Evolution of ransomware reaches dangerous levels of sophistication

Extended cyber detection and response facing implementation challenges in APAC

Fake Phishing Email Sent by Oregon Health & Science University (OHSU) to Gauge Employee Gullibility Draws Sharp Criticism from Labor Union

FBI: Payment app users targeted in social engineering attacks

FBI links largest crypto hack ever to North Korean hackers

FBI warns hackers have developed tools designed to 'gain full system access' to the sensitive computer systems used to operate energy facilities

Feds: APTs Have Tools That Can Take Over Critical Infrastructure

Feds Disrupt Cyberattack Aimed at Pacific Communications

Flaw in Rarible NFT market allowed tricky crypto asset transfers

Follow CISA’s four best practices for staying safe against potential Russian cyberattacks

From criminal enterprise to big business: The evolution of ransomware reaches new, dangerous levels of sophistication

Google Chrome emergency update fixes zero-day used in attacks

Google Releases Urgent Chrome Update to Patch Actively Exploited Zero-Day Flaw

Hackers target Ukrainian government with IcedID malware, Zimbra exploits

Holiday-themed phishing emails most likely to get clicks

Hospital robots face attacks by hackers after security flaws found

How cybercriminals are creating malicious hyperlinks that bypass security software

How to Stop Octo Malware From Remotely Accessing Your Android

Illinois' Lincoln College on brink of closure months after ransomware attack

Insurance companies increasingly fall prey to cyberattacks

Leaked documents show notorious ransomware group has an HR department, performance reviews and an ‘employee of the month’

Malware is Getting Better at Evading Security Software

Meet ZingoStealer: the Haskers Gang's new, free malware

MetroHealth Data Breach Involved 1700 Patients

Microsoft: We've just disrupted this ransomware-spreading botnet

Microsoft and Partners Disrupt Prolific ZLoader Botnet

Microsoft details how China-linked crew's malware hides scheduled Windows tasks

Microsoft Disrupts ZLoader Cybercrime Botnet in Global Operation

Microsoft increases awards for high-impact Microsoft 365 bugs

More than 40% of SMBs surveyed have been hit with a cybersecurity breach

New EnemyBot DDoS Botnet Borrows Exploit Code from Mirai and Gafgyt

New heavyweight on the ransomware scene

New ZingoStealer infostealer drops more malware, cryptominers

Oil India Suffers Cyber Attack, Gets Rs 57 Crore Ransom Demand

OldGremlin ransomware deploys new malware on Russian mining org

Over 8 Million Cash App Users Potentially Exposed in a Data Breach After a Former Employee Downloaded Customer Information

Palo Alto Networks Survey Reveals Cloud Security Challenges

Police urged critical infrastructure operators to reinforce security following hotel cyber attack

Protecting your Law Firm against Ransomware Attacks

Ransomware: the number one cyber threat for enterprises and SMEs

Ransomware: These two gangs are behind half of all attacks

Ransomware activity falls 25% in Q1 2022

Ransomware attacks ease after peaks in early 2021

Rarible NFT Marketplace Flaw Could've Let Attackers Hijack Crypto Wallets

Research reveals that IAM is too often permissive and misconfigured

Rhode Island Public Transit Authority (RIPTA) paid hackers $170K in ransomware attack

Rhode Island Public Transit Authority (RIPTA) says it paid hackers $170K in ransom money after massive data breach

Russia, US among most-breached countries in Q1 2022

Secrets To Recovering Your Cloud Environment Rapidly From Ransomware

Security Leaders Voice Concerns Over Dark Data

Software Supply Chain Attacks: Clear and Present Danger

The perils of SaaS misconfigurations

The two words you should never forget when you’re securing a cloud

Toei Animation Hack Revealed as Ransomware Attack

Touchstone imaging reports data breach to state

U.S. ties North Korean hacker group Lazarus to huge cryptocurrency theft

Unpatched Vulnerabilities Put Healthcare Organizations at Risk

US Treasury links North Korean hacker group Lazarus to $600M Axie Infinity heist

US warning: Hackers have built tools to attack these key industrial control systems

We’re in a ransomware doom loop. How do we fix it?

What is DNS filtering?

What makes an identity? 

Why Cyber Security Pros Are Talking About Ermenegildo Zegna

Why You Need Geopolitical Monitoring

Wind turbine firm Nordex hit by Conti ransomware attack

Windows 11 tool to add Google Play secretly installed malware

ZLoader botnet campaign ‘a wakeup call’ on how ransomware can evolve

13th April

2 years later: What's next in security for the pandemic-era workforce

4 must-have SaaS security posture management capabilities

5 Techniques to Fight Ransomware That MSSPs Can’t Ignore

70 GB of Globant Data Leaked, Hackers Claim it’s Customer Source Code

A Cyber Hygiene Strategy: Cyber Insurance Endorsements

A New Form of Malware Imitates the Phone Call Interface of Banks to Trick Users into Handing Over User Data

African banking sector targeted by malware-based phishing campaign

African banks heavily targeted in RemcosRAT malware campaigns

After a brief decline, organizations once again are bombarded with ransomware

Anonymous-affiliated hacking group which claimed it hacked Moscow’s space agency last month used Russia’s own ransomware against it

April Records First Patch Tuesday of 2022 with 100+ CVEs

Bet9ja’s hit by CYBER CRIMINALS, company assures customers data, funds are intact

BlackCat targets corporate environments

Bosley Data Breach $500K Class Action Settlement

Can Big Tech be reined in without hurting cybersecurity or innovation?

Capitalizing on a Crisis: What Global Events Mean for Cybersecurity

CISA adds 8 known security vulnerabilities as priorities to patch

CISA warns orgs to patch actively exploited Windows LPE bug

Clueless hackers spent months inside a network and nobody noticed. Then a ransomware gang took over

Creating Security Operations That Stay Ahead of Risks

Critical Apache Struts RCE vulnerability wasn't fully fixed, patch now

Critical flaw in Elementor WordPress plugin may affect 500k sites

Critical RCE Vulnerability in Elementor WordPress Plugin

Critical VMware Workspace ONE Access Flaw Under Active Exploitation in the Wild

Critical vulnerabilities uncovered in hospital robots

Cyber Essentials: 5 Controls That You Need to Know

CyberCatch survey reveals 75% of SMBs say they would be able to survive only 3 to 7 days from ransomware attack

Cybersecurity is getting harder: More threats, more complexity, fewer people

Cyprus: Government issues urgent cyber security to-do list

Data Breach Alert: Florida International University

Data Breach Alert: WellStar Health System

Data breach at MetroHealth affected some patient records

Data Breaches Up in First Quarter of 2022

Data Resiliency: A what-if story

Department of Homeland Security (DHS) investigators say they foiled cyberattack on undersea internet cable in Hawaii

Easter Phishing Emails Exploit Holiday to Spread Emotet

Enemybot: a new Mirai, Gafgyt hybrid botnet joins the scene

Entertainment & Media – The Next Big Cyber Attack Target?

Ermeneglido Zenga Files Notice of Recent Data Breach

“Ethical Hacker” Stole Half a Million in Crypto From Elderly Person

Even Today, Phishing Attacks Remain a Popular Cyberattack Method

FBI, Europol Seize RaidForums Hacker Forum and Arrest Admin

FBI, top officials, explain how to shield yourself from costly cyber attacks

Feds Shut Down RaidForums Hacking Marketplace

Financial firms increasingly targeted by cybercriminals

Four critical cyber attack prevention strategies in 2022

Growing Attacks Underscore the Importance of API Security

Hackers exploit critical VMware CVE-2022-22954 bug, patch now

Hacking forum RaidForums shut down and founder arrested in global police operation

Hacking, misinformation, abuse – Facebook on the frontlines of Ukraine info war

Home Office’s visa service apologises for email address data breach

Hospital robots face attack by hackers after critical security flaws found, experts warn

How government bodies can avoid the cybersecurity pitfalls of video conferencing

How to Keep Your Computer Secure

How to Optimize Data Security at Hotels

How to tackle cybersecurity debt

How to tell you’re being phished and 9 other common online scams to watch out for

Identity Theft Resource Center Report: Data Breaches Increase; Victim Rates Drop in Q1 2022

In Case of Crisis: Third-Party Risk Across Three Dimensions

Independent security audits are essential for cloud service providers. Here’s why

Information commissioner: ‘Many cyber issues are preventable’

Instagram beyond pics: Sexual harassers, crypto crooks, ID thieves

Joint Alert Warns Advanced Hackers Have Developed Tool Targeting Industrial Control Systems

Keeping a lid on cyber insurance costs

KnowBe4 Finds Holiday-Themed Emails Entice Employees to Click

Low awareness biggest cybersecurity challenge for 93% Indian companies

Malware campaigns targeting African banking sector

Malware Developers Are Targeting These 10 2021 Security Bugs

Managed Service Providers (MSPs) remain ransomware targets

March 2022 data breach roundup

Microsoft disrupts Zloader malware in global operation

Microsoft Exposes Evasive Chinese Tarrask Malware Attacking Windows Computers

Nearly half of small businesses say they’ve experienced a cyber breach

New EnemyBot DDoS botnet recruits routers and IoTs into its army

New Fodcha DDoS botnet targets over 100 victims every day

Oil India Limited (OIL) gets Rs 57 crore ransom demand from cyber attacker

Organizations are Under-Prepared to Effectively Mitigate Against the Risks and Impact of Ransomware Attacks

Over 100 patches issued by Microsoft for April; two zero-days, one exploited

Overall Cybersecurity Threats Remain High for New Jersey

Patients increasingly suing hospitals over data breaches

PHI Potentially Accessed in Ballad Health Email Data Breach

Phishing Scam Tricks You Into Thinking You Bought an iPhone

Possible data breach at CitySprint driver portal

Preparing for the dire cybersecurity consequences of Russia’s invasion of Ukraine

RaidForum dismantled by joint security operation

Ransomware attack affects Oil India Limited (OIL) server, services affected severely

Ransomware Breach Victim Numbers Fall by 25% in Q1 2022

Ransomware Claims Trending Downward, Insurance Firm Says

Report, Predicts Continued Financial Losses from Ransomware Attacks on MSP Industry

Rising attacks on maritime assets, use of infostealers trigger alarm

Russia and Ukraine are weaponizing cloud technology amid conflict

Russian Hackers Tried Attacking Ukraine's Power Grid with Industroyer2 Malware

Singapore: 80% of organisations experienced ransomware attacks in 2021

Supply chain cyberattacks jumped 51% in 2021

T-Mobile May Have Tried To Buy Back Some Leaked Data

T-Mobile tried to buy stolen customer data back, but failed

The growing threat of phishing attacks on the mortgage industry

The intersection of cloud and ransomware calls for public sector to remain more diligent

The Philippines: National Bureau of Investigation (NBI) to file raps against Smartmatic employee linked to data breach

Three tactics for security providers in the age of Dark Web collaboration

U.S. Warns of APT Hackers Targeting ICS/SCADA Systems with Specialized Malware

Ukraine Thwart Russian Industroyer 2 Malware Attack on Energy Provider

Ukrainian Energy Supplier Targeted by New Industroyer Malware

US Cyber Insurance Sees Rapid Premium Growth, Declining Loss Ratios

US warns of government hackers targeting industrial control systems

VMware Confirms Workspace One Exploits in the Wild

We Still Haven’t Learned the Major Lesson of the 2013 Target Hack

Western Hackers Used Russia's Own Ransomware Against It In Cyberattack on Roscosmos

What is phishing? Examples, types, and techniques

Where Everything Old is New Again: Operational Technology and Ghost of Malware Past

Who is your biggest insider threat?

Who needs cyber security

Why did ransomware claims drop 30% in Q1 2022?

Why quickly patching your iPhones and Macs is more important than ever

With Vulnerability Management, Enterprises Seek to Get Proactive

Wind Turbine Giant Nordex Hit By Cyber-Attack

Your favorite platforms are storing personal data

12th April - Identity Management Day

4 ways to innovate enterprise cybersecurity

99% of cloud identities are overly permissive, opening door to attackers

500,000 Impacted by Email Breach at Illinois Healthcare Firm

Accounts Deceivable: Email Scam Costliest Type of Cybercrime

Anonymous Hits 3 Russian Entities, Leaks 400 GB Worth of Emails

Anonymous Hits Russian Ministry of Culture - Leaks 446GB of Data

Are Smart Buildings the Next Target for Cyberattacks?

Attackers Infiltrate a Single Server for Five Months, Using it to Browse Online for Tools to Help Them With Further Parts of the Attack

Australia: Is the New Security Legislation Enough?

Backup gap means organisations continue to lose data

Bangladesh: Youth hacks 2,500 Facebook accounts

Beware “bill has been paid, here’s a gift” scam text messages

BlackCat Is the Latest Successor of Ransomware Group, BlackMatter

BlackCat targeting corporate world with new malware

Cayman Islands: Ministry exposes names of 1000s of stipend recipients

CISA’s Shields Up: What it is, how to use it

Consumers Increasingly Numb to Data Breach Risks

Conti ransomware attack on UK’s largest Ford dealer TrustFord

COVID-19, The Silent Hacker

Critical HP Teradici PCoIP flaws impact 15 million endpoints

Critical LFI Vulnerability Reported in Hashnode Blogging Platform

Cyber Crimes In India Witness 572% Increase In Last 3 Years! 14 Lakh Cases In 2021 Recorded By Government

Cyber security – a time for increased vigilance?

Cybersecuring the Pipeline

Cyberthreats against digital payment methods rising in Southeast Asia

Data Breaches and Cyber Attacks Quarterly Review: Q1 2022

Data democratization leaves enterprises at risk

Data privacy, security top challenges for cloud implementation

E.U. Officials Reportedly Targeted with Israeli Pegasus Spyware

Ethical Hacker Steals $600,000 Worth of Crypto

FBI Seizes RaidForums and Arrests Alleged Founder Diogo Santos Coelho

Fox configuration error leads to 13 million users data becoming public

Globant confirms major data breach after Lapsus$ leaks source code online

Hacked: Construction Contractor E.R. Snell Shares How to Bounce Back from a Cyberattack

How Law Firms Can Avoid Data Breaches Using the Cloud

How to Manage Patching in Infrastructure to Protect Against Cyber-Attacks?

How to Optimize Data Security at Hotels

How To Protect Your Devices From Cyber Threats

How US cybersecurity trends can help the UK prepare itself

How we can mitigate the potential threat to data privacy in the metaverse

HubSpot data breach: Hackers compromised employee account, exfiltrated data

Hydra Darknet Market Offline After German Police Operation, $25 Million in Bitcoin Seized

Illinois Clinic Says Nearly 503,000 Affected in Email Breach

In Germany, Industrial Sector Hit Hardest by Ransomware in 2020 and 2021

Increase in Class Action Lawsuits Following Healthcare Data Incidents

LockBit ransomware gang lurked in a U.S. government network for months

March 2022’s Most Wanted Malware: Easter Phishing Scams Help Emotet Assert its Dominance

Massive Growth of Digital Identities Is Driving Rise in Cybersecurity Debt

Menswear Brand Zegna Reveals Ransomware Attack

Microsoft: New malware uses Windows bug to hide scheduled tasks

Microsoft fixes actively exploited zero-day reported by the NSA (CVE-2022-24521)

Microsoft Issues Patches for 2 Windows Zero-Days and 126 Other Vulnerabilities

Microsoft Zero-Days, Wormable Bugs Spark Concern

NGINX Shares Mitigations for Zero-Day Bug Affecting LDAP Implementation

NSO’s Pegasus Attacks the iPhones of Key EU Officials

Ohio listed No. 7 for number of victims of cybercrime country-wide in 2021

Oil India Limited under major ‘cyberattack’

Only half of organizations reviewed security policies due to the pandemic

Organizations better prepared to fight ransomware, but gaps remain

Panasonic Canadian operations suffer data breach

Personal data breach at defunct cryptocurrency trading site AlphaEx

Protecting Against Multi-Factor Authentication Hacks

Purifying Water of Cybersecurity Threats

Qbot Botnet Deploys Malware Payloads Through Malicious Windows Installers

Qbot malware found smuggled inside Windows Installer packages

Qbot malware that steals your financial information turns against Windows users in phishing mode: this is how you can protect yourself

RaidForums Hacker Marketplace Shut Down in Cross-Border Law Enforcement Operation

RaidForums hacking forum seized by police, owner arrested

Raidforums marketplace shut down in global operation

Ransom DDoS attacks have dropped to record lows this year

Ransomware payments hit new records as Dark Web leaks climb

Researchers successfully stop Russian attack against Ukrainian energy company

Roscosmos hit by cyber-attack using Russian inspired ransomware

Russia Gets Hit With A Cyberattack Using Its Own Ransomware

Sandworm hackers fail to take down Ukrainian energy provider

Sandworm hackers tried (and failed) to disrupt Ukraine’s power grid

Security information and event management (SiEM): A Complementary Approach to Addressing DDoS

Simple Yet Vital Crypto Security Tips for Beginners and Pros

State of Security 2022 Report Reveals Increase in Cyberattacks While Security Talent Remains Scarce

Storage: An essential part of a corporate cybersecurity strategy

Supply Chain Attacks Jump 51% In Second Half of 2021

T-Mobile allegedly tried to buy leaked data from a hacker forum for $200k

T-Mobile may have secretly attempted to buy customer data leaked in 2021 hack

Terrible cloud security is leaving the door open for hackers. Here's what you're doing wrong

The benefits of cyber risk quantification in the modern cybersecurity landscape

The high price of free Wi-Fi: Here's why you never connect to an insecure network

The Quest to Improve Security, Privacy of Third-Party Health Apps

The Ultimate Guide to Vulnerability Management of Systems and Processes

These hackers pretend to poach, recruit rival bank staff in new cyberattacks

This Windows malware aims to steal your social media passwords

Three Best Practices to Prevent Identity Fraud

Time for Florida’s local governments to prepare for cyber attacks

Ukraine Charitable Donation Scams Are Misusing the Name of a Legitimate Charity

Ukraine says it has stopped Russian hackers who were trying to attack its power grid

Ukrainian power grid 'lucky' to withstand Russian cyber-attack

US Forms Bureau of Cyberspace and Digital Policy

US Government Has Three Weeks to Patch Cyclops Blink Bug

US Secret Service, FBI, Europol Bust One Of World’s Biggest Hacking Sites, Arrest 21-year-old Founder

What is a cryptoscam, and how to avoid falling victim to one

Why cybersecurity is so important for musicians

Why Healthcare Needs Better Data Security

Why Multi-Factor Authentication Isn’t as Secure as Financial Institutions Think

Why Protecting Insurers’ Digital Assets Is More Important than Ever as Russia-Ukraine Conflict Continues

Your Best Cyber Defense Against Ransomware and More? Understanding Your Enemy

11th April

6 Ways Hackers Are Complicating the War in Ukraine

67% of app developers have shipped code with known vulnerabilities

2022 and the evolving threat landscape

Accounts deceivable: Email scam costliest type of cybercrime

Alert fatigue crippling security operation centers

Android banking malware intercepts calls to customer support

API security vulnerability in FinTech platform could have enabled account takeover

Arizona Expands Regulator Data Breach Notification Obligations

At small and rural hospitals, ransomware attacks are causing unprecedented crises

Attackers exploit Spring4Shell flaw to let loose the Mirai botnet

Bet you didn’t think that remote workers are vulnerability points, here are 3 ways how

BlackCat Attack on Betting Company Disrupts Service

BlackCat ransomware group claims attack on Florida International University

Borat RAT: Funny Name, Serious Threat

CISA warns orgs of WatchGuard bug exploited by Russian state hackers

Cybersecurity: Travel sector in the crosshairs of hackers

Cybersecurity investment is broken

Data Privacy: Don’t let the pandemic loosen your guard

Don’t Underestimate Ukraine’s Volunteer Hackers

Eavesdropping scam: A new scam call tactic

Embedded devices remain vulnerable to ransomware threats

EU Officials Targeted with Pegasus Spyware

Everyone wants to replace passwords. What about banning them?

Federal Complaints Citing Ransomware Continue to Climb

Fighting Back Against Ransomware Endpoint Threats

FIN7 Pen Tester Gets Five Years Behind Bars

FOX News Exposed 13 Million Sensitive Records Online

Fraudsters Steal £58m in 2021 Via Remote Access Tools

Healthcare Data Breach Lawsuits On the Rise, Report Shows

HHS HC3: Beware of Lapsus$, Email Marketing-Related Threats

How can UK small businesses protect against cyber threats?

How to achieve better cybersecurity assurances and improve cyber hygiene

How to Keep Your Crypto Safe? 10 Security Tips

How To Protect Your Company From Magecart Attacks

How to Secure Your Email From Common Hacking Threats

Human activated risk still a pain point for organizations

Increased Enterprise Use of iOS, Mac Means More Malware

It’s not a case of if, but when – firms face growing cyber attack threat

K-12 School Districts and the Cybersecurity Challenge

Kenosha-based toolmaker Snap-on Inc. is the victim of a large data theft

Lapsus$ Group Exposes Internal Threats Are Also External Threats

Luxury fashion house Zegna confirms August ransomware attack

Microsoft Takes Down Domains Used in Cyberattack Against Ukraine

Microsoft Takes Down Russia’s Strontium Allies Attacking Ukraine

More organizations are paying the ransom. Why?

Only 61% Indian firms believe their board truly understands cybersecurity

Organizations must be doing something good: Payment fraud activity is declining

Orgs Increase Focus on Automating Access Control Management

Over 16,500 Sites Hacked to Distribute Malware via Web Redirect Service

OWASP Shines Light on Three New Risk Categories

Panasonic hit by second cyberattack in less than six months

Pandemic Two Years On: The Security Challenge of Hybrid Working

Qbot malware switches to new Windows Installer infection vector

Raspberry Pi Ditches Default Logins to Boost Security

Researchers warn of FFDroider and Lightning info-stealers targeting users in the wild

Scam alert: Don’t click on these voicemail links in your email inbox

Scammed by a monkey: Inside the dazzling world of NFT heists

Singapore begins licensing cybersecurity vendors

South Africa: Getting to grips with the Cybercrimes Act

Spring4Shell flaw is now being used to spread this botnet malware

Strong multi-factor authentication key to protecting critical infrastructure providers

SummaCare data breach affects 1,100 members

SuperCare Data Breach Involves More Than 300,000 Individuals

SuperCare Health discloses data breach affecting 300k individuals

Third npm protestware: 'event-source-polyfill' calls Russia out

This Cybersecurity Report Analysed 35 Billion Transactions and Here Are Its Key Findings

Wellstar Health notifies patients of data breach

What Causes Most Data Breaches?

What Is Biometric Authentication?

What is the Difference Between MFA vs. SSO?

Who is responsible for supply chain security?

Why you need to protect your identity in the digital world

XSS vulnerability patched in Directus data engine platform