Editor's Message

Welcome to DBD. On March 8th we celebrated our 4th Anniversary and the 1st Anniversary of our PRiSM application, officially endorsed by the SANS Institute. Despite recent personal issues that have impacted the amount of time I have been able to dedicate to both projects, I have been doing my best to keep everything as up-to-date as possible, and I would like to take this opportunity to thank everyone for their patience and support whilst I navigate through this very difficult time. Stay safe. :)



Monday 23 May 2022

Data Breaches Digest - Week 21 2022

Welcome to this week's Data Breaches Digest, a catalogue of links concerning Data Breaches and Cyber Security that were published on the Internet during the period between 23rd May and 29th May 2022.


29th May

3 most common - and dangerous - holes in companies’ cyber defenses

5 Cybersecurity Tips You Should Follow

6 Common Security Threats That Retail Investors Should Know

A unified cyber security strategy is the key to protecting businesses

Bangladesh: Orgs paid hackers around Tk 7cr to get data back

Better Cybersecurity at Sea Starts With the Crew

Cybersecurity: Companies brace for more cyber attacks

Cybersecurity incidents – the most common causes

Data leaks on the increase, says Belgium’s Data Protection Authority

EnemyBot malware adds exploits for critical VMware, F5 BIG-IP flaws

FBI claims VPN credentials of US universities are being sold on Russian cybercrime forums

FBI Warns About Hackers Selling VPN Credentials for U.S. College Networks

Five ways hackers gain access to your phone and what you can do to prevent them

Global tech industry objects to India’s new infosec reporting regime

Gmail and Outlook alert: Police warning about energy rebate emails

Hacker Gets “Scammed” as Solana Community Gets Back Stolen Collectibles

How Failing to Prioritize Cyber Security can Hurt Your Company

India: A sneak peek into a global factory of phishing websites that even impersonate the Finance Ministry

Mobile trojan detections rise as malware distribution level declines

New 'GoodWill' Ransomware Forces Victims to Donate Money and Clothes to the Poor

New Ransomware Asks for Acts of Kindness to Get your Files Back

New Snake Keylogger Campaign Drops Malware Via Malicious PDF Files

New Variant of Magniber Ransomware is Targeting Windows 11 Users

New Yorker imprisoned for role in carding group behind $568M damages

Ransomware: Why Paying the Ransom Won’t Help You

Ransomware attacks on US hospitals put patients at risk

Ransomware Continues as the Top Threat, Telecommunications Is Most Affected Industry

Ransomware Goes to Business School

Ransomware Threats Are Becoming Bigger: According To A Report By Microsoft

Spirit Super (TasPlan) Data Breach

There are worrying gaps in cybersecurity training in law firms

This is how cybercriminals’ ‘customer support’ works if you pay a ransom but still have trouble getting your PC back

Threats in the shadows: Combatting Radio Frequency (RF) attacks with geofencing

Top 10 Tips For Safe Online Banking

U.S. lacks full picture of ransomware attacks, Senate panel finds

US Government Guidelines for Cybersecurity Against Russian Threats

What Is Digital Asset Security? What Are the Risks Associated With It?

28th May

4 Ways Digital Privacy and Security Have Improved In 2022

5 Social Engineering Techniques And How To Prevent Them

142 million data records stolen from MGM resorts published on Telegram

A unified cyber security strategy is the key to protecting businesses

American Agencies Issue A Warning Against the Influx Of North Korean In Cryptocurrency Jobs Online

Android malware that steals passwords puts billions of users at risk

BlackCat ransomware gang targets Austrian state, demands a $5m ransom

Clop ransomware gang is back, hits 21 victims in a single month

Cyberattack against Regina Public Schools likely ransomware

Cybersecurity: The Risks When A Cybercriminal Obtains A Home Address

FBI raises alarm about the emergence of the vicious BlackCat ransomware gang

FBI Warns that Hackers Selling Login Credentials That Gives Access to Colleges and Universities

Four in 10 Australian SMEs hit by cyberattacks during pandemic

General Motors' customer accounts breached in a credential-stuffing attack

Google Chrome only blocking a quarter of phishing websites

Hacker Flew Away With 29 Moonbirds Taking Advantage Of NFT Collector’s Oblivion

How scammers steal NFTs and cryptos from Twitter users

INTERPOL nabs the head of a transnational cyber crime syndicate in Nigeria

Is It Safe to Donate Money to Ukraine Online? How to Avoid Charity Scams

Key concerns about online payments and ways to overcome them

LAPSUS$ struck T-Mobile multiple times in March, stole source codes

Microsoft Finds Critical Bugs in Pre-Installed Apps on Millions of Android Devices

New Ransomware Gang GoodWill Feeds ‘Poor Kids’ with KFC or Pizza Through its Victims

New Windows Subsystem for Linux malware steals browser auth cookies

New York Man Sentenced to 4 Years in Transnational Cybercrime Scheme

Port of London Authority suffers a DDoS attack, Iranian threat group claims responsibility

Regina Public Schools remain offline, cyber attack confirmed

Singapore: More than SGD483,000 lost this year to scammers posing as parcel delivery companies

Spain: Beware of phishing cybercriminals sending emails impersonating DHL

The tipping point: What’s next for national cyber security?

Threats in the shadows: Combatting RF attacks with geofencing

UK hospitals at risk of chilling ‘sleeper cell’ attack by Russia

What is Bluesnarfing and how can we protect ourselves?

Why higher education should care about cybersecurity

27th May

$1.5 Million worth of Moonbirds NFTs are stolen by hackers in a phishing attack

4/10 Australian SMEs fallen victim to cyber-attacks since pandemic

5 Ways to Improve and Optimize Your Company’s Data Security Program

80% of consumers prefer ID verification when selecting online brands

A dastardly new phishing scam is targeting tax software users

A matter of (zero) trust: the crux of security for modern businesses

A Phishing Attack Results In The Loss Of 29 Moonbird NFTs Valued $1.5 Million

A Ransomware Survival Guide for Financial Services Firms

Action Fraud warn people to remain vigilant over fake HMRC emails

Android Trojan ERMAC is back, hackers are paying over 3.5 lakh Rupees per month for access to 467 apps to rob you

Apple ID, Amazon, Citibank, iPhone 12 Raffle, and MORE: Top Scams and Phishing Schemes of the Week

Are you expecting a DHL package? Beware of this very vicious scam

Are Your Social Accounts At Risk?

Attackers Can Use Electromagnetic Signals to Control Touchscreens Remotely

Beware! These crypto scammers pose as journalists, NFTs on Twitter. What to watch out for

BlackCat/ALPHV ransomware asks $5 million to unlock Austrian state

C.R. England: Customer information may have been compromised in October data breach

Chicago Public Schools Notifying Students and Staff of Vendor’s Ransomware Attack

ChromeLoader Browser Malware Spreading Via Pirated Games and QR Codes

ChromeLoader Malware Hijacks Browsers With ISO Files

CISA adds 41 vulnerabilities to catalog of exploited bugs

CISA adds 75 actively exploited bugs to its must-patch list in just a week

Common Types of Social Engineering, Phishing Attacks in Healthcare

Costa Rica declares national emergency after ransomware attacks

Could New Zealanders initiate a cyber attack from within?

Critical Flaws in Popular ICS Platform Can Trigger RCE

Cyber-Hygiene Confidence Low but Insurance Is Making an Impact

Cyberattack at Inglis Foundation Results in Data Breach

Data Breach at East Tennessee Children’s Hospital Affects More than 422,000 People

Data Breach Of School Kids' Information Investigated In California

Data Security: Protecting the Crown Jewels

Data shows regulatory password compliance falls short

Defense against file-based malware

Digital Security by Design: A Government Strategy That Can’t Afford to Fail

Emotet Analysis: New LNKs in the Infection Chain

Experts Detail New RCE Vulnerability Affecting Google Chrome Dev Channel

FBI: Higher Education Credentials Sold on Cybercrime Forums

FBI Alert: U.S. Academic Credentials Being Sold On Various Public and Dark Web Forums

FBI warns of education credentials awash on dark web

FBI warns of hackers selling credentials for U.S. college networks

FBI warns US colleges of widespread VPN credential leaks on Russian cybercrime forums

Former IT Consultant Charged with Intentionally Causing Damage to Healthcare Company’s Server

Four Takeaways as the European Union’s General Data Protection Regulation (GDPR) Turns 4

General Motors Hit by Cyberattack, User Data Including Home Addresses Exposed

GitHub: Attackers stole login details of 100K npm user accounts

GitHub saved plaintext passwords of npm users in log files, post mortem reveals

Hackers Steal $1.5 Million Worth of Moonbirds NFTs

Hackers Steal Metaverse Investors’ Digital Assets With Phishing Scams

Here We Go Again! This Android Malware Can Hack Your Bank Accounts And Crypto Accounts

How can you protect your customers in your online store?

How scammers hack Twitter accounts to steal popular NFTs and digital currencies

How the manufacturing sector can protect against cyberattacks

How to create a Cybersecurity Incident Response Plan?

How to Protect Your Customers (and Your Brand) From Data Breaches

How To Reduce Your Risk Of Identity Theft, According To An Expert

Human error is a main cause for cyber security breaches, Verizon report finds

Hybrid working causes new cybersecurity concerns, survey finds

Important Online Safety Tips that Everyone Using the Internet Should Know

In the Case of Cybersecurity, the Best Defense is Education

Increasingly, It’s Artificial Intelligence vs Cyber-Criminals

Interpol arrests suspected leader of cybercrime syndicate

Intuit issues yet another phishing warning to QuickBooks customers

Is the oncoming cybersecurity storm already here?

Is The U.S. Doing Enough To Keep American Businesses Safe From Cybercrime?

Let's play everyone's favorite game: REvil? Or Not REvil?

Linux-based Ransomware Cheerscrypt Attacks VMware ESXi Servers

Metaverse-related phishing attacks become the newest form of high-tech fraud

Microsoft finds severe bugs in Android apps from large mobile providers

Microsoft is rolling out these security settings to protect millions of accounts. Here's what's changing

Microsoft to roll out security defaults to millions more worldwide

MITRE ATT&CK Framework Explained: Why it Matters

National Cyber Security Centre (NCSC) Report Reveals Phishing Lures Increasingly Disguised as Vaccine Appointments

Nearly 100,000 NPM Users' Credentials Stolen in GitHub OAuth Breach

New Chaos Malware Variant Ditches Wiper for Encryption

New Cheerscrypt Ransomware Targets Popular VMware ESXi Machines

New risk profile emerges for managed service providers

New York Judge Dismisses Class Action PACS Data Breach Lawsuit for Lack of Standing

New Zealand Underspending On Cyber Security

No employee data compromised; ransomware hits SpiceJet audit process

OCBC capital limits raised over flawed response to SMS phishing scams

OCBC Hit With S$330 Million Additional Cap Requirement After Phishing Scam

OCBC hit by $330m extra capital requirement for phishing scam

Ofgem scam warning issued over phishing emails

One-year later, and the Colonial Pipeline cyberattack continues to loom large

Optoma Technology, Inc. Confirms Data Breach Stemming from Recent Ransomware Attack

Patient Information, Including Social Security Numbers, Compromised in Allwell Behavioral Health Services Data Breach

Phishing Campaign Targets Intuit QuickBooks Users With Bogus Account Hold Notices

Protect and Index Sensitive Data with Polymorphic Encryption

Protecting the user as a high-value asset to achieve a safer cyber world

Ransomware Costs City of Quincy, Illinois, $650,000

Ransomware group forces victims to 'pick any 5 poor children' and buy them KFC

Recent attacks force businesses to view cybersecurity with a wider lens

REvil prosecutions reach a 'dead end,' Russian media reports

Russian Hackers Believed to Be Behind Leak of Hard Brexit Plans

Scammers Use Elon Musk Deepfake to Steal Crypto

Singapore: More than S$483,000 lost this year to scammers posing as parcel delivery companies

Singapore's OCBC hit by $240m extra capital requirement for phishing scam

Somerset County switches over to Gmail to keep agencies running following ransomware attack

SpiceJet delays Q4 result announcement as ransomware attack hits audit process

SpiceJet faces ransomware attack, defers Q4 earnings announcement

Study claims up to 75 percent of phishing websites make it past Chrome's defenses

Stolen university credentials up for sale by Russian crooks, FBI warns

Survey Evidences Leaders Lack Confidence in Cyber-Risk Management

Suspected Business Email Compromise Ringleader Busted

Talos names eight deadly sins in widely used industrial software

Techno crime hits agricultural sector

The dangers of online scams and how to protect yourself

The Human Toll: Examining The Impact Of Breaches On The Public

This phishing has cost Barcelona City Council 350,000 euros: how an attack has fooled the Institut d’Informàtica

To Fend Off Ransomware Attacks, Stop Permissions Sprawl

Toronto health network data breach compromises patient information

Twitter to Pay $150m Fine to Resolve Data Privacy Violations

U.S. Charges Venezuelan Doctor for Using and Selling Thanos Ransomware

UK Government Seeks Views to Bolster the Nation's Data Security

Val Verde Regional Medical Center Notifies Thousands of Patients Following Data Breach

Verizon 2022 DBIR: 4 of 5 Data Breaches Caused by “Human Element,” Business Partners Involved in 3 of 5

Verizon data breach contains personal data of its employees

Visalia Unified was warned of cyber attack, true cost still unknown

Warning Issued Against New Android Malware That Hunts User Passwords From Over 500 Different Apps

What good is visibility without enforcement?

What is keeping automotive software developers up at night?

What to Do if You Receive a ”Scammy” Text Claiming to Be From Uber

Winning Combo: Security Awareness Training and Anti-Phishing Training

Zyxel Issues Patches for 4 New Flaws Affecting AP, API Controller, and Firewall Devices

Zyxel warns of flaws impacting firewalls and controllers

26th May

1 in 2 citizens surveyed acknowledge seeing ads based on their private voice conversations; microphone and contact list access to certain apps is leading to privacy breaches

4 Cyber Threats California Businesses Should Prepare For

5 Tips for Organisations to Stay Protected From Ransomware

10 Strategies to Stop Ransomware Attacks

18 Oil and Gas Companies Take Cyber Resilience Pledge

29 Moonbird NFTs Worth $1.5M Succumbs To A Phishing Attack

29 Moonbirds NFTs Stolen in $1.5M Phishing Attack

A unified cybersecurity strategy is the key to protecting businesses

Action Fraud warns of new Ofgem scam

Alameda Health System Files Notice of Recent Data Breach

Android warning for BILLIONS as malware that STEALS your passwords is spotted growing ‘more dangerous’

Armorblox Email Security Threat Report Reveals Huge Uptick in Language-Based Business Email Compromise Attacks

Attackers turn to vishing: 550 percent increase seen in vishing attacks

Austria’s Carinthia halts passport issuance over ransomware attack

Beeple Getting Hacked Resulted in His Followers Losing Over $438,000 in Crypto

Better training could fix accountancy firms’ cybersecurity blind spot

Black Basta Besting Your Network?

Business Email Compromise Attacks Rise More than 53% Year Over Year

Calgary charity hit by data breach says it responded appropriately despite client concerns

Canadian healthcare provider issues data breach warning after server hack

Cheers ransomware hits VMware ESXi systems

Chicago Public Schools suffers massive data breach affecting student, staff data

Cisco Talos on cyber security trends: Ransomware continues as the top threat

Critical 'Pantsdown' BMC Vulnerability Affects QCT Servers Used in Data Centers

Cyber attack downs Regina Public Schools' computer systems

Cybercrime Syndicate Leader Behind Phishing and BEC Scams Arrested in Nigeria

Cybercriminals held $25 billion worth of cryptocurrency

Cybercriminals target metaverse investors with phishing scams

Cybergang Claims REvil is Back, Executes DDoS Attacks

Cybersecurity is a corporate social responsibility, especially in times of war

Data Breach Class Action Against Radiology Companies Dismissed for Lack of Standing

Education tech wrongfully tracked school children during pandemic: Human Rights Watch

Email Incidents Reported by Washington University School of Medicine & Oswego County Opportunities

Ex-spymaster and fellow Brexiteers' emails leaked by suspected Russian op

Executives’ weak passwords lead to breaches in healthcare and other industries

Experts Warn of Rise in ChromeLoader Malware Hijacking Users' Browsers

Exploit released for critical VMware auth bypass bug, patch now

Federal Trade Commission (FTC) Signals Additional Scrutiny for Data Breaches

Food For Files: GoodWill Ransomware demands food for the poor to decrypt locked files

FTC Orders Company to Delete Algorithms Made with Data Alleged to be Improperly Obtained

General Motors (GM), Zola customer accounts compromised through credential stuffing

GM's Data Breach Could Prove Disastrous

GoodWill ransomware demands people help the poor

Google Chrome branded the least effective browser for stopping phishing attacks

Google Chrome only blocking a quarter of phishing websites, researchers claim

Google Chrome Trounced by Mozilla, Safari and Microsoft Edge in Blocking Phishing Sites

Hacked off passengers stranded, airline hit by ransomware attack

Hacker Steals $1.4 Million in NFTs From Collector

Hackers Increasingly Using Browser Automation Frameworks for Malicious Activities

Hamden computer network hacked, mayor’s office says

Here's What Hackers Are Really Doing With Your Info

How confident are companies in managing their current threat exposure?

How to avoid being scammed by a fake ISP ’employee’

How to encrypt your email and why you should

How to Restore Your Online Privacy in 2022

How zero trust can lead the battle against ransomware

Hundreds stranded after ransomware attack on Indian airline

In 2021, 57% of all cybercrimes were scams

India's SpiceJet Strands Planes After Being Hit By Ransomware Attack

Industrial Spy data extortion market gets into the ransomware game

Insurers are "at the forefront" of pushing information security

Intuit warns of QuickBooks phishing threatening to suspend accounts

Key trends in the Verizon Data Breach Investigations Report

Limited reporting hinders government’s ability to fight ransomware

Linux-based Cheerscrypt ransomware found targeting VMware ESXi servers

Love, Bonito slapped with SG$24k fine over 2019 data breach

Managed Detection and Response (MDR): How It Compares and How To Choose a Provider

Martin University Announces Data Security Incident

Messages sent through Zoom can expose users to cyber attack

MGM Resorts Data Hack: Customer Info Stolen in 2019 Posted on Telegram

Microsoft: Here's how to defend Windows against these new privilege escalation attacks

Microsoft shares mitigation for Windows KrbRelayUp LPE attacks

Monetary Authority of Singapore (MAS) slaps additional S$330m capital requirement on OCBC over its response to SMS scams

Most CFOs being left out of ransomware conversations

Most organizations do not follow data backup best practices

Multi-Continental Operation Leads to Arrest of Cybercrime Gang Leader

National Security Agency (NSA): Sanctions on Russia Having a Positive Effect on Ransomware Attacks, Attempts Down Due to Difficulty Collecting Ransom Payments

Nearly three-quarters of business email compromises are language-based attacks

New CFO Study Highlights a Dangerous Disconnect Within UK Businesses in Planning for Cyber-Attacks

New ERMAC 2.0 Android malware steals accounts, wallets from 467 apps

New Jersey health system notifies patients of data breach

Old Python package comes back to life and delivers malicious payload

Open Automation Software (OAS) platform vulnerable to critical RCE and API access flaws

Phishing as a Service (PaaS): A Growing Cybersecurity Concern

Prepare for deepfake phishing attacks in the enterprise

Preventing corporate credential theft

Privacy study reveals wide scope of Immigration and Customs Enforcement (ICE) surveillance

PSNI facing lawsuit after 152 people affected by data breach

Public Employees Credit Union Data Breach Results in Leaked Social Security Numbers

Ransomware attack hits New Jersey county

Ransomware Breach Rates: What Verizon Research Shows

Ransomware Data Breaches' Growth Last Year Equal to Last 5 Years Combined, Verizon Report Says

Ransomware demands acts of kindness to get your files back

Ransomware “GoodWill” Urges Victims To Help The Poor In Exchange For Decryption Key

Ransomware sees biggest jump in five years

Regina Public Schools victim of cyber attack, spokesperson says

Secure Your Data First, and Rest Easy This Holiday Weekend

Security and compliance: A missed growth opportunity for early-stage startups

Security Tips for Gamers: Staying Safe While Playing Online

Singapore bank OCBC hit by $240 million extra capital requirement for phishing scam

Singapore Imposes Additional Capital Requirement On OCBC Bank For Deficiencies In Response To Spoofed SMS Phishing Scams

Sixty-Four Percent Of SOC Analysts Will Leave Their Jobs This Year—Here’s How To Improve Your Retention Rate

Small Businesses Don’t Recognize Risk of Cyber-Attack Despite Repeated Warnings

Some QCT servers vulnerable to 'Pantsdown' flaw say security researchers

SpiceJet ransomware attack: Hundreds of passengers stranded

SpiceJet's brush with ransomware is a timely reminder to protect yourself against this cyber menace

State of Cybersecurity Report 2022 Names Ransomware and Nation-State Attacks As Biggest Threats

State Oil Fund of Azerbaijan (SOFAZ) warns citizens about phishing attacks

Stolen MGM Resorts customer data dumped on Telegram for free

Suspected phishing email crime boss cuffed in Nigeria

Tails OS Users Advised Not to Use Tor Browser Until Critical Firefox Bugs are Patched

The Added Dangers Privileged Accounts Pose to Your Active Directory

The ups and downs and runarounds of catching cybercriminals in New Zealand

The US government is doing a really bad job of tracking ransomware

Three-quarters of Security Pros Believe Current Cybersecurity Strategies Will Shortly Be Obsolete

Trucking Company C.R. England, Inc. Confirms Leaked Consumer Information Following Recent Data Breach

Twitter Fined $150M for Misusing Private Data to Sell Ads

Twitter Fined $150 Million for Misusing Users' Data for Advertising Without Consent

Twitter Fined $150 Million for Using Customer Data Without Consent

Twitter To Pay $150 Million In Settlements For Data Breach, Non-compliance With Privacy Accords

U.S. Senate report calls out lack of ransomware reporting

VMware, Airline Targeted as Ransomware Chaos Reigns

What’s the impact of a security breach?

WhatsApp and QR codes are the next scam frontier

Why are current cybersecurity incident response efforts failing?

Why US struggles to sanction Russian ransomware gangs

Why Zero-Trust Must Extend to Deep Infrastructure

Zyxel warns of flaws impacting firewalls, APs, and controllers

25th May

10 Reasons Why Email Protection is Critical in 2022

68% of Legal Sector Data Breaches Caused by Insider Threats

AI’s role in the future of cybersecurity

Android warning for BILLIONS as FluBot scam resurfaces aiming to steal your money – steps to take now

Beyond Materiality: Comparing The SEC’s Proposed Data Breach Notification Rules with Evolving State Notification Laws

BPFDoor malware uses Solaris vulnerability to get root privileges

Bryan County Ambulance Authority in Oklahoma Faces Ransomware, 14K Impacted

Business as usual for exams as The De Montfort School fights back following 'malicious' cyber attack

Can we trust the cybersecurity of the energy sector?

Chaos ransomware explained: A rapidly evolving threat

CISA adds dozens of vulnerabilities to catalog of exploited bugs

CISA Announces Joint Ransomware Task Force

Conti leaks data stolen during January attack on Oregon county

Cyber attack warning for small businesses including hotels and restaurants

Cyber criminals target desperate householders with bogus electricity rebates as Action Fraud reveals they have received 800 complaints about fake Ofgem emails in just FOUR DAYS

Cyber insurance gap 'disproportionately high', Munich Re warns

Darknet market Versus shuts down after hacker leaks security flaw

Data on ransomware attacks is 'fragmented and incomplete' warns Senate report

Elevation of Privilege is the #1 Microsoft vulnerability category

Emails of leading pro-Brexit figures leaked by Russian hackers alleging ‘deep state conspiracy’

Feds remain in the dark as ransomware disclosure lags

FTC fines Twitter $150M for using 2FA info for targeted advertising

General Data Protection Regulation: Four years later

General Motors users info affected in data breach

Going phishing: Kiwis losing tens of millions to 'cyber baddies'

GoodWill Ransomware Demands People Help the Most Vulnerable

GoodWill Ransomware Twistedly Tasks Victims With Charity Work To Rescue Their Data

GoodWill ransomware will force you to do good deeds like donate to the poor and homeless

Google Chrome ‘worst browser for stopping phishing attacks’

Hacker of Python, PHP libraries: no "malicious activity" was intended

Hacker says hijacking libraries, stealing AWS keys was ethical research

Hackers steal 29 Moonbirds valued at $1.5 million in NFT phishing attack

Half of built environment firms hit by ransomware in past two years, survey says

Health plan faces lawsuit after 850,000 patients hacked

Health systems mostly attacked for financial reasons

How hackers trick with phishing URL?

How Secrets Lurking in Source Code Lead to Major Breaches

How to avoid ransomware attacks? Check out these easy tips that are tough to foil

How to Stop the Costliest Internet Scams

Interpol Arrests Leader of SilverTerrier Cybercrime Gang Behind BEC Attacks

Interpol arrests alleged leader of the SilverTerrier BEC gang

Interpol Nabs Nigerian Man Behind Massive Email Phishing Campaigns

Is REvil having a resurgence, or is there a copycat hacking group?

Keeping pace with emerging threats: The roundup

Learn How Hackers Can Hijack Your Online Accounts Even Before You Create Them

Link Found Connecting Chaos, Onyx and Yashma Ransomware

Messages Sent Through Zoom Can Expose People to Cyber-Attack

Mobile apps present cyber threats to business travel, hybrid work

Nation-State Cyber Attacks and Insurance Response: Revisiting the War Exclusion

New ‘Cheers’ Linux ransomware targets VMware ESXi servers

New ChromeLoader malware surge threatens browsers worldwide

North Carolina Prohibits Public Sector Entities from Paying Ransom in a Ransomware Cyberattack

Now More Than Ever, Critical Infrastructure Must Be Cybersecure

Organizations Urged to Fix 41 Vulnerabilities Added to CISA’s Catalog of Exploited Flaws

Pro-Iran Group ALtahrea Hits Port of London Website by DDoS Attack

Ransomware Attacks Leaped 13% In 2021

Researchers Find New Malware Attacks Targeting Russian Government Entities

SAC Health Theft Incident and Multiple Ransomware Attacks Reported

Sanctions Frustrating Russian Ransomware Actors

Scarborough Health Network warns of data breach involving patient information

Seeing ads based on your last conversation? Survey provides insights. Details here

Somerset County Offices Hit with Ransomware Attack

Somerset County, New Jersey, Email System Offline After Breach

SpiceJet: Passengers stranded as India airline hit by ransomware attack

SpiceJet airline passengers stranded after ransomware attack

Tackling the Emerging Threat of Session Hijacking and MFA Bypass

Tails 5.0 Linux users warned against using it "for sensitive information"

The cost of a WordPress website security breach

The De Montfort School in Evesham suffers ransomware-attack

The Netherlands: Sharp increase in data leaks through cyberattacks

This ransomware looks to make the world a better place

Verizon Report: Ransomware, Human Error Among Top Security Risks

Verizon 2022 DBIR: External attacks and ransomware reign

Voice Phishing Skyrockets 550% Over The Past 12 Months

WhatsApp and QR codes the next scam threat

Where is attack surface management headed?

Zoom Patches ‘Zero-Click’ RCE Bug

24th May

142 Million MGM Resorts Records Leaked on Telegram for Free Download

A favorite of cybercriminals and nation states, ransomware incidents increase again

A ‘whale’ of a threat evolves in the financial industry to steal sensitive data

Account pre-hijacking attacks possible on many online services

Cabinet Office Reports 800 Missing Electronic Devices in Three Years

Chinese hackers spy on Russian military industry

CISA adds 41 vulnerabilities to list of bugs used in cyberattacks

Conti Ransomware Operation Shut Down After Splitting into Smaller Groups

Corporate Ransomware and How to Prevent It

Cyber Insurance Policies May Not Cover Phishing Attack Funds Diversion

Cyber threat: Report warns organisations against frequent ransomware attacks

Cybersecurity rulings important for all Australian businesses

Devastating cyber attacks expected to hit energy sector

District of Columbia Sues Mark Zuckerberg over Cambridge Analytica data breach

District of Columbia Sues Zuckerberg Over Cambridge Analytica Data Breach

Email Security: Best Practices for SMBs and Top Email Security Providers

Facebook boss Mark Zuckerberg personally sued over massive Cambridge Analytica data breach scandal

Facebook's Zuckerberg sued for data breach

Fronton IOT Botnet Packs Disinformation Punch

Hackers Know Where You’ve Been Driving: General Motors Discloses Data Breach

Hackers target Russian government with fake Windows updates pushing RATs

How Can OEMs Reduce Their Risk of Cyberattacks?

How confident are CISOs about their security posture?

How to defeat social engineering attacks

ICO Fines Clearview AI £7.5m for Collecting UK Citizens’ Data

Identity-based attacks the top cyber threat in 2021

It's 2022 and there are still malware-laden PDFs in emails exploiting bugs from 2017

KnowBe4 warns users to be vigilant of QR codes and WhatsApp scams

Love, Bonito fined $24,000 over 2019 data breach involving over 5,500 customers

Malware Analysis: Trickbot

Microsoft: Credit card skimmers are switching techniques to hide their attacks

Microsoft: Credit card stealers are getting much stealthier

Microsoft Warns of Web Skimmers Mimicking Google Analytics and Meta Pixel Code

Mumbai sees 200% surge in cyber-crime cases year-on-year

New Chaos Ransomware Builder Variant "Yashma" Discovered in the Wild

New virus forces people to donate to the poor if they want their data recovered

New Zoom Flaws Could Let Attackers Hack Victims Just by Sending them a Message

Paying the ransom is not a good recovery strategy

Personal Data of Tens of Millions of Russians and Ukrainians Exposed Online

Popular PyPI Package 'ctx' and PHP Library 'phpass' Hijacked to Steal AWS Keys

Popular Python and PHP libraries hijacked to steal AWS keys

RansomHouse: Bug bounty hunters gone rogue?

Ransomware attacks and how to avoid them

Ransomware Attacks Increasing at "Alarming" Rate

Ransomware Built in Venezuela Used to Target Institutions Across Latin America

Ransomware dominated threat landscape in 2021

Ransomware Safe Havens, Reporting Inconsistencies Trouble Authorities

Researchers to release exploit for new VMware auth bypass, patch now

Screencastify Chrome extension flaws allow webcam hijacks

Securing mobile devices: a cybersecurity focus in 2022

Security Problems with NFT Marketplace OpenSea

Senate Report: US Government Lacks Comprehensive Data on Ransomware

Senate Report Highlights Lack of Government Data on Ransomware Payments

SIM-based Authentication Aims to Transform Device Binding Security to End Phishing

Singapore slow to response to security breaches

State Bank of India (SBI) Customers Alert! ‘Delete THIS Message Immediately Or …’, Government’s Warning Amid Rising Phishing Scams

Thai Children Especially Vulnerable to Online Threats

The benefits that microsegmentation can bring to cyber resilience

These are the flaws that let hackers attack blockchain and DeFi projects

Trend Micro fixes bug Chinese hackers exploited for espionage

UK fines Clearview AI £7.5m for privacy breaches with facial recognition

UK privacy watchdog fines Clearview AI £7.5m and orders UK data to be deleted

US: The government’s still mostly in the dark on ransomware

US Car Giant General Motors Hit by Cyber-Attack Exposing Car Owners' Personal Info

US lacks full picture of ransomware attacks, Senate panel finds

Vishing cases reach all time high

Voice phishing attacks reach all-time high

What does prioritizing cybersecurity at the leadership level entail?

What Does Zero Trust Mean for MSPs?

What Is Phishing as a Service and How Does It Work?

What’s going on with Costa Rica’s ‘war’ with the Conti ransomware group?

Why Cyber Insurance is Essential in 2022

Why relying on multi-factor authentication is a dangerous tactic

Zoom patches XMPP vulnerability chain that could lead to remote code execution

23rd May

4 commonly forgotten points hackers like to exploit

5 easy ways to spot a phishing email

5 ways to avoid a printer security data breach

6 Reasons Why Social Media Cyber Security Matters to Small Businesses

Anonymous Declares Cyber War Against Pro-Russia Hacker Group Killnet

Anonymous Declares Cyber-War on Pro-Russian Hacker Gang Killnet

Anticipating Threats At Every Level: Modern Security For SMEs

Back to the Future: Protecting Against Quantum Computing

Beeple's Twitter Hacked, Scammers Net $430K In Ethereum And NFTs

Beware! State Bank of India (SBI) Customers Should Not Reply To This SMS And Fall Prey To This Scam

Big tech is joining forces to end passwords

Boards: Don’t mistake business continuity plans for an effective resilience strategy in the face of growing cyber threats

Brazen cyber criminals target Garda Credit Union in Ed Sheeran ticket scam

By streamlining compliance, companies can focus more on security

Can the new National Cyber Strategy make the UK a security leader?

Cars in the Crosshairs: Automakers, Regulators Take on Cybersecurity

Cause of cyber attack on city computer systems still undetermined as city, library issue joint statement

Charity Or Cybercrime? Goodwill Ransomware Cracks Your Decryption If You Donate

Chicago Public Schools data breach blamed on third-party ransomware attack

CISA outlines 10 initial access points exploited by hackers

CISA Signals Cyber Incident Reporting Requirements

Conti Ransomware Operation Shut Down After Brand Becomes Toxic

Conti rebranding as several new ransomware groups

Cyber attacks could jeopardize global food supplies

Cyberattacks Give Food Security a Bad Taste

Cybersecurity needs to be a company wide issue

Cybersecurity Requires Diligence Not Money

Cybersecurity Training: 5 Topics You Must Cover at Your Company

Data Breach-Related Securities Suit Filed Against Cyber Firm Okta

Data Storage Best Practices for Overcoming a Ransomware Attack

DDoS attacks decreased in 2021, still above pre-pandemic levels

Did the Conti ransomware crew orchestrate its own demise?

Don’t Let Your Business Be Held For Ransom(ware)

Embarrassing slipup exposes dozens of personal profiles from Trust Stamp

Effective Ways to Prepare for a Cyberattack

Eighty percent of organisations surveyed have been attacked by ransomware in the past two years

Fake Windows exploits target infosec community with Cobalt Strike

Flawed MFA Opens Doors to Ransomware

Fronton: Russian IoT Botnet Designed to Run Social Media Disinformation Campaigns

GM credential stuffing attack exposed car owners' personal info

GoodWill ransomware detected in India makes victim donate to poor, provides financial help to needy patients

Goodwill ransomware wants you to help needy people to get decryption key

Google issues urgent warning for BILLIONS of Android phone owners over ‘Predator attack’ – change these settings

Government Alerts About Fake SMS Fraud Targeting State Bank of India (SBI) Customers; Know What To Do If You Are A Victim

Hackers can hack your online accounts before you even register them

Hackers Compromised Synapse X Scripting Engine To Inject Trojan Code Into Roblox Game

Hackers Distribute Vidar Malware By Tricking Users with Fake Windows 11 Downloads

HHS Shares Information on Advanced Persistent Threat Groups Linked with the Russian Intelligence Services

How do Red Team Exercises help CISO to Validate the Security Controls Effectively?

How effective cybersecurity can provide the basis for growth

How Far Have We Come Against Ransomware in the Past Year?

How to fend off DDoS attacks before they shut you down

How To Protect Your Organization From the Increasing Threat of Ransomware

How to Respond to Non-Malicious Data Breaches

How you can protect yourself against phishing fraud

How Zero Trust can lead the battle against ransomware

IBM Dives Into TrickBot Gang's Malware Crypting Operation

Is your personal data on the dark web?

Mark Zuckerberg Sued Over Cambridge Analytica Data Breach

Military-made cyberweapons could soon become available on the dark web, Interpol warns

Mitigating Cyber-Threats in the Maritime Industry

Multiple NFT Projects Attacked After Commonly-Used “Mee6” Discord Bot Hacked

New phishing technique lures users with fake chatbot

New RansomHouse group sets up extortion market, adds first victims

New Unpatched Bug Could Let Attackers Steal Money from PayPal Users

NFT Artist Beeple’s Twitter Account Hacked as Phishing Attacks Continue to Wreak Havoc

Nikkei rocked by ransomware attack

Online classes resume after cyber attack at Kalamazoo Valley Community College

Over 194K patients added to ongoing Eye Care Leaders breach tally

Photos of abused victims used in new ID verification scam

Police warn of Ofgem email scam

Predator Spyware Using Zero-day to Target Android Devices

Ransomware attack on nonprofit causes data breach of 500,000 students, teachers in Chicago

Ransomware attack on Plainfield Town computer system was avoidable, consultant says

Ransomware attacks in higher education: How you can protect your data and mitigate risks

Ransomware Hackers Steal Personal Data of 500,000 Students and Staff in Chicago

Ransomware makes victim donate to poor, financial help to needy patients

Ransomware still winning: Average ransom demand jumped by 45%

Ransomware, cyber extortion pick up, with access brokers playing a key role, says CrowdStrike

Records request shows East Windsor cyber attack occurred earlier than originally stated

Recovering from ransomware attacks starts with better endpoint security

Reducing the Risk of Cyberattacks on Public-Sector Security Systems

Rising Cases of Data Breaches in Indonesia: a Sign to Urgently Enact the Data Protection Bill?

Russian hackers perform reconnaissance against Austria, Estonia

Scam Alert: Don't Click on "Biggest Airdrop" Website by OpenSea Impostors

Scammers use Beeple’s hacked Twitter account to trick crypto fans out of £348,000

Securing backups: defending your defence

Security has become more difficult, IT leaders say

Seven cyber hygiene best practices to implement now

Smart Farm Technology Open to Attacks by Hackers

Snake Keylogger Spreads Through Malicious PDFs

Staying Ahead of Threats to Industrial Control Systems (ICS) Cybersecurity

Targeted phishing scam nets $438K in crypto and NFTs from hacked Beeple account

The Different Types of Viruses

The do’s and don’ts of communicating a data breach

The Evolution of Ransomware: Understanding Its Past, Present, and Future

This malware-spreading PDF uses a sneaky file name to trick the unwary

To Pay or Not to Pay: Big Question When Hit with Ransomware

Top Seven Cybersecurity Tips to Keep Your Data Safe and Private

Trojan cyber attacks hitting SMBs harder than ever

Twitter blue badge phishing scams targeting verified accounts

UAE firms most likely to fall victim to phishing and APT attacks

UK law firms admit gaps in training and preparation against cyberattacks

Vulnerabilities Associated With Ransomware Up 7.6% in Q1 2022

XorDdos malware is targeting Linux and putting millions of devices at risk

Yes, Containers Are Terrific, But Watch the Security Risks

Zero Trust for Data Helps Enterprises Detect, Respond and Recover from Breaches

Zola confirms cyberattack that reportedly drained hundreds from wedding registry accounts

Zola handles massive wedding registry breach in worst way possible