Editor's Message

Welcome to DBD. On March 8th we celebrated our 4th Anniversary and the 1st Anniversary of our PRiSM application, officially endorsed by the SANS Institute. Despite recent personal issues that have impacted the amount of time I have been able to dedicate to both projects, I have been doing my best to keep everything as up-to-date as possible, and I would like to take this opportunity to thank everyone for their patience and support whilst I navigate through this very difficult time. Stay safe. :)

Monday 30 May 2022

Data Breaches Digest - Week 22 2022

Welcome to this week's Data Breaches Digest, a catalogue of links concerning Data Breaches and Cyber Security that were published on the Internet during the period between 30th May and 5th June 2022.

5th June

A country threatens to collapse because of a cyberattack, never seen

Bored Ape Yacht Club hacked, loses $360,000 worth of NFTs in phishing attack

Bored Apes Creator Trolls Discord After 200 ETH Worth Of NFTs Stolen In Another Hack

Cybersecurity insurance costs escalate for municipalities as cases of ransomware attacks climb

ESET Threat Report details targeted attacks connected to the Russian invasion of Ukraine and how the war changed the threat landscape

Evasive phishing mixes reverse tunnels and URL shortening services

Exploit released for Atlassian Confluence RCE bug, patch now

FBI Chief: Iranian hackers targeted Boston Children's Hospital in 2021

FluBot: Strike against SMS-based Android malware

Gmail and Outlook warning: Don't ignore urgent Government advice, dangerous new scam email

High Seas and High Stakes Communications: Securing the Maritime Industry

How companies can fight the menace of phishing

How identity segmentation can reduce the attack surface for healthcare organizations

How Login Phishing Attacks Compromise Your Spotify Credentials

How to avoid falling prey to cyber frauds

Mumbai tops in Maharashtra in cyber-crime cases

Online scams lead most cybercrimes

Ransomware malware grows 7.6 per cent

Singapore: Police warn of banking-related phishing scams; S$114,000 lost since May

Spam text messages from Scammers can Cost You a Big Deal

State-Backed Hackers Exploit Microsoft 'Follina' Bug to Target Entities in Europe and U.S

Tech pros have low confidence in supply chain security

The Hacker Gold Rush That’s Poised to Eclipse Ransomware

What is an Open Redirect vulnerability, why is it dangerous and how can you stay safe?

Why You Should Keep Your Health Records Safe

4th June

2 Mutant Ape Yacht Club (MAYC) and 8 Cool Cats NFTs Stolen From Yet Another Phishing Scam Victim

4 cybersecurity risks online gamers face

66% of Critical Incidents in Government Sector in 2021 were Targeted Attacks

A look at how AI can help battle cyberattacks

An actively exploited Microsoft 0-day flaw still doesn’t have a patch

Anonymous Hacktivists Leak 1TB of Top Russian Law Firm Data

Apple blocked 1.6 millions apps from defrauding users in 2021

Atlassian Releases Patch for Confluence Zero-Day Flaw Exploited in the Wild

Australian Trading Giant ACY Securities Exposed 60GB of User Data

Beware WhatsApp Users! New Scam Can Seize Your Account After One Phone Call

Bored Ape Yacht Club, Otherside NFTs stolen in Discord server hack

Bored Ape Yacht Club Discord reportedly compromised in $357,000 NFT phishing attack

Cape Cod Regional Transit Authority hit by ransomware attack

Costa Rica 'at war' with Russian hackers, experts warn other countries

Cyber attack still hinders council services almost six months after Russian hackers hit Gloucester

Cybersecurity Tips for Traveling This Summer

Enhancing Marketplace Safety Against NFT Frauds and Scams

Evil Corp Switches to Ransomware-as-a-Service to Evade US Sanctions

Exiled Iran group claims Tehran hacking attack

Facebook has HIDDEN list you need to check now – you may be a hacker target

Hacker Used ‘Social Media Data Leak’ to Steal USD 660K in Crypto from 90 Victims

How Russia’s Invasion of Ukraine Is a Litmus Test for Cryptocurrency Exchanges

How to Protect Your CRM from Hackers

Investigating the cyber crime scene

Monetary Authority of Singapore (MAS) introduces more measures to fight digital banking scams

Montreal's Grande Bibliothèque Has Shut Down Some Services After A Data Breach

Operations at Mexican Hon Hai plant gradually return to normal after cyberattack

Portugal: CTT scam warning

Pro-Indian APT Attempts Phishing Attacks Against Pakistani Military, Government

Ransomware hits military supplier CMC Electronics

SMSFactory Android malware sneakily subscribes to premium services

‘So convincing!’ Britons warned about sinister National Insurance scam phone call

The explosion of digital identities and growth of cybersecurity debt

TOTS, Inc. Notifies Patients of Cyber Attack

Urgent warning to Microsoft Office users over “homograph attacks” which can expose data & why you must check spellings

We need to be extra careful to avoid theft of data in cyberspace

What We Can Learn from the American Dental Association Ransomware Attack

Why hybrid work is leading to cybersecurity mistakes

Why Students Are at Risk of Data Breaches (and How to Protect Them)

3rd June

5 tricky PayPal scams going after your money

40% of enterprises don’t include business-critical systems in their cybersecurity monitoring

94% increase in ransomware attacks on healthcare organizations

A snapshot of India’s Cyber Threat Landscape

Accountability unclear as cybersecurity for federal dams falls short

Alarming Cyber Statistics For Mid-Year 2022 That You Need To Know

America's Cyber Command Accepts Initiating Operations in Support of Ukraine

Americans report losing over $1 billion to cryptocurrency scams

Attackers are leveraging Follina. What can you do?

Attackers Weaponize Vulnerabilities Days After Publishing

Atlassian fixes Confluence zero-day widely exploited in attacks

Australian CISOs worry about application vulnerabilities leaking into production

Australian pension provider falls for a phishing email, leaks PII of 50k members

Authorities Take Down SMS-based FluBot Android Spyware

Best way to protect your company’s information services? Have a plan in place first

By understanding unstructured data, companies can prevent attack risks and cyber insurance denials

Caja declares an institutional state of emergency due to hacks

Can Technological Advancement Fade Out VPN Usage in Cybersecurity?

Chicago Public Schools reports data breach five months after incident

China's draft cybersecurity rules pose risks for financial firms

Chinese LuoYu Hackers Using Man-on-the-Side Attacks to Deploy WinDealer Backdoor

ChromeLoader is Way More Dangerous Than the Average Browser Hijacker, Here’s Why

City of Alexandria investigating system hack

Combatting the malicious and unwitting insider threat

Conti reforms into several smaller groups, are they now more dangerous than ever?

Cost of living scam: Gmail, Outlook and Hotmail email users should be wary of HMRC fraudsters

Crypto Scams Have Cost Consumers More Than $1 Billion, FTC Says

Crypto Vultures Are Stealing Imaginary Land In The Metaverse: 3 Things To Know

Cybercriminals continue to prey on job-seekers in Philippines

Cybersecurity a key driver in local media coverage

Cybersecurity And Branding: Building Brand Trust In A World Of Cyber Threats

Data breach a major concern as universities struggle with cyber threats

Data Breaches Reported by Alameda Health System, Aon, and Capsule Pharmacy

East Tennessee Children's Hospital faces lawsuit after data breach

EMC National Life Company Announces Data Breach

Emotet Proved Too Effective for Threat Actors to Abandon

Endpoint Protection for Cloud-Native Workloads

Even Russia's Evil Corp now favors software-as-a-service

Evil Corp Pivots LockBit to Dodge U.S. Sanctions

Fake Updates Continue To Be A Digital Risk: What To Do?

FBI Thwarted ‘Despicable’ Cyberattack on Boston Children’s Hospital

Fear of ‘cyber capture’ amid rising cyber attacks

Five Steps to a Secure Cloud Architecture

Five ways to promote employee cyber awareness

FluBot Malware Strain Taken Down in Multi-Agency Effort

Forescout’s Vedere Labs reveals first proof of concept of ransomware for IoT (R4IoT)

Foxconn Confirms Ransomware Hit Factory in Mexico

GitLab Issues Security Patch for Critical Account Takeover Vulnerability

GitLab security update fixes critical account take over flaw

Hawaii unemployment insurance fraud scams increase via SMS phishing attacks

Health PEI employee data breached after laptop theft

Healthcare Cybersecurity: The Challenges of Protecting Patient Data

Healthcare sector hit by ransomware onslaught

Healthcare organizations face rising ransomware attacks – and are paying up

How can small businesses protect themselves from cyber threats?

How COVID-19 triggered a spike in cybercrimes in Australia

How Russian-Ukraine war changed the cyber threat landscape

How USB Drives Can Be a Danger to Your Computer

Hybrid work a calling for businesses to strengthen digital defences

Icare data breach due to ‘human error’, agency says

Importance of Cybersecurity in the Education Sector

Incident response for surviving a ransomware attack

Iran capital municipality computer system briefly hacked

Karakurt Team hits North America and Europe with data theft and extortion

Leaked Credentials are the Top Cause Of Data Breaches, But Not All Companies are Monitoring for it, Survey Reveals

Losses to cryptocurrency scams top $1B, FTC reports

Louisiana authorities investigating ransomware attack on city of Alexandria

Malware is now spreading via weaponized files circulating in data lakes, file shares

Microsoft Blocks Iran-linked Lebanese Hackers Targeting Israeli Companies

Microsoft disrupts Bohrium hackers’ spear-phishing operation

Microsoft disrupts Iranian-linked hackers targeting organizations in Israel

More than half of British Columbians are concerned about their data being hacked while online

Most software supply chains are vulnerable

Nearly 75% of companies suffer downtime due to DNS attacks

New ERMAC 2.0 Trojan Variant Actively Targeting Android Users

New Research Shows Nearly Four out of Five (79%) Organizations Faced Ransomware Attacks within the Last Year

New York Districts Warn About Mail Scam Alleging Data Breach

Nigeria: Federal Government queries Wema Bank over data breach, illegal accounts opening

Novartis says no sensitive data was compromised in cyberattack

Old Hacks Die Hard: Ransomware, Social Engineering Top Verizon Data Breach Investigations Report (DBIR) Threats – Again

One-third of defense contractors vulnerable to ransomware

Personal Data Breach – Implications and Consequences

Phishing: What is it, and how risky is it to use it?

Pivotal Homes reports ‘ransomware attack’ weeks before liquidation

Protecting the Three Dimensions of the Data Lifecycle

Protecting Your Business From Cyberthreats: A Guide For 2022

Ransomware actors have found a new way to make victims pay up

Ransomware Attacks on Healthcare Almost Doubled Last Year

Ransomware coming for IoT devices, researchers warn

Researchers Uncover Malware Controlling Thousands of Sites in Parrot TDS Network

Russian hacking gang Evil Corp shifts its extortion strategy after sanctions

Scammers taking advantage of hype over NFTs

Security researchers target bug bounties for cyber insights

Senators push for more frequent medical device cybersecurity guidance from Food and Drug Administration (FDA)

Shutterfly, Inc. Provides Notice of Data Breach to Additional Employees

Telegram’s Blogging Platform Comes Under Attack By Phishing Actors

The workplace revolution: turning security weaknesses into strengths

These Sinister Android Trojans Target Financial Apps With Over 1 Billion Downloads

This Microsoft Office exploit will make you rethink everything you know about web safety

Three Pillars For The C-Suite Playbook On Data Privacy: A Cyber Asset Perspective

Unpatched Atlassian Confluence zero-day exploited, fix expected today (CVE-2022-26134)

Urgent scam warning as fraudsters impersonate government to steal money

Verizon Data Breach Investigations Report 2022

Verizon Data Breach Investigations Report 2022: What’s Worth Acting On?

Vulnerability in DNA Sequencing Device Spotlights Health Care’s Weak Cyber Infrastructure

WatchDog hacking group launches new Docker cryptojacking campaign

Why Timely Response is Essential and How to Achieve It

Will a passwordless system give big tech companies too much power? The FIDO Alliance tries to make passwords obsolete

Zero trust leaders avert 5 cyber disasters per year on average

2nd June

4 Effects Of Evolving Technology On Cybersecurity

5 Bold Cybersecurity Predictions for 2022 and Beyond

45% of cybersecurity professionals have considered quitting the industry

Access Brokers and Ransomware-as-a-Service Gangs Tighten Relationships

Access brokers help boost cyber crime profits

After Microsoft And Nvidia, This Major Apple Supplier Became Ransomware Target

Aligning Leadership On Cybersecurity

Business’s Data May Be Vulnerable Under Proposed China Cybersecurity Rules

Cape Cod Regional Transit Authority’s (CCRTA) Hit with Ransomware Incident, Service Largely Unaffected

Chinese LuoYu hackers deploy cyber-espionage malware via app updates

Chinese LuoYu hackers deploy cyber-espionage malware via app updates

CISA Warns of Karakurt Extortion Group

Clipminer malware gang stole $1.7M by hijacking crypto payments

Connected digital tech means infinite attack surface

Conti Leaks Reveal Ransomware Gang's Interest in Firmware-based Attacks

Conti Ransomware Group: The Alliances Behind the Chaos

Conti ransomware group targeted Intel firmware tools

Conti ransomware targeted Intel firmware for stealthy attacks

Costa Rica public health service ransomware attack

Costa Rica's public health service disrupted by yet another ransomware attack

Critical Atlassian Confluence zero-day actively used in attacks

Critical flaw found inside the UNISOC smartphone chip

Cyber attacks in the manufacturing sector

Cyber-Attacks on Industrial Assets Cost Firms Millions

Cybercriminals Expand Attack Radius and Ransomware Pain Points

Cybercriminals look to exploit Intel ME vulnerabilities for highly persistent implants

Cybersecurity: this is the city with the most hackers in the world

Cybersecurity expert gives insight into timing of attack on Unified Government data centers

Department of Justice (DOJ) Role to Contain the Explosion of Ransomware

Digital and automated systems are targets of cyber attacks in 2022

Digital Identity: It’s Way More Important Than You Thought

Elasticsearch databases are being hit hard by ransom attacks

Email scam warning issued as fraudsters impersonate government and make enticing offer

Email Security: How To Protect Your Email From Hacking Attempts

Empathy: The Overlooked Ingredient in Cybersecurity

Employee training is best cyber crime protection

Evil Corp Affiliates Deploy LockBit Ransomware to Sidestep Sanctions

Evil Corp hackers evolve ransomware tactics to dodge US sanctions

Evil Corp switches to LockBit ransomware to evade sanctions

FBI Seizes WeLeakInfo, IPStress and OVH-Booter Cybercrime Portals

Five foundational elements of cyber resilience

Five Ways Shippers Can Shore Up Cybersecurity

Follina abuses Microsoft Office to execute remote code

Four ways cybercriminals can hack passwords

Foxconn confirms ransomware attack disrupted operations at Mexico factory

Foxconn confirms ransomware attack disrupted production in Mexico

Government Should Notify Data Breach Victims

Hackers Accessed Car Owners’ Personal Information in General Motors Credential Stuffing Attack

Hackers Exploiting Unpatched Critical Atlassian Confluence Zero-Day Vulnerability

HanesBrands Suffers Ransomware Attack

HanesBrands Suffers Ransomware Attack

HHS alerts to ongoing Emotet threat to the healthcare sector

How Business Insurance Can Protect Your Company After a Cyberattack

How Cloud SaaS Security Assessment Helps You Tackle Security Threats

How Do I Protect Myself From Cyber Threats?

How to ensure your printer or device is secure

How to Fix Common Data Security Mistakes

How to Prevent Ransomware: 5 Common Behaviors to Hunt

Illumina Cybersecurity Vulnerability May Present Risks for Patient Results and Customer Networks

Illumio calls for change as ransomware attacks cost Australian Businesses on average $250,000

Indian Ransomware Holds People's Data Hostage Until They Perform Three Good Deeds

INKY Identifies Telegraph as Platform for Phishing Campaigns

International Authorities Take Down Flubot Malware Network

Iran: Exiled MEK claims hacked 5,000 Tehran security cameras, dozens of municipality websites

Karakurt alert latest indicator that feds are worried about spin-off ransomware groups

Killnet: Analysis of Attacks from a Prominent Pro-Russian Hacktivist Group

Language-based BEC attacks rising

Majority of CIOs say their software supply chains are vulnerable, execs demand action

Martin University Announces Data Breach

Massive shadow code risk for world’s largest businesses

May ransomware attacks strike municipal governments, IT firms

Microsoft blocks Polonium hackers from using OneDrive in attacks

Microsoft Office apps are vulnerable to IDN homograph attacks

Millions of MySQL Servers are Publicly Exposed

Most CFOs, CEOs see cybersecurity gaps

New Research Shows Nearly Four out of Five (79%) Organizations Faced Ransomware Attacks within the Last Year

New York City Department of Education Bans Use of “Illuminate” Software Following Enormous Data Breach

No Organization Is Immune

Ontario Cannabis Store data breach raises credibility, security concerns

Owner of Dodge’s Southern Stores, D&H Company, Reports Data Breach Impacting Over 35k Consumers

Phishers Having a Field Day on WhatsApp, Telegraph

Ransomware attacks are wreaking havoc on Elasticsearch databases

Ransomware Attacks on Healthcare Organizations Increased 94%, According to Sophos

Ransomware gang now hacks corporate websites to show ransom notes

Ransomware hackers sidestep U.S. sanctions with a new trick: Rebranding

Ransomware roundup: System-locking malware dominates headlines

Researchers Demonstrate Ransomware for IoT Devices That Targets IT and OT Networks

Retailers amongst most targeted by cybercriminals

Rising Trends of Cyberattacks in Nigeria

Russia, backed by ransomware gangs, actively targeting US, FBI director says

Russian Hacking Gang Evil Corp Shifts Its Extortion Strategy After Sanctions

SAG-AFTRA Alerts Pensioners To Data Breach Of Horizon Actuarial Services That Might Affect Their Personal Information

Scammers Target NFT Discord Channel

Secrets in code make passwords vulnerable to hackers

SideWinder Hackers Use Fake Android VPN Apps to Target Pakistani Entities

Singapore banks take further step to tackle digital scammers

Singapore mandates 'kill switch' for banks as safeguard against online scams

Six ways to thwart malicious emails

Solving the Gen-N Security Dilemma

Somerset County still 'working through' ransomware attack with temporary solutions

The Day that Passwords Died (It’s coming soon, really!)

The EU’s Apple App Store crackdown ‘will fuel cyber attacks’

The Great Cybersecurity Resignation? Stressed-Out Pros Consider Quitting

The Top Five Sources of Data Breaches and How to Reduce Their Impact

The Zero Trust Approach to Data Management

This Runescape phishing scam could leave you seriously out of pocket

Top 10 Android banking trojans target apps with 1 billion downloads

Top Techniques for Cybersecurity Mitigation in an Organization

Turbulent Cyber Insurance Market Sees Rising Prices and Sinking Coverage

U.S. charges Venezuelan doctor with selling ransomware used by Iranian group

US confirms military hackers have conducted cyber operations in support of Ukraine

US government issues warning over ‘Karakurt’ data extortion group

What Comes from Requiring Local Government to Report Cyber Incidents?

What Companies Need to Know about the Strengthening American Cybersecurity Act (SACA)

What Is a Phishing Attack and How To Stop It

Why are Data Breaches so Expensive?

Why SMEs Should Worry About Cybersecurity in 2022

Why Stopping Business Email Compromise (BEC) Needs To Be A Priority For MSPs

Zscaler ThreatLabz 2022 Ransomware Report Reveals Record Number of Attacks and Nearly 120% Growth in Double Extortion Ransomware

1st June

5 Law Firm Cybersecurity Threats Solved with Legal Practice Management Software

5 Ways to Make Cybersecurity Fun

6 Lessons For Cybersecurity Leaders

33% of cybersecurity leaders name zero trust their top priority

46% increase in cyber attacks on SMEs in Saudi Arabia

Alameda Health System Reports Data Breach To HHS Affecting 90,000 People

Bad news: The cybersecurity skills crisis is about to get even worse

Browser-in-the Browser sextortion scam makes victims pay by imitating Indian Government

BT shares five ways to spot and avoid the most common online scams

Canadian organizations struggle to defend against ransomware

CISOs say ransomware is the least concerning threat to enterprises

Cloud computing security: Five things you are probably doing wrong

Connecticut Becomes Fifth US State to Enact Consumer Privacy Law

Conti Ransomware Group Voluntarily Shuttered, but Members Expected to Splinter off To Smaller Groups

Corporate Account Takeover: What It Is, and What To Do

Costa Rica’s public health system hit by Hive ransomware following Conti attacks

Countdown to Ransomware: Analysis of Ransomware Attack Timelines

Crypto Scams of the Week: MetaMask Phishing / Sextortion Attempt

Cyber Attack On Nigerian SMEs Up By 89%

Cyber attackers: if you can’t stop them, disrupt them

Cyber criminals selling thousands of university staff credentials on the dark web, FBI warns

Cyber-Warfare – Your People Are The Best Defense

Cybercriminals in 'concerted effort' to target South Africa's critical infrastructure

Cybersecurity experts weigh in after city of Portland data breach

DDoS threats growing in sophistication, size, and frequency

Don't let your cloud cybersecurity choices leave the door open for hackers

Email remains top cyberattack vector, more cybersecurity pros needed

Encryption: What it is, how it can help, and what to watch out for

Euro Cops Bust $47m Money Laundering Operation

Europol Announces Takedown of FluBot Mobile Spyware

Europol Confirms Takedown of SMS-based FluBot Spyware

Experts reveal the average ransomware attack takes just 3 days

FBI seizes domains used to sell stolen data, DDoS services

FBI says it thwarted Iranian cyberattack on Boston Children’s Hospital

Firms’ reliance on IT creates more cyber threats, Solicitors Regulation Authority (SRA) warns

FluBot Android malware operation shutdown by law enforcement

FluBot Android Spyware Taken Down by Global Law Enforcement Operation

FluBot takedown: Law enforcement takes control of Android spyware’s infrastructure

Gmail, Outlook and Hotmail email users warned over latest inbox scam

GoodWill ransomware dons Robinhood hat

GoodWill Ransomware Requires Victims to Do Good Deeds

Graham & Brown suffers major data breach

Hanesbrands Reports Ransomware Attack

How ransomware kill chains help detect attacks

How Scammers Try To "Phish" You Using Fake Regulator Email

How to Protect Your Business from Email Spoofing?

How To Push Past Polite And Bring A Security Mindset To Your Employees

Hundreds of Elasticsearch databases targeted in ransom attacks

Industrial IoT ransomware attacks control systems directly

Karakurt Data Extortion Group

List of data breaches and cyber attacks in May 2022 – 49.8 million records breached

Magniber ransomware now targets Windows 11 machines

Mayfield Heights-based Parker Hannifin facing class-action lawsuits over hack that exposed personal information of 119,000 employees

Microsoft Office zero day vulnerability discovered

Microsoft Releases Workaround for ‘One-Click’ 0Day Under Active Attack

Nearly Three-Quarters of Firms Suffer Downtime from DNS Attacks

New PoC Shows IoT Devices Can Be Hacked to Install Ransomware on OT Networks

New Unpatched Horde Webmail Bug Lets Hackers Take Over Server by Sending Email

New Windows Search zero-day added to Microsoft protocol nightmare

New XLoader Botnet Version Using Probability Theory to Hide its C&C Servers

Outlook, Hotmail and Gmail warning issued over rogue request

Pacemakers, insulin pumps can be hacked, experts say

Paving your path to Secure Access Service Edge (SASE): 4 tips for achieving connectivity and security

Pegasus Airline breach sees 6.5TB of data left in unsecured AWS bucket

Phishing incidents provide critical avenue for ransomware attacks, spur financial losses

R4IoT: When Ransomware Meets the Internet of Things

Ransomware Attack Disrupted SpiceJet’s Flight Operations Leaving Passengers Stranded

Ransomware attack recovery costs top $1.85M in healthcare

Ransomware attacks need less than four days to encrypt systems

Ransomware Group Claims to Have Breached Foxconn Factory

Ransomware hit 65% of organisations in Singapore

RuneScape phishing steals accounts and in-game item bank PINs

Second ransomware group attacks Costa Rica

SideWinder hackers plant fake Android VPN app in Google Play Store

Size does not matter in cyber attacks

Small businesses need cyber insurance now more than ever

Smart factories need smarter cyber defence

South Africa: Tax season is coming amidst a shocking rise in cybercrime

Survey Sees Greater Appreciation of Software Supply Chain Risks

Taking a data-driven approach to SOC operations

Taking An Enterprise-Wide Approach To Cyber Risk: How Understanding Trends And Responsibilities Can Strengthen Cyber Risk Resilience

Telegram’s blogging platform abused in phishing attacks

The Top 10 Personal Cyber Security Tips

Three security issues that should be top of mind right now

Twice as Many Healthcare Organizations Now Pay Ransom

Understanding What Cyber Insurance For Businesses Includes

Unofficial Micropatch for Follina Released as Chinese Hackers Exploit the 0-day

US city crippled by a ransomware attack pays £396,520 for a decryption key

US government: Paying Karakurt extortion ransoms won’t stop data leaks

Visualizing The 50 Biggest Data Breaches From 2004–2021

War in Ukraine Brings Out Scammers Trying to Exploit Donations

Watch out for phishing emails that inject spyware trio

What to do if you receive spam job offer via text message

Why cloud security matters and why you can't ignore it

Why cyber-security compliance should be an afterthought

Why Your Business Needs a Disaster Recovery Plan

Windows MSDT zero-day vulnerability gets free unofficial patch

YODA Tool Found 47,000 Malicious WordPress Plugins Installed in Over 24,000 Sites

31st May

3 Takeaways From the 2022 Verizon Data Breach Investigations Report

4 emerging threats in the domain name landscape

4 in 5 cyber attacks executed by organised crime

57% of all digital crimes in 2021 were scams

82% of CIOs believe their software supply chains are vulnerable

50,000 super fund members impacted by data breach

After Hive cyberattack, Partnership HealthPlan confirms data theft affecting 855K

Albany Bank & Trust Co. Reports Data Breach Following Data Security Incident

Australian National Disability Insurance Scheme provider breached and treating its database as compromised

Automation and Artificial Intelligence Are the Strategic Keys for an Effective Defense Against Growing Threats in the Digital World

Beware of scam emails claiming to be from Ofgem over energy rebates

Cheerscrypt Linux-Based Ransomware Targets VMware ESXi Servers

Chinese Hackers Begin Exploiting Latest Microsoft Office Zero-Day Vulnerability

ChromeLoader Browser Hijacker Provides Gateway to Bigger Threats

Clearview AI fined over $8 million for data privacy violation

Compromised academic credentials available on cybercriminal platforms

Costa Rica May Be Pawn in Conti Ransomware Group’s Bid to Rebrand, Evade Sanctions

Costa Rica public health system targeted by ransomware

Costa Rica’s public health agency hit by Hive ransomware

Costa Rican Social Security Fund hit with ransomware attack

Cyber attack on Nigerian SMEs up by 89 per cent in 2022

Cyber Defense Confidence Ebbs as Ransomware Attacks Multiply

Cyber Security in Universities: The Top Threats and How to Defend Against Them

Cybercrime complexity drives changes in the CISO role

Cybersecurity and Decentralized Finance: 4 Key Points

Cybersecurity Automation: How Can Businesses Benefit From It

Cybersecurity Mesh: What It Is and Why You Need It

Delaware physician group latest spine practice to suffer ransomware attack

Digital commerce fraud: What it is and how to stop it

Digital Pharmacy Capsule Files Notice of Data Breach with Federal Government

Discord Is the World’s Most Important Financial Messenger, and a Hotbed for Scammers

Email breach costs Portland, Oregon, $1.4 million

EnemyBot Malware Targets Web Servers, CMS Tools and Android OS

Energy giants sign Cyber Resilience Pledge

FBI warns of Ukrainian charities impersonated to steal donations

Five ways to build holistic cybersecurity in the hybrid workplace

Four cryptocurrency cybersecurity risks and how to avoid them

Global Events Are Raising Cyber Risks for American Businesses

Global Phishing Incidents Increasingly Driven by Ransomware Gangs

'GoodWill' ransomware: How it entraps victims with unusual demand

'GoodWill' ransomware demands victims donate to charity

Hackers breached Canadian hospital network's servers, stole sensitive patient data

Hackers Hit Donation Account At Boys and Girls Club Of New Rochelle

Hackers Selling US Colleges VPN Credentials on Russian Forums

Hackers steal WhatsApp accounts using call forwarding trick

Hanesbrands discloses ransomware attack. It's unclear whether company paid the ransom

Hard Truth About Web Scraping Bot Attacks and Its 4 Business Impacts

How Enterprises can Protect Their Digital Assets in 2022

How Metaverse Phishing Scams Work and How to Stay Safe

How to avoid scammers on the internet

How to keep your cloud storage data safe

How to protect your business data from cyber-attacks

India Home To Fourth-Highest Number Of Cybercrime Victims In The World

Interpol Arrests Alleged Head of BEC Cybercrime Syndicate

Investing In Cybersecurity Amid Rising Digital Threats

Is your business cyber secure?

It takes a community to fight cyber crime

Kanza Cooperative Association Files Notice of Data Breach After Cybersecurity Incident

Keep Yourself Cyber Safe – See How

Latest Mobile Malware Report Suggests On-Device Fraud is on the Rise

Legacy Fraud Techniques No Match For Cybercriminals Using ‘Weaponized’ Identity Credentials

Magniber Ransomware Now Targets Windows 11 Machines

Microsoft Acknowledges Zero-Day, Follina Office Vulnerability, Suggests Fix

Microsoft Confirms ‘Follina’ Office Zero Day Vulnerability

Microsoft shares mitigation for Office zero-day exploited in attacks

Microsoft zero day “Follina” demystified: What you need to know about CVE-2022-30190

Nation State Actors Target Vulnerabilities in Critical Infrastructure

National Disability Insurance Scheme (NDIS) case management system provider breached

New Ransomware Forces People to be Charitable to Get Their Data Back

New XLoader botnet uses probability theory to hide its servers

New York City schools ban use of Illuminate Education products after massive data breach

Nigerian Betting Site Bet9ja Suffers Cyber-Attack

Ohio data breach affects nearly 30,000 patients

Over 3.6 million MySQL servers found exposed on the Internet

Parker Hannifin Hit with Class Action Over March 2022 Data Breach

Passwords Stolen in Breach of New York Financial Disclosure System

Pegasus Airlines Leaked 6.5TB of Data in AWS S3 Bucket Mess Up

Pharmacy Delivery Service Hit With Class Action Over Data Breach

Psychological Assessment Resources, Inc. Announces Data Breach

Ransomware: Organizations are at risk today than ever

Ransomware attacked more last year than in previous five years

Ransomware attacks stabilise in April

Reducing the Risk

Russia nixes US charges against REvil defendants as cooperation fizzles

Russian Killnet cyber attacks begin on Italian-linked businesses

Secure your data online with these 8 foolproof ways and stay safe on the web

Security and Backup Alignment Critical to Ransomware Recovery

Security underpins digital transformation

Seven warning signs you need to upgrade your endpoint security

SideWinder Hackers Launched Over a 1,000 Cyber Attacks Over the Past 2 Years

Software Supply Chain Attacks are Skyrocketing

Study highlights a ‘dangerous disconnect’ within UK businesses when it comes to cyber resilience

The Future of Zero Trust in a Hybrid World

The State of Cyber Resilience: no progress in executive confidence

The value of cyber insurance for small businesses

There is no good digital transformation without cybersecurity

This Hacker Group Forces People to Do Good to Get Their Data Back

This zero-day Windows flaw opens a backdoor to hackers via Microsoft Word. Here's how to fix it

Three BEC Suspects Arrested in “Killer Bee” Sting

Trend Micro blocked and detected over 58 million threats in Egypt

Turkish Airline Exposes Flight and Crew Info in 6.5TB Leak

U.S. Department of Homeland Security and Ransomware: The Research Findings

UK Privacy Tsar: Stop Excessive Data Collection from Rape Victims

Ukraine Observed Nearly 14M Cyber Incidents in Q1 2022

US academic credentials advertised for sale in dark web forums

What AI can (and can't) do for organisations' cyber resilience

What is a cyber attack?

What should be done if you are affected by a bank phishing fraud

Why Companies Must Protect themselves from Data Breaches

Windows MSDT zero-day now exploited by Chinese APT hackers

Zero-day bug exploited by attackers via macro-less Office documents (CVE-2022-30190)

Zero-trust-washing: Why zero trust architecture is the framework to follow

30th May

5 key frauds in the travel and tourism industry

5 reasons why GDPR became a milestone for data protection

6 Steps to Ensure Cyber Resilience

7 easy ways to improve your online security for free

10 Email Server Security Best Practices to Secure Your Email Server

$39.5 billion lost to phone scams in last year

50k customers caught up in Spirit Super phishing attack

75% of phishing websites surpass Google chrome defenses

Adecco Group subsidiary Akka Technologies hit by cyber attack

AgTech revolution leaving sector prone to cyber risks

AI-ransomware attacks are creating havoc in different industries - maybe there is time limit for AI expertise

All cars will be connected to the internet ‘by 2026’ - Expert tips to stop hackers

Anonymous Claims Attacks Against Belarus for Involvement in Russian Invasion of Ukraine

Avertible risk

Beware the Smish! Home delivery scams with a professional feel

Cert-In warns users about mobile-based malware and methods employed to infect devices

Check your Google NOW – someone might be watching everything you do

Common Cybersecurity Terms That Are Often Confused

Corporate Divorce: How Companies Can Prevent Multimillion-Dollar Data Breaches

Cryptocurrency Spams Grow By Over 4000% In The Last Few Years

Cyber cover worth paying for? 58% say yes, survey finds

Cyberattacks on Australian Healthcare Doubles

Cybersecurity disclosure can make companies vulnerable to attacks

Cybersecurity tools you should be aware in 2022

Data breach at Australian pension provider Spirit Super impacts 50k victims following phishing attack

Department of Justice (DOJ) Says Cardiologist Created, Distributed Ransomware

EnemyBot Linux Botnet Now Exploits Web Server, Android and CMS Vulnerabilities

Fastly Study Shows Large Amount Of Aussie IT Companies Are Operating Under Threat Of Cyber Attack

Four key elements of a defense-in-depth cybersecurity program

Hacker Stole Verizon Employee Data, Holds It For $250,000 Ransom

Hackers are Selling US University Credentials Online, FBI Says

Hackers Found Selling Stolen University Credentials

Hackers’ Phishing Attack Cuts Off Moonbirds NFTs Worth $1.5 Million

Health care must bolster privacy, security efforts

Here Is The Importance Of Using Two-Factor Authentication

How can AI prove to be a game-changer in cybersecurity?

How Costa Rica found itself at war over ransomware

How ransomware attack on SpiceJet reveals gaps in our air safety

How the shutdown of a small college brings home the danger of ransomware attacks

How to Avoid Fraudulent Transactions in Your Online Business: Tips and Tricks

How To Eradicate Plaintext Data Breaches

How to Implement a Proactive Cyber Defense Strategy

How Wildcard Hacktivists and ‘Robin Hood’ Ransomware Groups Amplify Cyber Risk

ICS Security in Healthcare: Why Software Vulnerabilities Pose a Threat to Patient Safety

India Among Top Five Countries In Terms Of Victims Of Cybercrimes; Phishing Most Common Crime

Interpol Nabs 3 Nigerian Scammers Behind Malware-based Attacks

Is 3rd Party App Access the New Executable File?

Italy on alert over Killnet cyber attack threat

Italy warns organizations to brace for incoming DDoS attacks

JBS Foods cyber attack highlights industry vulnerabilities to Russian hackers

Key takeaways from Verizon's 2022 data breach report

Linux malware is on the rise - 6 types of attacks to look for

Look out for this malware that is targeting web browsers like Chrome

Microsoft Releases Workarounds for Office Vulnerability Under Active Exploitation

Microsoft to Roll Out Security Details to Older Azure Users

Mobile Threat Volumes Slump 58% in a Year

More than half of all cybercrimes were scams in 2021, claim Group IB

New Microsoft Office zero-day used in attacks to execute PowerShell

New WhatsApp OTP Scam Allows Scammers to Hijack Your Account

NHS Scotland must be on ‘high alert’ amid rise in ransomware attacks, warns cyber boss

Nigeria records 147% increase in password-stealing malware in three months

Online Bodyguards: The Security Behind Online Casinos

Online cyber security and the threats of modern technology

Protecting your data with multi-factor authentication

Putin horror warning over 'own goal' attack on UK coming back to haunt Kremlin

QR code malware: protect yourself and your family

Ramping up or shutting down? Cl0p ransomware gang’s puzzling resurgence

Researchers Warn of New Microsoft Office 0-Day Vulnerability “Follina”

Singapore’s OCBC Hit With SGD 330M Additional Cap Requirement Following Phishing Scams

Singapore’s OCBC told to reserve extra $240m after phishing scam

Small businesses in Kenya are still in danger, facing a 47% increase in Internet attacks in 2022

SMEs under cyber attack

Social engineering is top cyberattack method targeting financial orgs

Strong internal foundations are key to withstanding external threats

Study Warns That Shadow Code on External JavaScript Libraries Pose a Serious Supply Chain Risk

The evolving cybersecurity needs of organisations across the UK

The Growing Importance Of Endpoint Security In The Post-Covid World

The Importance of Securing Operational Technology

The most widespread methods of cyber-attack on individuals and companies in 2022

The Navarrese city councils have been down for 13 days: a ransomware has left the entire administration as it was 20 years ago

Third of UK Firms Have Experienced a Security Breach Since 2020

Three Nigerians arrested for malware-assisted financial crimes

Top 10 Cyber Threats in 2022

Twitter fined $150m for exploiting users' personal data

UK firms pay £3m in cyber ransom as Russian cybercrime surges

UK government seeks views on cloud, datacenter security

US Academic Credentials Displayed in Public and Dark Web Forums

Watch Out! Researchers Spot New Microsoft Office Zero-Day Exploit in the Wild

What makes for the most deceptive phishing attacks?

Why Botnets Are Becoming Difficult to Detect

Why businesses need to get serious about cyber

Why Healthcare IoT Requires Strong Machine Identity Management

Will Russia Launch a New Cyber Attack on America?

Zero-Day ‘Follina’ Bug Lays Older Microsoft Office Versions Open to Attack