Editor's Message

Welcome to DBD. On March 8th we celebrated our 4th Anniversary and the 1st Anniversary of our PRiSM application, officially endorsed by the SANS Institute. Despite recent personal issues that have impacted the amount of time I have been able to dedicate to both projects, I have been doing my best to keep everything as up-to-date as possible, and I would like to take this opportunity to thank everyone for their patience and support whilst I navigate through this very difficult time. Stay safe. :)

Monday 25 July 2022

Agenzia Delle Entrate: Italian Revenue Agency Suffers "LockBit" Ransomware Attack Resulting In Stolen Data Leak Threat

Data Breaches Digest - Week 30 2022

Welcome to this week's Data Breaches Digest, a catalogue of links concerning Data Breaches and Cyber Security that were published on the Internet during the period between 25th July and 31st July 2022.

31st July

Alleged ShinyHunters Hacker Group Member Arrested

Australia charges dev of Imminent Monitor RAT used by domestic abusers

Australian Hacker Charged with Creating, Selling Spyware to Cyber Criminals

Check if you have your PC prepared against ransomware

Cryptojacking and how miners can prevent it

Data apathy is 'costly and dangerous' - take five steps to clear up who knows what about you

Email Fraud in 2022: What you Need to Know

FBI warns of increase in cyberattacks in New Mexico

Gootkit Loader Resurfaces with Updated Tactic to Compromise Targeted Computers

Here’s exactly how tech companies and apps conspire to track you 24/7

Huge network of 11,000 fake investment sites targets Europe

If you’re getting fake texts from scammers posing as Amazon, you’re not alone - here’s what you can do

Israeli college targeted by cyber attack; students’ data held for ransom by hackers

Latest report says Ransomware and Business Email Compromise Attacks are causing 70% of the cyberattacks we see today

Median Ransomware Payments Fall by 51% as Victims Refuse to Pay Hackers

New warning over ‘surge’ in fake Santander texts that aim to steal your bank details

Over 50% of users in Egypt encountered phishing attempts during electronic payments

Pakistan: Cyber threat

Paytm Mall breach allegation found to be fabricated, withdrawn

Phobos Ransomware Impact On Small Business, New Study Released By 2Secure Corp

Primary forms of ransomware of concern to business identified

Protect Your Assembly Plant Against Ransomware

Ransomware bites: One in 40 companies hit a week

Thai entities continue to fall prey to cyberattacks and leaks

Uber data breach impacts 57 million users

30th July

10 biggest data breaches in history, and how to prevent them

911 (911.re) Proxy Service Shuts Down After Confirming Security Breach

Adware cleaner apps promoted on Facebook sneaked into the Play Store

Afraid to delete data? Think again

Allegheny Health Network (AHN) reports data breach

Bromford Housing Association targeted by cyber attack

Cryptojacking Cases Are Rising Globally, Why So And Should This Worry You?

Cyber attack targets Finnish news agency STT

Data breach potentially exposes names and medical history of Allegheny Health Network (AHN) patients

Facebook ads push Android adware with 7 million installs on Google Play

India must prepare for AI warfare

Latest Report Shows Cryptojacking Increased By 30% During The Crypto Slump

Majority of public agencies feel ‘under-equipped’ to investigate digital assets-related crimes

Medical billing service seeking insurance coverage for ransomware attack among upcoming Ohio Supreme Court cases

Melbourne Man Charged With Creating Global Spyware

Meta, U.S. hospitals sued for tracking patients on medical portals

Microsoft disclosed Raspberry Robin USB-based Worm can have a connection with pro-Russian hacker group Evil Corp

Microsoft Links Raspberry Robin USB Worm to Russian Evil Corp Hackers

Microsoft ties novel ‘Raspberry Robin’ malware to Evil Corp cybercrime syndicate

Morocco Arrests French National Wanted In US For Cybercrime

Phishing and software vulnerabilities cause nearly 70% of cyber incidents

Phishing risks escalate as Celsius confirms client emails leaked

Ransomware: Sometimes you need to pay to make it go away

Ransomware affects 1 in 40 – Are you at risk?

Russian hacker group is said to have targeted German energy suppliers

Secure Your Home Wi-Fi Network Now to Ward Off Hackers and Freeloaders

Smishing gang smashed thanks to an operation by Almeria province’s Guardia Civil

State warns of new phishing scam with fake bank fraud alerts

Staying Ahead of the Distortion of a Cyber Attack?

This is what to expect when a managed service provider gets popped

This New Phishing Campaign Uses An Almost Authentic Gmail Log In Page, Here's How Users Can Protect Themselves

UK mobile industry cracks down on scam texts, reduces them by 97%

What is Phishing and Why Should You Care?

You Pay More When Companies Get Hacked

29th July

3 Tech Hacks To Keep Your Medical Practice Cyber Secure

96 Senior Living and Healthcare Facilities Affected by Avamere Data Breach

911 Proxy Service Implodes After Disclosing Breach

A ransomware attack cost this entrepreneur a year of his life and almost wrecked his business

Allegheny Health Network (AHN): Phishing scam compromised data of 8,000 patients

Amazon, PayPal, iCloud, USPS, FedEx, Costco, T-Mobile, Citibank, & More - Top Phishing Scams of the Week

Are Proof-of-Concepts Benefiting Cybercriminals?

Attackers are slowly abandoning malicious macros

Big Questions Remain Around Massive Shanghai Police Data Breach

Bromford Housing Association shuts down systems after cyber attack

Canada’s major arts and culture organizations fall victim to cyberattack

CISA Warns of Atlassian Confluence Hard-Coded Credential Bug Exploited in Attacks

CISA warns of critical Confluence bug exploited in attacks

Cleveland Museum of Art alerts email subscribers about ransomware attack on external provider, WordFly

Congress Warns of US Court Records System Breach

Cyber attack on US court system being investigated, Department of Justice (DoJ) confirms

Cybercriminals selling malware kits to amateur hackers for price of gallon of fuel

Dahua IP Camera Vulnerability Could Let Attackers Take Full Control Over Devices

Data breach costs reach all-time high

Decentralized IPFS networks forming the 'hotbed of phishing'

Department of Justice investigates data breach of court records system

Did the US Federal Courts Fall Victim to Another Data Breach?

Euro Police Bust €3m Internet Fraud Gang

FakeUpdates malware delivered via Raspberry Robin has possible ties to EvilCorp

Federal Communications Commission (FCC) Warns of Rising Robotext Scams

Founder of pro-Russian hacktivist Killnet quitting group

Gelt Finance, Inc. Reports Unauthorized Access May Have Resulted in Leaked User Data

Housing association Bromford shuts down systems 'as a precaution' after cyber attack

How Are K-12 and Higher Education Faring Against Ransomware?

How ‘No More Ransom’ Helped More Than 1.5 million People Decrypt Their Devices

How to Combat the Biggest Security Risks Posed by Machine Identities

Is Zero Trust segmentation the answer to mitigating ransomware threats?

Law Enforcement Crack Down Drives Cyber Criminals Towards Less-Conspicuous Attacks

LinkedIn 'most faked' brand in phishing attempts

LockBit ransomware abuses Windows Defender to load Cobalt Strike

LofyLife: Malicious npm Packages Used in Siphoning Off Discord Tokens, Card Data

Malicious Npm Packages Designed to Steal Discord Tokens

Malicious Npm Packages Tapped Again to Target Discord Users

Microsoft Connects USB Worm Attacks to 'EvilCorp' Ransomware Gang

Microsoft has blocked hackers' favourite trick. So now they are looking for a new route of attack

Microsoft links Raspberry Robin malware to Evil Corp attacks

New banking scam: Warning for Bank of America, Citi and Wells Fargo customers

No More Ransom has a plethora of free ransomware decryption tools

North Korean Hackers Using Malicious Browser Extension to Spy on Email Accounts

OneTouchPoint Discloses Data Breach Impacting Over 30 Healthcare Firms

Over a Dozen Android Apps on Google Play Store Caught Dropping Banking Malware

Over half of users in Middle East have faced online phishing scams, says survey

Paytm Data leak update: haveibeenpwned.com retracts Paytm Mall data breach claim, users' data absolutely safe

Paytm Mall rejects claim of data breach in 2020, says users’ data is absolutely safe

Phishing risks escalate as Celsius confirms client emails leaked

Phishing, software vulnerabilities cause 70% of cyber incidents

Prevent email phishing attacks this summer with 3 defensive measures

Ransomware: Publicly Reported Incidents are only the tip of the iceberg

Ransomware Attacks Rise Sharply

Ransomware Bill Passes House

Ransomware Ecosystem: Big-Name Brands Becoming a Liability

Ransomware Group Demand £500,000 From Bedfordshire School

Ransomware group demands £500,000 from British schools, citing cyber insurance policy

Ransomware now impacts 1 out of 40 organisations a week

Ransomware-as-a-service (RaaS) Groups Forced to Change Tack as Payments Decline

Researchers Warns of Increase in Phishing Attacks Using Decentralized IPFS Network

South Plainfield residents frustrated over handling of data breach

Spanish Police Arrest 2 Nuclear Power Workers for Cyberattacking the Radiation Alert System

Staying safe online: How to browse the web securely

Strategies for third-party risk management in healthcare

T-Mobile to Pay $500 Million to Settle Claims Related to 2021 Breach

Telegram and Discord Bots Delivering Infostealing Malware

This phishing attack uses a countdown clock to panic you into handing over passwords

U.S. Doubles Reward for Information on North Korea Cyberattackers

US government warns Americans of escalating SMS phishing attacks

US House of Representatives pass two cybersecurity bills

Using real customer data in testing environments creates unnecessary risk

Victims in Singapore lose some S$37,400 in July 2022 alone due to surge in IRAS phishing scams

What is cryptojacking?

What’s Top of Mind for CISOs in 2022?

When It Comes To Protecting Data, Know Your Enemy

Why CISA wants to release a new version of its Zero Trust Maturity Model

Why your data protection strategy needs to prioritise recovery

28th July

1 in 3 employees don’t understand why cybersecurity is important

3 Challenges of Remote Support in Zero Trust (And How to Overcome Them)

5 tips to protect your business from phishing scams

84% of organizations experienced an identity-related breach in the past 18 months

1,000s of Phishing Attacks Blast Off From InterPlanetary File System

Akamai blocked largest DDoS in Europe against one of its customers

APT-Like Phishing Threat Mirrors Landing Pages

As Microsoft blocks Office macros, hackers find new attack vectors

Atlassian Confluence Hardcoded Credentials Bug Actively Exploited

Behavioral Health Group Reports Data Breach Affecting Patients’ Protected Health Information

Best practices for CISOs recovering a Microsoft network after an incident

Beware - that PayPal email could be a wallet-draining scam

Can Your Email Security Software Detect These Hidden Threats?

Celsius Email List Stolen During OpenSea Breach

CISOs Are Focused on These 3 Trends, Are You?

Clarion Housing Group Residents Beg Government to Step in After Cyber Attack

Clinivate, LLC Announces Data Breach

Cybercrime is on the rise, and water treatment plants are particularly vulnerable

Cybersecurity Vendor Consolidation on the Horizon

Cyberspies use Google Chrome extension to steal emails undetected

Data breach with Cleveland Museum of Art e-mails

Data-Centric Security Could Save Breached Firms Over $750K

Dreading security risk assessments? 6 ways to make them better

European Police Arrest 100 Suspects in BEC Crackdown

Federal courts hit by "significant and sophisticated" cyber attack in 2020

Fewer Ransomware Victims Pay, as Median Ransom Falls in Q2 2022

Gannon Associates Insurance Agency Announces Data Breach

Gigamon survey shows one in three organisations see malicious insiders as ransomware route

Google mimicked in email phishing scam

Hackers Change Tactics for New Post-Macro Era

Hackers Opting New Attack Methods After Microsoft Blocked Macros by Default

Hacktivist group Anonymous is using six top techniques to ‘embarrass’ Russia

H0lyGh0st ransomware gang faces challenges, but still a threat

How attackers are adapting to a post-macro world

How Cyber Insurance Is Evolving Amid Ransomware Tsunami

How Does Ransomware Spread in a Network?

How to develop a data breach response plan: 5 steps

How to Wrap Your Cybersecurity Plan around an Attacker’s Mindset

Idaho hospital's vendor data breach affects 31,573 patients

Incident of the Week: Uber reaches settlement following cover up of data breach

IoT Malware Attack Volume Up 123% in Healthcare

IT Survey Shows Managing Third-Party Risks Remains a Growing and Unmet Challenge

Keys to LockBit's Success: Self-Promotion, Technical Acumen

Latest Critical Atlassian Confluence Vulnerability Under Active Exploitation

Legacy Authentication Methods Responsible for 80% Of Data Breaches on Financial Institutions, but Most Refuse To Upgrade

LibreOffice addresses security issues with macros, passwords

LinkedIn remains most-impersonated brand by phishing campaigns

Living Off Windows Defender - LockBit Ransomware Sideloads Cobalt Strike Through Microsoft Security Tool

Malicious npm packages steal Discord users’ payment card info

Manufacturing industry hard hit by ransomware

Microsoft: Hackers are Using Malicious IIS Extensions to Backdoor Exchange Servers

Microsoft SQL servers hacked to steal bandwidth for proxy services

Microsoft takes top spot as most impersonated brand in phishing

Microsoft Uncovers Austrian Company Exploiting Windows and Adobe Zero-Day Exploits

More than half of Egypt’s users encountered phishing attempts during electronic payments

New Jersey Attorney General Announces $8 Million Settlement With Wawa Over Compromised Payment Cards

Not-So-Secret Service: Text Retention and Deletion Policies

One Ransomware victim is appearing on leak sites every four hours

Only 25% of organizations consider their biggest threat to be from inside the business

Phishing Attacks: 18 Examples and How to Avoid Them

Phishing Attacks: Microsoft Leads Top 25 of Impersonated Brands

Phishing Attacks Take LinkedIn By Storm, And Affect Facebook Business Accounts In The Process

Phishing campaign targeted 10,000 firms with business email compromise fraud

Phishing-as-a-Service Platform Offers Cut-Rate Prices

Practice Innovations: The real risk of ransomware in 2022 and beyond

Ransom payments fall as fewer victims choose to pay hackers

Ransomware caused American Dental Association outage, led to stolen data

Ransomware Group Demands £500,000 From School

Reasons behind Cryptocurrency association with criminal activities

Risks of biometric verification technology use in public services databases flagged up

Security bug left over 1,000 organizations open to ransomware, device hijacking

Singapore: More than S$37,000 lost by victims this month amid 'sudden surge' in Inland Revenue Authority of Singapore (IRAS) phishing scams

Social Media Accounts Hijacked to Post Indecent Images

Some Waterloo Region District School Board (WRDSB) staff won’t get paid this week due to cyber attack

Spanish Police Arrest Alleged Radioactive Monitoring Hackers

Survey reveals the important role of ‘malicious insiders’ in successful ransomware attacks

T-Mobile’s data breach set to cost them $500m

The average cost of a data breach increased 2.6% from $4.24 million in 2021 to $4.35 million in 2022

The new cyber threat: phoning a call centre

The true meaning of cybersecurity

Threat Actors Pivot Around Microsoft’s Macro-Blocking in Office

Top 5 emerging enterprise risks in Q2 2022

Transportation Security Administration (TSA) Issues Directive to Prevent Another Colonial Pipeline Attack

US Expands Cybersecurity Partnership With Ukraine

US Senator Brown seeks safeguards disclosures from Apple, Google amid rise in fake crypto apps

Vulnerabilities are Beyond What You Think

What Is An Attack Path & How Does It Help Identify Risks?

What is the annual cost of a data breach?

What to Consider in your Multinational Insider Risk Management (IRM) program

What You Should Do When Two-Factor Authentication Becomes a Security Requirement

Why Data Recovery Due Diligence Helps Improve Cyber Resilience and Ransomware Response

27th July

Arts organizations alarmed after WordFly ransomware attack

Average cost of data breach in India at all-time high

Best Phishing Simulators To Prepare Employees And Defend Your Network

Beyond prevention: Stepping up the fight against ransomware

Big gaps found in workplace cybersecurity best practices

Canadian orchestra group among victims of ransomware attack

Cash App fraud: 10 common scams to watch out for

Consumers Pay the Price as Data Breach Costs Reach All-Time High

Criminals Use Malware as Messaging Bots to Steal Data

Cyber hackers threaten Bedford school, demanding '£500k or else'

Cyber-Criminal Offers 5.4m Twitter Users’ Data

Cybercrime goods and services are cheap and plentiful

Data Breach Costs Reach New Record High

Data breach costs record $4.3M with firms passing buck to customers

Data Breach on Virtual Pet Website Neopets Affected 69 Million Users and Leaked Source Code

DDoS Attack Trends in 2022: Ultrashort, Powerful, Multivector Attacks

Digital Payments: Survey Reveals 35% of South Africans Face Phishing Scams

Discord and Telegram are used to distribute malware

Does cybersecurity's 'blame culture' affect incident reporting?

Europol celebrates six years of No More Ransomware

Fallout from massive Shanghai Police data breach reverberates on dark web

FileWave fixes bugs that left 1,000+ orgs open to ransomware, data theft

FIN7 Threat Actors Add Ransomware to Their Arsenal

Fundsmith warns investors about phishing scams

Global State of Ransomware Survey Reveals One in Three Organizations See Malicious Insiders as a Route for Ransomware

Google once again delays phasing out third-party cookies

How Ransomware Has Become a Geopolitical Risk for Governments

How SMBs are evolving their cybersecurity operations practices

IBM Report Reveals Economic Impact of Data Breaches

India: Average cost of data breach Rs 17.6 crore

Infostealer malware targets Facebook business accounts to capture sensitive data

Iraqi hacker group 'ALtahrea Team' targets Israeli IT, e-commerce companies in major cyber attack

Is Nigeria Facing a Phishing Epidemic?

Kansas MSP shuts down cloud services to fend off cyberattack

LibreOffice Releases Software Update to Patch 3 New Vulnerabilities

Malicious IIS Extensions Gaining Popularity Among Cyber Criminals for Persistent Access

McAfee Phishing Scam Email Claims ‘Device at Risk’

Messaging Apps Tapped as Platform for Cybercriminal Activity

Microsoft: Windows, Adobe zero-days used to deploy Subzero malware

Microsoft warns of stealthy backdoors used to target Exchange Servers

More Than 1.5 Crore Social Media Phishing Attacks in Q2 In India

More than half of users in Nigeria faced phishing scams when using digital payments

Much to Do About Ransomware: Report Highlights a Path Forward

New Ducktail Infostealer Malware Targeting Facebook Business and Ad Accounts

New ‘Robin Banks’ phishing service targets BofA, Citi, and Wells Fargo

No More Ransom Has Helped Over 1.5m Victims

Over half of users in Saudi Arabia faced phishing scams when using digital payments

Palo Alto Networks Unit 42 Incident Response Report Reveals that Phishing and Software Vulnerabilities Cause Nearly 70% of Cyber Incidents

Paytm Allegedly Suffered Data Breach Affecting 3.4 Million Users In 2020

PolicyBazaar: Cyberattack Breaches IT System, No Significant Data Lost

Price hike for consumers as data breach costs rocket to all-time high

Race against time: Hackers start hunting for victims just 15 minutes after a bug is disclosed

Ransomware attacks decline amid crypto downturn

Ransomware in the UAE: Evolving threats and expanding responses

Ransomware now strikes 1 in 40 organisations per week

Security Tracker Retracts Allegations Of 2020 Data Breach At Paytm Mall

Senators Introduce Quantum Encryption Preparedness Law

Single data breach now costs nearly Rs 17.5 crore in India

Spain arrests suspected hackers who sabotaged radiation alert system

Taking the Risk-Based Approach to Vulnerability Patching

Tenants 'bombarded with phishing scams' beg government to step in after housing association hack

The global average cost of a data breach reaches an all-time high of $4.35 million

The Strategic Impact of Verizon's 2022 Data Breach Investigations Report

These 28+ Android Apps with 10 Million Downloads from the Play Store Contain Malware

These are the phishing emails employees fall for

These ransomware hackers gave up when they hit multi-factor authentication

Top cyber threats facing South Africa

Twitter data breach: Personal details of 5.4 Million users leaked

U.S. Offers $10 Million Reward for Information on North Korean Hackers

Wawa agrees to payment, security changes after 2019 data breach

Ways Hackers Can Steal Information from Your Device

What to Do if Your Password Is Exposed in a Data Breach

What to do if your school experiences a ransomware attack

What’s New in the 2022 Cost of a Data Breach Report

Wilson Tool International Confirms Recent Data Breach Affecting Current and Former Employees

26th July

3 Actions Enterprises Must Take After Suffering a Data Breach

4 Steps the Financial Industry Can Take to Cope With Their Growing Attack Surface

60% of cybersecurity leaders not confident in their cloud security tactics

A robust cybersecurity response plan has never been more critical

Anti-Vaxxers Looking for Love Had Their Data Exposed

Are Indian organizations prepared for the new CERT-In cyber policies

Arhaus Confirms Data Breach Affecting Employee Information

Audius compromised in the latest cyber attack and lost 18 million AUDIO tokens worth $6 million

Average cost of data breach surpasses $4 million for many organizations

Benefits of modern PAM: Efficiency, security, compliance

Check Point Research: Ransomware Attacks Per Organization Hit All-Time Peak in Q2

Clinivate notifies customers of data breach

Critical FileWave MDM Flaws Open Organization-Managed Devices to Remote Hackers

Critical Vulnerabilities Exposed Nuki Smart Locks to a Plethora of Attack Options

Culture shock: Ransomware gang sacks arts orgs' email lists

Cyber-preparedness no longer about tech, but informed business leadership

Cybercrime in food: Five-step plan for Australian firms to tackle 'increasingly sophisticated' security risks

Cybercriminal dark web enterprises grow

Cybercriminals are using messaging apps to deliver malware

Cybercriminals target Stranger Things fans

Cybercriminals targeting Middle East users in widescale phishing scam

Cybersecurity Firm Mutare Reveals That Nearly Half Of All Organizations Have Been Targeted By Voice-Acted Phishing Attacks

Ducktail Malware Exploits LinkedIn to Hack Facebook Business Accounts

Ducktail Spear-Phishing Campaign Uses LinkedIn to Hijack Facebook Business Accounts

Employees That Circumvent Access Introduce Risk

Experts Find Similarities Between New LockBit 3.0 and BlackMatter Ransomware

Facing plenty of phish, employees need to get schooled

FBI, CISA Warn of North Korean Ransomware Threat Targeting Healthcare Organizations

Financial Incentives May Explain the Perceived Lack of Ransomware in Russia’s Latest Assault on Ukraine

Global Malware Volumes Increase for First Time in Three Years

Hackers Increasingly Using WebAssembly Coded Cryptominers to Evade Detection

Hackers scan for vulnerabilities within 15 minutes of disclosure

Hackers steal $6 million from blockchain music platform Audius

Highly Evasive Adaptive Threat (HEAT) Attacks: The new frontier for hackers

Hit by ransomware? No More Ransom now offers 136 free tools to rescue your files

How Can Employees Bolster Security To Help Avoid Rising Ransomware And Malware Attacks?

How Much Did the UK Seize in Crypto-assets Last Year?

How to report phishing emails

IBM’s Cost of a Data Breach Report finds invisible ‘cyber tax’

Identity security is a priority for IT security teams, but not understood by the C-suite

Indian insurance portal Policybazaar suffers data breach

“Innovations” Continue for Ransomware Gangs as Specific Stolen Data Becomes Searchable on Data Leak Sites

IoT Botnets Fuels DDoS Attacks – Are You Prepared?

Is any organisation risk and data breach free?

IT security giant Entrust says it’s investigating alleged June data breach

Italian taxman hit by ransomware

Latvia’s Corruption Prevention and Combating Bureau (KNAB) comes under cyber attack; political parties financing database and mobile apps down

LinkedIn phishing target employees managing Facebook Ad Accounts

LinkedIn remains the most impersonated brand in phishing scams, followed by Microsoft and DHL

LockBit 3.0: Significantly Improved Ransomware Helps the Gang Stay on Top

LockBit claims ransomware attack on Italian tax agency

Lockbit Ramps Up Attacks on Public Sector

LockBit ransomware gang claims attack on Italian tax office

LockBit ransomware gang claims it ransacked Italy’s tax agency

Luca Stealer malware spreads rapidly after code handily appears on GitHub

Malicious attacks are #1 cause of healthcare data breaches

Maritime sector and satellite infrastructure will be particular targets for cyber attacks in the second half of 2022

Microsoft: IIS extensions increasingly used as Exchange backdoors

Microsoft Is the Most Impersonated Brand in Phishing Attacks

Microsoft Will Change a Windows Security Default to Block Ransomware

New Android malware apps installed 10 million times from Google Play

No More Ransom helps millions of ransomware victims in 6 years

Novel Malware Hijacks Facebook Business Accounts

Organisations Must Invest in Cyber Defences Before It’s Too Late

Over 200 Domains Impersonating Middle Eastern Postal Services

Palo Alto Networks Unit 42 Incident Response Report Reveals that Phishing and Software Vulnerabilities Cause Nearly 70% of Cyber Incidents

Phishers Targeted Financial Services Most During H1 2022

Phishing Attacks Rose 61% in 2022, New Study Finds

Phishing Attacks Skyrocket with Microsoft and Facebook as Most Abused Brands

Phobos Ransomware Impact On Small Business

Poor Training and Communications Hindering Cybersecurity Efforts

Ransomware: 1.5 million people have got their files back without paying the gangs. Here's how

Ransomware: To Pay or Not to Pay? It Just Got More Complicated

Ransomware Attackers Double Down on Attacking Vulnerable Schools

Ransomware attacks affect 1-in-40 organisations a week

Ransomware attacks up 51% in education sector

Ransomware frequency on the downswing

Ransomware Hackers Will Still Target Smaller Critical Infrastructure, CISA Director Warns

Ransomware less popular this year, but malware up: SonicWall cyber threat report

Reducing the cost of cyber insurance premiums

Report shows a third of employees don’t understand importance of cybersecurity

Robin Banks might be robbing your bank

Security Vendor Entrust: Hackers Stole ‘Some Files’ During Recent Data Breach

SmokeLoader Infecting Targeted Systems with Amadey Info-Stealing Malware

T-Mobile Data Breach Costs Company $500m

T-Mobile to pay $350m settlement for data breach

T-Mobile to Pay $350m Settlement in Breach Case

Targeted campaign uses infostealer to hijack Facebook Business accounts

The festive sale season is here and so is the spike in online scams

The Industrial Cyber-Attack Evolution: How to Keep Your Network Safe

Time will tell if states' ransomware payment bans curb threat

Top 3 Twitter Scams 2022 - How to Avoid a Social Media Nightmare

Twitter hacker touting the data of over 5.4 million users, including celebrities and companies, for $30,000

U.S. doubles reward for tips on North Korean-backed hackers

Uber reaches non-prosecution deal with feds after concealing data breach

Uber Settles 2016 Hacking Case With Department of Justice

Wawa to pay $8 million to several states over 2019 data breach

What Every CEO Needs To Know About The Shanghai Data Breach

What is Payment Fraud?

What is Phishing?

What Is Whaling? The Phishing Attacks Explained

Why Cyber Attacks On Identities Are On The Rise

25th July

5.49 million Twitter users’ personal information exposed in data breach

A ‘top tier’ hacking gang is likely to be behind Entrust ransomware attack

American Airlines is Fighting Back Against Cyberpirates Using Fake Airline Emails to Steal Your Personal Data

Automated vulnerability remediation: Making it work

BlackCat attacks SRM Technologies then taunts victim on LinkedIn

Blue Cross and Blue Shield (BCBS) of Massachusetts Reports Third-Party Vendor Data Breach

Business services top target of ransomware attacks

Charity platform Giving.sg alerts public to phishing e-mails

CosmicStrand UEFI malware found in Gigabyte, ASUS motherboards

CrowdStrike Warns About Callback Phishing Attacks Impersonating Cybersecurity Companies

Crypto Firms Make Thieving Hackers an Offer: Keep a Little, Give Back the Rest

Cyber-Attacks on Port of LA Double

Cyber-mercenaries for hire represent shifting criminal business model

Cybercriminals hunt down web bargains as retailers move online

Data Protection in the Era of Growing Ransomware Threat

Don’t let endpoint security be an afterthought that turns into a security blackhole

Double extortion ransomware and patient data protection

Employees Most Frequently Fall for Emails That Look Like They Came From Human Resources or IT

Enovos and Creos targeted by cyber attacks on 22-23 July

Entire Canadian town hit by ransomware attack

Entrust the biggest cybersecurity company in the United States got hacked!

Experts Uncover New 'CosmicStrand' UEFI Firmware Rootkit Used by Chinese Hackers

Flaws in Enabot Ebo Air Home Security Robot Allowed Attackers to Spy on Users

Flaws in FileWave MDM could have allowed hacking +1000 organizations

Hackers Exploit PrestaShop Zero-Day to Steal Payment Data from Online Stores

Hackers exploited PrestaShop zero-day to breach online stores

Hackers Use More Sophisticated Scams to Drive Costly Data Breaches, Analysis Finds

How a cybersecurity insurer mitigates risks effectively

How Cybercriminals Conduct Credential Harvesting and How You Can Protect Yourself

How To: Stay Cyber-Secure This Summer

How to Mitigate Ransomware and Malware Attacks

Indian Insurance Portal Policybazaar Suffers Breach

Investigation ongoing on MyIDENTITY data breach, no arrests yet

IT systems of PolicyBazaar hacked! No serious data breach

Italy investigating ransomware attack on tax agency

Lockbit 3.0 and the ransomware business model

Lockbit ransomware gang claims to have breached the Italian Revenue Agency

LockBit Ransomware Group Augments Its Latest Variant, LockBit 3.0, With BlackMatter Capabilities

Magecart Hacks Food Ordering Systems to Steal Payment Data from Over 300 Restaurants

Microsoft Adds Default Protection Against RDP Brute-Force Attacks in Windows 11

Monitoring the impact of security solutions on user experiences is critical

Neopets data breach exposes data of 69 million accounts

Neopets data breach threatens 69 million accounts

New deep fake app scam photoshops victim’s face onto PORN and sends to family if they don’t pay up

NIST revises healthcare guidance to improve HIPAA Security Rule compliance

NIST Updates Healthcare Security Guidance

One of the most beloved Windows tools could actually be a huge security risk

Ontario town still recovering from ransomware attack

Phishing Attacks Are Now Using the Windows Calculator

PNC warns against phishing scam alerting customers of “unauthorized activity” on account

Port of LA: Cyber attacks have doubled since pandemic

Prison caught up in cyber attack

Protecting IoT Devices from Within – Why IoT Devices Need A Different Security Approach?

Qakbot abuses Windows 7 Calculator app in mass-spamming email campaign

QBot Malware Exploiting Windows Calculator to Compromise Devices

Racoon Stealer is Back - How to Protect Your Organization

Ransomware: a global and growing network

Ransomware: To Pay or Not to Pay? It Just Got More Complicated

Ransomware attacks increase; APTs a long-term threat to South Africa

Ransomware With a Philanthropic Twist

Researcher finds Russia-based ransomware network with foothold in U.S.

Rhode Island-based staffing firm paying $230,000 in wake of data breach

Santander warning after an abundance of customers report new 'realistic' text scams

SHI International Corp. Confirms Recent Data Breach Resulted in Compromised Employee Data

Shields Health Care Group, Inc. Announces Data Breach

Source code for Rust-based info-stealer released on hacker forums

Spam Filtering: An Important Part of a Nutritious Breakfast

Supercharged Version of Amadey Infostealer & Malware Dropper Bypasses AVs

T-Mobile agrees to $500 million settlement over 2021 data breach

T-Mobile to cough up $500 million over 2021 data breach

T-Mobile to pay US customers $350 million in settlement over massive data breach

T-Mobile US takes $500m hit on data breach

T-Mobile's big 2021 data breach bill comes in at a whopping $500 million total

Tamil Nadu cyber security on high alert as phishing attacks rise

Technology, Media and Telecoms (TMT) firms among top targets for cyber attacks in Singapore

Tenet Healthcare Cyberattack Had a $100 Million Unfavorable Impact in Q2, 2022

The 4 Biggest Cyberthreats Affecting South African’s Government Institutions

The Best Ways to Secure Your Browser

The Biggest Cyber Threats Faced By Small Businesses In Pakistan

The state of cybercrime in 2022: What it costs and where it comes from

The state with the most data breaches is...

Think tank promotes cyber insurers' ransomware role

Three questions to ask when setting up MFA

Toronto Symphony Orchestra customer names and emails potentially compromised in ransomware attack

Toronto Symphony sideswiped by WordFly ransomware attack

Transportation Security Administration (TSA) Issues New Cyber Directive for Pipeline Operators

Transportation Security Administration (TSA) Issues New Cybersecurity Directive for Oil Pipelines

Trust in fintech security has been wavering

U.S. Cybersecurity Policy Has Changed Since the Colonial Pipeline Attack

U.S. needs a foreign policy for cyberspace for what is now a 'fragmented and dangerous internet,' report says

Uber Admits Covering Up 2016 Data Breach, Avoids Prosecution

Uber admits covering up massive 2016 data breach in settlement with US prosecutors

Uber Admits to Covering Up Massive Hack That Exposed 57 Million Drivers and Riders

Uber Settles With Federal Investigators Over 2016 Data Breach Coverup

UK Seizes Nearly $27m in Crypto-Assets

Ukraine Cyber War Fall-out and Ransomware Trends Areas of Focus in New CyberCube Research

US authorities put $15m bounty on Conti crime gang behind 2021 HSE cyberattack

Vista Bank Reports Data Breach Affecting Social Security Numbers

Warning issued about callous crooks who pose as HMRC staff

Web apps offer a way in for cyberattacks in health care computer networks

Western Australian Arts and Culture Trust discloses potential data breach

What Can You Recover from Cyber Security Insurance?

Why educational institutions are an easy target for ransomware attacks

Why firms need to harness identity management before it spirals into an identity crisis

Why Online Storage Services Are Prime Targets for Phishing Attacks

Why refreshing employee laptops is essential