Editor's Message

Welcome to DBD. On March 8th we celebrated our 4th Anniversary and the 1st Anniversary of our PRiSM application, officially endorsed by the SANS Institute. Despite recent personal issues that have impacted the amount of time I have been able to dedicate to both projects, I have been doing my best to keep everything as up-to-date as possible, and I would like to take this opportunity to thank everyone for their patience and support whilst I navigate through this very difficult time. Stay safe. :)

Monday 15 August 2022

Data Breaches Digest - Week 33 2022

Welcome to this week's Data Breaches Digest, a catalogue of links concerning Data Breaches and Cyber Security that were published on the Internet during the period between 15th August and 21st August 2022.

21st August

4 Ways to Protect against Business Email Compromise

240 government entities, banks come under cyber-attacks

Alleged Crypto Money Launderer Handed Over to The United States

Bangladesh: Government issues warning about impending DDoS cyber attack

Before paying a ransom, hacked companies should consider their ethics and values

China-backed hackers spying on governments, India's NIC among victims

CISA adds more 7 vulnerabilities to 'Known Exploited Vulnerabilities Catalog' List

Critical infrastructure is under attack from hackers. Securing it needs to be a priority - before it's too late

Effective Business Tips: How To Protect Data

Email and cybersecurity: Fraudsters are knocking

Every two in three biz in SEA is a ransomware victim

Gambling with privacy: free tools VS. paid ones

Hackers target hotel and travel companies with fake reservations

Here’s why you should bet on cybersecurity

How secure are SMS verifications?

Ireland: Clare businesses warned to be vigilant after cyber crime spike

LockBit is being DDoS'd because of the Entrust hack

Malaysians now more aware of current cyber threats

Middle East ranks 2nd in data breach losses after the US, IBM study finds

Ransomware is the biggest malware threat — avoid hackers holding your data hostage

Ransomware variants almost double in six months

Reducing data protection incidents – is your business on the ball?

The dark web: where you can destroy a business for $300

Theft by hacking is becoming a nightmare for crypto coin holders

UAE: Cybercriminal Arrested For Trying To Embezzle Dh2.8 Million In Phishing Scam

Zero Trust Network Access (ZTNA): What Is It, and How Does It Encourage Thinking Like a Hacker

20th August

After claiming that Entrust was hacked in June, the LockBit ransomware organization created a leak site

Alleged Russian Crypto Money Launderer Extradited to the US

Apple Alerts Users About Security Problems In Their Macs, iPads, And iPhones

Bangladesh: Government alerts IT infrastructures, key offices over DDoS cyber-attack

Carousell Scam Tricks Victims Into Clicking Phishing Links, Unauthorised Transactions Made From Bank Accounts

DoNot Team Hackers Has Updated Its Anti-Malware Toolkit With Improved Capabilities

Essential Steps Your Business Needs To Take To Promote Ultimate Security

Flashpoint’s report shows data theft incidents take place frequently due to hacking

Fremont County offices closed a second day due to cyber attack

GoDaddy, a data breach compromised more than a million user accounts

Google blocks world’s largest web DDoS cyber attack ever

Google blocks world's largest-ever web distributed DDoS cyber attack

Hackers steal crypto from Bitcoin ATMs by exploiting zero-day bug

Hacking a tractor brings digital problems

How Secure Is Microsoft OneDrive?

How the banking and financial industries are gearing up against phishing

Iran Targets Members Of Advocacy Group On US Soil

Major Cyber Conferences Paint a Dark Picture of Global Cybersecurity

New Grandoreiro Banking Malware Campaign Targeting Spanish Manufacturers

Panasonic reveals data leak after internal network hack

PayPal customers are shaking: this message is emptying everyone’s accounts

“Phantom Hand” scam puts banks on alert, learn how to protect yourself

Police and Information Commissioner investigate Holdcroft Group hacking incident

Ransomware attacks increasing in frequency, spreading in reach

Ransomware Group Threatens Security Firm Entrust to Leak stolen data by August 20 2022

Ransomware variants almost double in six months

Ransomware-as-a-Service: SaaS' Evil Twin

Recent cyber-gatherings paint grim outlook for global security

Researcher issues data breach warning for iPhone apps Meta, Instagram and TikTok

Researcher warns against iPhone Apps of Meta, Instagram, TikTok over data breach

Russian hackers intend to publish McKinney hospital data they seized on the dark web

Some Volvo R&D data was taken due to a security vulnerability

Spanish Banking Trojan Attacks Various Industry Verticals

Technology must embrace security by design

The new form every business in South Africa needs to know about

Threats from a ransomware group to a security company tasked with exposing stolen data before August 20, 2022

U.S. OFAC Sanctions on Tornado Cash For $7 Billion Funds Laundering

USB drives pose a grave data security concern for industries

Vacation rental: watch out for this new online scam

Watch out for new credit card scams

Why Are More Cybercriminals Using Monero Cryptocurrency?

WordPress sites hacked with fake Cloudflare DDoS alerts pushing malware

19th August

4 Common Automotive Cybersecurity Vulnerabilities

4 Takeaways From 2022’s Cybersecurity Conferences

4 Ways to Protect against Business Email Compromise

5 Ways Scammers Can Use Your Email Address Against You

10 personal cyber security tips

52% of malware can use USB drives to bypass network security

67% of businesses in Southeast Asia (SEA) are ransomware victims

241 npm and PyPI packages caught dropping Linux cryptominers

265 Brands Impersonated in Credential Phishing Attacks in the First Half of 2022

A bogus website found to be Impersonating ExpressVPN

A free virtual private network was accused of disclosing data of more than 5.7 billion Chinese data points

Accutech faces twin class-action lawsuits after data breach bares personal info of 39,000+

Alternatives to facial recognition authentication

Amazon & PayPal Scams – Fake Security Alerts & Billing Messages

Analysis of Clop’s Attack on South Staffordshire Water

Apple: Hackers may have exploited security flaws

Apple users urged to install latest updates to combat hacking

Apple Warns of Critical Security Risk in Safari For iPhones, iPads and Macs

Apple warns of cybersecurity vulnerabilities affecting millions of devices

Beware! Blackmailers have just released a new BlackByte ransomware

Brasseler USA Announces Data Breach

British utility providing water to 1.6 million consumers target of cyber crime

Bumblebee Loader is a tool used by hackers to breach target networks

Businesses Found to Neglect Cybersecurity Until it is Too Late

China-backed APT41 Group Hacked at Least 13 Victims in 2021

Chinese Cyberspy Group 'RedAlpha' Targeting Governments, Humanitarian Entities

CISA adds 7 vulnerabilities to list of bugs exploited by hackers

Cookie Stealing: How are Hackers Bypassing Two-Factor Authentication Using Cookies?

Costco, Shell, SSA, Louis Vuitton, blogdodge[.]shop, and Gmail - Top Scams & Phishing Schemes of the Week

Critical Amazon Ring Vulnerability Could Expose Camera Recordings

Crypto Scams of the Week: Coinbase Phishing and Switchere Ukraine

Crypto's collapse isn't solving the ransomware problem

Cyber Attack danger looms via browser extensions, update Google Chrome with immediate effect

Cyber Resiliency Isn't Just About Technology, It's About People

Cyber Tops Staff Retention as Biggest Business Risk

Cyber-attack on WSI gains access to personal data of North Dakotans

Cybercrime Group TA558 Targeting Hospitality, Hotel, and Travel Organizations

Cybercrime on the rise in SA: How to protect your business, customers and employees

Cybercriminals are using bots to deploy DDoS attacks on gambling sites

Cybersecurity Returns To The Forefront: Five Rules Media Companies Need To Follow Now

Dangerous iPhone, iPad & Mac threat – Update devices now

Data Protection Solutions: Safeguard Your Data From Cyberattacks & Other Threats

DoNot Team Hackers Updated its Malware Toolkit with Improved Capabilities

Dozens of Google Play Store apps found to serve aggressive malware ads

Estonia Repels Biggest Cyber-Attack Since 2007

Experience of breaches

Exploiting stolen session cookies to bypass multi-factor authentication (MFA)

FBI + CISA Warn Companies (Especially Health Care) About Zeppelin Ransomware

FBI prevents Nebraska hospital cyber attack

Florida EMS agency notifies patients of data breach

Global ransomware survey reveals one in three organisations see malicious insiders as a route for ransomware

Google: Here's how we blocked the largest web DDoS attack ever

Google Cloud Blocks Record DDoS attack of 46 Million Requests Per Second

Google Fended Off Largest Ever Layer 7 DDoS Attack

Grandoreiro banking malware targets manufacturers in Spain, Mexico

Grandoreiro Banking Trojan: What You Should Know About the Malware Targeting Manufacturers in Mexico, Spain

Hacker accesses injured workers' personal info in cyberattack on North Dakota agency

Hackers Steal Session Cookies to Bypass Multi-factor Authentication

Hackers target dealer group Holdcroft in major cyber attack that may have compromised employees’ data

HC3 alerts to social engineering risk, rise in vishing attacks on healthcare

Hello Metaverse, Please Meet the ‘Crimaverse’

Here’s what you should do if your personal data has been compromised by a data breach

How A Hardware Crypto Wallet Protects Against Hackers

How EDR Security Supports Defenders in a Data Breach

How Risk-Based Patch Management Can Help Overcome The Overwhelming Wave Of Cyber Threats

How to strengthen the human element of cybersecurity

Inoculate Your Company Against Security Data Gaps to Develop Cyber Immunity

iPhone Users Urged to Update to Patch 2 Zero-Days

Is Passwordless Authentication Safe to Use?

Lloyd’s Insurers Must Exclude State-Backed Cyber-Attacks to Avoid Systemic Risks

LockBit Claims Entrust Ransomware Attack

LockBit ransomware group claims responsibility for Entrust attack

Mailchimp data breach took down DigitalOcean's email services

Major city car dealership hit by huge data theft cyber attack

Microsoft: Cryptojackers Continue to Evolve to Be Stealthier and Spread Faster

Microsoft Disrupts Russian Hackers Targeting NATO Countries

Missouri Department of Social Services warns of EBT phishing scheme

More than 80 health systems hit by cybersecurity breaches in August

More than 200 cryptomining packages flood npm and PyPI registry

Most hopeless cyber attack ever still works

Munson Healthcare officials warn of phishing scams

NAF, Inc. Reports Data Breach Following Unauthorized Access to the Organization’s Computer Systems

New Amazon Ring Vulnerability Could Have Exposed All Your Camera Recordings

New ransomware could lock down your smartphone

Novant Health notifies 1.3 million patients of potential data breach tied to Facebook ad

OneTouchPoint, Inc., Data Incident Impacts Medical Mutual Groups

Patchwork of US State Regulations Becomes More Complex as Florida, North Carolina Ban Ransomware Payments

Pennsylvania Officials Warn SNAP Recipients of Phishing Scam

Phishing in the Windows calculator?

Practice Resources, LLC Announces Data Breach Impacting the Information of 924,138 Patients

Protecting against cyber threats from nation states

Ransomware-as-a-Service: Cybercrime’s newest business model to become a menace for organizations

Removing security complexity to combat cyber threats

Risk of cyberattack emerges as top concern of US executives

Russia launches internet attack: NATO countries targeted

Russian APT29 hackers abuse Azure services to hack Microsoft 365 users

Russian brought to Oregon, faces trial in ransomware attacks

Russian hackers plan to release data stolen from McKinney hospital onto dark web

Russian man accused of laundering crypto-currencies from ransomware attacks extradited to U.S.

Safeguarding Financial Service Organizations’ Critical Data

SAP Vulnerability Exploited in Attacks After Details Disclosed at Hacker Conferences

Scammers extend phishing campaigns via IP range filtering to avoid detection

School Districts Share ‘Lesson Plan’ for Boosting Cybersecurity

Schools are now open, but are students prepared for cyberattacks?

Self-Driving Vehicles: A Serious Security Risk?

Singapore: 4 people arrested for alleged involvement in phishing scams targeting bank customers

Singapore: Re-emergence of Carousell phishing scam claims 10 victims, $17,000 lost since July

State-Sponsored APTs Dangle Job Opps to Lure In Spy Victims

Tech support scammers are sending USB sticks with the Microsoft logo on them

To identify those who operate a phishing scheme on its platforms, Meta files a federal lawsuit

Traditional Cybersecurity is no Longer Enough to Protect Critical Infrastructure Networks

UK car dealer sees systems “permanently deleted” in apparent ransomware attack

UK Carrier Claims to Block One Million Vishing Calls Per Day

Virginia Employment Commission struggles with identity theft

Warning: All your Apple devices are at risk

Whitworth University Still Recovering from Ransomware Attack

Without proper IT security, SMBs will eventually be compromised

You’ve Been Hit by Ransomware: What Should You Do?

18th August

A recently leaked data from 2021 Airtel's data breach, shows 18k people having same password

Aceitera General Dehezas discloses ransomware attack

Airdrop phishing is scamming crypto investors

Almost one million people affected by medical billing ransomware attack

Android malware apps with 2 million installs found on Google Play

Apple fixes exploited zero-days: Update your devices! (CVE-2022-32894, CVE-2022-32893)

APT41 group: 4 malicious campaigns, 13 victims, new tools and techniques

Ashley Moody Warns Florida Business Owners About Spear-Phising Scams

ATMZOW JS Sniffer Campaign Linked to Hancitor Malware

Australians warned over new Apple Pay phishing text scam

Before paying a ransom, hacked companies should consider their ethics and values

Beyond Compliance: The New Mandate To Harden Government Software

BlackByte Ransomware Gang is Back with Version 2.0 of Their Tactics

BlackByte ransomware gang returns with new multitier ransom strategy

Browser extension threat targets millions of users

Building Security into Your Company Culture Can Improve Customer Experience (CX)

Business Email Compromise Attack Tactics

Businesses Beware: Cybersecurity Awareness Varies Based on Job Function

China-backed APT41 Hackers Targeted 13 Organisations Worldwide Last Year

CISA and FBI Warn of Zeppelin Ransomware Threat to Healthcare Organizations

Cloud attacks on the supply chain are a huge concern

Con artists use Amazon’s name and confusing tactics to bypass company defenses

Consumer Financial Protection Bureau (CFPB) Says Companies Violate Federal Law by Not Protecting Consumer Data

Cyber insurers weigh in on latest cybersecurity trends, threats

Data security as a layer in defense in depth against ransomware

Employees intentionally leaked data in 25% of healthcare breaches

Estonia says it repelled major cyber attack after removing Soviet monuments

Florida Orthopaedic Institute Reaches $4M Settlement Over Data Breach

FortiGuard Labs reports Ransomware variants almost double in six months

Fremont County, Colorado, Offices Close After Cyber Attack

Google blocks largest HTTPS DDoS attack 'reported to date'

Google Patches Chrome’s Fifth Zero-Day of the Year

Google Play malware: If you've downloaded these malicious apps, delete them immediately

Hackers Deploy Bumblebee Loader to Breach Target Networks

Hackers Using Bumblebee Loader to Compromise Active Directory Services

Here Are The Latest Phishing Trends

How phishing attacks are exploiting Amazon Web Services

ID documents and contact details exposed in Vodacom fibre reseller data breach

Identity crimes reach all-time high

IoT: The huge cybersecurity blind spot that’s costing millions

iPay88 data breach: KiplePay offering free card replacements to affected customers

It takes a breach to force boards to take notice of cyber, says UK government

Key questions to ask when building a cloud security strategy

Know your phishing, from your vishing or smishing

Lloyd’s sets out requirements for state-backed cyber-attack exclusions

LockBit claims ransomware attack on security giant Entrust

Mailchimp breach shines new light on digital identity, supply chain risk

Manx Care faces £170k fine over patient data breach

Microsoft OneDrive Used by Russian Threat Actor for Phishing Attack

More than 5 million Twitter accounts impacted by recent data breach

North Korean hackers expand spear-phishing campaign to target Mac computers

Novant Health data breach exposes protected patient information

Novant Health notifies patients about possible data breach involving Facebook tracker

Palo Alto Networks’ Unit 42 Publishes 2022 Response Report

Penetration Testing or Vulnerability Scanning? What's the Difference?

PwC Survey Finds C-Level Execs View Cybersecurity as Biggest Risk

Quarter of All Gambling Sites Hit by DDoS Attacks in June

Ransomware attack on UK water company clouded by confusion

Ransomware attacks increase by 60%; FBI encourages safe cyber practices

Ransomware variants almost double in six months

Reasons Why Healthcare Industry is the Biggest Target for Cyber Attacks

Researchers Detail Evasive DarkTortilla Crypter Used to Deliver Malware

Researchers Find 35 Adware Apps on Google Play

Ring Android app flaw allowed access to camera recordings

Russia-linked cyber groups used commercial security tools to target Ukraine

Russian citizen faces federal money laundering charge in alleged $400,000 ransomware attack

SFERRA Fine Linens, LLC - Notice of Data Breach

Suspected Russian Money Launderer Extradited to US

Task Force Gives SMBs Blueprint to Defend Against Ransomware

‘Technical issue’ to blame for app data breach, WestJet says

The factors driving today’s accelerated zero trust adoption

Threat Group Ramps-Up Attacks on Travel Sector in 2022

Three essential steps to improve IT security

Top 5 ransomware attacks that shock the world

Twilio data breach exposed the phone numbers of 1,900 Signal users

U.S. Extradited Russian Accused of Money-Laundering Tied to Ryuk Ransomware Gang

Use Microsoft OneDrive? Here’s a phishing attack you need to know about

Vulnerability in Amazon Ring app allowed access to private camera recordings

WestJet app data breach reveals other people's personal information

What Do Business Execs Worry About Most? Getting Hacked

Whitworth University urges patience after data breach, reported ransomware attack: ‘This process does take time’

Winnti hackers split Cobalt Strike into 154 pieces to evade detection

17th August

35 malicious apps found on Google Play Store, installed by 2 million users

67% of businesses in Southeast Asia (SEA) found themselves as victims of ransomware attacks

1044% increase in social media account hijacking

Apex Capital blames malware attack for ‘unplanned system outage’

Apple Releases Security Updates to Patch Two New Zero-Day Vulnerabilities

Apple security updates fix 2 zero-days used to hack iPhones, Macs

APT Lazarus Targets Engineers with macOS Malware

Atlantic Dialysis Management Services, LLC Announces Data Breach Possibly Stemming from Ransomware Attack

BlackByte ransomware gang is back with new extortion tactics

Bug Bounty Giant Slams Quality of Vendor Patching

Calls for international support to fight ‘uncontrollable’ ransomware surge in developing countries

Cambridge Water targeted by criminals in cyber attack

Can the Open Cybersecurity Scheme Framework improve cybersecurity complications?

CISA Warns of Hackers Exploiting Multiple Vulnerabilities in the Zimbra Collaboration Suite

Cyber Attack Shuts Down BRP

Cyber security becoming integral to maritime security

Cybercriminals Developing BugDrop Malware to Bypass Android Security Features

DigitalOcean Leaves Mailchimp After Email Security Scare

Everything You Need to Know About the LockBit Ransomware Family

Google fixes fifth Chrome zero-day bug exploited this year

How Russian Information Operations Are Trying to Win the War

How To Maintain a Secure Digital Workflow

Identity Scams Soar to Make 2021 a Record Year

Incident of the Week: Signal users directly targeted in Twilio phishing attack

Inside the cyber-attack map, an endless list of threats targets nations

Is the drop in ransomware numbers an illusion?

Kiplepay Cautions Users on Potential Data Breach Due to iPay88’s Incident

Kiplepay informs users of potential indirect data breach through third party payment gateway provider

Malicious Browser Extensions Targeted Over a Million Users So Far This Year

Malicious PyPi packages turn Discord into password-stealing malware

Malware devs already bypassed Android 13's new security feature

Member of Russian Ransomware Gang Responsible for Laundering $70 Million Is Jailed in Portland

Microsoft Disrupts Major Russian Phishing Group

Morrie’s Auto Group Confirms Data Breach Affecting Former Employees

Most business leaders only prioritise cyber security after a major breach, report finds

MSPs and MSSPs Be Advised, New Ransomware Variants Have Nearly Doubled in Six Months, Fortinet reports

New Google Chrome Zero-Day Vulnerability Being Exploited in the Wild

Next Front in Ransomware Is to Make Hacked Data Publicly Searchable

North Korea Hackers Spotted Targeting Job Seekers with macOS Malware

North Korean hackers use signed macOS malware to target IT job seekers

Not sure how to report a data breach? South Africa’s Information Regulator publishes guidance

Nurse responsible for major monkeypox data breach in Perth

Organizations Struggle to Fend Off Cloud and Web Attacks

Ransomware: fail to prepare, then prepare to fail Ransomware: fail to prepare, then prepare to fail

Ransomware is still on the rise. Here's what you need to do to stay safe from hackers

Ransomware safeguards for small- to medium-sized businesses

Researchers Link Multi-Year Mass Credential Theft Campaign to Chinese Hackers

Response-based attacks make up 41% of all email-based scams

Rise in Ransomware: Exploring the Driving factors

Scottish businesses: do you know your phishing from your vishing or smishing?

Seaborgium targets sensitive industries in several countries

Signal data breach results in users’ phone numbers exposed

SMS Phishing Attack Compromised Twilio Leaking Customer Data, Targeted Cloudflare

Spy group abuses Microsoft OneDrive to steal credentials in hack-and-leak campaigns

State backed cyber-attack exclusions

To Pay Or Not To Pay: Ransomware Negotiation Tactics

Two-thirds of US businesses are targeted by security threats weekly

UK water company hit by cyber attack

Ukraine nuclear operator's website hit by cyber attack

United HealthCare Services, Inc. Announces Data Breach

USBs Still a Major OT Infection Vector

Vendor Ransomware Breach Affects 942,000 Patients

WestJet customers report data breach, leaked personal information

Western Australia Health sorry over monkeypox data breach

16th August

1.5 Million Customers Impacted By US Bank Data Breach - Possible Lessons Learned

5 phases of zero trust in cloud adoption

ÆPIC and SQUIP Vulnerabilities Found in Intel and AMD Processors

Argentina judiciary targeted by new ‘Play’ ransomware group

BazarCall attack increasingly used by ransomware threat actors

Beware of the SEABORGIUM phishing scheme if you are a Microsoft client

Centralia College: Student, Employee Data Possibly Exposed in Month Before Ransomware Attack

Cisco Network Breach Traced Back To Compromised Personal Google Account; Sophisticated Attacker Used Combination of Voice Phishing and MFA Fatigue

CISOs are taking on more responsibilities - and burning out

Confused cyber criminals have hacked a water company in a bizarre case of mistaken identity

Conifer Revenue Cycle Solutions, LLC Announces Healthcare Data Breach Impacting Multiple Providers

Counter-Strike: Global Offensive (CS:GO) trading site hacked to steal $6 million worth of skins

DigitalOcean customers affected by Mailchimp “security incident”

Exploit out for critical Realtek flaw affecting many networking devices

FBI Reports That Cyber Crime Is on the Rise in Alabama

FBI warns the public about cybercrimes impacting Hampton Roads

FBI, CISA warn of Zeppelin ransomware targeting healthcare

Feds warn healthcare sector about cloud security risks

Florida Orthopaedic Institute settles lawsuit after 2020 ransomware incident

Florida Orthopaedic reaches $4M settlement over 2020 health data theft

Hackers are finding ways around multi-factor authentication. Here's what to watch for

Hackers attack UK water supplier but extort wrong company

Hackers really aren't letting schools enjoy the summer holidays

Healthcare Provider Issues Warning After Tracking Pixels Leak Patient Data

How a Seattle-area school district recovered from a ransomware attack

How aware are organizations of the importance of endpoint management security?

How Geopolitical Tension Creates Opportunities for Cyber-Criminals

How Poor Cybersecurity Practices Limit Your Law Firm’s Success

How to combat the rise in cyberattacks

How to protect your industrial facilities from USB-based malware

How to reduce the risk of phishing attacks

Hybrid Vishing Attacks Soar 625% in Q2

Is strong customer authentication working?

Is Too Much Automation an Issue for Security Operations?

Kaspersky: Old Microsoft Office Vulnerabilities Behind Most Exploits in Q2

Kiplepay E-Wallet Warns Users Of Potential Data Breach Through Third-Party Payment Gateway

Kiplepay informs customers of potential risks by third-party provider

Kiplepay informs users on potential indirect data breach through third-party payment gateway provider

Malicious browser extensions targeted almost 7 million people

Massachusetts Registry of Motor Vehicles Cautions Customers to be Aware of Unofficial Third-Party Websites and Text/Phishing Scams

Messaging app Signal reveals phone numbers of 1,900 users exposed in phishing attack

Microsoft Disrupts Russian Cyber-Espionage Group Seaborgium

Microsoft Warns About Phishing Attacks by Russia-linked Hackers

Most shut-down ransomware groups are expected to re-emerge in 2022

Nearly 2,000 breaches reported in H1 2022

New Attack Weaponizes PLCs to Hack Enterprise and OT Networks

New Evil PLC Attack Weaponizes PLCs to Breach OT and Enterprise Networks

New MailChimp breach exposed DigitalOcean customer email addresses

Nigeria: Federal Government investigates UBA, Philips Consulting for data breach

Nuspire Sees Dramatic Uptick in Q2 2022 Threat Activity

Overcoming the roadblocks to passwordless authentication

Practice Resources, LLC notifies 942,138 patients after ransomware attack

Ransomware & RDDoS, Why They Are Similar but Different

Ransomware 101 For Healthcare

Ransomware attacks on financial services increased by 62%

Response-Based Email Threats Targeting Corporate Inboxes Are The Highest Since 2020

RTLS systems vulnerable to MiTM attacks, location manipulation

Scammers are using this sneaky tactic to trick you into handing over bank details and passwords

Scammers Target Back to School Shopping Deals

Scammers, hackers use fake LinkedIn profiles to target users

Signal confirms 1,900 of its users were hit by Twilio breach

Signal says Twilio data breach resulted in 1900 users' phone numbers being exposed

South Staffordshire Water says it was target of cyber attack as criminals bungle extortion attempt

South Staffordshire Water Targeted by Cyber Attack

South Staffs Water hacked - Ransomware group breaches corporate network

Staffordshire water company confirms cyber attack

Texas Meter & Device Company Announces Data Breach

Thames Water denies cyber attack rumours as hosepipe ban looms for Oxfordshire

The Country Club at Woodfield, Inc. Announces Data Breach

The Financial Services Industry Is Experiencing Record High Breach Costs, a Zero Trust Security Model is the Solution

The Importance of Timely Patching

Third-Party Security Risks a Challenge in Education

This dangerous new malware now also packs ransomware to lock your Android phone

This is how they use the mail to sneak ransomware, but you can avoid it

Three ‘stimulus’ messages you should never EVER reply to as millions of Americans warned they could lose money

Top Five Patch Management & Process Best Practices

Two Additional Malicious Python Libraries Found on PyPI Repository

U.K. Water Supplier Hit with Clop Ransomware Attack

UK water supplier confirms hack by Cl0p ransomware gang

UK’s Public Healthcare Service Hit by a Ransomware Attack

United Health Centers says patient data was stolen

US offers reward “up to $10 million” for information about the Conti gang

USB cyberattacks pose a threat to manufacturing & industrial sector

Vulnerability wholesaler cuts disclosure times over poor-quality patches

Was Cedar Rapids Schools' Ransomware Payment Necessary?

Water Company Says Supply Safe After Ransom Group Claims

When Efforts to Contain a Data Breach Backfire

Xiaomi Phone Bug Allowed Payment Forgery

15th August

3 ways China's access to TikTok data is a security risk

4 NFT Scams Newcomers Should Be Aware Of

4 Reasons Why One Should Use A VPN

6.7 million Twitter accounts have been added to Have-I-been-Pwned

2,203 patients affected by Florida surgery center phishing attack

3,699 personal data breach reports since 2017, commonest through online purchases

A big step towards cyber resilience is to put an end to passwords

A Guide to User Access Monitoring and Why it is Important

A tale of two breaches: Comparing Twilio and Slack’s responses

ANZ urges Kiwis to stay vigilant against new phishing scams

Are Sanctions the Answer in Ransomware Prevention?

Argentina's Judiciary of Córdoba hit by PLAY ransomware attack

Australia: Kmart shoppers urged to be wary of new $3 Philips air fryer scam

Australian researchers reveal surge in recruitment scams during pandemic

Back to School Means More Cyber Concerns

Beware Facebook Messenger “government grant” scam links

Callback phishing attacks see massive 625% growth since Q1 2021

Can biometrics help? 123% increase in Gen Zs scammed online

Cedar Rapids Schools Admit To Paying Cyber Attack Ransom

Cisco discloses cyber-attack on corporate network

CohnReznick data breach class action settlement

College students urged to be vigilant for scammers as they prepare for the return to campus

Concerns as cyber criminals release more attacks in a week

Credential phishing attacks skyrocketing, 265 brands impersonated in H1 2022

Credential Theft Is (Still) A Top Attack Method

Critical Infrastructure at Risk as Thousands of VNC Instances Exposed

Cyber-Insurance - Can companies afford it any more?

Cybersecurity as a service - A freedom movement to defeat cybercrime

Cybersecurity Has Never Been More Unstable Than It Is Now

Cybersecurity Trends in 2022

DeathStalker mercenaries are attacking cryptocurrency and exchange companies with VileRat

Does cyber insurance cover ransomware payment demands?

Dutch authorities arrest 29-year-old dev with suspected ties to Tornado Cash

Dutch Authorities Arrest Tornado Cash Developer Following US Sanctions on Crypto Mixer Firm

Facebook Scammers Stole Hundreds of Thousands of Dollars Posing as Luxury Restaurant Suppliers

Fighting the next war against scams

Five Simple Steps For Securing Your Small Business

Florida Orthopaedic Institute data breach $4M class action settlement

For stronger cybersecurity in the remote work era, just say ‘SASE’

Georgia: Tbilisi club target of cyber attack after launching "Russian visa"

HC3 Calls Attention to Cloud Security Concerns, Mitigation Tactics

Healthcare provider Novant issues data breach warning after site tracking pixels sent patients’ information to Meta servers

Healthcare Sector Facing 69% Increase in Cyberattacks

HMRC issues warning over National Insurance refund scam which 'seems legit'

How attackers are breaking into organizations

How Can I Protect My Business Against Cybercrime

iPay88 now claims POS, QR and eWallet transactions not affected in its data breach

Is a ‘Bring Your Own Device’ policy threatening the security of your SME?

Kaspersky uncovers new attacks by advanced persistent threat group

Kiplepay alerts users to potential third-party data breach, investigations ongoing

Lawmakers want to know how the health sector is fighting ransomware

Lee County Emergency Medical Services notifies past customers of third-party security breach

Leverage a Human-Centric Cybersecurity Strategy Using Managed XDR

Luckymouse Uses Compromised MiMi Chat App to Target Windows and Linux Systems

Majority of business execs in SEA anticipate data theft, APT, ransomware attacks

Malaysia: Tips to prevent online scams

Malicious PyPi packages aim DDoS attacks at Counter-Strike servers

Maryland Amendments to Data Security and Breach Notification Law

Meta Warns Users About Malware in Fake YouTube, WhatsApp Apps

Microsoft disrupts Russian hackers' operation on NATO targets

Nearly 1,900 Signal Messenger Accounts Potentially Compromised in Twilio Hack

Phishing emails masked as note-taking site target healthcare organizations, feds warn

Pro-Russian Killnet group targeted Lockheed Martin, stole employees' details

Protecting data at intersection of zero trust and open source

Public school board recovers data after cyber attack

Python programming libraries found hiding security threats

RansomHouse breaches 8 Italian municipalities in fresh wave of ransomware attacks

Ransomware is back, healthcare sector most targeted

Russia’s Shuckworm cyber group launching ongoing attacks on Ukraine

Russian hackers target Ukraine with default Word template hijacker

Russian State Hackers Continue to Attack Ukrainian Entities with Infostealer Malware

Scam alert: Watch out for for these college-related scams

Signal Reveals Over 1900 Users Were Affected in a Recent Phishing Attack

Singapore: New proposal to require all organisations to list with Government-backed SMS registry to fight scams

Six Ways Of Safeguarding Employee Workstations

Ski-Doo maker BRP resumes operations following cyber attack; shares fluctuate

Software Patches Flaw on macOS Could Let Hackers Bypass All Security Levels

Sophos reveals latest ransomware trend impacting orgs

SOVA Android Banking Trojan Returns With New Capabilities and Targets

SOVA, Android Banking Trojan, returns

St. Charles says it overpaid employees by $2M, seeks money back

Suspected Tornado Cash Developer Accused of Money Laundering

Text Based MFA Shown to Have Numerous Security Issues

The dangers of using public wi-fi

The Looming Cybersecurity Risk for SMEs

The Power of Provenance: From Reactive to Proactive Cybersecurity

This Android banking malware now also infects your smartphone with ransomware

Thousands of VNC Instances Exposed to Internet as Attacks Increase

Three Extradited from UK to US on $5m BEC Charges

Top holiday scams Brits should look out for - and tips on how to spot them

Twilio hack exposed Signal phone numbers of 1,900 users

Ukraine: IT Army Blocked Over 600 Russian Online Resources In 2 Weeks

Update Zoom Now to Protect Your Mac from This Security Flaw

Virtual Network Computing (VNC) instances exposed to Internet pose critical infrastructures at risk

What to Do When a Friend’s Facebook Account is Hacked or Duped

Why 90% of employers want to add data privacy protection to their benefits

Why email is still the number one threat vector

Why it’s past time we operationalized cybersecurity

Windows, Linux and macOS Users Targeted by Chinese Iron Tiger APT Group