Editor's Message

Welcome to DBD. On March 8th we celebrated our 4th Anniversary and the 1st Anniversary of our PRiSM application, officially endorsed by the SANS Institute. Despite recent personal issues that have impacted the amount of time I have been able to dedicate to both projects, I have been doing my best to keep everything as up-to-date as possible, and I would like to take this opportunity to thank everyone for their patience and support whilst I navigate through this very difficult time. Stay safe. :)

Monday 22 August 2022

Data Breaches Digest - Week 34 2022

Welcome to this week's Data Breaches Digest, a catalogue of links concerning Data Breaches and Cyber Security that were published on the Internet during the period between 22nd August and 28th August 2022.

28th August

5 Signs your WordPress Site is Hacked (And How to Fix It)

Akasa Air passengers’ personal information leaks in data breach

Akasa Air Reports Data Breach, Personal Details Of Fliers Leaked

Akasa Air suffers data breach

Akasa Air suffers data breach, airline apologises to customers

Akasa Air suffers mega data breach, apologizes to customers

Akasa Air suffers mega data breach, informs CERT-in, apologizes to passengers

Akasa Air suffers mega data breach, passengers details leaked

Akasa Air’s data breached, personal details of passengers leaked, the company itself gave information

Akasa airline suffers data breach including personal details of passengers

Bolstering cyber security in Indian digital economy

Cyber attack impacts Montenegro’s state infrastructure

Cyber attack on Signal: Phone Numbers of Users Reached to Hacker

Cyber Element in the Russia-Ukraine War and its Global Implications

CyberX9 says data of 20 million postpaid customers of Vodafone Idea exposed; telco denies claim

Don't wish to be a cyber victim? Awareness is the best defence

DoorDash data breach leaves important customer details exposed

Every fifth First Information Report (FIR) in Hyderabad is filed by a cyber fraud victim

Experts warn of the first known phishing attack against PyPI

Finland: Police solve 4% of internet crime

Future look of Gloucester remains uncertain months after cyber attack

Hackers have laid siege to U.S. health care and a tiny HHS office is buckling under the pressure

How a retired MI6 boss, his Brexiteer friends and a celebrity Marxist became targets in Russia’s war on Ukraine

How to prevent yourself from becoming a cyber victim

India: Save your savings! 'Banking App' scammers newest on the block

India: Turbulence for Akasa Air as it reports a major data breach

India’s Akasa Air exposed sensitive records of thousands of customers

Key Points from the IBM Cost of a Data Breach Report 2022

LockBit ransomware gang gets aggressive with triple-extortion tactic

Malaysia among top APAC country with most spam emails detected

New Agenda Ransomware appears in the threat landscape

New Hampshire lottery website returns after facing cyber attack

Over $100 Million Worth of NFTs Stolen Over the Past Year

PLDT, Smart offer tips on preventing ‘session hijacking’

Ransomware cyber attacks spike to over 1.2 million per month

Scammers shift their sights from card payments to crypto

SBI customer alert! ‘Your account will be blocked if you don’t update PAN’ – Do this if you get such message

Twilio breach let hackers see Okta's one-time MFA passwords

Veriff Uncovers Whether Phishing Scams Should Be the Cybercrime Americans Are Most Scared Of

What is SIM Swapping and how you can avoid being scammed with this method

Zero trust: an answer to cybersecurity

27th August

Can Outdated Hardware Be Putting Your Business at Cyber Risk?

Canada: Conservatives call for release of report on massive Afghan immigration data breach

CISA: Prepare now for quantum computers, not when hackers use them

Cloud Applications are The Major Catalyst for Cyber-Attacks: Microsoft

Critical Vulnerability Discovered in Atlassian Bitbucket Server and Data Center

Cryptocurrency Exchange Hacks In History: An Updated List 2022

Cyber insurance price hikes have left local governments reeling

DoorDash Data Breach -Third Party Vendor Blamed Over Phishing Attack

Facebook agrees to settle Cambridge Analytica data breach lawsuit

Fake 'Cthulhu World' P2E project used to push info-stealing malware

Gone Phishing! How to Avoid Online Scams

Iranian Hackers Exploiting Unpatched Log4j 2 Bugs to Target Israeli Organizations

LastPass Admits Hackers Stole Source Code, Proprietary Tech Info

Montanans Likely Affected by Latest DoorDash Data Breach

Palo Alto report reveals trends, recommendations on cybersecurity

Ransomware: Cyber Criminals Are Coming For The Global South

Scammers Made Deepfake AI Hologram of Binance Executive

Some Authy 2FA accounts were compromised in Twilio data breach

Which Australian industries are most targeted by cyberattacks?

Why owning your cybersecurity strategy is key to a safer work environment

Why you need cybersecurity to protect against cyberattacks

Your birthday is when you're most likely to be scammed - here's how to prevent it

26th August

5 tips for surfing the internet safely

After Kronos fallout, Ascension hospital settles wage dispute lawsuit for $19.7M

AiTM Phishing Attack Targeting Enterprise Users of Microsoft & Gmail Email Services

An interview with initial access broker Wazawaka: ‘There is no such money anywhere as there is in ransomware’

Anatomy of a text message phishing scam

Anti-Cheat File in Genshin Impact Is Being Used for Ransomware Attacks

Atlassian Bitbucket Server vulnerable to critical RCE vulnerability

Baton Rouge General Posts Notice of Data Breach, Raising Additional Questions for Many Patients

Block Faces Class Action Suit After 2021 Breach

Canadian Securities Regulators Issue Warning About Suspicious E-Mails

Cash App, Block class action claims data breach exposed data of 8.2 million users

CISA: Action required now to prepare for quantum computing cyber threats

Coinbase Faces Class Action Over Alleged Security Lapses

Cosmetics giant Sephora first to be fined for violating California’s Consumer Privacy Act

Cosmetics Giant Sephora to Pay $1m+ Privacy Settlement

Crypto-enabled cybercrimes are on the rise

Cyber attack targets New Hampshire Lottery

Cyber Insurance Readiness: Managing Your Risk

Cyber-Attack Disrupts Public Services in Fremont County, Colorado

Cybercrime Groups Increasingly Adopting Sliver Command-and-Control Framework

Cybercriminals Diversifying Sees Ransomware Variants Double Since Start of 2022

Dominican Republic refuses to pay ransom after attack on agrarian institute

DoorDash data breach exposes customer details

DoorDash discloses new data breach tied to Twilio hack

Emergence of Darkverse from Metaverse: Future is not so Bright?

FBI warns ransomware cybercrimes on the rise

French telco Altice hit by cyberattack from Hive ransomware gang

Hackers Breach LastPass Developer System to Steal Source Code

Hackers stole LastPass's source code, but users are unaffected for now

Hackers take holidays, too

Hamilton advises residents of possible data breach linked to water meter services

Have a Plex account? Change your password now

HC3 Warns Healthcare Sector About Karakurt Ransomware Group

How fast is the financial industry fixing its software security flaws?

How to Keep Track of Your Passwords

How to tell your clients you’ve been hacked

Humana, Cotiviti Reach Settlement Over Insider Data Breach

ICBC liable for data breach that led to arsons, shootings

Indicators of Compromise: Cybersecurity’s Digital Breadcrumbs

Insurers May Not Cover ‘State-Sponsored’ Cyberattacks

Iran-Based MuddyWater Targets Log4j 2 Vulnerabilities in SysAid Apps in Israel

IT leaders struggling to address identity sprawl

Kaspersky warns of more Trojan, ransomware attacks on smartphones

Lack of budget and staff hinders vulnerability management programs

LastPass breach: Source code, proprietary tech info stolen

LastPass Breach Raises Disclosure Transparency Concerns

LastPass discloses data breach

LastPass Hack: Should I Be Worried?

LastPass Hackers Stole Source Code

LastPass Security Breach – Hackers Steal Company’s Source Code

LastPass’s source code stolen in data breach

Liberty Counsel hacked in major data breach

Mailchimp Security Breach Compromises DigitalOcean Customer Email Addresses Causing Friction

Maritime Cyber Incidents Increased at Least 68 Percent in 2021, Coast Guard Reports

Microsoft: Iranian attackers are using Log4Shell to target organizations in Israel

Microsoft: Iranian hackers still exploiting Log4j bugs against Israel

Microsoft: Most ransomware attacks exploit common cybersecurity mistakes

Montenegro reports massive Russian cyberattack against government

Montenegro’s government hit by cyber attack

Montenegro's state infrastructure hit by cyber attack

NATO investigates hacker sale of missile firm data

Nearly half of all breaches during first half of 2022 involved stolen credentials

New 'Agenda' Ransomware Customized for Each Victim

New MagicWeb AD Exploit Shows Value of Cloud, Zero Trust

Now Lastpass confirms a security breach, but there's good news

0ktapus Phishing Campaign Targets Okta Identity Credentials

OMNI Healthcare Announces Data Breach Potentially Impacting Patients’ Electronic Medical Records

Portuguese Airline Foils Cyber Attack, But Experts Warn Criminal Hackers Have The Aviation Industry in Their Sights

PyPI warns of first-ever phishing campaign against its users

Quantum ransomware gang breaches Dominican government agency, demands £550,000 in ransom

Ransomware: Cyber criminals are coming for the Global South

Ransomware Attacks are on the Rise

Ransomware attacks on health care triple

Ransomware attacks top 1.2 million per month

Ransomware Forces Mansfield Schools to Make Do Without WiFi

Ransomware Groups Can Adapt Malware Code to Different Operating Systems Simultaneously, Kaspersky Research Finds

Ransomware is still a major threat for your business

Ransomware Variants Exploded in Past 6 Months

Ransomware-as-a-service group targets more than 75 organizations

San Diego American Indian Health Center: over 27,000 people are affected by data theft

Scams and Viruses: Which Email Attachments Are Safe to Open?

Server Error: Distributed Denial-of-Service (DDoS) Attacks Explained

'Sliver' Emerges as Cobalt Strike Alternative for Malicious C2

Some Halton Hills residents' bank information may have been accessed in March cyber attack

TeamTNT Targeted Cloud Instances and Containerized Environments For Two Years

The number of companies caught up in the Twilio hack keeps growing

Threatening clouds: How can enterprises protect their public cloud data?

Top Back-to-School Phishing Scams (Costco, Walmart, Kohl’s & CVS)

Twilio breach let hackers gain access to Authy 2FA accounts

Why Your Business Needs A Cyber Security Risk Review

25th August

5 Tips To Help You Prepare for a Potential Slack or Office 365 Breach

80% of ransomware attacks are due to misconfigured servers, says Microsoft

80% ransomware attacks due to incorrect server configurations

As governments shun ransomware payments, cyberattacks may cost taxpayers even more

Attackers evade Microsoft MFA to lurk inside M365

Australia: Regulators will prosecute more firms for cyber security failures

Black Hat SEO: Is Someone Phishing With Your Site Domain?

BlackByte is Back and Acting a Lot Like LockBit

Block accused of woefully mishandling data breach affecting 8.2 million users

BlueSky Ransomware: AD Lateral Movement, Evasion and Fast Encryption Put Threat on the Radar

Caught up in another password breach? Follow these 3 rules to protect yourself online

Consumers pay the price as data breach costs reach all-time high

Council asks postal voters to re-register after cyber attack

Criminal 0ktapus spoofed IAM firm in massive phishing attack

Cybercriminals Are Selling Access to Chinese Surveillance Cameras

Cybercriminals Have Stolen Over $100 Million

DNS data indicates increased malicious domain activity, phishing toolkit reuse

Don't fall for shipping scams. DHL is just the latest target of crooks

DoorDash hit by data breach linked to Twilio hackers

Encevo to contact those affected by cyberattack via letter

Everest Ransomware gang posts Olam Group as victim

Eyes on Twitter: Whistleblower grabs attention of Irish DPC and US Senate

Genshin Impact Anti-Cheat File is Abused to Mass-Deploy Ransomware and Kill Antivirus Processes

Hack Backs: A Legitimate Tactic or Counter-Productive?

Hackers abuse Genshin Impact anti-cheat system to disable antivirus

Hackers are attempting to steal millions of dollars from businesses by bypassing multi-factor authentication

Hackers adopt Sliver toolkit as a Cobalt Strike alternative

Healthcare Tops List for Cost of a Data Breach, Again

How a business email compromise attack exploited Microsoft’s multi-factor authentication

How a business email compromise scam spoofed the CFO of a major corporation

How can security teams manage risk if they can’t measure it?

How Cyber Crime Threatens Digital Progress

How 'Kimsuky' hackers ensure their malware only reach valid targets

How Might a Data Breach of Special Needs Individuals Impact the Victims?

How the war in Ukraine is reshaping the dark web

How to double bolt the door on cybersecurity measures

How to Protect Your Small Business From Personalized Cyberattacks

Incident of the Week: Plex urges customers to change passwords following data breach

Indonesia: More than 17 million exposed as breached PLN data listed for sale on hacker forum

Increasing cybersecurity awareness in critical infrastructure

Interesting Facts About Cyber Attacks

LastPass data breach: threat actors stole a portion of source code

LastPass developer systems hacked to steal source code

LastPass Hacked: Password Manager With 25 Million Users Confirms Breach

LastPass Just Had a Security Breach

LastPass Says Source Code Stolen in Data Breach

LastPass source code, blueprints stolen by intruder

Lessons from the Holy Ghost Ransomware Attacks

Lloyd’s Will No Longer Include Nation-State Attacks in its Cyber Insurance Policies

LockBit ransomware gang blames victim for DDoS attack on its website

LockBit ransomware accuses Entrust for DDoS attacks against leak sites and showed proof that may make you smile also

Making sense of the Killnet, Russia’s favourite hacktivists

Mansfield school district internet-based systems down after ransomware attack

Media Streaming Service Plex Suffers Data Breach

Microsoft: Russian malware hijacks ADFS to log in as anyone in Windows

Microsoft: SolarWinds hackers gain powerful 'MagicWeb' authentication bypass

Microsoft 365 business users targeted with new DocuSign phishing scam

Microsoft Attributes New Post-Compromise Capability to Nobelium

Microsoft Uncovers New Post-Compromise Malware Used by Nobelium Hackers

More Bang for the Buck: Cross-Platform Ransomware Is the Next Problem

More than $100m worth of NFTs stolen since July 2021, data shows

Mozilla Patches High-Severity Vulnerabilities in Firefox, Thunderbird

NFT theft on the rise despite non-fungible bubble burst

NHS Cyber Attack, August 2022: What’s the Fallout?

Number of users affected by spyware in the Middle East decreases in the second quarter of 2022

Okta Hackers Behind Twilio and Cloudflare Breach Hit Over 130 Organizations

0ktapus: Twilio, Cloudflare phishers targeted 130+ organizations

Organizations changing cyber strategy in response to nation-state attacks

Over $100m worth of NFTs have already been stolen this year

Phishing PyPI users: Attackers compromise legitimate projects to push malware

Plex Breach - Streaming Giant Issues Mass Password Reset to Millions

Plex tells users to reset passwords following a data breach

Poole cyber security company advises businesses to protect against attacks

Privacy and security issues associated with facial recognition software

PyPI packages hijacked after developers fall for phishing emails

PyPI Repository Warns Python Project Maintainers About Ongoing Phishing Attacks

Ransomware attack forces French hospital to transfer patients

Ransomware attacks rose 47 percent in July

Ransomware attacks targeting financial sector tripled in last 12 months

Ransomware defies seasonal trends with increase

Ransomware dominates the threat landscape

Ransomware in Healthcare: The NHS Example and What the Future Holds

Ransomware roundup: Threats reach 1.2M per month

Researchers Uncover Kimusky Infra Targeting South Korean Politicians and Diplomats

Researchers warn of darkverse emerging from the metaverse

Restraining Russian Ransomware

Russian ransomware gang targeting healthcare organizations

Scammers Create 'AI Hologram' of C-Suite Crypto Exec

Scripting Attacks on E-Commerce Sites Hit Ally Bank Accounts

Security Industry Rallies Behind Twitter Whistleblower

SolarWinds Hackers Using New Post-Exploitation Backdoor ‘MagicWeb’

Sophisticated scammers bypass Microsoft 365 multi-factor authentication

Streaming media platform Plex warns users to reset passwords after data breach

Ten Hard-hitting Cybersecurity Statistics for 2022

The Biggest Corporate Hacks of 2021

The business effects of nation-state cyberattacks

Threat Spotlight: The Untold Stories of Ransomware

Tips for how to safeguard against third-party attacks

Total system redundancy is key to effective data protection in a ransomware and malware-riddled world

Twilio hackers breached over 130 organizations during months-long hacking spree

Twilio hackers hit over 130 orgs in massive Okta phishing attack

Twilio, Cloudflare just two of 135 orgs targeted by Oktapus phishing campaign

Twitter lacks cybersecurity & data privacy best practices, says ex-security chief

U.S. Government Spending Billions on Cybersecurity

UpHealth Sued for Negligence in Data Breach Case

Warning issued to people who receive an email from Currys

What Is Vishing, And Why Is It A Threat To Your Financial Health?

Which? issue urgent warning as fraudsters issue 'fake energy refunds' amid cost of living crisis

Why Every Cybersecurity Strategy Should Include Brand Protection

Workplace Stress Worse than Cyber-Attack Fears for Security Pros

Your cell phone is more secure than 70% of enterprise architectures

24th August

4 cybersecurity warnings from HHS

5 Keys To Successful Least Privilege Policy Implementation

$100 million in NFT thefts over last year jumped mid–‘crypto winter’

Active adversaries increasingly exploit stolen session cookies to bypass MFA

Advanced updates on healthcare ransomware attack

Air-Gapped Devices Can Send Covert Morse Signals via Network Card LEDs

AiTM phishing campaign also targets G Suite users

An experimental new attack can steal data from air-gapped computers using a phone’s gyroscope

Another hospital in Europe falls victim to a cyberattack. This time with a US$10m ransom

Barracuda Networks Reports Ransomware Volume Spikes

Beware the Crypto Stealers

BlackByte Ransomware Group Adds New “Feature” to Data Leak Site With Tiered Payment Options

Block sued after ex-staffer siphons customer data

Calcium Products, Inc. Confirms Recent Data Breach

California Age-Appropriate Design Code Act (ADCA) bill aims to increase children’s data privacy

California corrections says potential data breach affected staff, inmates

California Department of Corrections Suffers Healthcare Data Breach

Chrome 'Internet Download Manager' adware has 200,000 installs

CiCi Enterprises LP Announces Data Breach

Community Loan Servicing, LLC Files Notice of Data Breach

Companies Should Adopt Default No Trust Position on Programs to Protect Against Cyberattacks

Critical Insight Finds Attackers Shifting Focus to Smaller Hospital Systems and Specialty Clinics in H1 2022 Healthcare Data Breach Report

Critical RCE bug in GitLab patched, update ASAP! (CVE-2022-2884)

Crypto Miners Using Tox P2P Messenger as Command and Control Server

Cyber Signals report highlights ransomware-as-a-service

Cybercriminals Disconnect Mansfield ISD's Computers

Cybercrooks using ransomware as a big-bucks business model, expert says

Department for Work and Pensions (DWP) warning to everyone who is eligible for a cost of living payment

Digital transformation giant Orion Innovation hit by LockBit ransomware, hacker group claims

eCapital Corp. Announces June 2021 Data Breach in August 2022

Elevating Cyber Risk Analysis During M&A Due Diligence

EU Outlines Critical Cyber Response to Ukraine War

Fans heading to the World Cup in Qatar and firms involved in tournament warned about cybercrime risk

Finland scores highly for cybersecurity

Fremont County, Ohio, Extends Disaster After Cyber Attack

GitLab Issues Patch for Critical Flaw in its Community and Enterprise Software

GitLab ‘strongly recommends’ patching critical RCE vulnerability

Greece's largest natural gas distributor suffers a Ragnar Locker ransomware attack

Hackers attack the Dominican Agrarian Institute (IAD); they ask for about US$600 thousand to return data

Hackers use AiTM attack to monitor Microsoft 365 accounts for BEC scams

Hackers use these 4 techniques to crack passwords

Hackers Using Fake DDoS Protection Pages to Distribute Malware

Hacking gang Monster uses a graphical interface to deploy its ransomware

Healthcare is Disproportionately Susceptible to Extortion

How attackers use and abuse Microsoft MFA

How ransomware attacks target specific industries

How Risk-Based Vulnerability Patching Can Help With Your Cybersecurity Woes

How To Protect Your Data From Cryptoviral Extortion

IoT Vulnerability Disclosures Up 57% in Six Months, Claroty Reveals

Iranian APT Using Custom Tool to Scrape Gmail, Outlook Inboxes

Iranian cyberespionage group uses new Hyperscrape tool to extract emails from victims’ mailboxes

Is security becoming a priority for DevOps teams?

Jet2 issues urgent travel Covid test scam warning to holidaymakers

John Deere tractor hack reveals food supply vulnerable to cyber attacks

Karakurt ransomware group targeting healthcare providers, HHS warns

Lionel Holdings, LLC Reports Data Breach After the Company Was Targeted in a Ransomware Attack

Lloyd's to exclude certain nation-state attacks from cyber insurance policies

LockBit ransomware group implicated in crippling attack on French hospital

Major Database Mess Up Leaves Indian Federal Police and Banking Records Exposed

Microsoft Active Directory as a Prime Target for Ransomware Operators

Moon School District Suffers Cyber Attack

More schools falling victim to cyberattacks

NCSC Shares Guidance to Help Secure Large Construction Projects

New malware campaigns using phishing emails with REMCOS RAT executables

New ransomware HavanaCrypt poses as Google software update

Old, Inconspicuous Vulnerabilities Commonly Targeted in OT Scanning Activity

OneTwoTrip online booking service exposure

Peiter 'Mudge' Zatko: CSO-turned-whistleblower says Twitter security was in a shambles

Phishing attacks bounce back after pandemic slowdown

Phishing Campaign Targets PyPI Project Maintainers

Plex breached: Change your passwords now

Plex confirms massive data breach and triggers password reset

Plex Data Breach: Streaming Service Says User Emails, Passwords Were Accessed by Third Party

Plex forces password resets after database access incident

Plex hacked – streaming service down as all users told to change passwords today

Plex Suffers Data Breach, Warns Users to Reset Passwords

Plex warns users to reset passwords after data breach

Protecting the crown jewels from cyberattack

Quantum ransomware attack disrupts government agency in Dominican Republic

RansomEXX claims ransomware attack on Sea-Doo, Ski-Doo maker

Ransomware Actor Abuses Genshin Impact Anti-Cheat Driver to Kill Antivirus

Ransomware Attacks in Huge Monthly Spike

Ransomware Gangs Now Hustling Triple Extortions, Study Finds

Ransomware still the No 1 threat

Ransomware Surges to 1.2 Million Attacks Per Month

Ransomware Takes Down Internet, Web Systems at Mansfield ISD

Ransomware, other security threats reveal insurance ‘cyber gap’

Researchers Warn of AiTM Attack Targeting Google G-Suite Enterprise Users

SaaS platforms are facing more phishing attacks than ever

Sacramento-area college has its system hacked - again

The Challenge of Shadow OT

The Ransomware Playbook Mistakes That Can Cost You Millions

The war in Ukraine has threatened its vital agriculture. Now it could be crippled by a cyberattack

This company paid a ransom demand. Hackers leaked its data anyway

Twitter Dismisses Whistleblower's Claim Of Sensitive User Data Breach, Terms Allegation ‘False Narrative'

Twitter Whistleblower Complaint: The TL;DR Version

UK Water Supplier Suffered a Clop Ransomware Attack During Major Drought; Victim Initially Misidentified as UK’s Largest Water Utility

US Healthcare Sector Breaches 342m+ Records Since 2009

US Orgs Have Suffered 5,000 Healthcare Data Breaches Since 2009

US, Israel sign deal to combat ransomware, protect critical financial infrastructure

VMware Fixes Privilege Escalation Vulnerabilities in VMware Tools

WannaCry explained: A perfect ransomware storm

War in Ukraine Has Pushed Two-Thirds of Businesses to Change Cyber Strategy

Warning: cyber criminals are launching phishing attacks on LinkedIn

What is vishing and how do I protect myself against it?

Why business email compromise still tops ransomware for total losses

Why Does Medical Imaging Equipment Need Better Cybersecurity?

ZeroFox Intelligence release the report of Black Basta Ransomware

23rd August

5 mistakes to avoid when building DevSecOps

5 Signs You’ve Been Hacked – And What To Do Next

7 open-source malware analysis tools you should try out

Air-Gap Attack Exploits Gyroscope Ultrasonic Covert Channel to Leak Data

Alleged Russian ransomware attacker indicted, faces extradition from the Netherlands

An inside look into states’ efforts to ban government ransomware payments

API security incidents occur at least once a month

Australia urged to bump up cyber defences

Backdoored Counterfeited Android Phones Hacking WhatsApp Accounts

Big boost for fight against bank scams in South Africa

CISA Adds Palo Alto Networks' PAN-OS Vulnerability to Catalog

Configuration Errors to Blame for 80% of Ransomware

Continuous training and assessment key to robust cybersecurity

Counterfeit Android Devices Revealed to Contain Backdoor Designed to Hack WhatsApp

Cyber attack blamed for school books not yet arriving in St Lucia

Cyber attackers disrupt services at French hospital, demand $10 million ransom

Cyber crime experts warn people with an approaching birthday to watch out for new 'flattery' scam

Data Breaches and Class Actions in New Zealand

Data Breaches That Have Happened in 2022 So Far

DDoS attacks jump 203%, patriotic hacktivism surges

Employee Data Exposed After North Dakota Phishing Attack

ETHERLED: Air-gapped systems leak data via network card LEDs

ETHERLED and GAIROSCOPE Attacks Allow Data Exfiltration from Air-gapped PC

Ex-Security Chief Accuses Twitter of Cybersecurity Negligence

Expert Responds to Alleged Indihome Data Leak Compromising 26 Million Users

FBI: Beware Residential IPs Hiding Credential Stuffing

FBI warns new variant of ransomware fraud targets hospital, medical device companies in San Francisco Bay Area

Financial Institutions Are Overwhelmed When Facing Growing Firmware Security and Supply Chain Threats

Firewall Bug Under Active Attack Triggers CISA Warning

Five questions to ask about cyber insurance

France: a hospital center targeted by a cyberattack, 10 million dollars claimed

Fraud costs increase for a second year – global survey

French hospital hit by $10M ransomware attack, sends patients elsewhere

Google says Iranian group using tool to download Gmail, Yahoo!, Outlook inboxes

Google Uncovers Tool Used by Iranian Hackers to Steal Data from Email Accounts

Hacktivists in the DUMPS in Solidarity With Ukraine

Has ESG Become a Wake-Up Call for Cybersecurity?

HC3 Notes Uptick in Healthcare Vishing Attacks, Social Engineering

Hertfordshire has lost £17.9m to cybercrime this year

How Data and Analytics Can Assist with Cybersecurity

How Much Cyber Liability Insurance Do You Need?

Hybrid working is here to stay – now secure your workforce

Iranian hackers use new tool to steal email from victims

IT teams face a new cybersecurity reality in the changing world of work

Kaspersky sees increase in vulnerability exploits on old version of Microsoft Office

Keeping up with the Attackers: Educating Staff on New Monkeypox Themed Phishing Campaigns

Local governments stay vigilant to cyber threats when acquiring technology

Major airline technology provider Accelya attacked by ransomware group

Major city car dealership hit by huge data theft cyber attack in July

Malaysia: Cleaning service scam uses cheaper rate to snare victims

Media Companies Doubly Susceptible to Cyberattacks

Media Firms Twice as Vulnerable as Cross-Sector Average

Misconfigured Facebook tracker on Novant Health's website leaked patient data to Meta's servers

Mitigating cyber risk through dynamic coverage

MJH Life Sciences Confirms Recent Data Breach

Most Important Healthcare Cyber Threats for 2022

New 'Donut Leaks' extortion gang linked to recent ransomware attacks

New PayPal Phishing Scam using "Billing Department of PayPal" as seller name

Onyx Technology alerts clients and patients of ransomware incident

Phishing attacks abusing SaaS platforms see a massive 1,100% growth

Phishing campaign preying on hotels and travel firms

Phishing, software vulnerability account for 70% of cyber incidents

Pirated 3DMark benchmark tool delivering info-stealer malware

Puerto Rico hit with 737 Million cyberattacks so far in 2022, Fortinet says

Ransomware: Most attacks exploit these common cybersecurity mistakes - so fix them now, warns Microsoft

Ransomware attack takes down computers in Mansfield ISD

Securing IT Infrastructure Against Complexity

Service By Medallion, Inc. Reports Data Breach Following Compromised Employee Email Account

Shred-it Annual Report Finds Data Protection Vital for Small Businesses

Singapore sees uptick in cyber threats in 2Q of 2022

Six months into the war, how have Ukraine and its Western allies resisted Russia’s digital tactics?

Suspected Iranian Hackers Targeted Several Israeli Organizations for Espionage

Tackling Cybersecurity Threats in the Biotechnology Industry

The importance of industrial cyberattack response

The Rise of Data Exfiltration and Why It Is a Greater Risk Than Ransomware

The Rise of Mobile Phishing and How to Handle It

Threat actors again target critical SAP ICMAD vulnerabilities

Threat Actors Pivot After Microsoft Macros Decision

Top 6 Security Concerns for SaaS Industry

U.K. attack spotlights water sector vulnerabilities

UK car dealer Holdcroft Motor Group hit by a ransomware attack

Urology Center of Colorado data breach class action settlement

What Are the 7 Most Common Twitter Crypto Scams?

Why are data breaches still an issue?

Why Data Fragmentation is a Top Concern for Cloud-Focused Enterprises?

Why financial institutions should prioritise microsegmentation

XCSSET Malware Updates with Python 3 to Target macOS Monterey Users

22nd August

4 key steps schools can take today to get strong multi-factor authentication security

4 Tips to Develop a Human-Layered Cybersecurity Defense

10 steps to prevent cyberattacks on industrial control systems

40% of Business Executives Are Worried About Getting Hacked, But Will They Do Anything About It?

67% of organizations had identity-related data breaches last year

A national data privacy law might arrive sooner than expected

A 'nightmare scenario': Data-tampering attacks are hard to detect, with devastating consequences

Advanced issues status updates on products affected by cyber-attack

Are You Ready? How to Prepare for a Security Incident

"As Nasty as Dirty Pipe" - 8 Year Old Linux Kernel Vulnerability Uncovered

Attackers using fake Cloudflare DDoS protection popups to distribute malware

Attention Massachusetts Residents: Scammers Are “Phishing” For New Bait!

Before Portland lost $1.4 million in cyber breach, city treasurer raised red flag

Beware of this very convincing PayPal phishing scam

Blume Global, Inc. Confirms Data Breach After Malware Attack

California Department of Corrections and Rehabilitation (CDCR) Announces Potential Data Breach Impacting Incarcerated Population, External Stakeholders

Can you trust your data?

Car Dealership Hit by Major Ransomware Attack

Caribbean Airlines warns of scam circulating in WhatsApp

China-backed hackers targetted MeitY's National Informatics Centre (NIC), other entities

CISA is warning of high-severity PAN-OS DDoS flaw used in attacks

CISA Warns of Active Exploitation of Palo Alto Networks' PAN-OS Vulnerability

Cisco reveals it was target of phishing attack

Companies Are Ditching Cybersecurity Insurance as Premiums Rise, Coverage Shrinks

Cookie theft threat: When Multi-Factor authentication is not enough

Cyber expert reveals you are more likely to be hacked on your birthday than on any other day

Cyber insurance study suggests businesses lack ransomware insurance

DDoS Protection Weaponized to Deliver RATs

Defense Against DDoS Attacks Needs Awareness and Modern Defenses

Disk wiping malware knows no borders

DoNot Team cyberespionage group updates its Windows malware framework

Dorset named cybercrime hotspot with £8.1m lost in six months

Endpoint Security: How To Protect Your Business From Hackers

Escanor malware delivered in weaponized Microsoft Office documents

Escanor RAT Malware Deployed Via Microsoft Office and PDF Documents

Essential Cybersecurity Guide For New Startups

Estonia's Battle Against a Deluge of DDoS Attacks

Fake DDoS protection pages are delivering malware!

Fake Reservation Links Prey on Weary Travelers

FBI warns of residential proxies used in credential stuffing attacks

Fileless malware: how does it work?

Fremont County, Colorado, Officials Investigate Disruptive Cyber Attack

Friedrich Air Conditioning, LLC Announces Data Breach

Google blocks world's largest web DDoS cyber attack ever

Greek gas operator refuses to negotiate with ransomware group after attack

Greek natural gas operator suffers ransomware-related data breach

Hackers are targeting vital infrastructure. Before it’s too late, safety must be a priority

Hackers are using this sneaky exploit to bypass Microsoft's multi-factor authentication

Hackers demand $10m to end cyber attack on Paris regional hospital

Hackers Target ATM Maker for Bitcoins

Half of UK businesses only recognising cyber threats after an attack

Hampshire's Hantec Systems say hundreds of UK businesses at risk of cyber attack

HHS HC3 Warns of Vishing, Other Social Engineering Scams

How many breaches has Overlake Medical Center & Clinics experienced in the past few years?

How To: Prove Identity Security ROI to Boards as a CISO

How to be Ransomware Ready in Four Steps

How to protect your organization from ransomware-as-a-service attacks

How to Recover Cryptocurrency from Fraudsters

How to secure your new computer

How To Stop Spam Text Messages For Good

How vulnerable supply chains threaten cloud security

Implementing Zero Trust? Make Sure You're Doing It Correctly

Indonesia: Kominfo Looks Into Alleged Indihome Major Data Breach

In-app browsers on Meta and TikTok can ‘track everything’

LockBit ransomware group targeted with DDoS attack after Entrust data leak

Lloyd’s to end insurance coverage for state cyber attacks

Mac users beware: North Korean hacking group Lazarus exploiting the weak job market with malicious fake job emails

Mansfield ISD Experiencing Cyber Attack, Phones & Internet Down

Many businesses not protected from cyber attacks, survey finds

Meet Borat RAT, a New Unique Triple Threat

Meta and TikTok can track everything on in-app browsers, new research claims

MFA vs. SSO Explained

Microsoft: How we unearthed a critical flaw in ChromeOS, and how Google fixed it

Middle East take 2nd place in data breach defeats

Misconfigured Meta Pixel exposed healthcare data of 1.3M patients

Mysterious Hackers Revealed: Who Are The Most Dangerous Black Hat Hackers?

New Air-Gap Attack Uses MEMS Gyroscope Ultrasonic Covert Channel to Leak Data

North Korea launches cyberattack using stolen South Korean police officer’s ID

North Korean Lazarus hacker group is phishing Mac users with fake job posts: How to protect yourself

Over 80,000 exploitable Hikvision cameras exposed online

People can re-register to vote by post in Gloucester but concerns remain over cyber attack

Probe launched after officials' expenses claims published

Protecting an organisation’s most valuable asset: why a solid data management and protection strategy is non-negotiable

Ransomware attack on medical billing provider affected 942K patients and 28 hospitals

Ransomware Attacks Hit Two Out Of Three Organizations In 2021: Here’s What You Need To Know

Real-Time Locating Systems (RTLS) Found Vulnerable to MiTM Attacks and Location Tampering

Researchers Find Counterfeit Phones with Backdoor to Hack WhatsApp Accounts

Singapore: Beware of ongoing phishing scam in Carousell; victims told to click links from scammers posing as buyers

South Korea: Prosecution toughens punishment for voice phishing crimes

Splunk Labels LockBit as Cybercrime-as-a-Service

Sturm, Ruger & Co. Inc. Announces Third-Party Data Breach Stemming from Malware Attack Against Freestyle Solutions

The allure of fraud – and how to protect against it

The underestimated impact of enterprise cyberattacks on individual consumers

Threat Actor Deploys Raven Storm Tool to Perform DDoS Attacks

TikTok’s In-App Browser Can Monitor Your Activity on External Websites

UK Drinking Water Supplier Falls Victim to Clop Ransomware Gang

US Sanctions Tornado Cash Over Ransomware Incidents, Worrying Crypto Privacy Advocates

Why getting endpoint security right is crucial

VIASAT hack impacted French critical services