Editor's Message

Welcome to DBD. 2023 has been the worst year on record for Data-Leaking Ransomware Attacks, and despite Law Enforcement gains, show no signs of slowing down. On a more positive note, our PRiSM platform continues to gain recognition and is now officially endorsed as a Ransomware Intelligence Resource by the SANS Institute. With that in mind, we would like to take this opportunity to thank you for all your very much appreciated and continued support. Stay safe. :)



Monday 31 October 2022

Bed Bath & Beyond: New Jersey Domestic Merchandise Retail Chain Suffers Employee Email Phishing Attack Resulting In Data Breach

Data Breaches Digest - Week 44 2022

Welcome to this week's Data Breaches Digest, a catalogue of links concerning Data Breaches and Cyber Security that were published on the Internet during the period between 31st October and 6th November 2022.


6th November

Black Friday scams to watch out for this year - and how to avoid them

Building stronger online defences

Crypto Platform Mango Markets Hacked; More Than $100 Million Stolen

Don’t take the phishing bait – you may be caught hook, line and sinker

Hackers steal $11m from Nigeria, others

IANS reported a new record in password attacks

Indianapolis Housing Agency vulnerable to crippling cyberattack, former staff say

LockBit ransomware gang hits Melbourne school Kilvington Grammar

The US spent $1.2 billion on ransomware payments in 2021

Victorians’ data at risk after cyber attack on tech company PNORS Technology Group

Will USPS Text You? Free Walmart Gift Card? Belated Halloween Sales? Top Scams and Phishing Schemes of the Week

5th November

27% Of Global Companies Suffer Data Breaches In 3 Years

Amazon Data Breaches History and Complete Timeline up to 2022

Crypto Hack Executed Using Anime-Based NFT Creator’s Twitter

From ads to phishing - seven signs to look out for that show a website may be a scam

Hackers Abusing Microsoft Dynamics 365 Customer Voice to Steal Credentials

Hackers sending government officials phishing mails for T-20 World Cup bets, claims cybersecurity firm

Here’s how lawmakers are tackling rising cyber threats in the health sector

How Qatar hacked the World Cup

Inside the global hack-for-hire industry

'It's a nightmare.' Expert weighs in on ransomware attack facing Norman Public Schools

Microsoft Warns of Uptick in Hackers Leveraging Publicly-Disclosed 0-Day Vulnerabilities

Nearly Half of Local Government Employees Use Old Android Devices

NHS cyber attack still believed to be affecting patients’ records three months on

Password attacks rise to 921 per second: Microsoft

Phishing-as-a-Service Platform Offers MFA Bypass for $1500

QRjacking and QRishing, the scams that are carried out through the QR

Researchers Uncover 29 Malicious PyPI Packages Targeted Developers with W4SP Stealer

State Bank of India (SBI) red-flags fake Income Tax app stealing taxpayer info. Follow these steps to stay safe

State consumer safety experts issue tips for online shopping

Technology group providing services to Victorian government departments hit by cyber attack

What Is Big Game Hunting and Are You at Risk?

Zero-day are exploited on a massive scale in increasingly shorter timeframes

4th November

4 health systems facing lawsuits for data breaches

5 Access Control Best Practices You Need to Secure Your System

5 use cases for Managed Detection and Response (MDR) to fight ransomware

As Twitter brings on $8 fee, phishing emails target verified accounts

At $2 million-plus, manufacturing sector paid the biggest ransom after cyberattacks

Attackers leverage Microsoft Dynamics 365 to phish users

Australia leading global fight against ransomware

Australia sees rise in cybercrimes on back of 'destructive' ransomware, state actors

Black Basta Ransomware Attacks Linked to FIN7 Threat Actor

Black Basta Ransomware Linked to FIN7 Cybercrime Group

Boeing's Jeppesen Unit Sees Potential Ransomware Attack, Causes Flight Planning Disruptions

Boyd Cycling targeted in Instagram hack

British government is scanning all Internet devices hosted in UK

Business Email Compromise (BEC) Group Crimson Kingsnake Linked to 92 Malicious Domains

BWX becomes a victim of cyber attack, customer details exposed

CISA demystifies phishing-resistant MFA

CISA Warns of Critical Vulnerabilities in 3 Industrial Control System Software

Cyber attack on Boeing subsidiary behind Sunwing outage

Cyber bank robbers Opera1or may have nabbed $30m in crime spree

‘Cyberspace has become a battleground,’ warns Australian Cyber Security Centre

“Disturbing” Rise in Nation State Activity, Microsoft Reports

Dropbox Accelerates Adoption of WebAuthn in Response to Phishing Attack

Eight Best Practices For Ransomware Threat Hunting

Emotet, the botnet that came back from the dead

FBI: Hacktivist DDoS attacks had minor impact on critical orgs

FIN7 cybercrime cartel tied to Black Basta ransomware operation

Finnish Hacker Charged With Extorting Psychotherapy Clinic, Used Patients' Medical Records To Seek Ransom

Fremont County, Colorado, Nears Full Capacity After Cyber Attack

Geopolitics plays major role in cyberattacks, says EU cybersecurity agency

Health data cyber crime punishments must be harsher

Hive Ransomware Group Leaks Stolen Data After Attacking a Major India Power Company

How a hacker who stole data of millions of people was tracked & arrested because his girlfriend uploaded this pic on Instagram

How are energy and utility companies thinking about edge and security?

Hundreds of national and local news sites hacked to push malware

ICO Slashes Government Data Breach Fine

Is Monkey Drainer Contract the Biggest Phishing Business in Crypto Right Now?

Joint Advisory Outlines Attacks by Daixin Team

LockBit Claims Ransomware Attack on Continental

Massachusetts Attorney General finds failed security measures led to Georgia provider’s breach

MercyOne back online after ransomware attack

Microsoft launches passwordless authentication for Azure AD on iOS and Android

Microsoft says “it’s just too difficult” to effectively disrupt ransomware

Monkey Drainer on Hacking Spree, Steals Another 520 ETH Worth NFTs

Nations get tough on cryptocurrency to tackle ransomware attacks

NHS cyber attack hits patient care with records left in ‘chaos’ three months on

OakBend Medical Center Provides Healthcare Data Breach Notice

One-third of organizations changed leadership after a cyberattack

Outmaneuvering cybercriminals by recognizing mobile phishing threats’ telltale markers

Phishers Abuse Microsoft Voicemail Service to Trick Users

Prayer rally to defeat Michigan abortion amendment is victim of ‘pro-choice cyber attack’

Protecting yourself from Smishing

Ransomware and CISOs’ balancing act

Ransomware Costs Reached $1.2 Billion in 2021

Ransomware Group Threatens to Leak Data Stolen From Car Parts Giant Continental

Researchers Detail New Malware Campaign Targeting Indian Government Employees

Robin Banks phishing service returns to steal banking accounts

RomCom Malware Woos Victims With 'Wrapped' SolarWinds, KeePass Software

RomCom RAT campaigns abuses popular brands like KeePass and SolarWinds NPM

RomCom weaponizes KeePass and SolarWinds to target Ukraine, potentially the UK

Searching for that hard-to-find product? A scammer knows that too, and will make you pay!

St. Luke's suffers 3rd-party data breach

The cybersecurity impacts of bots on e-commerce in 2022

The growing threat of cyber attacks on cryptocurrencies

Treasury: Most Ransomware Had Russian Connection in Late 2021

Twitter reminding users to look out for phishing emails

‘Wake-up call for real estate agencies’: Harcourts hit by data breach

Ways Hackers Can Ruin Your Finance and Investments

What is a Tiered Resiliency Architecture and Why Does it Matter?

What the Growth of Ransomware Variants Says About the Evolving Cybercrime Ecosystem

When it comes to your email security, expect the unexpected

White House Convenes Ransomware Summit as Reported Incidents Soar By Over 50%

World's Most Expensive Observatory Floored by Cyber-Attack

Yanluowang ransomware gang goes dark after leaks

Your Operational Technology (OT) Is No Longer Isolated: Act Fast to Protect It

3rd November

3 transportation cybersecurity and technology trends

4 Major Benefits of Next Gen SIEM

86% of cloud attacks in healthcare sector lead to financial losses or other damage

130 Dropbox Code Repositories Compromised in a Sophisticated Phishing Campaign

2021 Hack Cost Port of Louisiana $420K in Lost Funds

ALMA Observatory shuts down operations due to a cyberattack

Australia: Calls for widespread rental reform to protect against cyber attack

Banks should prepare to spend big on cyberdefenses as ransomware payments reach record levels

Bed Bath & Beyond's technology chief resigns after possible data breach

Black Basta ransomware gang linked to the FIN7 hacking group

Boeing’s Jeppesen Subsidiary Hit With Potential Ransomware Attack

Bot Warning for Retailers Ahead of Busy Shopping Season

Breaches at Australian Firms Highlight Need for Data-centric Security

Businesses want technologies that allow for passwordless workflows

Cabinet Office fine over honours data breach slashed by 90% as ICO considers ‘current economic pressure’

Canada Releases Latest National Cyber Threat Assessment

Convergent Outsourcing, Inc. Reports Data Breach Following Ransomware Attack

Cost-of-living: rising cyber threats

Crime group hijacks hundreds of US news websites to push malware

Cyber attack 'stalled Danish trains'

Cyber incident at Boeing subsidiary causes flight planning disruptions

Cyber Threat Landscape Shaped by Ukraine Conflict, ENISA Report Reveals

Cybersecurity recovery is a process that starts long before a cyberattack occurs

Cyberspace ‘a battleground’ as reports of cybercrime in Australia jump 13%

Cyberwar is Changing – is Your Organization Ready?

Danish train standstill on Saturday caused by cyber attack

Data and its security in the future of IT

Dropbox Data Breach Another Multifactor Fail

Dropbox data breach compromises 130 GitHub repositories

Dropbox discloses security breach

Dropbox Suffers Data Breach After Phishing Attack

Eight Cybersecurity Checkups Your Company Should Conduct Regularly

Emotet malware is back from the dead again after 5 month break

Ethos Group Confirms Recent Data Breach

Everything You Need to Know About Cyberattacks on US Hospitals

Experts link the Black Basta ransomware operation to FIN7 cybercrime gang

Fail to prepare, prepare to fail – ICO’s latest warning shot to companies lacking in data protection compliance and suffering cyber attacks

Federal Trade Commission (FTC) Takes Action Against Ed Tech Provider for Failure to Secure Student’s Personal Information

FIN7 Cybercrime Group Likely Behind Black Basta Ransomware Campaign

From Online Fraud to DDoS and API Abuse: The State of Security Within eCommerce in 2022

Global coalition reaffirms commitment to fight ransomware

Global Tech Companies Lost over $20m to Data Breach in Three Years

Go the Distance With Ransomware Recovery

Governments Might Change, but Data Protection Obligations Remain

Hacker Charged With Extorting Online Psychotherapy Service

Hackers encrypt servers, transfer data from OakBend Medical Center

Hackers Using Rogue Versions of KeePass and SolarWinds Software to Distribute RomCom RAT

Hacker gang OPERA1ER stole $11 million from African companies

How Businesses Can Prevent and Combat Cyber Threats

How government, business are looking at cybersecurity in changing tech landscape

How to Improve Your Incident Response in the Cloud

How to manage data lifecycle: Data retention for compliance

International summit agrees crack down on crypto to combat ransomware

IoT cybersecurity is slowly gaining mainstream attention

Joint Advisory Outlines Attacks by Daixin Team

LockBit ransomware claims attack on Continental automotive giant

LockBit repeats 'PR stunt' as Thales ransomware investigation reveals no breach

Malware, Ransomware, IoT Pose Major IT Security Challenges

Manufacturing sector pays highest average ransomware payment

Melbourne real estate agency data breach leaves details of renters and landlords exposed

MercyOne mostly back online following CommonSpirit ransomware attack

Mondelez and Zurich’s NotPetya cyber-attack insurance settlement leaves behind no legal precedent

Multi-factor auth fatigue is real – and it's why you may be in the headlines next

Municipalities, school districts are large targets

New clipboard hijacker replaces crypto wallet addresses with lookalikes

New Crimson Kingsnake gang impersonates law firms in BEC attacks

New TikTok Privacy Policy Confirms Chinese Staff Can Access European Users' Data

Next generation of phishing attacks uses unexpected delivery methods to steal data

North Idaho College recovering from cyberattack that led to network shutdown

OPERA1ER APT Hackers Targeted Dozens of Financial Organizations in Africa

OPERA1ER hackers steal over $11 million from banks and telcos

Optus promises to pay cost of replacing foreign passports compromised in data breach

Port of South Louisiana Suffered $420K Cyber Attack Last Year

Prepare now: threat of cyber attacks on companies is higher than ever

Ransomware: The Ghoulish Battle With New Rules

Ransomware attack on Osaka General's network stalls critical surgeries & daily operations

Ransomware attack strikes US hospital's legacy network, impacts over 77,000 patients

Ransomware booming if one goes by Lockbit founder member's claims

Ransomware claims fall in SME segment

Ransomware on the rise, hitting schools and healthcare

Renter data, IDs exposed in Hardcourts breach

Researchers Find Links between Black Basta Ransomware and FIN7 Hackers

Reseller Hack Results In Data Breach, Vodafone Italy Confirms

RomCom RAT malware campaign impersonates KeePass, SolarWinds NPM, Veeam

RomCom Weaponized KeePass and SolarWinds Instances to Target Ukraine, Maybe UK

Royal Mail customer data leak shutters online Click and Drop

Rubic DEX loses $1 million in crypto to hacker attack

SandStrike fake VPN is latest in wave of new Android malware

Singapore: Victims lose $237,000 amid resurgence in SingPost and Singtel phishing scams

Skyward Finance Allegedly Suffers $3M Loss in Exploit

St. Luke’s Health Suffers Third-Party Data Breach, Unrelated to CommonSpirit Attack

State and Federal Crackdown on Data Breach: EyeMed, Carnival Cruise & CafePress Settlements

The metaverse ushers in a new era of cyber threats

The US Treasury says it easily stopped an attack by a notorious Russian hacker group

These Four Android Apps On Google Play Exposed 1M Devices To Malware, Delete ASAP

Threat Actor "OPERA1ER" Steals Millions from Banks and Telcos

Threat Actors Pivot to Credential Theft in Government Mobile Phishing Attacks

Three Rivers Provider Network Confirms Recent Data Breach Impacting Victims’ Social Security Numbers

TikTok Confirms Chinese Staff Can Access UK and EU User Data

U.S. Banks Processed Nearly $1.2 Billion in Ransomware Payments in 2021

UK Security Agency to Scan the Country for Bugs

What is a phishing attack?

White House Announces International Efforts to Disrupt Ransomware

Why Identity & Access Management Governance is a Core Part of Your SaaS Security

Zurich and Mondelez Reach NotPetya Settlement, but Cyber-Risk May Increase

2nd November

$28 million stolen from cryptocurrency platform Deribit

32% of cybersecurity leaders considering quitting their jobs

130 Dropbox code repos plundered after successful phishing attack

A Third of Security Leaders Considering Quitting Their Current Role

ALMA radio telescope in Chile taken down by cyber attack

Almost half of phishing attacks target government employees, research says

Android Apps With a Million Downloads Led Users to Phishing Sites

Are Mobile Phones Becoming A Hacker's Dream?

Bank of Ireland warns of new text-and-call phishing scams

Bed Bath & Beyond reviewing data breach

Bed Bath & Beyond's technology chief resigns after possible data breach

Chester, Pennsylvania, Lost $400K to Phishing Scheme Over Summer

CISA Urges Organizations to Implement Phishing-Resistant MFA

Countries band together to better fight ransomware, set ‘priority targets’

Cyber threats in K-12 are 'here to stay'

Dozens of PyPI packages caught dropping 'W4SP' info-stealing malware

Dropbox Breach: Hackers Unauthorizedly Accessed 130 GitHub Source Code Repositories

Dropbox confirms hackers stole 130 code repositories in GitHub phishing campaign

Dropbox Discloses New Breach After Successful Phishing Attack

Dropbox Suffers Breach, 130 GitHub Repositories Compromised

Dropbox suffers data breach following phishing attack

Emotet botnet starts blasting malware again after 5 month break

Experts Warn of SandStrike Android Spyware Infecting Devices via Malicious VPN App

Eye Care Leaders Data Breach Impacts 15K at Oklahoma Eye Care Practice

French defense firm denies ransomware attack after leak site posting

GitHub Flaw Underscores Risks of Open Source, RepoJacking

Government workers face more phishing attacks on mobile devices

Group indicted for breaching CPA, tax preparation firms via stolen credentials

Hackers Stole 130 Source Code GitHub Repos In Dropbox Data Breach

Harcourts Melbourne City real estate agency advises customers of data breach

How can we protect ourselves and make ransomware less lucrative?

How to Prevent Ransomware Attacks

How To Stay In Control During And After A Ransomware Breach

Hundreds of U.S. news sites push malware in supply-chain attack

ID Authentication Bypass and the Next Evolution in Phishing Campaigns

Inside Raccoon Stealer V2

International Counter Ransomware Initiative Lays Out Plans to Fight Ransomware

IoT devices can undermine your security. Here are four ways to boost your defences

Macros could be the key to a cyber attack

Meet fundamental cybersecurity needs before aiming for more

Mobile Phishing Attacks on Government Staff Soar

MODE Global, LLC Reports Data Breach Affecting 11k Individuals

Multi-Color Corporation Reports Data Breach Affecting Sensitive Employee and Dependent Information

Multiple Vulnerabilities Reported in Checkmk IT Infrastructure Monitoring Software

New London Hospital data breach class action lawsuit settlement

New research shows that next generation phishing attacks use unexpected delivery methods to steal data

Next Generation of Phishing Attacks Uses Unexpected Delivery Methods to Steal Data

No, Dropbox ‘Hacker’ Hasn’t Stolen Passwords Or Data Of 700 Million Users

OakBend Medical Center Confirms Data Breach Following Encryption Event

One in 42 Healthcare Organizations are Impacted by Ransomware

OpenSSL dodges a security bullet

OpenSSL Released Patch for High-Severity Vulnerability Detected Last Week

OpenSSL Security Advisory Downgraded to High Severity

Osaka hospital hit by ransomware

Osaka Hospital services disrupted after a ransomware attack

Phishing attacks aimed at government personnel up 30% in 2021

Phishing attacks using unexpected methods to steal data

Ransomware Attack Disrupts Japanese Hospital for Second Day

Ransomware cost US banks $1.2 billion last year

Ransomware “Most Acute Threat” Faced by UK

Ransomware remains top cyber risk

Ransomware Remains Top Cyber Threat To Businesses, Deep Instinct Finds

Royal Mail Admits Data Breach After IT Glitch

SandStrike Spyware Infecting Android Devices through VPN Apps

Somnia Pain Management of Kentucky Announces Data Breach Stemming from Incident at Unnamed Management Services Organization

Study Shows Nearly Half of Participating Healthcare Payers Experienced a Data Breach in the Last Five Years, Costing an Average of $5.39M per Incident

The Increasingly Complex Threat Landscape Must Be Fought With Simplicity

The surprising relationship between Bitcoin and ransomware is investigated in White House summit

These Android Apps with a Million Play Store Installations Redirect Users to Malicious Sites

Top malware and ransomware trends and tactics from the first half of 2022

Twitter Verified Status Users Flooded with Scams

U.S. government employees exposed to mobile attacks from outdated Android, iOS

U.S. Treasury: Ransomware attacks increased in 2021

UK NCSC responded to 63 “nationally significant” cyber incidents in past year

US Hacker Group Indicted For Million-Dollar RICO Conspiracy

Vodafone Italy discloses data breach after reseller hacked

WakeMed Faces Data Breach Lawsuit Over Meta Pixel Use

Yanluowang ransomware leaks suggest pseudo Chinese persona, REvil links

1st November

3 inexpensive steps to secure IoT

10 signs a mobile device has been infected with malware

37 governments band together against ransomware

86% of cloud attacks in healthcare result in financial consequences

Australian Defence Force Communications Service Hit by Ransomware Attack

Bed Bath & Beyond Investigating Data Breach After Employee Falls for Phishing Attack

Chinese Hackers Using New Stealthy Infection Chain to Deploy LODEINFO Malware

CISA Publishes Multi-Factor Authentication Guidelines to Tackle Phishing

Clearing the Fog Over the New OpenSSL Vulnerabilities

Confusion Over Twitter’s Blue Tick Verification Badges Gives Rise to Phishing Scams

‘CosMiss’ vulnerability found in Microsoft Azure developer tool

Critical RCE Vulnerability Reported in ConnectWise Server Backup Solution

Dangers of saying ‘yes’ to ransomware

Dropbox discloses breach after hacker stole 130 GitHub repositories

Ecuador’s military denies ransomware attack after website goes offline

Federal Trade Commission (FTC) Takes Enforcement Action Against EdTech Giant Chegg

Fraudulent Instruction Losses Spike in 2022

Google ad for GIMP.org served info-stealing malware via lookalike site

High-severity OpenSSL vulnerabilities fixed (CVE-2022-3602, CVE-2022-3786)

Interactive Malware Sandbox in Your Security System

Last Years Open Source - Tomorrow's Vulnerabilities

Leaked Amazon Prime Video Server Exposed Users Viewing Habits

List of Data Breaches and Cyber Attacks in October 2022 – 9.9 Million Records Breached

LockBit Dominates Ransomware Campaigns in 2022

Malicious Android apps with 1M+ installs found on Google Play

Microsoft fixes critical RCE flaw affecting Azure Cosmos DB

National Cyber Security Centre (NCSC) Issued 34 Million Cyber Alerts in Past Year

New phishing emails take advantage of Twitter’s ongoing verification mayhem

New Ransomware Attack Tries to Frame Security Researchers

New SandStrike spyware infects Android devices via malicious VPN app

One in 42 Healthcare Organizations are Impacted by Ransomware

OpenSSL fixes two high severity vulnerabilities, what you need to know

OpenSSL Releases Patch for 2 New High-Severity Vulnerabilities

Osaka Hospital Halts Services After Ransomware Attack

Osaka hospital suspends services after ransomware cyberattack

Phishing Attacks Increase by 61 Percent in 2022

Policing the Metaverse – Law Enforcement’s New Challenge

Public Wi-Fi safety tips: Protect yourself against malware and security threats

Quantum ransomware group targeted Australian Clinical Labs, posted stolen data on the Dark Web

Ransomware: Not enough victims are reporting attacks, and that's a problem for everyone

Ransomware activity and network access sales in Q3 2022

Ransomware Attacks Pose Biggest Threat to UK Organizations

Ransomware is a global problem and getting worse, says US

Ransomware remains top cyber risk for organisations globally

Ransomware Research: 17 Leaked Databases Operated by Threat Actors Threaten Third Party Organizations

Researchers Disclose Details of Critical 'CosMiss' RCE Flaw Affecting Azure Cosmos DB

Royal Mail Data Breach: Here’s What You Need to Know

Russia Linked to Nearly 75% of Late 2021 Ransomware Attacks

Russian Hacker Behind Massive Data Breach Released From U.S. Prison

Student Suspected of Running Germany’s Largest Dark Web Market DiDW

Thales Probes Data-Leak Threat by Hacker Group

Twilio admits to falling victim to a second cyber attack in the Summer

U.S. Treasury thwarted attack by Russian hacker group last month

UK's Royal Mail pauses access to online service after glitch

Unofficial fix emerges for Windows bug abused to infect home PCs with ransomware

US banks report more than $1 billion in potential ransomware payments in 2021

US Treasury: Financial institutions reported $1.2 billion in ransomware losses in 2021

Where do business continuity plans fit in a ransomware attack?

White House Ransomware Confab Ends With Data Sharing Pledge

World leaders make fresh vows to fight global ransomware threat

You can up software supply chain security by implementing these measures

31st October

A dangerous game of hide and seek

Active Raspberry Robin Worm Launch a ‘Hands-on-Keyboard’ Attacks To Hack Entire Networks

Analysis: In Australia, a hacking frenzy spurred by an undersized cybersecurity workforce

Another White Hat Hacker Returns Funds From Platform Exploit

Australia: Defence caught up in ransomware attack

Australia's Department of Defence becomes latest victim of regional ransomware attacks

Australian Defence Contractor Hit By Ransomware

Australian Defence Department caught up in ransomware attack

Australian Defence Force communications app hit by ransomware attack

Australian Defence Force confirm data breach hack

Australian Federal Police (AFP) urge victims to report cybercrime following ransomware disruption

Azov Ransomware Runs Riot, Calls for Cyber Security Recheck

Be Alert! HTML Email Attachments Used in Phishing

Bed Bath & Beyond Are Currently Reviewing their Possible Data Breach

Bed Bath & Beyond confirms data breach following employee phishing attack

Bed Bath & Beyond data breach overview

Bed Bath & Beyond reviewing data breach

Canada: Privacy commissioner recommends ransomware insurance

Chartered Insurance Institute (CII) issues apology after data breach

Chegg sued by FTC after suffering four data breaches within 3 years

CISA, FBI, MS-ISAC Publish Guidelines For Federal Agencies on DDoS Attacks

CISA Releases Guidance on Phishing-Resistant and Numbers Matching Multifactor Authentication

ConnectWise backup solutions open to RCE, patch ASAP!

Cyber-attack on Australian defence contractor may have exposed private communications between ADF members

Cyberattacks in healthcare sector more likely to carry financial consequences

Data Breach of Missile Maker MBDA May Have Been Real

Don’t Fall for This Yahoo Mail Phishing Scam

Europe's Biggest Copper Producer Hit by Cyber-Attack

European defense contractor allegedly hit with ransomware

Every day is Phishing Season!

FBI and CISA: Here's what you need to know about DDoS attacks

Five of the most dangerous RansomOps attacks

Fodcha DDoS Botnet Resurfaces with New Capabilities

German copper smelter Aurubis in cyber attack

GitHub Repojacking Bug Could've Allowed Attackers to Takeover Other Users' Repositories

Gold Coast Based Strata Management Firm SSKB Becomes Australia’s Latest Ransomware Attack Victim

Hackers selling access to 576 corporate networks for $4 million

Hackers strike a major Australian Defence Force communications platform in latest chaos after Optus and Medibank breaches

Hackers Target Australian Defense Communications Platform With Ransomware

Hacking group abuses antivirus software to launch LODEINFO malware

How to fortify elections and electoral campaigns against human hacking

How To Respond To A Business Data Breach In Under 60 Minutes

How to Teach Colleagues About the Dangers of Phishing

Investigation Launched Into Ransomware Attack On Australian Defence Force

It’s time we got serious about the hacker-for-hire industry

Keystone Health Faces Lawsuit Over Healthcare Data Breach

King’s Seafood data breach $350K class action settlement

Label Giant Multi-Color Corporation Discloses Data Breach

Manufacturing sector has highest ransomware payments

Medibank, Australia’s biggest health insurer, suffers data breach

Michigan Medicine data breach exposes health care info of 34K patients

Microsoft Warns Attackers Now Leveraging Raspberry Robin to Distribute Clop Ransomware

Most Online Shoppers Would Leave Retailer Following Breach

New Dropper Apps on Play Store Targeting Banking and Crypto Wallets

New Zealand: Cyber minister needed as attacks ramp up

New Zip file phishing trend threatens cybersecurity

NSA shares supply chain security tips for software suppliers

OT/ICS cybersecurity threats remain high

Pakistan: Serious breach of cellphone users’ data

Phishing Attacks are on the Rise, and Cyber Awareness is One of Your Best Defenses

Phishing volumes increase 31% in third quarter

Queenslanders at risk of increased scam attacks

Ransomware: 'Amateur' Tactics Lead Fewer Victims to Pay

Ransomware attack on Ascension St. Vincent’s legacy EMR spurs breach notice

Ransomware attack on Dialog also took down defence app ForceNet

Ransomware gangs evolve as the fight against cybercrime ramps up

Ransomware hackers hit Australian defence communications platform

Russia Suspected in Truss Phone Hacking Scandal

Samsung Galaxy Store Bug Could've Let Hackers Secretly Install Apps on Targeted Devices

State of Incident Response: Asia Pacific (APAC)

Team Finance hacker returns $7M to associated projects after exploit

Telefonica suffers cyber-attack and tells its customers to do this urgently

This stealthy hacking campaign uses a new trick to deliver its malware

Tips for Choosing a Pentesting Company

Twitter’s verification chaos is now a cybersecurity problem

U.S. Bank data breach impacts 11K customers

U.S. Vision, Inc. Announces Data Breach Involving Patients of Nationwide Optometry, P.C., SightCare, Inc., and Nationwide Vision Center, LLC

Unofficial Patch Released for New Actively Exploited Windows MotW Vulnerability

US convenes over 30 countries to address ransomware as hacks of hospitals, critical infrastructure continue

Votes in Slovakia’s parliament suspended after alleged ‘cybersecurity incident’

What is a Data Breach and How to Prevent It

White House invites dozens of nations for ransomware summit

White House seeks international cooperation to thwart growing ransomware threat

Why and how cyber security should be taken seriously

Why cybersecurity insurance is essential for your business

Why Understanding Ransomware’s Root Causes Can Help Protect Against The Evolving Threats

Will cyber saber-rattling drive us to destruction?

Will deepfake cybercrime ever go mainstream?

World’s Leading Copper Producer Aurubis Suffers Crippling Cyberattack

Young Finnish man detained in absentia over data breach at Vastaamo

Ransomware Operator Claims - Week 43 2022

Welcome to last week's ROC Report, an exclusive summary of Ransomware Operator's global victims that were claimed during the period between 24th October and 30th October 2022, kindly provided by our partners.

Flag Icons created by Freepik and provided by Flaticon.

Monday 24 October 2022

Kenosha Unified School District: Wisconsin School District's "Snatch" Ransomware Attack Results In IT Systems And Operational Disruption

Data Breaches Digest - Week 43 2022

Welcome to this week's Data Breaches Digest, a catalogue of links concerning Data Breaches and Cyber Security that were published on the Internet during the period between 24th October and 30th October 2022.


30th October

5 cybersecurity mistakes that will haunt you

10 Ways to Take a Security-First Approach to Database Management

Actively exploited Windows Mark-of-the-Web (MoTW) zero-day gets unofficial patch

Air New Zealand warns of an ongoing credential stuffing attack

Australia: Cybersecurity warning on health data

Beware the rainy day: Cybersecurity matters in the cloud

Binance Hacked; Nearly $600 Million in BNB Stolen

BlackByte ransomware group hit Asahi Group Holdings, a precision metal manufacturing and metal solution provider

Bosses say they're serious about cybersecurity. It's time for them to prove it

Cost of living scams warning - the common ploys fraudsters are using to steal thousands

Cybersecurity Measures Can Protect Windows Devices From Venus Ransomware

Drinik banking malware returns: Things you can do to keep your data safe

Drivers licences with additional security measures to be issued in Victoria after Optus data breach

Former Army boss blasts Liz Truss 'ill discipline' over Kremlin phone hack

Former British Prime Minister Liz Truss's phone was allegedly hacked by Russian spies

How AI can protect water and electricity networks

How to protect yourself from identity fraud during Cybersecurity Awareness Month

How to Test a Suspicious Link Before Clicking It

Inside a US military cyber team’s defence of Ukraine

Interpol Issues Security Warning Against Metaverse Being Unsafe For Children

Malware: A Problematic Evolution

Malware Alert! This Android virus is targeting data of 18 Indian banks

Ministers creating ‘wild west’ conditions with use of personal phones

Multi-factor authentication fatigue attacks: How to shield your users?

New Azov data wiper tries to frame researchers and BleepingComputer

Sacked Sky employee demanded £40,000 or he would post details of 11,000 customers

Singapore: How the banking industry is stepping up to keep you safe in a digital world

Status of Pendragon’s data unclear after hackers issue revised ultimatum

The 13 Most Common Website Security Attacks

The Rise of CyberCrime Today

This New List Of Malware Dropper Apps On The Play Store Needs To Be Deleted Now, Claim Security Experts

Two days before elections, security breach in Shas database exposes personal details of millions of Israeli citizens

VicRoads says issuing new licences for Optus data breach victims

Weakness: Employees – the reason they are vulnerable to cyber attacks

What Brand Gets Impersonated the Most During Phishing Attacks? The Answer Might Surprise You

What Is an Infostealer? Is It Dangerous?

What Is Riskware? Here's Everything You Need to Know

What Is Zero-Knowledge Encryption and Why Should You Use It?

29th October

6 Common Types of Crypto Attacks and How to Stay Safe

6 Easy Ways to Secure Your Android Device Data

A massive cyberattack hit Slovak and Polish Parliaments

Bank Customers Beware, You Could Be Targeted By Drinik Virus

Bed Bath & Beyond reviewing possible data breach

‘Buying bad’: the black market where access to hacked Australian data can cost just $500

Cybercrime: SMEs are not below the radar

Cybercrime is emerging a big threat as technology grows

Fired Sky employee tried blackmailing broadcaster for £40,000 worth of Bitcoin

FriesDAO Loses $2.3 Million As Spate Of Exploits Continue

Google still promoting crypto phishing sites, warns Binance boss

How to Spot Customer Service Scam

Liz Truss phone hack claim prompts calls for investigation

Liz Truss' phone 'hacked by Putin spies' for top secret info and private messages

New York Post Swiftly Recovered From An ‘Insider’ Attack

The biggest threats to business data come from the digital natives

The ransomware attack is growing increasingly these past few years

Tips for helping the elderly spot and avoid phishing emails

Twilio discloses another security incident that took place in June

Twilio Reveals Another Breach from the Same Hackers Behind the August Hack

Twitter Users Receive ‘Removal Notice’ From Verified Accounts, Phishing Scam Suspected

US: Scams Expected to Increase Leading Up to Midterms Elections

What Are Privacy Coins, And Why Are They Controversial?

What New Zealand businesses need to know when taking out cyber insurance

Why are there so many data breaches? A growing industry of criminals is brokering in stolen data

Why one state will issue a million of FREE driver's licences after Optus cybersecurity data breach

Why protecting customer data matters

28th October

5 Lesser-Known Cyber Threats That You Should Be Aware of in 2023

After a cyber breach, companies risk losing employees’ trust

Amazon Prime Data Breach Causes Blushes All Round

Android malware droppers with 130K installs found on Google Play

API Attacks Have Emerged as the #1 Threat Vector in 2022

Arvig service shutdown on Tuesday was due to a cyber attack

Aurubis AG: Update on cyber attack at Aurubis

Australian Clinical Labs accused of 'sitting on' hack that saw patient data posted to the dark web

Bed Bath & Beyond reviewing possible data breach

Beware of Phishing Attacks from Dark Web Sale of Leaked Data of Online Marketplace

Bored Ape NFT and Other Crypto Worth $1 Million Stolen by Notorious Hacker

British Airways Owner Says Threat of ‘State-Sponsored Cyber Attacks’ is On the Rise Following Russia’s Invasion of Ukraine

British hacker Daniel Kaye charged in the US for running Dark Web marketplace “The Real Deal”

Canada: Cybersecurity centre warns of evolving ransomware tactics, state-sponsored threats

Chartered Insurance Institute (CII) falls victim to data breach

CISA Unveils Cybersecurity Goals For Critical Infrastructure Sectors

Cloud and Hybrid Working Security Concerns Surge

CommonSpirit IT Systems Still Offline One Month Post-Attack

ConnectWise fixes RCE bug exposing thousands of servers to attacks

ConnectWise Patches ‘Critical’ Flaw That Could Have Infected 5,000 Servers

Contrary to Popular Belief, Linux Sytems Are Now Receiving Their Fair Share of Cyberattacks

Court detains Finnish man in absentia as suspect in psychotherapy centre data hacks

Cranefly Hackers Use Stealthy Techniques to Deliver and Control Malware

Cranefly uses new communication technique in attack campaigns

Crypto Phishing: Google Displays Scam Sites When Users Search for CoinMarketCap

Cyber attack on Pennsylvania hospital compromised the data of 235,000 patients

Cyber Events Disrupt Polish, Slovakian Parliament IT Systems

Cyber-attacks on Mexican military institutions persist

Cyberattacks 2022: Key Observations And Takeaways

Cyberattacks Are Bypassing Multi-Factor Authentication

Cybersecurity Trends To Make Your Employees More Secure

Data Breaches in 2022

Data Breach Victims Sue Rhode Island Transit Agency, Insurer

Delivering visibility requires a new approach for SecOps

Drinik malware returns with a vengeance on Android phones, 18 Indian banks affected

Enterprise ransomware preparedness improving but still lacking

Europol Warns Police to Prepare for Metaverse Threats

Events D.C. hit with cyberattack, employee data likely compromised

Exploit released for critical VMware RCE vulnerability, patch now

Fallout From Medibank Hack Grows

Final Twilio Smishing Victim Count Reaches 209

Four Cybersecurity Trends Every CISO Needs To Address

FriesDAO hacked and $2.3 million stolen

FTC Settles with Online Alcohol Company Drizly Following Data Breach

GitHub fixes critical vulnerability that exposed repositories to attackers

Google fixes seventh Chrome zero-day exploited in attacks this year

Google Issues Urgent Chrome Update to Patch Actively Exploited Zero-Day Vulnerability

Government mulls stricter data breach laws. How will this affect Australian employers?

Hacker steals US$1mn worth of crypto and NFTs 24 hours

Hackers and Bad Actors Are Weaponising Your Typos

Hackers could cost your business millions – but can HR prevent it?

Hackers use Microsoft IIS web server logs to control malware

High-Severity Flaws in Juniper Junos OS Affect Enterprise Networking Devices

How do I check if I've been hacked? What should I be watching out for? Here's a cyber security expert's tips on how to protect yourself

How Small Businesses Can Shield Themselves Against Cyberattack

How to make your password uncrackable for 27,000 years

How To Stay Safe Online – Tips for Getting Cybersmart

How XDR reduces the total cost of security operations

Indianapolis Low-Income Housing Agency Hit by Ransomware

Information security vs cyber security vs network security: What are the differences?

Is the Pursuit of Autonomous Security Systems a Fruitless Task?

Keystone Health faces lawsuit for data breach that affected 235,237 patients

Largest EU copper producer Aurubis suffers cyberattack, IT outage

Lululemon, T-Mobile, DHL, Microsoft, & MORE — Top Scams & Phishing Schemes of the Week

Majority of small businesses not prepared for cyberattacks

Michigan Medicine Notifies 33K Patients of Phishing Attack

Microsoft: Raspberry Robin USB worm hits nearly 1,000 organizations in the past month

Microsoft: Raspberry Robin worm key facilitator of LockBit, Cl0p ransomware

Microsoft Authenticator gains feature to thwart spam attacks on MFA

Mining companies vulnerable to cyberattacks

More than half of UAE businesses targeted by ransomware in the past year

My Home Hospital patients caught up in Medibank hack

New York Fines Health Insurance Company $4.5M for Consumer Data Breach

Non-profits can't afford to ignore cyber risk

North Korea-backed Kimsuky gang hacking Android phones to gather intelligence

Office for Civil Rights (OCR) Highlights HIPAA Security Rule Incident Response Procedures

One in four Companies Globally have Suffered Data Breach that cost them US$1–20 million or more in the past three years

Optus reportedly sending cyber attack letters to dead people

Over 100 million accounts were breached in Q3 2022

Pakistan: Federal Board of Revenue (FBR) faces more than 70,000 cyber attacks every month

Pathology lab, Australian Clinical Labs (ACL), criticised for five-month delay in reporting patient data hack

Phishing attacks increase by over 31% in third quarter

Police are investigating the ransomware attack on the Tech Consortium

Police called after South Australian Liberal Party caught up in alleged data breach

Protecting Your Organization from Ransomware Threats: New Guidance from Ontario’s Information and Privacy Commissioner

Qbot malware rears its ugly head again

Quad’s ransomware commitment could help shore up regional software supply chains

Ransomware actors stole the personal data of 4 million Australians from Medibank's servers

Ransomware attacks are hitting heavy industry where it hurts - the wallet

Ransomware Remediation Contract Dispute Leads to Arrest, Suit in Georgia

Raspberry Robin Operators Selling Cybercriminals Access to Thousands of Endpoints

Raspberry Robin Worm Actors Linked to Clop, LockBit Ransomware Groups

Researchers Uncover Stealthy Techniques Used by Cranefly Espionage Hackers

Rise of AI-Generated, Fake LinkedIn Profiles Raises Social Engineering Challenges

Rogue employee hacks New York Post website with extremist, hate-filled headlines

Santander: Radical Action Needed to Tackle Authorized Push Payment (APP) Fraud

Scammers Target Logistics Following High Number of DHL-related Phishing Scams

See Tickets data breach: Hackers collected customers' personal data from payment checkout pages

Signs of Phishing: How to Spot a Scam

Singapore: E-commerce related phishing on the rise

South Australian Liberal Party calls police due to major data breach

Student arrested for running one of Germany’s largest dark web markets

Telefónica has confirmed a cyber attack

Tesco, Morrisons and Sainsbury's fall victim to fake phishing scam

The 7 Best Ways to Avoid Phishing Scams

The 7 Most Important Cyber Safety Topics You Should Know About

The role of bots in API attacks

These Dropper Apps On Play Store Targeting Over 200 Banking and Cryptocurrency Wallets

This Windows worm evolved into slinging ransomware. Here's how to detect it

Twilio hack investigation reveals second breach, as the number of affected customers rises

Twilio Reveals Further Security Breach

Twilio reveals it was hit by another data breach

Twilio Says It Suffered Another Data Breach This Past Summer

U.S. Bank reveals data breach involving some credit card accounts

Ukrainian Hacker Charged for Operating “Raccoon Stealer” Malware-as-a-Service

WakeMed Health & Hospitals Announces Data Breach Affecting 495,808 Patients

What Is Cybercrime?

What Is Spoofing?

Why We Need A Cyber Intelligence Revolution

Why your cybersecurity needs to be dragon-proof

With record-high data breaches, now is the time for cybersecurity storage adoption

Zero Trust Network Access (ZTNA) or VPN – Which is Better for you?

27th October

10 PayPal Scams to Watch Out For

70% increase in accounts breached globally in first half of 2022

86% of Cloud Attacks in the Healthcare Sector Result in Financial Losses or Other Damage

2022 cyber threat report details growing trends

After CommonSpirit ransomware attack: Why healthcare M&A is a ‘huge’ cybersecurity risk

Amazon accidentally exposed an internal server packed with Prime Video viewing habits

Ambulance wait times stretched up to an hour after MedStar hack

Apple fixes recently disclosed zero-day on older iPhones, iPads

Apple iOS and macOS Flaw Could've Let Apps Eavesdrop on Your Conversations with Siri

Arrested Ukrainian national charged with running Raccoon Infostealer malware

Ascension St. Vincent’s Coastal Cardiology Announces Data Breach Stemming from Recent Ransomware Attack

Australian Clinical Labs says patient data stolen in ransomware attack

Australian firms hit by industrial ransomware in 3Q

Australian Health Insurer Medibank Suffers Breach Exposing 3.9 Million Customers' Data

Biden now wants to toughen up chemical sector's cybersecurity

Binance CEO Says They’re Closer to Identifying Hacker Behind $570,000,000 Exploit

BlackCat ransomware gang claims attack on Ecuador’s army

British car retailer Pendragon suffers a LockBit ransomware attack and a $60m ransom demand

British hacker arraigned for running The Real Deal dark web marketplace

British Hacker Charged for Operating "The Real Deal" Dark Web Marketplace

Brock Information Technology Services offers tips to prevent ransomware attacks

Chrome Extensions Harboring Dormant Colors Malware Infect Over a Million PCs

CISA Releases Critical Infrastructure Security ‘Performance Goals’

Cyber responders are outnumbered and under pressure as they defend our modern way of life

Cyberattackers Target Instagram Users With Threats of Copyright Infringement

Cybersecurity’s importance and impact reaches all levels of the tech workforce

Dangers of Recent Social Media Data Breaches

Data breach possibly exposes health info for 34K Michigan Medicine patients

Data on dark web months before pathology business told customers

DHL takes top spot in brand phishing attempts

Dragos tracks shift in ransomware toward destructive attacks as ‘geopolitical tensions’ take hold

Drinik Android malware now targets users of 18 Indian banks

Establishing Advanced Persistent Security to Combat Long-Term Threats

Feds Urge Healthcare Entities to Train for Incident Response

Financial-related phishing targeting eCommerce in Singapore

Fodcha DDoS botnet reaches 1Tbps in power, injects ransoms in packets

GitHub Bug Exposed Repositories to Hijacking

Hacker Claims to Have Davenport Schools Data, Threatening Release of Information

Hacker compromises Social Security numbers of 980 patients at Minnesota hospital

Hacker Suspected Of Operating A Popular Dark Web Market Faces Federal Charges

Hackers and Bad Actors Are Weaponizing Your Typos

Healthcare Data Breach at Georgia Cardiology Practice Impacts 71K

Healthcare’s email security problem is a compliance and forensics nightmare

Hive Ransomware hackers leak stolen data from Tata Power

How cyber secure is blockchain technology?

How to Check If Your Email or Password Has Been Compromised

How to improve security awareness and training for your employees

IBM Cost of a Data Breach 2022 – Highlights for Cloud Security Professionals

Implementing Connected Place Cybersecurity Principles

In the crosshairs: why banking leaders must wake up to the ransomware challenge

Indianapolis Low-Income Housing Agency Hit by Ransomware

Indonesia: Cyber-attack targets independent media outlet

Industrial Ransomware Attacks: New Groups Emerge, Manufacturing Pays Highest Ransom

iOS Bluetooth Bug Allowed Apps to Eavesdrop on User Conversations

It's data breach season, and it’s not looking good for Australia

It’s the end of passwords as we know it

Kiss-a-Dog Cryptojacking Campaign Targets Docker and Kubernetes

Knesset website targeted by Russian hackers with alleged Kremlin ties

LinkedIn Unveils New Security Features to Tackle Fraud

Listed car dealer Pendragon has ‘contained’ cyber attack – but new deadline for data release issued by hackers

Major German energy supplier hit by cyberattack

Malicious Code: What It Is and How to Prevent It

Medibank Backtracks: All Customer Data Was Exposed to Hackers

Medibank cyber-attack: should the health insurer pay a ransom for its customers’ data?

Medibank says My Home Hospital also hit, PII and health data accessed

Medlab Pathology Breach Affects 223,000 Australians

Michigan Medicine: Data breach could have exposed health care information of more than 34k patients

Michigan Medicine notifies patients of health information breach

Microsoft Links Hacker Group Vice Society to Several Ransomware Campaigns

Microsoft links Raspberry Robin worm to Clop ransomware attacks

Monkey Drainer Thieves Almost $1 Million Ethereum, Find Details Here

More risk managers purchasing cyber insurance

More than 6,000 notified of Davenport schools hack

Nearly two-third of users’ data available on dark web

New Cryptojacking Campaign Targeting Vulnerable Docker and Kubernetes Instances

New Jersey county reports data breach for 3,900 deceased Medicaid recipients

New York Post confirms hack after website, Twitter feed flooded with threats toward Biden, AOC

New York Post hacked with offensive headlines targeting politicians

New York Post Hacker Uploads Horrifying Fake Articles Calling to 'Assassinate AOC' and 'Murder Joe Biden'

New York Post probes employee’s unauthorized postings

One in three SMEs have no cyber cover despite rising cyberattacks

Online scams to watch out for on Black Friday

OpenSSL warns of critical security vulnerability with upcoming patch

Osoyoos Farmers’ Market hit by cyber-attack

Pathology company Australian Clinical Labs reveals it was hit by cyber attack in February

Personal Finance Society (PFS) issues a statement regarding data breach

Phishing: The tip of the iceberg

Phishing scammer Monkey Drainer has pilfered as much as $1M in ETH

Phishing volumes increase over 30 percent with well-known brands as favorite targets

Poland: Senate website suffers hacker attack after Russia resolution

Ransomware: Open Source to the Rescue

Ransomware attack affects 60,000 Arvig internet users in Minnesota

Ransomware remains a top cyber risk for businesses, but new threats emerging

Remote workers leaving legal sector “wide open” to cyber-attack boom

Researchers Expose Over 80 ShadowPad Malware C2 Servers

Rhode Island Bus Service, Health Insurer Sued Over Data Breach

Russian hackers say Japan hospital paid $30,000 in ransomware attack

Security threats for businesses have reached breaking point. Here's what you need to know about protecting your own business

Singapore: Land Transport Authority (LTA) warns of phishing scams involving SMSes about unpaid ERP charges

Six Cybersecurity Trends to Stay Ahead Of

Slovakia: Cybersecurity 'incident' halts parliament

Social media phishing scams use URL redirectors to bypass security controls

Study Shows Cybersecurity Hype Complicates the Security Stack, Expands the Attack Surface

Sydney teenager accused of using Optus data breach to blackmail indicates guilty plea in court

Team Finance loses $14.5M to smart contract bug exploit

The Biggest Data Breaches Of 2022

The Highly Effective Habits Of The Modern Hacker

The US Needs A Cybersecurity Strategy Sooner, not Later

These cybersecurity vulnerabilities are most popular with hackers right now - have you patched them?

Thomson Reuters collected and leaked at least 3TB of sensitive data

Toothless: The State of Cybersecurity Compliance in Latin America

Top cybersecurity tips for business

Twilio discloses another hack from June, blames voice phishing

UK Government Supplier Interserve Fined £4.4M for Failure To Stop 2020 Cyber Attack

Ukrainian national charged for his role in ‘Raccoon Infostealer’ malware scheme

US: Cyber officials prioritizing securing critical sectors, foreign partnerships amid rising threats

Vast majority in healthcare industry hit with a cyberattack on cloud infrastructure in the last year

Vietnam: Citizens warned of cyber-attacks with phishing

West conducting cyber ‘sabotage’ on Russia, deputy foreign minister claims

What Hurricane Preparedness Can Teach Us About Ransomware

White House Launches Chemical Sector Security Sprint

Why are there so many data breaches? A growing industry of criminals is brokering in stolen data

Will A VPN Protect You From Hackers?

Your CCTV devices can be hacked and weaponized

Zero Trust and the Hybrid Workforce Security

"Zero Trust" Cybersecurity Measures Essential for Protecting Contruction Companies

26th October

7 Ways to Increase Email Security with Automated Encryption

15 Anesthesia Practices Confirm Recent Data Breach Stemming from Incident at “Management Company”

A Hacker Steals Ed-Sheeran Songs for Crypto and Goes to Jail

A quick guide for small cybersecurity teams looking to invest in cyber insurance

Australia: New governance principles in wake of Medibank cyber attack

CISA adds Apple zero-day, Cisco and Gigabyte bugs to exploited vulnerabilities list

Cuba ransomware cartel spoofs Ukraine armed forces

Cyber attack affects 60,000 Arvig customers in Minnesota

Cyber attack insurance is approved to protect French firms

Data Breach Victims Sue Rhode Island Transit Agency, Insurer

Drizly CEO named in security order following 2020 data breach

Fake Windows updates hold your files hostage and demand money for their return — avoid this ransomware

Federal Trade Commission (FTC) Taking Action Against Drizly For 2020 Data Breach

Finnair: Some customers affected by data breach of Portuguese airline

Genshin Impact developer suffers massive data breach

Genshin Impact Developers Get Attacked Resulting in Massive Data Breach

Hacker Group Affiliated With Iran-Backed Militias In Iraq Claims Cyberattacks Against Ukrainian Stock Exchange, Ministry Of Veteran Affairs

Hackers Actively Exploiting Cisco AnyConnect and GIGABYTE Drivers Vulnerabilities

Has Your Software Supply Chain Already Been Compromised?

Hive Group Admits to Leaking Data in Tata Power Ransomware Attack

Hive Ransomware Group Leaks Data Stolen in Tata Power Cyber-Attack

Indianapolis Housing Agency responds to massive system-wide ransomware attack

Interserve fined £4.4m for breach of data protection law

Iranian Hacker Group Hits Nuclear Site; Steals 50GB Of Data

Kimsuky Hackers Spotted Using 3 New Android Malware to Target South Koreans

LinkedIn's new security features combat fake profiles, threat actors

London's New Cyber Resilience Centre Set to Fight Cybercrime in the Capital

Medibank confirms hacker had access to data of all 3.9 million customers

Medibank now says hackers accessed all its customers’ personal data

Microsoft Data Breach Exposed Customer Data of 65,000 Organizations, Redmond Lashes Out at Security Firm

Microsoft fixes Windows vulnerable driver blocklist sync issue

Monkey Drainer Steals $1M Worth of Crypto in Elaborate Phishing Attack

New Cryptojacking Campaign Kiss-a-dog Targeting Docker and Kubernetes

Notorious ‘BestBuy’ hacker arraigned for running dark web market

Notorious hacker Daniel Kaye arraigned for allegedly running dark web marketplace

Over 255 million phishing attacks in 2022 so far

Over half of consumers use biometrics to secure mobile devices

Phoenix Programs of Florida, Inc. Experienced Data Breach Following Compromised Email Accounts

Ransomware attacks are down this year - but that's not really a great thing

Ransomware attempt caused statewide Arvig outage

Ransomware Gangs Ramp Up Industrial Attacks in US

Ransomware Impacts Mental Health More Than You May Think

Ransomware in the US is down 51% compared to 2021

Ransomware remains a top cyber risk for businesses

Ransomware Threat Shifts from US to EMEA and APAC

Ransomware top cyber risk for firms but new risks emerging

Retail industry the second most ransomware-targeted industry in 2021

Russia’s Sberbank repels largest cyber attack in its history

Russian hackers say Japan hospital paid $30,000 in ransomware attack

See Tickets data breach went undetected for 2.5 years

See Tickets discloses data breach, customers’ credit card data exposed

See Tickets Discloses Major Card Data Breach

See Tickets reports major credit card data breach

Shut the front door: Preventing phishing attacks

SlashNext report finds phishing attacks have risen 61% this year

Sunshine Coast Regional District (SCRD) sees a recent surge in phishing emails

Supply Chain Attacks or Vulnerabilities Experienced by 80% of Orgs

Taking Proactive Steps To Mitigate The Global Ransomware Pandemic

Template Injection Attacks: Mitigating Modern Threats

Texas Uber Drivers Victimized by Data Breach Receive $4.2M

The Job of Phishing Simulations

The Most Dangerous Cyber Attacks of 2022

These ransomware victims are making the highest ransom payments

Ticketing Service Discloses Embarrassing Credit Card Data Breach Lasting 2.5 Years

Top Cybersecurity Threats in 2022 That Businesses Are Worried About

Top NFT-Related Cybersecurity, Phishing, Hacking and Other Risks in 2022

Typosquat Campaign Targeting Android, Windows Users Now Counts 600+ Domains

U.S. Charges Ukrainian Hacker Over Role in Raccoon Stealer Malware Service

Uber Verdict Raises New Risks for Ransom Payments

Unknown Actors are Deploying RomCom RAT to Target Ukrainian Military

Urology of Greater Atlanta, LLC Announces Data Breach

Vice Society Hackers Are Behind Several Ransomware Attacks Against Education Sector

Vice Society Ransomware Campaigns Continue to Impact US Education Sector

VMware Releases Patch for Critical RCE Flaw in Cloud Foundation Platform

What Is a USB Drop Attack and How Can You Prevent It?

What Is Fargo Ransomware and How Can You Avoid It?

White House announces 100-day sprint on chemical sector cybersecurity

Wholesale retail giant Metro suffered a cyber attack that crippled its IT infrastructure

25th October

10 Tips to Protect Your Organization Against Ransomware Attacks in 2022

20 Phishing Statistics Small Businesses Should Know

22-Year-Old Vulnerability Reported in Widely Used SQLite Database Library

167,000 stolen credit card numbers Exposed via PoS Malware

Apple Fixes Actively Exploited iOS and iPadOS Zero-Day Vulnerability

Apple fixes exploited iOS, iPadOS zero-day (CVE-2022-42827)

Apple Releases Patch for New Actively Exploited iOS and iPadOS Zero-Day Vulnerability

Australia seeks stiffer penalty for data breaches amidst spate of security incidents

Breached Credentials Remain the Key Entry Point Behind Rising Ransomware Attacks

Businesses willing to pay double the ransom in 2022

Carousell Singapore Hit By Data Breach; Some Malaysian Users Are Reportedly Affected

Choice Health Insurance, LLC Confirms Recent Data Breach

Cisco warns admins to patch AnyConnect flaw exploited in attacks

CISOs struggle to articulate business impacts of cyber risks

Cyber-attack and inflation hit Clarion’s surplus

Cybercriminals Used Two Point-of-Sale (PoS) Malware to Steal Details of Over 167,000 Credit Cards

Cybersecurity is a top priority for physical security professionals

Cybersecurity teams are reaching their breaking point. We should all be worried

Data breach victims sue Rhode Island transit agency, insurer

Data Breaches Rise By 70% Globally in Q3 2022

Don’t wait for medical device cybersecurity legislation: Act now to save patients’ lives

Dutch police arrest hacker who breached healthcare software vendor

Federal Trade Commission (FTC) penalises Drizly for data breach

Four new phishing tactics to watch out for

Hacker who stole Ed Sheeran’s unreleased music to sell for crypto gets 18-month jail term in the UK

Hive claims ransomware attack on Tata Power, begins leaking data

Hive ransomware gang leaks data stolen during Tata Power cyberattack

Hive Ransomware Hackers Begin Leaking Data Stolen from Tata Power Energy Company

How the Software Supply Chain Security is Threatened by Hackers

How to Bridge the Ransomware Security Gap

How to Respond to a Cyber Attack

Iranian Atomic Energy Agency Admits Email Hack

Leading ransomware variants in Q3

LinkedIn Phishing Spoof Bypasses Google Workspace Security

LockBit 3.0, Black Basta Lead Barrage of Q3 Ransomware Attacks

LV Ransomware Exploits ProxyShell in Attack on a Jordan-based Company

Massive cryptomining campaign abuses free-tier cloud dev resources

Medibank data breach: More customers affected, attacker got in via stolen credentials

Microsoft: Vice Society targets schools with multiple ransomware families

New Cryptojacking Campaign Kiss-a-dog Targeting Docker and Kubernetes

New Mexico Radiology Practice Health Data Breach Results in PHI Exposure

Optus data breach response lands Office of the Australian Information Commissioner (OAIC) an extra $5.5m

Philippines among top phishing email targets in Southeast Asia

Phishing Scammer Has Drained $1M in Crypto and NFTs in Past 24 Hours, Says On-Chain Sleuth

Point-of-Sale (POS) Malware Used to Steal Details of Over 167,000 Credit Cards

Police Investigating Ransomware Attack Against Tech Consortium

Ransomware activity persists, but lags 2021 highs

Ransomware, Phishing Attacks top Interpol Concerns

Researchers Detail Windows Event Log Vulnerabilities: LogCrusher and OverLog

Sam Bankman-Fried Says Crypto Exchange FTX Will Dole Out One-Time $6,000,000 Reimbursement to Phishing Victims

Sam Bankman-Fried to refund FTX phishing victims — just this once

Scars of COVID-19 pandemic leave airlines vulnerable to payment fraud

Secure corporate emails with intent-based BEC detection

Security leaders assess geopolitical events affecting security in 2022

See Tickets discloses 2.5 years-long credit card theft breach

The Bishop of Hereford's Bluecoat School victim of cyber attack

The Cybersecurity Trifecta: The Secret to Immunizing PII

The long-term psychological effects of ransomware attacks

The most dangerous and destructive ransomware groups of 2022

The most popular brand for phishing attacks might surprise you

To retain cybersecurity professionals, keep remote work as an option

Ukraine Warns of Cuba Ransomware Campaign

Ukrainian charged for operating Raccoon Stealer malware service

Vivendi Announces Data Breach Stemming from Incident at the Company’s See Tickets Business

VMware fixes critical Cloud Foundation remote code execution bug

When bad things happen to good credentials

When Cyberattacks Are Acts of War, Will Insurance Protect You?

24th October

3 Steps to Take to Get Started with Identity Threat Detection and Response (ITDR)

Apple fixes new zero-day used in attacks against iPhones, iPads

Australia increases penalties for data breaches after Optus, Medibank hacks

Australia to increase maximum data breach penalty to $50 million

Australia's Data Breach Wave: Workaday Cybercrime

Australian Government to Increase Data Breach Penalties

Beware: Phishing Efforts Now Successfully Targeting Business-Related Emails

Binance is ‘narrowing down’ identity of hacker behind $570 million crypto attack

Binance Reveals Getting Closer to Identify Hacker that Drained $570M

Black Reward Hackers Steal Trove of Emails from Iran’s Atomic Energy Agency

BlackByte ransomware slinger twists the knife with data stealer

British company Interserve fined £4.4 million over ransomware attack

Can developers reduce open source cybersecurity risk?

Chrome extensions with 1 million installs hijack targets’ browsers

CISA Warns Against Ransomware Group Daixin Team Targeting Health Organizations

CISA Warns of Daixin Team Hackers Targeting Health Organizations With Ransomware

Clicker Malware Garners Estimated 20 Million Downloads

Consumer behaviors are the root of open source risk

Criminals are starting to exploit the metaverse, says Interpol. So police are heading there too

Crypto Exchange FTX to Compensate API Phishing Victims With as Much as $6M

Cuba ransomware affiliate targets Ukrainian govt agencies

Cyber attackers hack into Iran's atomic energy agency as protests over Amini's death continue

DHL Replaces LinkedIn As Most Imitated Brand in Phishing Attempts

European Police Warn of Metaverse Cyber-Threats

FBI warning: This ransomware group is targeting poorly protected VPN servers

Federal Trade Commission (FTC) seeks action against Drizly — and its CEO — for cybersecurity failures

Fighting cybersecurity risks for law enforcement: On-premises vs. cloud native systems

Fraudsters Hack Gate.io’s Twitter Account To Run Phishing Scam

FTX Chief Announces Huge Compensation to Phishing Attack Victims But With A Warning

FTX to Compensate Phishing Victims with $6 Million

Hacker who stole from Kanye West, Frank Ocean and more to serve 18 months in jail

Hackers Takeover Twitter Account of Gate.io to Promote Phishing Scam

How To: Protect the Public Sector from Increasing and Sophisticated Ransomware Attacks

How to navigate the current 5G and IoT threat landscape

Investigation reveals Simplify data breach exposed employees personal information

IoT Devices Risky Business for the Enterprise

Iran says ‘specific foreign country’ behind hacktivist leak of atomic energy emails

Iran’s atomic energy agency confirms hack after stolen data leaked online

Is cyber-security important to Pakistan?

Log4Shell, Spring4Shell, and Now Text4Shell?

Majority of mid-to-large firms suffer ransomware attack

Metro caught in week long cyber attack

Multiple RCE Vulnerabilities Discovered in Veeam Backup & Replication App

Norton warns shoppers to be vigilant as online scams rise

OlympusDAO Hacker Returns $300,000 After Reportedly Being Paid A Bounty

Outsourcer Interserve fined £4.4m for failing to stop cyber-attack

Pendragon car dealer refuses $60 million LockBit ransomware demand

Pendragon's zealous response to LockBit ransomware is a breath of fresh air

Phishing attacks in Philippines e-commerce, banks double in Q2, Kaspersky reports

Police investigating ransomware attack against Midland Information Technology Consortium (MiTCON)

Ransomware Attack Has Varying Impacts Across CommonSpirit Facilities

Ransomware group claims attack on Wisconsin school district

Security Alert: Daixin Ransomware Targets Healthcare

SideWinder APT Using New WarHawk Backdoor to Target Entities in Pakistan

South Africa has highest number of targeted ransomware, business email cyber attacks in Africa

The Human Factor of Cybersecurity: What's Putting You At Risk

“TommyLeaks” and “SchoolBoys” ransomware gangs are the same, researchers say

Toyota: Data breach involving source code hosted on GitHub

UK Construction Company Fined £4.4m for Serious Security Failings

UK-based hacker who sold unreleased Ed Sheeran tracks jailed

We're still terrible at passwords

White House Proposes IoT Security Labeling

Why Cybersecurity Awareness Month is Every Month

Why IoT Security in Healthcare is Crucial

Why Must Firms Prioritise Reactive and Preventative Cybersecurity?

Why Ransomware in Education on the Rise and What That Means for 2023

Why transparency is crucial when ransomware strikes