Editor's Message

Welcome to DBD. On March 8th we celebrated our 4th Anniversary and the 1st Anniversary of our PRiSM application, officially endorsed by the SANS Institute. Despite recent personal issues that have impacted the amount of time I have been able to dedicate to both projects, I have been doing my best to keep everything as up-to-date as possible, and I would like to take this opportunity to thank everyone for their patience and support whilst I navigate through this very difficult time. Stay safe. :)

Monday 10 October 2022

Data Breaches Digest - Week 41 2022

Welcome to this week's Data Breaches Digest, a catalogue of links concerning Data Breaches and Cyber Security that were published on the Internet during the period between 10th October and 16th October 2022.

16th October

A new, more advanced hacker community is costing 100s of Indians their Instagram accounts

Australia prepares for Electric Vehicle cyber risk

CommonSpirit Hospital Chain Grappling With Ransomware Attack

Cyber attack on Bulgarian government websites traced to Russia

Cybercriminals use Hurricane Ian as lure for scams, theft of FEMA funds

Dutch police recover over 150 ransomware decryption keys

Experts issue urgent warning to anyone with an Amazon account

High School Hacker to Pay $22M in AT&T Case

How a Hacker Got Paid $50 Million for Exploiting a DeFi Protocol

India's largest power producer confirms cyberattack on its IT infrastructure

Japan police warn of cyberattacks by North Korea's infamous Lazarus hackers

Lloyds Bank issues scam warning as £1.5million lost to fake WhatsApp texts

New PHP information-stealing malware targets Facebook accounts

New ransomware attack used against Ukraine, Poland

New scam mixes phishing and calls to contaminate Android phones

Optus enlists Deloitte for forensic review following major data hack

Owner of Shein fined over handling of a recent data breach

Raising cybersecurity awareness is good for everyone - but it needs to be done better

Scammers 'taking advantage' of struggling Cambs residents during cost of living crisis with fake refund texts

Snap Employee Data Exposed Following Data Breach at Document Firm Elevate

The Ultimate Guide for Securing Your Home Network

Venus Ransomware targets publicly exposed Remote Desktop services

What Is the Discord Name and Shame Scam? How to Avoid It

Woolworths subsidiary MyDeal suffers data breach, 2.2m users affected

Zoetop to pay $1.9 million in damages following 2018 data breach

15th October

5 online threats to avoid in 2023

Almost 900 servers hacked using Zimbra zero-day flaw

Authorities name North Korea hacker group, warn of attacks on Japanese crypto assets

Beware: Here comes the latest email phishing scam

CommonSpirit Health, Flaget Hospital, recovering from randsomware attack

Crypto crime pays: Hacker of DeFi's Mango gets $50 million

Cyber crime costs rise 2000% to £90m in Norfolk - Here is how to keep safe

Cybercriminals exploit cost of living crisis to target millennials

Dutch Police Tricked DeadBolt Ransomware to Obtain Free Decryption Keys

East Renfrewshire Leisure chiefs issue apology after email blunder leads to data breach

Fake ‘Nami’ Cardano Wallet Phishing for New Bait on App Store

Fortinet urges admins to patch bug with public exploit immediately

HMRC issues Self Assessment scam warning ahead of October tax deadline

Indian Energy Company Tata Power's IT Infrastructure Hit By Cyber Attack

Microsoft says Ukraine, Poland targetted with novel ransomware attack

October becomes the Worst Month for Crypto-related Crimes

Office of the Australian Information Commissioner (OAIC) statement on MyDeal data breach

Personal Details Exposed In MyDeal Data Breach

Phishing now uses fake login windows that are virtually undetectable

Police Tricked Ransomware Gang to Obtain More than 150 Decryption Keys

Ransomware campaign targeting users via fake Windows 10, antivirus update

Rising Bot Attacks – Why is Your Organization Struggling to Deal with Them?

Russians might be behind Hacker Attacks against Bulgaria

Santander scam warning: ‘Convincing’ phishing email includes full name and postcode

Tata Power hit by cyber attack, says critical systems safe

These devices are MOST at risk of being hacked

Thumb drive with confidential Yukon government case files found in Whitehorse pawn shop

What Is the 3-2-1 Backup Strategy and How Does It Protect Your Data?

Woolworths MyDeal becomes latest target of cyber attack. What information was leaked and what can you do if you're affected?

Woolworths says 2.2 million MyDeal customers’ details exposed in data breach

Woolworths subsidiary MyDeal leaks 2.2 million customers' details

14th October

4 things CISOs need to know about software supply chain security

4 tips to protect IT employees from phishing attacks

5 recent instances where crypto hackers returned stolen funds in exchange for a bug bounty

Alternative payment methods are creating new fraud risks

Annual costs of Hackney ransomware attack exceed £12m

Another 0-Day Bug Was Found in Microsoft Exchange, and LockBit Ransomware Operators Are Exploiting It

Atlanta Airport General Manager outlines recent cyber attack of website

Australia: How to check if your identity has been stolen

Australian health insurance provider Medibank Private suffers a cyber attack

Australian police secret agents exposed in Colombian data leak

'Baby Al Capone' Agrees to Pay $22M in AT&T SIM-Swap Case

BBRG TR, LLC Reports Data Breach Compromising Consumers’ Social Security Numbers

Black Basta Uses Qakbot, Brute Ratel in Ransomware Attacks

Call for mediation meeting over NHS Highland data breach claims

Can Machine Learning Help Prevent Business Email Compromise?

Canada: Police provide tips to prevent phishing scams

Canada: Why call police after a cyber attack? Because they’re waiting for you

Charities at risk of ‘underestimating’ online fraud as one in eight experienced cybercrime last year

City of Ottawa issues warning about parking ticket phishing scam

CommonSpirit Health says system hit by ransomware attack

Cyber Attack Hits IT Systems Of Tata Power

Cyber attack increase threatens sea traffic, ports and offshore rigs

Cybersecurity blind spots: The risks hiding in your own IT environment

Document analysis company Elevate faces cyber attack impacting Snap

Education Sector Experienced 44% Increase in Cyber-Attacks Over Last Year

Election Workers Saw Phishing Surge in Primary Runup

Empress EMS 2022 Data Breach Affects Over 318K Customers, Class Action Claims

Fake Cardano Wallet Phishing for New Bait on App Store

Five scams you need to know about before Black Friday starts on November 25

Genealogy site data breach: See if your info was leaked

Growing ransomware threats require maximum data protection

Houston's St. Luke's cyberattack is leaving patients vulnerable

How to Minimize Your Risk of a Ransomware Attack

How web data is leading US cybersecurity to unreached possibilities

INTERPOL arrests ‘Black Axe’ cybercrime syndicate members

Japanese authorities warn of North Korean hacker attacks on cryptoassets

Linux, Windows and macOS Hit By New “Alchimist” Attack Framework

LockBit 3.0 malware forced NHS tech supplier to shut down hosted sites

LockBit 3.0 used in ransomware attack on Advanced that knocked out NHS 111 services

Magniber Ransomware Adopts JavaScript to Attack Individual Users

Major data breach at Woolworths offshoot

Mango DAO Offers Hacker $47M to Settle Without Pressing Charges

Mango Market's DAO forum set to approve $47M settlement with hacker

Marketing dulls Cybersecurity Awareness Month's impact

Medibank alerts customers to possible Cyber Attack

Microsoft Office 365 email encryption could expose message content

Microsoft Office 365 vulnerability lets hackers sidestep email encryption

Microsoft says Ukraine, Poland targetted with novel ransomware attack

Mirai Botnet Hits Wynncraft Minecraft Server with 2.5 Tbps DDoS Attack

Mirai Botnet Targeted Wynncraft Minecraft Server, Cloudflare Reports

MyDeal faces cyber attack, exposing data of 2.2 million users

New Chinese Cyberespionage Group Targeting IT Service Providers and Telcos

New Mexico Licensing Department subject of cyber attack

New PHP Version of Ducktail Malware Hijacking Facebook Business Accounts

New Prestige ransomware targets orgs in Ukraine, Poland

New Research Highlights Importance of Cybersecurity in Small, Medium Businesses

Optus customers affected by data breach do not need new passports, chief executive says

Parent company of fashion brands Shein and Romwe to pay $1.9m fine for mishandling a major data breach

Phishing incident may have exposed Seton patient names, clinical information

Phishing scam spoofs Google to target Spanish-language victims

Phishing scam underway for unpaid parking tickets warns City of Ottawa

Police tricks DeadBolt ransomware out of 155 decryption keys

Private Data Breach Litigation Comes of Age

Proof-of-Concept (PoC) Exploit Released for Critical Fortinet Auth Bypass Bug Under Active Attacks

Quarter of Healthcare Ransomware Victims Forced to Halt Operations

Ransomware attack confirmed at MercyOne's parent company, CommonSpirit Health

Ransomware-as-a-service group Ransom Cartel may have ties to REvil

Recent cyberattacks highlight the vulnerability of California schools

Report Shows How China Has Been Using Cyberattacks Over the Past Decade

Researchers release PoC for Fortinet firewall flaw, exploitation attempts mount

Researchers Reveal Detail for Windows Zero-Day Vulnerability Patched Last Month

SHEIN fined US$1.9mn over data breach affecting 39 million customers

Shein Holding Company Fined $1.9m For Not Disclosing Data Breach

Shein owner fined $1.9M for failing to notify 39M users of data breach

Shein owner Zoetop fined $1.9m over data breach response

Six Social Engineering Techniques Popular with Scammers

Smart buildings may be your cybersecurity downfall

Snap employee data exposed after breach at document company Elevate

Staying Cyber Secure in an Increasingly Hostile Digital Environment

Student jailed for hacking female classmates’ email, Snapchat accounts

Study Shows Attackers Designing Email Phishing Attacks To Bypass Microsoft Email Defenses, and They Are Winning

Sweeping Data Breaches Under the Bug Bounty Rug: Verdict against former Uber chief security officer highlights the risk of personal criminal liability for executives

Teen Hacker Pays $22m in Damages in AT&T SIM Swap

The Mormon Church has been hit by a major cyberattack

This unusual ransomware attack targets home PCs, so beware

Top Three Cyber Threats To Protect Your Business From In 2023

Types of Phishing Messages That Can Fool Your Email

United Health Centers of the San Joaquin Valley Reaches Proposed Data Breach Settlement

Visa: Almost 75% of global fraud and data breaches involve e-commerce

VisionWeb Holdings, LLC Reports Recent Data Breach with the Federal Government

Walmart, T-Mobile, Costco, Verizon, Amazon, USPS, Netflix, and Wells Fargo — Top Phishing Scams of the Week

Weakness in Microsoft Office 365 Message Encryption could expose email contents

What Happens When Hackers Exfiltrate Data From Your Business?

Woolworths Group's MyDeal hit by breach exposing data of 2.2 million customers

Woolworths says MyDeal data breach impacted 2.2 million customers

Zero trust: Data-centric culture to accelerate innovation and secure digital business

13th October

3 cybersecurity tips for controlling & monitoring cloud access

3-year-old given too much pain medication after cyberattack shut down MercyOne computers, parents say

60% of SMBs experienced a cyberattack in the last year

A cyber attack breached some Latter-day Saint member data. Here’s what we know

A Look at the Implications of Web3.0 on the Cybersecurity World

After a hacker issues millions of tokens, the price of XEN drops by 33%

Android security warning: These crooks phone you and trick you into downloading malware

Australian Communication and Media Authority (ACMA) probes Optus data breach

Best Practices To Help Strengthen Your Company's Security Culture

BNB Smart Chain Initiates Hard Fork After $100 Million Exploit

Budworm Espionage Group Returns, Targets US State Legislature

Budworm Hackers Resurface with New Espionage Attacks Aimed at U.S. Organizations

Canada Targeted in 141 Ransomware Attacks in 2021

Canadian organizations sustained 141 ransomware attacks last year

Cayman Islands: Cyber cops warn businesses of increased ‘ransom’ risk

Chinese APT WIP19 Targets IT Service Providers and Telcos

Client data exfiltrated in Advanced NHS cyber attack

Cloudflare mitigated record DDoS attack against Minecraft server

CommonSpirit Health confirms it was hit by ransomware attack

Consumer class actions accuse Samsung of negligence in data breach

Consumers want more transparency on how companies manage their data

Could the Cyber Threat to EV Charging Points Slow Adoption?

Counter-Strike: Global Offensive (CSGO) skins worth $6 million hacked, cs.money reveals compensation plans

Crypto Sleuth ZachXBT’s Efforts Lead to Prosecution of Alleged Bored Ape NFT Scammers

Cryptocurrency hacks already at US$718 million in October

Cyber attack recovery effort cost Hackney Council over £12m last year

Cyberattackers Spoof Google Translate in Unique Phishing Tactic

Cybersecurity Awareness Month: Amid an Evolving Threat Landscape, Defenders Continue to Weather the Storm

Dark data: The underestimated cybersecurity threat

Defending Against Vishing: Is It Really Possible?

Des Moines hospital blames cyber-attack for 3-year-old getting “MEGADOSE” medicines

Despite LockBit rebound, ransomware attacks down in 2022

Despite what that email says, you don’t have a package from BHL

Education sector needs to wise up to more cyberattacks

Everything you should know about the T-Mobile Data Breach Settlement

Experts help Indianapolis Housing Agency address cyberattack

Exploit available for critical Fortinet auth bypass bug, patch now

Fast Company says Executive Board member info was not stolen in attack

French Authorities Say They Have Nabbed a Youth Cyber-Gang That Stole $2.5 Million in NFTs

GEE Group, Inc. Reports Data Breach Following Encryption Event

Georgia State Bar says SSNs of members, employees leaked in April ransomware attack

Hacker threat represents growing strategic risk for companies

Hackers have stolen record $3 billion in cryptocurrency this year

Hackers now use thermal attacks to steal passwords in seconds

Hartnell College, FBI investigating ransomware attack

Hawaii Airport Websites Join List of Those Impacted by Hackers

Here’s 5 of the world’s riskiest connected devices

Incident Of The Week: Toyota admits to data breach after access key is posted on GitHub

Insurer Medibank hit by targeted cyberattack

Interview with Hardbit Ransomware, a new group with great ambitions

IP Cameras, VoIP and Video Conferencing Revealed as Riskiest IoT Devices

Ireland: Cost of HSE cyberattack reaches €70m

Key Ways to Manage the Legal Risks of a Healthcare Data Breach

Lake Nona Estates Management Reports Data Breach After Unauthorized Party Gains Access to the Company’s Computer Network

Lexington hospital affected by ransomware attack, some surgeries postponed

Magniber ransomware now infects Windows users via JavaScript files

Malicious WhatsApp Mod Spotted Infecting Android Devices

Mango Markets looted of $117M, hacker demands massive bug bounty settlement

Medibank reports ‘cyber incident’ following unusual activity

Mental health trusts still unable to access patient records months after attack

Middle East must be on guard against cyber attacks, says Palo Alto Networks

Modified WhatsApp App Caught Infecting Android Devices with Malware

New Alchimist attack framework hits Windows, Linux and Mac

New Alchimist attack framework targets Windows, macOS, Linux

New Axio Research Illustrates Organizations Lack Basic Cybersecurity Practices, Significantly Increasing Ransomware Exposure

New Chinese Malware Attack Framework Targets Windows, macOS, and Linux Systems

New Mexico Licensing Department subject of cyber attack

New Timing Attack Against NPM Registry API Could Expose Private Packages

NHS vendor Advanced won’t say if patient data was stolen during ransomware attack

Older generations are less likely to click phishing emails

Optus data breach exposes surveillance capitalism

Optus data breach response 'cracking' as cyber support charity fields 15,000 queries and counting

Over 40% of Indian consumers suffered data breach online

Pennsylvania Dermatology Practice Suffers Healthcare Data Breach, 33K Impacted

Personal email addresses of prospective students exposed in University of Limerick data breach

Prevent Ransomware Attacks on Critical Infrastructure

QR codes could unlock phone to hackers, security expert warns

Ransomware Attacks: To deal transparently and pay the ransom or not to pay

Ransomware statistics: Who is targeted the most?

Researchers Uncover Custom Backdoors and Spying Tools Used by Polonium Hackers

Russian DDoS attack project pays contributors for more firepower

Shein data breach results in $1.9m fine for parent company

Snap employee data exposed after breach at document company Elevate

Supply chain hacks are on the rise. But most companies aren't prepared

The IRS warns smishing attacks are on the rise

The Playbook for Human-Operated Ransomware

The Scoular Company Confirms Recent Data Breach

Toyota data breach: Japanese automaker admits data leak of 300,000 customers

Toyota reveals cyber attack leaked 300,000 customers info

UK Government Urges Action to Enhance Supply Chain Security

US election workers slammed with phishing, malware-stuffed emails

VMware Research Uncovers Evolving Nature of Emotet Malware

We must tackle Europe’s winter cyber threats head-on

What Are The Common Types of Email Phishing Attacks?

What the Uber Breach Verdict Means for CISOs in the US

What the Uber Hack can teach us about navigating IT Security

What you should look for in an MDR relationship

White House targets 3 critical infrastructure sectors for new cyber regulations

Will triple extortion ransomware truly take off?

Windows 11 Phishing Protection Feature Poses Potential Risk

Windows Exchange servers hit by LockBit ransomware

12th October

25% of Healthcare Organizations Said a Ransomware Attack Forced Them to Completely Halt Operations

34K-Record Data Breach Reported by Aesthetic Dermatology Associates

64,000 Additional Patients Impacted by Omnicell Data Breach - What is Your Data Breach Action Plan?

All Windows Get Automatic Account Lockout to Prevent Brute Force Attacks

Are your cybersecurity investments making you less resilient?

Aruba fixes critical RCE and auth bypass flaws in EdgeConnect

Black Basta Ransomware Gang Infiltrates networks via QAKBOT, Brute Ratel, and Cobalt Strike

Buffalo MRI by Windsong Radiology Reports Recent Data Breach

Claroty Found Hardcoded Cryptographic Keys in Siemens PLCs Using RCE

Combat ransomware with continuous backup software, strategy

Credential phishing attacks continue to exploit COVID-19 to target businesses

Credit card details of more than a million people dumped on dark web for hackers to access

Critical Bug in Siemens SIMATIC PLCs Could Let Attackers Steal Cryptographic Keys

Cross-Functional Collaboration is Becoming Essential for Security Professionals

Cyber bandits rebound as in-person shopping back

Cyberattacks Increase in Auto Dealerships as Hackers Take Advantage of Gaps in Protection

Cyberattacks, power outages: Why more electric vehicles on Australian roads could bring risks

Cybersecurity Threats to Health Services: Why We Should Be Concerned

Data breach prevention ranked top global cybersecurity priority

Data of 380K patients compromised in hack of 13 anesthesia practices

Digital commerce, crypto users’ now rich targets for cybercriminals

Don’t ignore cyber threat to mobiles

For most companies ransomware is the scariest of all cyberattacks

FormBook Tops Check Point's Most Wanted Malware List For September

Fortinet warns that critical authentication bypass flaw has been exploited

Gone Phishing: Don't Let Scammers Reel You In

Google Forms abused in new COVID-19 phishing wave in the U.S.

'Hacker' gets access to Mumbai police's passport verification system, clears three application

Hacker steals $116M in cryptocurrency in attack on Mango Markets

Hackers Using Vishing to Trick Victims into Installing Android Banking Malware

Hartnell College Confirms Ransomware Attack

Hospital giant's IT still poorly a week after suspected ransomware infection

How To Avoid Ransomware And The Ransoms Therein

How to Manage Your Cyber Risks

How to protect yourself from phishing attacks targeting crypto assets

Incomplete data breach records up as US debates cybersecurity authority

India: Government May Extend CERT-In Compliance Deadline By Three Months

Insider Threats and Security at the Edge

Ireland: Tirlán could be fined for data breach

JPMorgan faces cyber attack from Hacker group Killnet

Keeping it simple helps beat cyber threats

KillNet’s Malicious Call to Action Takes Airport Websites Offline

LifeBridge Health to pay $9.5 million as retribution for 2018 data breach

Lloyd’s finds ‘no evidence of compromise’ following suspected cyber attack

Mango Markets hacker proposes steep settlement

Mango Markets Hacker Provides Ultimatum: ‘Repay Bad Debt’

Mango Markets Loses $100M in DeFi Exploit, Attacker Proposing Treasury Liquidation Vote

Mars Area School District investigates network data breach

Mars K-12 district in Pennsylvania victim of ransomware attack; data leaked

Microsoft 365 Defender now disrupts ransomware

Microsoft Patch Tuesday Fixes New Windows Zero-Day; No Patch for Exchange Server Bugs

Most common types of data breaches and how they affect businesses during the festive season

New COVID-19 phishing emails may steal your business secrets

New npm timing attack could lead to supply chain attacks

North Korea Uses Crypto Hack Funds to Develop Nuclear Weapons

Phishing attacks in Southeast Asia (SEA) soar by a million compared to 2021

Physician’s Business Office data breach class action alleges company exposed protected health information

Polonium Uses Seven Backdoor Variants to Spy on Israeli Organizations

Quick Tips to Effectively Prevent, Prepare for and Navigate a Data Breach

Ransomware Attackers Target U.S. Colleges and Universities

Refund Fraud-as-a-Service Ads on Hacker Forums Increase by 60%

Russian Hackers Shut Down Dozens of State Government Websites in DDoS Attacks

Singtel's Australian IT Firm Dialog Suffers Data Breach

Skin cancer patient fears near naked photos on dark web after cyberattack on Pinnacle Health

SMBs embrace new tech but fail to invest in security

South Africans must up their game against cybercrime

Targeted Phishing Attacks That Overtook MFA – Setting up a Better Security Defense

The Long-Term Impact of a Ransomware Attack

The metaverse is coming, and the security threats have already arrived

The Philippines: Serious security breach as hacker takes over National Disaster Risk Reduction and Management Council (NDRRMC) Facebook page

This new Windows features makes password-hacking attacks much harder

Tucson data breach puts 123,500 individuals’ information at risk

Underwriters See Rising Ransomware Threats and Liability Exposure

Unofficial WhatsApp Android app caught stealing users’ accounts

US critical infrastructure, airports targeted by pro-Russia hackers

US ports and terminals targets of increased cyber security attacks

US video game publisher confirms user data is up for sale following data breach

Web companies most likely to lose your data

What Is MDR, and How Does It Benefit Healthcare Organizations?

What's on your network? These are the devices most at risk of getting hacked

11th October

2K confirms some personal data obtained in recent data breach

3 Must-Have Cyber Resilience Strategies for the Cloud-First Era

A cyber-attack takes Overwatch 2 offline for the second time in a week

A New Wave of PayPal Invoice Scams Using Crypto Disguise

Abuse of Legitimate Tools Threatens Healthcare Cybersecurity

Albania: Iran Cyber Attacks, Sites in Three Different Countries Identified

All Windows versions can now block admin brute-force attacks

Amerigroup Insurance Company Files Notice of Data Breach Involving Victims’ SSNs and Insurance Information

An Advisor’s Guide to Ransomware

Android leaks some traffic even when 'Always-on VPN' is enabled

Australia kicks off investigation into Optus data breach

Australia probes Optus cyberattack

Australian watchdogs launch probe into data breach

Auth bypass bug in FortiOS, FortiProxy is exploited in the wild (CVE-2022-40684)

Average company exposed to US$28m in data breach risk

BazarCall Callback Phishing Attacks Constantly Evolving Its Social Engineering Tactics

Blackbyte Ransomware Abuses Legit Driver to Disable Security Products

BlackByte Ransomware Exploits Vulnerable Windows Driver To Escape Detection

BlackByte ransomware uses new EDR evasion technique

Brazilian News Channel suffers ransomware attack and changes schedule as every system gets encrypted

Businesses are at risk of losing consumers post a cyber-attack

Callback Phishing Attack Tactics Evolved – Successful Attack Drops Ransomware

Calls for Better Microsoft Teams Backup as Confidential Info Sent on the Platform

Can Identity and Access Management (IAM) help save on cyber insurance?

CommonSpirit cyberattack renews patient safety concerns amid outages, care delays

Concerned by the Optus data breach? Here’s how to protect against online scams and hacks

Consumers Association of Singapore (CASE) alerts consumers to phishing emails impersonating its officers requesting for personal and bank details

Costa Rican Social Security Fund Fully Recovers After Cyber-Attack

Critical VM2 flaw lets attackers run code outside the sandbox

CSI Labs data breach hits 244K patients

Cyber threat trends in 2022H1: A shift towards new threat actors, malware and active hacking groups

Cybercriminals are having it easy with phishing-as-a-service

Dark Web Marketplace ‘BidenCash’ Hands Out 1.2 Million Stolen Credit Cards as a Promotion

DeFi Protocol Temple DAO Struck by $2.3M Exploit

Des Moines International Airport Hit By Cyber Attack

Emotet back on top as nastiest malware

Endpoint Detection and Response (EDR) is not a silver bullet

Eventus WholeHealth, PLLC Reports Data Breach After Unauthorized Party Access Employee Email Account

Every Third Industrial Computer was Under Attack in South Africa, Kenya and Nigeria in H1 2022

Explained: Why the Feds couldn’t secure a crypto hardware wallet

Facebook warns of 400 malicious apps that tried to steal your account credentials

‘Fifth domain of war’ becomes more frequent

For cyber criminals, ransomware is the popular weapon of choice

Fortinet Warns of Active Exploitation of Newly Discovered Critical Auth Bypass Bug

Fremont County web services fully restored following August cyberattack

Hackers are exploiting the very security tools providers use to protect themselves

Hacking group POLONIUM uses ‘Creepy’ malware against Israel

Hartnell College confirms suspicious activity was ransomware attack

Held to ransom – Apunipima left vulnerable after hack

High-Value Targets: String of Aussie Telco Breaches Continues

HMRC issues scam alert over fake rebates and tax demands as thousands targeted

How Chief Information Security Officers Who Work Extra Hours Could Put Employers At Risk

How the US Government is Fighting Back Against Ransomware

How to use imagination to prevent data breaches

Indonesia: Government Urged to Investigate Major Cyberattack Against Narasi Journalists

It’s time to talk about securing your innovation supply chain

Lessons from DOJ’s First Prosecution of a Company Executive Covering Up a Data Breach

Lessons from Optus cyber attack for energy and infrastructure companies

Linn-Mar Schools: Student data not affected by ransomware attack

Lloyd’s Finds No Evidence of Data Compromise From Cyber Attack

Luxembourg: Beware of fake text messages and websites

Main TransitFinance Hacker Promises to Refund Another 6,500 BNB

Meta identifies over 400 malicious apps targeting Facebook users’ data

Microsoft Exchange servers hacked to deploy LockBit ransomware

Microsoft Patch Tuesday: 84 new vulnerabilities

More cyber attacks are causing more problems – and not only for businesses

More Details of macOS Archive Utility Flaw Emerge

Most common types of data breaches and how they affect businesses during the festive season

New Android malware family uncovered

Online Threats: The human factor in most cyber breaches

Optus could face millions in fines as two new data breach investigations launched

Patient Care Delayed at Large Hospital Chain After Ransomware Attack

Phishing attacks on the rise in Malaysia, South East Asia

Pinnacle cyber attack: Beware of suspicious emails, messages and bank activity

Pro-Russian Group KillNet Claims Responsibility for 14 US Airport DDoS Attacks

Pro-Russian hackers claim responsibility for knocking U.S. airport websites offline

Protecting sensitive data in the 'golden age' of cybercrime

QANX Token Collapses 90% After $1 Million Bridge Hack

Quarter of Healthcare Ransomware Victims Forced to Halt Operations

Reduce human error cyberattacks with security training & partnerships

Remote workforces at SMBs are being left unprotected

Researchers Detail Critical RCE Flaw Reported in Popular vm2 JavaScript Sandbox

Researchers Warn of New Phishing-as-a-Service Being Used by Cyber Criminals

Retailer hit with ransomware after leaving customer data exposed

Rising premiums, more restricted cyber insurance coverage poses big risk for companies

Securing a Mobile Workforce in a Hyper-Connected World

Singapore: More than 5,000 phishing emails impersonating Consumer Association of Singapore (CASE) officers sent after cyber attack

Singtel's 'old data' first posted on dark web in Feb 2021

State of ransomware in financial services

Temple DAO becomes the latest DeFi protocol to fall victim losing $2.3M to Hacker

The 2020-2022 ATM/PoS malware landscape

The ongoing battle to secure schools from cyberattack

The war never ends on the cyber front

This dangerous new hacker tool makes phishing worryingly easy

Today’s Threat Landscape: What Associations Need to Know

Toyota Discloses Data Breach Impacting Source Code, Customer Email Addresses

Toyota discovers five-year-old email leak, customers at risk of phishing attacks

Toyota Reveals Data Leak of 300,000 Customers

Toyota Suffers Data Breach from “Mistakenly” Exposed Access Key on GitHub

Trading Standards warning about rise in energy scams

Transit Swap Hacker Receives $690K for Returning $23M in Stolen Funds

Treasury fines virtual currency exchange Bittrex for failing to catch ransomware payments

Two Australian regulators open investigations into Optus after data breach

Two-Factor Authenticaton (2FA) is over. Long live Three-Factor Authentication (3FA)!

Types of Multi-Factor Authentication (MFA)

Uber Executive’s Conviction Puts Spotlight on Secrecy About Hacking

UK arrests 17-year-old hacker, likely to be behind Uber and GTA 6 hack

Valle del Sol, Inc. Sends Out Data Breach Letters Following Unauthorized Access to the Organization’s IT Network

VMware vCenter Server bug disclosed last year still not patched

Weeks on, more Optus customers find out personal information compromised in data leak

What Is Cyber Insurance and Why Is It Important?

What to do if you’ve become a victim of a data breach

When Should You Change Your Password? Not as Often as You Think

Who Is Recruiting Your Workers? It Could Be A Hacker Group

Why do cybercriminals use malware?

10th October

1 In 4 Globally Have Suffered Data Breach

5 Ways Temporary Email Address Keep Your Email Address Hidden

6 months of phishing attacks in 2022 exceed SEA’s total number last year

10 Biggest Data Breaches of All Time - And How to Prevent Them

27 tips on dealing with a cyber attack

76% of respondents experienced reinfection following the initial cyberattack and desire greater automation and recovery orchestration from ransomware

91% of Cyber Pros Experience Mental Health Challenges at Work

A whole load of phishing emails make it past Microsoft Defender, researchers say

After Optus data breach, Singtel's second Australian unit faces cyber attack

Attack by Pro-Russian hacker group targets Colorado airports

Australian fruit company Costa Group experiences ‘malicious’ cyberattack

Banks using #BanksNeverAskThat Anti-Phishing Campaign to try to make customers less vulnerable to scams

Blackbyte Ransomware Bypass EDR Security Using Drive Vulnerability

BNB Smart Chain attacked by hacker, loses over $100 million

Board members should make CISOs their strategic partners

Businesses face perfect storm of risks

Caffeine service lets anyone launch Microsoft 365 phishing attacks

Callback Phishing And Social Engineering Scams, What They Are And How To Avoid Them

Cancer Testing, Diagnostics Lab Suffers Phishing Attack, 244K Impacted

Centenary concerned cyber attack compromised ‘main software system’

CISOs, corporate boards in wide disagreement on cyber resilience

Companies agree to settlements with consumers in data breach class actions

Costa Rican Social Security Fund Fully Recovers After Cyber-Attack

Criminal multitool LilithBot arrives on malware-as-a-service scene

Critical vm2 sandbox escape flaw uncovered, patch ASAP! (CVE-2022-36067)

Cybersecurity frameworks and your company

Cybersecurity is a Successfully Failure

Cybersecurity needs a statewide approach, state chief information officers, Deloitte say in new report

Data Poisoning: Is There a Solution?

Every Third Industrial Computer was Under Attack in South Africa, Kenya and Nigeria in H1 2022

Facebook data breach 2022: Over 1M users affected

Facebook Login Details at Risk as Meta Identifies Over 400 Malicious Apps

Feds warn healthcare organizations of ongoing abuse of legitimate security tools

Former Uber Security Chief Convicted of Covering up Two Data Breaches

Fortinet says critical auth bypass bug is exploited in attacks

Fraudster Describing Older People’s Super Funds As ‘the Ultimate Jackpot’ Pleads Guilty

Google Chrome Ranked As The Least Safe Browser: Here’s What You Need To Know

Government Accountability Office (GAO) Says Federal Agencies Could Improve Collaboration on Ransomware

Hackers can guess your password using thermal imagery

Hackers behind IcedID malware attacks diversify delivery tactics

Hackers Steal $100 Million Cryptocurrency from Binance Bridge

Here's another excellent reason not to browse adult websites at work

How AI and machine learning are changing the phishing game

How do you protect your online systems? Cultivate an insider threat

How To: Get an Attacker’s Eye View of Your Security

How to create a strong password

How to protect your agency from an island-hopping cyberattack

How to Set Up Segmentation for Better Operational Technology (OT) Security

Human-Centric No-Code Automation is the Future of Cybersecurity

Information Expected to Emerge Slowly in Hospital Chain Cyberattack

Intel Confirms Leak of Alder Lake BIOS Source Code

Intel Confirms Source Code Leak

Intel confirms the BIOS source code of Alder Lake processors leak

Iran State-Run TV’s Live Transmission Hacked by Edalate Ali Hackers

Ireland: Data Protection Commissioner (DPC) examines data breach at dairy processor Tirlán

Lack of transparency, systemic risks weaken national cybersecurity preparedness

Main hacker in Transit Swap exploit agrees to return remaining funds

Mativ Holdings, Inc. Confirms Recent Data breach Affected Employee Information

Microsoft Teams: A channel for sensitive business information sharing that needs better backup

Most common types of data breaches and how they affect businesses during the festive season

National Cyber Security Centre (NCSC): Businesses are too often 'seduced' by the attractive lure of phishing tests

Nearly half of UK adults don’t know their browsing history is visible to third parties

New Report Uncovers Emotet's Delivery and Evasion Techniques Used in Recent Attacks

Northern Data Systems, Inc. Files Notice of Data Breach Affecting Consumers’ Social Security Numbers

Only 10% of Companies Avoided Ransomware in 2022

Optus could be Australia's biggest lawsuit, worth billions

Optus data breach: International students, visa holders feel 'abandoned' by company

Optus to share breached data with banks

Patient information uploaded to internet after Pinnacle Health cyber-attack

Phishing Attack Underscores Value of Digital Security

Phishing attacks are getting more and more sophisticated

Pro-Russian hacker group attacks Denver International Airport (DIA), Colorado Springs Airport websites

Pro-Russian hacker group Killnet targeting the websites of US state governments

Pro-Russian hackers claim responsibility for knocking U.S. airport websites offline

Protecting Your Digital Infrastructure From Ransomware-as-a-Service Attacks

Push to scrap Australia privacy exemptions for political parties due to risk of data breaches

Ransomware as a Service: What Is It and How Does It Work in 2022?

Reducing Risk Across Endpoint, Identity and Cloud Surfaces

Reports suggest Social Club may have been compromised in a recent hack

Researchers Detail Malicious Tools Used by Cyberespionage Group Earth Aughisky

Resource Anesthesia of California Confirms Recent Data Breach

Rising corporate concern over cybercrime

Russian Cyber Attack Hits Websites of Multiple U.S. Airports

Russian hackers launch cyber attacks on US airports

Russian hackers suspected over cyber attack on US airports

Second Singtel subsidiary breach in a month sees customer and client data leaked

Second Singtel Unit Hit by Cyber Attack, Weeks After Massive Optus Data Breach

Self Assessment customers could be a target for fraudsters, HMRC warns

Singtel confirms 2020 data breach after cyber-attack on Optus

Singtel unit faces cyberattack weeks after Optus data breach

So how many medical records WERE accessed in CommonSpirit cyber-attack? Hospital chain goes radio silent as fears grow over sensitive data of 20 million Americans

Some U.S. travel websites knocked offline after Russian hacker group calls for attack

South Carolina's massive data breach 10 years later: Questions linger as investigation remains open

Stamp Out Insider Threats By Building Trust, Says Microsoft

State Bar of Georgia Confirms Data Breach Following Ransomware Attack

Surge in dark data a growing danger for organisations

The Continued Rise of Phishing and the Case of the Customizable Site

The key pillar of cyber resilience: backing up effectively

ThermoSecure: Cracking Passwords Using Finger Heat on Keyboards is Now Possible

This 'thermal attack' can read your password from the heat your fingertips leave behind

To Pay, or Not to Pay? Ransomware’s Conundrum for Schools

Toyota discloses data leak after access key exposed on GitHub

Toyota warns of possible data leak; warns customers of unsolicited phishing emails

Transit Finance Hacker Returns $2.74M to Victims, Sends $686K to Tornado Cash

Twisted Cyber Case Finds Former Uber Security Chief Guilty of Data Breach Coverup

Uninstall these malicious mobile apps now, Facebook warns

Unpatched Zimbra RCE bug exploited by attackers (CVE-2022-41352)

US airports taken down in DDoS attacks by pro-Russian hackers

US Department of Justice seized $22m in Bitcoin gained from ransomware attacks

Vulnerability exploitation is top initial access vector for ransomware

Washington Federal Bank Reports Data Breach Impacting Clients’ Financial Information

What are the cybersecurity essentials for charities?

What is phishing-resistant multifactor authentication? It’s complicated

Where Should You Go For Cybersecurity Guidelines?

Why bother with ransomware? The rise of ‘low effort’ extortion attacks

Why is Ransomware Still a Thing?

Will Security Teams Lose Relevance in the Age of Decentralized IT?

Zoom Phishing Scam Steals Microsoft Exchange Credentials