Editor's Message

Welcome to DBD. On March 8th we celebrated our 4th Anniversary and the 1st Anniversary of our PRiSM application, officially endorsed by the SANS Institute. Despite recent personal issues that have impacted the amount of time I have been able to dedicate to both projects, I have been doing my best to keep everything as up-to-date as possible, and I would like to take this opportunity to thank everyone for their patience and support whilst I navigate through this very difficult time. Stay safe. :)



Monday, 24 October 2022

Data Breaches Digest - Week 43 2022

Welcome to this week's Data Breaches Digest, a catalogue of links concerning Data Breaches and Cyber Security that were published on the Internet during the period between 24th October and 30th October 2022.


30th October

5 cybersecurity mistakes that will haunt you

10 Ways to Take a Security-First Approach to Database Management

Actively exploited Windows Mark-of-the-Web (MoTW) zero-day gets unofficial patch

Air New Zealand warns of an ongoing credential stuffing attack

Australia: Cybersecurity warning on health data

Beware the rainy day: Cybersecurity matters in the cloud

Binance Hacked; Nearly $600 Million in BNB Stolen

BlackByte ransomware group hit Asahi Group Holdings, a precision metal manufacturing and metal solution provider

Bosses say they're serious about cybersecurity. It's time for them to prove it

Cost of living scams warning - the common ploys fraudsters are using to steal thousands

Cybersecurity Measures Can Protect Windows Devices From Venus Ransomware

Drinik banking malware returns: Things you can do to keep your data safe

Drivers licences with additional security measures to be issued in Victoria after Optus data breach

Former Army boss blasts Liz Truss 'ill discipline' over Kremlin phone hack

Former British Prime Minister Liz Truss's phone was allegedly hacked by Russian spies

How AI can protect water and electricity networks

How to protect yourself from identity fraud during Cybersecurity Awareness Month

How to Test a Suspicious Link Before Clicking It

Inside a US military cyber team’s defence of Ukraine

Interpol Issues Security Warning Against Metaverse Being Unsafe For Children

Malware: A Problematic Evolution

Malware Alert! This Android virus is targeting data of 18 Indian banks

Ministers creating ‘wild west’ conditions with use of personal phones

Multi-factor authentication fatigue attacks: How to shield your users?

New Azov data wiper tries to frame researchers and BleepingComputer

Sacked Sky employee demanded £40,000 or he would post details of 11,000 customers

Singapore: How the banking industry is stepping up to keep you safe in a digital world

Status of Pendragon’s data unclear after hackers issue revised ultimatum

The 13 Most Common Website Security Attacks

The Rise of CyberCrime Today

This New List Of Malware Dropper Apps On The Play Store Needs To Be Deleted Now, Claim Security Experts

Two days before elections, security breach in Shas database exposes personal details of millions of Israeli citizens

VicRoads says issuing new licences for Optus data breach victims

Weakness: Employees – the reason they are vulnerable to cyber attacks

What Brand Gets Impersonated the Most During Phishing Attacks? The Answer Might Surprise You

What Is an Infostealer? Is It Dangerous?

What Is Riskware? Here's Everything You Need to Know

What Is Zero-Knowledge Encryption and Why Should You Use It?

29th October

6 Common Types of Crypto Attacks and How to Stay Safe

6 Easy Ways to Secure Your Android Device Data

A massive cyberattack hit Slovak and Polish Parliaments

Bank Customers Beware, You Could Be Targeted By Drinik Virus

Bed Bath & Beyond reviewing possible data breach

‘Buying bad’: the black market where access to hacked Australian data can cost just $500

Cybercrime: SMEs are not below the radar

Cybercrime is emerging a big threat as technology grows

Fired Sky employee tried blackmailing broadcaster for £40,000 worth of Bitcoin

FriesDAO Loses $2.3 Million As Spate Of Exploits Continue

Google still promoting crypto phishing sites, warns Binance boss

How to Spot Customer Service Scam

Liz Truss phone hack claim prompts calls for investigation

Liz Truss' phone 'hacked by Putin spies' for top secret info and private messages

New York Post Swiftly Recovered From An ‘Insider’ Attack

The biggest threats to business data come from the digital natives

The ransomware attack is growing increasingly these past few years

Tips for helping the elderly spot and avoid phishing emails

Twilio discloses another security incident that took place in June

Twilio Reveals Another Breach from the Same Hackers Behind the August Hack

Twitter Users Receive ‘Removal Notice’ From Verified Accounts, Phishing Scam Suspected

US: Scams Expected to Increase Leading Up to Midterms Elections

What Are Privacy Coins, And Why Are They Controversial?

What New Zealand businesses need to know when taking out cyber insurance

Why are there so many data breaches? A growing industry of criminals is brokering in stolen data

Why one state will issue a million of FREE driver's licences after Optus cybersecurity data breach

Why protecting customer data matters

28th October

5 Lesser-Known Cyber Threats That You Should Be Aware of in 2023

After a cyber breach, companies risk losing employees’ trust

Amazon Prime Data Breach Causes Blushes All Round

Android malware droppers with 130K installs found on Google Play

API Attacks Have Emerged as the #1 Threat Vector in 2022

Arvig service shutdown on Tuesday was due to a cyber attack

Aurubis AG: Update on cyber attack at Aurubis

Australian Clinical Labs accused of 'sitting on' hack that saw patient data posted to the dark web

Bed Bath & Beyond reviewing possible data breach

Beware of Phishing Attacks from Dark Web Sale of Leaked Data of Online Marketplace

Bored Ape NFT and Other Crypto Worth $1 Million Stolen by Notorious Hacker

British Airways Owner Says Threat of ‘State-Sponsored Cyber Attacks’ is On the Rise Following Russia’s Invasion of Ukraine

British hacker Daniel Kaye charged in the US for running Dark Web marketplace “The Real Deal”

Canada: Cybersecurity centre warns of evolving ransomware tactics, state-sponsored threats

Chartered Insurance Institute (CII) falls victim to data breach

CISA Unveils Cybersecurity Goals For Critical Infrastructure Sectors

Cloud and Hybrid Working Security Concerns Surge

CommonSpirit IT Systems Still Offline One Month Post-Attack

ConnectWise fixes RCE bug exposing thousands of servers to attacks

ConnectWise Patches ‘Critical’ Flaw That Could Have Infected 5,000 Servers

Contrary to Popular Belief, Linux Sytems Are Now Receiving Their Fair Share of Cyberattacks

Court detains Finnish man in absentia as suspect in psychotherapy centre data hacks

Cranefly Hackers Use Stealthy Techniques to Deliver and Control Malware

Cranefly uses new communication technique in attack campaigns

Crypto Phishing: Google Displays Scam Sites When Users Search for CoinMarketCap

Cyber attack on Pennsylvania hospital compromised the data of 235,000 patients

Cyber Events Disrupt Polish, Slovakian Parliament IT Systems

Cyber-attacks on Mexican military institutions persist

Cyberattacks 2022: Key Observations And Takeaways

Cyberattacks Are Bypassing Multi-Factor Authentication

Cybersecurity Trends To Make Your Employees More Secure

Data Breaches in 2022

Data Breach Victims Sue Rhode Island Transit Agency, Insurer

Delivering visibility requires a new approach for SecOps

Drinik malware returns with a vengeance on Android phones, 18 Indian banks affected

Enterprise ransomware preparedness improving but still lacking

Europol Warns Police to Prepare for Metaverse Threats

Events D.C. hit with cyberattack, employee data likely compromised

Exploit released for critical VMware RCE vulnerability, patch now

Fallout From Medibank Hack Grows

Final Twilio Smishing Victim Count Reaches 209

Four Cybersecurity Trends Every CISO Needs To Address

FriesDAO hacked and $2.3 million stolen

FTC Settles with Online Alcohol Company Drizly Following Data Breach

GitHub fixes critical vulnerability that exposed repositories to attackers

Google fixes seventh Chrome zero-day exploited in attacks this year

Google Issues Urgent Chrome Update to Patch Actively Exploited Zero-Day Vulnerability

Government mulls stricter data breach laws. How will this affect Australian employers?

Hacker steals US$1mn worth of crypto and NFTs 24 hours

Hackers and Bad Actors Are Weaponising Your Typos

Hackers could cost your business millions – but can HR prevent it?

Hackers use Microsoft IIS web server logs to control malware

High-Severity Flaws in Juniper Junos OS Affect Enterprise Networking Devices

How do I check if I've been hacked? What should I be watching out for? Here's a cyber security expert's tips on how to protect yourself

How Small Businesses Can Shield Themselves Against Cyberattack

How to make your password uncrackable for 27,000 years

How To Stay Safe Online – Tips for Getting Cybersmart

How XDR reduces the total cost of security operations

Indianapolis Low-Income Housing Agency Hit by Ransomware

Information security vs cyber security vs network security: What are the differences?

Is the Pursuit of Autonomous Security Systems a Fruitless Task?

Keystone Health faces lawsuit for data breach that affected 235,237 patients

Largest EU copper producer Aurubis suffers cyberattack, IT outage

Lululemon, T-Mobile, DHL, Microsoft, & MORE — Top Scams & Phishing Schemes of the Week

Majority of small businesses not prepared for cyberattacks

Michigan Medicine Notifies 33K Patients of Phishing Attack

Microsoft: Raspberry Robin USB worm hits nearly 1,000 organizations in the past month

Microsoft: Raspberry Robin worm key facilitator of LockBit, Cl0p ransomware

Microsoft Authenticator gains feature to thwart spam attacks on MFA

Mining companies vulnerable to cyberattacks

More than half of UAE businesses targeted by ransomware in the past year

My Home Hospital patients caught up in Medibank hack

New York Fines Health Insurance Company $4.5M for Consumer Data Breach

Non-profits can't afford to ignore cyber risk

North Korea-backed Kimsuky gang hacking Android phones to gather intelligence

Office for Civil Rights (OCR) Highlights HIPAA Security Rule Incident Response Procedures

One in four Companies Globally have Suffered Data Breach that cost them US$1–20 million or more in the past three years

Optus reportedly sending cyber attack letters to dead people

Over 100 million accounts were breached in Q3 2022

Pakistan: Federal Board of Revenue (FBR) faces more than 70,000 cyber attacks every month

Pathology lab, Australian Clinical Labs (ACL), criticised for five-month delay in reporting patient data hack

Phishing attacks increase by over 31% in third quarter

Police are investigating the ransomware attack on the Tech Consortium

Police called after South Australian Liberal Party caught up in alleged data breach

Protecting Your Organization from Ransomware Threats: New Guidance from Ontario’s Information and Privacy Commissioner

Qbot malware rears its ugly head again

Quad’s ransomware commitment could help shore up regional software supply chains

Ransomware actors stole the personal data of 4 million Australians from Medibank's servers

Ransomware attacks are hitting heavy industry where it hurts - the wallet

Ransomware Remediation Contract Dispute Leads to Arrest, Suit in Georgia

Raspberry Robin Operators Selling Cybercriminals Access to Thousands of Endpoints

Raspberry Robin Worm Actors Linked to Clop, LockBit Ransomware Groups

Researchers Uncover Stealthy Techniques Used by Cranefly Espionage Hackers

Rise of AI-Generated, Fake LinkedIn Profiles Raises Social Engineering Challenges

Rogue employee hacks New York Post website with extremist, hate-filled headlines

Santander: Radical Action Needed to Tackle Authorized Push Payment (APP) Fraud

Scammers Target Logistics Following High Number of DHL-related Phishing Scams

See Tickets data breach: Hackers collected customers' personal data from payment checkout pages

Signs of Phishing: How to Spot a Scam

Singapore: E-commerce related phishing on the rise

South Australian Liberal Party calls police due to major data breach

Student arrested for running one of Germany’s largest dark web markets

Telefónica has confirmed a cyber attack

Tesco, Morrisons and Sainsbury's fall victim to fake phishing scam

The 7 Best Ways to Avoid Phishing Scams

The 7 Most Important Cyber Safety Topics You Should Know About

The role of bots in API attacks

These Dropper Apps On Play Store Targeting Over 200 Banking and Cryptocurrency Wallets

This Windows worm evolved into slinging ransomware. Here's how to detect it

Twilio hack investigation reveals second breach, as the number of affected customers rises

Twilio Reveals Further Security Breach

Twilio reveals it was hit by another data breach

Twilio Says It Suffered Another Data Breach This Past Summer

U.S. Bank reveals data breach involving some credit card accounts

Ukrainian Hacker Charged for Operating “Raccoon Stealer” Malware-as-a-Service

WakeMed Health & Hospitals Announces Data Breach Affecting 495,808 Patients

What Is Cybercrime?

What Is Spoofing?

Why We Need A Cyber Intelligence Revolution

Why your cybersecurity needs to be dragon-proof

With record-high data breaches, now is the time for cybersecurity storage adoption

Zero Trust Network Access (ZTNA) or VPN – Which is Better for you?

27th October

10 PayPal Scams to Watch Out For

70% increase in accounts breached globally in first half of 2022

86% of Cloud Attacks in the Healthcare Sector Result in Financial Losses or Other Damage

2022 cyber threat report details growing trends

After CommonSpirit ransomware attack: Why healthcare M&A is a ‘huge’ cybersecurity risk

Amazon accidentally exposed an internal server packed with Prime Video viewing habits

Ambulance wait times stretched up to an hour after MedStar hack

Apple fixes recently disclosed zero-day on older iPhones, iPads

Apple iOS and macOS Flaw Could've Let Apps Eavesdrop on Your Conversations with Siri

Arrested Ukrainian national charged with running Raccoon Infostealer malware

Ascension St. Vincent’s Coastal Cardiology Announces Data Breach Stemming from Recent Ransomware Attack

Australian Clinical Labs says patient data stolen in ransomware attack

Australian firms hit by industrial ransomware in 3Q

Australian Health Insurer Medibank Suffers Breach Exposing 3.9 Million Customers' Data

Biden now wants to toughen up chemical sector's cybersecurity

Binance CEO Says They’re Closer to Identifying Hacker Behind $570,000,000 Exploit

BlackCat ransomware gang claims attack on Ecuador’s army

British car retailer Pendragon suffers a LockBit ransomware attack and a $60m ransom demand

British hacker arraigned for running The Real Deal dark web marketplace

British Hacker Charged for Operating "The Real Deal" Dark Web Marketplace

Brock Information Technology Services offers tips to prevent ransomware attacks

Chrome Extensions Harboring Dormant Colors Malware Infect Over a Million PCs

CISA Releases Critical Infrastructure Security ‘Performance Goals’

Cyber responders are outnumbered and under pressure as they defend our modern way of life

Cyberattackers Target Instagram Users With Threats of Copyright Infringement

Cybersecurity’s importance and impact reaches all levels of the tech workforce

Dangers of Recent Social Media Data Breaches

Data breach possibly exposes health info for 34K Michigan Medicine patients

Data on dark web months before pathology business told customers

DHL takes top spot in brand phishing attempts

Dragos tracks shift in ransomware toward destructive attacks as ‘geopolitical tensions’ take hold

Drinik Android malware now targets users of 18 Indian banks

Establishing Advanced Persistent Security to Combat Long-Term Threats

Feds Urge Healthcare Entities to Train for Incident Response

Financial-related phishing targeting eCommerce in Singapore

Fodcha DDoS botnet reaches 1Tbps in power, injects ransoms in packets

GitHub Bug Exposed Repositories to Hijacking

Hacker Claims to Have Davenport Schools Data, Threatening Release of Information

Hacker compromises Social Security numbers of 980 patients at Minnesota hospital

Hacker Suspected Of Operating A Popular Dark Web Market Faces Federal Charges

Hackers and Bad Actors Are Weaponizing Your Typos

Healthcare Data Breach at Georgia Cardiology Practice Impacts 71K

Healthcare’s email security problem is a compliance and forensics nightmare

Hive Ransomware hackers leak stolen data from Tata Power

How cyber secure is blockchain technology?

How to Check If Your Email or Password Has Been Compromised

How to improve security awareness and training for your employees

IBM Cost of a Data Breach 2022 – Highlights for Cloud Security Professionals

Implementing Connected Place Cybersecurity Principles

In the crosshairs: why banking leaders must wake up to the ransomware challenge

Indianapolis Low-Income Housing Agency Hit by Ransomware

Indonesia: Cyber-attack targets independent media outlet

Industrial Ransomware Attacks: New Groups Emerge, Manufacturing Pays Highest Ransom

iOS Bluetooth Bug Allowed Apps to Eavesdrop on User Conversations

It's data breach season, and it’s not looking good for Australia

It’s the end of passwords as we know it

Kiss-a-Dog Cryptojacking Campaign Targets Docker and Kubernetes

Knesset website targeted by Russian hackers with alleged Kremlin ties

LinkedIn Unveils New Security Features to Tackle Fraud

Listed car dealer Pendragon has ‘contained’ cyber attack – but new deadline for data release issued by hackers

Major German energy supplier hit by cyberattack

Malicious Code: What It Is and How to Prevent It

Medibank Backtracks: All Customer Data Was Exposed to Hackers

Medibank cyber-attack: should the health insurer pay a ransom for its customers’ data?

Medibank says My Home Hospital also hit, PII and health data accessed

Medlab Pathology Breach Affects 223,000 Australians

Michigan Medicine: Data breach could have exposed health care information of more than 34k patients

Michigan Medicine notifies patients of health information breach

Microsoft Links Hacker Group Vice Society to Several Ransomware Campaigns

Microsoft links Raspberry Robin worm to Clop ransomware attacks

Monkey Drainer Thieves Almost $1 Million Ethereum, Find Details Here

More risk managers purchasing cyber insurance

More than 6,000 notified of Davenport schools hack

Nearly two-third of users’ data available on dark web

New Cryptojacking Campaign Targeting Vulnerable Docker and Kubernetes Instances

New Jersey county reports data breach for 3,900 deceased Medicaid recipients

New York Post confirms hack after website, Twitter feed flooded with threats toward Biden, AOC

New York Post hacked with offensive headlines targeting politicians

New York Post Hacker Uploads Horrifying Fake Articles Calling to 'Assassinate AOC' and 'Murder Joe Biden'

New York Post probes employee’s unauthorized postings

One in three SMEs have no cyber cover despite rising cyberattacks

Online scams to watch out for on Black Friday

OpenSSL warns of critical security vulnerability with upcoming patch

Osoyoos Farmers’ Market hit by cyber-attack

Pathology company Australian Clinical Labs reveals it was hit by cyber attack in February

Personal Finance Society (PFS) issues a statement regarding data breach

Phishing: The tip of the iceberg

Phishing scammer Monkey Drainer has pilfered as much as $1M in ETH

Phishing volumes increase over 30 percent with well-known brands as favorite targets

Poland: Senate website suffers hacker attack after Russia resolution

Ransomware: Open Source to the Rescue

Ransomware attack affects 60,000 Arvig internet users in Minnesota

Ransomware remains a top cyber risk for businesses, but new threats emerging

Remote workers leaving legal sector “wide open” to cyber-attack boom

Researchers Expose Over 80 ShadowPad Malware C2 Servers

Rhode Island Bus Service, Health Insurer Sued Over Data Breach

Russian hackers say Japan hospital paid $30,000 in ransomware attack

Security threats for businesses have reached breaking point. Here's what you need to know about protecting your own business

Singapore: Land Transport Authority (LTA) warns of phishing scams involving SMSes about unpaid ERP charges

Six Cybersecurity Trends to Stay Ahead Of

Slovakia: Cybersecurity 'incident' halts parliament

Social media phishing scams use URL redirectors to bypass security controls

Study Shows Cybersecurity Hype Complicates the Security Stack, Expands the Attack Surface

Sydney teenager accused of using Optus data breach to blackmail indicates guilty plea in court

Team Finance loses $14.5M to smart contract bug exploit

The Biggest Data Breaches Of 2022

The Highly Effective Habits Of The Modern Hacker

The US Needs A Cybersecurity Strategy Sooner, not Later

These cybersecurity vulnerabilities are most popular with hackers right now - have you patched them?

Thomson Reuters collected and leaked at least 3TB of sensitive data

Toothless: The State of Cybersecurity Compliance in Latin America

Top cybersecurity tips for business

Twilio discloses another hack from June, blames voice phishing

UK Government Supplier Interserve Fined £4.4M for Failure To Stop 2020 Cyber Attack

Ukrainian national charged for his role in ‘Raccoon Infostealer’ malware scheme

US: Cyber officials prioritizing securing critical sectors, foreign partnerships amid rising threats

Vast majority in healthcare industry hit with a cyberattack on cloud infrastructure in the last year

Vietnam: Citizens warned of cyber-attacks with phishing

West conducting cyber ‘sabotage’ on Russia, deputy foreign minister claims

What Hurricane Preparedness Can Teach Us About Ransomware

White House Launches Chemical Sector Security Sprint

Why are there so many data breaches? A growing industry of criminals is brokering in stolen data

Will A VPN Protect You From Hackers?

Your CCTV devices can be hacked and weaponized

Zero Trust and the Hybrid Workforce Security

"Zero Trust" Cybersecurity Measures Essential for Protecting Contruction Companies

26th October

7 Ways to Increase Email Security with Automated Encryption

15 Anesthesia Practices Confirm Recent Data Breach Stemming from Incident at “Management Company”

A Hacker Steals Ed-Sheeran Songs for Crypto and Goes to Jail

A quick guide for small cybersecurity teams looking to invest in cyber insurance

Australia: New governance principles in wake of Medibank cyber attack

CISA adds Apple zero-day, Cisco and Gigabyte bugs to exploited vulnerabilities list

Cuba ransomware cartel spoofs Ukraine armed forces

Cyber attack affects 60,000 Arvig customers in Minnesota

Cyber attack insurance is approved to protect French firms

Data Breach Victims Sue Rhode Island Transit Agency, Insurer

Drizly CEO named in security order following 2020 data breach

Fake Windows updates hold your files hostage and demand money for their return — avoid this ransomware

Federal Trade Commission (FTC) Taking Action Against Drizly For 2020 Data Breach

Finnair: Some customers affected by data breach of Portuguese airline

Genshin Impact developer suffers massive data breach

Genshin Impact Developers Get Attacked Resulting in Massive Data Breach

Hacker Group Affiliated With Iran-Backed Militias In Iraq Claims Cyberattacks Against Ukrainian Stock Exchange, Ministry Of Veteran Affairs

Hackers Actively Exploiting Cisco AnyConnect and GIGABYTE Drivers Vulnerabilities

Has Your Software Supply Chain Already Been Compromised?

Hive Group Admits to Leaking Data in Tata Power Ransomware Attack

Hive Ransomware Group Leaks Data Stolen in Tata Power Cyber-Attack

Indianapolis Housing Agency responds to massive system-wide ransomware attack

Interserve fined £4.4m for breach of data protection law

Iranian Hacker Group Hits Nuclear Site; Steals 50GB Of Data

Kimsuky Hackers Spotted Using 3 New Android Malware to Target South Koreans

LinkedIn's new security features combat fake profiles, threat actors

London's New Cyber Resilience Centre Set to Fight Cybercrime in the Capital

Medibank confirms hacker had access to data of all 3.9 million customers

Medibank now says hackers accessed all its customers’ personal data

Microsoft Data Breach Exposed Customer Data of 65,000 Organizations, Redmond Lashes Out at Security Firm

Microsoft fixes Windows vulnerable driver blocklist sync issue

Monkey Drainer Steals $1M Worth of Crypto in Elaborate Phishing Attack

New Cryptojacking Campaign Kiss-a-dog Targeting Docker and Kubernetes

Notorious ‘BestBuy’ hacker arraigned for running dark web market

Notorious hacker Daniel Kaye arraigned for allegedly running dark web marketplace

Over 255 million phishing attacks in 2022 so far

Over half of consumers use biometrics to secure mobile devices

Phoenix Programs of Florida, Inc. Experienced Data Breach Following Compromised Email Accounts

Ransomware attacks are down this year - but that's not really a great thing

Ransomware attempt caused statewide Arvig outage

Ransomware Gangs Ramp Up Industrial Attacks in US

Ransomware Impacts Mental Health More Than You May Think

Ransomware in the US is down 51% compared to 2021

Ransomware remains a top cyber risk for businesses

Ransomware Threat Shifts from US to EMEA and APAC

Ransomware top cyber risk for firms but new risks emerging

Retail industry the second most ransomware-targeted industry in 2021

Russia’s Sberbank repels largest cyber attack in its history

Russian hackers say Japan hospital paid $30,000 in ransomware attack

See Tickets data breach went undetected for 2.5 years

See Tickets discloses data breach, customers’ credit card data exposed

See Tickets Discloses Major Card Data Breach

See Tickets reports major credit card data breach

Shut the front door: Preventing phishing attacks

SlashNext report finds phishing attacks have risen 61% this year

Sunshine Coast Regional District (SCRD) sees a recent surge in phishing emails

Supply Chain Attacks or Vulnerabilities Experienced by 80% of Orgs

Taking Proactive Steps To Mitigate The Global Ransomware Pandemic

Template Injection Attacks: Mitigating Modern Threats

Texas Uber Drivers Victimized by Data Breach Receive $4.2M

The Job of Phishing Simulations

The Most Dangerous Cyber Attacks of 2022

These ransomware victims are making the highest ransom payments

Ticketing Service Discloses Embarrassing Credit Card Data Breach Lasting 2.5 Years

Top Cybersecurity Threats in 2022 That Businesses Are Worried About

Top NFT-Related Cybersecurity, Phishing, Hacking and Other Risks in 2022

Typosquat Campaign Targeting Android, Windows Users Now Counts 600+ Domains

U.S. Charges Ukrainian Hacker Over Role in Raccoon Stealer Malware Service

Uber Verdict Raises New Risks for Ransom Payments

Unknown Actors are Deploying RomCom RAT to Target Ukrainian Military

Urology of Greater Atlanta, LLC Announces Data Breach

Vice Society Hackers Are Behind Several Ransomware Attacks Against Education Sector

Vice Society Ransomware Campaigns Continue to Impact US Education Sector

VMware Releases Patch for Critical RCE Flaw in Cloud Foundation Platform

What Is a USB Drop Attack and How Can You Prevent It?

What Is Fargo Ransomware and How Can You Avoid It?

White House announces 100-day sprint on chemical sector cybersecurity

Wholesale retail giant Metro suffered a cyber attack that crippled its IT infrastructure

25th October

10 Tips to Protect Your Organization Against Ransomware Attacks in 2022

20 Phishing Statistics Small Businesses Should Know

22-Year-Old Vulnerability Reported in Widely Used SQLite Database Library

167,000 stolen credit card numbers Exposed via PoS Malware

Apple Fixes Actively Exploited iOS and iPadOS Zero-Day Vulnerability

Apple fixes exploited iOS, iPadOS zero-day (CVE-2022-42827)

Apple Releases Patch for New Actively Exploited iOS and iPadOS Zero-Day Vulnerability

Australia seeks stiffer penalty for data breaches amidst spate of security incidents

Breached Credentials Remain the Key Entry Point Behind Rising Ransomware Attacks

Businesses willing to pay double the ransom in 2022

Carousell Singapore Hit By Data Breach; Some Malaysian Users Are Reportedly Affected

Choice Health Insurance, LLC Confirms Recent Data Breach

Cisco warns admins to patch AnyConnect flaw exploited in attacks

CISOs struggle to articulate business impacts of cyber risks

Cyber-attack and inflation hit Clarion’s surplus

Cybercriminals Used Two Point-of-Sale (PoS) Malware to Steal Details of Over 167,000 Credit Cards

Cybersecurity is a top priority for physical security professionals

Cybersecurity teams are reaching their breaking point. We should all be worried

Data breach victims sue Rhode Island transit agency, insurer

Data Breaches Rise By 70% Globally in Q3 2022

Don’t wait for medical device cybersecurity legislation: Act now to save patients’ lives

Dutch police arrest hacker who breached healthcare software vendor

Federal Trade Commission (FTC) penalises Drizly for data breach

Four new phishing tactics to watch out for

Hacker who stole Ed Sheeran’s unreleased music to sell for crypto gets 18-month jail term in the UK

Hive claims ransomware attack on Tata Power, begins leaking data

Hive ransomware gang leaks data stolen during Tata Power cyberattack

Hive Ransomware Hackers Begin Leaking Data Stolen from Tata Power Energy Company

How the Software Supply Chain Security is Threatened by Hackers

How to Bridge the Ransomware Security Gap

How to Respond to a Cyber Attack

Iranian Atomic Energy Agency Admits Email Hack

Leading ransomware variants in Q3

LinkedIn Phishing Spoof Bypasses Google Workspace Security

LockBit 3.0, Black Basta Lead Barrage of Q3 Ransomware Attacks

LV Ransomware Exploits ProxyShell in Attack on a Jordan-based Company

Massive cryptomining campaign abuses free-tier cloud dev resources

Medibank data breach: More customers affected, attacker got in via stolen credentials

Microsoft: Vice Society targets schools with multiple ransomware families

New Cryptojacking Campaign Kiss-a-dog Targeting Docker and Kubernetes

New Mexico Radiology Practice Health Data Breach Results in PHI Exposure

Optus data breach response lands Office of the Australian Information Commissioner (OAIC) an extra $5.5m

Philippines among top phishing email targets in Southeast Asia

Phishing Scammer Has Drained $1M in Crypto and NFTs in Past 24 Hours, Says On-Chain Sleuth

Point-of-Sale (POS) Malware Used to Steal Details of Over 167,000 Credit Cards

Police Investigating Ransomware Attack Against Tech Consortium

Ransomware activity persists, but lags 2021 highs

Ransomware, Phishing Attacks top Interpol Concerns

Researchers Detail Windows Event Log Vulnerabilities: LogCrusher and OverLog

Sam Bankman-Fried Says Crypto Exchange FTX Will Dole Out One-Time $6,000,000 Reimbursement to Phishing Victims

Sam Bankman-Fried to refund FTX phishing victims — just this once

Scars of COVID-19 pandemic leave airlines vulnerable to payment fraud

Secure corporate emails with intent-based BEC detection

Security leaders assess geopolitical events affecting security in 2022

See Tickets discloses 2.5 years-long credit card theft breach

The Bishop of Hereford's Bluecoat School victim of cyber attack

The Cybersecurity Trifecta: The Secret to Immunizing PII

The long-term psychological effects of ransomware attacks

The most dangerous and destructive ransomware groups of 2022

The most popular brand for phishing attacks might surprise you

To retain cybersecurity professionals, keep remote work as an option

Ukraine Warns of Cuba Ransomware Campaign

Ukrainian charged for operating Raccoon Stealer malware service

Vivendi Announces Data Breach Stemming from Incident at the Company’s See Tickets Business

VMware fixes critical Cloud Foundation remote code execution bug

When bad things happen to good credentials

When Cyberattacks Are Acts of War, Will Insurance Protect You?

24th October

3 Steps to Take to Get Started with Identity Threat Detection and Response (ITDR)

Apple fixes new zero-day used in attacks against iPhones, iPads

Australia increases penalties for data breaches after Optus, Medibank hacks

Australia to increase maximum data breach penalty to $50 million

Australia's Data Breach Wave: Workaday Cybercrime

Australian Government to Increase Data Breach Penalties

Beware: Phishing Efforts Now Successfully Targeting Business-Related Emails

Binance is ‘narrowing down’ identity of hacker behind $570 million crypto attack

Binance Reveals Getting Closer to Identify Hacker that Drained $570M

Black Reward Hackers Steal Trove of Emails from Iran’s Atomic Energy Agency

BlackByte ransomware slinger twists the knife with data stealer

British company Interserve fined £4.4 million over ransomware attack

Can developers reduce open source cybersecurity risk?

Chrome extensions with 1 million installs hijack targets’ browsers

CISA Warns Against Ransomware Group Daixin Team Targeting Health Organizations

CISA Warns of Daixin Team Hackers Targeting Health Organizations With Ransomware

Clicker Malware Garners Estimated 20 Million Downloads

Consumer behaviors are the root of open source risk

Criminals are starting to exploit the metaverse, says Interpol. So police are heading there too

Crypto Exchange FTX to Compensate API Phishing Victims With as Much as $6M

Cuba ransomware affiliate targets Ukrainian govt agencies

Cyber attackers hack into Iran's atomic energy agency as protests over Amini's death continue

DHL Replaces LinkedIn As Most Imitated Brand in Phishing Attempts

European Police Warn of Metaverse Cyber-Threats

FBI warning: This ransomware group is targeting poorly protected VPN servers

Federal Trade Commission (FTC) seeks action against Drizly — and its CEO — for cybersecurity failures

Fighting cybersecurity risks for law enforcement: On-premises vs. cloud native systems

Fraudsters Hack Gate.io’s Twitter Account To Run Phishing Scam

FTX Chief Announces Huge Compensation to Phishing Attack Victims But With A Warning

FTX to Compensate Phishing Victims with $6 Million

Hacker who stole from Kanye West, Frank Ocean and more to serve 18 months in jail

Hackers Takeover Twitter Account of Gate.io to Promote Phishing Scam

How To: Protect the Public Sector from Increasing and Sophisticated Ransomware Attacks

How to navigate the current 5G and IoT threat landscape

Investigation reveals Simplify data breach exposed employees personal information

IoT Devices Risky Business for the Enterprise

Iran says ‘specific foreign country’ behind hacktivist leak of atomic energy emails

Iran’s atomic energy agency confirms hack after stolen data leaked online

Is cyber-security important to Pakistan?

Log4Shell, Spring4Shell, and Now Text4Shell?

Majority of mid-to-large firms suffer ransomware attack

Metro caught in week long cyber attack

Multiple RCE Vulnerabilities Discovered in Veeam Backup & Replication App

Norton warns shoppers to be vigilant as online scams rise

OlympusDAO Hacker Returns $300,000 After Reportedly Being Paid A Bounty

Outsourcer Interserve fined £4.4m for failing to stop cyber-attack

Pendragon car dealer refuses $60 million LockBit ransomware demand

Pendragon's zealous response to LockBit ransomware is a breath of fresh air

Phishing attacks in Philippines e-commerce, banks double in Q2, Kaspersky reports

Police investigating ransomware attack against Midland Information Technology Consortium (MiTCON)

Ransomware Attack Has Varying Impacts Across CommonSpirit Facilities

Ransomware group claims attack on Wisconsin school district

Security Alert: Daixin Ransomware Targets Healthcare

SideWinder APT Using New WarHawk Backdoor to Target Entities in Pakistan

South Africa has highest number of targeted ransomware, business email cyber attacks in Africa

The Human Factor of Cybersecurity: What's Putting You At Risk

“TommyLeaks” and “SchoolBoys” ransomware gangs are the same, researchers say

Toyota: Data breach involving source code hosted on GitHub

UK Construction Company Fined £4.4m for Serious Security Failings

UK-based hacker who sold unreleased Ed Sheeran tracks jailed

We're still terrible at passwords

White House Proposes IoT Security Labeling

Why Cybersecurity Awareness Month is Every Month

Why IoT Security in Healthcare is Crucial

Why Must Firms Prioritise Reactive and Preventative Cybersecurity?

Why Ransomware in Education on the Rise and What That Means for 2023

Why transparency is crucial when ransomware strikes