Editor's Message

Welcome to DBD. On March 8th we celebrated our 4th Anniversary and the 1st Anniversary of our PRiSM application, officially endorsed by the SANS Institute. Despite recent personal issues that have impacted the amount of time I have been able to dedicate to both projects, I have been doing my best to keep everything as up-to-date as possible, and I would like to take this opportunity to thank everyone for their patience and support whilst I navigate through this very difficult time. Stay safe. :)

Monday 5 December 2022

Data Breaches Digest - Week 49 2022

Welcome to this week's Data Breaches Digest, a catalogue of links concerning Data Breaches and Cyber Security that were published on the Internet during the period between 5th December and 11th December 2022.

11th December

3Commas denies staff members stole API keys

33% of global consumers are data breach victims via hacked company-held personal data

AIIMS Delhi Ransomware Attack Was Deliberate, Targeted; National Investigation Agency (NIA) Probe Underway

Australia's Telstra suffers privacy breach, 132,000 customers impacted

Better Business Bureau warning holiday shoppers to beware the top 12 scams of Christmas

Bluebugging Explained

Clop ransomware partners with TrueBot malware for access to networks

Criminals commercialising cybercrime

Dozens of parliament IT devices used by MPs and Lords go missing

DraftKings Breached, Consumers Urged to Change Passwords

Hacker Steals $6.9 Million From Arbitrum-Based Defi Protocol Lodestar Finance

Increasingly sophisticated, borderless cyberattacks on Japan health facilities test police

India: ‘We found patient data on sale on dark web for less than USD 100’

Malaysia Launches Investigation Into AirAsia Ransomware Attack

Ontario alerting 360,000 their personal information taken in data breach

Remote browser isolation could be your secret superpower against phishing

Smart Contract Audits Are Your First Line of Defense Against DeFi Exploits: Here's Why

Student loan scams – How to stay safe online at university

Telstra blames 'database misalignment' not hacking on data breach after details of 132,000 customers publicly exposed

Telstra sorry for private data online leak

What is Social Engineering and what do these attacks consist of?

WhatsApp Finds that 2 in 3 Singaporeans Are not Reporting Scam Messages: Here's Why It's Important to Report Them

10th December

130,000 Telstra customers exposed in data breach

All India Institute of Medical Science (AIIMS) Cyber Attack: A Serious Threat To National Security

AirAsia ransomware attack: Probe ongoing to find source and impact of compromised data

Air-gapped PCs vulnerable to data theft via power supply radiation

At least 4,460 vulnerable Pulse Connect Secure hosts are exposed to the Internet

Cisco Warns of High-Severity Unpatched Flaw Affecting IP Phones Firmware

Cyberattack has kept an entire nation's government offline for over a month

Cybersecurity: Data of about 6 lakh Indians is reportedly being sold online for Rs 490 each

Data of 242,000 customers was stolen from VkusVill. The company confirmed the leak

Even the Pros Get Compromised When They Forget These Security Basics

Hack-for-Hire Group Targets Travel and Financial Entities with New Janicab Malware Variant

Latest Cyberattack on LJ Hooker by a Ransomware Gang

Medibank improves security systems following data breach

Microsoft data breach: what we know so far

New MuddyWater Campaign Uses Legitimate Remote Administration Tools to Deploy Malware

Private data of 6 lakh Indians hacked, sold on bot markets for under Rs 500

Putin loyalists poised to target UK with devastating attacks ‘cannot be underestimated’

Researchers Detail New Attack Method to Bypass Popular Web Application Firewalls

South Africa: Capitec warns of December rise in banking scams – what to look out for

Taiwan: New Power Party (NPP) lawmakers urge registration data breach probe

Top 9 Internet Security Threats You Should Know

US Department of Health and Human Services (HHS) warns healthcare orgs of Royal Ransomware attacks

Vietnam: Businesses worry about ransomware in Operational Technology (OT) environment

Web3 security opportunities and the lessons we must learn from Web2

9th December

3 major cybersecurity predictions for the new year

5 geopolitical risk factors affecting organizations in 2023

9 out of 10 APAC organisations state digital trust is "extremely important"

600K Indian Users’ Data Being Sold For INR 490 On Bot Markets

360,000 Ontarians to be notified about vaccination data breach, government says

Adapt or die: Why cybersecurity companies must become data companies to survive

AI-generated soft porn to voice cloning, here’s how tech becomes a tool for scams

Antivirus and EDR solutions tricked into acting as data wipers

At least 400,000 new malicious files detected daily in 2022

Australia: Cyber attack on local credit union

Australia arrests 'Pig Butchering' suspects for stealing $100 million

BrandShield Report Shows Global Surge in Qatar World Cup Cyber Fraud

Business Email Compromise (BEC) Attacks Expand Beyond Email and Toward Mobile Devices

Centralising secrets: How organizations can manage identity and credentials

Cisco discloses high-severity flaw impacting IP Phone 7800 and 8800 Series

Cloud Atlas targets entities in Russia and Belarus amid the ongoing war in Ukraine

CloudSEK Employee’s Jira Credentials Stolen through a Compromised Company Laptop

Cobalt Mirage Affiliate Uses GitHub to Relay Drokbk Malware Instructions

Combatting fraudsters is a ‘cat-and-mouse’ game

CommonSpirit Health says patient data was stolen during ransomware attack

Conway Regional Medical Center Reaches $295K Settlement Over Healthcare Data Breach

Crikey! Not Another One! Lessons Learned From Australia’s Wave of Breaches

Crypto Hitting ‘Mother Of All Economic Crises’ Threatens North Korea

Cyber attack on key South Australian government partner under investigation

Cyber Security Firm CloudSEK Points Finger at Rival Over Breach

Cybersecurity firm ‘sniffed out’ hacked Tirupati hospital data on dark web. Now, it’s a ‘victim’ too

Data breach of Ontario's vaccine booking system affects hundreds of thousands, province says

Data-and-Dash: Cybersecurity and the Food Industry

Developers ignoring ‘best practice’ on mobile app security

Elon Musk “Freedom Giveaway” Crypto Scam Spread on Twitter

Embattled Medibank faces 48-hour outage as cyber security upgrade begins

Fake Christmas Shops (Louis Vuitton), PayPal, USPS Shipping, & MORE – Top Scams & Phishing Schemes of the Week

Fears for Australia's rich and famous as real estate agency in nation's most exclusive beachside suburb is hacked and sensitive details published online

Feds Charge Nigerian National with Compromising Email Accounts of Pharmaceutical Employees, Money Laundering

Fraudulent Funds Transfer (FFT) and ransomware are top drivers of cyber loss

Government Sets Out New Rules to Enhance App Security

Government to Fund Security Studies for Hundreds of Students

Hacked AIIMS Server Partly Restored After Two Weeks, Ransomware Attack Deliberate

Has Your Email Address Leaked to the Dark Web? How to Check and What to Do

Healthcare Organizations Warned of Royal Ransomware Attacks

Healthcare systems face a “royal” cybersecurity threat from new hacker group

HomeTrust Mortgage reports data breach following ransomware attack

How Can SMEs Improve Their Cybersecurity Resilience?

How to Easily Recognize Scam Online Casinos

How web isolation can help boost defences against evasive and adaptive cyber threats

Inside NATO’s Cyber Range: How armies prepare against attack and why nations must work together

Iranian APT seen exploiting GitHub repository as C2 mechanism

Key Risks and Challenges for Data Security in the Cloud

Knox College president addresses ransomware incident as notorious group claims credit

LastPass class action claims data breach result of faulty security

Leveraging the full potential of zero trust

Local governments allegedly targeted with Iranian ‘Drokbk’ malware through Log4j vulnerability

Malaysia: 18 Bursa main board-listed companies had active malware infections in November

Met Opera, Reeling From Cyberattack, Will Sell Tickets on New Site

Microsoft, Nvidia, and Other Cyber Attacks Will Be Investigated by Department of Homeland Security (DHS)

MuddyWater Hackers Target Asian and Middle East Countries with Updated Tactics

New Truebot Malware Variant Leveraging Netwrix Auditor Bug and Raspberry Robin Worm

Official Android warning for all users – never ignore three steps that keep your payment info safe

One year on: Log4Shell’s Armageddon that never was

Personal data of 6 lakh Indian hacked and sold on bot markets for Rs 490 each

Rackspace warns of phishing risks following ransomware attack

Ransom gang stepping up attacks, analyst warns

Ransomware Attack on AIIMS Delhi Servers Deliberate, Targeted

Ransomware Gang Hacks Belgian Police Unit While Targeting Municipality, Leaks Investigation Reports

Ransomware-Wielding Criminals Increasingly Hit Healthcare

Recognize the commonalities in ransomware attacks to avoid them

Research reveals where 95% of open source vulnerabilities lie

Researchers Uncover New Drokbk Malware that Uses GitHub as a Dead Drop Resolver

Retail giant Vevor leaked user location and payment data for almost five months

San Antonio’s Rackspace is Grappling with a Ransomware Attack

Security Concerns Scupper Deals for Two-Thirds of Firms

Software Supply Chain Attacks Leveraging Open-Sources Repos Growing

Student loan scams – How to stay safe online at university

Telecom financial frauds up as more upgrade to 5G

Teleperformance USA Notifies Consumers of Leaked Social Security Numbers Following Recent Data Breach

The biggest data breaches and leaks of 2022

The cloud is a growing target for cyberattacks

The importance of cybersecurity in sports

The new workplace imperative: Authenticate anywhere, access everywhere

This ransomware gang is a right Royal pain in the AES for healthcare orgs

Truebot Malware Activity Increases With Possible Evil Corp Connections

Turkey charges journalist who disclosed government data breach

UK Government Calls for Industry Input on its Cybersecurity Strategy

Upper Peninsula Power Company Reports Recent Data Breach Compromising SSNs of More than 39k Customers

US Department of Health warns of ‘increased’ Royal ransomware attacks on hospitals

Vanuatu Government Struggling Back Online After Cyberattack

Veros Credit Files Notice of Data Breach Affecting Consumers’ Social Security Numbers

Vienna’s Musikverein is taken down

Voyager Worldwide hit by cyber attack

What HR Departments Need to Know About Data Security

What Is Key to a Robust, Reliable and Secure Web3?

What Stricter Data Privacy Laws Mean for Your Cybersecurity Policies

Why deepfake phishing is a disaster waiting to happen

Why is Robust API Security Crucial in eCommerce?

Wing Financial Files Notice of Data Breach Affecting Over 240k Clients

Zombinder on Dark Web Lets Hackers Add Malware to Legit Apps

8th December

6 Ways Your Privacy and Security Were Threatened in 2022

Acuity Brands Reports Data Breach Impacting More than 37k Employees' Sensitive Information

Akamai Research Shows Asia-Pacific and Japan (APJ) Surpasses North America in Web Application and API Cyberattacks

Amnesty International Canada says it was targeted by Chinese cyberespionage threat groups

Antwerp City Services Down After Ransomware Attack

Apple Introduces New Data Protections to Increase Cloud Security

As states report more attacks on their critical infrastructure, Colorado says it's as prepared as it can be

Australia to hunt down hackers, sets 'most cyber-secure country by 2030' target

Australia witnessed 16 major cyber-attacks as hackers attempt to steal ‘sensitive data’

Automated dark web markets sell corporate email accounts for $2

Black, Gould & Associates, Inc. Notifies Over 42,000 Consumers of Recent Data Breach

BlackByte Ransomware Takes an Extra Bite Using Double Extortion Methods

Business email compromise attacks going mobile via SMS and social media apps

Cambridge Water says customers' names, addresses, and banking details were stolen in the South Staffs Water hack

Canada: Half of small businesses falling prey to cyber attack

Christmas shopping scams: How to stay safe online

Cisco discloses high-severity IP phone bug with exploit code

Class Action Filed Against Blackhawk Network for Failure to Secure Consumer Data Leading to Breach

Cloud Security: Maintaining Least Privilege

CommonSpirit Health ransomware attack exposed data of 623,000 patients

Consumers prioritize mobile app security over features

Conway Regional Medical Center Reaches $295K Settlement Over Healthcare Data Breach

Cyber scammers are scamming each other, and revealing dark web secrets along the way

Cyber-criminals Scammed Each Other Out of Millions in 2022

Cyberattack alert! FIFA World Cup falls prey to hackers

Cybercriminals are scamming each other, tipping off law enforcement

Cybersecurity Best Practices for Banking Institutions in the Digital Age

Cybersecurity expert warns businesses against increasingly sophisticated attacks

Data protection and security in 2023

Deception Technology: How to Trick Cybercriminals Into Focusing on a Decoy

Fingerprinting: Is It Really a Privacy Threat?

FTX hires forensics team to find customers’ missing billions

Gloucestershire is one of the least cyber secure counties in the south west

Google Warns of Internet Explorer Zero-Day Vulnerability Exploited by ScarCruft Hackers

Hacked corporate email accounts used to send MSP remote access tool

Hackers are still finding - and using - flaws in Internet Explorer

Hacking as a Service: The dark side of corporate sabotage

Hacking US companies seems welcome in Russia, former FBI agent believes

HHS warns Royal ransomware threat targeting healthcare providers

Hive Ransomware Group Leaks Data From European Retailer

How cyber insurance helps in countering rising levels of cyber threats

How significant will cryptocurrency risks be in 2023?

How To Build A More Resilient IT Department While Cutting Costs

How to Mitigate the Cyber Risks of Energy Blackouts

How to Protect Your Organization From Account Takeovers

Incident of the Week: Metallica encourages fans to seek and destroy crypto scams

India is dangerously unprepared for Chinese cyber-war. AIIMS ransomware attack shows why

Investment Fraud Gang May Have Made $500m

Iranian APT Agrius Targets Diamond Industry Worldwide With Fantasy Wiper

'Iranian Cyberattacks Are Improving - but They Have Made Many Mistakes'

Iranian Hackers Strike Diamond Industry with Data-Wiping Malware in Supply-Chain Attack

Is VoIP Telephony 100% Cybersecure? Tips to Avoid Deceptive Actions

Lack of Cybersecurity Expertise Poses Threat for Public-Safety Orgs

Leading cyber risks & trends in 2022

Medibank set for system-wide weekend shutdown

Medibank to shut down IT systems to bolster security following huge data breach

Met Opera in NY reports crippling cyberattack

Metropolitan Opera dealing with cyberattack that shut down website, box office

Microsoft has discovered a new scam targeting crypto firms on Telegram

New Amazon Scam Tricks You Into Giving Up Control of Your Computer

New Cybersecurity Laws Coming for UK MSPs

New Gov.uk scam email: stay alert to the latest scam tactic

New 'Zombinder' platform binds Android malware with legitimate apps

Nigerian National Charged with $8 Million Computer Hacking, Wire Fraud, and Money Laundering Activities

On hacking forums, even the scammers aren’t safe

One Brooklyn Health Not Over November Cyber Incident

Online Retailer Giant Exposed User Data and Over 1 Billion Records

Outsourced HR Firm Sequoia One Undergoes Data Breach

Over 31,000 Patients Impacted by Drive Compromised in Cyber Attack

Overcoming the security risk of messaging apps - can businesses control communications channels use

PayPal email scams are back: how to spot a dodgy message

Pennsylvania Amends Data Breach Notification Law

Phishing in the Cloud: We're Gonna Need a Bigger Boat

Phishing Scams: How To Recognize A Scam Email, VOIP call, or Text

Popular HR and Payroll Company Sequoia Discloses a Data Breach

Prioritizing Ransomware Readiness for Critical Infrastructure

Privacy of nearly 58,500 people breached in 2021 cyberattack on Newfoundland and Labrador health care

Protecting the modern cloud environment with cloud email security

Rackspace scrambles to assist customers as ransomware probe continues

Rackspace stock falls after confirming ransomware attack behind last week's email 'security incident'

Ransomware attack on AIIMS Delhi servers deliberate, targeted

Ransomware attack on New Zealand's IT provider impacts multiple government ministries and authorities

Ransomware Warranties: Gimmick or Guarantee?

Real estate agency LJ Hooker hit with data breach

Researchers Uncover Darknet Service Allowing Hackers to Trojonize Legit Android Apps

Russia’s VTB bank hit by largest DDoS attack

Scammers Using Google Forms With SPF Insignia To Trick Victims, Singaporeans Urged To Be Aware

Securing the operational technology network

South Korea: Government to step up fight against phone phishing scams

South Korea: North Korea Launched Cyber Attack Using Itaewon Tragedy

Stolen data of 600,000 Indians sold on bot markets so far

Suncoast Skin Solutions Announces Data Breach Following Apparent Ransomware Attack

Taiwan: Latest data breach shows updated details about Taiwan Vice President, top national security chief

The Cost of a Data Breach and the Need for SSL Security

The Internet-Based Threats Putting Your Organization at Risk

Three cloud security lessons learned in 2022 – and the path forward

Ukraine-Russia War: Putin Hedging on Cyberwarfare

US: These 7 states face the highest risk of identify theft and fraud

US Health Department warns of Royal Ransomware targeting healthcare

US Sues TikTok Over Child Safety and Data Security Claims

Web Application And API Cyberattacks Grow by 449%

Weep for the cybercriminals who fell for online scams and lost $2.5m last year

What is FIDO2 Authentication?

What is Social Engineering? And How to Protect Yourself

Why are there so many data breaches in the education sector?

Why Early Threat Detection Is Important In K-12 Cloud Security

7th December

3 Extended Internet of Things (xIoT) Attacks Companies Aren't Prepared For

3 new phishing attacks that will catch advisers off-guard

5 Cryptocurrency Scams you Need to Avoid

7 reasons why you must embed trust into the core of your business

10 Cybersecurity Predictions for 2023

10 Warning Signs That Your Phone Is Spying On You

2023 Predictions: API Security the new Battle Ground in Cybersecurity

Adams-Friendship Area School District hit by ransomware

Amnesty International Canada claims attack by China-backed forces

Android security update fixes more than 80 security vulnerabilities - including four critical

Archive file formats discovered as most common way to deliver malware

Australia: Privacy commissioner to investigate Medibank

Beware the ‘phishermen’ – and don’t take the bait

Chinese Hackers Using Russo-Ukrainian War Decoys to Target APAC and European Entities

Cisco Survey Reveals Increased Focus on Cybersecurity Resilience

Cloud is growing target for cyberattacks

CloudSEK claims it was hacked by another cybersecurity firm

CloudSEK Pins Blames for Hack on Other Cybersecurity Firm

Colombian healthcare giant Keralty targeted by RansomHouse gang; forced to suspend operations

CommonSpirit Health says some patient information accessed in ransomware attack

Conway Regional Medical Center data breach $295K class action settlement

CryptosLabs ‘pig butchering’ ring stole up to $505 million since 2018

Cuban Foreign Ministry denounces cyber-attack

Cyber will be the biggest risk code for Lloyd’s in 2023

Cybersecurity adoption hampered by shortage of skills and poor product integration

Demystifying Cyber Insurance: 7 Key Security Controls Every Organization Should Have

Don’t get phished over the holidays

Elon Musk's Twitter followers targeted in fake crypto giveaway scam

Fear of cyberattacks drives SMBs to spend more on software

Five tips to keep yourself safe on social media

Fraudulent Funds Transfer (FFT) and Ransomware Represent Over Half of Cyber Insurance Claims in 2022

Google: North Korean government hackers used Internet Explorer zero-day to target South Korea users

Google: State hackers still exploiting Internet Explorer zero-days

Hackers use new Fantasy data wiper in coordinated supply chain attack

How Can Businesses Predict Hacking Activity and Be Prepared?

How do I protect myself against malware?

How Does Cyber Technology Affect Security?

How Railroads Mitigate Cyberthreats Against Their Networks

How to prevent against increasingly personalized attacks from hackers

How to protect your school from cyber attacks

How to Use a Phishing Simulation to Train Employees

Human Rights Watch details Iran-backed phishing campaign against activists

India: Will Digital Personal Data Protection Bill Finally Protect Users From Data Breaches?

Insider Risks Hamper the Digital Transformation Process

Insight Global COVID-19 tracing data breach class action settlement

Iranian hackers accused of targeting diamond industry with wiper malware

IT Army of Ukraine Hit Russian Banking Giant with Crippling DDoS Attack

Jim Koons Automotive Co. data breach class action settlement

Justice Hacked: When Cyber Criminals Come for the Courts

Major cloud, email hosting provider blames ransomware attack for outage

Malaysia: Think tank calls for greater transparency in data breach probes

Many SMBs still just aren't equipped to deal with cyberattacks

Metropolitan Opera Suffers Cyber Attack

Microsoft: (Cyber) winter is coming as DDoS attack disrupts Russian bank

Microsoft Alerts Cryptocurrency Industry of Targeted Cyberattacks

Microsoft Warns of Scammers Targeting Crypto Startups With ‘Weaponized’ Excel Files

Microsoft encourages 'strong cyber hygiene' in light of increasing Russian cyberattacks

Microsoft Warns Cryptocurrency Firms Against Complex Cyber-Attacks

Microsoft warns that Russian cyberattacks may extend beyond Ukraine

Millions of people have had their data sold on bot markets

NatWest warns of new phishing email which aims to scam you out of your bank details

New Babuk Ransomware Found in Major Attack

New Go-based Botnet Exploiting Exploiting Dozens of IoT Vulnerabilities to Expand its Network

New Zealand Privacy Commissioner Investigates Mercury IT Ransomware Attack

New Zealand government compromised in third-party cyber attack

New Zerobot malware has 21 exploits for BIG-IP, Zyxel, D-Link devices

Nine cybersecurity predictions for 2023 that’ll keep business owners up at night

Optus, Medibank – and supply chains flying under the radar

Police Dismantle SIM Swapping Gang in Spain

Rackspace: Ransomware attack to blame for ongoing outage

Rackspace email outage confirmed as ransomware attack

Rackspace hit with ransomware attack impacting thousands of customers

Ransomware Attack Impacts MSP’s Downstream Customers

Ransomware-hit SSP under broker fire amid latest issues

Researchers Weaponize Machine Learning Models With Ransomware

Russia's VTB Bank Suffers its Biggest Ever DDoS

Russia's VTB Bank targeted by a DDoS attack

Russian Espionage APT Callisto Focuses on Ukraine War Support Organizations

Russian Hackers Spotted Targeting U.S. Military Weapons and Hardware Supplier

Scammers trick victims into filling in Google forms with 'Singapore Police Force' insignia

Security Practitioners Lack Dark Web Threat Intelligence Training

Security Risks Found in Millions of Extended Internet of Things (XIoT) Devices

South Staffs Water customers criticise 'scary gobbledy-gook' messages after cyber attack

Spanish police take down Black Panthers gang that used social engineering to con banking users

Spyware Vendor’s Heliconia Framework Exploits Browser Vulnerabilities

Suffolk University Reports Data Breach Impacting Thousands of Current and Former Students

Supply Chain Web Skimming Attacks Hit Dozens of Sites

Tarentum investigating after falling victim to online scam for nearly $140,000

Texas appraisal districts hit by ransomware attacks

These Are the 50 Most Popular Passwords in America - and That’s Not a Good Thing

This holiday season, beware of SMS delivery scams

Thousands of children’s medical records leaked

To encrypt or not to encrypt - That is the question

Top 7 factors boosting enterprise cybersecurity resilience

UK Government Department Using Unsupported Applications, Reveals Watchdog

UK privacy watchdog reveals more than two dozen data breach incidents

Unpatched Exchange servers could be behind Rackspace's ransomware attack

Vice Society Ransomware Attackers Targeted Dozens of Schools in 2022

Vice Society ransomware 'persistent threat' to education sector

Washington Attorney General Says Data Breaches at ‘Historic High’ Across State

Washington data breaches are at a ‘record-breaking severity.’ How to keep your personal data safe

When it Comes to Ransomware, Deception is Better Than Cure

Why Indian MSMEs Must Rethink Cybersecurity

Why the Holidays are the Most Wonderful Time of the Year for Fraudsters

Why You Must Think Like Your Adversary After a Data Breach

Will the 2.5M Records Breach Impact Student Loan Relief?

6th December

68% of IT leaders are worried about API sprawl

A Decade of Discussion and We’re Still Not Thinking Laterally

Add brand security to your workload

After AIIMS, Chinese hackers ATTACK Indian Council of Medical Research (ICMR) website over 6000 times in a day

After AIIMS, top medical body Indian Council of Medical Research (ICMR) servers under cyber attack

After AIIMS Delhi, hacking attempts on Indian Council of Medical Research’s server

AIIMS Online registration of Outpatient Department (OPD) patients resumes two weeks after cyberattack

Amnesty International breach linked to Chinese government, investigation finds

Amnesty International Canada says it was hacked by Beijing

Amnesty International Canada breached by suspected Chinese hackers

Amnesty International Canada says it was targeted by China-sponsored cyber attack

Android December 2022 security updates fix 81 vulnerabilities

Antwerp's city services down after hackers attack digital partner

Attackers take over expired domain to deliver web skimming scripts

Australian insurer Medibank says hackers leaked all of the data they stole in October

Beyond Google: The Real Problem with Data Privacy

Black Basta Ransomware Group Actively Targeting U.S. Companies: What You Need to Know

Businesses beware: 5 major ransomware attack cases in 2022 that victimised businesses

Cambridge Water: Customer details targeted in cyber attack

China-Based Hackers Target Amnesty International Canada

Chinese Hackers Target Middle East Telecoms in Latest Cyber Attacks

Christmas Warning: Threat Actors Impersonate your Favorite Brands to Attack

Chrome browser security: Google warns users over security risk

CISA adds Google zero-day to exploited vulnerabilities list

Cyber security: Getting basic hygiene right

Darknet's Largest Mobile Malware Marketplace Threatens Users Worldwide

DEFRA's legacy software problem 'threatens' UK government cyber security until 2030

Economic uncertainty will greatly impact the spread of cybercrime

Feds warn of Cuba ransomware threat targeting the healthcare sector

Gen Z Internet Users "Normalize" Cybercrime

Google Chrome zero-day exploited in the wild (CVE-2022-4262)

How Can Boards and CIOs Help Reduce Risk? By Asking the Right Questions

How Should Data Brokers and Credit Bureaus Be Protecting Your Data?

How to Detect a Cyber Attack

India's leading state hospital recovers systems after cyber attack

Indian Council of Medical Research (ICMR) Website Safe, Cyber Attack Successfully Prevented

International police operation takes down iSpoof

Iranian State Hackers Targeting Key Figures in Activism, Journalism, and Politics

Kingston reiterates role of encrypted hardware in mobile healthcare data security

Korea’s popular digital wallet Payco hit by signature key hijacking

Largest Dark Web Webinjects Marketplace “In The Box” Discovered

Macmillan Reports Data Breach Leaking Consumers’ Social Security Numbers

Malware Apps With 2 Million Install Pose Risk For Android Users: Find Out Why

Massachusetts hospital to refund patients for losses after data breach

Massive DDoS attack takes Russia’s second-largest bank VTB offline

Medlab Pathology faces questions over data breach timeline

Metallica issues crypto scam alert before the 72 Seasons album launch

Microsoft: Hackers target cryptocurrency firms over Telegram

Microsoft’s Warning About How Hackers Are Bypassing MFA – What You Need to Know

Most Common IAM Mistakes to Avoid to Ramp Up Your Cybersecurity

Multiple government departments in New Zealand affected by ransomware attack on IT provider

New Zealand: Cyber attack widens, via third party, affecting government agencies

NETGEAR Router Vulnerability Allowed Access to Restricted Services

North Shore Pain Management, Resolve I.T. data breach $200K class action settlement

Open Source Ransomware Toolkit Cryptonite Turns Into Accidental Wiper Malware

“Patchwork of Solutions” Leaving Firms Susceptible to Cyber-attacks

Phishing scammers impersonate WhatsApp by buying a top ad spot on Google

Prolific Chinese Hackers Stole US COVID funds

Qatar 2022: African World Cup Broadcaster Struck by 'Jealous' Cyber Attackers

Rackspace confirms outage was caused by ransomware attack

Rackspace Hosted Exchange outage was caused by ransomware

Rackspace Hosted Exchange Ransomware Attack: Email Outage Timeline and Recovery Updates

Rackspace says ransomware attack caused outage

Rackspace-Hosted Exchange Service Gets Hit with Ransomware Attack

Ransomware Gang Steals Employee and Customer Data From LJ Hooker

Ransomware Toolkit Cryptonite Re-emerges as Wiper

Report finds half of UK manufacturers suffered cyber-attacks in last 12 months

Russian Hackers Use Western Networks to Attack Ukraine

Russian hacking group spoofed Microsoft login page of US military supplier

Russian state-owned bank VTB hit by largest DDoS attack in its history

Second LastPass Security Breach in 2022 Exposed Customer Data, Company Admits

Several Code Execution Vulnerabilities Patched in Sophos Firewall

Snap Finance, LLC Files Notice of Data Breach

South Africa: Defending the digital gates

Streaming Scam: World Cup, Netflix, Disney+, Prime Video, and More

Suspects arrested for hacking US networks to steal employee data

Swiss Government Wants to Implement Mandatory Duty to Report Cyber-Attacks

Telcom and BPO Companies Under Attack by SIM Swapping Hackers

The Pacific island nation of Vanuatu has been knocked offline for more than a month

The true cost of phishing attacks

This badly made ransomware can't decrypt your files, even if you pay the ransom

Threat Actors Use Malicious File Systems to Scale Crypto-Mining Operations

UK manufacturing sector under threat from cyber-criminals

Understanding NIST CSF to assess your organization's Ransomware readiness

What you should know when considering cyber insurance in 2023

What’s the Matter with digital trust in smart home devices?

With Operational Technology (OT) attacks on rise, organizations weigh cybersecurity trends for 2023

Your payroll could be the target of the next phishing scam

5th December

4 Types of Cyber Attacks Worrying Cyber Security Experts

5 Ways Cybercrime Could Develop over the Next 5 Years

8 Behavior-Based Safety Tips You Must Follow to Stay Safe Online

25 Year-Old Hacker Jailed For Stealing $20 Million in Crypto - Find Out How He Did It

44% Of Malware Delivered Inside Archive Files In Q3

59% of Nigerians have fallen victim to E-Banking fraud

90% of companies in APAC rate digital trust highly

A Holiday Season of Sophisticated Phishing

App Flaw Allowed Honda and Nissan Cars Hack by Knowing VIN number

Avoid an own goal: The World Cup and the cybercrime menace

Bank of Hope data breach class action settlement

Beware of this Excel file that launches macros to empty your wallet of cryptos

Beware of Your Medical Partners, Suppliers: Breaches Up 102%

Cambridge Water customers informed of data breach three months after cyberattack

Chinese hackers stole $20M in COVID relief funds, feds say

Chrome browser security: Google warns users over security risk

CISA and FBI Say Cuba Ransomware’s Lifetime Earnings Crossed $60M in 2022

CISA orders agencies to patch exploited Google Chrome bug by Dec 26th

CommonSpirit confirms network accessed a week before ransomware attack

Community Health Network reports online tracking data breach affecting 1.5 million

Connected medical devices are the Achilles’ heel of healthcare orgs

Critical Ping bug potentially allows remote hack of FreeBSD systems

Critical Ping Vulnerability Allows Remote Attackers to Take Over FreeBSD Systems

Critical Vulnerabilities Force Twitter Alternative Hive Social Offline

Cuba ransomware group hitting US organizations in 5 critical sectors

Cyber as a Culture: Four Steps To Mitigate Insider Threats

Cyber attacks on hospitals are a new e-pandemic – are we prepared?

Cyber Extortion Growing Exponentially in Africa, Middle East and China

Cybercrime is becoming more like a standard business

Cybersecurity Is More Important Than Ever in 2023

Cybersecurity Should Focus on Managing Risk

Cybersecurity threats to protect against in 2023 — ransomware still king

Data Breaches: What They Are, Why They Occur, and How to Prevent Them

Data of Israeli Employees from 29 Logistics Firms Sold Online

Data on thousands of Aussies for sale on bot markets

Data-wiping malware hits Russian courts, city halls

Department of Homeland Security (DHS) secretary says US faces 'a new kind of warfare'

Education sector hit by Hive ransomware in November

Endpoint detection & response and its cybersecurity benefits

Engage your employees with better cybersecurity training

Fake Windows Crypto Apps Spreading AppleJeus Malware

FBI warning: This ransomware gang has hit over 100 targets and made more than $60 million

Finance firms need to check their cybersecurity posture

Flaw in Aged Boa Web Server Threatens Supply Chain

‘Foreign sabotage, ransomware, espionage’ - angles under probe in AIIMS cyberattack

Fraudsters are using the cost of living crisis to rinse people out of money - here are the scams everyone needs to know about

French hospital complex suspends operations, transfers patients after ransomware attack

French Hospital Halts Operations After Cyber-Attack

French Hospital Suspends Operations After Crippling Cyber Attack

Gang’s number is up: police bust spells end for SIM cloners

Google issues urgent warning to millions of Chrome browser users over security flaw

Google Releases Chrome Emergency Fix For Ninth Zero-Day This Year

Guide to Network Security

Hacker accesses Orlando Health employee's email

Hacker Exploits Sirius XM Flaw to Remotely Unlock, Honk Horn on Cars

Hackers Actively Attack RDP Servers To Deploy Ransomware

Hackers hijack Linux devices using PRoot isolated filesystems

How Can Hackers Access Your Phone Data? Latest Fraud Techniques

How companies time data leak disclosures

How did confidential gun permit data get leaked?

How To: Make Security a Board Level Discussion

How to be Safe on Social Media: A Guide for Everybody

How to Recognize and Avoid Crypto Scams and Phishing Attempts

How to take on the ever growing cyber security threat

Infostealer malware surges on dark web amid rise in MFA fatigue attacks

Iran: State-Backed Hacking Of Activists, Journalists, Politicians, Says Human Rights Watch

Iran-backed hackers stage phishing campaign against activists, journalists

Iranian espionage campaign targets journalists, diplomats, activists, says Human Rights Watch

Killnet DDoS Group Executes a Cyber Attack on the EU Parliament Website After Resolution Against Russia

LastPass suffers second data breach in 3 months

Look out for these ’12 scams of Christmas,’ Better Business Bureau warns

Manufacturers Struggle to Manage Cyber-Threats from New Tech Deployments

Meta’s data scraping: against the rules yet impossible to stop?

Microsoft warns of Russian cyberattacks throughout the winter

Multifactor Authentication (MFA) Will Not Save the Insurance Industry

Microsoft: Beware Russian Winter Cyber-Offensive

Nearly 500 Million WhatsApp Records Allegedly Stolen in Data Leak, Offered on Dark Web for a Few Thousand Dollars

Nearly half of British manufacturers hit by cyber-attack in the last year

New BMC Supply Chain Vulnerabilities Affect Servers from Dozens of Manufacturers

Nigerians alerted to new phishing attacks, WhatsApp compromise

North Korean Hackers Spread AppleJeus Malware Disguised as Cryptocurrency Apps

November was the second busiest month for ransomware attacks this year

Organizations Face Barrage of Holiday Ransomware Attacks

Pakistan: Digital Warfare a National Security Threat

Password Managers Keep Getting Hacked. Should You Still Trust Them?

Phones, email and internet working at Durham District School Board (DDSB) schools again following cyber attack

Rackspace Admits Security Incident, Helps Customers Migrate to Microsoft 365 Accounts

Rackspace Hosted Exchange service outage caused by security incident

Rackspace Shuts Down Hosted Exchange Systems Due to Security Incident

Ransomware attack forces French hospital to transfer patients

Ransomware Professionalization Grows as RaaS Takes Hold

Risk of hacker attacks from Russia on Italian institutional sites

Risks of connecting to a public Wi-Fi network and how to avoid them

Russian Courts Targeted by New CryWiper Data Wiper Malware Posing as Ransomware

Safdarjung Hospital Faces Fresh Hacking Attack After AIIMS

Scam emails impersonating big brands Amazon, DHL, Currys, Aldi and ASDA warning

Secureworks Counter Threat Unit (CTU) identifies increase in stolen credential sales

Severe AMI MegaRAC flaws impact servers from AMD, ARM, HPE, Dell, others

SIM Swapper Who Stole $20 Million Sentenced to Prison

SiriusXM Vulnerability Lets Hackers Remotely Unlock and Start Connected Cars

Skokie issues scam alert after resident receives false phishing email about unsafe water

Sneaky hackers reverse defense mitigations when detected

Sturdy Memorial Hospital data breach class action settlement

Swiss government proposes “reporting duty” for cyberattacks on vital infrastructure

Tackling the Scourge of Malicious Streaming Sites During this Year’s FIFA World Cup

'Team Mysterious Bangladesh' Hackers Target Indian Education Entity

The 5 Biggest Data Breaches of 2022

The more you buy, the less you protect

The New External Attack Surface: 3 Elements Every Organization Should Monitor

The Slow Shift Toward Passwordless Access

‘The world should be prepared’ - Microsoft issues warning about Russian cyberattacks over winter

These Android Apps In Google Play Infected 2M Devices With Malware, Delete ASAP

Three vulnerabilities found in popular baseboard software

Three ways to break the blame culture on security teams

Time to update: Google Chrome browser patches high-severity security flaw

To Stem The Tide Of Ransomware, Close Gaps And Increase Visibility

Travis Central Appraisal District hit with ransomware attack

US Offshore Natural Gas & Oil Infrastructure Faces Rising Cybersecurity Threats

What is antivirus used for?

What is API Governance?

What MDR is (and what it’s not)

What’s the Main Cause of Avoidable Cybersecurity Incidents?

When Being Attractive Gets Risky - How Does Your Attack Surface Look to an Attacker?

World Cup Cyber Crime: Spotting It, Thwarting It

Why API Gateways are Critical for Cloud Security

Why enterprises require cyber-security strategies for cloud journeys

Why staff losing laptops costs more than ransomware attacks

Wiper, Disguised as Fake Ransomware, Targets Russian Orgs