Editor's Message

Welcome to DBD. Yet another year has drawn to a close, and cybercrime remains a major threat to organizations, no matter where they are, or what size they are. The significant gains made in tackling cybercrime last year, still show we have a long way to go, but the battle continues in disrupting threat actors and their operations. Wishing you all a Safe New Year. Thank you for your support. Stay safe. :)



Monday, 19 December 2022

Data Breaches Digest - Week 51 2022

Welcome to this week's Data Breaches Digest, a catalogue of links concerning Data Breaches and Cyber Security that were published on the Internet during the period between 19th December and 25th December 2022.


25th December

4 Security Threats to Blockchain Networks You Need to Know About

7 Types of Passive Attacks That Can Easily Go Undetected

Critical Linux Kernel flaw affects SMB servers with ksmbd enabled

Cyber Attackers Used Ripple CEO’s Identity To Promote Fake Giveaways

Data Reform Bill: Experts Criticize the UK's GDPR Replacement

DeFi flash loan hacker liquidates Defrost Finance users causing $12M loss

Experts warn of attacks exploiting WordPress gift card plugin

India: Cyber crime shoots up by 66% in Rachakonda commissionerate

Meta settles Cambridge Analytica lawsuit

Microsoft fined €60 million in France for using advertising cookies without consent

Most social media users encounter scams on a weekly basis at least

New ransomware threat for struggling health services

North Korea Carries Out Cyber Attack On Nearly 900 South Korean Foreign Policy Experts

North Korea hacked almost 900 South Korean foreign policy experts, sought ransom

North Korean APT Hacker Group Steals 300 ETH and Over 1,000 NFTs in Phishing Attacks

North Korean hackers behind attacks on South Korean security experts

Officials warn as over $1.6 million in Massachusetts benefits stolen over last 6 months

Password Manager Gets Hacker, Encrypted Passwords Stolen

Perception vs reality: How to really prepare for ransomware

Scam complaints from Revolut users more than double since 2020

Should We Use Apps to Store Our Passwords? Here’s Our Stand

Staying safe in a dangerous digital world

Twitter Data Breach: Hacker claims to have data of 400 million Twitter users

Twitter data breach: Hacker posted list of hacked data of 400 million users - Check whether your data is leaked or not

Unclear data patterns? New risks from the MuddyWater hackers revealed

Under cyber attack: The AIIMS ransomware attack is just a reminder how vulnerable organisations can be

Understanding Cybersecurity: A Comprehensive Guide to Protecting Yourself and Your Organization from Cyber Attacks

24th December

10 Biggest Hacks and Cyber Security Threats of 2022

Cincinnati State data breach possibly exposed Social Security numbers, other information

Comcast Customers Face a Huge Holiday Data Breach

Guam Legislature warns about social media scam using official seal

Hacker Claims to Have Scrapped 400M Twitter User Records

How to Know if Someone Is Spying on Your Phone in 2022

How To Protect Your Passwords From Hackers

Most Popular Data Breaches of Apple

New info-stealer malware infects software pirates via fake cracks sites

OpenSea Private Auction Alarmed by NFT Scammers

Password protection giant LastPass admits the major data breach that came of its August hack

Paxos successfully recovers stolen $20M Gold tokens

Raspberry Robin malware used in attacks against Telecom and Governments

Royal Mail alert as 'easy to fall for' scam could 'drain bank accounts'

Scammers are Ramping Up Cyberattacks During Christmas

Secure Email Gateways: Your First Line of Defense Against Email Security Threats

Suspected North Korean hacker made $365,000 from 1,055 stolen NFTs

The Dangers of Discord: What Is a Discord Virus?

The famous British newspaper The Guardian victim of ransomware?

This Popular AI Chatbot is Being Used in Phishing Attacks

Tips on How to Be Aware Of CyberSecurity

Twitter faces massive fines in Europe over 2021 data breach

W4SP Stealer Discovered in Multiple PyPI Packages Under Various Names

Warning for all Microsoft users – don’t fall for common scam this Christmas

Weakest passwords of 2022

Your business should compensate for modern ransomware capabilities right now

23rd December

3Commas API Dispute Highlights Risks of Algorithmic Trading

4 Types of Active Attacks and How to Protect Against Them

5 Quick and Easy Ways to Prevent Identify Theft Online

48,000 South Africans had their online data stolen by bots – this is how much it sells for on the dark web

A growing number of Australians are finding out they are involved in a major data breach at Medibank months after the cyber attack

A hacker's tips on how to spot a phishing attack

Australia: Global counter-ransomware task force to become active in January

Avalanche-Based DeFi Platform Defrost Finance Loses $173k to Hackers

Biden signs $858 billion defense policy bill into law, expanding government cyber operations

Christmas Casino heist: BetMGM hacked, data of 1.57 million gamblers leaked, while data of 68,000 DraftKings customers also hacked

Christmas scams warning as criminals cash in on cost-of-living crisis

Cloud Security Risk for Retail Companies: Why Ignoring Best Practices Could be Costly – The Redmart Story

CMS Subcontractor Breach Affects 254k Medicare Beneficiaries

Container Verification Bug Allows Malicious Images to Cloud Up Kubernetes

Crooks copy source code from Okta’s GitHub repository

Cyberattack losses projected to hit $5m per incident in 2023

Cybersecurity threatscape: Q3 2022

Data breach: Why is it a big threat for crypto traders, and how to prevent it

Dixons school trust in Bradford hit by cyber attack

Don’t bite! The Coca-Cola scam is back on WhatsApp, now also at Christmas

Email Security: Protecting Your Organization from Within

EU Watchdog Probes Twitter for 5.4 Million User Data Breach

France Fines Microsoft €60 Million for Using Advertising Cookies Without User Consent

Ghost CMS vulnerable to critical authentication bypass flaw

Godfather Android Malware Targets 400+ Banks and Crypto Exchanges

Gootkit Loader continues to be used on multiple Australian networks

Growing cybersecurity skills gap necessitates human factor security

Hacker Swipes $6.9 Million in Cryptocurrency from Defi Protocol Lodestar Finance on Arbitrum Blockchain

Hackers exploit bug in WordPress gift card plugin with 50K installs

Hackers obtained LastPass customer data vaults in recent data breach

How access monitoring keeps providers at bay from data breaches

How Cryptocurrency Scams Work

How cybersecurity is changing with the advent of the metaverse

How to protect yourself from hackers and online threats

Huge number of Iranian cyber attacks against 'Israel'

Identity Provider Okta Breached, User Credentials and Operations Remain Secure

India: Data protection will be a top priority for businesses in 2023

It’s beginning to look a lot like ‘phishmas’!

'It's the most wonderful time of the year' for text scams

Jersey school is attacked by cyber criminals demanding ransom

Kenya: Cybersecurity cases rose in second week of December

LastPass: Customer Vault Data Was Taken

LastPass: Hackers accessed and copied customers’ password vaults

LastPass: Hackers Stole User Data and Encrypted Password Vaults

LastPass Admits to Severe Data Breach, Encrypted Password Vaults Stolen

LastPass customer password vaults stolen, targeted phishing attacks likely

LastPass says attackers got users’ info and password vault data

Legal firm says cyber attack on water firm could lead to “substantial claims for compensation”

Lessons from Biggest HIPAA Breaches of 2022

Liverpool Council issue warning to anyone expecting a Christmas delivery

Manufacturing's Mixed Technology Opens Doors for Cybercrime

Massive Twitter data leak investigated by EU privacy watchdog

Meta settles data breach case linked to Cambridge Analytica scandal for £600m

Meta to settle Cambridge Analytica class-action for $725 million

More Aussies find out they’re caught up in major Medibank data breach months after cyber attack

MultiCare Notifies 23K of Third-Party Breach

New NFT private auction scam threatens OpenSea users

New Scam Trick Threatening OpenSea NFT Marketplace Users Revealed

North Korean Hackers Stole Massive $626M in Crypto This Years, Mostly from DeFi

North Korean hackers stole over 800 billion won worth of cryptocurrencies from DeFi platforms

Online Casinos DraftKings and BetMGM Hacked; Data of Millions at Risk

Patch now: Serious Linux kernel security hole uncovered

Positive Technologies warns of cybercriminals creating platforms to distribute phishing kits

President Biden Signs Quantum Cybersecurity Preparedness Act into Law

Public Warning Following Surge Of Phishing Scams

Putin Team ransomware emerges from leaked Conti’s source code

Rackspace retrieves email data for some customers after ransomware attack

Ransomware Is on the Rise - Here’s How to Protect Yourself

Recent phishing attacks shatter confidence in cybersecurity controls

Recent ransomware attacks show vulnerability in Iowa schools

Researchers Warn of Kavach 2FA Phishing Attacks Targeting Indian Government Officials

SickKids says it could be ‘weeks’ until full recovery from ransomware attack

Silver Ticket Attack

Students across Dorset urged to beware of scams

The Impact of Russia’s Fancy Bear Attacks on U.S. Satellite Networks

The Top 23 Security Predictions for 2023 (Part 1)

Threat predictions for 2023: From hacktivism to cyberwar

Three ways companies can meet the evolving requirements of the insurance carriers

TikTok parent company ByteDance revealed the use of TikTok data to track journalists

TikTok's Parent Company Admits Using the Platform's Data to Track Journalists

Top 10 Risks in Cyber Security

Top Crypto Scams and Trends in 2022

Twitter faces investigation in Ireland over data breach

Unexpected failure of Russian hackers and Ukraine’s ascendant IT expertise

USPS, DHL, and Netlix – Top Phishing Scams of the Week

Valley Children's Medical Group involved in nationwide data breach, officials say

Vice Society Ransomware Attackers Adopt Robust Encryption Methods

Videoconferencing Worries Grow, With SMBs in Cyberattack Crosshairs

What is Cyber Resilience, and how will it Help Businesses?

Why Azure AD Password Protection is Not Enough

Why You Should Update File Sharing Platform, Samba, Right Now

Xavier University Might Have Lost Personal Data in Hack

Zerobot Botnet Devs Add New Functionality

22nd December

10 biggest financial data breaches of 2022

2023 Should Be the Year of On-Chain User Security

After ransomware hits Colombian energy firm, Moody’s says low patch rate suggests inadequacies in cyber practices

Alarming email gap exploited by state sponsored hackers

Amplified security trends to watch out for in 2023

Australian businesses facing identity-based attacks

Being one of the 1% sucks if you're a Rackspace user

Clop ransomware group targeting medical images

Comcast Xfinity accounts hacked in widespread 2FA bypass attacks

Community College Of Baltimore County Suffers Financial Loss In Phishing Attack

Credentials Are the Best Chance To Catch the Adversary

Critical Lessons Learned from Uber’s Second Breach

Critical Security Flaw Reported in Passwordstate Enterprise Password Manager

Cyber Threats Increasingly Target Video Games

Cyberattack compromises German industrial giant ThyssenKrupp

Cybersecurity Awareness Training in Companies: Why You Can’t Do Without It

Cybersecurity Could Emerge as the Biggest Challenge in 2023

Dealing with cloud security shortfalls

Ethos Technologies, Inc. Reports Recent Data Breach Leaked Consumers’ Social Security Numbers

Everything You Need to Know About Automating Digital Forensics and Incident Response (DFIR)

FBI: Cyber-Criminals Are Purchasing Search Engine Ad Services to Launch Attacks

FBI and Europol Seizes Nearly 50 DDoS-for-Hire Platforms and Charged Six Administrators

FIN7 Cybercrime Syndicate Emerges as a Major Player in Ransomware Landscape

FIN7 hackers create auto-attack platform to breach Exchange servers

Fool Me Thrice? How to Avoid Double and Triple Ransomware Extortion

France Fines Microsoft $64m for Imposing Ad Cookies to its Bing Users

Gambling platform DraftKings breached – Do this if you have an account

GitHub incident allowed attacker to copy Okta’s source code

Google WordPress Plug-in Bug Allows AWS Metadata Theft

Guacamaya leaks spark debate about militarization, spyware, but no accountability

Guardian Newspaper Suffers Ransomware Attack

Hackers Breach Okta's GitHub Repositories, Steal Source Code

HHS alert warns KillNet hacktivist group targeted US healthcare entity

Hints for avoiding hackers while using cryptocurrency

How carding can affect your business

How to Recover from a Cyber Attack

Improvement in Internet Security and Tips to Stay Safe Online

India: Defence body warns of data breaches and ransomware attacks, advises staff to follow CERT-In guidelines

India’s Commercial, Critical Infrastructure Under Ransomware Threat

Infostealer Malware Threat Grows as MFA Fatigue Attacks Spread

Insufficient Data Privacy Legislation Is Costing Companies: Three Ways Businesses Are Suffering

Kaspersky uncovers attacks targeting Albanian government with ransomware and wipers signed with stolen certificates

KentuckianaWorks participants potentially affected by third-party data breach

Lastpass: Hackers stole customer vault data in cloud storage breach

Leading sports betting firm BetMGM discloses data breach

'Lessons must be learnt' from cyber attack which has cost Gloucester city council £787,000 so far

Luxembourg: Police warn of fresh wave of scam text messages

Media Giant Guardian Hit By Suspected Ransomware Attack

Microsoft: Zerobot adds new exploits, DDoS attack capabilities

Microsoft says Zerobot can now exploit vulnerabilities in Apache and Apache Spark

One in three Australians have fallen victim to scams

Play ransomware gang claims major cyber attack on H-Hotels that disrupted digital communications

Protecting a Network Without Concrete Boundaries

Queensland University of Technology shuts IT systems after being hit by ransomware attack

Ransomware Attack Causes Disruption at British Newspaper The Guardian

Ransomware attack delays SickKids lab results, systems could be offline for weeks

Ransomware Attack Hits The Guardian Newspaper

Ransomware Cases Have Grown over Time with Modern Tactics

Ransomware Gang Emails College Students with Demands

Ransomware, DDoS see major upsurge led by upstart hacker group

Report Surfaces Top Vulnerabilities of 2022

Researchers Develop AI-powered Malware Classification for 5G-enabled IIoT

Sale or No Sale; Hacker Leaks FBI’s InfraGard database Online

San Diego Unified Waited 5 Weeks to Notify Families of Data Breach

SEO Poisoning Attack Linked to 144,000 Phishing Packages

Student Loans Company (SLC) phishing reminder to students

Tesla competitor faces Bitcoin ransomware attack during economic crisis

The Era of Cyber Threat Intelligence Sharing

The Grand Theft Auto 6 (GTA 6) leak was one of the biggest ever, and the only winners were the news writers

The Guardian confirms their systems were hit by ransomware attack

The Guardian newspaper believes ongoing “IT incident” caused by ransomware

The top cyber security stories of 2022

Threat actors use known Excel vulnerability

Top 10 cyber crime stories of 2022

Toronto children’s hospital confirms it was hit by ransomware

Two New Security Flaws Reported in Ghost CMS Blogging Software

UK Government: Sharing Some Passwords is Illegal

Vice Society ransomware gang switches to new custom encryptor

W.W. Wallwork, Inc. Reports Data Breach That Leaked an Unknown Number of Consumers’ Social Security Numbers

What Can Schools Do Against the Onslaught of Ransomware?

What Can We Learn From Recent Cyber History?

What is Bluebugging, how does it occur, is it dangerous, and other related queries

Why KPIs Are Critical to Effective Security

Xavier hit with cyberattack; personal information might have been stolen, school warns

Zerobot Botnet Emerges as a Growing Threat with New Exploits and Capabilities

21st December

6 Key Questions to Ask Yourself When Scaling Up Your Cybersecurity

2023 Cybersecurity Spending Increases to Combat Evolving Threats

Acronis Report Uncovers Cloud Environments Are New Potential Targets for Threat Actors

Addresses of non-molestation order applicants disclosed in data breach

Adult Google Ad Fraud Campaign Garnered Millions of Impressions

Ankr Confirms $5M Crypto Hack Was An Inside Job

APIs are placing your enterprise at risk

Attention Last-Minute Holiday Shoppers: Scammers Are Coming for You

Beware of Cyber Attacks During the Holiday Season – Royal Ransomware Group Highlighted as Threats to the Health and Public Health Sectors

Beware of What Is Lurking in the Shadows of Your IT

British newspaper The Guardian says it’s been hit by ransomware

Brute Force Attacks: A Guide to Protecting Your Online Information

Cameron County District Attorney Forces School District to Disclose 'Vast' Data Breach

Chinese electric automaker Nio hit by data breach

CISA Warns Healthcare Organizations of Cuba Ransomware Threat

Class action suit alleges Oakwood University responsible for massive data breach

Community College of Baltimore County (CCBC) victim of phishing attack

Compliance Investigation Into Mercury IT Breach Commenced

Conti Team One Splinter Group Resurfaces as Royal Ransomware with Callback Phishing Attacks

Cyber attack on Angus Council cost taxpayer £25,000

Cyber-Incident Causes System Failures at Canadian Children's Hospital

Cybercriminals attack users with 400,000 new malicious files daily

Cymulate Identifies Cyberattack Technique That Evades EDR Platforms

Data protection: Safeguard the path to digitalisation of power networks

Debunking 5 Myths About Detection-as-Code

Employee Privacy And Cybersecurity: Spot The Difference

Evolving threats and broadening responses to Ransomware in the UAE

Experian, T-Mobile data breach $16M class action settlement

FBI warns of search engine ads pushing malware, phishing

Four tips to avoid online holiday shopping being ruined by hackers

German industrial giant ThyssenKrupp targeted in a new cyberattack

GitHub Attack Allowed Attackers to Steal Okta’s Source Code

Gloucester cyber attack: A year since hackers disrupted vital services for thousands of citizens

GodFather Android Banking Trojan Targeting Users of Over 400 Banking and Crypto Apps

GodFather Android malware targets 400 banks, crypto exchanges

“GodFather” Hits Banks, Crypto Wallets Apps as Android Trojan Emerges

Godfather Trojan Targets 400 Financial Services Firms

Guardian hit by serious IT incident believed to be ransomware attack

Guardian newspaper hit by suspected ransomware attack

Guardian newspaper hit by suspected ransomware attack, staff told not to come to office

Guardian hit by serious IT incident believed to be ransomware attack

Guardian shuts offices after ransomware attack

Hartnell Community College District Files Notice of Data Breach with the California Attorney General

How a Simple Browser Search Can Lead You to a Scam

How are healthcare CISOs reporting & measuring risks?

How to avoid getting hooked by crypto ‘ice phishing’ scammers

Is Enterprise VPN on Life Support or Ripe for Reinvention?

Is TikTok stealing more than just your time?

Keppel Telecommunications and Transportation hit by data breach

Loot from New Zealand ransomware attack being sold on dark web

Meaningful Protection: A Regulatory Proposal And Roadmap To Protecting Healthcare And Other Critical Infrastructure

Medicare Data Breach Affects Thousands of Beneficiaries

More than compliance: cybersecurity best practices for the Oil and Gas sector

Morley Companies data breach $4.3M class action settlement

New Microsoft Exchange exploit chain lets ransomware attackers in (CVE-2022-41080)

November 2022 Healthcare Data Breach Report

Okta Data Breach: Cybercriminals Steal IAM Provider’s Source Code

Okta's source code stolen after GitHub repositories hacked

Okta’s Source Code Stolen in GitHub Breach

Over half of us still don't use a VPN when connecting to public Wi-Fi

Personal info may have leaked in Hope College data breach

Play ransomware actors bypass ProxyNotShell mitigations

Play ransomware gang claims H-Hotels cyberattack

Play Ransomware Targets H-Hotels After City of Antwerp and Córdoba Judiciary

Protect Your Fleet Against the Growing Risk of Cyber Attack

Ransomware attacks increased 41% in November

Ransomware Hackers Using New Way to Bypass MS Exchange ProxyNotShell Mitigations

Ransomware incidents targeting 'critical infrastructure' have grown

Raspberry Robin Malware Caught Employing A Clever Tactic To Dupe Security Researchers

Raspberry Robin Worm Strikes Again, Targeting Telecom and Government Systems

Raydium announces details of hack, proposes compensation for victims

RedMart fined S$72,000 for data breach resulting in online sale of customer data

Remote, third-party workers raise security risks for enterprises

Restaurant CRM platform SevenRooms confirms breach after stolen data appear for sale

Royal overtakes LockBit as top ransomware in November as attacks increase 41%

Russian Killnet Hackers Claim Data Theft of FBI Agents

Russians hacked JFK airport’s taxi dispatch system for profit

Securonix predicts more successful major cloud provider-level attacks in 2023

Shoemaker Ecco leaks over 60GB of sensitive data for 500+ days

Simple Steps to Avoid Phishing Attacks During This Festive season

Social media use can put companies at risk: Here are some ways to mitigate the danger

South Dakota health system notifies patients of 3rd-party data breach

Sports betting operator BetMGM hit by data breach

“Suspicious login” scammers up their game – take care at Christmas

The Average Cost of a Ransomware Attack in 2022

The Guardian 'believed to be' hit by ransomware attack, staff told to work from home

The Guardian Hit By Ransomware Attack, Staff Told To Work From Home

The online scams to watch out for over Christmas 2022: from Royal Mail to fake gift vouchers

The Rise of the Rookie Hacker - A New Trend to Reckon With

The Top Security Vulnerabilities of 2022 and Their Workarounds

Uber Data Breach Exposes 77,000 Employee Email Addresses and Other Company Data

UK Security Agency Wants Fresh Approach to Combat Phishing

UK's Guardian newspaper breaks news of ransomware attack on itself

Ukraine's DELTA Military System Users Under Attack from Info Stealing Malware

University Of East London Research Shows Two Thirds Of European Youth Involved In Some Form Of Cybercrime Or Online Risk Taking

US Most Impacted by Data Breaches in the Financial Industry in 2022

Watch Out For These Fake Amazon Scams This Holiday Season

Who’s Keeping Computers Safe When Everybody’s Working From Home?

Why ChatGPT can be dangerous for every internet user

Why Security Teams Shouldn't Snooze on MFA Fatigue

Wing Financial data breach investigation underway

Zerobot malware now spreads by exploiting Apache vulnerabilities

20th December

3Commas denies accusations of leaking API data resulting in $14.8M in ‘unauthorized trades’

4 Keys to Consider When Evaluating Cloud Data Protection Tools

5 types of malicious codes attack millions of computers in Vietnam

20 Ransomware Statistics Small Businesses Should Know

2022 Cyber Security Review of the Year

AIIMS cyber attack puts digital health ID plan under scanner

AIIMS Ransomware Attack: The Missing Picture

As cyber criminals start targeting retail, companies must be ready to fight back

Australians demand executives held liable for cyber breaches

Balance Sheet Blind Spot: Cryptocurrency Is Not as Protected as You Think

Beware: Cybercriminals Launch New BrasDex Android Trojan Targeting Brazilian Banking Users

Beyond Ransomware: Cybercrime Trends to Watch in 2023

Boulder County exposes jail inmates’ Social Security numbers

Brooklyn hospital network reverts to paper charts for weeks after cyberattack

Chinese electric automaker Nio hit by data breach

Clearview Public Schools hit by third-party data breach

Clop ransomware group targeting provider-patient trust by infecting medical images

Cloud Computing Services: The Threat of the Future

Connected homes are expanding, so is attack volume

Consumer security savvy is way behind IoT threat landscape

Cyber attack affects phones, website at Toronto’s SickKids Hospital

Cyber-proofing the healthcare industry from ransomware attacks

Cybersecurity in 2022: It’s Not Getting Easier

Cybersecurity is a Team Sport - Avoid the ‘Us and Them’ Culture

Cybersecurity Pros Bracing for Possible Holiday Cyber Event

Data Breaches in Washington Remain at Historic Highs

Data Collection Costs Epic Games Half a Billion USD

District Attorney forces San Benito schools to notify victims of ‘biggest’ data breach agency has seen

DraftKings Data Breach Impacts Personal Information of 68,000 Customers

Federal Trade Commission (FTC) Fines Fortnite Maker Epic Games $275 Million for Violating Children's Privacy Law

Fortnite Dev to Pay $520m in Record-Breaking Settlement

Google Ad fraud campaign used adult content to make millions

Google Disruption Fails to Stop Glupteba Botnet

Hacked Ring Cameras Used in Livestreaming Swatting Attacks

Hackers bombard PyPi platform with information-stealing malware

Health Care Cybersecurity: Past, Present And Future

Hope College Files Notice of Data Breach Following Unauthorized Access to Sensitive Student Information

How MSSPs Can Deliver Value Through Dark Web Threat Intelligence

How to assess and bolster an organization's level of cybersecurity

How To Keep Your Business Prepared for this Holiday Hacking Season?

Indian foreign ministry portal found leaking passport details of millions of overseas Indians

Instagram Rolls Out dedicated Page To Help Users Regain Hacked Accounts

Keppel Telecommunications and Transportation hit by data breach

KmsdBot Botnet Suspected of Being Used as DDoS-for-Hire Service

Kremlin’s most notorious hacker: will Yakubets ever face justice?

Kremlin-backed hackers targeted a “large” petroleum refinery in a NATO nation

Make sure your company is prepared for the holiday hacking season

Microsoft Details Gatekeeper Bypass Vulnerability in Apple macOS Systems

Military operations software in Ukraine was breached by Russian hackers

Millions of Moscow’s Children Surveilled Long Before Data Leak

Mimecast report highlights ransomware risk and impact on UAE organisations

Missing goals: Why online broadcasts can be vulnerable to cyberattacks

Nevada and North Dakota have highest cybercrime data

New Ransomware Variant, Written In Rust, Hitting Critical Infrastructure Companies

Nokoyawa Ransomware: Rust or Bust

On-premises vs cloud security: What are the pros and cons?

Organizations Warned of New Attack Vector in Amazon Web Services

P2 Energy Solutions Notifies Over 69k Consumers of a Data Breach that Leaked Their Social Security Numbers

Personal information of about 37,000 people exposed in Whitehall ransomware data breach

Protecting Your Brand With Public Web Data Scraping

Ransomware attacks increased 41% in November

Ransomware gang uses new Microsoft Exchange exploit to breach servers

Ransomware hackers take demands directly to college students: ‘For you, it’s a sad day’

Raspberry Robin worm drops fake malware to confuse researchers

Recent Tech Layoffs Sharply Increase Insider Cybersecurity Threat

Russian hackers accessed JFK airport taxi software

Russian hackers attempted to breach petroleum refining company in NATO country, researchers say

Russian Hackers Targeted Petroleum Refinery in NATO Country During Ukraine War

Russian hackers targeted petroleum refining company in NATO state

SevenRooms announces third-party vendor breach, says PII and banking details were not compromised

SSL Stripping Explained and How to Avoid It

Study finds troubling perception gap in data breach awareness and coverage

Taylor Regional Hospital Sued Over 2021-2022 Patient Data Breach

Telegram Hack Exposes Growing Russian Cyber Threat in Moldova

Telling users to ‘avoid clicking bad links’ still isn’t working

The Importance Of Putting Employees At The Center Of A Security Strategy

The modern day blackmail: Understanding the dangers of cyber extortion

The Most Common Mistakes People Make with Malware

The Top Cloud Security Threat Comes from Within

The USPS, UPS, FedEx, and DHL Text Message Phishing Scam Explained

Threat actors find way to abuse the AWS Elastic IP Transfer feature

UK Privacy Regulator Names and Shames Breached Firms

Ukraine's Delta Military Intel System Hit by Attacks

Using AI against us: Hackers can weaponize chatbots to write phishing campaigns

What Brands Get Wrong About Customer Authentication

Your Guide to IAM – and IAM Security in the Cloud

19th December

3 Reasons to Take a Layered Approach to Offensive Cybersecurity

5 cybersecurity trends accelerating in 2023

5 real estate scams to watch out for, and how to avoid them

6 email ‘red flags’ that can mean someone’s trying to scam you over the holidays

10 useful tips to secure your social media accounts from getting hacked

85% of attacks now use encrypted channels

A Closer Look at Windows Kernel Threats

A Practical Guide to Software Supply Chain Security

Acronis Cyberthreats Report Year-end 2022: Data under attack

Acronis End-of-Year Cyberthreats Report Finds Average Cost of Data Breaches Expected to Surpass $5 Million Per Incident in 2023

AIIMS cyber attack: Delhi Police seeks data on Chinese hackers from CBI-Interpol

AIIMS-like ransomware attacks will continue unless there is proper cyber hygiene

Antwerp denies negotiating ransomware payment as city disappears from leak site

API Vulnerabilities Discovered in LEGO Marketplace

Australia: Extortion email scams

Average cost of data breaches to surpass $5 million per incident in 2023

Avoid The XRP Staking Scam Claiming To Offer Up To 31% Returns

BadUSB: A Growing Cybersecurity Threat

Battling back the scammers: Six steps the elderly can take to avoid being fraud victims

Beware of Highly Sophisticated DarkTortilla Malware Distributed Via Phishing Sites

BlackBerry shares key insights into state of cybersecurity for 2023

BlackCat ransomware group leaks files stolen from D.C. convention bureau

Bored Ape Yacht Club (BAYC) Over a Million Worth NFT Reported Stolen

Brooklyn hospital resorts to pen-and-paper charts following cyberattack

Chinese Hackers Exploit Citrix Vulnerabilities

CMS subcontractor hit with ransomware

Colombian energy supplier EPM suffers BlackCat ransomware attack

Critical Windows code-execution vulnerability went undetected until now

CXOs Not Confident of Security Readiness

Cyber attack on FuboTV logged subscribers out during World Cup semi-final clash

Cyber National Mission Force elevated in fight against foreign hackers

Cyber skills gap leaving UK SMEs vulnerable to attacks

Cyberattacks in 2022 and what hospitals, health systems can learn going into 2023

Cybercrime (and Security) Predictions for 2023

Cybersecurity and EdTech: How can EdTech organisations address the growing security challenges?

Cybersecurity crucial for OT and ICS in 2023

Data Resilience Predictions: Using the Economy to Inform Security Strategy

DraftKings warns data of 67K people was exposed in account hacks

Email Fraud: How to Recognize and Avoid It

Epic Games agrees to pay record-breaking $520 million for privacy violations

Epic Games to pay $520 million for privacy violations, dark patterns

Facebook Cracks Down on Spyware Vendors from U.S., China, Russia, Israel, and India

Facebook Users Warned to Be Aware of New Rise in Phishing Scams

Forget AI art - AI-powered cyberattacks are what we should be worried about

Former T-Mobile Store Owner Scores Long Prison Sentence For $25M Phone Unlock Hack

FoxIt Patches Code Execution Flaws in PDF Tools

From Twitter, Samsung to Rockstar Games, here are the top data breaches of 2022

Glupteba Botnet Continues to Thrive Despite Google's Attempts to Disrupt It

Hacker claims to have 120,000 Hyundai India car owners' information, Puts it for sale on the Dark Web

Hacker Swipes FBI’s Info Sharing InfraGard Database of 80K Contacts

Holiday Shopping Threats To Security

Holiday Spam, Phishing Campaigns Challenge Retailers

How hyperautomation can bolster security and reduce risk in banking

How Much Does a Password Reset Cost? More Than You’d Think

How Reveton Ransomware-as-a-Service Changed Cybersecurity

How to Secure Business Processes: Tips & Tricks

How to spot a HMRC scam

How you can stop corporate login credential theft

Huge increase in cost of phishing attacks

Infamous hacker steals 14 BAYCs worth over 852 ETH ($1.07 million)

IoT Security: How to safeguard IoT devices against cyberattacks

IRS mistakenly publishes 112,000 taxpayer records for the second time

Is Quantum Security The Next Guy’s Problem?

Is Your Organization Safe from Common Cybersecurity Threats?

Jisc moves to protect tertiary education from ransomware

LinkedIn has massively cut the time it takes to detect security threats. Here's how it did it

Louise W. Eggleston Center, Inc. Reports Data Breach Following Ransomware Attack

Malicious ‘SentinelOne’ PyPI package steals data from developers

McGraw Hill exposed student data and grades, online privacy firm says

Medicare Data Breach: Letters Sent Regarding New Cards Issued to 254K Recipients

Medicare data breach affects up to 254,000 beneficiaries

Microsoft finds macOS bug that lets malware bypass security checks

Microsoft Vulnerability Upgraded to Critical Due to RCE Risk

Millions of Facebook users warned over dangerous alert – don’t make huge mistake

Mobile App Users at Risk as API Keys of Email Marketing Services Exposed

Moving Beyond Security Awareness to Security Education

National Cyber Security Centre (NCSC) annual review 2022: Highlights and thoughts

Navigating the Path to Enhanced Authentication

New Agenda Ransomware Variant, Written in Rust, Aiming at Critical Infrastructure

New Zealand Archives Breach - Months To Notify Individuals

Open source vulnerabilities add to security debt

Over 54 million users' data at risk via 3 popular email marketing apps

Palo Alto Networks research finds Baby Boomers better at password reuse than Gen Z

Pennsylvania’s Data Breach Notification Law Is Changing: What Does It Mean for Entities Doing Business in the Keystone State?

Phishing Scams: 5 Tips on Training Employees

Phishing Targets Ukrainian Battlefield Awareness Tool Users

Play ransomware claims attack on German hotel chain H-Hotels

Rackspace Ransomware Attack Caused Email Outages; Thousands of Customers Migrated to Cloud Services

Ransomware attack shuts down operations of firefighters at 85 Australian fire stations

Ransomware Groups to Increase Zero-Day Exploit-Based Access Methods in the Future

Researchers Discover Malicious PyPI Package Posing as SentinelOne SDK to Steal Data

Russian DDoS attacks on the West may be a smokescreen

San Diego Unified School District Waited 5 Weeks to Notify Employees and Families of Data Breach

Scam alert: Avoiding getting conned by too-good-to-be-true scholarships

Security Experts Say You Should Always Disable This Setting When Using Airport Wifi

Security teams urged to prepare for next era of ransomware

SevenRooms Restaurant CRM Suffers Significant Data Breach

Social Engineering Strikes Again As $1M+ Bored Ape Collection Stolen

Sophisticated DarkTortilla Malware Serves Imposter Cisco, Grammarly Pages

South Africa: The cybersecurity year ahead - cloud data threats loom in 2023

State level cyber attacks - Why and how

Staying cyber safe with skeleton staff

T-Mobile Hacker Gets 10-Year Sentence for Unlocking Phones

The Growing Risk Of Malicious QR Codes

The risk of escalation from cyberattacks has never been greater

The state of Operational Technology (OT) security: a rapidly evolving landscape

Threat Intelligence Through Web Scraping

Top 6 Email Security Threats You Need to Be Aware of

Top American Online Education Platform Leaks 22TB of Data

Ukraine's DELTA military system users targeted by info-stealing malware

Urgent need to secure India’s healthcare ecosystem from cyber threats

US agencies seize 48 DDoS-for-hire domains, charge six people for running booter services

What is Account Takeover (ATO)?

What Is Doxxing, And Why Is It So Dangerous?

What the Russian Invasion Reveals About the Future of Cyber Warfare

What to Do When Ransomware Strikes

Why AI is the key to cutting edge cyber security in 2023

Worst crypto scams and 'coverups' of 2022