IT Governance

APRIL 12, 2022

Welcome to our first quarterly review of security incidents for 2022, in which we take a closer look at the information gathered in our monthly list of data breaches and cyber attacks. IT Governance discovered 266 security incidents between January and March 2022, which accounted for 75,099,482 breached records. Download now.

Data breaches 115

Data breaches Ransomware Government Retail 115

IT Governance

JULY 5, 2022

Welcome to our July 2022 review of phishing attacks, in which we explore the latest email scams and the tactics that cyber criminals use to trick people into handing over their personal data. The first three months of 2022 saw more than a million reported phishing attacks, according to the APWG’s Phishing Activity Trends Report.

Phishing 116

Phishing e-Delivery Retail Insurance 116

IT Governance

DECEMBER 8, 2022

Welcome to our December 2022 review of phishing attacks, in which we explore the latest email scams and the tactics that cyber criminals use to trick people into handing over personal data. You can help educate your staff with IT Governance’s Phishing Staff Awareness Training Programme. Get started.

Phishing 111

Phishing Education Personal data Authentication 111

IT Governance

OCTOBER 10, 2022

Welcome to our October 2022 review of phishing attacks, in which we explore the latest email scams and the tactics that cyber criminals use to trick people into handing over personal data. You can help educate your staff with IT Governance’s Phishing Staff Awareness Training Programme. Attackers don’t break in, they log in.”.

Phishing 124

Phishing Passwords Personal data Data breaches 124

IT Governance

FEBRUARY 8, 2022

Welcome to our February 2022 review of phishing attacks, in which we explore the latest scams and the tactics that cyber criminals use to trick people into handing over their personal information. As we move into 2022, organisations should consider email security and phishing awareness at one of their biggest priorities. Get started.

Phishing 137

Phishing Passwords Authentication Education 137

IT Governance

DECEMBER 20, 2022

2022 will go down as the year where some semblance of normality returned. In total, we have so far reported more than 1,000 data breaches in 2022, with almost half a billion breached records. Google , Clearview AI , and Meta all receives hefty penalties in 2022, demonstrating the continued important of effective information security.

Security 132

Security Data breaches Ransomware Military 132

IT Governance

MARCH 8, 2022

Welcome to our March 2022 review of phishing attacks, in which we explore the latest email scams and the tactics that cyber criminals use to trick people into handing over their personal information. You can help educate your staff with IT Governance’s Phishing Staff Awareness Training Programme. Get started.

Phishing 144

Phishing Military Access Education 144

IT Governance

AUGUST 9, 2022

Welcome to our August 2022 review of phishing attacks, in which we explore the latest email scams and the tactics that cyber criminals use to trick people into handing over their personal data. You can help educate your staff with IT Governance’s Phishing Staff Awareness Training Programme. Get started.

Phishing 140

Phishing Authentication Passwords Blockchain 140

IT Governance

JUNE 1, 2022

Welcome to our May 2022 review of data breaches and cyber attacks. The post List of data breaches and cyber attacks in May 2022 – 49.8 million records breached appeared first on IT Governance UK Blog. We identified 77 security incidents during the month, resulting in 49,782,129 compromised records.

Data breaches 126

Data breaches Ransomware Phishing Education 126

erwin

OCTOBER 17, 2022

Quest ® EMPOWER, our free data summit, is coming to you live and online, November 1-2, 2022. We’ve got a packed expert lineup for you at Quest EMPOWER 2022. In his signature fun and educational style, Brent will show you how to successfully migrate to the cloud with a roadmap for SQL Server databases.

Government 52

Government Cloud Education Personal data 52

Security Affairs

APRIL 13, 2023

Fortinet has addressed a critical vulnerability, tracked as CVE-2022-41331 (CVSS score of 9.3), in its Fortinet FortiPresence data analytics solution. FortiSandbox / FortiDeceptor – Improper profile-based access control over APIs CVE-2022-41330 (CVSS score of 8.3)

Analytics 80

Analytics IT Authentication Education 80

Hanzo Learning Center

DECEMBER 6, 2022

December 1st marked another successful Ediscovery Day celebration full of great educational content for the legal tech industry. Now in its eighth year, Ediscovery day became more focused in its content offerings, with a great lineup of sponsored events.

Education 104

Education IT 104

IT Governance

DECEMBER 1, 2022

Welcome to our November 2022 review of data breaches and cyber attacks. Brookfield admits ‘blackout pen’ error led to sharing of special education students’ information (unknown). The post List of Data Breaches and Cyber Attacks in November 2022 – 32 Million Records Breached appeared first on IT Governance UK Blog.

Data breaches 115

Data breaches Ransomware Personal data Insurance 115

IT Governance

MARCH 1, 2022

Meanwhile, you can find the full list of cyber attacks and data breaches for February 2022 below. The post List of data breaches and cyber attacks in February 2022 – 5.1 million records breached appeared first on IT Governance UK Blog. It will take place on Thursday, 3 March at 3pm, and you can register for on our website.

Data breaches 134

Data breaches Ransomware Government Blockchain 134

Security Affairs

APRIL 10, 2023

The company also addressed a high-severity code execution issue, tracked as CVE-2022-4934. The CVE-2023-1671 flaw is a pre-auth command injection issue that resides in the warn-proceed handler, it affects appliances older than version 4.3.10.4.

Security 90

Security Education Cybersecurity IT 90

Security Affairs

APRIL 13, 2023

The vulnerability was reported in December 2022 by Souvik Kandar, Arko Dhar of the Redinent Innovations team in India. The attacker can exploit the vulnerability by sending crafted messages to the affected devices.” ” reads the advisory published by the company. On April 10, Hikvision released version 2.3.8-8

Education 86

Education Access Cybersecurity Security 86

Security Affairs

MAY 27, 2022

The FBI warns organizations in the higher education sector of credentials sold on cybercrime forums that can allow threat actors to access their networks. The FBI has observed incidents of stolen higher education credential information posted on publically accessible online forums or listed for sale on criminal marketplaces.

Sales 129

Sales Education Phishing Passwords 129

Security Affairs

APRIL 1, 2023

Five of the issues added by CISA to its catalog are part of the exploits used by surveillance vendors to target mobile devices with their commercial spyware: CVE-2021-30900 – Apple iOS, iPadOS, and macOS Out-of-Bounds Write Vulnerability.

Cybersecurity 78

Cybersecurity Education Risk Security 78

Security Affairs

MAY 3, 2023

Potential Impact CVE-2022-40302 Out-of-bounds read when processing a malformed BGP OPEN message with an Extended Optional Parameters Length option. DoS CVE-2022-40318 Out-of-bounds read when processing a malformed BGP OPEN message with an Extended Optional Parameters Length option. This is a different issue from CVE-2022-40302.

Education 89

Education Security Cybersecurity IT 89

Security Affairs

APRIL 20, 2023

Nominate here: [link] Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, vRealize ) The post VMware fixed a critical flaw in vRealize that allows executing arbitrary code as root appeared first on Security Affairs.

Education 89

Education Cybersecurity Security Access 89

Security Affairs

APRIL 4, 2023

Cybersecurity and Infrastructure Security Agency (CISA) has added a Zimbra flaw, tracked as CVE-2022-27926 , to its Known Exploited Vulnerabilities Catalog. The CVE-2022-27926 flaw affects Zimbra Collaboration version 9.0.0, which is used to host publicly-facing webmail portals. reads the post published by Proofpoint.

IT 90

IT Military Phishing Passwords 90

Security Affairs

APRIL 25, 2023

Nominate here: [link] Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, VMware ) The post VMware addressed two zero-day flaws demonstrated at Pwn2Own Vancouver 2023 appeared first on Security Affairs.

Education 96

Education Cybersecurity Security Information Security 96

Security Affairs

APRIL 24, 2023

The tool was developed by a company named Kodex, which claims that the tool was developed for an educational purpose. FortiGuard Labs observed this malware in a phishing email campaign on 30 March, which we traced back to the samples included in this blog.” The malware environment checking and Anti-VM functions.

Phishing 86

Phishing Sales Education Ransomware 86

The Last Watchdog

FEBRUARY 20, 2024

In 2022, 88% of users relied on chatbots when interacting with businesses. Educating users for safe interaction : Provide clear instructions on how users can identify and report suspicious activities, fostering a collaborative approach to security. This helps them improve their performance over time by gaining data from interactions.

Cybersecurity 273

Cybersecurity Authentication Communications Privacy 273

IBM Big Data Hub

APRIL 11, 2023

Today, I want to share some examples that highlight IBM’s 2022 progress in the area of social impact. Educational pathways are critical to opening windows of opportunities for all people, regardless of age or education level. In 2022, we increased the hours of learning per employee.

Education 84

Education Authentication Cybersecurity IT 84

Security Affairs

APRIL 21, 2023

The ABA has 166,000 members as of 2022. The American Bar Association (ABA) is a voluntary bar association of lawyers and law students; it is not specific to any jurisdiction in the United States. The attackers may have gained access to the members’ credentials for a legacy member system that was decommissioned in 2018.

Data breaches 88

Data breaches Passwords Education Cybersecurity 88

Security Affairs

APRIL 8, 2023

Mandiant researchers first observed this affiliate targeting Veritas issues in the wild on October 22, 2022. Unlike other ALPHV affiliates, UNC4466 doesn’t rely on stolen credentials for initial access to victim environments.

IT 79

IT Ransomware Education Cybersecurity 79

Security Affairs

APRIL 12, 2023

Nominate here: [link] Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, April security updates) The post SAP April 2023 security updates fix critical vulnerabilities appeared first on Security Affairs.

Security 81

Security Education Authentication Passwords 81

Security Affairs

APRIL 20, 2023

In 2022, the Russian APT used multiple wipers in attacks aimed at Ukraine, including AwfulShred , CaddyWiper , HermeticWiper , Industroyer2 , IsaacWiper , WhisperGate , Prestige , RansomBoggs , and ZeroWipe. The group is also the author of the NotPetya ransomware that hit hundreds of companies worldwide in June 2017.

Phishing 85

Phishing Military Ransomware Education 85

Security Affairs

APRIL 16, 2023

The MacOS variant has been available since November 11th, 2022. It appears we are late to the game.

Archiving 96

Archiving Encryption Ransomware Education 96

Security Affairs

APRIL 19, 2023

An Iran-linked APT group tracked as Mint Sandstorm is behind a string of attacks aimed at US critical infrastructure between late 2021 to mid-2022. Microsoft has linked the Iranian Mint Sandstorm APT (previously tracked by Microsoft as PHOSPHORUS ) to a series of attacks aimed at US critical infrastructure between late 2021 to mid-2022.

Energy and Utilities 86

Energy and Utilities Military Education Phishing 86

Security Affairs

APRIL 9, 2023

In October 2022, VM2 maintainers addressed another critical sandbox escape vulnerability tracked as CVE-2022-36067.

Libraries 68

Libraries File names Education Cybersecurity 68

Security Affairs

APRIL 6, 2023

Nominate here: [link] Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, MSI) The post Money Message ransomware group claims to have hacked IT giant MSI appeared first on Security Affairs.

Ransomware 76

Ransomware IT Manufacturing Education 76

Security Affairs

MAY 3, 2023

Nominate here: [link] Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, generative AI ) The post Hackers are taking advantage of the interest in generative AI to install Malware appeared first on Security Affairs.

Education 93

Education Information Security Cybersecurity Security 93

Security Affairs

APRIL 5, 2023

In late 2022, the researcher Sam Sabetan discovered a series of critical vulnerabilities in several smart devices manufactured by Nexx, including Smart Garage Door Openers, Alarms, and Plugs.

Manufacturing 89

Manufacturing Cybersecurity Education Authentication 89

Security Affairs

APRIL 3, 2023

FortiGuard Labs researchers observed an ongoing hacking campaign targeting Cacti ( CVE-2022-46169 ) and Realtek ( CVE-2021-35394 ) vulnerabilities to spread ShellBot and Moobot malware. Since September 2022, Moobot botnet was spotted targeting vulnerable D-Link routers.

Education 81

Education Encryption Passwords Communications 81

The Last Watchdog

APRIL 26, 2022

In a recent survey of US-based CEOs, talent shortages and cybersecurity were listed as two of the top five business concerns in 2022. About the essayist: Jack Koziol is the founder, SVP and GM of Infosec Institute , a cybersecurity education company. He is the author of The Shellcoder’s Handbook.

Cybersecurity 234

Cybersecurity Education Communications Security 234