Recent Cyberattacks, Data Breaches, Ransomware Attacks in October 2022

Date: 1 November 2022

Featured Image

We've reached the tail end of the year but the cyber-attacks aren't ending. Here's a list of the cyber attacks, data breaches and ransomware attacks that made the headlines in October 2022. 

This list is purely educational and is only intended to showcase the rampant rise in cyber incidents across the world. 

  1.  Cyber-Attacks in October 2022
  2.  Data Breaches in October2022
  3. Ransomware Attacks in October 2022
  4. New Ransomware/Malware Detected in October 2022
  5. Vulnerabilities/Patches 
  6. Advisories issued etc. in October 2022 

Australia is probably one word that has appeared in most stories about cyber-attacks this month. While last month its number two telco, Optus, revealed a data breach compromising data of 10 million customers, this month continued the mired saga with the country's top health insurer, Medibank, confirming that medical information of ALL its customers was lost to a ransomware attack. 

That's not all. Online shopping store,, owned by one of the country's largest retail businesses, Woolworths, suffered a data breach in which personal information of 2.2 million of its customers was affected.  

Then there is the curious case of Australian Clinical Labs that disclosed a data breach almost 8 months after it discovered that medical records and other sensitive information of 223,000 people was impacted. 

And these are just some of the many other attacks that have affected Australian businesses and government organisations recently. So what is the message here? Quite clearly that beefing up cybersecurity defences is the need of the hour, no matter your size or industry. 

No business should be complacent about their cyber posture anymore - given that UK's Interserve was just fined £4.4 million for failing to prevent a cyber-attack and for its poor infosec hygiene.  

Even if you feel your cybersecurity requirements aren't as pressing or urgent at the moment, get professional help through a cost-effective and ticket-based service like our Virtual Cyber Assistant. This can help you evaluate your cybersecurity posture and see if you're ready at all to deal with a real attack.

But before that, download this FREE Cyber Incident Response Plan template and start building your own response strategy today. Because remember - chances of you being attacked are as high as any of the businesses and victims mentioned below. So all you can really do is put the best preventive measures in place and be prepared.  

Below is a comprehensive and continually updated list of cyber-attacks, ransomware attacks and data breaches that made the news in October 2022. 

Cyber Attacks in October 2022

Summary Threat Actor(s) Business Impact Reference Link

MI-5 Website

Pro-Russian hackers temporarily take MI5 website offline with cyber attack

Anonymous Russia

Public-facing website went down intermittently

MI-5 public-facing site down

Hartnell College

College shuts down internal servers after noticing suspicious activity which later turns out to be a ransomware attack. 


Internal servers down

Hartnell College Ransomware Attack 

Blizzard Entertainment

'Mass DDoS' attack prevents fans from playing Overwatch 2. 


Game servers down on the day of launch

Blizzard DDoS Attack

Comm100 Live Chat App

Live support app trojanized as part of a new supply-chain attack

Suspected Chinese Threat Actors

Live chat app's infected variant allowed for a stealthy supply-chain attack

Live support service hacked

Pinnacle Group Regional Offices & Primary Health Care

Cyber attack targets a North Island GP network


Patient Details Compromised

North Island GP Network Cyber Attack

Chase UK

Chase UK's app-only banking offering hit by a mysterious outage


Customers unable to access banking services in the absence of physical centres

Chase UK Outage

Llyod's of London Llyod's of London investigates possible cyber-attack Unknown  Unusual activity detected & all external connectivity turned off Llyod's of London Cyber Attack
Virginia Mason Franciscan Health VMFH, parent company, CommonSpirit targetted in a cyber-attack Anonymous Facilities impacted nationwide, healthcare appointments rescheduled & some health records taken offline VMFH Parent Co Attacked
Fast Company Fast Company shuts website after racist and obscene comments appeared on its stories & Apple News notification.  Allegedly a hacker name "Thrax" on Breached hacking forum Shutdown of Fast Company Attack
Costa Group One of Australia's largest horticulture cos experiences a malicious IT phishing attack.  Unknown  10% of data on one server (which holds data for their berry category) compromised Costa Group Phishing Attack
U.S. Airport websites Pro-Russian hackers target more than a dozen U.S. Airport websites  Killnet pro-Russian hacking group Parts of websites become inaccessible; no operational disruptions Attack on major U.S. airport sites
Medibank All Medibank customers' personal data compromised after cyber-attack  Unknown 200 GB of files & personal and medicare data of 3.9 million customers compromised Medibank
COVID-19 beneficiaries COVID-19 themed phishing emails abuse Google Forms to steal personal data.   Unknown  Uncertain  COVID-19 themed phishing scam
The NHS UK's NHS confirms that client data was exfiltrated in August cyber incident LockBit 3.0  Hackers obtained data of 16 customers NHS Attack Updates
Bulgaria Govt Institutions Govt institutions hit by DDoS attack Allegedly Russian threat actors Website of the presidency & numerous
ministries hit
Australian Taxation Office 3 million cyber-attacks attempted on Australian Taxation Office in a month Uncertain Uncertain  ATO Cyber-Attacks
METRO Wholesale giant METRO experiences service outages after being hit by a cyber-attack.  Unknown IT Infrastructure outage METRO
Australian Clinical Labs Pathology company Australian Clinical Labs reveals it was hit by cyber attack eight months ago Unknown Hackers accessed data of 223,000 patients & staff & posted some of it on the web.  ACL Cyber-Attack
New York Post New York Post hacked with offensive headlines targeting U.S. politicians

Allegedly an internal employee Offensive headlines & tweets posted through the Twitter account & website.  New York Post hack
Aurubis Largest copper producer in the EU suffers a cyber-attack  Unknown Aurubis to shut down IT systems to prevent the attack's spread. Victim now maintaining  operations manually.  Aurubis Cyber Attack

Slovak Parliament Senate, upper house of the Polish parliament

Slovak Parliament suspends voting due to a suspected cyberattack. Unknown Voting disrupted.  Slovak Parliament Attack
Airtel Uganda Airtel Mobile Commerce Uganda Limited struck by a cyber-attack; apparently billions stolen  Unknown Allegedly billions stolen.  Airtel Uganda Attack


New call-to-action

Data Breaches in October 2022

Summary Threat Actor(s) Business Impact Reference Link
Shangri-La Hotels in Asia Database containing personal data of customers at 8 properties in Asia hacked.  Unknown Databases containing guests' contact information such as email addresses, phone numbers, postal addresses, Shangri-La Circle membership numbers, reservation dates and company names compromised. Shangri-La Data Breach
City Of Tucson City of Tucson discloses data breach affecting over 125,000 people Unknown  Threat actors obtained access to the network and stole essential documents containing the personal information of approx. 125,000 people Tucson Data Breach
Telstra  Intrusion of a third-party organisation exposed employee data dating back to 2017.  Unknown  Employee data dating back to 2017 affected. Telstra Third-Party Breach
VisionWeb VisionWeb data breach impacts the confidential information of 35,900 individuals. Unknown  Unauthorised party gained access to consumers’ names, Social Security numbers, government-issued identification numbers, medical information and health insurance information. VisionWeb Data Breach
Los Angeles Unified School District Los Angeles Unified School District suffers ransomware attack; student data leaked.  Vice Society Student Data Leaked LA School Data Leaked
Russian Retail Chain DNS Russian Retail Chain, Digital Network System (DNS) suffers data breach.  NLB Team Full names, usernames, email addresses, and phone numbers of DNS 16 million customers and employees leaked online. DNS Data Breach
Konnech Konnech CEO arrested for storing data on Chinese servers.  Not applicable  Konnech allegedly violated its contract by storing critical information that the workers provided on servers in China. Konnech Data Breach
Optus Sydney-based teenager arrested for an Optus data breach-based SMS scam. Sydney Resident 19-year old arrested.  Optus data breach-based SMS scam

Former Uber CISO, Joe Sullivan, convicted for covering up  a 2016 data breach in which personal information of 57 million Uber users was stolen.

Read more about this major cybersecurity moment here:

 Uber CISO Convicted

Brandon Glover, a 26-year-old Florida resident & Vasile Mereacre, a 23-year-old Canadian national Former CISO convicted in a first-of-its kind moment in modern cybersecurity history.  Uber CISO Convicted
Binance Bridge Hackers steal 2 million Binance Coins (BNB) from Binance Bridge.  Unknown $566 million stolen Binance Bridge Breached
Eventus WholeHealth Eventus WholeHealth discloses data breach involving protected health information.  Unknown Unauthorised individual gains access to an Eventus WholeHealth employee’s email account containing sensitive consumer information. Eventus Data Breach
2K Hackers compromise support system of American video game publisher 2K & send support tickets to gamers containing RedLine password-stealing malware. Unknown Uncertain 2K support system hack
Meta Meta sues several Chinese companies  HeyMods, Highlight Mobi, and HeyWhatsApp for developing and allegedly using "unofficial" WhatsApp Android apps to steal over one million WhatsApp accounts starting May 2022. Companies operating under the names HeyMods, Highlight Mobi, and HeyWhatsApp  Over 1 million WhatsApp Accounts Stolen WhatsApp Accounts Stolen
2K Games 2K confirms customer data stolen & up for sale online from September breach.  Unknown Uncertain 2K Games Data Breach
GEE Group GEE Group confirms consumer data leaked in recent security incident.  Unknown Uncertain GEE Group Data Breach
Intel Intel confirms leaked Alder Lake BIOS Source Code is authentic Unknown Hackers stole and leaked the source code of UEFI BIOS of Alder Lake CPUs as the leaked information contains 5.97 GB of files, source code, private keys, change logs, and compilation tools. Alder Lake leaked source code
The Scoular Company The Scoular Company files notice of a data breach with the Montana Uncertain

 Unauthorized party gained access to consumers’ names, dates of birth, Social Security numbers, driver’s license numbers, passport numbers, other government ID numbers, credit card numbers, financial account numbers.

Scoular Company Data Breach


Singtel confirms 2020 data breach after Optus attack Unknown  Personal information of 129,000 customers and 23 businesses exposed in the breach  including National Registration Identity care information, name, date of birth, mobile numbers and addresses. Singtel Data Breach

Celsius customer emails  leaked by an employee at one of the company’s vendors “”.  Celsius reveals thousands of users' transaction histories in Court Filing. 

Unknown  Celsius users could be exposed to a wave of phishing attacks.  Celsius Data Breach
Optus Fresh investigation into Optus over its handling of the cyber-attack.  Anonymous Hacker Optus could be fined millions of dollars for its data breach Optus Data Breach
Toyota Toyota  Accidentally Exposes A Secret Key Publicly On GitHub; leads to data breach Not applicable  E-mail addresses and customer management numbers of some customers who subscribe to "T-Connect" were leaked.  Toyota Data Breach
FamilySearch Genealogy site, FamilySearch, operated by The Church of Jesus Christ of Latter-day Saints, revealed that it experienced a data breach. Unknown  Personal details of thousands of users compromised. FamilySearch data breach. 
The Church of Jesus Christ of Latter-day Saints Mormon Church attacked and data stolen by 'state-sponsored' cyber-thieves Anonymous 'state-sponsored' cyber criminals  Username, membership record number, full name, gender, email address(es), birthdate, mailing address, phone numbers of members. Mormon Church Data Breach
Snap Breach at document co, Elevate, leaves Snap employee data compromised.  Unknown  Personal information of some of Snap’s current and former team members. Snap Data Breach
Shein Shein owner fined $1.9M for failing to notify 39M users of data breach. Unknown $1.9 million fine  Shein Data Breach

Australian Federal Police

Identities of Australian secret agents, details of 35 Australian Federal Police operations, some ongoing, as well as surveillance reports from undercover agents, phone taps and payroll records for Colombian law enforcement officers compromised after hackers leak documents from Colombian Government. Guacamaya group Identities of secret agents exposed.  AFP data breach


Woolworths Group's MyDeal hit by breach exposing data of 2.2 million customers.

Unknown  Data of 2.2 million customers exposed.  MyDeal Data Breach
Vinomofo Data of 500,000 customers affected as Vinomofo breached. Unknown  Unknown  Vinomofo Data Breach
Verizon Verizon confirms data breach.  Unknown 

Names, telephone numbers, billing addresses, price plans, and other service-related information on compromised accounts.

Verizon Data Breach
iDealwine Fine wine retailer iDealwine suffers a data breach.  Unknown Customers’ name, postal address, telephone number and email address may have been disclosed to attackers. iDealwine Data Breach
Microsoft Misconfigured Microsoft Server causes sensitive customer information to be exposed.  Unknown

The exposed information includes names, email addresses, email content, company name, and phone numbers, as well as files linked to business between affected customers and Microsoft or an authorised Microsoft partner. 

Microsoft Blue Breed Data Breach
Advocate Aura Health Advocate Aura Health suffers data breach due to improper use of Meta Pixel.  Unknown  3 million patients' data compromised.  Advocate Aura Health Data Breach


EnergyAustralia added to the list of Australian cos to get hacked in October, 2022.  Unknown  Data of 323 residential & small business customers compromised.  EnergyAustralia Cyber-Attack
See Tickets Ticketing service provider discloses a data breach that lasted 2.5 years.  Unknown  Customer data possibly including Full names, Physical address, ZIP code, Payment card number, Card expiration date, CVV number. See Tickets Data Breach
Twilio confirms a new data breach stemming from a June 2022 security incident with the same attackers. 0ktapus

209 customers out of approximately 75 million total users had accounts that were impacted by the incident.

Twilio Data Breach
South Australian Liberal Party

South Australian Liberal Party members impacted by unauthorised access to personal information. 


Personal information of about 2,000 members accessed by threat actors. 

SA Liberal Party Attack


New call-to-action

Ransomware Attacks in October 2022

Summary Threat Actor(s) Business Impact Reference Link

Hartnell College

College shuts down internal servers after noticing suspicious activity which later turns out to be a ransomware attack. 


Internal servers down

Hartnell College Ransomware Attack 


Italian luxury sports car manufacturer Ferrari confirms the availability of internal documents online, but denies ransomware attack. 

RansomEXX Ransomware gang posts 7 GB data on leak site claiming it's stolen from Ferrari. Information allegedly includes contracts, invoices, internal company information, repair manuals and more. Ferrai Ransomware Attack
CommonSpirit CommonSpirit US nonprofit health system discloses security incident. Unknown Some IT systems down due to the attack; appoints disrupted.  CommonSpirit Attack
Pinnacle Midlands Health Network Malicious actors accessed a third-party IT server that Pinnacle Midlands Health Network (Pinnacle) uses.  Unknown Health information ranging from approximately 2016 to 2022 and some of Pinnacle’s corporate information compromised. Services affected at various centres.  Pinnacle Attack
ADATA ADATA denies RansomHouse cyberattack; says leaked data from 2021 breach. Allegedly RansomHouse RansomHouse gang added ADATA files to their data leak site claiming they stole 1TB worth of documents from the company.The threat actors also leaked samples of allegedly stolen files, which appear to belong to the company. ADATA Ransomware Attack

Mars Area School District

Mars Area School District continues investigation into a recent cyber-attack.  Allegedly Vice Society Unspecified data stolen  Mars Area School District Attack

Pate’s Grammar School 
Marist College Ashgrove

Vice Society, apparently, continues its extortion of schools and educational institutions.  Allegedly Vice Society Uncertain  Vice Society Attacks Schools
Tata Power Hive Ransomware gang starts posting data stolen from Tata Power online.  Hive Ransomware The data supposedly contains information like client contracts, agreement documents, as well as other sensitive information such as emails, addresses, phone numbers, passport numbers, taxpayer data, among others. Tata Power Ransomware Attack 
Stimme Mediengruppe

Ransomware attack halts circulation of some German newspapers.


Attack impacted the entire Stimme Mediengruppe media group, which includes the companies ‘Pressedruck’, ‘Echo’, and ‘RegioMail. 

German Newspaper Group Attack 
Whitworth Whitworth University confirms it was victim of ransomware attack; warns thousands of students, staff of data breach LockBit  Personal information of student, alumni, employees and donors was allegedly compromised.  Whitworth Attack 
MultiCare Sensitive employee information impacted in an attack on a Washington state healthcare organisation.  Unknown 

Names, addresses and Social Security numbers for a number of current and former MultiCare employees were included in the data compromised. 

MultiCare Attack
Ukrainian Government Agencies Cuba ransomware targets Ukrainian govt agencies. Cuba Ransomware Uncertain.  Ukrainian Govt Attacked 


Ransomware attacks are becoming more complex and dangerous with every passing month. That's why our experts at Cyber Management Alliance have created these FREE downloadable resources for ransomware mitigation and response. 

  1. Ransomware Mitigation Checklist
  2. Ransomware Response Checklist
  3. Ransomware Response Workflow Guide  

New call-to-action

New Ransomware/Malware Discovered in October 2022

New Ransomware/Malware Reference Link
RedKrypt Ransomware; Extension: .p.redkrypt; Ransom note: RedKrypt-Notes-README.txt

Stop/Djvu Ransomware (v0574); Extension: .tohj; Ransom note: _readme.txt

Stop/Djvu Ransomware (v0570); Extension: .adlg; Ransom note: _readme.txt

Magniber  Magniber ransomware now infects Windows users via JavaScript files
New "Prestige" ransomware  New “Prestige” ransomware impacts organizations in Ukraine and Poland
Venus Ransomware  Venus Ransomware targets publicly exposed Remote Desktop services
Two variants of same ransomware created using leaked LockBit 3.0 Builder TommyLeaks and SchoolBoys are two sides of the same ransomware gang


Vulnerabilities/Patches Discovered in October 2022

Flaws Summary Reference Link
CVE-2022-41352 Hackers are actively exploiting an unpatched remote code execution (RCE) vulnerability in Zimbra Collaboration Suite (ZCS). RCE Bug
CVE-2022-40684 Fortinet warns admins to patch critical auth bypass bug immediately. Fortinet Bug
CVE-2021-22048 vCenter Server 8.0 still awaiting a patch to address a high-severity vulnerability disclosed in November 2021. VMware vCenter Server bug
Windows 11 22H2 KB5018427

Windows 11 KB5018427 update released with 30 bug fixes, improvements.

Windows 11 KB518427 update

39 Elevation of Privilege Vulnerabilities

2 Security Feature Bypass Vulnerabilities

20 Remote Code Execution Vulnerabilities

11 Information Disclosure Vulnerabilities

8 Denial of Service Vulnerabilities

4 Spoofing Vulnerabilities

Microsoft October 2022 Patch Tuesday fixes zero-day used in attacks, 84 flaws. Zero-day vulnerability patches
CVE-2022-37913  CVE-2022-37914 CVE-2022-37915 Aruba fixes critical RCE and flaws in EdgeConnect Aruba Patches
CVE-2022-41352 900 servers hacked using Zimbra zero-day flaw Zimbra Zero-Day Flaws
Windows TLS handshake failures Microsoft fixes Windows TLS handshake failures in out-of-band updates Windows TLS handshake update
Zero-day flaw in  Windows Mark of the Web Free unofficial patch launched for Windows Mark of the Web Zero-Day flaw Windows Mark of the Web patch
CVE-2022-22954 Critical vulnerability in VMware Workspace One Access exploited to drop ransomware VMWare vulnerability 
Issue blocking Windows 11 22H2 upgrades. 

Microsoft fixes printing issue blocking Windows 11 22H2 upgrades.  Windows 11 22H2 known issues
CVE-2022-42827 Apple fixes new zero-day used in attacks against iPhones, iPads Apple Patch
CVE-2021-39144 VMware fixes critical Cloud Foundation remote code execution bug VMWare Patch
CVE-2020-3433, CVE-2020-3153

Cisco warns admins to patch AnyConnect flaws exploited in attacks.

AnyConnect flaws

KB5018482 Preview cumulative update for Windows 10 20H2, Windows 10 21H1, and Windows 10 21H2

Windows 10 KB5018482 update released with nineteen improvements

Windows 10 KB5018482 update
Windows kernel vulnerable driver blocklist Microsoft fixes Windows vulnerable driver blocklist sync issue Windows vulnerable driver fix
CVE-2022-3723 Google fixes seventh Chrome zero-day exploited in attacks this year Chrome Update


 New call-to-action

Warnings/Advisories/Reports/Malware Detection 

Summary Link
CISA adds critical flaw impacting Atlassian's Bitbucket Server and Data Center to the Known Exploited Vulnerabilities (KEV) catalogue. Atlassian's Bitbucket flaw

US ports and terminals suffer increased cyber-attacks. 

US-based ports & terminals cyber-attacks
Azerbaijan successfully prevents cyber-attacks during Patriotic War,  Azerbaijan Attacks 
Android spyware 'RatMilad' targets mobile devices in the Middle East to record audio &  and steal data.  New Android Malware Ratmilad
The FBI warns of "Pig-Butchering" crypto scams.  Pig-Butchering scam
FBI & CISA say cyber-attacks targetting election systems unlikely to affect results or disrupt voting.  Cyber-attacks on US Election Systems
Killnet posts list of target American government sites for cyber-attacks.  Killnet America Target List
Meta to notify 1 million Facebook users about potentially compromised account credentials.  Facebook Data Breach
Report unravels Emotet's Delivery and Evasion Techniques Used in Recent Attacks.  Emotet malware techniques
Windows systems can now automatically block admin brute force attacks.  Windows admin brute-force attacks
Android leaks traffic despite "always-on" VPN.  Android Traffic Leak
Hacking group POLONIUM uses ‘Creepy’ malware against Israel.  Polonium Malware
Phishing-as-a-service platform "Caffeine" makes i easy for anyone to launch an attack. 
Caffeine Phishing Platform
IcedID malware hackers tinker with different delivery techniques.  IcedID Malware Delivery Tactics
5,000 phishing emails sent from Singapore Case officers' mailboxes.  Singapore Phishing emails
Signal to remove SMS support on Android App to prioritise privacy and security.  Signal SMS Support
Npm timing attack: Private packages names revealed enabling threat actors to release malicious clones publicly to trick developers into using them instead. Npm Timing Attack
Wynncraft, one of the largest Minecraft servers, hit by a 2.5 Tbps DDoS attack. Minecraft server DDoS attack
New attack and C2 framework, 'Alchimist,' targets Windows, Linux, and macOS systems. Alchimist Attack Framework
Russia's Federal Financial Monitoring Service labels Meta, owner of Facebook, Instagram, and WhatsApp, as a terrorist and extremist organisation. Russia labels Meta an extremist organisation
New zero-day bug apparently abused to hack Microsoft Exchange servers to launch Lockbit ransomware attacks. Microsoft Exchange Servers hacked
Microsoft enables security update notifications through RSS Feed.  Microsoft Security Update Notifications
Urgent warning to Australians against Optus-breach related scams.  Aussies warned against Optus-related scams
41% consumers in India had data stolen by cybercriminals: ISACA Study 41% Indians suffered data breach
Ducktail phishing campaign targets Facebook accounts through PHP information-stealing  malware.  Facebook Ducktail Phishing Campaign
Dutch National Police trick the DeadBolt ransomware gang into handing over 155 decryption keys by faking ransom payments. Dutch Police tricks DeadBolt 
Former University of Puerto Rico (UPR) student sentenced to 13 months in prison for hacking over a dozen email and Snapchat accounts of female colleagues. Puerto Rico cyberstalking case
WithSecure discovers that weak block cipher mode of operation in Microsoft 365 may expose message content.  Microsoft 365 message content exposure
Intricate details of Israel Defence Forces' (IDF) first-ever cyber-attack revealed by Israeli officer.  IDF's first-ever cyber-attack
Japan's Law Enforcement & Financial Regulator issue warning to crypto firms against North Korean crime syndicate Lazarus Group. Japan's crypto firms warned against Lazarus
A new UEFI bootkit named BlackLotus is being sold on hacking forums by malicious actors. New UEFI bootkit BlackLotus
Authorities in Europe arrest members of car theft ring hacking keyless cars.  Keyless car hacking
Germany's criminal police raids homes of 3 individuals suspected of running phishing campaigns in which they stole  €4,000,000 from internet users.  Germany phishing attacks
Research reveals 633% increase in cyber-attacks against Open Source Software Repositories.  Open Source Software Repository Attacks
Hackers threaten to release health data of 1,000 famous Australians.  Aussie health data breach 
Security concerns of TikTok users continue. TikTok security concerns
New world under "relentless" cyber-attacks after MediBank breach says Aussie Minister.  MediBank cyber-attack aftermath
The Australian Bureau of Statistics  reveals that it has fended off close to a billion cyber-attacks against the census. Australia fended against a billion cyber-attacks 
Scammers targeting those trying to enroll in the Federal Student Aid program to steal their personal information, payment details, and money: FBI Student Loan Debt Relief
Applicants scam
Almost half of Irish SMEs have been hit by multiple cyber-attacks in the last three years, finds new study.  Irish SMEs attacked
CISA warns of Daixin Team hackers targetting healthcare institutions Daixin Hackers
Australian companies to face fines of $50 million for data breaches.  Aussie Cos fines

Interserve fined £4.4 million for failing to take adequate measures to prevent cyber-attacks. 

Interserve fined
New study shows 50% of staff likely to quit after cyber-attack.  Cyber-attack impact on staff
Researchers find thousands of GitHub repositories offering fake proof-of-concept (PoC) exploits for various vulnerabilities, some of them including malware. Fake PoC exploits on GitHub
New campaign pushes Google Chrome extensions that hijack searches and insert affiliate links into webpages.  Google Chrome malvertizing campaign 
Dutch Police arrest 19-year old suspected of breaching healthcare software vendor and stealing thousands of documents potentially containing sensitive personal and medical patient information.  19-year old hacker arrested in Netherlands 
Microsoft warns of new issue that can lead to data loss when resetting virtual disks using the Server Manager management console. Microsoft server manager disk reset issue 
New version of Fodcha DDoS botnet features ransom demands injected into packets and new features to evade detection. New Fodcha DDoS variant
German Police arrest a 22-year-old student in Bavaria suspected of being the administrator of 'Deutschland im Deep Web' (DiDW), one of the largest darknet markets in Germany.  Student arrested for running darknet market
Microsoft OneDrive and OneDrive for Business crashes on Windows 10 systems for which customers have installed updates released earlier in the month. Microsoft OneDrive crashes 
ConnectWise releases security updates to patch critical vulnerability in the ConnectWise Recover and R1Soft Server Backup Manager (SBM) secure backup solutions. ConnectWise RCE bug


Get Email Updates on our Latest News

Simply enter you details in the form below to subscribe:

  • Or call us on:
  • +44 (0) 203 189 1422