Security "Bits"

Here are the top security stories from recent weeks: 

• Twitch Leak Exposes Personal Data
• Cox Media Group Confirms Ransomware Attack
• Xgroup Attackers Offer to Hack EU Hospitals in COVID-19 Vaccine Scam
• New Python Ransomware Targets VMware ESXi Servers, Encrypts Data in Under Three Hours
• The Telegraph Exposes 10 TB Database of Subscriber Info

While enterprise security teams have had their hands full battling an increasing number of more sophisticated ransomware attacks, phishing attacks are on the rise with the easing of pandemic-related restrictions.

In fact, just this past week Microsoft warned of a widespread credential phishing campaign that leverages open redirector links in email communications as a vector to trick users into visiting malicious websites while effectively bypassing security software.

Here are the top security stories from recent weeks: 

• Kaseya Patches Zero-Day Vulnerabilities Used in Supply Chain Ransomware Attack
• Attackers Use Kaseya Ransomware Attack to Spread Cobalt Strike Backdoor in Fake Security Updates
• Morgan Stanley Reports Data Breach After Vendor Affected by Accellion Hack
• U.S. Insurance Company CNA Notifies Customers of Data Breach After Ransomware Attack
• U.S. Fashion Retailer Guess Notifies Customers of Data Breach After Ransomware Attack

Here are the top security stories from recent weeks: 

• Mercedes-Benz Discloses Breach Exposing Customer Information
• Supermarket Chain Wegmans Exposes Customer Data Due to Misconfigured Cloud Databases
• City of Tulsa Suffers Ransomware Attack, Warns Residents of Personal Data Exposure
• Software Tool Vendor Atlassian Patches One-Click Account Takeover Vulnerabilities
• Nobelium Threat Actors Accessed Microsoft Customer Support Computers