https://www.darkreading.com/risk/cybercriminals-swap-phishing-for-credential-abuse-vuln-exploits/d/d-id/1337019 https://www.businessinsider.com/phishing-scams-getting-more-sophisticated-what-to-look-out-for-2020-2#hackers-will-start-by-targeting-low-level-employees-then-moving-laterally-to-compromise-executives-accounts-1 https://krebsonsecurity.com/2020/02/hackers-were-inside-citrix-for-five-months/ https://www.clearskysec.com/wp-content/uploads/2020/02/ClearSky-Fox-Kitten-Campaign.pdf

https://www.bankinfosecurity.com/judge-rules-insurer-must-pay-for-ransomware-damage-a-13673 https://www.zdnet.com/google-amp/article/new-york-state-wants-to-ban-government-agencies-from-paying-ransomware-demands/ https://www.bankinfosecurity.com/nist-drafts-guidelines-for-coping-ransomware-a-13679 https://arstechnica.com/information-technology/2020/01/dozens-of-companies-have-data-dumped-online-by-ransomware-ring-seeking-leverage/ https://www.bankinfosecurity.com/d...

https://www.securityweek.com/attacker-installs-backdoor-blocks-others-exploiting-citrix-adc-vulnerability https://www.securityweek.com/court-approves-equifax-data-breach-settlement https://www.infosecurity-magazine.com/news/equifax-breach-settlement-could/ https://www.natlawreview.com/article/ico-issues-fine-against-national-retailer-security-failings

https://www.irishtimes.com/news/crime-and-law/courts/high-court/firm-being-blackmailed-by-hackers-for-6m-obtains-irish-court-injunction-1.4128069 https://inews.co.uk/inews-lifestyle/travel/travelex-hack-cyber-attack-ransomware-sodinokibi-travel-money-uk-firm-data-breach-explained-1358454 https://securityaffairs.co/wordpress/96046/hacking/microsoft-rdp-brute-force-study.html https://www.zdnet.com/article/company-shuts-down-because-of-ransomware-leaves-300-without-jobs-just-before-...

https://www.wwltv.com/article/news/crime/city-government-in-recovery-mode-after-cyberattack/289-514a376e-16de-4b43-9756-a30baefe4c28 https://arstechnica.com/information-technology/2019/11/hackers-paradise-louisianas-ransomware-disaster-far-from-over/ https://www.csoonline.com/article/3488816/how-a-nuclear-plant-got-hacked.html

https://www.bleepingcomputer.com/news/security/allied-universal-breached-by-maze-ransomware-stolen-data-leaked/ https://www.csoonline.com/article/3454443/how-a-bank-got-hacked-a-study-in-how-not-to-secure-your-networks.html

https://arstechnica.com/information-technology/2019/11/breach-affecting-1-million-was-caught-only-after-hacker-maxed-out-targets-storage/ https://www.csoonline.com/article/3452747/what-you-need-to-know-about-the-new-owasp-api-security-top-10-list.html https://www.securityweek.com/pci-dss-compliance-between-audits-declining-verizon https://krebsonsecurity.com/2019/11/study-ransomware-data-breaches-at-hospitals-tied-to-uptick-in-fatal-heart-attacks/

https://securityaffairs.co/wordpress/92484/data-breach/imperva-data-breach-2.html https://arstechnica.com/information-technology/2019/10/the-count-of-managed-service-providers-getting-hit-with-ransomware-mounts/ https://www.zdnet.com/article/city-of-johannesburg-held-for-ransom-by-hacker-gang/

https://www.csoonline.com/article/3441220/marriott-data-breach-faq-how-did-it-happen-and-what-was-the-impact.html

https://krebsonsecurity.com/2019/08/what-we-can-learn-from-the-capital-one-hack/

Get well soon, Mr. Kalat!

https://www.theregister.co.uk/2019/03/20/steffan_needham_aws_rampage_prison_sentence_voova/ https://www.zdnet.com/google-amp/article/study-shows-programmers-will-take-the-easy-way-out-and-not-implement-proper-password-security/ https://arstechnica.com/information-technology/2019/03/50-shades-of-greyhat-a-study-in-how-not-to-handle-security-disclosures/ https://matrix.org/blog/2019/04/11/security-incident/index.html

https://www.zdnet.com/article/hackers-wipe-us-servers-of-email-provider-vfemail/ https://www.securityweek.com/russian-state-sponsored-hackers-are-fastest-crowdstrike https://www.zdnet.com/article/icann-there-is-an-ongoing-and-significant-risk-to-dns-infrastructure/ https://www.infosecurity-magazine.com/news/password-managers-no-more-secure-1/ https://www.zdnet.com/article/microsoft-do-these-things-now-to-protect-your-network/

https://www.securityweek.com/hackers-using-rdp-are-increasingly-using-network-tunneling-bypass-protections https://www.zdnet.com/article/trojan-malware-is-back-and-its-the-biggest-hacking-threat-to-your-business/ https://www.csoonline.com/article/3336923/security/phishing-has-become-the-root-of-most-cyber-evil.html https://www.darkreading.com/attacks-breaches/ransomware-attack-via-msp-locks-customers-out-of-systems/d/d-id/1333825 https://www.dlapiper.com/~/media/files/insights/publication...

https://www.zdnet.com/article/popular-wordpress-plugin-hacked-by-angry-former-employee/ https://www.zdnet.com/article/notpetya-an-act-of-war-cyber-insurance-firm-taken-to-task-for-refusing-to-pay-out/ https://www.zdnet.com/article/employees-sacked-ceo-fined-in-singhealth-security-breach/ -...

https://lifehacker.com/why-smart-people-make-stupid-mistakes-1831503216 https://www.chicagotribune.com/business/ct-biz-tribune-publishing-malware-20181230-story,amp.html https://www.securityweek.com/was-north-korea-wrongly-accused-ransomware-attacks https://www.healthcareitnews.com/news/staff-lapses-and-it-system-vulnerabilities-are-key-reasons-behind-singhealth-cyberattack https://www.nextgov.com/cybersecurity/2019/01/hhs-releases-voluntary-cybersecurity-practices-health-industry/153835/...

https://arstechnica.com/information-technology/2018/11/hacker-backdoors-widely-used-open-source-software-to-steal-bitcoin/ https://krebsonsecurity.com/2018/11/marriott-data-on-500-million-guests-stolen-in-4-year-breach/ https://krebsonsecurity.com/2018/12/what-the-marriott-breach-says-about-security/

https://www.dutchnews.nl/news/2018/11/internet-con-men-ripped-off-pathe-nl-for-e19m-in-sophisticated-fraud/ https://lifehacker.com/how-password-constraints-give-you-a-false-sense-of-secu-1830564360 https://www.csoonline.com/article/3319704/data-protection/the-end-of-security-as-we-know-it.html https://www.careersinfosecurity.com/breach-settlement-has-unusual-penalty-a-11669 https://motherboard.vice.com/en_us/article/bje8na/massive-data-leaks-keep-happening-because-big-companies-can-afford...

https://www.zdnet.com/article/this-is-how-artificial-intelligence-will-become-weaponized-in-future-cyberattacks/ https://www.securityinfowatch.com/article/12434583/everyone-needs-to-take-responsibility-for-cybersecurity-in-the-workplace https://www.zdnet.com/article/adobe-coldfusion-servers-under-attack-from-apt-group/ https://www.securityweek.com/troubled-waters-how-new-wave-cyber-attacks-targeting-maritime-trade https://securityaffairs.co/wordpress/77676/malware/industrial-facil...

https://www.zdnet.com/article/equifax-engineer-who-designed-breach-portal-gets-8-months-of-house-arrest-for-insider-trading/ https://www.csoonline.com/article/3314557/security/ransomware-attack-hits-north-carolina-water-utility-following-hurricane.html https://www.securityweek.com/insurer-anthem-will-pay-record-16m-massive-data-breach https://blog.sucuri.net/2018/10/malicious-redirects-from-newsharecounts-com-tweet-counter.html https://www.thinkadvisor.com/2018/09/26/sec-hits-voya...

https://www.tripwire.com/state-of-security/security-data-protection/bec-as-a-service-offers-hacked-business-accounts-for-as-little-as-150/ https://www.bleepingcomputer.com/news/security/ic3-issues-alert-regarding-remote-desktop-protocol-rdp-attacks/ https://krebsonsecurity.com/2018/10/supply-chain-security-is-the-whole-enchilada-but-whos-willing-to-pay-for-it/ https://www.youtube.com/watch?v=lwHW_W1KbK4&feature=youtu.be

https://motherboard.vice.com/en_us/article/pa8emg/russian-indicted-jp-morgan-chase-hack https://www.zdnet.com/article/us-government-releases-post-mortem-report-on-equifax-hack/ https://www.zdnet.com/article/phishing-alert-north-korean-hacking-attacks-shows-your-email-is-still-the-weakest-link/ https://www.verizon.com/about/news/lifting-lid-cybercrime

https://www.zdnet.com/article/this-destructive-ransomware-has-made-crooks-6m-by-encrypting-data-and-backups/ https://www.bleepingcomputer.com/news/security/reddit-announces-security-breach-after-hackers-bypassed-staffs-2fa/ https://www.databreachtoday.com/art-steal-fin7s-highly-effective-phishing-a-11286 https://www.wired.com/story/notpetya-cyberattack-ukraine-russia-code-crashed-the-world/

https://www.straitstimes.com/singapore/personal-info-of-15m-singhealth-patients-including-pm-lee-stolen-in-singapores-most https://www.bankinfosecurity.com/labcorp-still-recovering-from-ransomware-attack-a-11235 https://www.securityweek.com/cyber-axis-evil-rewriting-cyber-kill-chain https://arstechnica.com/information-technology/2018/07/prolific-hacking-group-steals-almost-1-million-from-russian-bank/#p3 https://www.bleepingcomputer.com/news/government/us-charges-12-russian-intell...

https://www.csoonline.com/article/3285982/data-protection/4-reasons-why-cisos-must-think-like-developers-to-build-cybersecurity-platforms.html https://www.csoonline.com/article/3287655/phishing/stop-training-your-employees-to-fall-for-phishing-attacks.html https://www.bankinfosecurity.com/cryptojacking-displaces-ransomware-as-top-malware-threat-a-11165 https://wiki.gentoo.org/wiki/Project:Infrastructure/Incident_Reports/2018-06-28_Github