Cyber Security Update August 2022

August 2022

Cyber Security Update

Cyber Security Update August 2022

SoftwareONE believes there is a need for additional information when it comes to cybersecurity, as organizations have made it clear that investment in a proper security strategy is paramount. SoftwareONE’s monthly Cyber Security Update provides information on the most recent threats, the latest breaches and how to react to them in order to stay on top of malware and ransomware threats.

Latest Security Breaches

Leading Russian site START has been hit with a data breach potentially impacting 44 million customers in more than 174 countries. The company has reassured customers that payment information was not among the stolen data.

Business management consultancy Axel revealed that a data breach affecting the company’s computer network led to attackers gaining access to driving license numbers, payment card information and Social Security numbers.

Signal, an instant messaging app, has confirmed that a data breach at its verification partner, Twilio, has exposed the phone numbers and SMS codes of approximately 1,900 of its users.

Neurology practice Goodman Campbell Brain and Spine has notified 362,833 individuals regarding a data breach in May, which led to patients’ protected health information (PHI) being available on the dark web for 10 days.

Cybersecurity Awareness

Security firm Flashpoint’s recent report found that almost 2,000 data breaches were reported in the first half of 2022 – around 15% fewer than the same period in 2021.

IBM’s most recent Cost of a Data Breach Report has shown that organizations with fully deployed security-focussed AI, as well as automation, save on average $3.05 million a year compared to companies that don’t employ these methods.

Indian banks reported just under 250 successful data breaches between June 2018 and March 2022, with most breaches pertaining to card detail leakage.

The average cost of a data breach has hit a record high of $4.35 million compared to $4.24 million in 2021, according to IBM, with the average cost of a healthcare organizations breach reaching highs of $10.1 million.

Another IBM study has shown that 95% of cybersecurity breaches happen due to human error, such as downloading disguised malware or poor password hygiene.

Cybersecurity Intelligence

The FBI and CISA have issued a joint Cybersecurity Advisory statement about Zeppelin ransomware – a variant of the Delphi-based Vega malware family. The agencies warn that Zeppelin is being run as a ransomware-as-a-service business.

The FBI’s Cyber Division has released a Private Industry Notification highlighting important details about proxies and configurations that cyber criminals are using to mask and automate credential stuffing attacks targeting US-based companies.

A new malware called Ducktail has been hijacking Meta Facebook Business and advertising platform accounts with a phishing campaign targeting LinkedIn accounts. The malware uses browser cookies from authenticated users to breach and take over accounts.

Hot Topic of the Month

Top Cybersecurity Tips to Survive Online

Being online in any capacity comes with risks. Cyber attackers are lurking in every corner of the internet, waiting for a victim to click on a phishing link or leave their devices without adequate security measures. And attackers just keep getting more sophisticated.

But there are lots of things you can do to protect yourself from bad actors online. Here are some top tips for staying safe online from TechNewsWorld:

  • Stop and think before scanning QR codes – While QR codes are a common and useful tool – think about how many restaurants use them to direct you to their menus these days – they can also be portals to take you to unsafe websites exposing you to malware. Always make sure a QR code is legitimate before you scan it.
  • Stay savvy with your emails – Email scams are a top vector for cyber attacks, preying on individuals who don’t have the security knowledge to know the difference between a good and a bad link. Some bad actors are now sending fake “unsubscribe” emails with links to cancel subscriptions or come off the email list. Don’t click these links unless they are at the bottom of an email from the legitimate business address.
  • Enable multi-factor authentication where possible – Social media, email and payment service websites are all big targets for cyber criminals, attempting to steal individuals’ information. Make sure you have multi-factor authentication enabled wherever possible so you get an alert when someone tries to log in.

Speak to Us about Your Security Needs

We help you find security solutions that work for your business and budget. Speak to one of our security specialists and protect your business and your employees.

Learn more
  • Cybersecurity, Security, Cyber Threat Bulletin, Cybersecurity User Awareness
  • Updates, News, Ransomware, Data Breaches

Comment on this article

Leave a comment to let us know what you think about this topic!

Leave a comment


Bala Sathunathan

Bala Sethunathan

Director, Security Practice & CISO


Related Articles

Cyber Security Update July2022
  • 16 August 2022
  • Bala Sethunathan
  • Cybersecurity, Cybersecurity User Awareness, Security, Cyber Threat Bulletin
  • Cyber Security, Cyber Threats

Cyber Security Update July 2022

Cyber attacks continue to escalate. Get a roundup of the latest security breaches and insights with SoftwareONE’s July 2022 Cyber Security Briefing.

Getting Started with a Cyber Security
  • 12 July 2022
  • Joe Morley
  • Managed Security, Cybersecurity User Awareness, cloud-security, Cybersecurity, Digital Transformation
  • Cyber Threats, Cyber Attack

Getting Started with a Cyber Security: Attack Types & The Attack Cycle

Charities and nonprofits hear about security a lot. Let’s take it back to basics. This first post outlines how attacks happen and the attack cycle.

Automation: Cybersecurity’s Friend and Enemy

Automation: Cybersecurity’s Friend and Enemy

Have you integrated automation into your security strategy? Keep reading as we take a closer look at the pros and cons of an automated cybersecurity defense.