Skip to main content
ProactiveIT Cyber Security Daily

ProactiveIT Cyber Security Daily

By Scott Gombar

ProactiveIT Cyber Security Daily - We share daily cybersecurity, tech and compliance risk news updates, Monday-Friday.
Available on
Apple Podcasts Logo
Google Podcasts Logo
Pocket Casts Logo
RadioPublic Logo
Spotify Logo
Currently playing episode

Episode 336 - Eight States Can’t Do Vehicle Inspections Due to Malware

ProactiveIT Cyber Security DailyApr 05, 2021

00:00
13:44
Episode 442 - Conti Wants to Destroy Your Backups

Episode 442 - Conti Wants to Destroy Your Backups

Good Morning and Welcome to the ProactiveIT Cyber Security Daily number 442 It is Thursday September 30th 2021. I am your host Scott Gombar and Conti Wants to Destroy Your Backups
CISA releases tool to help orgs fend off insider threat risks
Trucking giant Forward Air reports ransomware data breach
Apple AirTag Zero-Day Weaponizes Trackers
Conti Ransomware Expands Ability to Blow Up Backups
Data Breaches Reported by Horizon House and Samaritan Center of Puget Sound
PHI of 29,000 Patients Potentially Compromised in McAllen Surgical Specialty Center Ransomware Attack
Sep 30, 202118:58
Episode 441 - What Happens When Microsoft 365 MFA Doesn’t Work?

Episode 441 - What Happens When Microsoft 365 MFA Doesn’t Work?

Good Morning and Welcome to the ProactiveIT Cyber Security Daily number 441 It is Wednesday September 29th 2021. I am your host Scott Gombar and What Happens When Microsoft 365 MFA Doesn’t Work?
NSA, CISA share VPN security tips to defend against hackers
FinFisher malware hijacks Windows Boot Manager with UEFI bootkit
Twitter web client outage forces users to log out, blocks logins
Microsoft 365 MFA outage locks users out of their accounts
Class Action Lawsuits Filed Against San Diego Health Over Phishing Attack
Sep 29, 202114:13
Episode 440 - Massive Attack Takes Out Numerous VoIP Providers

Episode 440 - Massive Attack Takes Out Numerous VoIP Providers

Good Morning and Welcome to the ProactiveIT Cyber Security Daily number 440 It is Tuesday September 28th 2021. I am your host Scott Gombar and Massive Attack Takes Out Numerous VoIP Providers Microsoft: Nobelium uses custom malware to backdoor Windows domains Ethereum dev admits to helping North Korea evade crypto sanctions Bandwidth.com is latest victim of DDoS attacks against VoIP providers Fifth of Healthcare Providers Report Increase in Patient Mortality After a Ransomware Attack Data Breaches Reported by Vista Radiology, Indian Creek Foundation & Mankato Clinic Vice Society Ransomware Gang Attacks United Health Centers of San Joaquin Valley
Sep 28, 202114:43
Episode 439 - New Windows Flaw Exists in All Computers Shipped Since 2012

Episode 439 - New Windows Flaw Exists in All Computers Shipped Since 2012

Good Morning and Welcome to the ProactiveIT Cyber Security Daily number 439 It is Monday September 27th 2021. I am your host Scott Gombar and New Windows Flaw Exists in All Computers Shipped Since 2012 Exchange/Outlook Autodiscover Bug Spills $100K+ Email Passwords Urgent Chrome Update Released to Patch Actively Exploited Zero-Day Vulnerability VMware vCenter Server Vulnerability CVE-2021-22005 Under Active Exploit Windows 10 emergency update resolves KB5005565 app freezes, crashes Microsoft WPBT flaw lets hackers install rootkits on Windows devices Email Breaches Reported by Eastern Los Angeles Regional Center & Mercy Grace Private Practice K and B Surgical Center & Healthpointe Medical Group Notify Patients About Hacking Incidents
Sep 27, 202118:07
Episode 438 - Farm Co-ops Are Being Targeted, What’s the Impact?

Episode 438 - Farm Co-ops Are Being Targeted, What’s the Impact?

Good Morning and Welcome to the ProactiveIT Cyber Security Daily number 438 It is Friday September 24th 2021. I am your host Scott Gombar and Farm Co-ops Are Being Targeted, What’s the Impact? Cisco Releases Security Updates for Multiple Products Apple Releases Security Updates CISA Releases Guidance: IPv6 Considerations for TIC 3.0 Hacking group used ProxyLogon exploits to breach hotels worldwide Crystal Valley Farm Coop Hit with Ransomware Ransomware Attacks Reported by Family Medical Center of Michigan & Buddhist Tzu Chi Medical Foundation
Sep 24, 202113:54
Episode 437 - Conti is Escalating

Episode 437 - Conti is Escalating

Good Morning and Welcome to the ProactiveIT Cyber Security Daily number 437 It is Thursday September 23rd 2021. I am your host Scott Gombar and Conti is Escalating
How REvil May Have Ripped Off Its Own Affiliates
Microsoft Warns of a Wide-Scale Phishing-as-a-Service Operation
Hackers are scanning for VMware CVE-2021-22005 targets, patch now!
FBI, CISA, and NSA warn of escalating Conti ransomware attacks
U.S. Vision Subsidiary Reports Hacking Incident Affecting 180,000 Individuals
August 2021 Healthcare Data Breach Report
Sep 23, 202119:55
Episode 436 - Who Wants to Join the Elon Musk Club?

Episode 436 - Who Wants to Join the Elon Musk Club?

Good Morning and Welcome to the ProactiveIT Cyber Security Daily number 436 It is Monday September 20th 2021. I am your host Scott Gombar and Who Wants to Join the Elon Musk Club? Microsoft MSHTML Flaw Exploited by Ryuk Ransomware Gang AT&T Phone-Unlocking Malware Ring Costs Carrier $200M New Malware Targets Windows Subsystem for Linux to Evade Detection New "Elon Musk Club" crypto giveaway scam promoted via email Stolen Laptop Contained the PHI of Dignity Health Patients 1,738 Patients of Coalinga State Hospitals Notified About Improper Disclosure of PHI 36,500 Patients of Austin Cancer Centers Notified About PHI Exposure
Sep 20, 202117:12
Episode 435 - Just a Few Warnings to End the Week

Episode 435 - Just a Few Warnings to End the Week

Good Morning and Welcome to the ProactiveIT Cyber Security Daily number 435 It is Friday September 17th 2021. I am your host Scott Gombar and Just a Few Warnings to End the Week
REvil/Sodinokibi Ransomware Universal Decryptor Key Is Out
Third Critical Bug Affects Netgear Smart Switches — Details and PoC Released.
FBI-CISA-CGCYBER Advisory on APT Exploitation of ManageEngine ADSelfService Plus Vulnerability
New Windows security updates break network printing
Walgreens Covid-19 Test Registration System Has Been Exposing Patient Data
Sep 17, 202111:06
Episode 434 - Ransomware gang threatens to wipe decryption keys

Episode 434 - Ransomware gang threatens to wipe decryption keys

Good Morning and Welcome to the ProactiveIT Cyber Security Daily number 434 It is Thursday September 16th 2021. I am your host Scott Gombar and South Africa’s DOJ Hit with Ransomware, Ransomware gang threatens to wipe decryption keys, and Microsoft is going passwordless...
Attackers Impersonate DoT in Two-Day Phishing Scam
3 Former U.S. Intelligence Officers Admit to Hacking for UAE Company
Ransomware encrypts South Africa's entire Dept of Justice network
Ransomware gang threatens to wipe decryption key if negotiator hired
Microsoft rolls out passwordless login for all Microsoft accounts
HealthReach Community Health Centers Reports Improper Disposal Incident Affecting Almost 117,000 Patients
Desert Wells Family Medicine Ransomware Attack Causes Permanent Loss of EHR Data
Sep 16, 202115:15
Episode 433 - It’s the Sept 2021 Post Patch Tuesday Roundup

Episode 433 - It’s the Sept 2021 Post Patch Tuesday Roundup

Good Morning and Welcome to the ProactiveIT Cyber Security Daily number 433 It is Wednesday September 15th 2021. I am your host Scott Gombar and It’s the Sept 2021 Post Patch Tuesday Roundup
Google Chromebook bug causes black screens after login
BlackMatter ransomware hits medical technology giant Olympus
Microsoft September 2021 Patch Tuesday fixes 2 zero-days, 60 flaws
OCR Announces 20th Financial Penalty Under HIPAA Right of Access Enforcement Initiative
Jackson Health Investigating Nurse Social Media HIPAA Violation
Sep 15, 202112:27
Episode 432 - REvil is Back, Windows 0-Day exploits are being shared, and more..

Episode 432 - REvil is Back, Windows 0-Day exploits are being shared, and more..

Good Morning and Welcome to the ProactiveIT Cyber Security Daily number 432 It is Monday September 13th 2021. I am your host Scott Gombar and REvil is Back, Windows 0-Day exploits are being shared, and more..
WordPress Releases Security Update
WhatsApp to Finally Let Users Encrypt Their Chat Backups in the Cloud
Windows MSHTML zero-day exploits shared on hacking forums
REvil ransomware is back in full attack mode and leaking data
MyRepublic discloses data breach exposing government ID cards
Philadelphia Mental Health Service Provider Breach Affects 29,000 Patients
Sep 13, 202112:47
Episode 431 - New Info on the Windows MSHTML Zero-Day

Episode 431 - New Info on the Windows MSHTML Zero-Day

Good Morning and Welcome to the ProactiveIT Cyber Security Daily number 431 It is Friday September 10th 2021. I am your host Scott Gombar and New Info on the Windows MSHTML Zero-Day
Cisco Releases Security Updates for Multiple Products
Citrix Releases Security Updates for Hypervisor
‘Azurescape’ Kubernetes Attack Allows Cross-Container Cloud Compromise
Yandex is battling the largest DDoS in Russian Internet history
Windows MSHTML zero-day defenses bypassed as new info emerges
TX: Denton County Discovers COVID-19 Application Leaked Data of 346,000 Individuals
Sep 10, 202115:30
Episode 430 - Hackers leak passwords for 500,000 Fortinet VPN accounts

Episode 430 - Hackers leak passwords for 500,000 Fortinet VPN accounts

Good Morning and Welcome to the ProactiveIT Cyber Security Daily number 430 It is Thursday September 9th 2021. I am your host Scott Gombar and Hackers leak passwords for 500,000 Fortinet VPN accounts
Zoho Releases Security Update for ADSelfService Plus
Mozilla Releases Security Updates for Firefox, Firefox ESR, and Thunderbird
TeamTNT’s New Tools Target Multiple OS
Howard University shuts down network after ransomware attack
Hackers leak passwords for 500,000 Fortinet VPN accounts
Sep 09, 202111:18
Episode 429 - Is REvil Back?

Episode 429 - Is REvil Back?

Good Morning and Welcome to the ProactiveIT Cyber Security Daily number 429 It is Wednesday September 8th 2021. I am your host Scott Gombar and Is REvil Back?
Microsoft shares temp fix for ongoing Office 365 zero-day attacks
Jenkins project's Confluence server hacked to mine Monero
McDonald's leaks password for Monopoly VIP database to winners
Ransomware gang threatens to leak data if victim contacts FBI, police
REvil ransomware's servers mysteriously come back online
Sep 08, 202112:51
Episode 428 - US govt warns orgs to patch massively exploited Confluence bug

Episode 428 - US govt warns orgs to patch massively exploited Confluence bug

Good Morning and Welcome to the ProactiveIT Cyber Security Daily number 428 It is Tuesday September 7th 2021. I am your host Scott Gombar and US govt warns orgs to patch massively exploited Confluence bug

IoT Attacks Skyrocket, Doubling in 6 Months
ProtonMail Shares Activist's IP Address With Authorities Despite Its "No Log" Claims
Traffic Exchange Networks Distributing Malware Disguised as Cracked Software
Netgear fixes severe security bugs in over a dozen smart switches
US govt warns orgs to patch massively exploited Confluence bug
CareATC Email Accounts Accessed by Unauthorized Individuals
Sep 07, 202112:16
Episode 427 - Bluetooth BrakTooth bugs could affect billions of devices

Episode 427 - Bluetooth BrakTooth bugs could affect billions of devices

Good Morning and Welcome to the ProactiveIT Cyber Security Daily number 427 It is Friday September 3rd 2021. I am your host Scott Gombar and Bluetooth BrakTooth bugs could affect billions of devices

Cisco Patches Critical Authentication Bug With Public Exploit
WhatsApp Photo Filter Bug Could Have Exposed Your Data to Remote Attackers
Translated Conti ransomware playbook gives insight into attacks
Atlassian Confluence flaw actively exploited to install cryptominers
FBI warns of ransomware gangs targeting food, agriculture orgs
Autodesk reveals it was targeted by Russian SolarWinds hackers
Bluetooth BrakTooth bugs could affect billions of devices
Sep 03, 202116:36
Episode 426 - If You Ever Want a Job Again Don’t Do This

Episode 426 - If You Ever Want a Job Again Don’t Do This

Good Morning and Welcome to the ProactiveIT Cyber Security Daily number 426 It is Thursday September 2nd 2021. I am your host Scott Gombar and If You Ever Want a Job Again Don’t Do This
Google Releases Security Updates for Chrome
Windows 10 KB5005101 Cumulative Update released with 34 fixes
Feds Warn of Ransomware Attacks Ahead of Labor Day
Microsoft: Windows Server 2022 is now generally available
FTC bans stalkerware maker Spyfone from surveillance business
Twitter adds Safety Mode to automatically block online harassment
Fired NY credit union employee nukes 21GB of data in revenge
Outpatient Facilities Targeted by Cyber Actors More Frequently Than Hospitals
600,000 DuPage Medical Group Patients Notified About PHI Breach
Sep 02, 202118:45
Episode 425 - Hive Ransomware is Actively Targeting Healthcare

Episode 425 - Hive Ransomware is Actively Targeting Healthcare

Good Morning and Welcome to the ProactiveIT Cyber Security Daily number 425 It is Wednesday September 1st 2021. I am your host Scott Gombar and Hive Ransomware is Actively Targeting Healthcare
FBI-CISA Advisory on Ransomware Awareness for Holidays and Weekends
Windows 11 will be released on October 5th to newer devices
Microsoft 365 Usage Analytics now anonymizes user info by default
Fortress Home Security Open to Remote Disarmament
FBI Alert: Hive Ransomware is Actively Targeting Healthcare
Sep 01, 202111:11
Episode 424 - Microsoft shares guidance on securing Azure Cosmos DB accounts

Episode 424 - Microsoft shares guidance on securing Azure Cosmos DB accounts

Good Morning and Welcome to the ProactiveIT Cyber Security Daily number 424 It is Tuesday August 31st 2021. I am your host Scott Gombar and Microsoft shares guidance on securing Azure Cosmos DB accounts
CISA Adds Single-Factor Authentication to list of Bad Practices
Microsoft Exchange ‘ProxyToken’ Bug Allows Email Snooping
Windows Update will tell if you can upgrade to Windows 11
Google App bug blocks Android users from receiving, making calls
Microsoft shares guidance on securing Azure Cosmos DB accounts
San Andreas Regional Center Victim of Ransomware Attack
Aug 31, 202113:17
Episode 423 - T-Mo Updates (It’s Not Good).

Episode 423 - T-Mo Updates (It’s Not Good).

Good Morning and Welcome to the ProactiveIT Cyber Security Daily number 423 It is Monday August 30th 2021. I am your host Scott Gombar and T-Mo Updates (It’s Not Good). Windows 11 to only support one Intel 7th gen CPU, no AMD Zen 1 CPUs Boston Public Library discloses cyberattack, system-wide technical outage T-Mobile CEO: Hacker brute-forced his way through our network 48,000 Individuals Affected by Ransomware Attack on CarePointe ENT PHI of 9,800 Patients of Atlanta Allergy & Asthma Exposed in Cyberattack
Aug 30, 202114:52
Episode 422 - Microsoft and Google to invest billions to bolster US cybersecurity

Episode 422 - Microsoft and Google to invest billions to bolster US cybersecurity

Good Morning and Welcome to the ProactiveIT Cyber Security Daily number 422 It is Friday August 27th 2021. I am your host Scott Gombar and Microsoft and Google to invest billions to bolster US cybersecurity
Cisco Releases Security Updates for Multiple Products
Ragnarok ransomware releases master decryptor after shutdown
Synology: Multiple products impacted by OpenSSL RCE vulnerability
FBI shares technical details for Hive ransomware
Western Digital confirms speed crippling SN550 SSD flash change
Kaseya patches Unitrends server zero-days, issues client mitigations
Microsoft accidentally lowers OneDrive for Business storage limits
Microsoft and Google to invest billions to bolster US cybersecurity
Metro Infectious Disease Consultants Reports 172,000-Record Data Breach
Aug 27, 202119:26
Episode 421 - New Hampshire town loses $2.3 million to overseas scammers

Episode 421 - New Hampshire town loses $2.3 million to overseas scammers

Good Morning and Welcome to the ProactiveIT Cyber Security Daily number 421 It is Thursday August 26th 2021. I am your host Scott Gombar and New Hampshire town loses $2.3 million to overseas scammers
F5 Releases August 2021 Security Advisory
OpenSSL Releases Security Update
VMware Releases Security Updates for Multiple Products
California Man Hacked iCloud Accounts to Steal Nude Photos
New SideWalk Backdoor Targets U.S.-based Computer Retail Business
Microsoft will add secure preview for Office 365 quarantined emails
FIN8 cybercrime gang backdoors US orgs with new Sardonic malware
New Hampshire town loses $2.3 million to overseas scammers
South Florida Community Care Plan Notifies Patients About Insider Email Breach
Revere Health Phishing Attack Impacts 12,000 Patients
California DOJ Must Be Notified About Breaches of the Health Data of 500 or More California Residents
Aug 26, 202119:48
Episode 420 - Ransomware Gang Leaves Clues

Episode 420 - Ransomware Gang Leaves Clues

Good Morning and Welcome to the ProactiveIT Cyber Security Daily number 420 It is Wednesday August 25th 2021. I am your host Scott Gombar and Ransomware Gang Leaves Clues
Modified Version of WhatsApp for Android Spotted Installing Triada Trojan
CISA Releases Five Pulse Secure-Related MARs
Samsung can remotely disable their TVs worldwide using TV Block
SteelSeries bug gives Windows 10 admin rights by plugging in a device
New zero-click iPhone exploit used to deploy NSO spyware
Ransomware gang's script shows exactly the files they're after
Aug 25, 202115:38
Episode 419 - the July HIPAA Breach Report Has Arrived

Episode 419 - the July HIPAA Breach Report Has Arrived

Good Morning and Welcome to the ProactiveIT Cyber Security Daily number 419 It is Tuesday August 24th 2021. I am your host Scott Gombar and the July HIPAA Breach Report Has Arrived
ProxyShell Attacks Pummel Unpatched Exchange Servers
FBI: OnePercent Group Ransomware targeted US orgs since Nov 2020
Phishing campaign uses
UPS.com XSS vuln to distribute malware
Botnet targets hundreds of thousands of devices using Realtek SDK
Nokia subsidiary discloses data breach after Conti ransomware attack
HVAC Vendor Allegedly Hacked: Access Gained to Hospital Systems
July 2021 Healthcare Data Breach Report
Aug 24, 202120:34
Episode 418 - Phone Companies’ Customer Data Exposed

Episode 418 - Phone Companies’ Customer Data Exposed

Good Morning and Welcome to the ProactiveIT Cyber Security Daily number 418 It is Monday August 23rd 2021. I am your host Scott Gombar and Phone Companies’ Customer Data Exposed Hurricane-Related Scams Critical Cisco Bug in Small Business Routers to Remain Unpatched Nigerian Threat Actors Solicit Employees to Deploy Ransomware for Cut of Profits Razer bug lets you become a Windows 10 admin by plugging in a mouse Microsoft Exchange servers being hacked by new LockFile ransomware T-Mobile data breach just got worse — now at 54 million customers AT&T denies data breach after hacker auctions 70 million user database Contact Tracing Survey Data of 750,000 Hoosiers Exposed Online 1.4 Million Individuals Affected by St. Joseph’s/Candler Ransomware Attack
Aug 23, 202123:23
Episode 417 - an Evasive Phishing Campaign Active Since July 2020

Episode 417 - an Evasive Phishing Campaign Active Since July 2020

Good Morning and Welcome to the ProactiveIT Cyber Security Daily number 417 It is Friday August 13th 2021. I am your host Scott Gombar and an Evasive Phishing Campaign Active Since July 2020
Mozilla Releases Security Updates for Thunderbird
Ransomware Payments Explode Amid ‘Quadruple Extortion’
GitHub deprecates account passwords for authenticating Git operations
Hackers now backdoor Microsoft Exchange using ProxyShell exploits
Ransomware gang uses PrintNightmare to breach Windows servers
Microsoft: Evasive Office 365 phishing campaign active since July 2020
Aug 13, 202113:57
Episode 416 - LockBit hits Accenture with a Ransomware Attack.

Episode 416 - LockBit hits Accenture with a Ransomware Attack.

Good Morning and Welcome to the ProactiveIT Cyber Security Daily number 416 It is Thursday August 12th 2021. I am your host Scott Gombar and LockBit hits Accenture with a Ransomware Attack.
Kaseya’s ‘Master Key’ to REvil Attack Leaked Online
Bugs in Managed DNS Services Cloud Let Attackers Spy On DNS Traffic
Microsoft confirms another Windows print spooler zero-day bug
Hacker behind biggest cryptocurrency heist ever returns stolen funds
Accenture Confirms LockBit Ransomware Attack
Email Account Breaches Reported by A2Z Diagnostics and Vision for Hope
Aug 12, 202119:12
Episode 415 - It’s the August Post Patch Tuesday Episode

Episode 415 - It’s the August Post Patch Tuesday Episode

Good Morning and Welcome to the ProactiveIT Cyber Security Daily number 415 It is Wednesday August 11th 2021. I am your host Scott Gombar and It’s the August Post Patch Tuesday Episode
Citrix Releases Security Update for ShareFile Storage Zones Controller
Adobe Releases Security Updates for Multiple Products
Mozilla Releases Security Updates for Firefox
SAP Releases August 2021 Security Updates
Intel Releases Multiple Security Updates
Microsoft revives deprecated RDCMan after fixing security flaw
Crytek confirms Egregor ransomware attack, customer data theft
Over $600 million reportedly stolen in cryptocurrency hack
Microsoft fixes Windows Print Spooler PrintNightmare vulnerability
Microsoft August 2021 Patch Tuesday fixes 3 zero-days, 44 flaws
eCh0raix ransomware now targets both QNAP and Synology NAS devices
Aug 11, 202116:02
Episode 414 - Ransomware Attacks on Synology NAS Devices.

Episode 414 - Ransomware Attacks on Synology NAS Devices.

Good Morning and Welcome to the ProactiveIT Cyber Security Daily number 414 It is Tuesday August 10th 2021. I am your host Scott Gombar and Ransomware Attacks on Synology NAS Devices.
Beware! New Android Malware Hacks Thousands of Facebook Accounts
One million stolen credit cards leaked to promote carding market
Microsoft adds Fusion ransomware attack detection to Azure Sentinel
Synology warns of malware infecting NAS devices with ransomware
Long Island Jewish Forest Hills Hospital Notifies Patients About Insider Breach
Dynamic Health Care Malware Attack Affects Multiple Nursing and Rehabilitation Facilities in Illinois
Aug 10, 202115:35
Episode 413 - Exchange Admins Patch NOW!

Episode 413 - Exchange Admins Patch NOW!

Good Morning and Welcome to the ProactiveIT Cyber Security Daily number 413 It is Monday August 9th 2021. I am your host Scott Gombar and Exchange Admins Patch NOW!
Ivanti Releases Security Update for Pulse Connect Secure
Amazon Kindle Vulnerable to Malicious EBooks
Zoom Settlement: An $85M Business Case for Security Investment
Australian govt warns of escalating LockBit ransomware attacks
Microsoft Exchange servers scanned for ProxyShell vulnerability, Patch Now
Computer hardware giant GIGABYTE hit by RansomEXX ransomware
NCH Corporation and Others Announce Data Breaches
Gastroenterology Consultants Notifies Patients About January 2021 Ransomware Attack
Aug 09, 202120:47
Episode 412 - 73% of Businesses Suffered a Data Breach Linked to a Phishing Attack in the Past Year

Episode 412 - 73% of Businesses Suffered a Data Breach Linked to a Phishing Attack in the Past Year

Good Morning and Welcome to the ProactiveIT Cyber Security Daily number 412 It is Friday August 6th 2021. I am your host Scott Gombar and 73% of Businesses Suffered a Data Breach Linked to a Phishing Attack in the Past Year
Cisco Releases Security Updates
VMware Releases Security Updates for Multiple Products
Linux version of BlackMatter ransomware targets VMware ESXi servers
CISA teams up with Microsoft, Google, Amazon to fight ransomware
New DNS vulnerability allows 'nation-state level spying' on companies
Angry Conti ransomware affiliate leaks gang's attack playbook
New Windows PrintNightmare zero-days get free unofficial patch
UF Health Says PHI Potentially Compromised in May 2021 Cyberattack
73% of Businesses Suffered a Data Breach Linked to a Phishing Attack in the Past 12 Months
Healthcare Industry has Highest Number of Reported Data Breaches in 2021
Aug 06, 202121:11
Episode 411 - Can You Trust Your Employees?

Episode 411 - Can You Trust Your Employees?

Good Morning and Welcome to the ProactiveIT Cyber Security Daily number 411 It is Thursday August 5th 2021. I am your host Scott Gombar and Can You Trust Your Employees?
Google Releases Security Updates for Chrome
‘I’m Calling About Your Car Warranty’, aka PII Hijinx
Several Malware Families Targeting IIS Web Servers With Malicious Modules
Energy group ERG reports minor disruptions after ransomware attack
Cisco fixes critical, high severity pre-auth flaws in VPN routers
LockBit ransomware recruiting insiders to breach corporate networks
Phishing Attacks Reported by Academic HealthPlans and Wayne County Hospital
Guidehouse Reports Breach Affecting Multiple Healthcare Provider Clients
Aug 05, 202117:10
Episode 410 - Critical Vulnerability Impacts at least 80% of US Hospitals

Episode 410 - Critical Vulnerability Impacts at least 80% of US Hospitals

Good Morning and Welcome to the ProactiveIT Cyber Security Daily number 410 It is Wednesday August 4th 2021. I am your host Scott Gombar and Critical Vulnerability Impacts at least 80% of US Hospitals Raccoon Stealer Bundles Malware, Propagates Via Google SEO Microsoft halts Windows 365 trials after running out of servers Windows 10 to automatically block potentially unwanted apps Windows PetitPotam attacks can be blocked using new method Ransomware Volumes Hit Record Highs as 2021 Wears On PwnedPiper critical bug set impacts major hospitals in North America Star Refining & Express MRI Report Phishing Attacks Harris County, TX: PHI of 26,000 Individuals Exposed Online
Aug 04, 202121:39
Episode 409 - Emails from 27 US Attorneys’ offices breached by SolarWind’s hackers.

Episode 409 - Emails from 27 US Attorneys’ offices breached by SolarWind’s hackers.

Good Morning and Welcome to the ProactiveIT Cyber Security Daily number 409 It is Monday August 2nd 2021. I am your host Scott Gombar and Emails from 27 US Attorneys’ offices breached by SolarWind’s hackers.
NSA Warns Public Networks are Hacker Hotbeds
Novel Meteor Wiper Used in Attack that Crippled Iranian Train System
DarkSide ransomware gang returns as new BlackMatter operation
Remote print server gives anyone Windows admin privileges on a PC
FBI warns investors of fraudsters posing as brokers and advisers
DOJ: SolarWinds hackers breached emails from 27 US Attorneys’ offices
More Than 447K Patients Affected by Phishing Attack on Orlando Family Physicians
PHI Potentially Compromised in Ransomware Attacks on Eye Center and Law Firm
Accidental Disclosures of PHI at LA Fire Department and Standard Modern Company
Aug 02, 202124:06
Episode 408 - What Are the Most Exploited Vulnerabilities?

Episode 408 - What Are the Most Exploited Vulnerabilities?

Good Morning and Welcome to the ProactiveIT Cyber Security Daily number 408 It is Thursday July 29th 2021. I am your host Scott Gombar and What Are the Most Exploited Vulnerabilities?
New US security memorandum bolsters critical infrastructure cybersecurity
Biden: Severe cyberattacks could escalate to 'real shooting war'
Critical Microsoft Hyper-V bug could haunt orgs for a long time
Northern Ireland suspends vaccine passport system after data leak
LockBit ransomware now encrypts Windows domains using group policies
Microsoft Teams now automatically blocks phishing attempts
Top Routinely Exploited Vulnerabilities
McLaren Health Care and Greenwood Leflore Hospital Impacted by Elekta Ransomware Attack
Phishing Attacks Reported by UC San Diego Health and UnitedHealthcare
Florida Heart Associates Operating at 50% Capacity 2 Months After Ransomware Attack
Overlake Hospital Medical Center Proposes Settlement to Resolve Data Breach Case
Jul 29, 202121:51
Episode 407 - Another Kaseya Problem??

Episode 407 - Another Kaseya Problem??

Good Morning and Welcome to the ProactiveIT Cyber Security Daily number 407 It is Tuesday July 27th 2021. I am your host Scott Gombar and Another Kaseya Problem??
Babuk Ransomware Gang Ransomed, New Forum Stuffed With Porn
Microsoft Defender ATP now secures removable storage, printers
Apple fixes zero-day affecting iPhones and Macs, exploited in the wild
Researchers warn of unpatched Kaseya Unitrends backup vulnerabilities
Paperwork Containing PHI of Oklahoma Heart Hospital Patients Accidentally Donated to Charity
UNC Health and Nebraska DHHS Report Phishing Attacks
Jul 27, 202115:04
Episode 406 - We’re Not Taking 2FA/MFA Seriously.

Episode 406 - We’re Not Taking 2FA/MFA Seriously.

Good Morning and Welcome to the ProactiveIT Cyber Security Daily number 406 It is Monday July 26th 2021. I am your host Scott Gombar and We’re Not Taking 2FA/MFA Seriously.
FIN7’s Liquor Lure Compromises Law Firm with Backdoor
Microsoft 365 drops support for Internet Explorer 11 in August
Microsoft shares mitigations for new PetitPotam NTLM relay attack
Fake Windows 11 installers now used to infect you with malware
MacOS malware steals Telegram accounts, Google Chrome data
Apple fixes bug that breaks iPhone WiFi when joining rogue hotspots
Twitter reveals surprisingly low two-factor auth (2FA) adoption rate
Former Scripps Health Worker Charged Over HIPAA Violation in COVID-19 Unemployment Benefit Fraud Case
Jul 26, 202119:12
Episode 405 - 740 ransomware victims named on data leak sites in the 2nd quarter

Episode 405 - 740 ransomware victims named on data leak sites in the 2nd quarter

Good Morning and Welcome to the ProactiveIT Cyber Security Daily number 405 It is Friday July 23rd 2021. I am your host Scott Gombar and 740 ransomware victims named on data leak sites in the 2nd quarter
Cisco Releases Security Updates
Drupal Releases Security Updates
Critical Jira Flaw in Atlassian Could Lead to RCE
Phish Swims Past Email Security With Milanote Pages
Kaseya obtains universal decryptor for REvil ransomware victims
Akamai DNS global outage takes down major websites, online services
Ransomware gang breached CNA’s network via fake browser update
740 ransomware victims named on data leak sites in Q2 2021
Jul 23, 202120:55
Episode 404 - The June 2021 HIPAA Breach Report Has Arrived

Episode 404 - The June 2021 HIPAA Breach Report Has Arrived

Good Morning and Welcome to the ProactiveIT Cyber Security Daily number 404 It is Thursday July 22nd 2021. I am your host Scott Gombar and The June 2021 HIPAA Breach Report Has Arrived
Apple Releases Security Updates
Google Releases Security Updates for Chrome
Adobe Releases Security Updates for Multiple Products
Malware Targeting Pulse Secure Devices
MacOS Being Picked Apart by $49 XLoader Data Stealer
NPM Package Steals Passwords via Chrome’s Account-Recovery Tool
Chinese state hackers breached over a dozen US pipeline operators
Microsoft shares workaround for Windows 10 SeriousSAM vulnerability
June 2021 Healthcare Data Breach Report
Jul 22, 202118:50
Episode 403 - The Vulnerabilities Keep Coming, And Some Never Left

Episode 403 - The Vulnerabilities Keep Coming, And Some Never Left

Good Morning and Welcome to the ProactiveIT Cyber Security Daily number 403 It is Wednesday July 21st 2021. I am your host Scott Gombar and The Vulnerabilities Keep Coming, And Some Never Left
Citrix Releases Security Updates
Fortinet Releases Security Updates for FortiManager and FortiAnalyzer
Oracle Releases July 2021 Critical Patch Update
16-Year-Old HP Printer-Driver Bug Impacts Millions of Windows Machines
DuckDuckGo's new email privacy service forwards tracker-free messages
Microsoft Teams chat feature rolling out to Windows 11
New Windows 10 vulnerability allows anyone to get admin privileges
New Linux kernel bug lets you get root on most modern distros
FBI: Threat actors may be targeting the 2020 Tokyo Summer Olympics
Significant Historical Cyber-Intrusion Campaigns Targeting ICS
Email Account Breaches Reported by MultiPlan and Hawaii Independent Physicians Association
Advocate Aurora Health, Jefferson Health, and Intermountain Healthcare Affected by Elekta Ransomware Attack
Jul 21, 202121:26
Episode 402 - China Named in Cyber Threat Activities

Episode 402 - China Named in Cyber Threat Activities

Good Morning and Welcome to the ProactiveIT Cyber Security Daily number 402 It is Tuesday July 20th 2021. I am your host Scott Gombar and China Named in Cyber Threat Activities
Ruthless Attackers Target Florida Condo Collapse Victims
Leaked NSO Group Data Hints at Widespread Pegasus Spyware Infections
Five Critical Password Security Rules Your Employees Are Ignoring
Microsoft takes down domains used to scam Office 365 users
U.S. Government Releases Indictment and Several Advisories Detailing Chinese Cyber Threat Activity
Lake County Health Department Notifies 25,000 Patients About Two Data Breaches
Sierra Nevada Primary Care Physicians Alerts Patients About Theft of PHI
Jul 20, 202122:43
Episode 401 - Law Firm for Fortune 500 Hit With Ransomware & Data Breach

Episode 401 - Law Firm for Fortune 500 Hit With Ransomware & Data Breach

Good Morning and Welcome to the ProactiveIT Cyber Security Daily number 401 It is Monday July 19th 2021. I am your host Scott Gombar and Law Firm for Fortune 500 Hit With Ransomware & Data Breach Google Releases Security Updates for Chrome Cisco Releases Security Updates Windows 11 features, expected release date, and latest news HelloKitty ransomware is targeting vulnerable SonicWall devices D-Link issues hotfix for hard-coded password router vulnerabilities Critical Cloudflare CDN flaw allowed compromise of 12% of all sites Ransomware hits law firm counseling Fortune 500, Global 500 companies 30,000 Florida Blue Members Impacted by Brute Force Attack on Member Portal
Jul 19, 202119:46
Episode 400 - A Critical Ransomware Risk Warning from SonicWall

Episode 400 - A Critical Ransomware Risk Warning from SonicWall

Good Morning and Welcome to the ProactiveIT Cyber Security Daily number 400 It is Thursday July 15th 2021. I am your host Scott Gombar and A Critical Ransomware Risk from SonicWall
Windows Hello Bypass Fools Biometrics Safeguards in PCs
BazarBackdoor sneaks in through nested RAR and ZIP archives
Google Chrome will add HTTPS-First Mode to keep your data safe
Google: Russian SVR hackers targeted LinkedIn users with Safari zero-day
SonicWall warns of 'critical' ransomware risk to EOL SMA 100 VPN appliances
PHI of Over 200,000 Individuals Potentially Compromised in ClearBalance Phishing Attack
Supply Chain Ransomware Breach Affects 1.2 Million
Jul 16, 202115:44
Episode 399 - A Critical Ransomware Risk Warning from SonicWall

Episode 399 - A Critical Ransomware Risk Warning from SonicWall

Good Morning and Welcome to the ProactiveIT Cyber Security Daily number 399 It is Thursday July 15th 2021. I am your host Scott Gombar and A Critical Ransomware Risk Warning from SonicWall
Windows Hello Bypass Fools Biometrics Safeguards in PCs
BazarBackdoor sneaks in through nested RAR and ZIP archives
Google Chrome will add HTTPS-First Mode to keep your data safe
Google: Russian SVR hackers targeted LinkedIn users with Safari zero-day
SonicWall warns of 'critical' ransomware risk to EOL SMA 100 VPN appliances
PHI of Over 200,000 Individuals Potentially Compromised in ClearBalance Phishing Attack
Supply Chain Ransomware Breach Affects 1.2 Million
Jul 15, 202119:49
Episode 398 - It’s the July 2021 Post Patch Tuesday Roundup

Episode 398 - It’s the July 2021 Post Patch Tuesday Roundup

Good Morning and Welcome to the ProactiveIT Cyber Security Daily number 398 It is Wednesday July 14th 2021. I am your host Scott Gombar and It’s the July 2021 Post Patch Tuesday Roundup
Unpatched Critical RCE Bug Allows Industrial, Utility Takeovers
Critical Flaws Reported in Etherpad — a Popular Google Docs Alternative
Amazon starts rolling out Ring end-to-end encryption globally
Adobe updates fix 28 vulnerabilities in 6 programs
Microsoft July 2021 Patch Tuesday fixes 9 zero-days, 117 flaws
New BIOPASS malware live streams victim's computer screen
REvil ransomware gang's web sites mysteriously shut down
Hackers use new SolarWinds zero-day to target US Defense orgs
Jul 14, 202117:44
Episode 397 - SolarWinds patches critical vulnerability

Episode 397 - SolarWinds patches critical vulnerability

Good Morning and Welcome to the ProactiveIT Cyber Security Daily number 397 It is Tuesday July 13th 2021. I am your host Scott Gombar and SolarWinds patches critical vulnerability
Critical ForgeRock Access Management Vulnerability
Microsoft fixes Outlook crash issues when using Search bar
Fashion retailer Guess discloses data breach after ransomware attack
SolarWinds patches critical Serv-U vulnerability exploited in the wild
Wisconsin Dermatology Practice Reports Data Breach Affecting 4,400 Individuals
Jul 13, 202110:19
Episode 396 - Kaseya patches VSA vulnerabilities

Episode 396 - Kaseya patches VSA vulnerabilities

Good Morning and Welcome to the ProactiveIT Cyber Security Daily number 396 It is Monday July 12th 2021. I am your host Scott Gombar and Kaseya patches VSA vulnerabilities Oil & Gas Targeted in Year-Long Cyber-Espionage Campaign Lazarus Targets Job-Seeking Engineers with Malicious Documents Microsoft's Windows Cloud PC service almost here - What we know so far Mint Mobile hit by a data breach after numbers ported, data accessed FBI warns cryptocurrency owners, exchanges of ongoing attacks Insurance giant CNA reports data breach after ransomware attack Kaseya patches VSA vulnerabilities used in REvil ransomware attack Coastal Family Health Center Cyberattack Affects 62,000 Patients
Jul 12, 202120:00
Episode 395 - Malware Through Live Chat Support

Episode 395 - Malware Through Live Chat Support

Good Morning and Welcome to the ProactiveIT Cyber Security Daily number 395 It is Friday July 9th 2021. I am your host Scott Gombar and Malware Through Live Chat Support
Cisco Releases Security Updates for Multiple Products
Critical vulnerabilities in Philips Vue PACS devices could allow remote takeover
REvil victims are refusing to pay after flawed Kaseya ransomware attack
Windows security update KB5004945 breaks printing on Zebra printers
Morgan Stanley reports data breach after vendor Accellion hack
‘How can I help you today?’ Scammers dupe online support agents through live chat platforms
Jul 09, 202113:13
Episode 394 - The Nightmare Continues

Episode 394 - The Nightmare Continues

Good Morning and Welcome to the ProactiveIT Cyber Security Daily number 394 It is Thursday July 8th 2021. I am your host Scott Gombar and The Nightmare Continues
MacOS Targeted in WildPressure APT Malware Campaign
Kaspersky Password Manager caught out making easily bruteforced passwords
Fake Kaseya VSA security update backdoors networks with Cobalt Strike
Microsoft: PrintNightmare now patched on all Windows versions
Ransomware Attacks Reported by 5 HIPAA Covered Entities and Business Associates
UW Health Discovers 4-Month Breach of Its MyChart Portal
Jul 08, 202116:60
Episode 393 - Updates to the Kaseya Attack

Episode 393 - Updates to the Kaseya Attack

Good Morning and Welcome to the ProactiveIT Cyber Security Daily number 393 It is Wednesday July 7th 2021. I am your host Scott Gombar and Updates to the Kaseya Attack
Western Digital Users Face Another RCE
Microsoft pushes emergency update for Windows PrintNightmare zero-day
US warns of action against ransomware gangs if Russia refuses
Hacker dumps private info of pro-Trump GETTR social network members
Microsoft 365 to let SecOps lock hacked Active Directory accounts
Kaseya Patches Imminent After Zero-Day Exploits, 1,500 Impacted
PHI of Veterans with PTSD Potentially Compromised in OSU Data Breach
PHI Exposed in Email Incidents at Discovery Practice Management, One Medical, and Peoples Community Health Clinic
Jul 07, 202123:57