Editor's Message

Welcome to DBD. As we embark on a new year, cybercrime still remains a major threat to organizations, no matter where they are, or what size they are. The significant gains made in tackling cybercrime last year, still show we have a long way to go, but the battle continues in disrupting threat actors and their operations. Wishing you all a safe 2023. Thank you for your support. Stay safe. :)



Monday, 26 December 2022

Twitter: US Social Media Giant's API Vulnerability Results In Over 400 Million Scraped Public And Private User Profiles For Sale Online

Data Breaches Digest - Week 52 2022

Welcome to this week's Data Breaches Digest, a catalogue of links concerning Data Breaches and Cyber Security that were published on the Internet during the period between 26th December 2022 and 1st January 2023.


1st January 2023

Carousell working with police to tackle phishing scams, banks to thwart scammers

Cybersecurity: Why it is a future?

Energy cyber-attacks: Risk, raising awareness and strategy

From Twitter to IRCTC, data leak is making its way to the dark web. Here’s how it can be used against you

Google Home Vulnerability: Eavesdropping on Conversations

Hospital for Sick Children says it's 'aware' of online statement offering free decryptor

How to Plan a Comprehensive Data Network Security Strategy

India: Ministry of Home Affairs (MHA) issues cyber alert for G20 Summit, shares threat, target details with ministries

LockBit releases free decryptor, apologizes for ransomware attack on children’s hospital

Maybank completes investigations, confirms data leak allegations are false

More than $3 billion in crypto hacks in 2022 - mostly in DeFi

Pension funds at risk from cyber security threats

Phishing is on the rise, reaching 76% of all email attacks

PyTorch discloses malicious dependency chain compromise over holidays

Ransomware gang apologizes, gives SickKids hospital free decryptor

Ransomware gang cloned victim’s website to leak stolen data

Singapore: Carousell fake buyer scam losses top S$1 million in December, surpassing total for rest of 2022

Stop from being hacked by getting this critical Windows update now

Toronto’s SickKids says it is ‘aware’ of online statement offering free decryptor

Toronto’s SickKids takes down websites over ‘unusual activity’

Toyota Kirloskar Motor reports data breach system

Toyota's Indian unit warns of a possible customer data breach

Twitter in data-protection probe over user details sale

Twitter in probe after hacker offers 400 million users data for sale

What Is Cryptovirology? Is It Dangerous?

Why addressing poor cyber-hygiene and business-wide cybersecurity practices is essential to mitigating the risks of a data breach in 2023

31st December

3Commas API Database Leaked by Anonymous Hacker

5 ways CISOs can secure BYOD and remote work without increasing security budgets

6 Reasons You Need to Start Using an Online Data Room Today to Protect Your Sensitive Documents and Files

After suspected cyber attack: Potsdam city council server offline

Barbados: Queen Elizabeth Hospital (QEH) progress report on cyber attack

Canadian copper mine hit by ransomware

Cyberattacks on Indian Government Agencies More Than Doubled In 2022

Digital Bounty: The great crimeware awakening

FTX, Axie Infinity, and other crypto hacks and scandals that took over $3 billion from victims this year

Google Home smart speakers can be hacked and hackers can listen to your conversations

Government inaction adds pressure to IoMT device and data security

Hacker selling Gemini’ user data on DarkWeb

How To Secure Your Crypto Wallet?

India: Cyber breaches may earn Public Sector Units (PSUs) hefty fines

Maybank confirms claim of data breach at bank untrue

NHS named as the Government ‘brand’ most impersonated by cyber criminals targeting the public in 2022

Poland warns of pro-Kremlin cyberattacks aimed at destabilization

Queensland University of Technology hit by ransomware attack

Russia intensifying cyberattacks on Poland

The 8 Most Common Types of Trojans You Should Know About

The state of security in consumer electronics

The Urgent Need for Actionable and Comprehensive Data Protection Legislation in India

Triple Extortion Ransomware: How to Protect Your Organization?

Twitter To Be Investigated Over Data-protection Breach Affecting Over '400 Million' Users

What Is a Rainbow Table Attack?

30th December

A hospital’s patient data was stolen in June and they should have known it. Why are they claiming they didn’t know?

Adobe, Apple, Cisco, Microsoft Flaws Make Up Half of Known Exploited Vulnerabilities (KEV) Catalog

Analysis Of The Top 10 Countries Mostly Targeted By Data Breaches

Ashtabula County Recorder's Office affected by cyber attack on vendor

Barbados: Queen Elizabeth Hospital (QEH) makes progress in recovery from cyber attack

Bristol Community College's internet is offline for a week in 'cybersecurity incident'

Canadian copper mine suffers ransomware attack, shuts down mills

Canadian mining firm shuts down mill after ransomware attack

CISA Warns of Active exploitation of JasperReports Vulnerabilities

Clever Hacker Impersonates Shark Tank Fame

Court Sentences Hacker to 6 Years for Stealing $6.7M from Nexon CEO in May

Crypto Year Ender: Here’s A Look At Major Crypto Scams Of 2022

Cyber attack leaves 6 North Carolina counties locked out of their online records

Cyber laws will be updated to boost UK’s resilience against online attacks

Cybercriminals create new methods to evade legacy DDoS defenses

Data available on lifestyle and entertainment websites is gold for hacker groups

Defrost Finance Denies Rug Pull Allegations Amid $12M Exploit

Don’t overlook supply chain security in your 2023 security plan

Expect Cybercrime “Scamdemic” to Continue in 2023

Hackers are using Google Ads for well-known apps to spread malware

Hive Ransomware Leaks 270,000 Patient Records from Lake Charles Memorial Health (LCMH)

How CISOs can stay one step ahead of 2023’s risks, threats and attacks

How Tech Giants Are Preparing for a Password-free Future

Illegal Call Centers Are Tricking Senior Americans Into Losing $3 Billion

In 2023, the cost of data breaches may increase even further

India: Railways denies data breach

Indian Government Sector Top Target for Hackers As Cyber-Attacks Rise by 95% in Second Half of 2022

LastPass Admits Hackers Obtained Customer Password Vaults

LockBit Gang Takes Credit for Port of Lisbon Ransomware Attack

LockBit ransomware claims attack on Port of Lisbon in Portugal

Medibank faces new year reckoning over hack attacks

Meet the cybercriminals of 2022

Monarch of North Carolina Announces Data Breach

Nashville hospital investigating data breach within computer system

New Linux malware uses 30 plugin exploits to backdoor WordPress sites

Over four in ten Belgians victims of phishing last year

Personal Cybersecurity: Protecting Yourself from Hackers

Pro-Russian Hacktivist Group KillNet Poses Threat to US Healthcare Cybersecurity

Rackspace identifies hacking group responsible for early December ransomware attack

Ransomware Defense a Top 2022 Cybersecurity Trend, Challenge

Ransomware groups bypass ProxyNotShell mitigations with new exploit

Ransomware hackers force Queensland University of Technology to shut down computer system

Researcher Uncovers Potential Wiretapping Bugs in Google Home Smart Speakers

Roundup: 2022 ‘mega’ crypto hacks

Royal ransomware group claims it attacked Iowa PBS station

San Francisco 49ers class action claims team failed to safeguard data prior to breach

Scripps Health Reaches $3.5 Million Data Breach Settlement

Seven sophisticated scams predicted to rise during next year and how to protect yourself from them

Telekom Malaysia confirms data breach involving 250,000 Unifi Mobile customers

The LastPass Scandal Shows It’s Time to Leave Passwords Behind

Tips and tricks for securing data when migrating to the cloud

The worst data breaches of 2022

Tomball experiences ransomware attack; council authorizes city manager to spend money for recovery of city systems, data

Twitter in data-protection probe after '400 million' user details up for sale

Twitter in the spotlight in Ireland: newest data breach to be examined

Ukrainian police bust call center that scammed about 18,000 foreigners

Ultimate Fighting Championship (UFC) sponsor DraftKings hacked: 67,000 accounts breached and $300,000 stolen

Understanding Security Detection And Response Technologies: What Lies Behind The Acronyms

Walmart, Venmo, USPS, and FedEx – Top Phishing Scams of the Week

Watch out for QR code scams being sent through email

What is multi-factor authentication (MFA) fatigue and how do you defend against attacks?

What Is Point-of-Sale (POS) Malware and How Can You Protect Your Business From It?

Why organizations tend to fall short on secure data management

Why Would Anyone Want to Hack Your Social Media Accounts?

29th December

3Commas Admits It Was Source of API Leak That Led to Hacks

6 Ways to Protect Your Organization Against LAPSUS$

9 Supply Chain Security Best Practices

2023 Cybersecurity predictions – Part 1

2023 Cybersecurity predictions – Part 2

A look at the Defrost hack, one of the most confusing exploits of 2022

Actionable Tips to Keep Your Business’s Sensitive Data Secure

After the Uber Breach: 3 Questions All CISOs Should Ask Themselves

Arnold Clark hit with cyber attack as car firm 'back to 70s'

Attack on the Azienda Ospedaliera di Alessandria hospital: additional details on the case

Azov Ransomware can modify its own code to delete every single file on a machine with a single click

Bahrain: Cyber Security Awareness Key To Combat Scams

Beware of phishing attacks, CERT-In warns LastPass password manager users

Copper Mountain Mining Reports Ransomware Attack

Crypto platform 3Commas admits hackers stole API keys

Cryptocurrency company BIT Mining out $3 million in cyberattack

Cyber attack impacting real estate matters at Florence County Register of Deeds office

Cyber Security And Business Protocols: How Do They Work?

Cyberwar in Ukraine, ransomware fears drive 2022 surge in demand for threat intelligence tools

Data breach in 2023 to exceed US$5 million per incident: Acronis

Data breaches could be even more expensive in 2023

Digital Assets of $9.9 Million Stolen in BitKeep Cyber Attack

EarSpy Attack Can Use Motion Sensors Data to Pry on Android Devices

FBI Investigating 3Commas Data Breach

FoundCare, Inc. Files Notice of Data Breach Affecting Over 14k Patients

Fraudsters’ working patterns have changed in recent years

Geopolitical Tensions Expected to Further Impact Cybersecurity in 2023

Google Home speakers allowed hackers to snoop on conversations

Hackers' latest trick looks like free movie streaming

Here’s what companies should do to protect themselves in the Work-From-Home (WFH) era

Hive Ransomware Hits Louisiana Hospitals, Leaks Patient Data

Hong Kong: Privacy watchdog requests electoral office for remedy on personal data breach blunders

How Identity Monitoring Services Can Help Protect You Against Fraud

Hybrid work: Good for retention, bad for security?

Ibex data breach $2.4 million class action settlement

If you have a Deezer account, your personal data has surely leaked because of this "error"

India: Hackers say data of 3 crore people on sale, railways denies breach

Indian Hacking Groups Are Behind Cyber Attacks In Afghanistan And Pakistan

Indian scam call centres looted over $10 billion in 11 months from US senior citizens this year

Indians Must Learn to 'Stay Safe Online' as Scammers Have Spread Phishing Net for IRCTC, UPI Users

Industrial Bank Files Notice of Data Breach, Leaking Consumers SSNs and Financial Account Information

Ireland to examine Twitter data breach that may affect 400M+ users

It’s the time of the season for...subscription scams!

Japanese police successful in decrypting data attacked by LockBit ransomware

Jersey: Be prepared for a Russian cyber attack, Island warned

Lack of Cloud Backups Poses a ‘Real Problem’ for Data Protection

Lessons Learned: The Log4J Vulnerability 12 Months On

Mortal Kombat 2 Suffers Major Source Code Leak

Netgear warns users to patch recently fixed WiFi router bug

New CryWiper Malware Attacks Russian Courts and Mayors’ Offices

New Malvertising Campaign via Google Ads Targets Users Searching for Popular Software

North Korean hackers deploy nearly 500 phishing domains to steal millions worth of NFTs

Ohio court: Non-physical software damage in ransomware attack not covered under insurance

Phishing, DDoS attacks, Zero-day exploits, Malware explained: What they mean, how to stay safe online, and more

Phoenix-area title loan, MVD provider confirms data breach; what you need to know

Port of Lisbon website still down as LockBit gang claims cyberattack

Preventing digital fraud: Why conversations on cybersecurity should take precedence in the banking space

Rackspace identifies group behind ransomware attack; recovery of customers’ data still uncertain

Ransomware Did Not Cause Direct Physical Loss, Ohio High Court Says

Ring fencing data: Ransomware attacks are rising fast. India needs to be ready. And the data bill must factor this in

Russians Lost Hundreds Of Millions Of Rubles Due To Fraudulent Calls From Ukraine

South Staffs Water cyber attack shows Britain needs to be more resilient

Switch: a serious security flaw discovered, patch your games quickly!

The Five Stories That Shaped Cybersecurity in 2022

The Guardian Hit with Possible Ransomware Attack

Thousands of Citrix Servers Still Unpatched for Critical Vulnerabilities

Top 10: Fines Issued for Data Protection Violations

Toy maker Jakks Pacific reports cyberattack after multiple ransomware groups leak data

Trends in Ransomware Attacks on US Hospitals, Clinics, and Other Health Care Delivery Organizations, 2016-2021

Ukraine shuts down fraudulent call center claiming 18,000 victims

28th December

5 Supply Chain Security Trends

400 Million Twitter Users’ Scraped Info Goes on Sale!

2023 Predictions: Expect More Supply Chain Attacks, Ransomware-as-a-Service Kits in 2023

Alert LastPass Users! CERT-In Warns Of Phishing Attacks

Anonymous Twitter User Leaks 3Commas API Database

APT Hackers Turn to Malicious Excel Add-ins as Initial Intrusion Vector

Arnold Clark hit by Christmas Eve ‘cyber attack’ leaving staff unable to access systems

Belden data breach class action settlement

BitKeep Confirms Cyber Attack, Loses Over $9 Million in Digital Currencies

BTC.com hackers steal $3 million worth of crypto

Cincinnati State Technical Community College Announces Data Breach Affecting Confidential Student Information

Cyber Attacks on Healthcare Institutions: Is Care Compromised?

Cyber gang says it leaked sensitive personal data of Xavier students and employees

Cyber Insurance Claim Count Led by Fund Transfer Fraud, But Ransomware Remains Most Expensive Cost

Cyber Security Tips on How to Keep a Smart Home Safe

Cyber-Attacks Set To Become ‘Uninsurable’, Warns Insurance Boss

Cybersecurity firm links Piers Morgan Twitter hack to leak of 400 million records

Cybersecurity firm links Piers Morgan Twitter hack to massive leak of user data

Cybersecurity in the Age of Digital Transformation

Delivery fraud 'wave' has hit Belgium: Here's how to avoid becoming a victim

Department of Justice (DOJ) arrests man behind brazen $100 million attack on Mango Markets

Department of Justice launches criminal investigation into cyberattack that drained more than $370 MILLION of assets from FTX after it filed for bankruptcy - as lawsuit reveals Sam Bankman-Fried used Alameda funds to buy thousands of shares in Robinhood

Double trouble for JAKKS Pacific: double locked by two ransomware groups

Drum roll please...the worst passwords of 2022

Email Spam Statistics 2022: Take a Look at the Dark Side

Five ways to protect your Twitter account from being hacked including using two-factor authentication

French data agency fines Microsoft $63 million for Bing cookie violations

Geopolitical threats, supply chain issues and phishing scams - cybersecurity predictions for 2023

Google AdWords scam epidemic shows social engineering is evolving

Hacker group claims U.S. military devices with biometric data auctioned online

Hackers abuse Google Ads to spread malware in legit software

Hackers accessed data on 270,000 patients from Louisiana hospital system in attempted ransomware attack

Hackers Cannonball BTC Mining Pool And Steal $3 Million In Cryptocurrency

Healthcare Providers and Hospitals Under Ransomware's Siege

Hope College data breach results in federal lawsuit, request for class action status

Hope College Hit with $5M Class Action Lawsuit Over Data Breach

How to build the world’s strongest digital fortress

How to Protect Yourself After the Latest Alleged Twitter Data Breach

How to select a strong password to avoid cyber attacks

Hundreds of North Korean Phishing Websites Have Stolen NFTs

Improving law enforcement resilience to ransomware

India: 30 Million Railway Users' Data Up For Sale Following Data Breach

India: Railway ministry denies Indian Railway Catering and Tourism Corporation (IRCTC) server data breach

Indian Healthcare Faced Enormous Cyber Attacks in 2022

Indian Railways: Suspected Data Breach Not On Indian Railway Catering and Tourism Corporation (IRCTC) Servers

Indian Railways data breach: Indian Railway Catering and Tourism Corporation (IRCTC) servers not targeted, says corporation

Indian Railways Data Hacked, Information of Around Three Crore Travellers Being Sold on Dark Web

LockBit ransomware used in attack on Ohio town’s court, police department and more

Log4Shell remains a big threat and a common cause for security breaches

Mango Markets Hacker Charged with Fraud, Market Manipulation

Ohio Supreme Court says insurance policy does not cover ransomware attack on software

Okta GitHub repositories hacked, source code stolen

Phishing, ransomware continue to hinder email security through 2022

Phishing Campaign Leverages Facebook Posts to Bypass Email Security

Portugal: Tax authority warns of phishing emails

QR Codes Become More Common, But Are They Safe?

Ransomware attack at Louisiana hospital impacts 270,000 patients

Ransomware Recovery at Toronto Kids Hospital to Last Weeks

Reported phishing attacks have quintupled

Royal ransomware claims attack on Intrado telecom provider

Scammers Love Gift Cards; Here's How to Avoid Being Scammed

Scammers prey on Indian users posting complaints on social media

Scripps pays $3.5M to settle data breach lawsuit

Singapore: More than S$830,000 lost to Carousell phishing scams in December as police warn of sharp rise in cases

Smart Toys Are Still Hackable (We Just Don’t Talk About It)

Social Security Scams and How to Avoid Them

The 10 Biggest Data Breaches Of 2022

The importance of cyber security for casinos and their guests

Thousands of Citrix servers vulnerable to patched critical flaws

Three ways schools can fend off ransomware attacks

Thyssenkrupp Materials data breach class action settlement

Top Cybersecurity Lessons from 2022 for Security Teams – Part 2

Toy maker Jakks Pacific victimized by a second cybergang

Ukrainian Threat Actor Unmasked in Connection With Raccoon Malware

US individuals lost $10 billion to Indian phishing in 2022

What exactly is social engineering, and how can you safeguard yourself from becoming a victim of it?

What Is an ATM Jackpotting Attack and How Does It Work?

What Is Doxxing, Is It Illegal, & How to Prevent It in 2022

What is multifactor authentication (or MFA)? Experts say it's the best way to stop hackers

What is SOVA Virus and How to Keep Money Safe From SOVA and Other Mobile Malware?

Why Governments and Agencies Are Targeted by Cyber Attacks - A Deep Dive into the Motives

Will the Crypto Crash Impact Cybersecurity in 2023? Maybe

27th December

5 Biggest Threats to Your Network And How to Protect Against Them

66% of Americans Got Hacked While Playing Video Games

AI startup spills employee data and corporate secrets

AIIMS ransomware attack: what it means for health data privacy

Americans Lost Over $10 Billion To Fraudsters In India This Year

Average cost of data breaches expected to surpass US$5 million per incident in 2023

BlueNoroff APT Hackers Using New Ways to Bypass Windows Mark of the Web (MotW) Protection

BTC.com lost $3 million worth of cryptocurrency in cyberattack

Canada’s largest children’s hospital struggles to recover from pre-Christmas ransomware attack

ChatGPT, the fashionable artificial intelligence, allows anyone to launch a cyberattack

Cyber Attacks on Healthcare Institutions: Is Care Compromised?

Cyber insurers "missing" key nuances in their underwriting strategies

December blues: Three major data breach events rock leading firms

Deeper ransomware attacks may put Indian firms at greater threat in 2023

Don’t let your ignorance make you vulnerable to IoT attacks

EarSpy attack eavesdrops on Android phones via motion sensors

Education is key to preventing increasingly complex cyber crimes says Wexford cybercrime detective

Elon Musk Imposter Hacks UK Cabinet Minister’s Account, Promotes Crypto Scam

Enterprises waste money on identity tools they don’t use

Facebook to Pay $725 Million to settle Lawsuit Over Cambridge Analytica Data Leak

FIN7 threat actor updated its ransomware activity

Hacker claims to have 400 million Twitter accounts for sale

Hacker claims to have private data of 400 million Twitter users for sale

Hackers steal $8 million from users running trojanized BitKeep apps

Hackers stole data from multiple electric utilities in recent ransomware attack

How NATO is preparing for a new era of AI cyber attacks

How to Approach Data Loss Prevention (DLP)? Identifying the Best Practices

How to remove 'Your Apple iPhone is severely damaged' pop-up scam

Hyderabad police advise Public Sector Undertakings (PSUs) to implement cyber security measures

Increase Your Account Security with this Simple Tip

Indian Hacking Groups Are Behind Cyber Attacks in Pakistan and Afghanistan

Indian Railways data breach: 30 million user records up for sale

Internet AppSec Remains Abysmal & Requires Sustained Action in 2023

Japan's security agency warns against cyberattacks during New Year holidays

Kaspersky finds BlueNoroff APT actor disguised itself as Venture Capital (VC) firms to deliver new malware

Mexico is one of the top victims of cyberattacks in Latin America

Modern technology and cyber recovery will intersect in the next generation of attacks

Multimillion-dollar lawsuit filed against Hope College over data breach

Norfolk: Scam warning amid phishing scheme in county

North Korean hackers are pretending to be crypto Venture Capitals in new phishing scheme

Nottinghamshire Police urges shoppers to be aware of online scams when searching for bargains in the Boxing Day and January sales

OCBC phishing scams: Youth committed crimes linked to money laundering while out on bail

Ohio Supreme Court Says Ransomware Is Not Physical Damage

Online scammers go back to phishing methods using internet search engines

Personal details of clients at Cork letting agency leaked in data breach

Piers Morgan’s Twitter Account Gets Hacked, Hacker Threatens To Leak Celebrity DMs

Ransomware Attack on The Guardian Hits Print Production, Internal Business Systems

Ransomware attacks hit Iowa schools, including Davenport, although public often left in dark

Smartphone: One wrong click could wipe out your savings

Someone hacked Piers Morgan’s Twitter account and posted tons of abusive tweets

The most dangerous cyber security threats of 2023

The Philippines: Bureau of Immigration intercepts alleged Australian hacker at Ninoy Aquino International Airport (NAIA)

The world faces a cybercrime catastrophe – including South Africa

The Worst Scams of 2022 – and How to Protect Yourself

Toronto children's hospital confirms it was hit by ransomware

We repel up to 10 Russian cyberattacks daily, Ukraine says

26th December

2022 Top Five Immediate Threats in Geopolitical Context

Americans duped into losing $10 billion by illegal Indian call centres in 2022

As cyber risk intensifies, insurers must offer a better market to companies in need of protection

Best Phishing Training Options for You and Your Employees

Bitcoin Mining Pool BTC.com Suffers Cyber Attack, $700K Stolen

BitKeep exploiter used phishing sites to lure in users

Common WhatsApp Scams in 2022 & How to Avoid Them

Crypto Thieves Made Off With $4.3B in 2022: Top Hacks of the Year

Cyber criminals impersonating brands' websites for phishing

Data of 300,000 Belfius customers leaked, says report

Data Of 400 Million Twitter Users Is On Sale, Hacker Claims

Defrost v1 hacker reportedly returns funds as ‘exit scam’ allegations surface

Driving in the wrong direction: Uber hit by data breach

ENLBufferPwn: Critical vulnerability disclosed in 3DS, Wii U, and Switch games

Exposing the New Potential Ways Royal Ransomware Gets Delivered

FIN7, the Notorious Cybercrime Group, Seeks to Breach Corporate Networks with Microsoft Exchange

Fintech Focus: Preparing systems for the fraud of tomorrow

Free REvil ransomware master decrypter released

GuLoader Malware Utilizing New Techniques to Evade Security Software

Hacker claims to be selling Twitter data of 400 million users

Hacker issues warning to Elon Musk after putting 40 crore Twitter users' data on sale

Hackers Are Laying Siege to Critical Manufacturing: Here’s How to Fight Back

Hackers drain $8M in assets from Bitkeep wallets in latest DeFi exploit

Hackers ‘GDPR’ threat to Elon Musk: We have data of 400 million Twitter users

Hackers Using Automated Attack to Exploit Exchange Server and SQL Injection Vulnerabilities

Illegal desi call centres behind $10 billion loss to Americans in 2022

Island Hopping Attacks: What They Are and How to Protect Yourself

LastPass reveals just how bad that August breach was. It was bad

Losses from ransomware cost Gulf corporations millions of dollars

North Korean Hackers Ran Off With NFTs Using 500 Distinct Phishing Domains

North Korean hackers steal NFTs using nearly 500 phishing domains

North Korean hackers stealing NFTs using nearly 500 phishing domains

PrivateLoader PPI Service Found Distributing Info-Stealing RisePro Malware

Protecting from Ransomware Requires a Thorough Backup and Recovery Strategy

Ransomware: The Unwanted Gift Hackers Keep on Giving

Ransomware Attack Disrupts Antwerp City Services via a Digital Partner

South Korea: Cyberthreats shoot up over 60% through November

South Korean voice phishing suspect arrested in Angeles

‘Spear phishing’ scams specifically target your personal and business email accounts

The Philippines: Phishing, hacking attacks on the rise

Top Cybersecurity Lessons from 2022 for Security Teams – Part 1

Twitter Data Breach: E-Mails, Phone Numbers of 400 Million Users, Including High-Profile Accounts, Up for Sale on Dark Web, Hacker Makes Offer to Elon Musk

UAE warns of New Year 2023 cyber-attack

What Is a Pretexting Attack and How Can You Protect Yourself?

Zurich Insurance CEO: Cyberattacks Will Be 'Uninsurable'

Ransomware Operator Claims - Week 51 2022

Welcome to last week's ROC Report, an exclusive summary of Ransomware Operator's global victims that were claimed during the period between 19th December and 25th December 2022, kindly provided by our partners.

Flag Icons created by Freepik and provided by Flaticon.

Monday, 19 December 2022

McGraw Hill: US Online Education Platform's Unsecure Servers Expose Over 100,000 University Students' Names And Email Addresses

SevenRooms: US Restaurant Customer Management Platform Suffers Data Breach Resulting In 427GB Of Stolen Data For Sale Online

Data Breaches Digest - Week 51 2022

Welcome to this week's Data Breaches Digest, a catalogue of links concerning Data Breaches and Cyber Security that were published on the Internet during the period between 19th December and 25th December 2022.


25th December

4 Security Threats to Blockchain Networks You Need to Know About

7 Types of Passive Attacks That Can Easily Go Undetected

Critical Linux Kernel flaw affects SMB servers with ksmbd enabled

Cyber Attackers Used Ripple CEO’s Identity To Promote Fake Giveaways

Data Reform Bill: Experts Criticize the UK's GDPR Replacement

DeFi flash loan hacker liquidates Defrost Finance users causing $12M loss

Experts warn of attacks exploiting WordPress gift card plugin

India: Cyber crime shoots up by 66% in Rachakonda commissionerate

Meta settles Cambridge Analytica lawsuit

Microsoft fined €60 million in France for using advertising cookies without consent

Most social media users encounter scams on a weekly basis at least

New ransomware threat for struggling health services

North Korea Carries Out Cyber Attack On Nearly 900 South Korean Foreign Policy Experts

North Korea hacked almost 900 South Korean foreign policy experts, sought ransom

North Korean APT Hacker Group Steals 300 ETH and Over 1,000 NFTs in Phishing Attacks

North Korean hackers behind attacks on South Korean security experts

Officials warn as over $1.6 million in Massachusetts benefits stolen over last 6 months

Password Manager Gets Hacker, Encrypted Passwords Stolen

Perception vs reality: How to really prepare for ransomware

Scam complaints from Revolut users more than double since 2020

Should We Use Apps to Store Our Passwords? Here’s Our Stand

Staying safe in a dangerous digital world

Twitter Data Breach: Hacker claims to have data of 400 million Twitter users

Twitter data breach: Hacker posted list of hacked data of 400 million users - Check whether your data is leaked or not

Unclear data patterns? New risks from the MuddyWater hackers revealed

Under cyber attack: The AIIMS ransomware attack is just a reminder how vulnerable organisations can be

Understanding Cybersecurity: A Comprehensive Guide to Protecting Yourself and Your Organization from Cyber Attacks

24th December

10 Biggest Hacks and Cyber Security Threats of 2022

Cincinnati State data breach possibly exposed Social Security numbers, other information

Comcast Customers Face a Huge Holiday Data Breach

Guam Legislature warns about social media scam using official seal

Hacker Claims to Have Scrapped 400M Twitter User Records

How to Know if Someone Is Spying on Your Phone in 2022

How To Protect Your Passwords From Hackers

Most Popular Data Breaches of Apple

New info-stealer malware infects software pirates via fake cracks sites

OpenSea Private Auction Alarmed by NFT Scammers

Password protection giant LastPass admits the major data breach that came of its August hack

Paxos successfully recovers stolen $20M Gold tokens

Raspberry Robin malware used in attacks against Telecom and Governments

Royal Mail alert as 'easy to fall for' scam could 'drain bank accounts'

Scammers are Ramping Up Cyberattacks During Christmas

Secure Email Gateways: Your First Line of Defense Against Email Security Threats

Suspected North Korean hacker made $365,000 from 1,055 stolen NFTs

The Dangers of Discord: What Is a Discord Virus?

The famous British newspaper The Guardian victim of ransomware?

This Popular AI Chatbot is Being Used in Phishing Attacks

Tips on How to Be Aware Of CyberSecurity

Twitter faces massive fines in Europe over 2021 data breach

W4SP Stealer Discovered in Multiple PyPI Packages Under Various Names

Warning for all Microsoft users – don’t fall for common scam this Christmas

Weakest passwords of 2022

Your business should compensate for modern ransomware capabilities right now

23rd December

3Commas API Dispute Highlights Risks of Algorithmic Trading

4 Types of Active Attacks and How to Protect Against Them

5 Quick and Easy Ways to Prevent Identify Theft Online

48,000 South Africans had their online data stolen by bots – this is how much it sells for on the dark web

A growing number of Australians are finding out they are involved in a major data breach at Medibank months after the cyber attack

A hacker's tips on how to spot a phishing attack

Australia: Global counter-ransomware task force to become active in January

Avalanche-Based DeFi Platform Defrost Finance Loses $173k to Hackers

Biden signs $858 billion defense policy bill into law, expanding government cyber operations

Christmas Casino heist: BetMGM hacked, data of 1.57 million gamblers leaked, while data of 68,000 DraftKings customers also hacked

Christmas scams warning as criminals cash in on cost-of-living crisis

Cloud Security Risk for Retail Companies: Why Ignoring Best Practices Could be Costly – The Redmart Story

CMS Subcontractor Breach Affects 254k Medicare Beneficiaries

Container Verification Bug Allows Malicious Images to Cloud Up Kubernetes

Crooks copy source code from Okta’s GitHub repository

Cyberattack losses projected to hit $5m per incident in 2023

Cybersecurity threatscape: Q3 2022

Data breach: Why is it a big threat for crypto traders, and how to prevent it

Dixons school trust in Bradford hit by cyber attack

Don’t bite! The Coca-Cola scam is back on WhatsApp, now also at Christmas

Email Security: Protecting Your Organization from Within

EU Watchdog Probes Twitter for 5.4 Million User Data Breach

France Fines Microsoft €60 Million for Using Advertising Cookies Without User Consent

Ghost CMS vulnerable to critical authentication bypass flaw

Godfather Android Malware Targets 400+ Banks and Crypto Exchanges

Gootkit Loader continues to be used on multiple Australian networks

Growing cybersecurity skills gap necessitates human factor security

Hacker Swipes $6.9 Million in Cryptocurrency from Defi Protocol Lodestar Finance on Arbitrum Blockchain

Hackers exploit bug in WordPress gift card plugin with 50K installs

Hackers obtained LastPass customer data vaults in recent data breach

How access monitoring keeps providers at bay from data breaches

How Cryptocurrency Scams Work

How cybersecurity is changing with the advent of the metaverse

How to protect yourself from hackers and online threats

Huge number of Iranian cyber attacks against 'Israel'

Identity Provider Okta Breached, User Credentials and Operations Remain Secure

India: Data protection will be a top priority for businesses in 2023

It’s beginning to look a lot like ‘phishmas’!

'It's the most wonderful time of the year' for text scams

Jersey school is attacked by cyber criminals demanding ransom

Kenya: Cybersecurity cases rose in second week of December

LastPass: Customer Vault Data Was Taken

LastPass: Hackers accessed and copied customers’ password vaults

LastPass: Hackers Stole User Data and Encrypted Password Vaults

LastPass Admits to Severe Data Breach, Encrypted Password Vaults Stolen

LastPass customer password vaults stolen, targeted phishing attacks likely

LastPass says attackers got users’ info and password vault data

Legal firm says cyber attack on water firm could lead to “substantial claims for compensation”

Lessons from Biggest HIPAA Breaches of 2022

Liverpool Council issue warning to anyone expecting a Christmas delivery

Manufacturing's Mixed Technology Opens Doors for Cybercrime

Massive Twitter data leak investigated by EU privacy watchdog

Meta settles data breach case linked to Cambridge Analytica scandal for £600m

Meta to settle Cambridge Analytica class-action for $725 million

More Aussies find out they’re caught up in major Medibank data breach months after cyber attack

MultiCare Notifies 23K of Third-Party Breach

New NFT private auction scam threatens OpenSea users

New Scam Trick Threatening OpenSea NFT Marketplace Users Revealed

North Korean Hackers Stole Massive $626M in Crypto This Years, Mostly from DeFi

North Korean hackers stole over 800 billion won worth of cryptocurrencies from DeFi platforms

Online Casinos DraftKings and BetMGM Hacked; Data of Millions at Risk

Patch now: Serious Linux kernel security hole uncovered

Positive Technologies warns of cybercriminals creating platforms to distribute phishing kits

President Biden Signs Quantum Cybersecurity Preparedness Act into Law

Public Warning Following Surge Of Phishing Scams

Putin Team ransomware emerges from leaked Conti’s source code

Rackspace retrieves email data for some customers after ransomware attack

Ransomware Is on the Rise - Here’s How to Protect Yourself

Recent phishing attacks shatter confidence in cybersecurity controls

Recent ransomware attacks show vulnerability in Iowa schools

Researchers Warn of Kavach 2FA Phishing Attacks Targeting Indian Government Officials

SickKids says it could be ‘weeks’ until full recovery from ransomware attack

Silver Ticket Attack

Students across Dorset urged to beware of scams

The Impact of Russia’s Fancy Bear Attacks on U.S. Satellite Networks

The Top 23 Security Predictions for 2023 (Part 1)

Threat predictions for 2023: From hacktivism to cyberwar

Three ways companies can meet the evolving requirements of the insurance carriers

TikTok parent company ByteDance revealed the use of TikTok data to track journalists

TikTok's Parent Company Admits Using the Platform's Data to Track Journalists

Top 10 Risks in Cyber Security

Top Crypto Scams and Trends in 2022

Twitter faces investigation in Ireland over data breach

Unexpected failure of Russian hackers and Ukraine’s ascendant IT expertise

USPS, DHL, and Netlix – Top Phishing Scams of the Week

Valley Children's Medical Group involved in nationwide data breach, officials say

Vice Society Ransomware Attackers Adopt Robust Encryption Methods

Videoconferencing Worries Grow, With SMBs in Cyberattack Crosshairs

What is Cyber Resilience, and how will it Help Businesses?

Why Azure AD Password Protection is Not Enough

Why You Should Update File Sharing Platform, Samba, Right Now

Xavier University Might Have Lost Personal Data in Hack

Zerobot Botnet Devs Add New Functionality

22nd December

10 biggest financial data breaches of 2022

2023 Should Be the Year of On-Chain User Security

After ransomware hits Colombian energy firm, Moody’s says low patch rate suggests inadequacies in cyber practices

Alarming email gap exploited by state sponsored hackers

Amplified security trends to watch out for in 2023

Australian businesses facing identity-based attacks

Being one of the 1% sucks if you're a Rackspace user

Clop ransomware group targeting medical images

Comcast Xfinity accounts hacked in widespread 2FA bypass attacks

Community College Of Baltimore County Suffers Financial Loss In Phishing Attack

Credentials Are the Best Chance To Catch the Adversary

Critical Lessons Learned from Uber’s Second Breach

Critical Security Flaw Reported in Passwordstate Enterprise Password Manager

Cyber Threats Increasingly Target Video Games

Cyberattack compromises German industrial giant ThyssenKrupp

Cybersecurity Awareness Training in Companies: Why You Can’t Do Without It

Cybersecurity Could Emerge as the Biggest Challenge in 2023

Dealing with cloud security shortfalls

Ethos Technologies, Inc. Reports Recent Data Breach Leaked Consumers’ Social Security Numbers

Everything You Need to Know About Automating Digital Forensics and Incident Response (DFIR)

FBI: Cyber-Criminals Are Purchasing Search Engine Ad Services to Launch Attacks

FBI and Europol Seizes Nearly 50 DDoS-for-Hire Platforms and Charged Six Administrators

FIN7 Cybercrime Syndicate Emerges as a Major Player in Ransomware Landscape

FIN7 hackers create auto-attack platform to breach Exchange servers

Fool Me Thrice? How to Avoid Double and Triple Ransomware Extortion

France Fines Microsoft $64m for Imposing Ad Cookies to its Bing Users

Gambling platform DraftKings breached – Do this if you have an account

GitHub incident allowed attacker to copy Okta’s source code

Google WordPress Plug-in Bug Allows AWS Metadata Theft

Guacamaya leaks spark debate about militarization, spyware, but no accountability

Guardian Newspaper Suffers Ransomware Attack

Hackers Breach Okta's GitHub Repositories, Steal Source Code

HHS alert warns KillNet hacktivist group targeted US healthcare entity

Hints for avoiding hackers while using cryptocurrency

How carding can affect your business

How to Recover from a Cyber Attack

Improvement in Internet Security and Tips to Stay Safe Online

India: Defence body warns of data breaches and ransomware attacks, advises staff to follow CERT-In guidelines

India’s Commercial, Critical Infrastructure Under Ransomware Threat

Infostealer Malware Threat Grows as MFA Fatigue Attacks Spread

Insufficient Data Privacy Legislation Is Costing Companies: Three Ways Businesses Are Suffering

Kaspersky uncovers attacks targeting Albanian government with ransomware and wipers signed with stolen certificates

KentuckianaWorks participants potentially affected by third-party data breach

Lastpass: Hackers stole customer vault data in cloud storage breach

Leading sports betting firm BetMGM discloses data breach

'Lessons must be learnt' from cyber attack which has cost Gloucester city council £787,000 so far

Luxembourg: Police warn of fresh wave of scam text messages

Media Giant Guardian Hit By Suspected Ransomware Attack

Microsoft: Zerobot adds new exploits, DDoS attack capabilities

Microsoft says Zerobot can now exploit vulnerabilities in Apache and Apache Spark

One in three Australians have fallen victim to scams

Play ransomware gang claims major cyber attack on H-Hotels that disrupted digital communications

Protecting a Network Without Concrete Boundaries

Queensland University of Technology shuts IT systems after being hit by ransomware attack

Ransomware Attack Causes Disruption at British Newspaper The Guardian

Ransomware attack delays SickKids lab results, systems could be offline for weeks

Ransomware Attack Hits The Guardian Newspaper

Ransomware Cases Have Grown over Time with Modern Tactics

Ransomware Gang Emails College Students with Demands

Ransomware, DDoS see major upsurge led by upstart hacker group

Report Surfaces Top Vulnerabilities of 2022

Researchers Develop AI-powered Malware Classification for 5G-enabled IIoT

Sale or No Sale; Hacker Leaks FBI’s InfraGard database Online

San Diego Unified Waited 5 Weeks to Notify Families of Data Breach

SEO Poisoning Attack Linked to 144,000 Phishing Packages

Student Loans Company (SLC) phishing reminder to students

Tesla competitor faces Bitcoin ransomware attack during economic crisis

The Era of Cyber Threat Intelligence Sharing

The Grand Theft Auto 6 (GTA 6) leak was one of the biggest ever, and the only winners were the news writers

The Guardian confirms their systems were hit by ransomware attack

The Guardian newspaper believes ongoing “IT incident” caused by ransomware

The top cyber security stories of 2022

Threat actors use known Excel vulnerability

Top 10 cyber crime stories of 2022

Toronto children’s hospital confirms it was hit by ransomware

Two New Security Flaws Reported in Ghost CMS Blogging Software

UK Government: Sharing Some Passwords is Illegal

Vice Society ransomware gang switches to new custom encryptor

W.W. Wallwork, Inc. Reports Data Breach That Leaked an Unknown Number of Consumers’ Social Security Numbers

What Can Schools Do Against the Onslaught of Ransomware?

What Can We Learn From Recent Cyber History?

What is Bluebugging, how does it occur, is it dangerous, and other related queries

Why KPIs Are Critical to Effective Security

Xavier hit with cyberattack; personal information might have been stolen, school warns

Zerobot Botnet Emerges as a Growing Threat with New Exploits and Capabilities

21st December

6 Key Questions to Ask Yourself When Scaling Up Your Cybersecurity

2023 Cybersecurity Spending Increases to Combat Evolving Threats

Acronis Report Uncovers Cloud Environments Are New Potential Targets for Threat Actors

Addresses of non-molestation order applicants disclosed in data breach

Adult Google Ad Fraud Campaign Garnered Millions of Impressions

Ankr Confirms $5M Crypto Hack Was An Inside Job

APIs are placing your enterprise at risk

Attention Last-Minute Holiday Shoppers: Scammers Are Coming for You

Beware of Cyber Attacks During the Holiday Season – Royal Ransomware Group Highlighted as Threats to the Health and Public Health Sectors

Beware of What Is Lurking in the Shadows of Your IT

British newspaper The Guardian says it’s been hit by ransomware

Brute Force Attacks: A Guide to Protecting Your Online Information

Cameron County District Attorney Forces School District to Disclose 'Vast' Data Breach

Chinese electric automaker Nio hit by data breach

CISA Warns Healthcare Organizations of Cuba Ransomware Threat

Class action suit alleges Oakwood University responsible for massive data breach

Community College of Baltimore County (CCBC) victim of phishing attack

Compliance Investigation Into Mercury IT Breach Commenced

Conti Team One Splinter Group Resurfaces as Royal Ransomware with Callback Phishing Attacks

Cyber attack on Angus Council cost taxpayer £25,000

Cyber-Incident Causes System Failures at Canadian Children's Hospital

Cybercriminals attack users with 400,000 new malicious files daily

Cymulate Identifies Cyberattack Technique That Evades EDR Platforms

Data protection: Safeguard the path to digitalisation of power networks

Debunking 5 Myths About Detection-as-Code

Employee Privacy And Cybersecurity: Spot The Difference

Evolving threats and broadening responses to Ransomware in the UAE

Experian, T-Mobile data breach $16M class action settlement

FBI warns of search engine ads pushing malware, phishing

Four tips to avoid online holiday shopping being ruined by hackers

German industrial giant ThyssenKrupp targeted in a new cyberattack

GitHub Attack Allowed Attackers to Steal Okta’s Source Code

Gloucester cyber attack: A year since hackers disrupted vital services for thousands of citizens

GodFather Android Banking Trojan Targeting Users of Over 400 Banking and Crypto Apps

GodFather Android malware targets 400 banks, crypto exchanges

“GodFather” Hits Banks, Crypto Wallets Apps as Android Trojan Emerges

Godfather Trojan Targets 400 Financial Services Firms

Guardian hit by serious IT incident believed to be ransomware attack

Guardian newspaper hit by suspected ransomware attack

Guardian newspaper hit by suspected ransomware attack, staff told not to come to office

Guardian hit by serious IT incident believed to be ransomware attack

Guardian shuts offices after ransomware attack

Hartnell Community College District Files Notice of Data Breach with the California Attorney General

How a Simple Browser Search Can Lead You to a Scam

How are healthcare CISOs reporting & measuring risks?

How to avoid getting hooked by crypto ‘ice phishing’ scammers

Is Enterprise VPN on Life Support or Ripe for Reinvention?

Is TikTok stealing more than just your time?

Keppel Telecommunications and Transportation hit by data breach

Loot from New Zealand ransomware attack being sold on dark web

Meaningful Protection: A Regulatory Proposal And Roadmap To Protecting Healthcare And Other Critical Infrastructure

Medicare Data Breach Affects Thousands of Beneficiaries

More than compliance: cybersecurity best practices for the Oil and Gas sector

Morley Companies data breach $4.3M class action settlement

New Microsoft Exchange exploit chain lets ransomware attackers in (CVE-2022-41080)

November 2022 Healthcare Data Breach Report

Okta Data Breach: Cybercriminals Steal IAM Provider’s Source Code

Okta's source code stolen after GitHub repositories hacked

Okta’s Source Code Stolen in GitHub Breach

Over half of us still don't use a VPN when connecting to public Wi-Fi

Personal info may have leaked in Hope College data breach

Play ransomware actors bypass ProxyNotShell mitigations

Play ransomware gang claims H-Hotels cyberattack

Play Ransomware Targets H-Hotels After City of Antwerp and Córdoba Judiciary

Protect Your Fleet Against the Growing Risk of Cyber Attack

Ransomware attacks increased 41% in November

Ransomware Hackers Using New Way to Bypass MS Exchange ProxyNotShell Mitigations

Ransomware incidents targeting 'critical infrastructure' have grown

Raspberry Robin Malware Caught Employing A Clever Tactic To Dupe Security Researchers

Raspberry Robin Worm Strikes Again, Targeting Telecom and Government Systems

Raydium announces details of hack, proposes compensation for victims

RedMart fined S$72,000 for data breach resulting in online sale of customer data

Remote, third-party workers raise security risks for enterprises

Restaurant CRM platform SevenRooms confirms breach after stolen data appear for sale

Royal overtakes LockBit as top ransomware in November as attacks increase 41%

Russian Killnet Hackers Claim Data Theft of FBI Agents

Russians hacked JFK airport’s taxi dispatch system for profit

Securonix predicts more successful major cloud provider-level attacks in 2023

Shoemaker Ecco leaks over 60GB of sensitive data for 500+ days

Simple Steps to Avoid Phishing Attacks During This Festive season

Social media use can put companies at risk: Here are some ways to mitigate the danger

South Dakota health system notifies patients of 3rd-party data breach

Sports betting operator BetMGM hit by data breach

“Suspicious login” scammers up their game – take care at Christmas

The Average Cost of a Ransomware Attack in 2022

The Guardian 'believed to be' hit by ransomware attack, staff told to work from home

The Guardian Hit By Ransomware Attack, Staff Told To Work From Home

The online scams to watch out for over Christmas 2022: from Royal Mail to fake gift vouchers

The Rise of the Rookie Hacker - A New Trend to Reckon With

The Top Security Vulnerabilities of 2022 and Their Workarounds

Uber Data Breach Exposes 77,000 Employee Email Addresses and Other Company Data

UK Security Agency Wants Fresh Approach to Combat Phishing

UK's Guardian newspaper breaks news of ransomware attack on itself

Ukraine's DELTA Military System Users Under Attack from Info Stealing Malware

University Of East London Research Shows Two Thirds Of European Youth Involved In Some Form Of Cybercrime Or Online Risk Taking

US Most Impacted by Data Breaches in the Financial Industry in 2022

Watch Out For These Fake Amazon Scams This Holiday Season

Who’s Keeping Computers Safe When Everybody’s Working From Home?

Why ChatGPT can be dangerous for every internet user

Why Security Teams Shouldn't Snooze on MFA Fatigue

Wing Financial data breach investigation underway

Zerobot malware now spreads by exploiting Apache vulnerabilities

20th December

3Commas denies accusations of leaking API data resulting in $14.8M in ‘unauthorized trades’

4 Keys to Consider When Evaluating Cloud Data Protection Tools

5 types of malicious codes attack millions of computers in Vietnam

20 Ransomware Statistics Small Businesses Should Know

2022 Cyber Security Review of the Year

AIIMS cyber attack puts digital health ID plan under scanner

AIIMS Ransomware Attack: The Missing Picture

As cyber criminals start targeting retail, companies must be ready to fight back

Australians demand executives held liable for cyber breaches

Balance Sheet Blind Spot: Cryptocurrency Is Not as Protected as You Think

Beware: Cybercriminals Launch New BrasDex Android Trojan Targeting Brazilian Banking Users

Beyond Ransomware: Cybercrime Trends to Watch in 2023

Boulder County exposes jail inmates’ Social Security numbers

Brooklyn hospital network reverts to paper charts for weeks after cyberattack

Chinese electric automaker Nio hit by data breach

Clearview Public Schools hit by third-party data breach

Clop ransomware group targeting provider-patient trust by infecting medical images

Cloud Computing Services: The Threat of the Future

Connected homes are expanding, so is attack volume

Consumer security savvy is way behind IoT threat landscape

Cyber attack affects phones, website at Toronto’s SickKids Hospital

Cyber-proofing the healthcare industry from ransomware attacks

Cybersecurity in 2022: It’s Not Getting Easier

Cybersecurity is a Team Sport - Avoid the ‘Us and Them’ Culture

Cybersecurity Pros Bracing for Possible Holiday Cyber Event

Data Breaches in Washington Remain at Historic Highs

Data Collection Costs Epic Games Half a Billion USD

District Attorney forces San Benito schools to notify victims of ‘biggest’ data breach agency has seen

DraftKings Data Breach Impacts Personal Information of 68,000 Customers

Federal Trade Commission (FTC) Fines Fortnite Maker Epic Games $275 Million for Violating Children's Privacy Law

Fortnite Dev to Pay $520m in Record-Breaking Settlement

Google Ad fraud campaign used adult content to make millions

Google Disruption Fails to Stop Glupteba Botnet

Hacked Ring Cameras Used in Livestreaming Swatting Attacks

Hackers bombard PyPi platform with information-stealing malware

Health Care Cybersecurity: Past, Present And Future

Hope College Files Notice of Data Breach Following Unauthorized Access to Sensitive Student Information

How MSSPs Can Deliver Value Through Dark Web Threat Intelligence

How to assess and bolster an organization's level of cybersecurity

How To Keep Your Business Prepared for this Holiday Hacking Season?

Indian foreign ministry portal found leaking passport details of millions of overseas Indians

Instagram Rolls Out dedicated Page To Help Users Regain Hacked Accounts

Keppel Telecommunications and Transportation hit by data breach

KmsdBot Botnet Suspected of Being Used as DDoS-for-Hire Service

Kremlin’s most notorious hacker: will Yakubets ever face justice?

Kremlin-backed hackers targeted a “large” petroleum refinery in a NATO nation

Make sure your company is prepared for the holiday hacking season

Microsoft Details Gatekeeper Bypass Vulnerability in Apple macOS Systems

Military operations software in Ukraine was breached by Russian hackers

Millions of Moscow’s Children Surveilled Long Before Data Leak

Mimecast report highlights ransomware risk and impact on UAE organisations

Missing goals: Why online broadcasts can be vulnerable to cyberattacks

Nevada and North Dakota have highest cybercrime data

New Ransomware Variant, Written In Rust, Hitting Critical Infrastructure Companies

Nokoyawa Ransomware: Rust or Bust

On-premises vs cloud security: What are the pros and cons?

Organizations Warned of New Attack Vector in Amazon Web Services

P2 Energy Solutions Notifies Over 69k Consumers of a Data Breach that Leaked Their Social Security Numbers

Personal information of about 37,000 people exposed in Whitehall ransomware data breach

Protecting Your Brand With Public Web Data Scraping

Ransomware attacks increased 41% in November

Ransomware gang uses new Microsoft Exchange exploit to breach servers

Ransomware hackers take demands directly to college students: ‘For you, it’s a sad day’

Raspberry Robin worm drops fake malware to confuse researchers

Recent Tech Layoffs Sharply Increase Insider Cybersecurity Threat

Russian hackers accessed JFK airport taxi software

Russian hackers attempted to breach petroleum refining company in NATO country, researchers say

Russian Hackers Targeted Petroleum Refinery in NATO Country During Ukraine War

Russian hackers targeted petroleum refining company in NATO state

SevenRooms announces third-party vendor breach, says PII and banking details were not compromised

SSL Stripping Explained and How to Avoid It

Study finds troubling perception gap in data breach awareness and coverage

Taylor Regional Hospital Sued Over 2021-2022 Patient Data Breach

Telegram Hack Exposes Growing Russian Cyber Threat in Moldova

Telling users to ‘avoid clicking bad links’ still isn’t working

The Importance Of Putting Employees At The Center Of A Security Strategy

The modern day blackmail: Understanding the dangers of cyber extortion

The Most Common Mistakes People Make with Malware

The Top Cloud Security Threat Comes from Within

The USPS, UPS, FedEx, and DHL Text Message Phishing Scam Explained

Threat actors find way to abuse the AWS Elastic IP Transfer feature

UK Privacy Regulator Names and Shames Breached Firms

Ukraine's Delta Military Intel System Hit by Attacks

Using AI against us: Hackers can weaponize chatbots to write phishing campaigns

What Brands Get Wrong About Customer Authentication

Your Guide to IAM – and IAM Security in the Cloud

19th December

3 Reasons to Take a Layered Approach to Offensive Cybersecurity

5 cybersecurity trends accelerating in 2023

5 real estate scams to watch out for, and how to avoid them

6 email ‘red flags’ that can mean someone’s trying to scam you over the holidays

10 useful tips to secure your social media accounts from getting hacked

85% of attacks now use encrypted channels

A Closer Look at Windows Kernel Threats

A Practical Guide to Software Supply Chain Security

Acronis Cyberthreats Report Year-end 2022: Data under attack

Acronis End-of-Year Cyberthreats Report Finds Average Cost of Data Breaches Expected to Surpass $5 Million Per Incident in 2023

AIIMS cyber attack: Delhi Police seeks data on Chinese hackers from CBI-Interpol

AIIMS-like ransomware attacks will continue unless there is proper cyber hygiene

Antwerp denies negotiating ransomware payment as city disappears from leak site

API Vulnerabilities Discovered in LEGO Marketplace

Australia: Extortion email scams

Average cost of data breaches to surpass $5 million per incident in 2023

Avoid The XRP Staking Scam Claiming To Offer Up To 31% Returns

BadUSB: A Growing Cybersecurity Threat

Battling back the scammers: Six steps the elderly can take to avoid being fraud victims

Beware of Highly Sophisticated DarkTortilla Malware Distributed Via Phishing Sites

BlackBerry shares key insights into state of cybersecurity for 2023

BlackCat ransomware group leaks files stolen from D.C. convention bureau

Bored Ape Yacht Club (BAYC) Over a Million Worth NFT Reported Stolen

Brooklyn hospital resorts to pen-and-paper charts following cyberattack

Chinese Hackers Exploit Citrix Vulnerabilities

CMS subcontractor hit with ransomware

Colombian energy supplier EPM suffers BlackCat ransomware attack

Critical Windows code-execution vulnerability went undetected until now

CXOs Not Confident of Security Readiness

Cyber attack on FuboTV logged subscribers out during World Cup semi-final clash

Cyber National Mission Force elevated in fight against foreign hackers

Cyber skills gap leaving UK SMEs vulnerable to attacks

Cyberattacks in 2022 and what hospitals, health systems can learn going into 2023

Cybercrime (and Security) Predictions for 2023

Cybersecurity and EdTech: How can EdTech organisations address the growing security challenges?

Cybersecurity crucial for OT and ICS in 2023

Data Resilience Predictions: Using the Economy to Inform Security Strategy

DraftKings warns data of 67K people was exposed in account hacks

Email Fraud: How to Recognize and Avoid It

Epic Games agrees to pay record-breaking $520 million for privacy violations

Epic Games to pay $520 million for privacy violations, dark patterns

Facebook Cracks Down on Spyware Vendors from U.S., China, Russia, Israel, and India

Facebook Users Warned to Be Aware of New Rise in Phishing Scams

Forget AI art - AI-powered cyberattacks are what we should be worried about

Former T-Mobile Store Owner Scores Long Prison Sentence For $25M Phone Unlock Hack

FoxIt Patches Code Execution Flaws in PDF Tools

From Twitter, Samsung to Rockstar Games, here are the top data breaches of 2022

Glupteba Botnet Continues to Thrive Despite Google's Attempts to Disrupt It

Hacker claims to have 120,000 Hyundai India car owners' information, Puts it for sale on the Dark Web

Hacker Swipes FBI’s Info Sharing InfraGard Database of 80K Contacts

Holiday Shopping Threats To Security

Holiday Spam, Phishing Campaigns Challenge Retailers

How hyperautomation can bolster security and reduce risk in banking

How Much Does a Password Reset Cost? More Than You’d Think

How Reveton Ransomware-as-a-Service Changed Cybersecurity

How to Secure Business Processes: Tips & Tricks

How to spot a HMRC scam

How you can stop corporate login credential theft

Huge increase in cost of phishing attacks

Infamous hacker steals 14 BAYCs worth over 852 ETH ($1.07 million)

IoT Security: How to safeguard IoT devices against cyberattacks

IRS mistakenly publishes 112,000 taxpayer records for the second time

Is Quantum Security The Next Guy’s Problem?

Is Your Organization Safe from Common Cybersecurity Threats?

Jisc moves to protect tertiary education from ransomware

LinkedIn has massively cut the time it takes to detect security threats. Here's how it did it

Louise W. Eggleston Center, Inc. Reports Data Breach Following Ransomware Attack

Malicious ‘SentinelOne’ PyPI package steals data from developers

McGraw Hill exposed student data and grades, online privacy firm says

Medicare Data Breach: Letters Sent Regarding New Cards Issued to 254K Recipients

Medicare data breach affects up to 254,000 beneficiaries

Microsoft finds macOS bug that lets malware bypass security checks

Microsoft Vulnerability Upgraded to Critical Due to RCE Risk

Millions of Facebook users warned over dangerous alert – don’t make huge mistake

Mobile App Users at Risk as API Keys of Email Marketing Services Exposed

Moving Beyond Security Awareness to Security Education

National Cyber Security Centre (NCSC) annual review 2022: Highlights and thoughts

Navigating the Path to Enhanced Authentication

New Agenda Ransomware Variant, Written in Rust, Aiming at Critical Infrastructure

New Zealand Archives Breach - Months To Notify Individuals

Open source vulnerabilities add to security debt

Over 54 million users' data at risk via 3 popular email marketing apps

Palo Alto Networks research finds Baby Boomers better at password reuse than Gen Z

Pennsylvania’s Data Breach Notification Law Is Changing: What Does It Mean for Entities Doing Business in the Keystone State?

Phishing Scams: 5 Tips on Training Employees

Phishing Targets Ukrainian Battlefield Awareness Tool Users

Play ransomware claims attack on German hotel chain H-Hotels

Rackspace Ransomware Attack Caused Email Outages; Thousands of Customers Migrated to Cloud Services

Ransomware attack shuts down operations of firefighters at 85 Australian fire stations

Ransomware Groups to Increase Zero-Day Exploit-Based Access Methods in the Future

Researchers Discover Malicious PyPI Package Posing as SentinelOne SDK to Steal Data

Russian DDoS attacks on the West may be a smokescreen

San Diego Unified School District Waited 5 Weeks to Notify Employees and Families of Data Breach

Scam alert: Avoiding getting conned by too-good-to-be-true scholarships

Security Experts Say You Should Always Disable This Setting When Using Airport Wifi

Security teams urged to prepare for next era of ransomware

SevenRooms Restaurant CRM Suffers Significant Data Breach

Social Engineering Strikes Again As $1M+ Bored Ape Collection Stolen

Sophisticated DarkTortilla Malware Serves Imposter Cisco, Grammarly Pages

South Africa: The cybersecurity year ahead - cloud data threats loom in 2023

State level cyber attacks - Why and how

Staying cyber safe with skeleton staff

T-Mobile Hacker Gets 10-Year Sentence for Unlocking Phones

The Growing Risk Of Malicious QR Codes

The risk of escalation from cyberattacks has never been greater

The state of Operational Technology (OT) security: a rapidly evolving landscape

Threat Intelligence Through Web Scraping

Top 6 Email Security Threats You Need to Be Aware of

Top American Online Education Platform Leaks 22TB of Data

Ukraine's DELTA military system users targeted by info-stealing malware

Urgent need to secure India’s healthcare ecosystem from cyber threats

US agencies seize 48 DDoS-for-hire domains, charge six people for running booter services

What is Account Takeover (ATO)?

What Is Doxxing, And Why Is It So Dangerous?

What the Russian Invasion Reveals About the Future of Cyber Warfare

What to Do When Ransomware Strikes

Why AI is the key to cutting edge cyber security in 2023

Worst crypto scams and 'coverups' of 2022