Editor's Message
Welcome to DBD. On March 8th we celebrated our 4th Anniversary and the 1st Anniversary of our PRiSM application, officially endorsed by the SANS Institute. Despite recent personal issues that have impacted the amount of time I have been able to dedicate to both projects, I have been doing my best to keep everything as up-to-date as possible, and I would like to take this opportunity to thank everyone for their patience and support whilst I navigate through this very difficult time. Stay safe. :)
Tuesday, 31 January 2023
Monday, 30 January 2023
Data Breaches Digest - Week 5 2023
Welcome to this week's Data Breaches Digest, a catalogue of links concerning Data Breaches and Cyber Security that were published on the Internet during the period between 30th January and 5th February 2023.
5th February
5 Common Types of Cyber Attacks and How to Prevent Them
A few easy changes can protect personal information
Action Fraud warn people to be vigilant about fake McAfee emails
Birmingham medical practice informs patients of security breach
Civic chiefs in Gloucester 'told off' for making 'damning' confidential cyber attack report public
Concurrence of Cyberspace with Terrorism
Finland’s Most-Wanted Hacker Nabbed in France
Five Guys allegedly hit by ransomware
Funds Stolen in Phishing Attack Laundered at Secret Address
Gala Doggy Day Care Centre to get compensation from ex-employee
Hackers stole over Rs 31,200 crore from crypto investors in 2022; here's how to keep it safe
How do you know your cybersecurity is being handled?
India: DJVU Most Common Ransomware Impacting
India: 'Offer that seems too good probably can't be trusted'
Instant Checkmate, TruthFinder Data Breach: 20 Million Accounts Leaked
Is your organization cybersecurity ready?
Linux version of Royal Ransomware targets VMware ESXi servers
Malicious insider: Route for ransomware
New Dingo crypto token found charging a 99% transaction fee
New phishing attacks take aim at Telegram vulnerabilities
O2 issues warning over phone call and text that could drain your bank account
Ransomware attacks in Europe target old VMware, agencies say
Ransomware hacking campaign targets Europe and North America, Italy warns
Zero-trust security becoming a significant element for enterprises in adopting cybersecurity solutions
4th February
8 Pros and Cons of Penetration Testing
Australia Gives Its Crypto Watchdogs More Teeth To Fight Scammers
Australian Medical Association (AMA) calls for stronger laws to protect patient data
Banner Health paid $1.25 million to resolve federal data breach probe
Best passwords: Strong password ideas for greater safety
Beware! The Last of Us Download Scam Prey on the Innocent
ChatGPT is used by cybercriminals to write better phishing emails
ChatGPT lets scammers craft emails that are so convincing they can get cash from victims without even relying on malware
Cyber-attack results in more than $800K stolen from Houston business, lawsuit filed
Dark Web Developer Wanted: Malicious Actors Join IT Talent Hunt
Data Breach: Over 110,000 More Users Affected in ‘LG Uplus’ Data Breach
DHL Email Scams: How To Spot The Fakes
Digital Rights Ireland to sue for damages for Facebook users over dark web data leak
Dynamic Approaches seen in AveMaria's Distribution Strategy
Enbridge Gas Warning Customers Of Scam Emails
Feds Confirm Cyberattack Caused Nation’s Critical Suicide Helpline Outage
Four more attacks on the healthcare sector
Identifying and Managing Cybersecurity Risks in the Construction Industry
India: 50 government websites hacked, 8 data breaches in 2022
India’s Largest Truck Brokerage Company Leaking 140GB of Data
Infrastructure sectors hit hardest by ransomware
Iran Behind Cyber Attack On Charlie Hebdo: Microsoft
Massive Ransomware Campaign Targeting Unpatched VMware ESXi Servers
Massive Ransomware Campaign Targets VMware ESXi Servers
New Wave of Ransomware Attacks Exploiting VMware Bug to Target ESXi Servers
New York attorney general forces spyware vendor to alert victims
No victims were identified in the Russian inquiry into the REvil case, and the number of individuals who were stolen is unknown
North Korean Hacker Group Targeted Medical & Energy Sectors
PixPirate: New Android Banking Trojan Targeting Brazilian Financial Institutions
'Ransomware Year' May Be The Most Devastating Ever
Tallahassee hospital takes IT systems offline, postpones procedures after apparent cyber attack
The five tell-tale signs in scam texts: From 'your eBay order has been despatched' to 'you have a new direct debit'...how to tell the fake from the real - and the iPhone trick to filter them out for good
U.S. reverse-hacks cryptocurrencies stolen by North Korea
Warning: Hackers Actively Exploiting Zero-Day in Fortra's GoAnywhere MFT
What Are the Major Cybersecurity Risks Associated with Cryptocurrency?
What does it take to control cybercrime in Nepal?
What Is Data Scraping?
What Should Leaders Do To Prepare For The Future Of Compliance?
Why are US Legislators Still Using Apps That Can Collect Data for Foreign Governments?
3rd February
16 Effective Ways Tech Leaders Can Increase Cybersecurity Standards
A four-day working week still requires seven days security
Adversaries Using OpenAI’s ChatGPT Chatbot for Cyberattacks? Here are Some Clues
Africa must strengthen cyber defence in mining and energy
ALPHV Ransomware Hits UK Realty Firm McEwan Fraser Legal, 300GB Data On The Line
API Leaks: Understanding The Threats
Apparent cyberattack forces Florida hospital system to divert some emergency patients to other facilities
AT&T iPad Scam, Southwest Airlines, Walmart / DHL Shipping Text, and MetaMask Phishing – Top Scams This Week
Atlassian Patches Critical Authentication Flaw in Jira Software
Atlassian warns of critical Jira Service Management auth flaw
Atlassian's Jira Software Found Vulnerable to Critical Authentication Vulnerability
BlackCat ransomware gang targeted Indian weapons manufacturer, stole classified military secrets
Businesses Bolster Defenses as Data Breach Concerns Grow
Canon USA Settles with Employees Affected by 2020 Ransomware Attack
Charlie Hebdo Hit by Iranian Cyber Attack
CISA adds Oracle, SugarCRM bugs to exploited vulnerabilities list
CISA Alert: Oracle E-Business Suite and SugarCRM Vulnerabilities Under Attack
Claimed data breach: 'No confidential information disclosed'
Commodity Futures Trading Commission (CFTC) Chief Plots New Cyber Rules in Wake of ION Trading Hack
Commodity Futures Trading Commission (CFTC) issues statement on cybersecurity breach at ION Cleared Derivatives
Credential Stuffing - Protection Techniques for Organisations and End-Users
Customizable new DDoS service already appears to have fans among pro-Russia hacking groups
Cyber Forecast for 2023 and Beyond: Hang on for a Bumpy Digital Ride
Cyber Fraud in the Gaming, Travel and Leisure Industries
Cyber Insurer Sees Remote Access, Cloud Databases Under Fire
Cyberattacks: which brands are most used to steal information
Electric Vehicle (EV) Charging Stations at Risk of DoS Attacks
Evri text scam: parcel delivery tracking message explained - how to spot texts, what to do to avoid fraud
Fake ChatGPT Apps Start to Steal User Data: Delete These Apps Now
FBI Dismantles Hive Ransomware Network From the Inside, Thwarting Over $130m in Ransom Demands
FBI Seizes NFTs from Crypto Scammer
Finding the right cyber security strategy
Florida hospital takes IT systems offline after cyberattack
For Educational Institutions, Post-Ransomware Harassment Requires A+ Messaging
Former Ubiquiti employee pleads guilty to attempted extortion scheme
Former Ubiquiti Employee Who Posed as Hacker Pleads Guilty
FTX Creditors Warned of Possible Online Scammers
GoAnywhere MFT zero-day vulnerability lets hackers breach servers
Google Ads in Search Results May Lead to Malvertising Attacks
Google Fi Data Breach – Hackers May Carry Out SIM Swap Attacks
Hacker Exploits BonqDAO Protocol of Over $120 Million
Hackers are using this new trick to deliver their phishing attacks
Hackers Posing as Ukrainian Ministry Deploy Info Stealers
Hackers who breached ION say ransom paid; company declines comment
Harmony hacker moves $726k worth of stolen WETH
High-Severity Privilege Escalation Vulnerability Patched in VMware Workstation
Home Title Theft: How To Protect Yourself
How ChatGPT will influence cybersecurity
Inability to prevent bad things from happening seen as the worst part of a security job
Increased ransomware attacks on health care facilities impede patient care
India: 151 government websites hacked since 2020; 21 instances of data breaches
India: All India Institute Of Medical Sciences (AIIMS) hack resolved but some niggles remain
Indian Official Highlights Djvu Ransomware as Threat
Information Commissioner’s Office (ICO) Relaxes Breach Reporting for Comms Providers
Infrastructure sectors hit hardest by ransomware
Iranian OilRig Hackers Using New Backdoor to Exfiltrate Data from Govt. Organizations
Is Insurance the Solution to, or the Enabler of, Ransomware?
Is Your Electric Vehicle (EV) Charging Station Safe? New Security Vulnerabilities Uncovered
IT Leaders Reveal Cyber Fears Around ChatGPT
JD Sports cyber attack: why online retail is vulnerable and what can be done?
JD Sports Suffered A Cyber-Attack That Leaked 10 Million Customers’ Data
Julius ‘zeekill’ Kivimäki, former Lizard Squad hacker, arrested in France
Kellett School: How our school fought back after a cyberattack
LockBit gang confirms Ion cyber attack as disruption continues
Major Florida hospital hit by possible ransomware attack
Malaysia: Stopping cyberattacks
MalVirt Loaders Exploit .NET Virtualization to Deliver Malvertising Attacks
Massive ESXiArgs ransomware attack targets VMware ESXi servers worldwide
Metro Detroit police departments targeted in ransomware attacks
Microsoft accuses Iran’s government of cyber operation against Charlie Hebdo
Microsoft Visual Studio add-ins could be used to deliver malware
Mitigating security risks with an evolving workforce
'More terrorists WILL enter the US now': Expert makes damning prediction after Transportation Security Administration (TSA) No Fly List with 1.5 million entries leaks on dark web
More than 11,000 employees, students and former staff affected by cyber attack, Queensland University of Technology (QUT) says
New Credential-Stealing Campaign By APT34 Targets Middle East Firms
New High-Severity Vulnerabilities Discovered in Cisco IOx and F5 BIG-IP Products
New York attorney general fines developer of stalking apps
North Ayrshire Council 'likely' to have breached data law with facial recognition tech in schools
OilRig Hackers Exfiltrate Data From Government Agencies Using New Backdoors
OpenSea serves as an example of why crypto security must improve
Over half of organizations experienced an insider threat in 2022
Patch your Jira Service Management Server and Data Center and check for compromise! (CVE-2023-22501)
PayPal scam: how to spot fake refund message, what to do if you get one, how to stay safe from phishing emails
Pembrokeshire: Top councillor accused of possible data breach
Post-Macro World Sees Rise in Microsoft OneNote Documents Delivering Malware
Pro-Russian hacktivist group is only getting started, experts warn
Quarter of CFOs Have Suffered $1 million+ Breaches
Queensland University of Technology (QUT) reports more than 11,000 IDs hacked in a cyber attack
Ransomware Attack Closes Nantucket Schools
Ransomware attack halts London trading
Royal Mail cyber attack is 'destroying' small businesses as overseas post still disrupted
Russia-linked hacking against national labs spurs inquiry from two House chairmen
Securities Exchange Commission (SEC) And Commodities Futures Trading Commission (CFTC) Legal Action Against Mango Markets Hacker Will Boost DeFi, Moody
Short-staffed SOCs struggle to gain visibility into cloud activities
Singapore: Man arrested for illegally obtaining personal particulars via fraudulent QR codes at Housing and Development Board (HDB) blocks
South Korea: 110,000 more users affected in LG Uplus' data breach
Star Wars: The hackers fight back
Swiss Prosecutors Looking Into 2022 Credit Suisse Data Leak
Switzerland’s largest university confirms ‘serious cyberattack’
T-Mobile data breach class action lawsuit investigation
T-Mobile Data Breach Includes Massive Compromise of Google Fi Service, Unknown Quantity of Customer Records Exposed
Tallahassee hospital diverting patients, canceling non-emergency surgeries after cyberattack
Tallahassee Memorial hospital victim of suspected ransomware attack
TgToxic Malware’s Automated Framework Targets Southeast Asia Android Users
The black hat hacker trap: Why unethical hacking lures young people
The dangers of public wifi computer connection
The future of cybersecurity: Hacking the cloud
The importance of data retention policies
The One Security Mistake iPhone Users Shouldn’t Be Making Anymore In 2023
TruthFinder, Instant Checkmate confirm data breach affecting 20 Million customers
UK financial regulator says monitoring incident at Ion's clearing unit
University of Zurich hit with ‘serious’ cyberattack
Until further notice, think twice before using Google to download software
US Man Charged in $110m Crypto Trading Scheme
Vice media hacked, confidential data leaked
We can’t rely on goodwill to protect our critical infrastructure
Web3 Wallet MetaMask Update Adds Third Party Phishing Detection
What Kind of Malware Is the Most Dangerous?
Why Resetting Passwords May Not Be the Best Idea
Will Class-Action Lawsuits Force Companies to Get Serious About Cybersecurity?
Zero day affecting Fortra’s GoAnywhere file transfer tool is actively being exploited
2nd February
6 Ransomware Trends & Evolutions For 2023
9 Internal Data Breach Examples to Learn From
40% of directors have experienced cyber-attack
50% of organizations have indirect relationships with 200+ breached fourth-party vendors
67% of home networks face cybersecurity threats each month
98% of organizations worldwide connected to breached third-party vendors
2022: A Year In Review For Enterprise Security
Acuity Brands allegedly failed to protect employee info during data breaches
Alarming breach: Nagpur's Solar Industries, making military weapons, hit by cyber attack
Andersen Corporation leaks customer home photos and addresses
APT groups use ransomware TTPs as cover for intelligence gathering and sabotage
Arnold Clark Confirms Customer Data Compromised in Breach
Arnold Clark customer data was stolen in Play ransomware attack
Australia: Black and White Cabs booking service offline after cyber attack
Bad Faith: The Battle of IT Company and Insurer Over Ransomware Coverage Ends in Settlement
Beware The BlackCat: Cyber Criminals Threaten Healthcare Industry
Cisco fixes bug allowing backdoor persistence between reboots
City of London on High Alert After Ransomware Attack
Cyber and mergers
Cyber Attack Campaign Targets Gambling and Gaming Companies, Israeli Cybersecurity Firm Warns
Cyber attack hits Arnold Clark
Cyberattack Impact “Catastrophic” for Third Parties
Cybersecurity budgets are going up. So why aren't breaches going down?
Cybersecurity roadmap: Threats proliferate but best practice still works
Data breach at Vice Media involved SSNs, financial info
Electric Vehicle (EV) Charging Management System Vulnerabilities Allow Disruption, Energy Theft
Federal Trade Commission (FTC) Imposes $1.5M Penalty on GoodRx Over Failure to Report Healthcare Data Breach
Feds get guilty plea in Ubiquiti data extortion case
Financial software firm Ion Group battles LockBit ransomware attack
Foreign states already using ChatGPT maliciously, UK IT leaders believe
Former Ubiquiti developer pleads guilty to trying to extort his employer
Four cyber resilience best practices to consider In 2023
Four public schools in Nantucket closed due to a ransomware attack
From instant essays to phishing scams, ChatGPT has experts on edge
Google bans 12 Android apps as millions urged to delete them immediately
Growth of cashless transactions increases cybersecurity threats
Guardian Australia staff details compromised in cyberattack
Hacker Exploits BonqDAO in $120 Million AllianceBlock Heist
Hacker Group Releases 128GB Of Data Showing Russia's 'Wide-Ranging' Illegal Surveillance Of Citizens
Hackers linked to North Korea targeted Indian medical organizations, energy sector
Hackers weaponize Microsoft Visual Studio add-ins to push malware
Health and Human Services (HHS) Office for Civil Rights Settles HIPAA Investigation with Arizona Hospital System Following Cybersecurity Hacking
Hospitals Hit by DDoS Attacks as Killnet Group Targets the Healthcare Sector
How to effectively communicate cybersecurity best practices to staff
How To Ensure Vendors Are Keeping Your Data — And Your Firm — Safe
Incident of the Week: Malicious actors gain access to GitHub source code
India: Top manufacturer of defence equipment faces cyber attack, police registers First Information Report (FIR)
Institute of Directors (IoD) Survey reveals 41% of Business Leaders Say Their Organisation Has Experienced a Cyber Attack
ION Ransomware attack hits markets — Here are some key lessons from an earlier attack
Italy: ACEA hit by hacker attack
KillNet, Royal, LockBit: The cybercriminal groups on hospital CISOs' minds
Last year was the worst on record for crypto hacks, as North Korean groups cash in
Lazarus Group Attack Identified After Operational Security Fail
LockBit takes credit for the ransomware attack on Sacramento PBS station
Mustang Panda APT Group Uses European Commission-Themed Lure to Deliver PlugX Malware
New Cyber Threat Report from STM: Ransomware Attacks Increase 62 Percent
New GOOTLOADER Malware Uses Fileless Technique to Deploy Ransomware
New Russian-Backed Gamaredon's Spyware Variants Targeting Ukrainian Authorities
New Threat: Stealthy HeadCrab Malware Compromised Over 1,200 Redis Servers
North Korean Hackers Exploit Unpatched Zimbra Devices in 'No Pineapple' Campaign
North Korean hackers stole research data in two-month-long breach
Okanagan College ‘did not entertain conversations’ about paying ransom
‘0ktapus’ hackers are back and targeting tech and gaming companies, says leaked report
Options trading desks 'flying blind' after derivatives platform hit by ransomware attack
Organizations Preparing for Cyberwar
Patch Critical Bug Now: QNAP NAS Devices Ripe for the Slaughter
Police in Maryland arrest man for phishing theft of $375,000 from Connecticut town
Prilex POS malware evolves to block contactless transactions
Q4 2022 DDoS attack trends
QNAP warns of new bug prompting worries of potential Deadbolt ransomware exploitation
Ransomware attack: Ammo, rocket audits and engineering plans on sale on the dark web
Ransomware attack on data firm ION could take days to fix
Ransomware attack on ION Group impacts derivatives trading market
Ransomware attacks on public sector persist in January
Ransomware conversations: Why the CFO is pivotal to discussing and preparing for risk
Ransomware gang attempts to extort UK school by posting files about at-risk children
Ransomware hits major London stock market software supplier
Ransomware Is on the Rise: 10 Steps for Defending Your Business
Redcar & Cleveland Council ransomware attack could have cost millions
Record $3.8bn Stolen Via Crypto in 2022
Researchers Warn of Crypto Scam Apps on Apple App Store
Scammers managed to slip crypto apps onto Apple, Google app stores
Securing the metaverse: 3 cyber concerns
Social Media Enables Social Engineering Scams
Sophos details first fake apps found on Apple’s App Store
South African consumers lax when it comes to online security
Super Bock says 'cyber' nasty 'disrupting computer services'
Taking the Attacker View to Protect the Growing Attack Surface
The $10 Trillion Case For Decentralized Cybersecurity
The emergence of trinity attacks on APIs
The next cyber threat may come from within
Think of cyber risk as business risk
Threat Actors Use ClickFunnels to Bypass Security Services
Tokyo police: Suspected drugstore points hacker may have used cyberattack data
TrickGate: Malicious Software Outwitting Antivirus for 6 Years
Unsecure Messaging Platforms Put Enterprises At Risk For Huge Financial Burden
Urgent warning to millions of Facebook users – important setting could be switched off by account raider
What Does a Spam Email Look Like? 8 Phishing Examples
What is Phishing in Crypto?
What Really Happens In a Data Breach (and What You Can Do About It)
Why are Company Ransomware Payments Dropping Dramatically?
1st February - Change Your Password Day
70% of CIOs anticipate their involvement in cybersecurity to increase
2022 biggest year ever for crypto hacking, report says
Anker admits Eufy security cameras were not natively encrypted
Additional Supply Chain Vulnerabilities Uncovered in AMI MegaRAC BMC Software
Arnold Clark customer data stolen in attack claimed by Play ransomware
Arnold Clark customer data 'stolen in cyber attack'
Charter Communications impacted by a vendor data breach exposing 550K customers
CircleCI and Slack Security Incidents Highlight Risks of Token Compromise and SaaS Integration Threats
CISA provides guidelines to safeguard K-12 groups from cyber threats
Counter-attacking ransomware hackers
Crypto Exchange Coinbase Adds New Wallet Security Feature To Protect Against Phishing and Scams
Crypto scam apps infiltrate Apple App Store and Google Play
Cyber attack on Indianapolis Housing Agency leaks sensitive data of 200,000 residents
Danish Banks Hit By DDoS Cyber-Attack: Is Your Financial Information Safe There?
Data Breaches Continue to Wreak Havoc on Healthcare – Here’s How to Make Security a Top Priority
Denmark Raises Cyber Security Alert Level After Attacks From Russian Hacker Groups
DocuSign scam targeted more than 10,000 inboxes
Experts Warn of 'Ice Breaker' Cyberattacks Targeting Gaming and Gambling Industry
Facebook security bug allowed hacker to switch off two-factor authentication
Federal Trade Commission (FTC) Proposes Changes to Data Breach Rules and Reporting Requirements
Federal Trade Commission (FTC) slaps $1.5M fine on GoodRx for sharing users’ health data with Facebook and Google
Firms fear software stack breach as attack surface widens
Futures Industry Association (FIA) assessing impact of cyber attack on financial data firm ION
GitHub Reports Code-Signing Certificate Theft in Security Breach
‘Global markets’ impacted by ransomware attack on financial software company
GoodRx to pay $1.5 million fine for sharing customer health info with Google, Facebook
Google Fi data breach let hackers carry out SIM swap attacks
Google Fi hack victim had Coinbase, 2FA app hijacked by hackers
Google Fi User Data Breached Through T-Mobile Hack
Google looking into fix for SH1MMER exploit that can unenroll Chromebooks
Government “must avoid a ban on ransomware payments” say insurers
Hackers Abused Microsoft's "Verified Publisher" OAuth Apps to Breach Corporate Email Accounts
Hackers use new IceBreaker malware to breach gaming companies
How Ransomware Attacks Changed the Threat Landscape
How ransomware works - and why cyber attacks are hitting schools
Intermittent Encryption Is A Growing Ransomware Threat That Requires A Proactive Cyber Defense
ION servers knocked out in ransomware attack
ION suffers cyber attack on derivatives platform
JD Sports data breach affects 10 million customers
K-12 schools in Tucson, Nantucket respond to cyberattacks
Large organizations are most susceptible to phishing attacks
'Large-scale' cyber-attack hits car dealer Arnold Clark with customers' banking and passport details stolen
List of Data Breaches and Cyber Attacks in January 2023 – 277.6 Million Records Breached
LockBit ransomware goes 'Green,' uses new Conti-based encryptor
Make Change Your Password Day an impetus to boost overall cybersecurity
Maryland Hospital Suffers Ransomware Attack
Microsoft: We are tracking these 100 active ransomware gangs using 50 types of malware
Microsoft disables phishing campaign after researchers flag OAuth app abuse
Microsoft notifies UK customers affected by hackers abusing ‘verified publisher’ tag
Microsoft OneNote, Evernote Phishing Attacks Are Threat To MSPs
Microsoft warning: These phishing attackers used fake OAuth apps to steal email
Mix of legacy OT and connected technologies creates security gaps
Nantucket Public Schools reopen as district copes with ransomware attack
Nantucket schools targeted by ransomware attack
Nearly 30,000 QNAP Devices Exposed Via New Bug
New cybersecurity BEC attack mimics vendors
New DDoS-as-a-Service platform used in recent attacks on hospitals
New HeadCrab malware infects 1,200 Redis servers to mine Monero
New Nevada Ransomware targets Windows and VMware ESXi systems
New SH1MMER Exploit for Chromebook Unenrolls Managed ChromeOS Devices
OneNote documents spread malware in several countries
Over 1,800 Android phishing forms for sale on cybercrime market
Predictable wins: designing for data breach containment
Prilex PoS Malware Evolves to Block Contactless Payments to Steal from NFC Cards
Ransomware Attack Forces Closure of Nantucket Schools
Ransomware Attack Shuts Down Nantucket Public Schools
Ransomware Offlines Arizona’s Largest School District
Researchers Uncover New Bugs in Popular ImageMagick Image Processing Utility
Russia-backed hacker group Gamaredon attacking Ukraine with info-stealing malware
Sensitive data stolen in Okanagan College cyber attack now posted to dark web, ransomware group claims
Shipper sues Expeditors for losses due to lack of business plan after cyber-attack
Skyview Networks Suffers a Major Cyber Attack
Teen hacker Josh Maunder who crashed KSI-Logan Paul fight site sentenced
The headache of changing passwords
Thriving Dark Web Trade in Fake Security Certifications
TUI warning as holidaymakers targeted in phishing scam
Up to 29,000 unpatched QNAP storage devices are sitting ducks to ransomware
US enterprises hit hard by short-staffed security operations centers
Zero-Trust Alone Won’t Save You
31st January
3 ways to stop cybersecurity concerns from hindering utility infrastructure modernization efforts
5 Cybersecurity Predictions for 2023
5 Security Experts Share Best Practices to Prevent Zero-Day Attacks
7 Ways To Improve Data Security In Your Organization
8 companies per day have data uploaded to dedicated leak sites
56% of Internet Users Fall for Phishing Scams
93% of security decision makers are being kept awake at night worrying about organisational security issues
Are we Losing the War Against Ransomware?
As hackers increase ransomware attacks, Michigan schools try to respond
Attackers used malicious “verified” OAuth apps to infiltrate organizations’ O365 email accounts
British government minister told council to keep quiet after ransomware attack
Budget constraints force cybersecurity teams to do more with less
Can you spot the giveaway in this scam email?
Central Okanagan School District: Everybody at risk of cyber attacks
CertiK Report Reveals a Strange Twist Behind the ‘Monkey Drainer’ Scam
ChatGPT Clone Apps Collecting Personal Data on iOS, Play Store
Circle K US spills partial credit card details, among other sensitive data
Computers Targeted by Malware Through Wi-Fi Routers
‘Concerning’ skills gap and working from home leaving north-east businesses open to cyber attacks
Critical QNAP NAS vulnerability fixed, update your device ASAP! (CVE-2022-27596)
Cyber criminal groups wooing hackers with seven-figure salaries and holiday pay
Cyber Insurance: Could Rising Premiums be a Step in the Right Direction?
Cyber risk alert raised in Denmark after Russian attacks
Cyber-attacks highlight need for appropriate cyber recovery capabilities
Cyberwar, Netwar: The Untouchable and Unpredictable
Dangers of cyber hacking in 2023
Data of ten million JD Sports customers compromised in cyber-attack
Data Protection Bureau Investigates Banks For Data Breach Allegations
Denmark raises cyber risk alert level after Russian attacks
DocuSign Brand Impersonation Attack Bypasses Security Measures, Targets Over 10,000
Don't Wait on the Government, Protect Your Online Data Now
Exploit released for critical VMware vRealize RCE vulnerability
FanDuel says Mailchimp data breach compromised its users' names and email addresses
FBI Takes Down Hive Criminal Ransomware Group
Financial Services Targeted in 28% of UK Cyber-Attacks Last Year
Gen Z doesn't think anyone can keep them safe online, and one of their biggest concerns is photos getting leaked
GitHub Breach: Hackers Stole Code-Signing Certificates for GitHub Desktop and Atom
GitHub Confirms Signing Certificates Stolen in Cyber-Attack, Revokes Them
Google bans 12 popular Android apps! Millions warned to delete them now
Google Fi Customer Data Accessed After 'Suspicious Activity'
Google Fi Customers Caught Up in T-Mobile Data Breach
Google Fi, possibly others affected by T-Mobile data breach
Guarantee Trust Bank (GTB), Zenith Bank Under Investigation Over Alleged Data Breach
Hacker Uncovers Flaw in Meta 2FA, Leaves Accounts Vulnerable to Attack
Hackers follow through with threats to release Okanagan College data
Hackers Made Cyber-Attack at Riot Games, Steal Game Source Codes and Demanded Ransom
Hijacked: Cyber attacks are costing Quad-City taxpayers
Hospital Investigating Significant ‘Ransomware Event’
How the war in Ukraine has strengthened the Kremlin’s ties with cybercriminals
Is Your Organization Security Resilient? Here’s How to Get There
JD Sports data breach impacts 10 million unique customers
JD Sports Server Hacked – Over 10 Million Customer’s Information Stolen
Killnet Attackers DDoS US and Dutch Hospitals
Kremlin-linked Russian businessman faces U.S. trial for hack-and-trade scheme
Latvia blames Russian hacking group for phishing attacks against its Ministry of Defence (MoD)
LockBit takes credit for November ransomware attack on Sacramento PBS station
Maryland hospital facing outages after ‘significant’ ransomware attack
Microsoft disables verified partner accounts used for OAuth phishing
Microsoft: Over 100 threat actors deploy ransomware in attacks
Millions of myGov users warned about $688.64 Medicare refund
Mount Lilydale Mercy College caught up in data breach hack
Nagpur unit making military weapons hit by hackers, says cybersecurity firm - ‘data up for sale’
Naming and shaming? The UK ICO is now naming most organisations it investigates
Nantucket Public Schools Close After Ransomware Attack
Nantucket Public Schools closed following ransomware attack
New Report Finds Increase in DDoS Attacks Targeting the Financial Services Industry
New Report Reveals NikoWiper Malware That Targeted Ukraine Energy Sector
New Sh1mmer ChromeBook exploit unenrolls managed devices
New US ransomware strategy prioritizes victims but could make it harder to catch cybercriminals
NFT company gets restraining order to freeze hacker’s online wallet
Omnipod DASH Insulin Pump Users Fall Victim to Data Breach
Over 29,000 QNAP devices unpatched against new critical flaw
Phishing attacks are getting scarily sophisticated. Here's what to watch out for
Point-of-Sale (PoS) malware can block contactless payments to steal credit cards
Portugal: “Restrictions” with Super Bock after cyber attack
Pro-Russian DDoS attacks raise alarm in Denmark, U.S.
QNAP: Patch Critical Remote Code Injection Bug
QNAP Fixes Critical Vulnerability in NAS Devices with Latest Security Updates
Ransomware attack closes schools in Nantucket
Ransomware attack on Appui Santé Nord Finistère locked files and deleted some archives
Ransomware attack on maritime software supplier DNV disconnected 1,000 ships from ShipManager servers
Redcar and Cleveland Council admits 'catastrophic' ransomware attack cost £7m
Researchers Uncover Packer Used by Several Malware to Evade Detection for 6 Years
Russian APT groups continue attacks with wipers and ransomware
Russian millionaire on trial in hack, insider trade scheme
Safe Systems Alerts Financial Institutions of Major Phishing Scam
Selling your old phone? Expert tips to keep your data safe
Southern Arizona’s largest school district hit by cyber attack
Tax returns: scams are rising rapidly – how to spot a fake phone call and avoid falling victim
The Hidden Threat: 1Password Password Manager Phishing Ads on Google
Threats to Voice over Internet Protocol (VoIP) Security Are Rising
TV Licence scam email UK: what does the phishing message look like, how to protect yourself and report emails
United Arab Emirates: Embedding cyber resilience is key to a security strategy
University of Iowa Hospitals website possibly hit by cyber attack
Why do hackers target cryptocurrencies?
Why Traditional Approaches Don’t Work for API Security
Yandex data breach reveals source code littered with racist language
Zendesk data breach result of employee phishing attack
30th January
10 Million JD Sports Customers' Info Exposed in Data Breach
A glut of wiper malware hits Ukrainian targets
Active U.S. health care hackers 'Hive' disrupted by feds
As ransomware attacks evolve, agencies must find innovative ways to backup data
Atlantic General Hospital experiences ransomware event
Atrium Health reportedly part of widespread cyber attack
Bill targets suicide hotline vulnerabilities after cyberattack on Intrado
Britain's JD Sports says customer data accessed by cyber attack
British retailer JD Sports reveals 2-year-old intrusion affecting data of 10 million customers
Combating Cyber Threats with Cyber Resilience
Critical OpenEMR vulnerabilities may allow attackers to access patients’ health records
Critical Realtek Vulnerability Impacting IoT Devices Worldwide
'Cyber attack' at Galashiels Doggy Day Care Centre leads police to home of 'disgruntled' worker
Cyber threat takes down Tucson Unified School District's internet network
Cyber-attack targets University of Michigan Health
Cybercrime job ads on the dark web pay up to $20k per month
Devs on Dark Web Forums Paid Up to $20,000 For Illicit Activities
Dutch hacker obtained virtually all Austrians' personal data, police say
Fake Money Apps Garner Millions of Android Downloads
Five Data Wipers Attack Ukrainian News Agency
GitHub revokes code signing certificates stolen in repo hack
Hacker finds bug that allowed anyone to bypass Facebook 2FA
Hacker group hacks in Israeli Chemical factories
Hacker intercepts carpet company’s emails, retains customer’s $5000 deposit
Hackers Use TrickGate Software to Deploy Emotet, REvil, Other Malware
How organizations can keep themselves secure whilst cutting IT spending
How To: Fight Back Against Ransomware Attacks
Illinois Hospital Reaches $380K Settlement to Resolve Lawsuit Over Healthcare Data Breach
Illinois Social Services Organization Notifies 184K of Healthcare Ransomware Attack
Insider attacks becoming more frequent, more difficult to detect
Israeli chemical factories targeted by hacker group in massive cyberattack
JD Sports admits data breach
JD Sports Confirms Breach Affected 10 Million Customers
JD Sports cyber attack: what to do if your data has been leaked
JD Sports cyber attack: why online retail is vulnerable and what can be done?
JD Sports cyber attack may have exposed millions of names, numbers and addresses
JD Sports facing cyber attack, confirms customer data may have leaked
JD Sports hacked: UK retail company apologises after data leak - up to 10 million customers could be affected
JD Sports hit by cyber attack
JD Sports hit by cyber-attack that leaked 10m customers’ data
JD Sports says 10 million customers hit by cyber attack
JD Sports says hackers stole data of 10 million customers
KeePass disputes report of flaw that could exfiltrate a database
KeePass disputes vulnerability allowing stealthy password theft
LockBit green: Ransomware gang releases new malware and targets cloud
Mailchimp Falls Victim to Another Data Breach
Microsoft warning: Protect this critical piece of your tech infrastructure
Most data breach notices lacked detail in 2022
Most US data breach notices in 2022 left victims in the dark
Mounting cybersecurity pressure is creating headaches in railway boardrooms
Nepal: Stop that hacker
Nigeria: Federal Government investigates two Banks over data breach
Omnipod DASH Insulin Pump Users Affected By Data Breach
Pakistan minister says cyber attack could be behind nationwide power breakdown
Parent firm of Indian defence contractor hit by Windows Alphv ransomware
Porsche halts NFT launch, phishing sites fill the void
QNAP fixes critical bug letting hackers inject malicious code
Qulliq Energy stops short of labelling cyberattack another Nunavut ransomware incident
Ransomware attack on Indianapolis Housing Agency leaks sensitive info on 200,000 residents
Ransomware group follows through on threat and publishes Okanagan College information
Ransomware victims stand up to attackers
Realtek Vulnerability Under Attack: Over 134 Million Attempts to Hack IoT Devices
Royal Mail recovers more International Tracked services
Russian foreign ministry claims to be the target of ‘coordinated’ cyber aggression
Schools don't pay, but ransomware attacks still increasing
Secure code training ruled better investment than code scanning tools
Shift in ransomware attacks – South Africa and emerging markets more at risk
Software’s ‘intangible’ nature raises insurance concerns in court ruling
Ten million customer accounts at risk as JD Sports falls victim to cyber attack
The Hidden Threat: Bitwarden Password Manager Targeted by Phishing Scams
The LastPast Data Breach: Do Hackers Have Your Encryption Keys?
The Untold Story of a Crippling Ransomware Attack
Third-party data breach round-up: mscripts, Diligent, Mailchimp
Tips to Protect Windows from the New Ransomware
Titan Stealer: A New Golang-Based Information Stealer Malware Emerges
Transportation Security Administration (TSA) issues security directive to airports, carriers after ‘no-fly’ list leak
U.S. No Fly List Leaked on Hacker Forum
U.S. No Fly list shared on a hacking forum, government investigating
US extradites French ShinyHunters hacker, faces 123 years in prison
What’s the Best Threat Protection Against Ransomware?
Where Do Most Ransomware Attacks Happen in the USA?
Yandex data breach reveals source code littered with racist language
Labels:
#databreachesdigest
Subscribe to:
Posts (Atom)