Editor's Message

Welcome to DBD. On March 8th we celebrated our 4th Anniversary and the 1st Anniversary of our PRiSM application, officially endorsed by the SANS Institute. Despite recent personal issues that have impacted the amount of time I have been able to dedicate to both projects, I have been doing my best to keep everything as up-to-date as possible, and I would like to take this opportunity to thank everyone for their patience and support whilst I navigate through this very difficult time. Stay safe. :)



Monday, 16 January 2023

Data Breaches Digest - Week 3 2023

Welcome to this week's Data Breaches Digest, a catalogue of links concerning Data Breaches and Cyber Security that were published on the Internet during the period between 16th January and 22nd January 2023.


22nd January

37 million T-Mobile customers suffer cyber attack, customers’ data stolen

AI models like ChatGPT may lead to increased cybersecurity threats

Business interruption due to cyberattacks: How to mitigate and determine the financial impact?

Chinese hackers exploit Fortinet flaw, breach targeted networks for spying

Drivers warned about identity theft after car dealers giant Arnold Clark is hit by cyber attack

FanDuels warns of data breach after customer info stolen in vendor hack

Good News, Bad News for Security Researchers: Feds Are Less Likely to Charge You, States Are Another Thing

Hacker leaks Transportation Security Administration (TSA) 'no fly' list from unsecured airline server

Phishing scam hits cricket! International Cricket Council (ICC) loses Rs. 20 crore

Private health data breach in Isle of Man to be dealt within 3 months, officials say

Ransomware Revenue Drops Amidst Less Successful Extortion Attempts

Scammers Target Fans of 'The Last of Us' with Malware and Phishing Attacks

What Is Bad Rabbit Ransomware?

WhatsApp fined €5.5 million by Irish Data Protection Commission (DPC) for GDPR violation

21st January

A hack at ODIN Intelligence exposes a huge trove of police raid files

Backdoor into FortiOS: Chinese Threat Actors Utilize 0-Day

Beware: Hackers now use OneNote attachments to spread malware

British Columbia school district says 'personal data' on 19,000 students and staff was released

ChatGPT: What cybersecurity dangers lurk behind this impressive new technology?

Chinese Group Targeting Vulnerable Cloud Providers, Applications

EU regulator fines Meta again; this time for WhatsApp

Expect more of these scams in South Africa – targetting individuals and businesses

Four warnings issued to millions of Facebook owners – don’t ignore them

Hackers now use Microsoft OneNote attachments to spread malware

Hackers penetrated Los Angeles Unified computer systems much earlier than previously disclosed

How cash payment app scams are swindling money

International Cricket Council (ICC) hit by phishing scam, loses around USD 2.5 million

International Cricket Council (ICC) loses around Rs 20 crore in phishing scam

International Cricket Council (ICC) loses Rs 20 crore in a phishing attack carried out by a US-based party

Mango Markets Hacker Charged With Manipulating Price Of Security

Massive ad-fraud op dismantled after hitting millions of iOS devices

PayPal Data Breach – Over 35000 Thousand Users’ Accounts Compromised

PayPal is Sending Out Data Breach Notifications to Thousands of Users!

Phishing scam: Posters with fake QR code put up at HDB blocks in Bukit Batok

Ransomware Revenue Drops as Victims Pay Less Often

Remote Work Rocketed Data Breach Costs

Riot Games hacked, delays game patches after security breach

Riot Games Target of Cyber Attack, League of Legends Updates Delayed

Rundle Eye Care notifies patients of data breach

Scam Alert: Your NFTs and Crypto Wallet Can Be Drained With This Email

Students affected by cybersecurity attack, Queensland University of Technology confirms

Suspected Chinese hackers exploit vulnerability in Fortinet devices

T-Mobile Gets Hacked Again: Is the Un-Carrier Un-Safe?

T-Mobile Says Data of 37 Million Customers Exposed in Second Data Breach in 2 Years

Top 5 AI-powered Cybersecurity threats in 2023

Transportation Security Administration (TSA) 'no fly' list leaked after being found on unsecured airline server

Users get emails with warnings when PayPal acknowledges a data breach

Watch out for domain name scams

20th January

5 health systems that reported a cyberattack in the last 30 days

6 Scary Things ChatGPT Has Been Used for Already

235 Million Twitter User Email Addresses Posted on Hacking Forum

2023 Predictions For The Edge, Hyper-Converged Infrastructure (HCI), Security And Beyond

35,000 PayPal accounts breached in large-scale credential stuffing attack

API Attacker Steals Data on 37 Million T-Mobile Customers

Bring the Browser in from the Cold: Old Threat Vectors Demand New Defenses

British Columbia school district investigating data breach affecting up to 19,000 people

ChatGPT’s Dark Side: An Endless Supply of Polymorphic Malware

Chinese Hackers Exploited Recent Fortinet Flaw as 0-Day to Drop Malware

Compromised Zendesk Employee Credentials Lead to Breach

Costa Rica’s Ministry of Public Works and Transport crippled by ransomware attack

Critical ManageEngine RCE bug now exploited to open reverse shells

Cyber Attack Hits 1,000 Merchant Ships as Norway Firm Targeted

Cyberattack on Nunavut energy supplier limits company operations

Data privacy approaches need strong cybersecurity backing

Database Malware Strikes Hundreds of Vulnerable WordPress Sites

Daxian ransomware poses critical threat to healthcare

Electronic health record giant NextGen dealing with cyberattack

Enterprises remain vulnerable through compromised API secrets

Exploits released for two Samsung Galaxy App Store vulnerabilities

Falling Revenue for Ransomware Attacks Suggests Victims Are Refusing To Pay

Federal Communications Commission (FCC) To Revamp Breach Reporting, Shorten Waiting Period

Following year-end ransomware storm, leaders batten hatches for sea of troubles in 2023

Gamaredon Group Launches Cyberattacks Against Ukraine Using Telegram

Global cyberattacks increased 38% in 2022

Hacker group incorporates DNS hijacking into its malicious website campaign

Hackers Accessed Personal Data Of 37 Million Customers, T-Mobile Says

Hackers Buy Google Ads to Push Malware Through Searches for Popular Apps

Hanes class action alleges data breach exposed sensitive customer data

How AI could be hackers' next way of exploiting healthcare

Immigration and Customs Enforcement (ICE) frees nearly 3,000 detained asylum-seekers hurt by major personal information breach

International Cricket Council (ICC) loses around $2.5 million in phishing scam

KFC and Pizza Hut owner hit by UK cyber attack

Los Angeles Unified School District (LAUSD) says Vice Society ransomware gang stole contractors’ SSNs

Mailchimp suffers another data breach after social engineering attack on employees

Mailchimp suffers second security breach in 6 months, impacting 133 customers

Maple Ridge – Pitt Meadows School District suffers massive data breach

Massachusetts Medical Device Company Reports Healthcare Data Breach, 29K Impacted

Massive Credential Stuffing Campaign Hits 35,000 PayPal Users

Micro-Star International (MSI) to release securer BIOS settings after critical flaw discovered

Microsoft-Approved Drivers Used to Hack Targets in Ransomware Attacks

Neopets faces class-action lawsuit over huge data breach

New Boldmove Linux malware used to backdoor Fortinet devices

Nightmare virus Hook uses fake banking app to access phone data and your money

OpenAI’s ChatGPT Can Create Polymorphic Malware

Over 19,000 end-of-life Cisco routers exposed to RCE attacks

Phishers Use Blank Images to Disguise Malicious Attachments

Phishing and ransomware amongst biggest threats to charity sector

Queensland University of Technology (QUT) confirms personal data of thousands of staff compromised in cyber attack

Ransomware attack against Yum! Brands follows several incidents targeting restaurant industry

Ransomware Profits Decline as Victims Dig In, Refuse to Pay

Ransomware Revenue Down As More Victims Refuse to Pay

Roaming Mantis Campaign uses DNS changer to target public WiFi

Roaming Mantis Spreading Mobile Malware That Hijacks Wi-Fi Routers' DNS Settings

Samsung investigating claims of hack on South Korea systems, internal employee platform

Security Breaches Are Inevitable, Not Illimitable

Security teams focus on improving detection and response capabilities

Singapore: Phishing scam involving fake QR code found on posters put up in Bukit Batok HDB blocks

Strategies for Effective Incident Response with Remote Employees

T-Mobile API Breach: Playing the Victim

T-Mobile confirms another data breach affecting 37 million customer accounts

T-Mobile customers at heightened risk of phishing attacks in wake of data breach

T-Mobile Cyberattack Impacts 37 Million Customers

T-Mobile data breach affects 37 Million customers

T-Mobile Hacked Again: 37 Million Accounts Compromised

T-Mobile hacked again, 37 million customers' data exposed

T-Mobile reports data breach affecting 37 million customers

T-Mobile says investigating data breach involving 37 million accounts

T-Mobile says looking into data breach affecting 37 million accounts

T-Mobile suffered another massive data breach that compromised 37 million accounts

T-Mobile’s $150 Million Security Plan Isn’t Cutting It

The Media Industry Is the Most Vulnerable to Cyber Attacks, Report Shows

Thousands of PayPal users victim of data breach

Transportation Security Administration (TSA) investigating how some no-fly list data was exposed on internet

Two Things You Should Do To Avoid The WhatsApp Account Hack

US arrests Russian crypto exchange founder in USD 700 million fraud

Veeam survey finds ransomware blocks digital transformation

Was the Air Travel “Ground Stop” the Work of Ransomware Hackers?

Wave of Magniber Ransomware Attacks Hitting EU: What to Know

What cybersecurity dangers lurk behind new AI technologies?

WhatsApp Hit with €5.5m fine for GDPR Violations

Why agencies are losing the cyber battle

"Workarounds" Helped Royal Mail Resume Shipping After Ransomware Attack

Zero trust network access for Desktop as a Service

19th January

4 Steps To Take if You’ve Clicked on a Phishing Link

6 Types of Risk Assessment Methodologies and How to Choose

37 Million T-Mobile customers were hacked

50% of orgs report experiencing data breaches due to exposed API secrets

2023 Predictions: Staying One Step Ahead in API Protection

Android Users Beware: New Hook Malware with RAT Capabilities Emerges

As a cybersecurity blade, ChatGPT can cut both ways

Bank of Thailand reports money theft not caused by charging cables but malware attack

BitKeep to Reimburse Hacking Victims by March

Bitzlato Crypto Exchange Founder Arrested for Aiding Cybercriminals

Bluebottle cyber crime group active in Africa

Canada: Nunavut power utility’s servers hit by cyber attack

Canada’s largest alcohol retailer infected with card skimming malware twice since December

CCPA, CPRA and the changing privacy landscape

ChatGPT could transform society — and its risks require quick regulation

Class action lawsuit claims Twitter API defect allowed data breach

Cloud-based cyber attacks increased by 48 percent in 2022

Comelec, Smartmatic not liable for 2022 data breach, National Privacy Commission (NPC) says

Critical RCE vulnerabilities found in git (CVE-2022-41903, CVE-2022-23251)

Crypto-Exchange Used to Launder Ransomware Transactions Dismantled

Cyber insurance can offset the risks of potential breaches

Cyber Risks in the Education Sector: Why Cybersecurity Needs to Be Top of the Class

Cyber-attacks have tripled in past year, says Ukraine’s cybersecurity agency

Cyber-crime gangs' earnings slide as victims refuse to pay

Daixin ransomware poses critical threat to healthcare

Dallas Central Appraisal District Website is Up And Running Following November Ransomware Attack

DCH Health System fires employee after medical records security breach

Endpoint security in healthcare

EU cyber resilience regulation could translate into millions in fines

Exploit released for critical ManageEngine RCE bug, patch now

FanDuel data breach: How much personal data was compromised on mobile sports betting platform?

Food and Drug Administration (FDA) to Regulate Medical Device Cybersecurity

Founder of Bitzlato Exchange Arrested for ransomware, $700 million Fraud

Four Ways Hackers are Outsmarting Retail Cybersecurity

FTX: Over $400m Stolen from Bankrupt Exchange

Green Valley Pecan Company Reports Recent Data Breach Affecting Over 8,900 Individuals

Hackers exploiting vulnerability affecting Zoho ManageEngine products

Hackers Leaked Data, Child Abuse Files, After Ransomware Attack on Bay Area Transit Police

HC3 warns of Clop ransomware targeting medical images

Healthcare Cyberattacks: 5 Factors For Staying Safe In 2023

How Can Small Businesses Protect Themselves from Ransomware Attacks?

How CISOs can manage the cybersecurity of high-level executives

How K-12 IT leaders can protect schools from ransomware

How to secure your customers’ personally identifiable information against compromise

How to spot a cyberbot – five tips to keep your device safe

How Vendor Complexity Increases the Costs of Cybersecurity

Hundreds of Malicious Packages Found in npm Registry

Immigration and Customs Enforcement (ICE) releases thousands of migrants affected by data breach

Incident of the Week: Mailchimp suffers another social engineering attack

International letters accepted in Guernsey again after Royal Mail cyber attack

Irish privacy regulator to take European Union body to court over unlawful interference

IT experts concerned ChatGPT could be exploited by cybercriminals

KFC, Pizza Hut parent shuts UK restaurants after cyber attack

KnowBe4 2022 Phishing Test Report Confirms Business-Related Emails Trend

Mailchimp Hit By Another Data Breach Following Employee Hack

MailChimp Suffers Another Breach Due to Stolen Employee Credentials

Mailchimp Suffers Another Security Breach Compromising Some Customers' Information

Malicious PyPI Packages Drop Malware in New Supply Chain Attack

Massive Ad Fraud Scheme Shut Down: 11 Million Phones Targeted

Malware Hidden Behind Google Ads That Emptied The Crypto Wallet Of NFT Influencers

More than 19,000 records released in British Columbia school district data breach

Nearly 35,000 PayPal users had SSNs, tax info leaked during December cyberattack

New 'Blank Image' attack hides phishing scripts in SVG files

New 'Hook' Android malware lets hackers remotely control your phone

New Microsoft Azure Vulnerability Uncovered — EmojiDeploy for RCE Attacks

New Research Delves into the World of Malicious LNK Files and Hackers Behind Them

New T-Mobile Breach Affects 37 Million Accounts

Nissan’s third-party service provider exposes customers’ personal data

NortonLifeLock Says Customer Accounts were Compromised in Credential-Stuffing Attack

Not If, But When: Maintaining Resilience as Threat Actors Adapt

Over a Third of Recent ICS Bugs Still Have No Vendor Patch

PayPal accounts breached in large-scale credential stuffing attack

Phishing Attack on Washington Therapist Exposes Patients’ PHI

Ransomware attack hits nearly 300 fast food restaurants in UK, including KFC and Pizza Hut

Ransomware attack severs 1,000 ships from their on-shore servers

Ransomware attacks remain the most acute threat to organisations

Ransomware gang steals data from KFC, Taco Bell, and Pizza Hut brand owner

Ransomware Payments Fall by 40% in 2022

Ransomware profits drop 40% in 2022 as victims refuse to pay

Ransomware revenue fell by $300 million in 2022 as more victims refuse to pay

Research reveals ransomware as the biggest hindrance to Digital Transformation

Roaming Mantis’ Android malware adds DNS changer to hack WiFi routers

Roaming Mantis' Hacking Campaign Adds DNS Changer to Mobile App

Royal Mail restarts a limited export postal service after cyber-attack

Royal Mail Starts Limited Delivery Abroad After Cyberattack

Royal Mail trials ‘operational workarounds’ following suspected ransomware attack

Royal Mail urges people to be 'vigilant' over authentic text scam

Russia-linked drug marketplace Solaris hacked by its rival

SecurityGen identifies the cybersecurity priorities for mobile operators in 2023

Strong Security: Knowing What Assets You Need to Protect

T-Mobile hacked to steal data of 37 million accounts in API data breach

T-Mobile reports another data breach, impacting 37 million customers

T-Mobile says hacker stole data for 37 million customers

T-Mobile Says Hacker Stole Data of 37 Million Customers

The 2022 Threat Landscape Is Dominated By Ransomware

The scams to watch out for as fraudsters target last minute tax return filers

Threat actors lure phishing victims with phony salary bumps, bonuses

United Arab Emirates (UAE) organisations lost over 5.1M AED in ransomware in 2022

US arrests crypto exchange Bitzlato cofounder on charges of laundering $700 million illicit funds

WhatsApp: Hackers selling database with 500 million phone numbers on the dark web - you could be affected

WhatsApp Data Leak Included Jamaica, Now Phone Numbers Up for Sale

Where is Your Risk? Software Supply Chain Security Weaknesses

Yuga Labs warn users about Mailchimp data breach

Yum Brands says nearly 300 restaurants in UK impacted due to cyber attack

18th January

5 Indicators of Compromised Snapchat Accounts: Tips for Protection

10 ways to reduce workplace cybersecurity risk

1000 Shipping Vessels Impacted by Ransomware Attack

2022 SMB ransomware report reveals increased cybersecurity investments

2023 Data Protection Report: 'Ransomware Is Winning'

A ransomware negotiator shares 3 tips for victim organizations

Almost Half of Critical Manufacturing at Risk of Breach

APIs in Vehicle Software Vulnerable to Attacks

Avast Provides A Free Decryptor For BianLian Ransomware

Avast Releases Free Decryptor for BianLian Ransomware

Binance is bad news - is anyone still surprised?

Been hit by BianLian ransomware? Here's your get-out-of-jail-free card

Bitzlato crypto exchange seized for ransomware, drugs money laundering

‘Bring your own vulnerable driver’ attack technique is becoming popular among threat actors

Britain's Royal Mail begins moving some export parcels after cyber incident

Canada's largest alcohol retailer suffers a cyber attack, customer data stolen by hackers

Canadian small businesses are losing thousands to cyberattacks

ChatGPT Creates Polymorphic Malware

Chinese APT Group Vixen Panda Targets Iranian Government Entities

CISA Warns of Flaws in Siemens, GE Digital, and Contec Industrial Control Systems

Cost of data breaches to global businesses at five-year high

Critical Security Vulnerabilities Discovered in Netcomm and TP-Link Routers

Cybersecurity in 2023: Russian escalation, Chinese espionage, Iranian “hacktivism”

Data breach: Overcoming the critical cyberthreat when it is becoming common

Digital ministry to probe China Airlines data leak

DNV says up to 1,000 ships affected by ransomware attack

Does Your Cyber Insurance Policy Cover a Ransomware Attack?

Earth Bogle Campaign Unleashes NjRAT Trojan on Middle East and North Africa

European Businesses Admit Major Privacy Skills Gap

FinServ Firms See 81% Surge in Attacks Since Russia-Ukraine War

Fox News host credits Bitcoin pump to ransomware hackers

FTX: Collapsed crypto exchange says $415m was hacked

FTX lost $415 million worth of crypto in hacker heists, the collapsed exchange's new bosses say

GDPR Fines Reach Record Level

Geopolitical Instability Means a Cyber "Catastrophe" is Imminent

Git Users Urged to Update Software to Prevent Remote Code Execution Attacks

Global instability increases cyber risk, says World Economic Forum

Google ads increasingly pointing to malware

How data protection is evolving in a digital world

How Hackers Outwit All Efforts to Stop Them: "It's a Cyber Pandemic"

How Healthcare Cybersecurity Benchmarking Can Help Sector Enhance Security Efforts

How to build a cyber-resilience culture in the enterprise

How to Erase Data Securely From Hard Drives and SSDs, Including NVMe

Illegal Solaris darknet market hijacked by competitor Kraken

Information gleaned in NZ government contractor hack released on the dark web

International Cricket Council (ICC) robbed in ‘Jamtara’ style; loses close to 2 million US dollars in phishing

Iranian Government Entities Under Attack by New Wave of BackdoorDiplomacy Attacks

LastPass faces mounting criticism over recent breach

Law enforcement takes down crypto exchange allegedly used to launder $15 million in ransomware payments

Lloyds Bank issues urgent warning as customers lose £642 in growing scam

MailChimp discloses new breach after employees got hacked

Mailchimp says it was hacked - again

Maritime giant DNV says 1,000 ships affected by ransomware attack

More than 100 Mailchimp accounts accessed via social engineering cyberattack

New York man defrauded thousands using credit cards sold on dark web

Nissan Data Breach Caused By Vendor-Exposed Database

Nissan Supplier Leaked Data on Thousands of Customers

North Korean hackers try offloading crypto and partly succeed

Over Four Billion People Affected By Internet Censorship in 2022

Phishing Campaign Targets Microsoft 365 Accounts with Fake DHL Emails

Prioritize the Prevention Part of Security Programs in 2023

Pro-Russian hacker group targeted multiple Danish banks with DDoS attacks

Ransomware decryption: This tool could help some BianLian ransomware victims get files back

Recent trends in insider risk

Rise of cloud-delivered malware poses key security challenges

Spyware company Intellexa fined €50,000 for holding up Greek inquiry

The FBI's Source Of Trust Just Got Hacked

Third-Party Firm Exposes Personal Info for Nissan Customers

This info-stealing malware is hiding in downloads for popular apps — how to stay safe

Thousands of Nissan customers affected by data breach through third-party vendor

Threat Actors Spreading NjRAT in New “Earth Bogle” Campaign

Threat attackers can own your data in just two days

Top five cybersecurity predictions for African businesses in 2023

Two specialty medical care providers in the US disclose ransomware attacks affecting nearly 600,000

Ukraine links data-wiping attack on news agency to Russian hackers

Ukraine says Russia is coordinating missile strikes, cyberattacks and information operations

Vulnerable NetComm routers and a public PoC exploit (CVE-2022-4873, CVE-2022-4874)

What Is DLL Hijacking and How Can You Prevent It?

What Is Real Estate Wire Fraud And How Can Home Buyers Protect Themselves?

WhatsApp warns billions of users over dangerous mistake that could cost you

When will the Royal Mail cyber attack be fixed? What we know about how hack affects international deliveries

Why do hackers love to target backups?

17th January

3 steps to keep your WordPress website secure and performant

5 Cunning Tricks Crypto Phishing Scammers Might Use in 2023

7 Ways to Avoid Scammers on Social Media

10 Simple Ways To Determine If a Website is Safe or Not

59.4 million compromised payment card records posted for sale on dark web in 2022

Artificial Intelligence can revolutionise enterprise security

Banking Scams: Beware Fraudsters Impersonating Your Bank

Batloader Malware Abuses Legitimate Tools, Uses Obfuscated JavaScript Files in Q4 2022 Attacks

BlackCat, Royal Among Most Worrisome Threats to Healthcare

Bolster cyber defence

Combatting the ongoing issue of cyberattacks to the education sector

Credential-phishing attack uses fake DHL emails to breach Microsoft 365

Cryptomining, credential theft & data exfiltration: Cyber threats in 2022

Cyber attacks increase 10% in Taiwan in 2022

Cybersecurity: It’s More Than Just Technology – The Human Element Matters Too

Cybersecurity Focus: How to Make Remote Work Safer

Cybersecurity predictions for 2023, according to experts

Data breaches highlight importance of protecting your music streaming accounts

Disruption on High Seas: Shipping Software Hit by Ransomware Attack

Does Your Cyber Insurance Policy Cover a Ransomware Attack?

Earth Bogle Group Targets Middle East With NjRAT, Geopolitical Lures

eToro denies breach despite claims on hacking forum

European data protection authorities issue record €2.92 billion in GDPR fines

Federal Communications Commission (FCC) Introduces New Data Breach Notification Rules for Telecommunications Companies

Feds warn against 2 ransomware groups targeting healthcare

Fraud Is Affecting US and Non-Western Markets Differently: What the US Can Do to Gain Consumer Trust

Free Decryptors Released for BianLian, MegaCortex Ransomware

GDPR Fines Surge 168% in a Year

Git patches two critical remote code execution security flaws

GitHub Rebuffs Breach With Swift Action, Rotating Credentials

Google Ads Malware Wipes NFT Influencer’s Crypto Wallet

Group-IB Publishes Hi-Tech Crime Annual Threat Report 2022/2023

Gulf Cooperation Council (GCC) hit hard with ransomware attacks, with Saudi and UAE organizations most affected

Hackers Can Abuse Legitimate GitHub Codespaces Feature to Deliver Malware

Hackers can use GitHub Codespaces to host and deliver malware

Hackers push malware via Google search ads for VLC, 7-Zip, CCleaner

Hackers set sights on Internet of Things (IoT) devices

Had your data leaked in 2022? Blockchain could have the answer

Home Care Providers of Texas Announces 124K-Record Data Breach

Home Care Providers of Texas Reports Data Breach Affecting the Personal Information of 124,363 Patients

How cyber-attack on Royal Mail has left firms in limbo

How to Prevent a Hack Attack: Securing Your Cinema’s Most Sensitive Data Is a Matter of Planning and Vigilance

How to succeed in cyber crisis management and avoid a Tower of Babel

HR platform’s data leak turns into privacy nightmare for employees

Hundreds of millions of WhatsApp numbers ‘leaked on hacking forum’ putting you at risk, experts warn

Initial Access Broker Activity Doubles in a Year

Internet of Things (IoT) explosion presents massive (and growing) cyber exposure

IT Burnout may be Putting Your Organization at Risk

Key Considerations for Alleviating MFA Push Fatigue

Learning from the Royal Mail ransomware

Let's Normalize 'Radical Transparency' Around Data Breaches

Mayo Clinic settles over data breach

Microsoft Azure Services Flaws Could've Exposed Cloud Resources to Unauthorized Access

Mitigating the North Korean Cybersecurity Threat

Mobile application vulnerabilities: The hidden threat to sensitive data and security

Nissan North America data breach caused by vendor-exposed database

No end in sight for major mail delivery disruptions from U.K.

No Woman, No Cry. Why You Should Be Concerned About Ransomware

North Korea Hacking Group Disguised as Portal Website Attempts to Steal Information

North Korea’s Lazarus Hackers Try to Exfiltrate Harmony Funds

Norton LifeLock hit by data breach via password managers

Norton LifeLock says 925,000 accounts targeted by credential-stuffing attacks

PasswordManager.com Survey Reveals 60 Percent of Small and Midsize Businesses Were Victims of Phishing Scams in 2022

PoC for critical ManageEngine bug to be released, so get patching! (CVE-2022-47966)

Queensland University of Technology (QUT) attack leaves students without Centrelink payments

Ransomware attack on maritime software impacts 1,000 ships

Researchers Uncover 3 PyPI Packages Spreading Malware to Developer Systems

Researchers Warn Against Zoho ManageEngine Exploit Attacks

Royal Mail promises ‘workarounds’ to restore services after ransomware attack

Royal Mail Says No Data Breach During Last Week's Cyberattack

Royal Mail warns customers 'be vigilant' as 'believable' scam texts rise

Russia's Ukraine War Drives 62% Slump in Stolen Cards

Security experts develop method of generating 'highly evasive' polymorphic malware using ChatGPT

Security risks of ChatGPT and other AI text generators

South Africa worst hit by data leaks

South Korea: Beware phishers claiming to be from National Tax Service

Swindling websites on the rise in Vietnam

Thailand: Central Investigation Bureau (CIB) warns netizens of smartphone hacking risk

The Internet of Things: What security risks should you look out for?

‘The Last of Us’ malware, phishing scams proliferate as show premieres

The scammers who scam scammers on cybercrime forums: Part 1

Three-Quarters of UK Schools Have Experienced a Cyber Incident

Training, endpoint management reduce remote working cybersecurity risks

Truly unified security includes distributed and remote operations

TurboTax, QuickBooks owner slammed after MailChimp data breach

Turbulent year for crypto as illicit activity reaches new high

Unauthorized party removes files containing patient info from California hospital

Vice Society Claims Ransomware Attack Against University of Duisburg-Essen

Vice Society ransomware gang claims attack on one of Germany’s largest universities

Vice Society Ransomware Gang Exposes Sensitive University of Duisburg-Essen (UDE) Data in Latest Leak

Watch Out For This AnyDesk Phishing Campaign That Delivers Vidar Info Stealer

Website of biometric ‘homeless management system’ provider hacked

What Is a Fault Injection Attack (FIA)? Should You Be Worried?

What is phishing? Everything you need to know to protect against scam emails - and worse

What is the Future of Password Managers?

What to know about CircleCI's recent cybersecurity incident

When Digital Devices Meet Analog Laws: The Digital License Paradox

Where is Your Risk? Vulnerabilities in Open Source Software

Younger Australians the least cyber safe generation

Your fitness app knows a scary lot about you. How secure is your data?

Zoho ManageEngine PoC Exploit to be Released Soon - Patch Before It's Too Late!

16th January

10 data security enhancements to consider as your employees return to the office

12 Social Engineering Statistics That Will Make You Question Everything

2023 Data Privacy Predictions

AI and Ethics: Balancing progress and protection

An Annotated Field Guide to Identifying Phish

Android TV Box Sold on Amazon Contain Malware

Avast releases free BianLian ransomware decryptor

Beware of DDosia, a botnet created to facilitate DDoS attacks

Cacti servers under attack by attackers exploiting CVE-2022-46169

CircleCI breach post-mortem: Attackers got in by stealing engineer’s session cookie

CircleCI Confirms Data Breach Was Caused By Infostealer on Employee Laptop

CircleCi confirms malware attack on employee’s laptop, leading to a security incident

CISA Warns for Flaws Affecting Industrial Control Systems from Major Manufacturers

Combatting Growing Cyber Threats to Critical Infrastructure

Complete Guide to Zero Trust Security

Cross-border crypto scammers on the hit list for EU agencies

Crypto Mixers: How to Protect Your Privacy While Trading Cryptocurrencies

Cybersecurity expert reveals warning signs of a hacked webcam or smartphone

Cybersecurity Experts Cast Doubt on Hackers' ICS Ransomware Claims

Datadog rotates RPM signing key exposed in CircleCI hack

DNV: 1000 ships affected after cyber-attack

Due to a vulnerability, over 2.5 billion Google Chrome users are at risk in case of a data breach

Early Learnings From Advanced Hack and How Zero Trust Can Help

From Data Breach to Phishing to Lapsus$: Cyber Attacks That Echoed in 2022

Gotta Catch ‘Em All - Understanding the NetSupport RAT Campaigns Hiding Behind Pokemon Lures

Hackers Hijack NortonLifeLock Customer Accounts

Hackers use fear of mobilization to target Russians with phishing attacks

Hacktivists Leak 1.7TB of Cellebrite, 103GB of MSAB Data

Hospitality most cyber-secure industry in the UK

How AI chatbot ChatGPT changes the phishing game

How Many People Get Hacked a Year?

How Public and Private Entities Can Fight Cybercrime

How To: Bolster Infrastructure as Code Security

How To Help Your Clients Ensure Cybersecurity In 2023

Lateral movement: The key to identity-based attacks

Law enforcement tools company targeted following alleged data breach

Lessons from the Royal Mail Ransomware Attack

Lloyds Bank warns Britons about British Gas scam email

Malicious ‘Lolip0p’ PyPi packages install info-stealing malware

Medibank Data Breach Class Action: Compensation can reach up to $20,000 per person

New Backdoor Created Using Leaked CIA's Hive Malware Discovered in the Wild

NFT God Lost all his Digital Assets in a Phishing Attack

NFT Influencer Suffers From Crypto Wallet-Draining Malware Delivered By Google Ads

Notorious Hacker Group Lazarus Begins Laundering Harmony Funds

Over 6K customer accounts breached, admits Norton LifeLock

Over a dozen schools in Hull and Yorkshire crippled by ransomware attacks

Post-quantum cybersecurity threats loom large

Qbot Overtakes Emotet in December 2022's Most Wanted Malware List

Raccoon and Vidar Stealers Spreading via Massive Network of Fake Cracked Software

Ransomware Attack Affects 1,000 Vessels Worldwide

Ransomware attackers are setting the cybersecurity agenda

Ransomware Diaries: Undercover with the Leader of LockBit

Ransomware Operators Continue to Aggressively Target US Healthcare Sector

Researchers to release PoC exploit for critical Zoho RCE bug, patch now

Royal Mail urging customers not to post items overseas after cyber attack

Royal Mail urging customers not to post items overseas after cyber attack

Royal Mail warns customers NOT to send parcels abroad after cyber attack

System failure, says firm over data breach

Taiwan intelligence on sale for US$150,000 at overseas hacker forum

Targeting the news: Ransomware attack on The Guardian

The Dangers of Using Unsecured File-sharing Methods and How to Avoid Them

The most-popular big tech default email programs are old and vulnerable

The true costs of data breaches revealed

Threat hunts form part of proactive cyber security strategy

Three ways to tell if your webcam or phone camera has been hacked

TikTok Fined Over $5m for Cookie Violations

US Court Orders $17m Be Given to BitConnect Victims

US Department of Interior Passwords Cracked within 90 Minutes, Report Reveals

Vice Society claims credit for Fire Rescue Victoria (FRV) outage

Vice Society ransomware leaks University of Duisburg-Essen’s data

What is credential theft and why should physical security professionals care?

What is Cyber Security? How to Learn It?

Why Cyber Insurance Will Revive Cyber Business Intelligence

Why encrypting emails isn’t as simple as it sounds