Editor's Message

Welcome to DBD. On March 8th we celebrated our 4th Anniversary and the 1st Anniversary of our PRiSM application, officially endorsed by the SANS Institute. Despite recent personal issues that have impacted the amount of time I have been able to dedicate to both projects, I have been doing my best to keep everything as up-to-date as possible, and I would like to take this opportunity to thank everyone for their patience and support whilst I navigate through this very difficult time. Stay safe. :)

Monday 23 January 2023

Data Breaches Digest - Week 4 2023

Welcome to this week's Data Breaches Digest, a catalogue of links concerning Data Breaches and Cyber Security that were published on the Internet during the period between 23rd January and 29th January 2023.

29th January

Data Privacy Day: Ransomware’s effect on privacy

DocMorris: Hackers capture data from tens of thousands of customer accounts

Gootkit Malware Continues to Evolve with New Components and Obfuscations

LockBit’s ethical guidelines: can hacking gangs ever be the good guys?

Nepal: Hackers obstruct government sites for four hours

Nepal: Open season on hacking into gov.np

NFT collector who fell for a phishing scam takes OpenSea to court

Over £3.9 BILLION has been lost to fraud and cybercrimes in the last 13 months across the UK

Security tip: Are you making this huge Wi-Fi mistake?

Shady reward apps on Google Play amass 20 million downloads

SMEs In Bahrain Faced 348% Jump In Cyberattacks

Taiwan: Nationwide Data Leaks Raise Security Concerns

The 9 top trends driving electric vehicle security in 2023

The Basics of Cloud Security For SMBs: Zero Trust, Cloud-Native Application Protection Platform (CNAAP), and More

Ultimate Guide to Blockchain Security

Yandex Source Code Online Leaked, Company Denies Hack

28th January - Data Privacy Day

7 cybersecurity resolutions for 2023

7 Most Common Cryptocurrency Scams And How To Avoid Them

7 Ways the Hive Ransomware Gang Caused Mayhem Before It Got Pwned by the FBI

40 Years Of The Internet - Tips For Staying Safe Online in 2023

Azuki Twitter Account Was Compromised Leading To Stolen NFTs

Bitwarden Password Manager users are being targeted by phishing ads on Google

Brunei's popular public service app - QueUp - goes offline following data breach

Class action lawsuits following breaches in the medical sector: do they help or make things worse?

Cyber attacks in space: How safe are our satellites?

Cyber attacks on Japan soar as hackers target vulnerabilities

Cybercriminals impersonated Banco Ita├║ and stole data with a fake page

Cybersecurity shocking data breaches

Czech Websites Related To Presidential Election Face Hacker Attack

Data Privacy Day: The Importance of Managing Your Data Security Posture

Data Privacy Week: Addressing ChatGPT's Shortfalls in Data Protection Law Compliance

Department of Justice (DOJ) Successfully Prevents Ransomware Gang From Extorting $130M From Victims

Extradited Alleged ShinyHunters Hacker Pleads Not Guilty in US Court

FBI disrupts ransomware group targeting hospitals, thwarting $130M in payment demands

Financial protection in the digital ecosystem - an analysis of issues and threats

Gazprombank Investments Denies Data Breach

Hackers Attack Azuki’s Twitter Account, Steal NFTs Worth $1.7M In Phishing Attack

Hackers use new SwiftSlicer wiper to destroy Windows domains

ISC Releases Security Patches for New BIND DNS Software Vulnerabilities

Is data privacy dead?: Cybersecurity experts share insights

LastPass Customers: Change All of Your Passwords Now

Latvia confirms phishing attack on Ministry of Defense, linking it to Russian hacking group

Microsoft Urges Customers to Secure On-Premises Exchange Servers

Mon Dieu! Suspected French ShinyHunters gang member in the dock

Most criminal cryptocurrency is funneled through just 5 exchanges

New Mimic Ransomware Abuses Windows Search Engine to Look Files for Encryption

Police said a hacker tried to sell the personal information of almost all Austrian citizens

Protecting Sensitive Data: A Reminder of UK Data Protection Laws for Charities

Ransomware affects every aspect of your organization - here's how to keep your business-critical applications safe

RCE exploit for vRealize Log Insight coming next week, patch now

Remote Access Phishing Scams

Running Room Canada has suffered a data breach

Russian hacker group threatens Norwegian hospitals

Tax season: Scams to watch for so you don’t get taken

The Last of Us: cybercriminals take advantage of the success of the series and are stealing data

The threat of ransomware is real. So why are Canadians handcuffing themselves?

This Windows Flaw Could Lead to the Next Big Cyberthreat

Tourism Council plagued by ransomware

Ukraine Hit with New Golang-based 'SwiftSlicer' Wiper Malware in Latest Cyber Attack

Yahoo Impersonated in 20% of Phishing Attacks

27th January

3 business application security risks businesses need to prepare for in 2023

10 steps every business can take to avoid a cybersecurity breach

2023 Cyberthreats Threads: The Advanced Security Response

A hacker tried to sell the personal information of nearly every Austrian citizen, police say

Australia and New Zealand lacks privacy obligations understanding

Banks fret over phishing rule

Black Basta Deploys PlugX Malware in USB Devices With New Technique

BlackCat ransomware hits Solar Industries India: 2TB data stolen

Blockchain Bandit Attacks Are Happening Once Again in 2023

British Cyber Agency Warns of Russian and Iranian Hackers Targeting Key Industries

Brunei: QueUp app goes offline following data breach

Charter Communications says vendor breach exposed some customer data

ChatGPT's Data-Scraping Model Under Scrutiny From Privacy Experts

Cyber risks the most important risk globally

Cyber Specialists of SBU neutralize Russian hacker attack on electronic systems of Ukraine

Cyberattack confirmed as cause for phone and IT problems at British music school

Cybersecurity trends in 2023 – what fintechs can expect

Data Privacy Week: Top data risks every business should address

Email fraud costs Key Biscayne’s Botanica condo $105,000

ESET: Sandworm could be behind new file-deleting malware targeting Ukraine

Experts Uncover the Identity of Mastermind Behind Golden Chickens Malware Service

FBI special agent’s take on national cybersecurity threats: ‘I have a hard time going to sleep’

FBI takes down Hive ransomware group

Four Ways to Mitigate a Cyber Attack From Derailing Your Next Deal

Future of risk management: What will it look like in 2023?

Global Action "Dismantles" Hive Ransomware Group

Hackers abuse legitimate remote monitoring and management tools in attacks

Hackers claim to be selling leaked US ‘No Fly’ list

Hackers selling League of Legends source code; story so far on Riot Games data breach

Hackers Use Legitimate Remote Monitoring and Management (RMM) Software to Steal from Federal Employees

Hackers Want To Crack Your Smartphone. Here Are 8 Ways To Fight Back

Hive Ransomware Gang Disrupted; Servers and Dark Web Site Seized

Hive ransomware group 'hacked' by authorities

Hong Kong Monetary Authority (HKMA) alerts public to alleged phishing Telegram group related to Bank of Singapore

How Providing Staff Awareness Training Improves A Company’s Security Posture

How to Enhance Cyber Security Awareness for Remote Teams (5 Tips)

How to Secure Wi-Fi Router

Inside the ransomware attacks holding business’ data hostage for £650,000 a time

India: After AIIMS ransomware attack, Modi government’s building a task force to fight cyber espionage

It’s Time to Put Your Users at The Centre of Your Security Universe

KFC, Pizza Hut, and Taco Bell Ransomware Attack Shuts Down 300 Restaurants in the UK

Los Angeles schools and cybersecurity turmoil

Matco Tools Corporation Files Official Notice of Data Breach Affecting Over 14k Individuals

Microsoft: Update On-Premises Exchange Server Now

Microsoft Edge Users Facing Risk Of Data Breach As CERT Flags 'Harmful Bugs' In Browser; How To Avoid

More Details of LastPass Breach: Hackers Used Stolen Encryption Key

mscripts, LLC Reports Data Breach with Federal Government Affecting 66,372 Individuals

Multiple Vulnerabilities Found In Healthcare Software OpenEMR

New 'Pig Butchering' Scam in West Africa Impersonates US Financial Advisors

NFTs worth millions disappear from prominent Web3 builder’s wallet

Over 180k Illinoisans affected as attackers steal Social Security numbers

PlugX malware hides on USB devices to infect new Windows hosts

PlugX Malware Sneaks Onto Windows PCs Through USB Devices

Ransomware experts laud Hive takedown but question impact without arrests

Researchers Discover New PlugX Malware Variant Spreading via Removable USB Devices

Running Room Canada website hit with data breach; some passwords, credit card info accessed

Russia blocks access to US ‘Rewards for Justice,’ FBI and CIA websites

Russian and Iranian hackers increase spear-phishing attacks

Securing Against Supply Chain Attacks

Security is Key to Business Transformation, Say IT Chiefs

Security leaders share Data Privacy Week thoughts and advice

Sim-swap scam: Action Fraud advice explained, what is crime, is it on the rise - how to spot and report it

Software vendor data breach affects nearly 49,000 individuals at UCHealth

Software vendor shares information about data breach

Standard Bank warns of phishing targeting clients

Stratford University Reports Data Breach Affecting the Over 78k Student and Employee SSNs

T-Mobile Data Breach: Hacker Accessed Personal Details of 37 Million Subscribers

Target says data sold on dark web is ‘outdated,’ likely ‘released by third party’

Targets of Opportunity: How Ransomware Groups Find Victims

The Growing Threat of Broken Authentication Attacks on APIs

The key issues with data privacy and the cloud

The personal information of 161 people disclosed by Chinese hackers is the same as the data leaked 2 months ago

There’s a Wild Scramble for Control of the Dark Web Taking Place in Russia

Ukraine: Sandworm hackers hit news agency with 5 data wipers

Up to 184,000 Clients of Lutheran Social Services of Illinois Impacted by Ransomware Attack

US Department of Justice (DOJ) busts ransomware Hive, saves victims $130 million in ransom

US says it ‘hacked the hackers’ to bring down ransomware gang, helping 300 victims

US seizes assets of ransomware group Hive

US Seizes Servers Of Prolific Ransomware Gang Hive

What is phishing? Prevent people from stealing your data on the internet

Why AI Phishing is Code Red for Businesses in 2023

Why Zero Trust Works When Everything Else Doesn’t

Zendesk Experiences Potential Data Breach

26th January

2 Hacks Involving Mental Health Data Affected Nearly 400,000

7 Insights From a Ransomware Negotiator

94% of businesses acknowledge a privacy skills gap despite training

$321 Million Wormhole Hacker is Moving Funds, On-chain Data Shows

A Third-Party Data Breach Exposed the Personal Information of 18,000 Nissan Customers

Attackers use portable executables of remote management software to great effect

Authorities smash global hacker network - "Hive" captured more than 100 million dollars

Authorities shut down HIVE ransomware infrastructure, provide decryption tools

BidenCash breach accounted for 10% of US breaches in 2022

Bitwarden password vaults targeted in Google ads phishing attack

Blank Image Attack: Blank Images Used to Evade Anti-Malware Checks

Bristol Planet Ice cyber attack sees thousands of customers’ details stolen

ChatGPT is a bigger threat to cybersecurity than most realize

CISA Warns Against Malicious Use of Legitimate RMM Software

CISA’s Joint Cyber Defense Collaborative to tackle energy, water security in 2023

Cyberattacks on the Healthcare Sector

Cyberattacks target websites of German airports

Cybercrimes at K-12 schools tripled over the pandemic

Dark Web Posts Advertising Counterfeit Cash Surge 90%

Data Breach Outlook: Health Care is the Most Breached Industry of 2022

Data Breaches Affect Millions of People Each Year – Here's What Victims Should Know

Data Privacy Week: How to Respond to Changing Consumer Data Privacy Expectations

Department of Justice (DOJ) disrupts global ransomware gang

Department of Justice (DOJ) Disrupts Ransomware Group That Extorted More Than $100M Including From Schools and Hospitals

Department of Justice (DOJ) says it disrupted a major global ransomware group

Department of Justice (DOJ) takes down ransomware group with a '21st century cyber stakeout'

DuoLingo investigates a dark web post offering 2.6 million accounts for $1,500

Dutch hacker arrested for trying to sell the personal information of nearly every Austrian citizen

Dutch hacker steals data from virtually entire population of Austria

Eurocell gets £1 million insurance payout after cyber attack

FBI hacked hackers to bust $130m ransomware gang, Justice Department reveals

FBI has seized website used by notorious ransomware gang

FBI says it 'hacked the hackers' to shut down major ransomware group

FBI says North Korea-related hacker group behind US crypto firm heist

FBI seizes website of Hive ransomware gang

FBI shuts down cybercriminal website linked to ransomware attacks

Federal Communications Commission (FCC) Proposes Updated Data Breach Notification Requirements

GoTo, the parent company of LastPass, suffers a data breach, compromising customers' backups

Guildford school victim of cyber-attack as phone lines and mail systems 'stop working'

Hacker moves stolen $90 million after six years

Hacker Tries to Auction Stolen League of Legends Source Code for $1 Million

Healthcare Industry Most Commonly Attacked with Downloaders and Ransomware

Hive ransomware disrupted after FBI hacks gang's systems

Hive Ransomware Infrastructure Seized in Joint International Law Enforcement Effort

HIVE takedown: National Crime Agency (NCA) in international operation to shut down $100m ransomware threat

How businesses can bolster their cybersecurity defenses with open source

Incident of the Week: Hackers steal the data of 37 million T-Mobile customers

International ransomware group claims responsibility for Okanagan College cyberattack

Iranian and Russian Groups Targeting Government, Activists and Journalists With Spearphishing

Iranian Group Cobalt Sapling Targets Saudi Arabia With New Persona

Is Once-Yearly Pen Testing Enough for Your Organization?

Jamaica: Opposition wants disclosure on suspected data breach at South East Regional Health Authority (SERHA)

Jamaica: South East Regional Health Authority (SERHA) - Information and Communications Technologies (ICT), other services impacted by cyberattack

Large East Asian companies attacked with SparkRAT open source tool

Lexmark warns of RCE bug affecting 100 printer models, PoC released

Lloyds Bank Warns of 80% Surge in Advance Fee Scams

Logan Health to pay $4.3 Million settlement after 2nd data breach in 3 years

Lutheran Social Services of Illinois Announces Data Breach Affecting 184k Individuals

Malta: Security Service says phishing was main cyber-threat to government in 2021

Microsoft urges admins to patch on-premises Exchange servers

Most wanted malware: Glupteba in top 10 and Qbot in 1st place

National Cyber Security Centre (NCSC): Beware Targeted Phishing Attacks from Russia and Iran

National Cyber Security Centre (NCSC) warns UK under state-sponsored spear-phishing attacks from Russia and Iran

Near-Record Year for US Data Breaches in 2022

New Cybersecurity Regulation Poised to Reshape Business Priorities

New Mimic ransomware abuses ‘Everything’ Windows search tool

New Python Malware Targeting Windows Devices

New Ransomware Payment Reporting Requirements on Horizon

North Korean hacker stole $100M in cryptocurrency from Harmony, FBI announces

North Korean hacking group scaled up phishing attacks late last year

NSA and CISA alert: This phishing scam could give hackers control of your PC

Peel Regional Police involved in international takedown of HIVE ransomware group

Phishing Attack Impersonates Chinese Government

PY#RATION: New Python-based RAT Uses WebSocket for C2 and Data Exfiltration

Ransomware fears, regulatory requirements drive threat intelligence interest

Ransomware groups rebrand and claim more victims

Rebranded Ransomware Crews Spike Number of Hijacking Incidents in Q4 2022

Researchers release PoC exploit for critical Windows CryptoAPI bug (CVE-2022-34689)

Researchers Release PoC Exploit for Windows CryptoAPI Bug Discovered by NSA

Researchers Uncover Connection between Moses Staff and Emerging Abraham's Ax Hacktivists Group

RIP Perimeter Security: Critical Infrastructure Breaches Demand New Approach

Royal Mail progressing to full operations following ransomware attack

Samsung Galaxy owners told to check their Android phone NOW in urgent hacker warning

Securing a dynamic future for APIs and enterprise integration

Security Operation Centers (SOCs) to Face Greater Challenges from Cybercriminals Targeting Governments, Media

Singapore to tag unregistered SMS senders as 'likely scam'

Supply chain attacks caused more data compromises than malware

The Godfather Banking Trojan Expands Application Targeting to Affect More Europe-Based Victims

This is how long it takes a hacker to guess your password: between 2 seconds and thousands of years

Ticketmaster: Taylor Swift ticket sales disrupted by bot-driven attack

U.K. Warns of Targeted Phishing Attacks from Russia and Iran

U.S. Federal Agencies Fall Victim to Cyber Attack Utilizing Legitimate RMM Software

UK cyber experts warn of targeted phishing attacks

UK warns of increased attacks from Russian, Iranian hackers

Ukraine's Critical Sectors Targeted in Phishing Attack Surge

University of Colorado Hospital Authority Announces Third-Party Data Breach Following Incident at Diligent Corporation

US data breaches in 2022 just shy of all-time high set in 2021

US announces it seized Hive ransomware gang’s leak sites and decryption keys

US authorities seize servers for Hive ransomware group

US Authorities Take Down Ransomware-as-a-Service Website Hive

US hacks back against Hive ransomware crew

US infiltrates big ransomware gang: ‘We hacked the hackers’

US offers $10 Million bounty for Hive ransomware links to foreign governments

US says Hive ransomware gang taken down

US Shuts Down Major Global Ransomware Group Hive

‘We hacked the hackers:’ DOJ, FBI take down Hive ransomware after spending months inside gang systems

What's Next for T-Mobile After Yet Another Data Breach?

Yandex denies hack, blames source code leak on former employee

Zacks Investment Research Confirms Breach Affecting 820,000 Customers

25th January

3 Effective Strategies That Protect Your Business Network Against Hackers

45% of IT healthcare professionals say ransomware impairs patient care

269 observed ransomware attacks globally in December 2022

Albanians Mull Options as Data Security Takes New Hit

Alumnus files federal lawsuit against Knox College over data breach

Analysing the Ransomware as a Service (RaaS) business model

Apple just patched this 'actively exploited' flaw in older iPhones and iPads

Arnold Clark cyber attack claimed by Play ransomware gang

Australian man given two-year jail sentence for $69K phishing scams

Bahrain: Children ‘being targeted in online banking frauds’

Baltimore County schools ignored warnings before 2020 cyberattack, audit finds

Baltimore schools cyber attack cost nearly $10 Million

Bank of Eastern Oregon Files Official Notice of Data Breach

Battle of the breach: Prioritizing proactive ransomware defense

BlackBerry’s Inaugural Quarterly Threat Intelligence Report Reveals Threat Actors Launch One Malicious Threat Every Minute

BlackCat ransomware group allegedly targets NextGen Healthcare

Botnets exploited Realtek SDK critical bug in millions of attacks

British cyber agency issues warning over Russian and Iranian espionage campaigns

British Insurance Brokers' Association (BIBA) flags concern on businesses cutting cyber cover

ChatGPT could boost phishing scams

Chinese researchers: RSA is breakable. Others: Do not panic!

CISA: Federal agencies hacked using legitimate remote desktop tools

CISA says federal agencies attacked in refund scam through remote management software

Cloud Computing Company Rackspace Hit with Class Action Over Data Breach

Consumers Association of Singapore (CASE) complainants targeted by phishing scam

Court records were lost in debilitating Vanuatu cyber attack

Critical VMware vRealize Log Insight flaws patched (CVE-2022-31706, CVE-2022-31704)

Cyber criminals successfully targeting Wexford small businesses

Cyberattack in Los Angeles Unified District Targeted Vendors

Cyberinsurance Predictions for 2023

Cybersecurity budgets aren’t matching cybersecurity challenges

Cybersecurity ‘more critical than ever’ in era of connected care

Cybersecurity threats increasing and evolving at rapid pace

Data Privacy Week: Data Privacy Breeds Trust – Here’s Why

Data suggests Russia-Ukraine conflict impact on cyber threats

DLA Piper Annual GDPR and Data Breach Report: 2022 a Record Year for GDPR Fines Despite Drop in Breach Count

Downloaders, Ransomware, Among Top Healthcare Cyberattack Tactics in Q4

Dutch hacker accessed personal data of all Austrians

Dutch Police Arrest Man For Massive Online Data Theft

Exchange Server under pressure as opportunistic actors step up attacks

Expect more cyber threats

Experian Glitch Exposing Credit Files Lasted 47 Days

Exploit released for critical Windows CryptoAPI spoofing bug

FBI: North Korean hacking group Lazarus behind $100 million crypto heist

FBI Says North Korea-Related Hacker Group Behind Crypto Firm Heist

Five Incident Response Metrics you Should be Recording

Germany's cybersecurity agency probes 'scope and source' of attacks by hackers targeting websites

GoTo’s LastPass Breach: Encrypted Customer Data Taken

Hacker Tries to Auction Stolen League of Legends Source Code for $1 Million

Hackers auction alleged source code for League of Legends

Hackers Use Shapeshifting Tactics to Steal Information Stealing Malware

Hilton denies hack after data from 3.7 million Honors customers offered for sale

How A North Korean Hacker Group Stole Over $1 Billion In Crypto Last Year

How MSPs can capitalise on SMBs' security spending spree

It's Getting Harder to Protect Yourself After a Data Breach; Here's What to Do

Just Half of Firms Have Sufficient Cybersecurity Budget

Kronos Malware Reemerges with Increased Functionality

LastPass Parent Company GoTo Suffers Data Breach, Customers' Backups Compromised

LendUS data breach class action settlement

Livingston Memorial VNA Reports Data Breach Following Apparent Ransomware Attack

Logan Health Proposes $4.3 Million Settlement to Resolve Class Action Data Breach Lawsuit

Major betting site hacked with ‘personal info stolen’ – check your account now

Malicious Prompt Engineering With ChatGPT

Managing ransomware risk is becoming more complex

McAfee scam email: Everything you need to know

Mexico-Audrain County Library District Resumes Some Services Following Ransomware Attack

Most consumers would share anonymized personal data to improve AI products

New Cheats May Emerge After Riot Games Hack

New kind of phishing attacks are exploiting Microsoft OneNote to bypass disabled macro

New stealthy Python RAT malware targets Windows in attacks

New Wave of Cyberattacks Targeting MS Exchange Servers

Nine data privacy stats small businesses should know

No-fly list with details of over 1 million people leaked by hacker

North Korean Group TA444 Shows 'Startup' Culture, Tries Numerous Infection Methods

North Korean Hackers Turn to Credential Harvesting in Latest Wave of Cyberattacks

North Korean hackers use fake job offers, salary bumps as lure for crypto theft

Only half of organisations have budget to meet cyber needs

Over 4,500 WordPress Sites Hacked to Redirect Visitors to Sketchy Ad Pages

PayPal Credential Stuffing Attacks Renew Calls for MFA

Preparing for a cyber incident is business-critical

Protecting Against Malicious Use of Remote Monitoring and Management Software

Ransomware: KFC and Pizza Hut parent company confirms data theft

Ransomware attack costs Soo Catholic school board more than $300K

Ransomware groups continue to target U.S. health sector

Ransomware surges as cybersecurity attacks increase in South Africa

Regulator Stress Test Highlights Cyber Insurance Concerns

Regulatory reform will shape 2023 cyber risk landscape

Riot Games breached: How did it happen?

Riot Games cyber attack: Hackers steal game source codes, demand ransom

Russia suffered record number of DDoS attacks last year

San Andreas Regional Center data breach class action settlement

Seven Ways Cyber Attackers Bypass MFA – And How To Stop Them

Solana’s Wormhole Hack Perpetrator Moves $155M in Ethereum to DEX

Specialty Care Clinic Reports Potential PHI Exposure Caused by Tracking Pixels

Steps To Planning and Implementation Of Endpoint Protection

Students feel 'betrayed' by Okanagan College's handling of data breach

Template Injection Attacks: Nefarious Actors Lie in Wait in North Korea

The Definitive Browser Security Checklist

The risks of 5G security

Ticketmaster blames cyber attack for Taylor Swift tour debacle

Ticketmaster Claims Bot Attack Disrupted Taylor Swift Tour Sales

Top tips for employee cyber security training

VMware Releases Patches for Critical vRealize Log Insight Software Vulnerabilities

Who foots the bill?

Why British homes are at risk from ‘Trojan Horse’ smart devices

Wrapping up 2022: The worst malware attacks

Yahoo Most Faked Brand Name in Phishing Attempts by Threat Actors in Q4 2022

Yahoo Overtakes DHL As Most Impersonated Brand in Q4 2022

Zacks Investment Research data breach affects 820,000 clients

Zendesk breached after employees fell for an SMS phishing attack

24th January

5 important things to consider when disposing of your company's IT equipment

5 Ways to Help Lock Down Your Data After PayPal's Data Breach

10 cybersecurity predictions for tech leaders in 2023

21% of US Dept. of Interior Passwords Crackable

70% of Consumers Distrust Brands That Have Experienced Data Breach

75k WordPress sites impacted by critical online course plugin flaws

100 top e-commerce sites create data privacy risks for consumers

A solution to the security challenge of legacy applications

All at sea: Maritime company hit by ransomware attack

Alum sues Knox College over data breach from ransomware attack

An IBM Hacker Breaks Down High-Profile Attacks

Apple delivers belated zero-day patch for iOS v12 (CVE-2022-42856)

Apple Issues Updates for Older Devices to Fix Actively Exploited Vulnerability

Armis State of Cyberwarfare and Trends Report: 2022-2023 Highlights Global IT and Security Professionals' Sentiment on Cyberwarfare

Asylum seeker class action alleges ICE data breach compromises safety

Australia fronts International Counter Ransomware Taskforce

“Bored” hacker compromises airline in minutes

Canadian tool manufacturer hit by cyber attack

Charity cyber report

Chinese Hackers Utilize Golang Malware in DragonSpark Attacks to Evade Detection

CISA publishes long-awaited K-12 cybersecurity roadmap

CISA releases new K-12 cybersecurity game plan

CommonSpirit Facing 2 Proposed Class Actions Post-Breach

Companies slow to “mask up” with zero trust cybersecurity protocols

Data Privacy Week: Consumers Already Concerned About AI’s Impact on Data Privacy

Despite cybersecurity being top of mind for the C-suite, data privacy is lagging, a new report finds

Does Cyber Insurance Cover What You Think It Does? What In-House Counsel Need to Know

DragonSpark Hackers Evade Detection With SparkRAT and Golang

DuoLingo investigating dark web post offering data from 2.6 million accounts

Emotet Malware Makes a Comeback with New Evasion Techniques

FBI: North Korean hackers stole $100 million in Harmony crypto hack

FBI Confirms Lazarus Group Was Behind $100m Harmony Hack

FBI says North Korea-related hacker group behind U.S. crypto firm heist

FBI Says North Korean Hackers Behind $100 Million Horizon Bridge Crypto Theft

GoTo now says customers’ backups have also been stolen

GoTo says hackers stole customers' backups and encryption key

GoTo says hackers stole encrypted backups during November cyberattack

Hackers demand millions in ransom from Britain’s largest car dealer Arnold Clark

Hackers now spreading malware using Microsoft OneNote attachments

Hackers use Golang source code interpreter to evade detection

How hackers stole the personal data of 37 million T-Mobile customers

Information Commissioner’s Office (ICO) Offers Data Protection Advice to SMBs

Keeper Security Shares Password Best Practices Ahead of Data Privacy Day

LastPass Sibling Company GoTo Loses Encrypted Backups to Hackers

League of Legends developer held to ransom over stolen source code

Lessons Learned from the Windows Remote Desktop Honeypot Report

Microsoft to Block Excel XLL Add-Ins to Stop Malware Delivery

Mobile Malware Infections You Don’t Want to Get

Neopets Owner NetDragon Faces Potential Class Action Lawsuit For Last Year’s Data Breach

Ohio town working to restore municipal court systems after cyberattack

Okanagan College offers credit monitoring to students after cyber attack

One Brooklyn Confirms Cyberattack, BlackCat Ransomware Claims Attack On NextGen

Pakistani authorities investigating if cyberattack caused nationwide blackout

Penetration Testing – Protecting your assets from cyber threats

Planet Ice: Customer details stolen in data breach

Protect Your Data with Zero Trust

Puma investigates claims of leaking more than 230k customers’ data

Ransomware access brokers use Google ads to breach your network

Ransomware attack costs school board more than $300K

Recent rise in SEO poisoning attacks compromise brand reputations

Riot Games "confident" no player data compromised in last week's cyber attack

Riot Games receives ransom demand from hackers, refuses to pay

Riot Games receives ‘ransom email’ for stolen source code following social engineering attack

Record-Breaking Year for DDoS Attacks Targeting Russia

Rockstar addresses Grand Theft Auto (GTA) Online exploit that lets hackers corrupt game files

Securing against phishing in large databases

Singapore: Consumer watchdog warns of phishing emails impersonating its officers; 13 reports received in 3 days

Software Developers Will Be Key to Security in 2023

Some Vulnerabilities Date Back to the Last Millennium

Sophisticated SMS Phishing scam Dupes Zendesk Staff

SSRF attacks hit 100,000 businesses globally since November

Switzerland: Dukascopy warns of a “clone phishing” scam

Sydney man jailed for $100,000 phishing scam

T-Mobile Cyberattack Spurs Law Firm Investigation

T-Mobile suffers another data breach

Tech and healthcare

The H & 5 Ws of cybercrime & security

The Security Challenges of API Sprawl

The Unrelenting Menace of the LockBit Ransomware Gang

Third MailChimp Data Breach Makes It Hard To “Rebuild Trust”

Too Much Caffeine? Phishing-as-a-Service Makes Us Jittery

Understanding your attack surface makes it easier to prioritize technologies and systems

US, EU Seize Crypto Exchange Used by Russian Criminals

Veterans Affairs: Contractors Have 1 Hour to Report a Security Incident

Vice Society Ransomware Group Targets Manufacturing Companies

VMware fixes critical security bugs in vRealize log analysis tool

Wawasee Hit With Ransomware

What Federal Charges Against Bitzlato Mean for Cybercrime

What to know about BlackCat, the new ransomware group hitting hospitals, clinics, pharma

Within these walls: tackling insider crime

Wormhole hacker moves $155 Million in biggest shift of stolen funds in months

Wormhole Hacker Moves $155 Million in Largest Move of Stolen Funds in Months

XRP Scammers Targeted US Sports Channel To Promote Fake Giveaways

Yahoo most impersonated brand in Q4 2022 phishing attacks

Zendesk Hacked After Employees Fall for Phishing Attack

Zero Trust Will Not Mitigate Over Half of Attacks

23rd January

Ad Fraud Scheme Tops 12 Billion Daily Bid Requests

Advancing Medical Technology Requires More Medical Device Regulation

Almost half of critical manufacturing organizations face significant risk of data breach

Apple fixes actively exploited iOS zero-day on older iPhones, iPads

Arnold Clark blackmailed by hackers following cyber attack data breach

Arnold Clark threatened by hackers following cyber attack

Arrests, Data Breaches, Ransomware, and False Bomb Threats Rock Online Environments

Attackers May Be Stealing Your Food and Ingredients Through BEC Phishing

Australian Cyber Security Centre (ACSC) Ransomware Profile - Royal

Check Point: Brand Phishing report – Q4 2022

CISA warns of critical ManageEngine RCE bug exploited in attacks

CommonSpirit hit with another lawsuit in wake of ransomware attack

Cybercriminals target marketing, C-suite and IT

Cyberespionage threat actor exploits CVE-2022-42475 FortiOS vulnerability

Email is our greatest productivity tool. That's why phishing is so dangerous to everyone

Extent of reported CVEs overwhelms critical infrastructure asset owners

Fewer ransomware victims are paying up. But there's a catch

Fight against phishing: Belgian banks now available 24/7 to stop fraud

Five Cybersecurity Predictions For 2023

Four Data Security Falsehoods Harming Your Company Right Now

Google Ads invites being abused to push spam, adult sites

Grand Theft Auto (GTA) Online bug exploited to ban, corrupt players’ accounts

Hackers Deploy Open-Source Tool Sliver C2, Replacing Cobalt Strike, Metasploit

Hackers remotely interrupting Grand Theft Auto (GTA) Online PC Gameplay

How To: Protect Your Business From Human Error-Related Cybersecurity Breaches

How to Find Out Who Hacked Your Phone

Insulet alerts 29,000 Omnipod Dash insulin pump users to data breach linked to recall

International Counter Ransomware Task Force kicks off

Kaspersky releases 2023 predictions

Keeping laboratory data secure

Linux Malware Rates Rise to Record Levels Amid Hacker Inconsistency

Los Angeles Unified School District confirms SSNs leaked in September ransomware attack

Mailchimp data breach impact unravels as second customer reveals extent of damage

Major Hacks Highlight Evolving Ransomware Threat in Europe

Massive Ad Fraud Scheme Targeted Over 11 Million Devices with 1,700 Spoofed Apps

Members Trust of the Southwest Federal Credit Union Announces Data Breach Affecting Customers’ SSNs and Financial Account Information

Microsoft plans to kill malware delivery via Excel XLL add-ins

Ministry of External Affairs (MEA) e-mail server hacked - biggest ever cyber-attack in India

Most Federal Agencies Ignored Government Accountability Office's Cybersecurity Recommendations

Multi-Factor Authentication (MFA) Bypass: The Next Frontline for Security Pros

Neutralize Phishing Threats with Web Scraping

New Government Cyber Advice for £100 billion UK Charity Sector

Okanagan College offers creditor monitoring to students and staff after cyber attack

Organizations Likely to Experience Ransomware Threat in the Next 24 Months, According to Info-Tech Research Group

Orgs Must Prepare for Security and Exchange Commission (SEC) Cybersecurity Requirements Aimed at Boards

Phishing is leading malware type affecting remote employees

PLAY ransomware group claims attack on Arnold Clark, one of Britain’s largest car dealerships

Ransomware attack cripples Costa Rica’s Ministry of Public Works and Transport

Ransomware Profits Dip as Fewer Victims Pay Extortion

Retail Data Breaches: What Comes Next? Understanding the Aftermath of a Digital Skimming Attack

Riot Games Halts Work After Cyber-Attack

Riot Games to pause updates after social engineering attack

Roaming Mantis Malware Returns with DNS Changer Capability

Royal Mail making limited progress on ransomware recovery

Russia-Linked Attackers Target US Nuclear Research Facilities

Russia’s largest ISP says 2022 broke all DDoS attack records

SaaS Security Posture Management (SSPM) as a Layer in Your Identity Fabric

Samsung Galaxy Store App Found Vulnerable to Sneaky App Installs and Fraud

Satellite Healthcare Files Official Notice of Data Breach

Spam Rates Double and Ransomware Worsens Finds Acronis in Cyberthreats Report

Swiss hacker succeeds in gaining access to US government's no-fly list

T-Mobile’s latest customer data breach wasn’t a ‘hack’

The U.S. ‘No Fly List’ Found On the Open Internet

Threat Actors Turn to Sliver as Open Source Alternative to Popular C2 Frameworks

Trained developers get rid of more vulnerabilities than code scanning tools

Two Vulnerabilities Found in Galaxy App Store

Vice Society ransomware gang steals contractors’ information from Los Angeles Unified School District (LAUSD)

What’s in a Word? Federal Communications Commission’s Proposed Data Breach Rule Redefines Key Terms

Yahoo Most Impersonated Brand in Q4 2022 Phishing Attacks

Yum Brands temporarily closed almost 300 UK restaurants amid cyber attack