Editor's Message

Welcome to DBD. On March 8th we celebrated our 4th Anniversary and the 1st Anniversary of our PRiSM application, officially endorsed by the SANS Institute. Despite recent personal issues that have impacted the amount of time I have been able to dedicate to both projects, I have been doing my best to keep everything as up-to-date as possible, and I would like to take this opportunity to thank everyone for their patience and support whilst I navigate through this very difficult time. Stay safe. :)

Monday 13 February 2023

Data Breaches Digest - Week 7 2023

Welcome to this week's Data Breaches Digest, a catalogue of links concerning Data Breaches and Cyber Security that were published on the Internet during the period between 13th February and 19th February 2023.

19th February

A Security Concern Or An Opportunity For Economic Development? Exploring The Pros And Cons Of Smart Cities

British Airways Threatened With £500m Lawsuit

Cyber Criminals Target Crypto Investors with New Malware – Here's What You Need to Know

Cybersecurity: What can you do to reduce your risk of an online attack?

Edgepark Medical Supplies notifies patients of Rise Interactive Media & Analytics data breach

Every 11 seconds a company becomes a victim of ransomware attack

Fannin County systems attacked by Ransomware

Fortinet Issues Patches for 40 Flaws Affecting FortiWeb, FortiOS, FortiNAC, and FortiProxy

From social media to ChatGPT, cyber criminals quick to adopt new tech

GoDaddy Phishing Attack: Web Hosting Platform Says Hackers Stole Source Code, Installed Malware

Hacker group with members from Europe, North America found to have launched cyberattacks against China

Hackers Start Using Havoc Post-Exploitation Framework in Attacks

Here is what will happen to your data after your passing

India: Government yet come up with satisfactory answers on AIIMS server attack

Moldova, facing cyberattacks as part of alleged Russian coup plan, asks for Western support

Pakistan: Google removes 14 apps at National Database and Registration Authority (NADRA) request about personal data breach

QR code generator My QR Code leaks users’ login data and addresses

Reventics notifying patients of ransomware incident

Sobeys admits to data breach in fall 2022, alerts customers

Spain orders extradition of British alleged hacker to US

Thief steals $8.5M using 10-day-old cryptocurrency

What Is FormBook Malware and How Do You Remove It?

18th February

Addressing Cybersecurity Concerns During the Grid Modernization Process

Be careful downloading viral portrait apps

Beware Fake Disney Plus Emails That Steal Your Bank Information

Burton Snowboards Hit By Cyber Attack

Crypto investors under attack by new malware, reveals Cisco Talos

Cyber resilience requires cooperation

Cybersecurity: Why is it important for OEMs?

Cypriots lost some 23 million euros lost in 2022 to online scams

DeFi security: How trustless bridges can help protect users

Financial system is alarmingly vulnerable to cyberattack

German airport websites hit by suspected cyber attack

Gloucester’s GL1 leisure centre still suffering from city council cyber attack fallout

GoDaddy discloses a new data breach

GoDaddy Discloses Multi-Year Security Breach Causing Malware Installations and Source Code Theft

How Startups Can Use AI To Automate Data Protection

How to improve the security of your television

How to Protect Your Business From Ransomware

New crypto-mining attack exploits vulnerabilities in Microsoft Exchange ProxyShell

New WhiskerSpy malware delivered via trojanized codec installer

Platypus DeFi Platform Hit by $8.5M Flash Loan Attack with Unexpected Twist – Here's What Happened

Scammers dupe Malaysians of over RM50 million in four months

Small Businesses are Vulnerable to Cyberattacks

Smishing, vishing and whaling: How phishing scams are evolving

Spain Orders Extradition of British Alleged Hacker to U.S.

The challenges for cyber resilience in 2023

The Dark World of Hacking: Unveiling the Secrets

Threats in the cyberspace: Critical systems at risk

Three Common Security Errors that Endanger Your Social Media Accounts

Top cybersecurity trends small businesses should be paying attention to this year

Unintended riot: Leading games manufacturer struck by ransomware

Vishing on phishing: messenger users will face a sharp increase in fraud

What Can Consumers Do to Protect Their Data?

What Is a Mobile Risk Assessment? 5 Good Reasons to Perform One

Yes, the Equifax breach settlement emails are real

17th February

2 Orgs Reach Settlements to Resolve Healthcare Data Breach Lawsuits

5 key cybersecurity trends for 2023

7 tips to make your browsing experience safer

7 Ways To Spot Common Crypto Scams If You're Planning To Invest In It

A consumer data leak involving Money Lover brings cybersecurity front and center for Financial Institutions

Admins, patch your Cisco enterprise security solutions! (CVE-2023-20032)

Aker Solutions continues to tackle Brazil cyber attack

Almost one in five Irish firms hit by cyber attack or data breach in 2022

American Civil Liberties Union (ACLA) Expands Class Action Lawsuit Against RIPTA and UnitedHealthcare New England

Armenia and Azerbaijan Hackers Use OxtaRAT to Monitor Conflict

Armenian Entities Hit by New Version of OxtaRAT Spying Tool

ASML claims an employee stole chip manufacturing secrets and sold them to China

Atlassian Data Breach, Company Info Stolen From Third-Party App

Authorities break up gang responsible for €38 million CEO fraud

Belgium institutes nationwide vulnerability disclosure policy

Cash App, USPS, Overheadusa[.]com, and iPhone 14 on Amazon – Top Scams & Phishing Attempts of the Week

CISA urged to add 8 severe ransomware bugs to vulnerability catalog

Civilian hackers could become military targets, Red Cross warns

Cloud Infrastructure Used By WIP26 For Espionage Attacks on Telcos

Counterexploit Salvages Stolen Funds From Platypus Hacker

Critical RCE Vulnerability Discovered in ClamAV Open Source Antivirus Software

Crypto Theft Rose in 2022 as Scams, Ransomware Bounty Fell

Cryptocurrency stolen by North Korean hackers seized in Norway

Cyber attacks on Ukraine and NATO are carried out by 5 hacker groups, coordinated from Russia

Cybercriminals Trick Reddit Employee Into Accessing Company’s Intranet

Cybercriminals Use Havoc Post-Exploitation Framework in Attack Campaigns

Cybersecurity training vital to bolster business defences

Data Breach Reported At Mount Pleasant Central School District

Data exposed in Des Moines schools ransomware attack that disrupted district

Data Leak Hits Thousands of NHS Workers

DeFi platform Platypus says nearly $9 million in crypto stolen in flash loan attack

Digital Vigilance – Is Your Business Properly Protected Online?

DNA Testing Company Settles After Major Data Breach

Education must keep pace with evolving ransomware

EU Cybersecurity Agency Warns Against Chinese APTs

European Cyber Agencies Warn of Chinese Espionage Threat

Europol busts ‘CEO fraud’ gang that stole €38M in a few days

Evolving Threat Landscape Leading to Cybersecurity Pro “Burnout,” Study Says

Experts Warn of RambleOn Android Malware Targeting South Korean Journalists

Extended Internet of Things (XIoT) vendors get serious about security, devote resources to protect cyber-physical systems

FBI detects, contains cyber attack on New York office

FBI Hack – Agency Investigating Internal Network Breach

FBI is investigating a cybersecurity incident on its network

Firm Fined £200K For "Exploitative" Call Campaign

Five easy steps to keep your smartphone safe from hackers

Fortinet fixes critical RCE flaws in FortiNAC and FortiWeb

German airports hit by DDoS attack, ‘Anonymous Russia’ claims responsibility

GoDaddy: Hackers stole source code, installed malware in multi-year breach

GoDaddy Reveals Data Breach Led to Malware on Customer Sites

Google Ads Spreads FatalRAT Malware, Disguised As Popular Apps

Google Report Reveals Russia's Elaborate Cyber Strategy in Ukraine

Hacker group “Anonymous Sudan” claims major cyber attack on Scandinavian airline SAS

Hackers Fake Emsisoft Certificate to Hide Attack

Highmark notifies members of data breach related to malicious email phishing campaign

Indigo back online, but only for browsing

Indigo launches temporary browse-only website nearly 10 days after cybersecurity incident

Instagram Scams: How to Answer Those Cash App Money DMs

Ireland: HSE is blasted for revealing hacked info – 20 months on

Lancashire County Council has referred itself following a data breach

Lessons to be learnt from Royal Mail ransomware attack

MKS Instruments, Inc. Files Notice of Data Breach Affecting Current and Former Employees

Moroccan News Agency MAP Target of DDoS Cyber Attack

MSSPs report a surge in customer demand for dark web intelligence

Multi-Cloud Strategy is Appealing, but Security Confidence Lags

Multiple Chinese APTs are attacking European targets, EU cyber agency warns

Nation-State Actors and Cyberattacks in the Emerging 5G Ecosystem

Navigating the ever-changing landscape of digital security solutions

New AI wave will find uses and abuses in cybersecurity

New Mirai Botnet Variant 'V3G4' Exploiting 13 Flaws to Target Linux and IoT Devices

Norwegian Police Made A Record-High Crypto Seizure in Axie Case

Notorious Russian group hacked Munster university for ransom

Norwegian police recover $5.8M crypto from massive Axie Infinity hack

Oakland City Declares State of Emergency Following Ransomware Attack

Oops! 'Phishing' scam cost small Ohio city $219,000, finance director his job

Paul Smith’s College Announces Data Breach Impacting Over 10k Individuals

PayPal Scammers Using Legitimate Accounts to Send Phishing Invoices

Privacy in the US workplace – a rapidly changing landscape

Report Reveals Alarming Data Breach Trends Among Data Brokers in the US: Over 200 Million Records Compromised

Reducing the Risk of Severe Data Breaches

Report Found 98% Of Organizations Partner With Breached Third Parties

Scots cancer patient hits out after major data breach of medical records at NHS Lothian by staff member

Semiconductor industry giant says ransomware attack on supplier will cost it $250 million

SideWinder Behind Government Phishing Spree Across the East

Solving the cybersecurity puzzle

Spain orders extradition of British alleged hacker to U.S.

Suffolk County starting to restore online services amid months-long cyberattack

The Clop Ransomware Gang: Sinister Attacks Against the Healthcare Industry

Three quarters of vulnerabilities currently exploited by ransomware groups were discovered before 2020

UK NCSC Launches Recommendations on Supply Chain Mapping

Understanding Zero-Day Vulnerabilities and the Clop Ransomware Fallout

US and UK sanction cyber criminals in coordinated action

Wealth management leader Succession Wealth investigating a cyber attack

Weeklong ransomware attack on Oakland government drags on

West Lothian cancer patient slams NHS Lothian for 'inappropriate' data breach

What Is DNS Hijacking and Ways to Detect It?

When Russia’s conventional war stops, cyberattacks will continue, warns Estonia’s Prime Minister

Xavier University of Louisiana says the personal data of 44,000 students leaked in a November cyberattack

16th February

4 Keys To Mitigate Remote Work Security Vulnerabilities

40k Students Personal Info Compromised In Cyberattack

2022 Cyberattack Has Cost CommonSpirit $150 Million So Far

Alert and investigation fatigue is playing a role in employee burnout

Almost three quarters of organizations did not disclose breaches

Application and cloud security is a shared responsibility

Atlassian says employee, company info stolen from third-party app

Atlassian says recent data leak stems from third-party vendor hack

Australia: Privacy Act reform recommends compensation for data breach victims

Before You Agree to a Friendly ‘Favor’ Via Email, Beware This Phishing Scheme

Biden’s national cyber strategy to move risk from end users to technology producers

Boulder County recovers $237K lost in phishing scam

Breaking-free from the Hive

Burton Snowboards cancels online orders after 'cyber incident'

Business Email Compromise (BEC) Groups Target Firms With Multilingual Impersonation Attacks

ChatGPT: What Cybersecurity Dangers Lurk Behind this Impressive New Technology?

ChatGPT Empowers Millions of Potential Cyberattackers

CISA warns of Windows and iOS bugs exploited as zero-days

CISA’s Recognition of Security Control Validation is a Major Milestone

City of Oakland Declares State of Emergency After Ransomware Attack

Cloudflare Blocks Record DDoS Attack as Threats Surge

CommonSpirit Health Reports $150 Million Loss Due to Ransomware Attack

Could Zero-Trust Architecture Help K–12 Schools Fend Off Ransomware Attacks?

Cryptocurrency users in the US hit by ransomware and Clipper malware

Cyber companies’ aid to Ukraine is vital, report says, but the efforts also have limitations

Cybercriminals Continue Attacks on Banks: How Banks Can Strengthen Their Security?

Defending South Africa's critical infrastructure against cyber attacks

Denying hackers a pay day will break the ransomware business model

Domain Registrar Namecheap Sent Phishing Emails to Its Customers

Don’t pay out to ransomware criminals, businesses warned

Enterprise Ransomware Protection: Essential Tips and Tools

Espionage malware targeted telecoms in Middle East using Microsoft, Google, Dropbox tools

ESXiArgs Ransomware Hits Over 500 New Targets in European Countries

Experts Warn of Surge in Multipurpose Malware

Fairfield DNA testing company fined $200,000 for data breach

Financial advisory firm Succession Wealth probes cyber attack

Fraudsters are using machine learning to help write scam emails in different languages

German airport websites down in possible hacker attack

German airport websites hit by suspected cyber attack

Giving Cybersecurity the Attention it Deserves

Hackers backdoor Microsoft IIS servers with new Frebniis malware

Hackers Leverage PayPal to Send Malicious Invoices

Hackers target Chinese language speakers with FatalRAT malware

Hackers Using Google Ads to Spread FatalRAT Malware Disguised as Popular Apps

Healthcare revenue management company Reventics loses patient data in major security breach

High-risk users may be few, but the threat they pose is huge

In response to GoAnywhere attacks, Fortra says it has taken ‘multiple steps’ with customers

India-linked APT group carried out phishing attacks against government organisations in Asia

Is Pepsi Okay? Bottling Plant Suffers Malware Attack

IT Insight: Risk-based security and your business

It’s Scary Easy to Use ChatGPT to Write Phishing Emails

Lancashire County Council refers itself to Commissioner's office following data breach

LG Uplus CEO apologizes for data breach, vows to triple security budget

LockBit adds another Argentinian company among the victims of the ransomware: Grupo Albanesi

Magnet Forensics Survey Shows Evolving Cyber Threat Landscape Is Leading to Widespread Burnout

Malvertising – a new corruption

MFA bypass attacks like the one on Reddit are not ‘sophisticated’

Microsoft Exchange ProxyShell flaws exploited in new crypto-mining attack

Mirai Variant V3G4 Exploiting IoT Devices for DDoS Attacks

MKS Instruments’ breach notification includes a surprising statement to reassure those affected

Munster Technological University (MTU) data ‘can be used for fraud’

MySejahtera Data Breach Affected Three Million Users

New Mirai botnet variant has been very busy, researchers say

New Mirai malware variant infects Linux devices to build DDoS botnet

New Screenshotter Malware Campaign Targets Victims After Profiling

New Threat Actor WIP26 Targeting Telecom Service Providers in the Middle East

No relief in sight for ransomware attacks on hospitals

North Korean Hackers Use Ransomware to Fund Operations

Oakland declares state of emergency after a ransomware attack

Oakland Declares State Of Emergency After Ransomware Attack

Operations at Tallahassee Memorial are returning to normal after an 'IT issue' is resolved

Quarter of Crypto Tokens Linked to Pump-and-Dump

Ransomware attackers finding new ways to weaponize old vulnerabilities

Regal Medical Group Data Breach Explained

Researchers Hijack Popular NPM Package with Millions of Downloads

Researchers Link SideWinder Group to Dozens of Targeted Attacks in Multiple Countries

Researchers Warn of Critical Security Bugs in Schneider Electric Modicon PLCs

Russian phishing attacks flooded Ukraine, tripled against NATO nations in 2022

SAS Airlines Hit by Cyber Attack

Scandinavian Airlines says cyberattack caused passenger data leak

Security warning: Beep malware can evade detection

Surviving a Cyber Attack- Keeping Critical Data Safe

Tallahassee Memorial HealthCare resumes normal operations, but questions loom

The reason for the absurd hacking of Korea by the Chinese hacker organization...“I’m not in a good mood”

The US Government’s Open Source Security Policy Discussed

The war in Ukraine has shaken up the cyber-criminal ecosystem, Google says

Third-Party Data Breach Corrupts Medical Records at New Hampshire Hospital

Three Cases of Cyber Attacks on the Security Service of Ukraine and NATO Allies, Likely by Russian State-Sponsored Gamaredon

Tomball extends December utility payment due date following ransomware attack

Tonga Communications hit with a ransomware attack

US health giant suffers significant data breach

US, UK Join Forces to Sanction Trickbot Leaders

War brought big spikes in cyberattacks on Ukraine, NATO allies, Google says

Websites of several German airports not reachable

When It Comes to Ransomware Mitigation, Selecting the Right Negotiator Is Essential

15th February

7 Email Security Mistakes You're Making (and How to Fix Them)

10 signs that scammers have you in their sights

64% of Australia’s Top Companies At Higher Risk of Ransomware Attacks

2023's Cyber Security Forecast: The Latest Threats and Trends to Watch

A Pentester’s Guide to Strengthening Your Cloud Security Defenses

A10 Networks loses sensitive corporate data to a Play ransomware attack

Advent Health settles data breach suit for $500K

Aker Solutions’ Brazilian arm becomes a victim of cyber attack

Attack surface management (ASM) is not limited to the surface

Binance, Huobi freeze some cryptocurrency stolen in $100 million Harmony hack

Binance and Huobi freeze $1.4M in crypto linked to North Korean hackers

China Courier Shares Dip After Alleged Massive Data Breach

Chinese hacker ‘Xiao Qi-ying’ attacks 5 more domestic servers...Korea Internet & Security Agency (KISA) “Checking the hacking path”

Citrix fixes severe flaws in Workspace, Virtual Apps and Desktops

City of Oakland declares state of emergency after ransomware attack

City of Oakland in State of Emergency Due to Ransomware Attack

Clop Operators Claim to Hack 130 Organizations Using GoAnywhere MFT Bug

Combining identity and security strategies to mitigate risks

CompSource Mutual Insurance Company Reports Data Breach Affecting Thousands of Claimants

Controller-level flaws can let hackers physically damage moving bridges

Crypto-Stealing Campaign Deploys MortalKombat Ransomware

Cyber fraud incidents rising in India: how to file a complaint online on Cyber Crime portal

Cyber Warfare & National Cybersecurity in the 21st Century: Five Key Takeaways

Cyber-Attack Hits Greece’s ‘Documento’ After Report on Fraudster’s Wife

'Cybercriminal, Cheat' Russian Hacker Guilty Of Boston Stock Conspiracy

Data protection regulations aren’t enough to safeguard your data

Defending against attacks on Azure AD: Goodbye firewall, hello identity protection

Developing a successful cyber resilience framework

Do AI chatbots like ChatGPT pose a major cybersecurity risk?

Does Poor Cybersecurity Affect Healthcare?

Electromed Proposes $825,000 Class Action Data Breach Settlement

Emsisoft says hackers are spoofing its certs to breach networks

ESXiArgs ransomware has infected hundreds of new targets in Europe, researchers say

Experts Warn of 'Beep' - A New Evasive Malware That Can Fly Under the Radar

Financially Motivated Threat Actor Strikes with New Ransomware and Clipper Malware

Four cyber attack trends that mustn’t slip under your radar

Government Sanctions: No Ransomware Please, We're British

Hackers start using Havoc post-exploitation framework in attacks

Health data of 4,000 Garrison Women’s Health patients exposed in third-party security incident

Here’s why the future of security is passwordless

Hit back at ransomware attacks before they cripple your business

How Can Forex Brokers Deal with Data Breaches?

How to Secure Your Social Media Accounts

How Vital is Threat intelligence Data to a Successful Cyber Strategy?

Hyundai, Kia patch bug allowing car thefts with a USB cable

Hyundai, Kia to provide anti-theft software updates following viral TikTok challenge

Indigo Still Offline In Suspected Cyber Attack

Industrial Control Systems (ICS) Vulnerabilities Chained for Deep Lateral Movement and Physical Damage

Investigators uncover crypto scammers baiting ‘phish’ hooks on YouTube

Italy’s cyber sleuths warn of global hacking attack

January’s ‘Most Wanted’ malware

LG U+ made contact with hacker group claiming data theft

LockBit and Royal Mail Ransomware Negotiation Leaked

Management, lack of money blamed for poor cybersecurity at Canadian hospitals

Meriplex Communications Announces Data Breach Affecting Malaga Bank Customers

Microsoft fixes three zero-days in its 75-flaw February Patch Tuesday

Microsoft Patches Three Zero-Day Bugs This Month

Mobile pharmacy data breach affects 66,372 patients, including at Banner Health

Mount Saint Mary College Reports Data Breach Affecting 17,924 Students and Employees

New MortalKombat Ransomware Attack Aiming for Crypto Wallets

North Korea's APT37 Targeting Southern Counterpart with New M2RAT Malware

Oakland Declares State of Emergency Due to Ransomware Attack

Organizations fought an average of 29.3 attacks daily in late 2022

Pepsi Bottling Ventures data breach compromises names, addresses, financial information

PHI Compromised in 4 Recent Ransomware and Malware Attacks

Philadelphia Orchestra Suffers Cyber-Attack

Potential Donation Scams Around The Catastrophe In Turkey And Syria

Ransomware attack causes Oakland to declare local state of emergency

Ransomware attacks aimed at manufacturing grew by 50pc in 2022

Ransomware attacks on industrial firms jumped 87 per cent in 2022, hitting renewable energy and utilities

Ransomware Closed 2022 With a Bang, Fueled by Ransomware-as-a-Service (RaaS)

Ransomware gang uses new zero-day to steal data on 1 million patients

RedEyes Hackers Adopts New Malware, Steals Data From Devices

Regular Pen Testing Is Key to Resolving Conflict Between SecOps and DevOps

Russian hacker convicted of $90 million hack-to-trade charges

Scandinavian Airlines Hit by Cyber Attack

Scandinavian Airlines hit by cyberattack, ‘Anonymous Sudan’ claims responsibility

Scandinavian Airlines System (SAS) App and Website Hit as Attacks Target Swedish Firms

Secure 5G Networks Key for Business and Society

Securing Your Customers during a Recession

SideWinder APT Attacks Regional Targets in New Campaign

State of emergency as City of Oakland grapples with ransomware attack

Stiles Machinery detects cyber attack

Students and staff impacted by Munster Technological University (MTU) cyber attack to be contacted directly

Succession Wealth targeted by cyber-attack

The Cyber Risks Of Scaling: How To Secure Your Expanding Attack Surfaces

The four most intriguing cyberattacks of 2022

The return of ICEFALL: Two critical bugs revealed in Schneider Electric tech

The Rise of Cybercrime: Understanding Hacking Basics and Protecting Your Online Activities

The risks and benefits of starting a vCISO practice

The Truth About Why Malicious Links Get Through Security

Threat Analysis: VMware ESXi Attacks Soared in 2022

UK: Half of small businesses have suffered a cyber attack in last year

Update Now: iOS Devices Receive Vital Security Updates from Apple

Update Now: Microsoft Releases Patches for 3 Actively Exploited Windows Vulnerabilities

VMware: Ransomware Attacks Show Virtual Infrastructure Is A ‘High-Value Target’

What charities should know about ransomware and reputational threats

What’s known about the ESXiArgs ransomware hitting VMware servers

Will Cyber Insurance Cover Nation-State Attacks in 2023?

14th February

+200m American records compromised in top data broker breaches

7 steps to avoid uncoordinated vulnerability disclosure

22% of EU enterprises had ICT security incidents

Actionable intelligence is the key to better security outcomes

Adobe Plugs Critical Security Holes in Illustrator, After Effects Software

Adsense abused: 11,000 sites hacked in a backdoor attack

Airline SAS Network Hit by Hackers, Says App Was Compromised

Aker Solutions entity in Brazil subject to cyber attack

Aker Solutions Says Its Subsidiary CSE In Brazil Subject To Cyber Attack

ALPHV (BlackCat) ransomware gang claims attack on Irish university

Another New Jersey school reports cyber-attack

Another ransomware warning for healthcare providers: North Korean attacks

Anubis Malware

Apple fixes actively exploited WebKit zero-day in iOS, macOS (CVE-2023-23529)

Atlantic General Hospital reports ransomware attack, has returned to normal operations

Attacks on industrial infrastructure on the rise, defenses struggle to keep up

Binance, Huobi freeze some cryptocurrency stolen in $100 million Harmony hack

ChatGPT and more: What AI chatbots mean for the future of cybersecurity

Chinese Hackers Infiltrate South American Diplomatic Networks

Chinese Hackers Targeting South American Diplomatic Entities with ShadowPad

Chinese Threat Group Leaks Hacking Secrets in Failed Attack

City of Oakland Targeted by Ransomware Attack, Work Continues to Secure and Restore Services Safely

Cloudflare Stops Largest HTTP DDoS Attack on Record

Cloudflare thwarts largest reported HTTP DDoS attack

Cork hospital ordered to furnish documents to patient who is suing it over ransomware attack

Credit Suisse Faces Data Breach as Former Staffer Takes Employee Salary Information

Cyber attack against SAS

Cyber attack on US healthcare giant Heritage Provider Network compromises the data of 3.3 million patients

Cyber risks go beyond geopolitics

Cybercriminals Cause Heartbreak on Valentine’s Day

Data breach hits Pepsi Bottling Ventures

Data privacy: Looking back, moving forward II

Elevate Security and Cyentia Institute Release Third Annual Research Study on User Risk

Euronext publishes commodities data delayed by ION attack

Eurostar forces 'password resets' - then fails and locks users out

Glasgow Arnold Clark customers at risk after major cyber attack

Gloucester's GL1 leisure centre still suffering from city council cyber attack fallout

Hackers Are Now Using Microsoft OneNote Attachments to Spread Malware

Hackers Breach Pepsi Bottling Ventures' Network

Hackers respond to ESXiArgs ransomware decryptors with new variant malware

Healthcare giant CHS reports first data breach in GoAnywhere hacks

Healthcare Organizations Most Common Victims in 3rd Party Data Breaches

House Committees’ Inquiry into National Labs Spotlights the Threat of Spear-Phishing

How Kia and Hyundai's new software update thwarts viral TikTok car thefts

How To Allocate Your Cyber Security Budget

How to Boost Security for Enterprise Web Apps?

How to avoid online scams this Valentine's Day

If Someone Asks You to “Do Me a Favor” Over Email, Don’t Respond

Indigo website still offline nearly 1 week after cybersecurity incident

Industrial wireless IoT present risks to operational technology

In the Courts: ‘Massive’ data breach leads to British Columbia class-action lawsuit

Joker Malware

LockBit ransomware spree hits three large companies

Lokibot, AgentTesla Grow in January 2023's Most Wanted Malware List

Louisiana HBCU says personal data from 44,000 students accessed in November cyberattack

Malware that can do anything and everything is on the rise

Massive AdSense Fraud Campaign Uncovered - 10,000+ WordPress Sites Infected

Massive HTTP DDoS Attack Hits Record High of 71 Million Requests/Second

Mayor challenges data breach suit filed against Logan Health

Measuring cybersecurity: The what, why, and how

Media watchdog seeks more answers on Optus data breach

Microsoft patches three exploited zero-days (CVE-2023-21715, CVE-2023-23376, CVE-2023-21823)

More Russian Hackers Hit With Sanctions as TrickBot Ransomware Gang Members Make the List

MortalKombat ransomware found punching targets in US, UK, Turkey, Philippines

Namecheap Becomes the Target of an Email Phishing Campaign

New ‘MortalKombat’ ransomware targets systems in the U.S.

New stealthy 'Beep' malware focuses heavily on evading detection

Next-Gen: How A Security Researcher Turned EDRs Into Wipers Using 0-Day Exploits

Nigeria Data Protection Bureau says 110 companies under investigation for data breaches

Norway’s Haugesund pension fund fends off ‘terrifying’ cyber attack

NPM packages posing as speed testers install crypto miners instead

Online Fraud Aimed at Independent School Business Offices: Business Email Compromise

Operational Technology (OT) Cybersecurity Plan to Prevent the 5Ds

Patch Now: Apple's iOS, iPadOS, macOS, and Safari Under Attack with New Zero-Day Flaw

Pepsi Bottling Ventures suffers data breach following a malware attack

Posture for the year ahead

Python Developers Beware: Clipper Malware Found in 450+ PyPI Packages

Ransomware attacks creating repercussions for the insurance industry

Ransomware attacks on industrial infrastructure doubled in 2022

Reddit Confirmed a Security Breach After a Sophisticated Phishing Attack

Reddit data breach exposes internal docs, source code

RedEyes hackers use new malware to steal data from Windows, phones

RedLine Stealer Malware: The Complete Guide

Reducing Robot Process Automation (RPA) security risk

Resurrected Crypto-mixer Launders $100m in North Korean Funds

Reventics, an Omega Healthcare Company, Announces Data Breach Following Cyberattack

Risk managers voice concern over sensitive data stored by cyber insurers

Royal Mail cyber attack: International parcels still can't be sent via Post Office counters

Royal Mail refused to pay ‘absurd’ LockBit ransom, chat logs say

Royal Mail turned down £66m ransom demand from Lockbit hackers

Russian hackers disrupt earthquake aid missions in Syria and Turkey

Russian with alleged ties to Putin convicted in hack-and-trade scheme

Scam Alert: Got WhatsApp Message From Your Boss or CEO? Think Twice Before Responding

Security Service of Ukraine and NATO Allies Potentially Targeted by Russian State-Sponsored Threat Actor

Spanish Police Bust €5m Phishing Gang

Spanish Police Bust Phishing Ring That Defrauded Thousands

Teijin Automotive Technologies Files Notice of Data Breach Affecting Over 25k Employees

The rise in threat actor activity against federal agencies

Threat Actors Turn to Adversary-in-The-Middle (AiTM) to Bypass MFA

Tonga is the latest Pacific Island nation hit with ransomware

Trend Micro 2023 Cybersecurity Predictions: A Year of Caution and Adaptation

Two-Thirds of MSSPs Say Customers Have Asked for Dark Web Threat Intelligence as Demand Surges in US and UK

UMass Memorial Health Center Resolves Healthcare Data Breach Lawsuit With $1.2M Settlement

Vidar, nJRAT re-emerge as prominent malware threats in January

What healthcare providers should do after a data breach

What is attack surface management?

What Is the CIA Triad and Why Is It Important?

What Is Triple Extortion Ransomware? Here's How to Prevent It

Why Keeping Your Gaming Console Secure Should be a Priority in 2023

Why Secure Email Gateways Fall Short

Xavier University of Louisiana Announces Data Breach Affecting 44,312 Individuals

13th February

$1.3 billion lost by 70,000 Americans to romance scams last year

$3 Million Settlement Proposed to Resolve 20/20 Eye Care Network Data Breach Lawsuit

451 PyPI packages install Chrome extensions to steal crypto

All but Florida, South Dakota apply for federal cyber grants allocated by infrastructure bill

Apple fixes new WebKit zero-day exploited to hack iPhones, Macs

California healthcare organizations alert 3 Million patients of a ransomware attack in December

Chinese Hackers Keep Targeting Group-IB Cybersecurity Firm

Chinese Tonto Team Hackers' Second Attempt to Target Cybersecurity Firm Group-IB Fails

City of Oakland, Irish and Israeli universities suffer ransomware attacks

Cloudflare blocks record-breaking 71 million RPS DDoS attack

Cloudflare says it stopped largest DDoS attack on record

Common Phishing Scams That Criminals Use to Steal Your Identity

Cyber attack forced Canada's largest bookstore chain to shut website, accept only cash payments

Cyber criminals using ChatGPT to create malware, do phishing

Cybercriminals exploit fear and urgency to trick consumers

Cybersecurity Experts Warn Against Valentine's Day Romance Scams

Data Breach: Overcoming a Critical Cyber Threat as it Becomes More Common

Democratic People’s Republic of Korea (DPRK) Ransomware Group Targets Healthcare Sector, Agencies Say

DHL, MetaMask phishing emails target Namecheap customers

Do Retail Forex Brokers Take Cyber Security Seriously Enough?

Does a VPN protect you from hackers?

Edmonds schools restore internet following data breach, warn of possible ID theft

Email, collaboration tools top targets as South Africa braces for new year of cyberattacks

Ensure Business Continuity with a Purpose-built Data Protection Solution for HCI (Hyperconverged Infrastructure)

Evolving cybersecurity threats require modern defences

Four trends shaping the 2023 cyber threat landscape

Galway Credit Unions urges public to be vigilant following SMS phishing scam

Group-IB Blocks Attack By Chinese Tonto Team Hackers

Hacker Reveals Microsoft’s New AI-Powered Bing Chat Search Secrets

Hackers Aim at Crypto Wallets with Hacked Namecheap Phishing Emails

Hackers Create Malicious Dota 2 Game Modes to Secretly Access Players' Systems

Hackers hijack Namecheap's email platform to phish its customer base

Hackers target Valentino, Michael Kors, and Creed fashionistas

Hackers Targeting U.S. and German Firms Monitor Victims' Desktops with Screenshotter

Honeypot-Factory: The Use of Deception in ICS/OT Environments

How cybercriminals use phishing and other tricks to hack smartphones

How To: Maximize Security ROI Amid an Economic Downturn

How to defend your business against common hacking techniques

How To Protect Against AI-Based Email Security Threat Vectors

How to respond to a cyber attack to minimise damage

India: Cyber attacks on govt department rising; 151 hacking, 492 phishing cases in 3 years

Information overload is a key barrier to effective threat intelligence, says Mandiant

Israel’s top tech university postpones exams after ransomware attack

Lazarus hackers use new mixer to hide $100 million in stolen crypto

Majority of Firms Make Cybersecurity Decisions Without Attacker Insight

MetaMask Sounds The Alarm: Hacker Impersonates Namecheap In Phishing Scam

MetaMask users targeted in Namecheap email scam

MoneyGram Fraud Victims Get $115m in Compensation

Mount Saint Mary College confirms ransomware attack in December

Namecheap Customers Flooded with Phishing Emails

Namecheap denies system breach after email service used to spread phishing scams

Namecheap Emails Hacked To Send Phishing Email

Pepsi Bottling Ventures suffers data breach after malware attack

Philadelphia Orchestra, Kimmel Center websites down after cyberattack cripples ticket sales

Play Ransomware Group Claims Attack on A10 Networks

Proposed SMS registry could block scams that cost Australians more than $1 million a day

Ransomware hits Technion university to protest tech layoffs and Israel

Reddit on data breach: ‘As we all know, the human is often the weakest part of the security chain’

Reimagining zero trust for modern SaaS

Researcher says PokerBaazi exposed users’ information, platform denies data breach

Researchers Uncover 700+ Malicious Open Source Packages

Royal Ransomware Deep Dive

Russian hackers ‘disrupt Turkey-Syria earthquake aid’ in cyber attack on NATO

Several NATO websites suffer cyber attack

Social security numbers exposed in New Jersey school district data breach

Spain, U.S. dismantle phishing gang that stole $5 million in a year

SynSaber Report Brings More Context to Industrial Control Systems (ICS) Security

The Breaches and Threat Actors that Defined 2022

The State of Threat Detection and Response

Trickbot Hacking Group Jointly Sanctioned By the US and Britain

Typosquatting: Legit Abquery Package Duped with Malicious Aabquerys

Under pressure – how can CISOs avoid burnout in the face of ransomware?

Understand ransomware payment risks before incidents happen, says expert

Vulnerabilities open Korenix JetWave industrial networking devices to attack

Warning: Watch out for new fake emails using Martin Lewis' name and MoneySavingExpert.com (MSE) branding - they're a scam

Weee! grocery store data breach affects 1.1 Million customers

What was the extent of damage in a recent cyber attack on India’s top medical institute in Delhi?

When Will the First ChatGPT-Based Cyberattacks Launch?

Why Are Small Businesses At Highest Ransomware Risks

Wormhole hacker moves another $46M of stolen funds

Wormhole hacker Reactivates, moves $46 million stolen funds