Editor's Message

Welcome to DBD. On March 8th we celebrated our 4th Anniversary and the 1st Anniversary of our PRiSM application, officially endorsed by the SANS Institute. Despite recent personal issues that have impacted the amount of time I have been able to dedicate to both projects, I have been doing my best to keep everything as up-to-date as possible, and I would like to take this opportunity to thank everyone for their patience and support whilst I navigate through this very difficult time. Stay safe. :)

Monday 20 March 2023

Data Breaches Digest - Week 12 2023

Welcome to this week's Data Breaches Digest, a catalogue of links concerning Data Breaches and Cyber Security that were published on the Internet during the period between 20th March and 26th March 2023.

26th March

As the housing market remains tight, experts say real estate fraud has spiked in the US

Bangladesh: Government grapples to measure damage

Bangladesh: No ransom demanded in Biman cyber hack incident

ChapGPT users data exposed due to bug

Cyber Fraudsters Are Using ChatGPT For Phishing Attacks

Detecting ChatGPT Phishing on Social Media with the Help of DNS Intelligence

Dubai ‘not immune’ to ransomware attacks

Easily protect yourself from Instagram scams: Best 6 ways

Emotet malware distributed as fake W-9 tax forms from the IRS

FBI: Business email compromise tactics used to defraud U.S. vendors

Hidden hacking danger in e-waste sold second-hand by major companies

India: 7 held for scamming US citizens from illegal call centre in Agra

Italy: Hacker attack on ministries, postal police sites fails

Lloyd’s of London says its controversial cyberwar exclusions could hit profits

Malta: APS Bank warns customers to be cautious after reports of phishing scams

New Backdoor Attack Uses Russian-Ukrainian Conflict Phishing Emails

Pakistan: Cyber warfare & maritime security

Phishing Users On Their Mobile Devices

Qatar: National Cyber Security Agency (NCSA) Warns Against Ramadan Phishing Campaigns

Singapore: Over 400 assisting police for alleged involvement in scams that cost victims more than $10.9m

This hacker attack steals your Gmail emails with a browser extension

US authorities arrest founder of world's largest hacker forum

Why Cybersecurity Is a Critical Component of Environmental, Social, and Governance (ESG) Frameworks

25th March

9 Ways to protect yourself from Emails Phishing

Arbitrum Discord hacker shares phishing announcement amid airdrop hype

Are passwords and password managers still fit for purpose? And are the alternatives any better?

Can Someone Hack Into Your Phone By Calling You?

Clop GoAnywhere Attacks Have Now Hit 130 Organizations

Don't fall for this new round of iCloud support scam emails

Euler Finance Hacker Sends 51,000 Stolen Ether Back to Protocol

Experts Raise The Alarm Against Malicious Google Chrome Extensions That Enable Hackers To Steal Gmail Messages

Fans of third-party YouTube apps should watch out for Nexus banking malware

Here’s How Scammers Adapted to Crypto Winter

How AI changing cybersecurity landscape in education

How Albania Became a Target for Cyberattacks

How to Protect yourself From One-Time Password (OTP) Fraud

How to spot a scam email: five tell-tale signs to look out for

Hyderabad: Investigation underway in massive data breach case

Inaudible ultrasound attack can stealthily control your phone, smart speaker

Incidents of ransomware in Africa/Middle East have dropped, but attackers continue to innovate

IPH sets up new network after cyber attack

IRS Urges Those Hoping To Help To Beware Of Scammers Using Fake Charities

Israel: New phishing scam uses fake police ID cards to target victims

Jigsaw Ransomware: What Is It and Are You at Risk?

Massive Crypto Crime Wave Uncovered: The Jaw-Dropping Truth Behind Billions In Hacks And Scams

Microsoft pushes OOB security updates for Windows Snipping tool flaw

Microsoft Warns of Stealthy Outlook Vulnerability Exploited by Russian Hackers

New Dark Power ransomware gang hits 10 victims in its first month

OpenAI admits data breach at ChatGPT, private data of premium users exposed

OpenAI Reveals Redis Bug Behind ChatGPT User Data Exposure Incident

Ransomware event affects US Marshalls Service

Security experts: Russia may be behind the attack on elderly care

Sun Pharma Hit by Infamous Ransomware Group ALPHV BlackCat - Threats to Release Sensitive Data!

U.K. National Crime Agency Sets Up Fake DDoS-For-Hire Sites to Catch Cybercriminals

What is Doxing and how to avoid it

What Is The Dark Web? What You Need To Know About This Shady Part Of The Internet

24th March

5 steps organizations can take to counter IAM threats

6 Common MFA Mistakes Made by Enterprises

10% of Organizations Had a Security Breach in the Past Year

20-year-old founder of 'major hacking forum' arrested

92% of organizations were victim to phishing in the past 12 months

A 2023 Guide to Secure Cloud Deployment for Improved Application Security

After another 5 lawsuits, hospitals bear brunt of data breach litigation

After University of Wyoming campus suffers phishing scam, IT issues safety reminders

All US taxpayers must check Gmail or Outlook right now – search for key phrase that could leave your bank empty

Attackers capitalise on GPT-4 hype with crypto scam

Australian police arrest four BEC actors who stole $1.7 million

Banks must improve cybersecurity as attacks rise

Beware Of Loan Scams In the Era Of Rising Prices And Interest Rates

Beware the Network Security Breaches Caused by Carelessness

'Bitter' espionage hackers target Chinese nuclear energy orgs

British hospital investigating impact of ‘contained’ cyber incident

Can generative AI change security?

Can Your Business Automate Its Ransomware Response?

Car dealers' data obsession has cybercriminals circling

ChatGPT Bug Exposed Payment Details of Paid Users

ChatGPT Suffers First Data Breach, Exposes Personal Information

Check your iPhone texts right now – Apple warns millions to take screenshot that could prevent ‘bank raid’

CISA Gets Proactive With New Pre-Ransomware Alerts

CISA gives ransomware victims a heads-up

CISA releases free tool for detecting malicious activity in Microsoft cloud environments

CISA unleashes Untitled Goose Tool to honk at danger in Microsoft's cloud

CISA Unveils Ransomware Notification Initiative

Critical WooCommerce Payments Plugin Flaw Patched for 500,000+ WordPress Sites

Cybercriminals Pose a Growing Threat to Health Care Providers

Cyberspace: The new dominant realm of national security

Dark Web Intel Underutilized by CISOs, Diminishing Healthcare Cybersecurity

Device Maker Zoll Facing 7 Lawsuits in Wake of Breach

DevSecOps puts security in the software cycle

Department of Justice (DOJ) says ‘millions’ of US citizens victimized by BreachForums administrator

Dish customers struggle with service disruptions weeks after ransomware attack

DNS Tunneling: A Guide to Detection and Prevention

Dole confirms employee data was breached following February ransomware attack

DVLA warning to drivers over 'copycat' websites charging money for free services

European Banks to Run Cyber Stress Tests As European Central Bank (ECB) Notes Rise in Cyber Attacks

Even after armed with defense tools, CISOs say successful cyberattacks are ‘inevitable’

FBI confirms access to Breached cybercrime forum database

FBI, CISA + MS-ISAC Warn of LockBit 3.0 Ransomware

FBI, CISA investigating cyberattack on Puerto Rico’s water authority

Food giant Dole admits employee data breach in February ransomware attack

Fortra told breached companies their data was safe

GitHub Swiftly Replaces Exposed RSA SSH Key to Protect Git Operations

GitHub Updates Security Protocol For Operations Over SSH

GitHub.com rotates its exposed private SSH key

Greek National Intelligence Agency Targets Meta’s Former Cybersecurity Chief in Cyber Attack

Hacker demonstrates security flaws in GPT-4 just one day after launch

Hackers are stealing Gmail messages — delete this extension right now

Hacking Forum “BreachForums” Alleged Owner Pompompurin Arrested and Charged With Cybercrime

How Businesses Can Defend Against Evolving Phishing Attacks

How the FBI caught the BreachForums admin

IBM tasks organizations in Middle East, Africa to proactively manage security risks, evolving cybercrime tactics

Imperial College launches investigation into February cyber attack

India: Massive Data Breach Leaks Details Of 16.8 Crore Citizens; Defence Personnel, NEET Applicants Among Victims

IPH systems restored following last week’s cyber attack

IRS Phishing Emails Used to Distribute Emotet

It’s not just Windows that gets malware

Journalist Targeted in USB Drive Bombing Attack

Justice Department Announces Arrest of the Founder of One of the World’s Largest Hacker Forums and Disruption of Forum’s Operation

Kordia uncovers truth of cyber crime in New Zealand

Kroger Postal Prescription Services Files Notice of Data Breach Impacting 82,466 Consumers

Latitude Financial breach widens across Australia and New Zealand

Lawmakers Warn of Cyber Threat Posed by Beijing, Moscow to Energy Sector

Linus Tech Tips hacked by crypto scammers

LockBit 3.0 ‘Black’ attacks and leaks reveal wormable capabilities and tooling

LockBit joins Play ransomware gang in claiming credit for a cyber attack on the City of Oakland

Maersk says posted data is not current and not from attack by hackers

Malicious ChatGPT Extensions Add to Google Chrome Woes

Malicious Python Package Uses Unicode Trickery to Evade Detection and Steal Data

McDonald’s, USPS, MetaMask, and WeTransfer – Top Phishing Scams of the Week

Microsoft Exchange and Log4j continue to be top points of compromise

Microsoft shares tips on detecting Outlook zero-day exploitation

Modern Cybersecurity Problems Need Next-Gen PAM Solutions

Mount Chambers Surgery Braintree suffers data breach

New legislation to enhance New Jersey cybersecurity protections

New phishing method leverages iCloud, PayPal, Google Docs and other services to send over 40k attacks in 2 months

New Zealand: More than half of Kiwi businesses hit by cyber-attack last year

OpenAI: ChatGPT payment data leak caused by open-source bug

OpenAI’s GPT-4 used as bait to launch phishing campaigns

Operational Technology (OT) Cybersecurity and the Self-Defending Manufacturing Floor

Our Lady of the Lake hit by cyberattack; victims say hackers got Social Security and other data

Pension Protection Fund confirms employee data exposed in GoAnywhere breach

Personal, medical data compromised in Community Health Systems breach affecting 1 million

Philadelphia warns citizens against tax-based phishing attacks

Phishing, Brute Force Attacks Rise in Expanded Threat Landscape

Procter & Gamble confirms data theft via GoAnywhere zero-day

Protecting CISOs from criminal charges

Qilin’s hefty ransom cuts on $3m payouts revealed by undercover sting

Ransomware attack targets Shoreline Community College

Ransomware Attacks Increased by More Than 51% in February

Ransomware cases saw a 26% year-over-year decline

Ransomware Forces Shoreline Community College to Go Remote

Researchers Uncover Chinese Nation State Hackers' Deceptive Attack Strategies

Safety Net: Small businesses squeezed by cybercrime costs, proposed push to report attacks

Security Flaws Cost Fifth of Execs Business

Security leaders discuss CISA access management best practices

Sobeys parent company reeling from cyber attack

South Africa: Sentencing proceedings halted after man convicted of Experian data breach fails to appear in court

South African Revenue Service (SARS) warns of scam targeting taxpayers – this is what it looks like

Spain: The other war of cyber-attacks that worries everyone

Stolen Minneapolis Public Schools data released online, may contain SSNs

Streaming Platform Giant Lionsgate Exposes Over 37 million Users’ Data

SundaySky Inc. Notifies 37,095 Consumers of Recent Data Breach

The Philippines: Pinoys ‘cyber harassed’ 20x more in 2022

These next-level phishing scams use PayPal or Google Docs to steal your data

Thousands of Arbitrum (ARB) Airdrop Winners Controlled by Hackers and Sybil Attackers

Tolland town meeting hacked with racist language, dancing naked man, official says

Top identity theft scams to avoid

Top ways attackers are targeting your endpoints

UK creates fake DDoS-for-hire sites to identify cybercriminals

UK National Crime Agency reveals it ran fake DDoS-for-hire sites to collect users’ data

UK Pension Protection Fund latest victim of GoAnywhere hack

UK’s National Crime Agency (NCA) infiltrates cybercrime market with fake DDoS sites

US Charges 20-Year-Old Head of Hacker Site BreachForums

Use zero-trust data management to better protect backups

Washington County Sheriff’s Office back to normal after cyber attack

Web3 security issues persist despite plans to be more resilient than Web2

What cyber attack risks do the railways face?

What Is Double Spending in Blockchain and How Is It Prevented?

What is ransomware?

Wisconsin court system affected by DDoS incident

Wisconsin court system computer network targeted in cyber attack

With cyber criminals more organized and sophisticated than ever, security professionals developing new measures to stay ahead of attackers

WooCommerce Patches Critical Plugin Flaw Affecting Half a Million Sites

Worldwide manhunt: Russian hacker network wanted by arrest warrant and bounty – it also attacked Germany

Zoom Zoom: 'Dark Power' Ransomware Extorts 10 Targets in Less Than a Month

23rd March

10 Ways You Can Ensure Privacy And Security On The Internet

20% of Ransomware Attacks Involve Victim Harassment

2023 Cybersecurity Maturity Report Reveals Organizational Unpreparedness for Cyberattacks

82,000 Kroger Customers Impacted By Healthcare Data Breach

A closer look at Transportation Security Administration’s new cybersecurity requirements for aviation

A common user mistake can lead to compromised Okta login credentials

A detailed look at Silicon Valley Bank (SVB) phishing attacks

Arctic Wolf Annual Threat Report Highlights Broad Attacks and Innovative Tactics Become the Norm in Tumultuous Cybercrime Landscape

Associates in Dermatology Patients Affected by Business Associate Ransomware Attack

Beware of Phishing Scams 3.0 - The email you receive might not be from who you think it is

Billions of Android and iPhone users warned to delete messages immediately after ‘bank-draining’ attack alert

Blackbaud Inc. to Pay $3 Million to SEC for Alleged Misleading Disclosures in 2020 Ransomware Attack

BlackGuard stealer now targets 57 crypto wallets, extensions

Businesses Must Move Beyond the Reactive Approach to Cybersecurity

ChatGPT bug leaked users' conversation histories

Chico bank suffers data breach after February cyber attack

China-Aligned "Operation Tainted Love" Targets Middle East Telecom Providers

CISA Wants You To Report Anything You Know About Ransomware Activity

City of Toronto and Virgin confirm hackers accessed data through file transfer systems

City of Toronto confirms data theft, Clop claims responsibility

CloudPanel installations use the same SSL certificate private key

Cyber attack disrupts Spanish medicine distribution

Cyber threats to EU transport sector sends urgent call for enhanced cybersecurity

Despite malware attack, email IDs related to airline activities functioning: Biman

Digital fraud surpasses pre-pandemic levels

Emerging Chatbot Security Concerns

Epidemic of Insecure Storage, Backup Devices Is a Windfall for Cybercriminals

Exploit released for Veeam bug allowing cleartext credential theft

Fake ChatGPT Chrome Browser Extension Caught Hijacking Facebook Accounts

Fake ChatGPT Extension Hijacks Facebook Accounts

Fake ChatGPT for Google extension hijacks Facebook accounts

Ferrari Hits a Roadblock as Cyber Criminals Hold it to Ransom

Ferrari refuses to pay hackers in cyber ransom plot

Four Best Practices For Sustaining A Culture Of Security

Frustrated Dish customers still spending hours on hold weeks after ransomware attack

German and South Korean Agencies Warn of Kimsuky's Expanding Cyber Attack Tactics

Getting Ahead of the Ransomware Epidemic: CISA’s Pre-Ransomware Notifications Help Organizations Stop Attacks Before Damage Occurs

GRS Roadstone warns staff following cyber attack

Hacked off: banks demand answers after Ion cyber attack

Hackers access Dole employee data in ransomware attack

Hackers unleash cyber attack on mining group Rio Tinto

Hong Kong regulator to further amend rules on personal data protection

How scammers use social media and other online platforms to lure victims

How should businesses avoid a ransomware attack?

How to enhance the cybersecurity of operational technology environments

How to protect your money and assets from cyber security risks in Australia

Human Intelligence (HUMINT) in Cybersecurity

India: In massive data breach, details of 168 million citizens, defence staff leaked

Iran-linked incidents spurred Cyber Command to send 'hunt forward' team to Albania

Irish Food Giant Dole Admits Employee Data Breach

Is Trafficking in Hacking Information a Crime?

Kaspersky Exposes Phishing Attack Trend in Africa

Kenworth Adjusts after Parts Manufacturer Hacked by Ransomware

Kids tech camp iD Tech still silent weeks after data breach

Latest FBI IC3 Report Reveals BEC and Crypto Scams Top the List of the $10.3 Billion Losses in 2022

Latitude Financial notifies insurers over malicious cyber attack

Latitude Financial Services Data Breach Leaked Customer Data From Two Service Providers

Malicious ChatGPT Chrome Extension Hijacks Facebook Accounts

Malware affected server was isolated following the attack: Biman

Massive adversary-in-the-middle phishing campaign bypasses MFA and mimics Microsoft Office

Microsoft fixes Acropalypse privacy bug in Windows 11 Snipping Tool

New Android Botnet Nexus Being Rented Out on Russian Hacker Forum

New Post-Exploitation Attack Method Found Affecting Okta Passwords

New Zealand: Online scammers cost Kiwis a record $20m last year

Nexus: A New Rising Android Banking Trojan Targeting 450 Financial Apps

North Korean Hacker Attempts To Phish Euler Finance Exploiter Via Encrypted Message

Oak Ridge city officials explain how cyber attack impacts customers

Olympia Schools Investigating Recent Cyber Attack

Only 6% of Australia and New Zealand (ANZ) businesses alerted of breach and data loss

OpenAI’s GPT-4 used as bait to launch phishing campaigns

Operation Soft Cell: Chinese Hackers Breach Middle East Telecom Providers

Preventing 2022’s Application Security Fails: What We Can Learn

Python info-stealing malware uses Unicode to evade detection

Ransomware Protection Cost Analysis: How Much Will Security Cost?

Red Canary's Threat Detection Report Reveals Top Threats and Techniques Used by Cybercriminals

Role Of Security Compliance In Mitigating Cyber Threat

Scammers’ latest trick: Getting you to open a OneNote document

SharePoint Phishing Scam Targets 1600 Across US, Europe

Sint Maarten: NV GEBE files case against investigators of cyber-attack

Small firms face same risk from hackers as bigger counterparts, travel warned

SMB security: preventing phishing attempts

Stop using your browser's built-in password manager. Here's why

Tennessee city hit with ransomware attack

The Access Transaction As The Building Block Of IT

Three things businesses should know about ransomware attacks

Top 5 security risks for enterprise storage, backup devices

Top Data Breaches in 2022 and 2023 Point to Increases in Phishing and Ransomware

Transport and logistics in Europe pushed to beef-up cybersecurity

UK Government Sets Out Vision for NHS Cybersecurity

US cyber officials make urgent push to warn businesses about vulnerabilities to hackers

Using Deception to Learn About Russian Threat Actors

Virgin Group added to Cl0p gang’s victim leak site

Walsall Healthcare NHS Trust dealing with aftermath of 'cyber attack'

What cyber attack risks do the railways face?

What Is Doxware and Is It Dangerous?

What Shell, Hitachi, and Rubrik attacks reveal about Cl0p

Why Zero Trust Is Necessary In The Fight Against Ransomware

WordPress force patching WooCommerce plugin with 500K installs

22nd March

9 Million customers affected in AT&T data breach

80% of security leaders predict increase in cybersecurity automation

92% of Organizations Fell Victim to Phishing in Last 12 Months

Agriculture the Second-Largest Target for Cyber Criminals

AI-themed project riding ChatGPT wave steals over $1M from users

Attackers Are Probing for Zero-Day Vulnerabilities in Edge Infrastructure Products

Australia: Energy industry is now one of major targets for cyber attack

Australia: Health worker sacked over 'serious breach' of patients' privacy as ACT government investigates data misuse

Average enterprise storage/backup device has 14 vulnerabilities, three high or critical risks

Bangladesh: Probe begins into ransomware attack on Biman's email server

Banks, Financial Industry Hit by Rising Ransomware Attacks

Billions of Gmail and Outlook users given ‘red alert’ over dangerous AI ‘hiding in your inbox’ – it’ll take everything

Biman's email server hacked for five days, probe opens

BreachForums Administrator Baphomet Shuts Down Infamous Hacking Forum

BreachForums Shuts Down After Admin's Arrest

Bridging the cybersecurity readiness gap in a hybrid world

Canada: Health-care officials bracing for even more cyberattacks

Circle Executive’s Twitter Account Hacked to Promote Fake USDC Airdrop

CISA Alerts on Critical Security Vulnerabilities in Industrial Control Systems

CISA and NSA Enhance Security Framework With New IAM Guide

CISA revises cybersecurity performance goals

CISA, NSA push identity and access management framework as risks grow

Class Action Lawsuit Filed Against Cardiovascular Associates Over 441K-Record Data Breach

Clop ransomware gang lists luxury brand retailer Saks Fifth Avenue as a victim

Cloud Malware: Types of Attacks and How to Defend Against Them

Companies vulnerable to cyber-attack via suppliers

Convergent Outsourcing, Inc. Files Notice of Data Breach That Leaked Consumers’ SSNs

Cyber insurance carriers expanding role in incident response

Cybersecurity Developments and Legal Issues

Cyprus: Land Registry portal offline until mid-April

Daily QR scan scams phishing users on mobile devices

Darkweb Cryptocurrency Mixer ChipMixer Shut Down for Allegedly Laundering $3 Billion Worth of Crypto

Data reportedly stolen as Dutch ship monitoring company hit by cyber-attack

Days After Missed Ransomware Deadline, Stolen Minnesota Schools’ Files Appear Online

Dole discloses employee data breach after ransomware attack

Email, phone calls, and apps like Slack are vulnerable to ransomware

Enhance security while lowering IT overhead in times of recession

EU cybersecurity agency reports on threat to rail

Exploring The Opportunities Of Generative AI For Improving Security Operations

Facebook accounts hijacked by new malicious ChatGPT Chrome extension

February 2023 Healthcare Data Breach Report

Ferrari Data Breach: The Industry has its say

Ferrari falls victim to ransomware attack

Ferrari Has Been Hit by a Cyberattack That Exposed Customer Data, and the Hacker Is Demanding Ransom

Fraud Prevention Tip: Choose Credit Over Debit for Online Purchases

Fresh wave of Russian cyberattacks on Italian sites

Google Suspends Chinese E-Commerce App Pinduoduo Over Malware

Google Suspends Chinese Shopping App Pinduoduo Over Malware Concerns

Hackers Are Actively Exploiting Unpatched Adobe ColdFusion

Hackers are Increasingly Targeting Auto Dealers

Hackers inject credit card stealers into payment processing modules

How ChatGPT Can Help You Improve Your Phishing Incident Response

How Cyber-Criminals are Circumventing Multifactor Authentication

How to combat hardware Trojans by detecting microchip manipulations

IBM Report: Ransomware Persisted Despite Improved Detection In 2022

India second most targeted country by ransomware in APAC and Japan region

Indigenous health organisation says personal details of 8,000 people accessed in cyber attack

Israel: Here's how to protect yourself from Anonymous cyberattacks next week

Journalists Targeted by USB Drives That Explode When Inserted Into PCs

Just 1% of Dot-Org Domains Are Fully DMARC Protected

Latest cyber security threats in Africa revealed

LockBit 3.0 can now dismantle malware detection, Feds warn

Luxury car maker Ferrari says hackers stole customers' personal data, demanded a ransom

Malaysia Experienced 37% More Ransomware Attacks in 2022, and That’s Pretty Worrying

Massive Data Breach at Healthcare Provider ILS Compromises Millions of Patients

McDonald's Korea fined 696 million won for breach of customers' personal data

Medusa group publishes data stolen from Minneapolis Public School after ransom deadline expires

Michigan's Lansing Community College forced to cancel classes following a disruptive cyber attack

Microsoft investigating reports of ‘aCropalypse’ image-crop vulnerability in Windows

Most Fortune 500 Firms Were Victim of Phishing in Last Year

NAPLISTENER: New Malware in REF2924 Group's Arsenal for Bypassing Detection

New Android Banking Trojan 'Nexus' Promoted As Malware-as-a-Service (MaaS)

New data-stealing malware targets state entities in Russia-occupied Ukraine

New hacker attack in Italy, the website of the Ministry of Transport has been taken offline

New Kaspersky Tool Allows for Decryption of Conti Ransomware

New victims come forward after mass-ransomware attack

New Zealand: New ASB Netcode scam adds to flurry of recent bank cons

North Korean APT group ‘Kimsuky’ targeting experts with new spearphishing campaign

North Korean hackers using Chrome extensions to steal Gmail emails

Oakland finds no evidence of second ransomware attack despite LockBit claims

Palo Alto Networks - ransomware is becoming more aggressive

Partisan suspects turn on the cyber-magic in Ukraine

Phishing Detection & Prevention: What Businesses Should Know

PoC exploits released for Netgear Orbi router vulnerabilities

Preventing Insider Threats in Your Active Directory

Pro-Russian hackers once again attack Italian government websites

Ransomware attack exposed Ferrari customer data

Ransomware Attack Hits Ship-Tracking Firm Royal Dirkzwager

Ransomware Attacks Double in Europe's Transport Sector

Ransomware attacks in Philippines rise by 57.4% in 2022

Ransomware Gang Publishes Data Allegedly Stolen From Maritime Firm Royal Dirkzwager

Remote patient monitoring devices’ major privacy concerns

Rogue NuGet Packages Infect .NET Developers with Crypto-Stealing Malware

Royal Mail-owned logistics company GLS hit by infostealing cyberattack

Scammers use GPT-4 launch to send phishing emails and steal crypto

ScarCruft's Evolving Arsenal: Researchers Reveal New Malware Distribution Techniques

Securities and Exchange Commission (SEC) Proposes Data Breach Notification and Incident Response Requirements

Security Researchers Spot $36 Million BEC Attack

ShellBot DDoS Malware Targets Linux SSH Servers

Ship Monitoring Firm Experiences Cyber Attack

Six Reasons Why Cybersecurity Pros Need the “Human Element”

Skylink hit by hacker attack

Stung by Free Decryptor, Ransomware Group Embraces Extortion

Sunland Asphalt and Construction, LLC Reports Data Breach Affecting 7,884 Individuals’ Personal Information

Surge in compromised credentials highlights rampant cyber hygiene failings

Tax season 2023: IRS warns of phishing email and text scams regarding refunds

The REvil Gang Story: The “Good Guys” Can Still Prevail

The role of cyber negligence in insider threats

Too many enterprises have shadow IT – unlocked doors with no cameras

UAE jobs: Over 2,400 fake listings targeting Arabic speakers uncovered

UC San Diego Health Discloses Healthcare Data Breach Stemming From Vendor Pixel Use

UK issues strategy to protect National Health Service from cyberattacks

Uncharted Territory: Managing The New Security Risks Of Connected Cars

Understanding Social Engineering in Cybersecurity: How to Stay Protected

USDC issuer Circle issues warning about hacked executive account

Visa uncovers the dark side of token bridges – What to know

Vulnerability in Crypto ATMs Allowed Hacker to Drain $1.5 Million

Weak Passwords Offer Easy Access to Enterprise Networks

What Are Reconnaissance Attacks and How Do They Work?

What do you do if a hacker takes over your ship?

What lawyers need to know about the Latitude cyber-attack

Why the employee factor in IT security is vital to protecting your company’s data

Why You Don’t Need 300 Gbps DDoS Simulation Tests

Windows 11 and 10’s Snipping Tools Vulnerable to Data Exposure

Xfinity Data Breach: How It Happened (and Are You Affected?)

You Need To Turn Off Wi-Fi Calling If You Have These Phones Or You’ll Get Hacked

21st March

2022 witnessed a drop in exploited zero-days

Associate of ‘Cryptoqueen’ fraudster arrested and brought to US

At least 17 members of Congress had sensitive information exposed in data breach

Australia: More Aussie employees receiving security training

Barracuda reveals three novel tactics being used by attackers in phishing

Blackbaud Settles With Securities and Exchange Commission (SEC) For $3M On Donor Data Breach

Braintree GP surgery warns of data breach after ‘confidential’ information blows across roads

Breach Forums to Remain Offline Permanently

Breached hacking forum shuts down, fears it's not 'safe' from FBI

BreachForums owner Pompompurin arrested by the FBI

BreachForums says it is closing after suspected law enforcement access to backend

ChatGPT Bug Exposes Conversation History Titles

CISA Announces Launch of Ransomware Prevention Initiative

Clop ransomware claims Saks Fifth Avenue, retailer says mock data stolen

Coinbase Wallet 'Red Pill' flaw allowed attacks to evade detection

CommonMagic Targets Entities in Russo-Ukrainian Conflict Zone

Crypto ATM Manufacturer General Bytes Suffers $1.5m Bitcoin Theft

Cyber attack on DC Health Link compromised the data of US House and Senate members

Cyber attack on Tanbridge House School in Sussex locks staff and students out of their systems

Cyber Warfare is Upon Us: Why the Next Generation of ‘War Games’ so Important

Cybercriminals using novel phishing tactics to get their target

Cybersecurity Leaders Stressed Over Email Security

Cybersecurity Risk Quantification: A New Way to Understand Risks

Data backup, security alerts, and encryption viewed as top security features

Data Breach At ChatGPT? Users Report Seeing Unknown Conversations On Their Screens – Here's What Happened

Data breach leak site BreachForums shuts down

DNA Diagnostics Center Settles Data Breach with Ohio and Pennsylvania Attorneys General

Euler Finance hacker sends message to an Ethereum address belonging to the DeFi platform

Euler Finance receives message from hacker via Ethereum, but no clarity yet

Expert speaks out after City of Allen Park hit with ransomware attack

Experts warn of healthcare sector cybersecurity risks

FBI Internet Crime Complaint Center (IC3): Victims Racked Up $10.3B in Losses Tied to Internet Crime Last Year

Feds Release Updated Threat Intelligence on LockBit 3.0 Ransomware

Ferrari data breach: Client data exposed

Ferrari Discloses Ransomware Attack; Refuses to Pay Ransom

Ferrari Hacked – Attackers Stolen Payment Data & Demand For Ransom

Ferrari hit by data breach and ransom demand: says no impact on operations

Ferrari rejects ransom demand after cyber attack

Ferrari Reveals Data Breach Ransom Attack

Ferrari says ransomware attack exposed customers’ personal data

Ferrari victim of extortion by anonymous hacker collective

Ferrari working with law enforcement after ransom demand from cybercriminals

From Ransomware to Cyber Espionage: 55 Zero-Day Vulnerabilities Weaponized in 2022

General Bytes Bitcoin ATMs Hacked to Steal Funds

Hacker tied to D.C. Health Link breach says attack ‘born out of Russian patriotism’

Hacker vs. Hacker: North Koreans Attempt to Phish Euler Exploiter of $200M in Crypto, Experts Say

Hackers Steal Over $1.6 Million in Crypto from General Bytes Bitcoin ATMs Using Zero-Day Flaw

Hackers use new PowerMagic and CommonMagic malware to steal data

Hackers Use NuGet Packages to Target .NET Developers

Hitachi Energy hit by ransomware attack on third-party provider

How can Ransomware Spread Through a Network?

IBM Report: Ransomware Persisted Despite Improved Detection in 2022

Independent Living Systems Sued Over 4 Million-Record Data Breach

India ranks second in Asia-Pacific and Japan Region for ransomware attacks in 2022, says report

India second-most targeted by ransomware: Palo Alto research

Italia’s pride tarnished as the Prancing Horse of Ferrari falls prey to ransomware

Kaspersky blocks over 50K financial phishing attacks vs businesses in The Philippines

Largest telecom in Guam starts restoring services after cyberattack

LockBit ransomware gang now also claims City of Oakland breach

Massachusetts Pharmacy Falls Victim to Email Phishing Attack, Results in PHI Exposure

Maternal and Family Health Services sued over data breach

National Cyber Security Agency (NCSC) Launches Two New Tools for Small Businesses

New 'Bad Magic' Cyber Threat Disrupt Ukraine's Key Sectors Amid War

New ShellBot DDoS Malware Variants Targeting Poorly Managed Linux Servers

New York City Special Needs Students' Records Found Exposed on Web

Oakland suffers second ransomware attack in weeks at hands of LockBit

OneNote, Many Problems? The New Phishing Framework

Over 2400 Fake Pages Found Targeting Job Seekers in Middle East, Africa

Phishing: Who Takes the Bait?

Queensland skin cancer study hit by data breach

Ransomware gangs’ harassment of victims is increasing

Ransomware ‘likely’ to target transportation Operational Technology (OT) systems, warns EU cyber agency

Ransomware Risk Management: A Cybersecurity Framework Profile

Ransomware-As-A-Service: managing the productized ransomware threat

'Red alert' scam warning issued to Google and Microsoft Outlook users

Takedown of the biggest hackers’ forum in the world

Threat actors are experimenting with QR codes

Use an iPhone or Mac? Don’t fall for this iCloud email promising free storage

Wartime hacktivism is spilling over into the financial services industry

Why CISOs Are Looking to Lateral Security to Mitigate Ransomware

Why Cybersecurity Should Still Be A Top Priority For Businesses

Why Organizations Need A Data-Driven Cybersecurity Strategy

Wilkes-Barre Tech Center Gives Update on Cyber Attack

Windows 11 Snipping Tool privacy bug exposes cropped image content

20th March

7 guidelines for identifying and mitigating AI-enabled phishing campaigns

'Active' cyber attack to keep Latitude systems offline for days, company suspended from trading

After BreachForums arrest, new site administrator says the platform will live on

AI dApp Harvester Keeper gets hacked for almost $1 Million

Akamai research shows 193 million mobile malware attacks flagged for consumers in EMEA

Another tax scam: beware of improperly filing the Employee Retention Credit

Arbitrum: Hacker compromised 2,400 wallets to sweep ARB tokens upon launch

Australian Cyber Security Centre (ACSC) Ransomware Profile – Lockbit 3.0

Bangladesh: Biman's email server down with ransomware

Beware! 'FakeCalls' Voice Phishing scam could steal your bank account information

BECs double in 2022, overtaking ransomware

BianLian ransomware group shifts focus to extortion

Bitcoin ATM maker shuts cloud service after user hot wallets compromised

Bitcoin ATM Manufacturer General Bytes Shuts Cloud Service After Hacker Compromise User Hot Wallets

Black Basta ransomware group targets healthcare, feds warn

BreachForums Admin Arrested in New York

BreachForums cybercrime website down, admin busted

Business Email Compromise (BEC) overtakes ransomware as cyber crime of choice

Changing Cyber Landscape Poses Challenges For Health-Care Market

Check Point finds potential cybercrime scenarios in ChatGPT4

Chick-fil-A Confirms Data Breach

CISA kicks off ransomware vulnerability pilot to help spot ransomware-exploitable flaws

CISA starts ransomware vulnerability pilot program

CISA, FBI, MS-ISAC Warn Critical Infrastructure of LockBit 3.0 Ransomware Attacks

Community Raises Alarm Over Fraudulent Arbitrum Airdrops

Crypto ATM manufacturer General Bytes hacked, at least $1.5 million stolen

Cyber risk is a business risk

Cybercriminals introduce three novel phishing tactics to net victims

Data breach at NorthStar Emergency Paramedic Services impacts 80,000 patients

Detecting face morphing: A simple guide to countering complex identity fraud

Dish Network updates on ransomware attack

DotRunpeX: The Malware That Infects Systems with Multiple Families

Emotet Rises Again: Evades Macro Security via OneNote Attachments

Ferrari discloses data breach after receiving ransom demand

Fightcamp Users Targeted in Email Phishing Scheme

Finance company warns customers that scale of data breach may widen

First Dero cryptojacking campaign targets unprotected Kubernetes instances

General Bytes Bitcoin ATMs hacked using zero-day, $1.5M stolen

Gmail and Microsoft Outlook users issued red alert warning

Google Pixel flaw allowed recovery of redacted, cropped images

Google urges Android phone users to switch off Wi-Fi calling

Greek defense minister says he was hit by cyber attack on Twitter

Hacker Exploits Months-Old Bug to Steal Crypto From ATMs

Hacker selling U.S. Marshals Service data on a Russian-speaking cyber criminal forum

Hacker who ran BreachForums could face 20 years in prison

Hackers can hijack Samsung and Pixel phones by knowing phone number

Hackers mostly targeted Microsoft, Google, Apple zero-days in 2022

Hackers target .NET developers with malicious NuGet packages

Healthcare data breach affects more than 4.2 million people

"Hinata" Botnet Could Launch Massive DDoS Attacks

Hitachi Energy confirms data breach

Hitachi Energy Blames Data Breach on Zero-Day as Ransomware Gang Threatens Firm

Hitachi Energy is the latest victim of GoAnywhere attacks

Hitachi, Rubrik, Hatch Bank among those hit after file transfer software exploited

Hospital sends sensitive patient letters to man awaiting treatment instead of doctors

How Automated Vulnerability Detection Mitigates Fraud and Hardens Financial Systems

How Hackers are Exploiting Cloud Organizations

How To: Improve Your Company’s Cybersecurity Training

How to protect online privacy in the age of pixel trackers

Is cyber insurance a must-have?

Is Your Cybersecurity Strategy Falling Victim to These 6 Common Pitfalls?

Khalistan Referendum voting in Australia hit by cyber attack

KillNet Group Uses DDoS Attacks Against Azure-Based Healthcare Apps

Kingdom of Saudi Arabia (KSA) continues to be targeted by cyber threat actors

Kronos Malware: What You Need To Know So You’re Not Affected

Lansing Community College cancels online classes after cyberattack

Lansing Community College (LCC) says it's back online, tells students, workers to reset passwords

Latitude admits it STILL has hackers lurking inside its computers after they stole data from Harvey Norman, JB Hi-Fi and Apple clients - as finance firm is forced to stop taking on new customers

Latitude Financial warns customer data breach could widen and hack 'remains active'

Living with data breaches in unregulated cyberspace

Malaysia ranks tenth among countries targeted by spam emails

Mispadu Banking Trojan Targets Latin America: 90,000+ Credentials Stolen

Mispadu Trojan Steals 90,000+ Banking Credentials From Latin American Victims

Most mid-sized businesses lack cybersecurity experts, incident response plans

Move, Patch, Get Out the Way: 2022 Zero-Day Exploitation Continues at an Elevated Pace

National Basketball Association (NBA) alerts fans after hack of third-party service provider

National Basketball Association (NBA) warns fans over data breach, personal details copied

New DotRunpeX Malware Delivers Multiple Malware Families via Malicious Ads

New Research Reveals Only 6% Of Australia and New Zealand (ANZ) Businesses Alerted Of Breach & Loss Of Data From 2022-23

New Trigona ransomware strain up and running, but still evolving

‘No Intention of Keeping What Is Not Ours,’ Euler Finance Hacker Says

Phishing attempts are growing like wildfire and becoming harder to detect

Private records of some Canberra Health Services patients 'deliberately' sent to industrial partner

Ransomware Trends 2022: UK Attacks Rose 17%

Researchers Shed Light on CatB Ransomware's Evasion Techniques

Romanian and Dutch police arrest online phishing gang

Scam Robocalls Forecast to Cost $58bn This Year

SEC issues new cybersecurity requirements for risk management

Skin cancer survey hack may have 'compromised' personal details, Medicare numbers of participants

SMBs don't see need for cyber insurance since they won't experience security incidents

‘SMS OTP no longer secure’: Data security threats in digital banking bared

South Korea: Coupang hacked by Russians, report says, company denies

Take the cybersecurity conversation to the board

The new and great challenges in cybersecurity, according to experts: artificial intelligence, ‘ransomware’ and ‘hacktivism’

The silent spreaders: How computer worms can sneak into your system undetected?

The Top Five Cybersecurity Concerns

There are nearly 300 Arbitrum Airdrop Phishing Sites Already

These are the top internet scams, according to a new FBI report

Threat Actors Using Go-based HinataBot to launch DDoS Attacks

Trinity Health of New England breach impacts more than 45,000 patients

UK Ransomware Incident Volumes Surge 17% in 2022

US, European Authorities Dismantle Darknet Cryptocurrency Mixer

What is a Data Breach? (And How Vulnerable is Your Business?)

What is Automated Clearing House (ACH) Fraud and How to Prevent It

What Is Shoulder Surfing? How Does It Affect Cybersecurity

What is the National Cybersecurity Strategy? A cybersecurity expert explains what it is and what the Biden administration has changed