Editor's Message

Welcome to DBD. On March 8th we celebrated our 4th Anniversary and the 1st Anniversary of our PRiSM application, officially endorsed by the SANS Institute. Despite recent personal issues that have impacted the amount of time I have been able to dedicate to both projects, I have been doing my best to keep everything as up-to-date as possible, and I would like to take this opportunity to thank everyone for their patience and support whilst I navigate through this very difficult time. Stay safe. :)

Monday 27 March 2023

Data Breaches Digest - Week 13 2023

Welcome to this week's Data Breaches Digest, a catalogue of links concerning Data Breaches and Cyber Security that were published on the Internet during the period between 27th March and 2nd April 2023.

2nd April

5 Key Ways A Hacker Approach Can Benefit Managers

Access denied. When healthcare data is held to ransom

All iPhone and Android users warned of dangerous Wi-Fi risk – it could cost you dearly

Bank customers, companies lose billions to Nigeria’s weak cybersecurity

Beware of phishing scams 3.0; email is main target

Breach hits visitor logs at White House

China takes down fake crypto wallet operation

Connecting to a free public access WiFi could cost you dearly

Cyberabad Police issues notices to 11 organisations over major data breach of 66.9 crore individuals

Cybersecurity expert warns about the dangers of ransomware attacks

Dark Web: What is Dark Web? How To Access the Dark Web and What Is Found on Dark Web? How to Save Yourself from Hackers

DeFi Cross-Chain Solution Allbridge Exploited For $570,000

Here are some new ways thieves are scamming people

How to protect your organization from Business Email Compromise (BEC) scams in wake of Silicon Valley Bank (SVB) collapse

India: Congress questions government after man held for data breach of 67 crore people, organisations

Indian police bust gang for data 'theft' of 669 Million individuals, organizations

New Money Message ransomware demands million dollar ransoms

Over 60% in UAE and Saudi Arabia call for ‘hiking cybersecurity spend’

Raising the cybersecurity stakes

Study reveals worrying global trends in cyberattacks

‘Tactical Octopus’ hackers using tax-related phishing scams to spread malware

Tasmanian government refers potential data breach to police

Thailand agencies hunt for hacker that allegedly holds 55 million people’s data

TMX Loan Data Breach Affects 4.8 Million People

Top 10 Security and Privacy Tips for Cryptocurrency Holders

Urgent warning issued over scams amid April phone price hike

US Government to Cash Out 41,000 Bitcoins Worth Over $2 Billion from Silk Road Hacker

Yoigo suffers a cyberattack: these are the affected data and what you should do if you are a customer

Yoigo suffers a security incident that compromises the personal data of its customers

1st April

A New Chapter in Cybersecurity: US Grants $25 Million to Safeguard Costa Rica

As hacks rise, cybersecurity risk management should be top priority

Australia: Government's cyber security strategy must put vulnerable Australians at forefront

Bank of America Warns iPhone, Android Users About Scam Bank Investment Texts

Biggest ever celebrity cyber attack could see stars' X-rated pics and vids leak

Cacti, Realtek, and IBM Aspera Faspex Vulnerabilities Under Active Exploitation

Can ChatGPT be a Potential Cybersecurity Threat?

ChatGPT banned in Italy over privacy concerns

Corporate Emails Are At Bigger Risk In The Upcoming Years

Crypto Scammer Gets Away with $1.2M in ARB Tokens Through 'Address Poisoning' Attack – Here's What Happened

DISH slapped with multiple lawsuits after ransomware cyber attack

Euler Finance breach leads to $197M in losses, but hacker returns over $150M

Fake ransomware gang targets U.S. orgs with empty data leak threats

Hackers Exploiting WordPress Elementor Pro Vulnerability: Millions of Sites at Risk!

How AI and Machine Learning Can Detect and Prevent Malicious Attacks

How can insurers control cyber claims costs?

How To Secure Your Online Transactions From Fraud and Scams

Importance of Building Cybersecurity in the Supply Chain Industry

Investment company ordered to pay over R800,000 after client’s email hacked

Italy blocks Artificial Intelligence chatbot ChatGPT over data breach concerns

Italy blocks ChatGPT following data breach

Italy Temporarily Blocks ChatGPT, Citing Privacy Issues

Jefferson County School System victim of ransomware attack during Spring Break

Lazarus Heist: The intercontinental ATM theft that netted $14m in two hours

LockBit leaks data stolen from the South Korean National Tax Service

Microsoft Fixes New Azure AD Vulnerability Impacting Bing Search and Major Apps

Most common forms of identity fraud and how to avoid them

Northwest Texas Healthcare System (NWTHS) alerts patients to 2021 vendor data breach of health information

Phishing, identity theft top online concerns in the Philippines

Safeguarding Your Business Against Insider Attacks

Scammers Are Using ChatGPT to Write Emails That Aren't Riddled With Typos

Student Loan Forgiveness Scams to Watch Out for

Thailand: Agencies hunt for hacker

The Importance of Data Security in CRM and SRM Systems

Today’s “Don’t Say ‘Ransomware’ Award” goes to...

Ukrainian hacker group hacks Russian military secrets...Pilots’ wives tricked into ‘patriotic photos’

Ukrainian Hacktivists Trick Russian Military Wives for Personal Info

US Government Plans to Sell Over 41,000 Bitcoins Confiscated from Silk Road Hacker

What is Phishing? How to Avoid Phishing Attacks?

What Is Vulnerability Remediation and Why Is It Important?

World Backup Day 2023: best practices to minimize, protect valuable data

Zimbra email platform vulnerability exploited to steal European govt emails

31st March - World Backup Day

3CX Compromised in Supply Chain Attack

3CX Supply Chain Attack - Here's What We Know So Far

4 Times You Shouldn't Enter Your Credit Card Information Online, Experts Say

5 Major Cyber Security Risks That You must be Aware of While Streaming

5 Tips to Avoid Phishing Email Scams

10-year-old Windows bug with 'opt-in' fix exploited in 3CX attack

11 Endpoint Security Best Practices You Must Follow to Stay Protected

13 Expert Tips To Defend Against And Respond To Ransomware Attacks

15 million public-facing services vulnerable to CISA Known Exploitable Vulnerabilities (KEV) flaws

63,341 customers impacted in Blue Shield of California data breach

Account Takeover (ATO) Risk is Real

API Attacks Rise 400% in Last Six Months

APT43 Funds Cybercrime With Stolen Crypto

Are Crypto Exchange Failings Showing a Gap in User Security?

As Twitter Pulls Legacy Checkmarks, Hackers Pounce With Phishing Emails

Biden Administration addresses potential commercial spyware risks

BMW says Play ransomware attack only hit local dealership in France

Capita hit by IT meltdown fuelling fears of cyber attack

Changing cyber threat attack surface demands solid security posture

ChatGPT is temporarily banned in Italy amid an investigation into data collection

ChatGPT privacy and safety concerns lead to temporary ban in Italy

ChatGPT Vulnerability: Redis Vulnerability Exposes User Payment Data

CISA Warns of Vulnerabilities in Propump and Controls’ Osprey Pump Controller

Consumer lender TMX discloses data breach impacting 4.8 million people

Corporate Emails Are At Bigger Risk In The Upcoming Years

Corporate espionage, the latent objective behind many cyberattacks

Crypto Scammers Pilfered Over $370M In Q1

Cyber Police of Ukraine Busted Phishing Gang Responsible for $4.33 Million Scam

Cyber-attacks on offshore wind could derail UK’s net zero agenda

Cybersecurity Remains a Top Concern For MSPs in 2023

Data Breach Notification Law Update: Utah and Pennsylvania

Data Breach of Financial Service Provider Latitude Jumps From 328,000 to 14 Million Records Stolen

Data stolen from Washington County Sheriff’s Office leaked by LockBit

Dish hit with investor lawsuits after cyberattack

Dole data breach compromises employee data

Don’t outlaw cyber ransom payments, says panel

eCommerce Fraud Protection: Are you secure?

Failed IT systems at Capita fuel fears of cyber-attack on crucial NHS provider

FBI reports phishing attacks are on the rise

Ferrari Disclosed a Data Breach Impacting Customer Data but Refused to Pay Ransom

Five common identity theft scams

Food and Drug Administration (FDA) to reject medical device applications without cyberattack protection plans

GCHQ Updates Security Guidance for Boards

Government of Yucatan recovers control of its official websites after cyberattack

Guardians of data backup: Experts share strategies on World Backup Day 2023

Hackers can take control of your car – How to protect yourself

Hackers exploit bug in Elementor Pro WordPress plugin with 11 Million installs

Hackers post data stolen from the Housing Authority of the City of Los Angeles

Here are some new ways thieves are scamming people

High-cost lender TMX Finance data breach affects nearly 5 million customers

How to protect your backups: a checklist

How to Secure Unified Communications for Incident Response

How to Secure Video Streaming

IBM file transfer service under active exploit, security researchers warn

Illinois Gastroenterology Group Settles 2021 Data Breach Lawsuit

Is It Time to Start Hiding Your Work Emails?

Is That Text From Your Bank Real or a Phishing Scam? How to Tell

IT Expert Says U.S. Needs to Turn Up the Heat to Tackle Cybersecurity

Italy privacy watchdog blocks ChatGPT, citing data breach

Italy temporarily blocks ChatGPT over privacy concerns

Italy’s privacy watchdog bans ChatGPT over data breach concerns

Italy's Privacy Watchdog Blocks ChatGPT Amid Privacy Concerns

Japan's credit card fraud losses hit record $330 million in 2022

Lack of cybersecurity training is leaving businesses at risk

Law firm settles claims related to data breach affecting health care data

Lewis & Clark College cyberattack claimed by notorious ransomware gang

LockBit group targeted Washington County Sheriff’s Office, leaked stolen data

Lumen hit by ransomware, malware attacks

Maryland Hospital Reveals 30K Individuals Impacted by Ransomware Attack

Medical, Social Security information compromised in Middletown nursing home data breach

Millions affected by Dutch data breach: Here’s what we know so far

Modular "AlienFox" Toolkit Used to Steal Cloud Service Credentials

More evidence links 3CX supply-chain attack to North Korean hacking group

Navigating a new age of cybercrime

Nearly 5 million people affected by cyberattack on high-cost lender TMX Finance

Netflix, FedEx, Walmart, and Online Pharmacy – Top Phishing Scams of the Week

New Azure Flaw "Super FabriXss" Enables Remote Code Execution Attacks

New Cylance Ransomware Targets Linux and Windows, Warn Researchers

New details uncovered about Liverpool hospitals data breach

New French law will require reporting of cybersecurity incidents within 72 hours to benefit from insurance coverage

North Korean hacker group poses as journalists and experts to steal intel

Over 1 Million Arbitrum tokens lost to phishing attack

Protecting data in the cloud: Who’s responsible?

Ransomware Actors Target IBM’s Aspera Faspex

Ransomware attacks: is your supply chain software safe?

Ransomware Attacks Up 627%

Recovering from a Ransomware Attack on Your RAID System

Reprimand for NHS Highland after 'serious' email data breach

Researchers warn of Wi-Fi security flaw affecting iOS, Android, Linux

Securin, Ivanti analyst finds potential security gaps in Indian state government domains

Snatch ransom gang claims city of Modesto

Social security numbers, some patient treatment info involved in Tallahassee Memorial Healthcare (TMH) cybersecurity incident

Strengthening Business Cybersecurity With Cloud Access Security Broker (CASB)

The foundation of a holistic identity security strategy

The Louisiana Cyberattacks That Weren’t—or Maybe Were?

The risk and reward of ChatGPT in cybersecurity

The security aspect of hybrid work is on the minds of many people

This Bing flaw let hackers change search results and steal your files

Thousands of companies vulnerable in supply chain cyberattack

Twitter Presses GitHub to Turn Over User Who Leaked Source Code

U.S. Department of Education Announces Updated Data Security Expectation for Postsecondary Institutions

UK Regulator: HIV Data Protection Must Improve

Ukraine Busts Gang for Massive $4.3 Million Phishing Scams

Ukraine Cyberpolice Dismantles Fraud Ring That Stole $4.3 million

Ukrainian Police Bust Multimillion-Dollar Phishing Gang

Unbelievable! One of The World’s Most Advanced AIs - ChatGPT - Gets Banned

Urgent warning issued over scams amid April phone price hike

US to help Costa Rica recover from 2022 Conti ransomware attack's impact with $25m aid

Vietnam: Over 3,200 phishing pages detected in Q1

WhatsApp users are making HUGE mistake and it puts their phones at risk – take action NOW

Winter Vivern APT Targets European Government Entities with Zimbra Vulnerability

World Backup Day: 5 ways to effectively backup your data

World Backup Day 2023: What When Backup Isn’t Enough

World Backup Day Is A Reminder To Back Up Your World

30th March

3CX customers targeted via trojanized desktop app

3CX Desktop App Supply Chain Attack Leaves Millions at Risk - Urgent Update on the Way!

4 steps to avoid a ransomware attack

AlienFox Malware Targets API Keys and Secrets from AWS, Google, and Microsoft Cloud Services

Amid AI craze, what will it take for firms to take data security seriously?

An Introduction to Cybersquatting

Australia’s Crown Resorts hit in Clop ransomware spree

Beat Back Ransomware on March 31 – World Backup Day

Bing search results hijacked via misconfigured Microsoft app

Bright Horizons Notifies Current and Former Employees of Recent Data Breach

Chinese RedGolf Group Targeting Windows and Linux Systems with KEYPLUG Backdoor

CISA Marine Transportation System (MTS) Guide may enhance critical infrastructure resilience

CISA orders agencies to patch bugs exploited to drop spyware

Cloudy with a Chance of Risks: Top Strategies for Tackling Cloud Security in 2023

Consulting company for Vines Hospital suffered a data breach

Cybercriminals using AI chatbots to write grammatically correct phishing emails, warn experts

Cyberstorage: Leveraging the Multi-Cloud to Combat Data Exfiltration

Dangerous misconceptions about emerging cyber threats

Do You Need an Enterprise Browser to Secure Your Organization?

Dozens of universities affected by campus ticketing software cyberattack

‘Fairfield’ Named as Site for Cyber Attack in Leaked Russian Documents

Food and Drug Administration (FDA) Protects Medical Devices Against Cyber-Threats With New Measures

GDPR Article 17: What Is the Right to Erasure?

Incident of the Week: Latitude Financial data breach affects 14 million people

IRS tax forms W-9 email scam drops Emotet malware

Majestic Care Files Notice of Data Breach Affecting Current and Former Residents and Staff

Microsoft OneNote will block 120 dangerous file extensions

Microsoft patches second Azure inspection tool vulnerability

National Crime Agency (NCA) Celebrates Multimillion-Pound Fraud Takedowns

New AlienFox toolkit steals credentials for 18 cloud services

New Research Reveals Millions of Systems Remain Exposed to Known Exploited Vulnerabilities

New State-Wide Privacy Laws Could Have Unintended Consequences for Consumers and Businesses

New Wi-Fi Protocol Security Flaw Affecting Linux, Android and iOS Devices

New York Attorney General Issues Fine Against Law Firm for Data Breach

NHS Highland rapped over data breach affecting HIV patients

NHS Highland reprimand for HIV patient email data breach

North Korea may have sent voice phishing apps to Chinese crime ring

North Korean Hackers Use Trojanized 3CX DesktopApp in Supply Chain Attacks

Over 70% of Employees Keep Work Passwords on Personal Devices

Phishing, smishing and vishing: Fraudsters feast at tax time

Popular PABX platform, 3CX Desktop App suffers supply chain attack

Ransomware attacks skyrocket as threat actors double down on U.S., global attacks

Ransomware gangs are exploiting IBM Aspera Faspex RCE flaw (CVE-2022-47986)

Ransomware Groups Hit Unpatched IBM File Transfer Software

Realtek and Cacti flaws now actively exploited by malware botnets

Researchers Detail Severe "Super FabriXss" Vulnerability in Microsoft Azure SFX

Rising Data Breaches Due to Remote Work; How Can Endpoint Security Help?

Risks of Using Public Wi-Fi

SlashNext's 2023 Mobile BYOD Security Report Reveals 71% of Employees Have Sensitive Work Information on their Personal Devices; 43% Were the Target of Phishing Attacks

Supply-chain attack on business phone provider 3CX could impact thousands of companies

Terrible employee passwords at world’s largest companies

The Health Plan of San Mateo Reports Recent Data Breach Leaked Personal Information Belonging to 11,894 Individuals

The Next Industry AI Is Taking Over? Phishing Emails

The Road to Restoration: Baltimore Schools Rise from Cyber Attack

Thieves Steal $9m from Crypto Liquidity Pool

Think ransomware gangs won't thrive this year? Think again, experts say

Threat Intelligence: The Role of Nation-States in Attributing Cyber-Attacks

U.S. announces $25M to bolster Costa Rica’s cybersecurity

Ukrainian cyberpolice busts fraud gang that stole $4.3 million

Unpatched Vulnerabilities Hamper IT Security Efforts

US commits $25 million to Costa Rica for Conti ransomware recovery

US, UK, eight others unite on cyber protections for dissidents, journalists, advocacy groups

Volume of HTTPS Phishing Sites Surges 56% Annually

Vulnerability Enabled Bing.com Takeover, Search Result Manipulation

We’ve Been Using Email Since 1971 - It’s Time We Make it Secure

What CISA Got Right (And Wrong) About Cloud Security

Winter Vivern hackers exploit Zimbra flaw to steal NATO emails

29th March

5 cyber threats retailers are facing — and how they’re fighting back

5 Ways to Measure Cyber Risks in Healthcare

58% of victim organizations don’t have MFA enabled

AI chatbots making it harder to spot phishing emails, say experts

AI-Generated Phishing Emails

Angler Phishing — What to Know About This Relatively New Threat

Attacks Targeting APIs Increased By 400% in Last Six Months

Australia's Medibank gets second class action lawsuit over data breach

Bank details, birth certificates potentially hacked in Meriton data breach

Beware of MacStealer: A New Malware Targeting macOS Catalina Devices

BMW France claimed as Play ransomware victim

BNB DeFi Hacker Claims “Accidental Frontrun” After $9 Million Pilferage

Brokers now targets of ‘industrialised’ cybercrime

Careium assists its customers due to a personal data breach under the GDPR

ChatGPT Vulnerability May Have Exposed Users’ Payment Information

Clop Ransomware Group Exploits GoAnywhere MFT Flaw

Clop ransomware targeted the City of Tasmania via Fortra’s GoAnywhere MFT exploit

Community Health Systems data breach may have exposed information of Scranton and Wilkes-Barre hospital patients

Crackdown on ransomware gangs yet to show an impact

Crafting Scams with AI: a Devastating New Vector

Crown Resorts confirms ransom demand from Clop ransomware gang

Cyber attacks increasing by up to 50% in local councils across the UK

Cyberattack on debt-buying giant exposes sensitive info on nearly 500,000 people

Data of 700,000 VodafoneZiggo customers exposed due to data breach

Data stolen from Florida sheriff’s office leaked by LockBit ransomware group

Experts Warn of Self-Funding North Korean Group APT43

Fake Tor Browser Installers Distributing Clipper Malware

Ferrari data breach exposes customer information

Food and Drug Administration (FDA) can now reject new medical devices over cyber standards

Food and Drug Administration (FDA) requires medical devices be secured against cyberattacks

Four ‘crypto-hacker’ gang members arrested in Argentina after US$800,000 theft

Google finds more Android, iOS zero-days used to install spyware

Google reveals spyware attack on Android, iOS, and Chrome

Google Warns Against Commercial Spyware Exploiting Zero-Days

Hackers compromise 3CX desktop app in a supply chain attack

Healthcare data breaches increase in February, according to report

Ignoring network automation is a ticking time bomb for security

Indian pharmaceutical giant warns of revenue loss, litigation after ransomware attack

Is VoIP more secure?

Just 1% of Cloud Permissions Are Actively Used

KnowBe4 Finds State and Local Governments Struggle to Defend Against Ransomware and Business Email Compromise

Latitude data breach exposes personal information of 14 million customers

LockBit ransomware gang infrastructure reported down

Lumen Technologies says ransomware attack disrupted call centers

Malicious Phishing Emails Increased by 569% in 2022

Mélofée: Researchers Uncover New Linux Malware Linked to Chinese APT Groups

Mélofée: The Latest Malware Targeting Linux Servers

Modesto, California, Police Suffer Ransomware Attack

New Report from the WatchGuard Threat Lab Shows Surge in Endpoint Ransomware, Decline in Network-Detected Malware

New York law firm gets fined $200k for failing to protect health data

Nexus Android malware targets 450 financial applications

North Korean APT43 Group Uses Cybercrime to Fund Espionage Operations

Pakistan: Supreme Court Website Recovers After Cyber Attack

Phishing emails soar as messages bypass standard email security solutions

Phishing Emails Up a Whopping 569% in 2022

Private financial, health information exposed in Meriton data breach

Procter & Gamble (P&G) confirms data breach

Protected Harbor Releases 2023 Law Firm Data Breach Trend Report

QNAP warns customers to patch Linux Sudo flaw in NAS devices

Ransomware Actors May Be Targeting Organizations With Cyber Insurance

Ransomware here to stay, but victims keep quiet about attacks

Ransomware, malware attacks rise in 2022

SafeMoon ‘burn’ bug abused to drain $8.9 million from liquidity pool

Spyware campaigns using zero-days found in Italy, Malaysia, Kazakhstan, UAE

Spyware Vendors Caught Exploiting Zero-Day Vulnerabilities on Android and iOS Devices

Tech Industry Bids to Tackle Cyber-Mercenary Epidemic

Tesla Is Vulnerable: Hackers Remotely Turned Off Lights And Messed With Its Infotainment System

The National Basketball Association (NBA) Leaked Fans’ Personal Information via Data Breach at Newsletter Service

There’s plenty of phish in the sea: How to plan for and respond to a data breach

Top malware trends and security threats revealed in new WatchGuard report

Trojanized TOR Browser Installers Spreading Crypto-Stealing Clipper Malware

U.S. grants Costa Rica $25M to bolster cybersecurity efforts

Unity Bank enmeshed in data breach controversy

Unpatched IBM Aspera Faspex file transfer service under active attack

Urgent iPhone warning issued to every user over hacker risk

Use of .bank Domain on the Rise to Counter Phishing

Visa fraud expert outlines the many faces of payment ecosystem fraud

What Do You Do if a Hacker Takes Control of Your Ship?

28th March

5 Significant Benefits of Mobile Threat Defense Systems

14 Million Records Stolen in Data Breach at Latitude Financial Services

17% of security leaders consider cybersecurity team fully-staffed

23 Most Notorious Hacks History that Fall Under OWASP Top 10

27 per cent of industrial sector computers in India affected by malware in 2022

68% of organizations face cyber risks due to skills shortage

73% of organisations hit by ransomware in 2022

$200 Million Euler Hacker Returns Stolen Crypto, With Apology

Action Fraud warn residents about Netflix scam emails

Advice from Northumbria's Cyber experts after a national trend of shocking social media hacks

AI-Generated Tutorial Videos Used to Steal Data From YouTube Users

Almost one in four nurseries have experienced a cyber attack in the last year

An MSP’s Guide to Proactive Incident Response Planning

Apple backports fix for exploited WebKit bug to older iPhones, iPads (CVE-2023-23529)

Apple Issues Urgent Security Update for Older iOS and iPadOS Models

Apple Releases Security Patches For Older iPhone and iPad Models

Balancing security risks and innovation potential of shadow IT teams

Bitcoin ATM maker to refund customers impacted by zero-day hack

Blue Shield of California Notifies 63,341 Customers of Third-Party Data Breach

BreachForums substitute by ex-Anonymous hacker quizzed over dubious name

Central National Bank Notifies Texas Attorney General of Recent Data Breach Affecting an Unknown Number of Customers

ChatGPT Data Breach Confirmed as Security Firm Warns of Vulnerable Component Exploitation

ChatGPT Less Convincing Than Human Social Engineers in Phishing Attacks

ChatGPT phishing emails could weaponize realism

Children’s data feared stolen in Fortra ransomware attack

Clipboard Hijacking Can Turn Your Copied Text into A Threat

Clipboard-Injector Attacks Target Cryptocurrency Users

Clop ransomware gang exploits GoAnywhere flaw to victimise the City of Toronto

Clop ransomware group triggers new attack spree, hitting household brands

Crown Resorts confirms ransom demand after GoAnywhere breach

Crown Resorts investigating potential data breach after ransomware group's claims

Crown Resorts targeted by ransomware group following vendor data breach

Cyber Scammers Using Decentralized File Distribution System to Spread Malware

Cyber Thief Stole SSNs from Our Lady of the Lake University

Did the Tri Counties Bank Ransomware Attack Leak Customers’ Information?

Dutch railway NS warns 780,000 customers about data breach

Egyptian raises alarm over Unity Bank’s disclosure of customer information to third party

Euler Finance Hacker Apologizes, Returns Stolen $177 Million

Europol details ChatGPT’s potential for criminal abuse

Experts warn against ransomware complacency

FBI gains access to BreachForums database, finds clinching evidence to nail the site's owner

Former NCSC chief Ciaran Martin pinpoints critical national infrastructure (CNI) as the next big ransomware target

Four Years Behind Bars for Prolific BEC Scammer

GPT-4 kicks AI security risks into higher gear

Grand Account Theft: Group-IB uncovers over 600 hijacked Instagram accounts used to spread financial phishing in Indonesia

Guide to protecting employee data

Hacker Returns $200 Million Stolen from Euler Finance

Hackers changed tactics, went cross-platform in 2022, says Trend Micro

Hacking prevention: What to know

How a ransomware attack at a Indiana hospital in '21 is still costing money today

How Executive Cybersecurity Protection Limits Ransomware Threats

IcedID Malware Shifts Focus from Banking Fraud to Ransomware Delivery

Incident attribution: beware of jumping to conclusions

Inside ransomware’s organised underworld

Inside The Shadowy World Of Iranian Cyber Espionage Group APT33

Israel National Cyber Directorate (INCD): MuddyWater used social engineering to attack Israel’s Technion

Latest Study Ranks the 10 Worst U.S. States for Identity Theft

Latitude Financial customers frustrated at lack of communication after millions of personal records stolen in cyber attack

Latitude Financial Data Breach: 14 Million Customers Affected

Latitude Financial data breach now impacts 14 million customers

Latitude Financial faces possible class action after millions affected by data breach

Latitude Financial says data on 14 million customers — not 330,000 — was stolen by hackers

Lumen Technologies hit with 2 separate security incidents

Malware, malicious software affect 27% of India’s industrial sector computers

Mandiant Catches Another North Korean Government Hacker Group

Modesto Police Department’s breach by ransomware group may have been days before city caught it

Netskope research warns of cloud malware threats

New CISA Program to Warn Critical Infrastructure Companies of Vulnerabilities That Could Invite Ransomware Attacks

New Immersive Labs Study Uncovers Concerning Disconnect between Confidence in Cyber Resilience and Proven Capabilities

New York Attorney General Settles with Law Firm Over Data Breach

Newly exposed APT43 hacking group targeting US orgs since 2018

NGS Super says 'limited data' stolen in cyber attack

Norwegian data protection authority fines U.S. firm almost $240,000 for failure to notify within 72 hours

Oakland Officials Commit to Meeting With Police Union Over Data Breach

Oklahoma City University Notifies Students and Employees of Recent Data Breach

Pakistan-Origin SideCopy Linked to New Cyberattack on India's Ministry of Defence

Phishing 101: What You Need to Know to Avoid Falling for Scams

Phishing Campaign Goes Cutting Edge With IPFS

President Biden Signs Executive Order Restricting Use of Commercial Spyware

Prompt engineering and jailbreaking: Europol warns of ChatGPT exploitation

Publicly disclosed U.S. ransomware attacks in 2023

QSnatch infections are the leading cause of malicious DNS traffic in Asia Pacific

Ransomware attacks up 45% in February, LockBit responsible

Ransomware group takes credit for February attack on city of Modesto

Regulator Tells Australian Banks to Boost Cyber-Attack Defenses

Security researchers confirm Microsoft patch fixes ‘aCropalypse’ bug

So you leaked data on BreachForums, but weren’t the hacker? Can you be prosecuted for leaking?

Stealthy DBatLoader Malware Loader Spreading Remcos RAT and Formbook in Europe

Students and teachers at English high school impacted by ransomware attack

Telecom Operators push back on Federal Communications Commission’s (FCC) stricter data breach reporting proposal

The Chasm Between Cybersecurity Confidence and Actual Ability

The Chip War’s Impact on Cybersecurity and the Supply Chain

The Dangers of Dialogue: Ransomware Attackers Want to See Your Cyber Insurance Policy

The Netherlands: Foundation takes health boards to court over leaked vaccination data

The Pervasive Threat Of Ransomware And Its Misconceptions

To pay or not to pay - that's the question as ransomware attacks rise

Top 10 Internet Scamming Countries in the World in 2023

Top Attack Frontier is People – Need for Phishing-Resistant Authentication

Toyota scrambles to patch customer data leak

Trojanized Tor browsers target Russians with crypto-stealing malware

Union Officials Mull Lawsuits After Oakland Ransomware Attack

US Moves to Ban "Anti-Democratic" Spyware

UScellular breach: new details revealed

Walsall Healthcare NHS Trust dealing with a cyber attack

We don’t negotiate with cyber criminals, says Vumacam

What to do if your data is compromised in a company hack?

What you need before the next vulnerability hits

What You Need to Know About Broken Object Level Authorization (BOLA)

Why do cyber attackers love charity finance teams?

WiFi protocol flaw allows attackers to hijack network traffic

With political ‘hacktivism’ on the rise, Google launches Project Shield to fight DDoS attacks

Your Data Backup Strategy (or Lack Thereof) Can Attract Attackers

Zoll faces lawsuit over data breach

27th March

14 million personal documents stolen from Aussie financial firm in cyber attack

20-Year-Old BreachForums Founder Faces Up to 5 Years in Prison

51% of users admit to resetting forgotten passwords once a month

A bug revealed ChatGPT users’ chat history, personal and billing data

Apple fixes recently disclosed WebKit zero-day on older iPhones

Associates in Dermatology Announces Data Breach Stemming from Ransomware Attack at VPN Solutions, LLC

At least 50 overseas US government employees targeted in spyware attack

AT&T customer data breach highlights operator cyber-security risks from third party partners

Atlantic Dialysis Management Services, LLC Reports Data Breach After Unauthorized Party Accessed Patient Information

Australia: CEO sorry for Aboriginal health centre data breach

Biden administration limits commercial spyware use in federal government

Bishop Luffa reaches ransom deadline following hacker's threat to release children's data

Business Email Compromise (BEC) scammers are after physical goods, the FBI warns

Business Email Compromise Threats Soar Past Phishing Risks

Business operations impacted, cyberattack to hurt revenue: Sun Pharma

CISA summons outside tips to alert victims of early-stage ransomware

CISA to Start Issuing Early-Stage Ransomware Alerts

City of Oakland denies it suffered a second ransomware attack in February

Clop Keeps Racking Up Ransomware Victims With GoAnywhere Flaw

Crown Resorts says ransomware group claims accessing some of its files

Cyberattacks on the high seas? Norwegian sailors, researchers sound a warning

Data breach at ChatGPT; users' personal info leaked

DBatLoader: Actively Distributing Malwares Targeting European Businesses

DHL, FedEx and USPS among top brands impersonated in phishing scams

Dish Facing Class-Action Lawsuits in Aftermath of Ransomware Attack

Emotet phishing campaign masquerading as W-9 tax form

FBI Nabs Prolific Hacker Allegedly Operating Dark Web Marketplace

Florida Medical Clinic Notifies Nearly 95,000 People of Recent Data Breach

Food production giant Dole says February ransomware attack compromised employees' personal data

Fortinet’s Threat Report finds attackers are retooling and leveraging more wiper malware

Founder of One of the World’s Largest Hacker Forums Arrested

Hacker Who Attacked Euler Finance Returns More Than $100M to Project

How South African businesses can start the financial year digitally secure

How to prepare for a world without passwords

Illinois Gastroenterology Group data breach class action settlement

Independent Living Systems Data Breach: What You Need to Know & How to Protect Yourself

Is ChatGPT A Silver Bullet For Cybercriminals?

Known unknowns: Refining your approach to uncategorized web traffic

Kroger Postal Prescription Services reports a data breach impacting 82,466 consumers

Lack of clarity on Dish’s ransomware attack results in stock trading at a five-year low

Latitude cyber attack expands to 14 Million Australia & New Zealand records stolen

Latitude Financial Admits Breach Impacted Millions

Latitude Financial cyber-attack worse than first thought with 14 million customer records stolen

Latitude Financial reveals 14 million customer records stolen in cyber attack

Law firm fined $200,000 over ‘poor data security’ that led to ransomware attack

Louisiana colleges restoring systems after state police find ‘indicators of compromise’

Lumen Faces 2 Ransomware Attacks, Working With Experts To Evaluate And Minimize Impact

Manufacturing is the most targeted sector by cyberattacks. Here's why increased security matters

Microsoft Fixes Security Flaw in Windows Screenshot Tools

Microsoft Issues Patch for aCropalypse Privacy Flaw in Windows Screenshot Tools

More School Closings Coast-to-Coast Due to Ransomware

National Crime Agency (NCA) Harvests Info on DDoS-For-Hire With Fake Booter Sites

NCB Management Services, Inc. Announces Data Breach Affecting Nearly a Half-Million Consumers

New BEC Tactics Enable Fake Asset Purchases

New IcedID malware variants shift from banking trojans to ransomware

New IcedID variants shift from bank fraud to malware delivery

New MacStealer macOS Malware Steals iCloud Keychain Data and Passwords

New MacStealer macOS malware steals passwords from iCloud Keychain

New phishing method drives 40,000 new attacks

New York law firm to pay state $200K over data breach

Non-profits have inadequate phishing protection

Oakland police union threatens litigation over ransomware attack, city responds

Organisations could soon be using generative AI to prevent phishing attacks

Phishing website Z-Lib.is pretends to be Z-Library, asks for funds

Portion of Twitter’s proprietary source code leaked on GitHub

Preparing Your Organization for Communicating During a Cyber Attack

Ransomware Attack to Hit Revenue at India’s Top Drugmaker

Ransomware fallout: Could lawsuits break Oakland’s silence?

Ransomware threat: Arete sees a spike in Trigona ransomware activity

Report shows top transport cyber threats in EU

Rio Tinto staff in Australia may have been affected by data breach

Russian hackers strike French National Assembly website

Sun Pharma Revenues Take a Shot due to Major Ransomware Attack

Superannuation fund NGS Super hit by cyber attack, 'limited data' taken from its system

Tasmania investigating attack after Clop ransomware group adds to victim list

Telecom giant Lumen says it discovered two separate cyber intrusions

The era of passive cybersecurity awareness training is over

The latest mass ransomware attack has been unfolding for nearly two months

This is the most detailed portrait yet of data breaches in Australia

Three Variants of IcedID Malware Discovered

Turning hackers’ behavior against them

Twitter takes down source code leaked online, hunts for downloaders

UK crime fighters wrangle “several thousand” potential cyber criminals in DDoS-for-hire honeypot

Understanding adversaries through dark web intelligence

Vumacam hit with ransomware attack

What's happening with the Latitude Financial cyber attack? Millions of customer details stolen in one of the largest-known data breaches in Australia

Where SSO Falls Short in Protecting SaaS