Editor's Message

Welcome to DBD. On March 8th we celebrated our 4th Anniversary and the 1st Anniversary of our PRiSM application, officially endorsed by the SANS Institute. Despite recent personal issues that have impacted the amount of time I have been able to dedicate to both projects, I have been doing my best to keep everything as up-to-date as possible, and I would like to take this opportunity to thank everyone for their patience and support whilst I navigate through this very difficult time. Stay safe. :)



Monday, 24 April 2023

Data Breaches Digest - Week 17 2023

Welcome to this week's Data Breaches Digest, a catalogue of links concerning Data Breaches and Cyber Security that were published on the Internet during the period between 24th April and 30th April 2023.


30th April

All 435 million PayPal users warned over ‘money trick’ that empties your account – how to spot sinister attack

Cyber attack at Bluefield University leads to postponed finals

Cyberattacks fall sharply in Vietnam

Cyberattacks increasing in Japan ahead of G7 summit

Dangers of Social Media & How to Protect Privacy Online

Google blocks malware that steals key data from Chrome users

Hackers use fake ‘Windows Update’ guides to target Ukrainian government

How Will The Cyber Attack Impact Dish's Q1 Results?

India: Unpreparedness Against China In Cyber Warfare!

Iran APT using ‘BellaCiao’ malware against targets in US, Europe and Asia

Iran’s State-Backed Cyber-Threat Groups: Upgraded Arsenals and Aggressive Approaches

Israeli radio station, software company targeted by cyber attack

Nashua schools to open Monday 'as scheduled' after 'sophisticated cyber attack'

New WhatsApp feature can expose users to hacking, expert says

OVIX Protocol Falls Victim To $2 Million Oracle Exploit

Think Like a Hacker: Operational Security (OPSEC) Tips To Ensure Crypto Security

YouTube helps recover hacked channel that attempted XRP crypto scams

29th April

Amnesty International Australia Suffered a Data Breach in December, but Says Everything is Now Fine

Avoid public charging stations

Billions of Gmail and Outlook users warned check inbox now for ‘red flag phrase’ that steals money and holiday dreams

Bitcoin (BTC) Wallets of Russian Spies Exposed by a Hacker

ChatGPT is Back in Italy After Addressing Data Privacy Concerns

ChatGPT-4 Phishing Websites and Other Threats

CISA Warns of Critical Flaws in Illumina's DNA Sequencing Instruments

Cyber attack: UPSRTC set to refund tickets booked online

Cyber-attack sparks fears that criminals could target UK gun owners for firearms

Cybersecurity: 7 online safety terms everyone should know

Diocese of Las Vegas impacted by data breach

FBI Director Warns of Vastly Outnumbered US Cyber Intelligence Staff in Face of Chinese Hackers

Five simple ways to avoid cyber financial fraud

Gateway begins reopening casinos following cyber attack

Hackers steal passwords, emails from hookup websites

Hackers target vulnerable Veeam backup servers exposed online

How to Help Protect Seniors From Scammers

Introducing Atomic macOS Stealer – The Newest Threat to Crypto Wallet Owners

Law enforcement officials advise residents to slow down and verify

New Hampshire restaurants subject to cyber attack

Royal Navy investigates after official documents 'found in Wetherspoons'

Russian ransomware attack software targets Apple Mac and MacBook

South Carolina county government hit with ransomware attack

Sudanese hackers target Israeli aviation, weapons industries websites

The types of money transfer frauds targeting Indians and how to avoid them

This Simple GMail Scam can Cost You a Lot of Money

Understanding the risks of generative AI for better business outcomes

What Are Adversarial Attacks in Machine Learning and How Can We Fight Them?

What does it mean for hackers to get one password for you?

What Is a Smurf Attack and How Can You Prevent It?

28th April

3CX data breach shows organizations can’t afford to overlook software supply chain attacks

5 ways threat actors can use ChatGPT to enhance attacks

7 Types of Cyber Attacks & How To Protect Yourself Against Them

9Near hack and the rising feeling of data insecurity in Thailand

10 cool tips to secure your mobile devices

American Bar Association’s Data Breach Exposes User Credentials of 1.4 Million Members

An Interoperable Web 3.0 Without Proper Security Is a Disaster Waiting To Happen

Android Apps Fail to Protect User Data During Device Transfer

Attention Online Shoppers: Don't Be Fooled by Their Sleek, Modern Looks - It's Magecart!

Aussies warned about identity theft email: ‘Cash settlement’

Billions of Android owners must delete three apps right now – hidden ‘Daam’ steals everything you have

Billions of Android owners warned over THREE ‘criminal’ apps – check yours today

Bitmarck: Cyber attack on IT service provider of health insurance companies

Brother of man who ran Helix cryptocurrency mixer jailed for stealing 712 bitcoin

California Health Plan Reports Data Breach Tied to Fortra GoAnywhere Hack

Capita Confirms Data Stolen in Recent Cyberattack

ChatGPT uses for cybersecurity continue to ramp up

CISA warns of critical bugs in Illumina DNA sequencing systems

CISA, FDA warn of new Illumina DNA device vulnerability

Cold storage giant Americold outage caused by network breach

Consumer Financial Protection Bureau (CFPB) criticized for allegedly delaying response to a major insider theft incident

Cosmos Bank Cyber Attack – 11 Accused in Cyber Fraud Case

Critical-rated security flaw in Illumina DNA sequencing tech exposes patient data

Cyber insurance cannot replace robust cyber risk management

Cyber Liability for Trustees: Preventing and Managing Breaches

Cyber-attackers are ‘logging in’ instead of breaking in

Cybercrime group FIN7 targets Veeam backup servers

Cybersecurity expert talks ransomware in wake of CommScope hacking

Cybersecurity researchers gain control of ESA nanosatellite in an ethical hacking exercise

Cybersecurity Trends in 2023

Data breach could affect up to 100,000 patients at Queensway Carleton Hospital

Data Breach Settlement: Manufacturing Company to Pay $1.75M to Employees

Department of Information and Communications Technology (DICT) asked to probe massive data breach of police personnel records; National Bureau of Investigation (NBI) records may also be at risk

Don’t fall for these 4 iPhone Scams

During Eid, Hackers Doubled Down On Phishing Mails In Pakistan

Examining What’s Next After the Briansclub Cyber Attack

Firmware Looms as the Next Frontier for Cybersecurity

First draft of controversial UN Cybercrime Treaty slated for June

'Football Leaks' ruling postponed for hacker Rui Pinto

From phishing to malware, 7 important cyber security terms everyone should know

Glasgow students warned to stay vigilant over common loan scam - how to avoid them

Global Cyber Attacks Rise by 7% in Q1 2023

Google Ads Phishing Scams Claim Over $4 Million

Google Bans 173,000 Bad Developers in 2022

Hackers Breach Dating Websites, Steal Sensitive Data from Users

Hackers swap stealth for realistic checkout forms to steal credit cards

Has your iPhone been hacked?

Housing association’s surplus hit by contractor failure and cyber attack

How deepfakes ‘hack the humans’ (and corporate networks)

How to Avoid Post-Disaster Donation Scams

How to avoid scams stay safe while playing online lottery games

How To Optimize Your Cybersecurity Strategy As An MSP

How Will The Cyber Attack Impact Dish’s Q1 Results?

Improper Hard Drive Disposal Could Be a Million-Dollar Mistake

In 2022, Costa Rica Received More Than 2 Billion Cyber Attack Attempts

Incident of the Week: American Bar Association accused of data breach affecting 1.4 million people

Investigation into North Kingstown ransomware attack in full swing

Kaspersky Blocks Over 200 Million Illegal Crypto Mining

LockBit Leads as Rampant Ransomware Activity Continues

Lowell city government suffers cyberattack, shuts down computers

Man Gets Four Years for Stealing Bitcoins Seized by Feds

Man used brother’s credentials to steal $4.8M seized Bitcoin

Medibank accepts all recommendations of cyber attack review, but refuses to say what those recommendations are

Medical notes found lying on a Telford path sparks inquiry

Medical Review Institute of America data breach $2.6M class action settlement

Minecraft Clones with 35 Million Installs Contained Adware

New Android Malware 'Daam' Discovered: Steals Sensitive Information and Spreads Ransomware

New Business Tech Tips to Ensure Secure Systems

New Atomic macOS Malware Steals Keychain Passwords and Crypto Wallets

New Company Data Breach Timeline Launched: Twitter Is Largest Breach of 2023 So Far

New York Attorney General Releases Data Security Guidelines on Consumer Personal Information Protection

Oklahoma City University data breach potentially compromised data of thousands, class action claims

Ontario casino ransomware attack 'as bad as it gets,' expert says

Password reset woes could cost FTSE 100 companies $156 million each month

Phishing-resistant MFA shapes the future of authentication forms

Pixels & trackers are present on mission-critical webpages and thereby increasing the likelihood of risks

Polygon-Based Lending Protocol Hacked With Losses in USDC, USDT

Preventing and Detecting Data Leaks: The Complete Guide

Protecting Patient Data: Why Quantum Security is a Must in Health Care

Protecting Patient Privacy: Top 5 AppSec Trends in Healthcare for 2023

Ransomware Attack Disrupts IT Network at Hardenhuish School

Ransomware attacks are up significantly in the first months of 2023

Ransomware attacks see resurgence in 2023

Ransomware is a forever problem now

Rapture, a Ransomware Family With Similarities to Paradise

Report Shows Malware Attacks on the Rise in Higher Education

RTM Locker Ransomware Variant Targeting ESXi Servers

Russian Bitcoin Wallets Unmasked by Anonymous Hacker – Here's What Happened

San Bernardino County Sheriff's Department yet to recover from weeks-old malware attack

Singapore: 359 people under probe over 1,200 scam cases that claimed more than S$7m from victims

Some of April’s most active scams have included taxes and Mother’s Day

South Africa in top five countries affected by cybercrime in 2022

Stem the scams: Beware the bots to avoid being distraught

Streaming platform Kodi discloses data breach

Texas bank breach exposed thousands of Social Security numbers

The double-edged sword of generative AI

‘The more vulnerable you are the more likely of cyber attack’

The Real Threats and Opportunities of ChatGPT

Threat actor APT28 targets Cisco routers with an old vulnerability

Tonto Team Uses Anti-Malware File to Launch Attacks on South Korean Institutions

Top 5 Security Breaches

Tucson Unified School District’s Cyber Shutdown: District will need help, and millions of dollars, to rebound from ransomware attack

UK school hit by ransomware attack

UnitedHealthcare warns members' information was exposed in data breach

Vigilante hacker burns hundreds of BTC held in wallets used by Russian intelligence

ViperSoftX InfoStealer Adopts Sophisticated Techniques to Avoid Detection

ViperSoftX info-stealing malware now targets password managers

Walmart, Amazon and Netflix customers urged to check inbox now for bank-draining message that takes everything

Walmart, Amazon, Netflix, and MetaMask — Top Scams and Phishing Attempts This Week

Websites for Hartsfield-Jackson, UPS possibly targeted by hackers

What Are the NSA's Top Security Concerns?

What Happens to Your Data When You Die?

What Is Doxing?

What Is Triage and Why Do You Need It?

What is Wiper Malware?

Why ChatGPT is a cyber threat to businesses

Why Your Detection-First Security Approach Isn't Working

Zscaler ThreatLabz Finds Alarming Growth in Phishing Attacks

Zyxel Firewall Devices Vulnerable to Remote Code Execution Attacks — Patch Now

27th April

9 Security Functions Your Organization Should Automate

46 percent of organizations faced synthetic identity fraud in 2022

81 percent of South Africans think banks need better fraud detection

2022 saw fewer recovered fraudulent fund transfers

A new scary ransomware group is on the rise

A Timeline of Software Supply Chain Attack Examples

American Bar Association, Shields Health Care Group experience data breaches

Android Minecraft clones with 35 Million downloads infect users with adware

APT Groups Expand Reach to New Industries and Geographies

'As bad as it gets': Extent of Latitude hack revealed

Attorney General Warns Consumers That Major Cyber Attack May Impede Use of Gift Cards at Certain New Hampshire Restaurants

Billions of Android and iPhone users warned over cursed calls that steal funds – steps to take when you pick up phone

Billions of Facebook users issued warning to avoid thousands of profiles that steal your info and device operation

Billions of Gmail and Outlook users warned by FBI to check inbox for message that promises money but takes everything

Billions of Gmail and Outlook users warned not to click ‘kiss of death’ button that’s game over for your device and bank

Building firms among most likely to be hit by cyber fraud

Buyers Beware: Cybercriminals Target Your Online Credentials

Call Center Security Equals Customer Satisfaction

ChatGPT: 6 risks financial institutions should know

ChatGPT Security and Privacy Issues Remain in GPT-4

CISA Offers Ransomware Vulnerability Warning Notifications to Help Avoid Cyber Incidents

CISA's New Ransomware Vulnerability Warning Pilot Helping Organizations Avoid Incidents

CISOs struggle to manage risk due to DevSecOps inefficiencies

City of Oakland Restores and Recovers Systems Affected by Ransomware Attack

Clop and LockBit ransomware gangs behind PaperCut attacks, states Microsoft

Coca-Cola hacked again, becomes victim of cyber attack in Mexico

CommScope employees left in the dark after ransomware attack

Complacency about cybersecurity should be a crime in manufacturing

Currys shoppers issued urgent warning after being sent email scam which could cost them thousands

Currys warning to every UK shopper over popular scam that could cost thousands

Cyber Arms Control and Global Security

Cyber crime-as-a-service the new frontier in security

Cyber-Attacks on Civilian Infrastructure Should Be War Crimes, says Ukraine Official

Cybersecurity in the Digital Age

Cybersecurity people are so stressed out, they’re bailing from their jobs after breaches

Daam Android malware can hold your phone hostage — what you need to know

Data Breach Lawsuits Tied to Tracking Pixel Use On the Rise In Healthcare

Don’t fall for the latest Gmail scam – here’s how to protect your inbox

Don't Get Hooked: The Dangers of Spoofing and Phishing

Email Threat Report 2023: Key Takeaways

Experts Urge Applying Lessons Learned from Russia-Ukraine Cyberwar to Potential China-Taiwan Scenario

Fake Airbnb & Booking.com Websites (Watch Out!)

FBI warns of public USB ports hacking

Feds Prioritizing Disruptions Over Arrests in Cyberattack Cases

'Football Leaks' hacker faces court verdict

Georgia Hires Hackers to Protect Against Other Hackers

Generative AI and security: Balancing performance and risk

GitHub introduces private vulnerability reporting for open source repositories

Google Ads data: $4M stolen through crypto phishing URLs

Google banned 173K developer accounts to block malware, fraud rings

Google Gets Court Order to Take Down CryptBot That Infected Over 670,000 Computers

Google Goes After CryptBot Distributors

Hackers Doubled Down on Phishing Mails in Pakistan During Eid

Hackers steal emails, private messages from hookup websites

Hackers stole personal information of Albertsons employees in data breach

Hackers use PaperCut printer vulnerability to spread Clop ransomware

Hacking vs Ethical Hacking: What’s the Difference?

Hardenhuish School cyber attack update after IT hackers demand ransom

Hardenhuish School in Chippenham hit by cyber attack

How Climate Change Threatens Cybersecurity

How hackers can fool ChatGPT’s defences to create ransomware

How To Restore Your Financial Data After A Ransomware Attack

How to stop users from shooting themselves in the foot

(ISC)2 Urges Countries to Strengthen Collaboration on Cybersecurity Regulation

Karmak shares what it learned after being victimized by ransomware attack

Lessons and Takeaways from the FBI’s 2022 Internet Crime Report

Linux version of RTM Locker ransomware targets VMware ESXi servers

Major power failure in Israel after suspected cyber attack

Malware threat report reveals risk on Mac compared to Windows and Linux

Man Arrested for Selling Data on 300 Million Victims to Russians

Microsoft: Cl0p Ransomware Exploited PaperCut Vulnerabilities Since April 13

Microsoft Admits PaperCut Servers Used In LockBit and Cl0p Ransomware

Microsoft Blames Clop Affiliate for PaperCut Attacks

Microsoft Confirms PaperCut Servers Used to Deliver LockBit and Cl0p Ransomware

Neural DSP issues statement on data breach affecting 3,300 Quad Cortex users

New Atomic macOS info-stealing malware targets 50 crypto wallets

New Phishing Attacks Using ChatGPT to Develop Sophisticated Campaigns

Nigeria: Tech operators outline ways to head off cyberattacks

NSA Cybersecurity Director Says ‘Buckle Up’ for Generative AI

Organizations Warned About the Latest Attack Techniques

Paperbug Attack: New Politically-Motivated Surveillance Campaign in Tajikistan

PaperCut vulnerabilities leveraged by Clop, LockBit ransomware affiliates

Patient files class-action suit against One Brooklyn Health over data breach exposing medical records

Phishing Websites Disguised as Crypto URLs on Google Ads Erodes $4M

Ransomware Hackers Exploit PaperCut Bugs

Reserve Bank of India (RBI) Officials Visit Fullerton India To Assess Data Breach Incident Impact

RTM Locker Ransomware Targets Linux Architecture

RTM Locker's First Linux Ransomware Strain Targeting NAS and ESXi Hosts

Russian Bitcoin Wallets Allegedly Exposed by Apparent Hacker

Second data breach probe in a month after sensitive medical notes found dumped in Telford by jogger

Securing Software Supply Chains Requires Outside-the-Box Thinking

South Africa among top five countries affected by cybercrime

Supreme Court to Address Online Threats to Celebrities

The Scams You Need to Look Out For in 2023

The Top C++ Security Vulnerabilities and How to Mitigate Them

The true numbers behind deepfake fraud

Truman State University suffers cyberattack; hopes to restore network services shortly

Ukrainian man arrested for selling data on 300 million people to Russians

Uttar Pradesh State Road Transport Corporation (UPSRTC) ticket website hacked, hacker demands bitcoins worth Rs 40 crores

Vietnamese Hackers Linked to 'Malverposting' Campaign

Were you caught up in the latest data breach? Here's how to find out

What Is a Cloud Security Gateway?

What is Data Security?

What to do if your identity is stolen

What You Need to Know About Domain Phishing Protection

WhatsApp warning billions of users to change simple setting to avoid being scammed

Why European Space Cybersecurity Matters

World Economic Forum: Organisations Must Invest in Security as ‘Catastrophic Cyber Event’ Looms

Zero Trust Data Security: It’s Time To Make the Shift

26th April

87% of SaaS Adopters Exposed to Browser-borne Attacks

Advanced Cars May Face Greater Risk Of Hacking, Cybersecurity Experts Warn

Alloy Taurus Hackers Update PingPull Malware to Target Linux Systems

American Bar Association faces data-breach class action

Apache Superset Vulnerability: Insecure Default Configuration Exposes Servers to RCE Attacks

Apple devices targeted by fake macOS PDF viewer that's just malware

Astral Brands discloses data breach

Australia: Energy giant warns of 'catastrophic damage' if government bans payment of cyber ransoms

Average Cyber-Attack Fine Costs UK Businesses Almost £250,000

Berlin launches ChatGPT data protection inquiry

Canada is not ready for the cybercrime era

Chain of Supply Chain Attacks as 3CX Was Compromised by Outdated Futures Trading Software

Characterless Security Training Fails to Change User Behavior

Charming Kitten's New BellaCiao Malware Discovered in Multi-Country Attacks

China revises law to include certain cyberattacks as ‘acts of espionage’

Chinese Hackers Spotted Using Linux Variant of PingPull in Targeted Cyberattacks

Chinese hackers use new Linux malware variants for espionage

Chinese Hackers Using MgBot Malware to Target International NGOs in Mainland China

Chinese-speaking hackers compromised Tencent app to spy on nonprofit, report says

Cisco discloses XSS zero-day flaw in server management tool

CISOs: unsupported, unheard, and invisible

City council staff praised for passion and commitment after cyber attack

Clop, LockBit ransomware gangs behind PaperCut server attacks

Common insecure configuration opens Apache Superset servers to compromise

Corporate boards pressure CISOs to step up risk mitigation efforts

Critical Flaw Patched in VMware Workstation and Fusion

Currys issues warning to customers over increase in scammers

Cyberattack – 14 Canadian Casinos Shut Down Since April 16

Cyberattackers employ over 500 unique tools in 2022, Sophos report reveals

Cyberattackers leveraged more than 500 unique tools and tactics in 2022

Cybercriminals using Linktree to steal credentials

Cybersecurity And The Human Factor: What Is Each Employee's Role?

Decoy Dog Malware Tool Kit Spotted Via Malicious DNS Queries

Did North Korea just hack your hospital?

Does ChatGPT Have Any Security Issues?

Embracing zero-trust: a look at the National Security Agency’s recommended IAM best practices for administrators

EU cyber law could be costly for British businesses, warns parliamentary report

Evasive Panda's Backdoor MgBot Delivered Via Chinese Software Updates

Four tactics scammers use to get your hard-earned cash

From blockchain to AI adoption – what will happen in the data privacy sector in 2023?

Gateway Casinos Will Re-Open in Phases

Global and regional threat actors targeting online travel and hospitality customers

Google disrupts the CryptBot info-stealing malware operation

Hacktivists target Israel the most, analysis shows

How Hackers Use Generative AI in Their Attacks and What We Can Do About It

How ransomware victims can make the best of a bad situation

How South African businesses can start the financial year digitally secure

HR firm discloses data breach

ICICI Bank refutes data breach claims, terms reports "mischievous"

India: Cyber-attack hits ticketing service of Uttar Pradesh Road Transport Corporation (UPSRTC)

Investment scams top list with $1.5 billion in financial losses for Australians

Iranian hacking group targets Israel with improved phishing attacks

Kaspersky finds Nokoyawa ransomware used Windows zero day vulnerability

Miami man pleads guilty in crypto scheme that used stolen personal information

New coercive tactics used to extort ransomware payments

New Service Location Protocol (SLP) Vulnerability Could Enable Massive DDoS Attacks

NSA sees ‘significant’ Russian intel gathering on European, U.S. supply chain entities

One out of every 10 attacks targeted non-production environments

Optimizing cybersecurity within an evolving threat environment

Overcoming industry obstacles for decentralized digital identities

PrestaShop fixes bug that lets any backend user delete databases

Pro Sports Grapple with Convergence of Cyber and Physical Security Challenges

Quad Countries Prepare For Info Sharing on Critical Infrastructure

Ransomware gang exploiting unpatched Veeam backup products

Ransomware Payment Ban Puts Pressure on the Channel to Do More

Ransomware Poses Growing Threat to Five Eyes Nations

Report reveals 65% of cyberattacks targeted at U.S.

Second ransomware group reported exploiting GoAnywhere security flaw

Sky warns millions of customers over ‘three attacks’ that raid your bank – check your inbox now

South Korea, US agree to cooperate on cybersecurity and combating North Korean digital heists

Students’ psychological reports, abuse allegations leaked by ransomware hackers

Tencent QQ users hacked in mysterious malware attack

The Philippines: Police insists ‘data leak,’ not ‘data breach’ after over 1 million private records exposed

There’s No Silver Bullet for Cybersecurity

Thousands of Apache Superset servers exposed to RCE attacks

Threat of multiple attack vectors ‘looms large’ in 2023

Truman State University slowly recovering from ‘cybersecurity virus attack’

U.S. deploys more cyber forces abroad to help fight hackers

UK Cyber Pros Burnt Out and Overwhelmed

Ukraine cyber chief: Destructive cyberattacks should be referred to International Criminal Court

Ukrainian arrested for selling data of 300 Million people to Russians

US Navy contractor Fincantieri Marine Group suffers a ransomware attack

VMware Releases Critical Patches for Workstation and Fusion Software

VMware releases patches for two serious flaws in Workstation and Fusion hypervisors

What is ransomware? A look at the malicious software behind Gateway Casinos cyberattack

When everyone is responsible, no one is responsible

Western Digital hit by hackers

Young people most likely to fall victim to scams

YouTube warns users of phishing attempt from real email address

25th April

10 Devices to Hack Your Credit Card – Stop Them Before They Hack You

50 percent of organizations fell victim to ransomware in 2022

164% Increase in Tax-related Phishing Emails Since February 2023

AI tools help attackers develop sophisticated phishing campaigns

Almost three-quarters of cyber attacks involve ransomware

Arnold Clark may face compensation claims over data breach

Billions of Android and iPhone owners urged to check signs a criminal is hiding in your device – don’t lose everything

Billions of Google Chrome users urged to check browsers right now – don’t risk your bank and private info

Briansclub Data Breach and Why Dark Web Users are Concerned

CIC Group, Inc. Notifies Individuals of Recent Data Breach

Climate Change is Increasing Cyber-Risks

Costco, Walmart and Kohl’s shoppers warned to check email inbox and texts for ‘cursed’ bank-draining message – delete it

Currys warns all UK customers about 'fraudulent operation'

Cyber: dealing with a data breach

Cyber attack on Lowell City Hall’s network

Cyber crime becomes easier, pays more

Cyber Intrusion Campaign Against Three US Federal Agencies Thwarted

Cyberattack disrupts Lowell city government, shuts down computers

Cybersecurity nightmare in Japan is everyone else’s problem, too

Data theft is truly a cruel crime

Defense Contractors in the Cyber Crosshairs – U.S. Shipbuilders Hit in Cyberattacks

Do the training, invest in security, be prepared for the worst

Do You Know Your Data? The Dangers of Too Much Data and Not Cleaning House

Exploit released for 9.8-severity PaperCut flaw already under attack

Falling Dwell Time May Be Due to Faster Threat Activity

Financial Services Firm NCR Hit by Ransomware Attack, Disrupting Aloha and Back Office Products

Google Finds Flaws in Intel TDX After Nine-Month Audit

Google warns against phishing emails mimicking YouTube channels

Hackers to show they can take over a European Space Agency satellite

Healthcare Is More Reactive Than Proactive When It Comes to Cybersecurity

Helsinki University Hospital (HUS) Employee suspected of serious data breach, prompting investigation and informing affected parties

How Data Backup Benefits Your Company’s Data

How Does Password Cracking Work?

How to Spot Crypto Fraud on Social Media

ICICI Bank refutes 3.6 million personnel data breach

IMA Financial Group, Inc. Files Notice of 2022 Data Breach

International Cooperation Key to Ransomware Fight

Internet protocol vulnerability opens door to ‘massive’ DoS amplification attacks

Iranian Hackers "Educated Manticore" Target Israel With New Tools

Iranian Hackers Launch Sophisticated Attacks Targeting Israel with PowerLess Backdoor

Irrigation Systems in Israel Hit With Cyber Attack That Temporarily Disabled Farm Equipment

Is ChatGPT Safe to Use? Unveiling the Facts and Concerns

Is it time to move beyond the humble password?

It’s Time for an IT Security Fabric

Lazarus Subgroup Targeting Apple Devices with New RustBucket macOS Malware

Lessons Learned from the Chick-fil-A Mobile App Data Breach

Livingston International, Inc. Files Notice of Data Breach Leaking Consumers’ SSNs

Medtronic Reports InPen Mobile Diabetic App Tracking Breach

Mirai botnet hackers targeting TP-Link router zero-day vulnerability

More Israeli websites targeted by cyberattacks

More than 2K organizations at risk of major attacks linked to SLP vulnerability

Most SaaS adopters exposed to browser-borne attacks

Mount Saint Mary College class action claims data breach exposed data of 17K individuals

Netflix, Disney+, Wow: Beware of these phishing scams

New and evolving phishing attacks using AI platforms like ChatGPT are causing major issues

New Report Shows 76% of Organizations Have Suffered a Cyber Attack From an Exposed Asset Since 2021

New SaaS hacks highlight need for backup data protection

New Service Location Protocol (SLP) bug can lead to massive 2,200x DDoS amplification attacks

New Service Location Protocol (SLP) Vulnerability Could Let Attackers Launch 2200x Powerful DDoS Attacks

New study finds 2/5 of IT professionals told to hide data breaches

New Techniques Attackers Are Using to Harvest Your Secrets

Now Is The Time For Businesses To Deploy A Consumer-First Approach To ID Verification

One Brooklyn Health says patient Social Security numbers were breached in cyberattack

PaperCut says hackers are exploiting ‘critical’ security flaws in unpatched servers

Phishable multi-factor authentication: A matter of national emergency

PoC exploit for abused PaperCut flaw is now public (CVE-2023-27350)

Pulling Back the Curtain to Address TikTok Security Concerns

Ransomware attack: Casino Rama could re-open later this week

Ransomware Attacks Resurge with Victims Doubling in 2023

Reach Out to Peers and Vendors to Build Your Security

Researchers Find 250 Million Artifacts Exposed in Misconfigured Registries

Rethinking the effectiveness of current authentication initiatives

Securing Digital Finance: What Securities and Exchange Commission's Proposed Cybersecurity Amendments Mean

Security leaders weigh in on CommScope breach

Sun Pharmaceutical Industries, Inc. Files Notice of Recent Data Breach Following “Data Security Incident”

Tech Vendors and Cybersecurity – Are They Responsible?

Technology chiefs predict cyberattack increase at Paris 2024

The double-edged sword of open-source software

The Political Cybersecurity Blindfold in Latin America

The Privacy Risks and Cybersecurity Threats You Need to Know

The silent killers in digital healthcare

The Threat of Clop Ransomware: How to Stay Safe and Secure

The U.S., U.K. and Germany rank top in ransomware attacks

Thermal Cameras and Machine Learning Combine to Snoop Out Passwords

Threat of multiple attack vectors ‘looms large’ in 2023

Top Cyberattack Targets Revealed in New Global Threat Intelligence Report

TP-Link Archer WiFi router flaw exploited by Mirai malware

Trigona ransomware is being spread by threat actors using the Mimikatz hacking tool

Urgent warning issued to anyone who uses a Gmail account

US: Should the country have an insecurity complex?

US: This Is the State Most At-Risk of Cybercrime, According to New Data

US Department of Justice (DoJ) Prioritizes Victim Support in Cybercrime Crackdown

VMware fixes critical zero-day exploit chain used at Pwn2Own

Ways to protect yourself after a data breach

What is a Banking Trojan?

What Is an Insider Threat? Definition, Types, and Examples

Why You Should Always Use Apple’s Face ID in Public

Without Data Protection Law, India Puts Privacy Rights of Users at Risk

Yellow Pages Canada Hit by Cyber-Attack, Black Basta Claims Credit

24th April

3CX Hackers Also Compromised Critical Infrastructure Firms

10 Credit Card Scams Happening Right Now

A third-party’s perspective on third-party InfoSec risk management

Albertsons Companies, Inc. Files Notice of Data Breach Following Malware Attack

American Bar Association Breach Hits 1.5 Million Members

American Bar Assocation served with class action stemming from data breach

APC warns of critical unauthenticated RCE flaws in UPS software

Are people unconsciously leaking their data to cyber-hackers?

Australia’s Optus hit with class-action suit over data breach

Australian manufacturers fear nation-state cyber threats

Billions of iPhone and Android owners warned by US government to search for three ‘bank-emptying’ names in your texts

Bitcoin Hacker James Zhong’s Conviction: Are Ethereum, Signuptoken.com safer options?

Building a Cyber-Resilient Organization: Strategic Cyber Security Training Tips

Can AI Write a More Convincing Phishing Email Than Humans?

Capita admits to possible data breach

Cascades remains closed following cyber attack

ChatGPT Can be Tricked To Write Malware When You Act as a Developer

CISA adds printer bug, Chrome zero-day and ChatGPT issue to exploited vulnerabilities catalog

Cloud Complexity Means Bugs Are Missed in Testing

Combating cyber threats in the education sector

Con Watch: Make Your Cell Phone More Secure

Consumer Financial Protection Bureau (CFPB) still has not notified consumers about data breach

Container Vulnerability Scanning: Definition & Tutorial

Corporate Routers Are Being Resold Before Sensitive Data Is Wiped

Currys sends warning to all customers

Cyberattack Stigma: How Delayed Reporting Causes More Damage

Cybercrime in Australia: What you need to know

Cybercriminals often target supply chains with ransomware

Cyberthreat grows in Manufacturing

Dairy processors not immune to cyber threats

Data breach at law firm injured 12,000-plus, lawsuit says

Don Roberto Jewelers data breach $4M class action settlement

Enterprise devices have an average of 67 applications installed

EU Cyber Solidarity Act: What's in store?

EvilExtractor Phishing Campaign Targets Windows Users With PDFs And Dropbox Links

Exploit released for PaperCut flaw abused to hijack servers, patch now

Fake public Wi-Fi networks are found to be more common than juice jacking

Fortinet Survey Finds 78% of Organizations Felt Prepared for Ransomware Attacks, Yet Half Still Fell Victim

Gateway Casinos Confirms IT outage caused by a ransomware cyberattack

Going beyond IAM for cloud security

Google reveals warning signs of silent Android ‘hijacking’ – hidden mode can save you from money-disappearing nightmare

Hack negotiations: Why platforms with ineffective bounty programs pay a higher price

Hacker demands ransom after 'taking control' of Wiltshire school's IT

Hackers are using this new Gmail scam to steal your personal data — how to stay safe

Hackers Exploit Generative AI to Spread RedLine Stealer Malware-as-a-Service (MaaS)

Hackers Exploit Outdated WordPress Plugin to Backdoor Thousands of WordPress Sites

Hackers Target ‘Crypto Native’ Users In Mysterious $10MM Hack

Hackers’ average ‘dwell time’ dips by 5 days to 16 days in 2022

How is artificial intelligence used in fraud detection?

How Shoulder Surfing Can Compromise Your Apple ID and Private Data

How To: Protect Software by Understanding Your Environment

Hungarian media hit by hacker attacks

ICICI Bank denies data breach that reportedly exposed customers’ credit card, PAN and passport details

Impostor Domains Seen as the Primary Reason for Massive Data Breach

Intel CPUs vulnerable to new transient execution side-channel attack

Isle of Wight businesses sent fake emails after tourism website attack

KuCoin hack: Hacker makes away with over $22k

KuCoin's Twitter account hacked to promote crypto scam

LockBit 3.0 Ransomware Targets Fullerton India: Company Reverts to Offline Operations as a Precaution

Lockbit Ransomware Aims To Target macOS Systems – But May Not Be As Successful

Major US university websites hacked to show Fortnite spam

Microsoft Issues New Warning That Iranian Hackers Have Conducted Cyberattacks on U.S. Groups

Naivas confirms ransomware attack on its data

New All-in-One "EvilExtractor" Stealer for Windows Systems Surfaces on the Dark Web

New Bumblebee Malware Campaign Targets Enterprise Users Through Popular Software

New Mac Malware, Possibly From North Korea, Masquerades as PDF Viewer

One Brooklyn Health Reports Leaked Patient and Employee Information Following Recent Data Breach

Organizations are stepping up their game against cyber threats

Over 70 billion unprotected files available on unsecured web servers

Oversight of Cyber Risk: The Board's Essential Role in Mitigation and Prevention

Patients’ personal information found in data breach at Letterkenny University Hospital (LUH)

Philippine National Police (PNP) data breach: How fast can hackers find exposed data? Very fast, researchers say

Public Charging Ports Can Steal Your Data; Here’s How To Prevent Juice Jacking

Ransomware Hackers Using AuKill Tool to Disable EDR Software Using Bring Your Own Vulnerable Driver (BYOVD) Attack

Ransomware Payment Activity on the Rise

Retail technologists need a new approach to overcome growing application security challenges

Robeson Health Care Corporation Reports Data Breach Affecting Over 15k Individuals

Rochester Public Schools cancels MCA testing in wake of April 6 cyber attack

Rochester Schools Say Cyber Attack Didn't Touch Student Data

Russian Hackers Suspected in Ongoing Exploitation of Unpatched PaperCut Servers

Russian Hackers Tomiris Targeting Central Asia for Intelligence Gathering

Russian hacktivist threat on Canada’s pipelines is ‘call to action,’ top cyber official says

San Bernardino County Sheriff's Department shuts down internet systems following recent cyberattack

San Bernardino County sheriff's office struggling to recover from ‘malware’ incident

Scammers Impersonate Meta in Facebook Campaign With 3200 Profiles

Shields Health Care Group data breach impacted more than 2.3 million patients

Southeastern Louisiana University Faces Questions About a Possible Data Breach Following Cybersecurity Incident

Southeastern Pennsylvania Transportation Authority (SEPTA) data breach class action settlement

Spain to implement biometric debit and credit cards

Study of past cyber attacks can improve organizations’ defense strategies

Swiss newspaper hackers threaten data release 'unless ransom paid'

Tackling cyber security challenges that come with hybrid work

Tech (non)support: Scammers pose as Meta on 3,200-plus fake profiles in Facebook account takeover ploy

The Business Risks and Costs of Source Code Leaks and Prevention Tips

The Indigo Cyberattack Is a Warning of Things to Come

Tomiris and Turla APT Groups Collaborate to Target Government Entities

Top shopping periods see an increase in bot attacks

Understanding AI's Role in Cybersecurity Beyond the Hype

Unlocking the passwordless era

US Consumer Financial Protection Bureau suffers a breach affecting 256,000 consumer accounts

US Court Sentences Russian Crypto Ransom Launderer to Probation and Fine

US Navy Contractor Fincantieri Marine Group Hit by Cyber-attack

US sanctions supporters of North Korean hackers, Iranian cyberspace head

Utah Updates Data Breach Notification Requirements

Vast majority of network restored following cyberattack at Montana State University

VMware plugs security holes in VMware Aria Operations for Logs (CVE-2023-20864, CVE-2023-20865)

Why CISOs and legal need to be on the same page when their company is hacked

Why Cyber Security Awareness Is Important

Yellow Pages Canada confirms cyber attack as Black Basta leaks data

Your Vendor’s Vendor Adds Risk to the Open Source Supply Chain