Editor's Message

Welcome to DBD. On March 8th we celebrated our 4th Anniversary and the 1st Anniversary of our PRiSM application, officially endorsed by the SANS Institute. Despite recent personal issues that have impacted the amount of time I have been able to dedicate to both projects, I have been doing my best to keep everything as up-to-date as possible, and I would like to take this opportunity to thank everyone for their patience and support whilst I navigate through this very difficult time. Stay safe. :)

Monday 1 May 2023

Data Breaches Digest - Week 18 2023

Welcome to this week's Data Breaches Digest, a catalogue of links concerning Data Breaches and Cyber Security that were published on the Internet during the period between 1st May and 7th May 2023.

7th May

49% increase in phishing attacks in Egypt during 1Q 2023

AI set to spark new cybersecurity arms race

April’s crypto scams, exploits and hacks lead to $103M lost

Billions of Facebook users warned over ‘urgent’ email that steals your money – check inbox now

ChatGPT and the new AI are wreaking havoc on cybersecurity in exciting and frightening ways

ChatGPT’s arrival raises personal data theft, hacking risks many times over

Colonial Pipeline attack: two year anniversary

Data Breach Insurance: 3 Things You Should Know

Deus DAO Receives Part of Stolen Funds After Bounty Offer

DEUS Finance loses $6 Million following stablecoin hack

Eurovision 2023: a golden mine for cybercriminals

Former Uber executive sentenced for covering up data breach

Gloucester council praised for cyber attack ‘creative workarounds’ after it crippled services and brought chaos

Hackers Could Use ChatGPT to Infiltrate Vessels

In a new hacking crime wave, much more personal data is being held hostage

India: Cyber crooks are doing extra work!

Kabarak University Facebook hacker demands Sh68,000 to return page

Meet Akira - A new ransomware operation targeting the enterprise

Murfreesboro Medical Clinic reopens some, but not all, services. Attack appears to be work of BianLian

New Cactus ransomware encrypts itself to evade antivirus

New Gmail and Outlook warning - not deleting these dangerous emails will prove costly

New Smashing Pumpkins Album Almost Leaked By Hacker, Says Frontman Billy Corgan

Online criminals are watching so think twice before posting on social media

Password protection should be a priority in a digital world

Payment processing: How to avoid the main PayPal scams

Public information another victim of city’s cyberattack

Ransomware Attacks Increasingly Using AuKill Malware to Disable EDR

Small Business Owners Embrace Managed IT Services for Cybersecurity Confidence

Teen hacker’s latest threat: explicit videos on Kabarak University Facebook page

TikTok has some worrying security flaws that could leave your activity open to anyone

United Arab Emirates (UAE) successfully defends and deters malicious cyberattacks

Website of Asian News International (ANI) goes down after Bangladeshi hacker group targets it a day after attacking the IANS website

Western Digital says hackers stole customer data in March cyberattack

What Are IPFS Phishing Attacks and How Do You Avoid Them?

6th May

A rough year: first a ransomware attack, then a credential stuffing attack affecting more than 1 million patients

After a hacker assault, Western Digital has restored its systems and is contacting affected customers

As India embraces digital transformation, cyber wellness becomes a priority

Aussie organisations pessimistic on cyberattacks

Be careful what and where you click: How to avoid ransomware scams

Billy Corgan forced to pay hacker to stop Smashing Pumpkins leaks

Billy Corgan paid a hacker to stop leaks of new Smashing Pumpkins music

Blockchain Nearly Impossible to Hack – Reasons and Clarity

Church is Latest South Carolina Ransomware Victim

Cyber Attacks...The Dark Side Of Technology

DEUS Finance loses $6M following stablecoin hack

Dragon Breath APT Group Using Double-Clean-App Technique to Target Gambling Industry

Fairfax County Public Schools breach exposed sensitve student information

FBI warns billions of Gmail and Outlook users over bank-emptying ‘spoof’ attack – clean your inbox immediately

FluHorse Android Malware: A New Cybersecurity Threat Exploiting Flutter Framework

Former Uber exec sentenced for covering up data breach

Hong Kong’s OT&P Healthcare apologises after data breach exposes patient details

How Gmail's Blue Checkmarks Could Protect You From Phishing Emails

How K-12 Cyber Compliance Laws Are Proving Effective

Intel Boot Guard OEM Private Key Allegedly Leaked

Intel BootGuard keys leaked through MSI data breach

Medibank faces third class action over cyber breach

Murfreesboro Medical Clinic cyber attack

New PaperCut RCE exploit created that bypasses existing detections

New Vulnerability in Popular WordPress Plugin Exposes Over 2 Million Sites to Cyberattacks

Russia’s IT squad

Shadow Gambit: The Cursed Crew warns players about a phishing campaign for a beta that doesn't exist

Shadow Gambit developers say to beware of scammers offering a fake beta

Tech firms push 'passkeys' to usher in password-free logins

Towns say preparation invaluable in fight against ransomware

Tucson Unified School District (TUSD) personal data exposed on dark web after cyberattack

Twitter says 'security incident' exposed private Circle tweets

Western Digital restores My Cloud services after cyber attack

Zero Trust vs. Zero-Knowledge: What’s the Difference?

5th May

2 Years After Colonial Pipeline, US Critical Infrastructure Still Not Ready for Ransomware

7 Common Endpoint Security Challenges and How to Overcome Them

8 Types of Cyber Attacks You Should Know About

Add 'prompt' to the long list of injection attacks

AI and Risk: The privacy and security perils of ChatGPT

Albany NanoTech Complex hacked, emails were down

ALPHV gang claims ransomware attack on Constellation Software

Aspen Dental falls victim to cyber attack, causing issues with scheduling patients

Bad bots can cause all kinds of harm online. Here's how to protect yourself

Banks warn of big increase in online scams

Barracuda Networks Reports Shift in HTML Malware Tactics

Billy Corgan Paid Hacker Ransom to Prevent Leak of New Smashing Pumpkins Album

BlackBerry Report Surfaces Increasing Rate of Cyberattacks

Catholic Health consultants experience data breach

CertiK Alert: Feet Labs’ Discord Server Breach Detected

CISA Rolls Out Program to Protect Critical Infrastructure From Ransomware

Cisco Warns of Vulnerability in Popular Phone Adapter, Urges Migration to Newer Model

City of Dallas Continues Battling Ransomware Attack for Third Day

City of Dallas recovers after recent ransomware attack

Community Health Systems sued for data breach affecting 1 million

Cork cybersecurity firm sounds the alarm over EvilProxy phishing threat

Coronation scams: Look out for fake emails, websites and cold calls

Coronation scams targeting UK shoppers, police and experts say

Creating A Culture of Security In Your Hospital & Health System

Critical RCE vulnerability in Cisco phone adapters, no update available (CVE-2023-20126)

Cyber alert issued against 'Royal' ransomware that attacks health, education sectors

Cyber-attack cost conveyancing giant £7m plus lost business

Cyberattack shuts down Raleigh Housing Authority computer systems

Cybersecurity Trends & Statistics; More Sophisticated And Persistent Threats So Far In 2023

Dallas Police Department Compromised in Ransomware Attack

Data Breach Responsibility & Consequences: Should Execs & Employees Be in the Hot Seat?

Defi Hacks: How to Detect Vulnerabilities of the Chain

Don’t resort to the phishing ‘blame game’

Dorel hit with cyber attack; will cost millions to remedy

Ex-Uber security chief sentenced over covering up hack

Ex-Uber chief security officer sentenced to probation for covering up 2016 data breach

Ex-Uber CISO given three-year probation sentence, avoids prison after guilty verdict

Ex-Uber security chief sentenced for data-breach cover-up

Ex-Uber security chief sentenced for 2016 data-breach cover-up

Ex-Uber security chief sentenced to three years of probation for data-breach cover-up

Fleckpe Android Malware Sneaks onto Google Play Store with Over 620,000 Downloads

Former Uber CSO avoids prison for concealing data breach

Former Uber security chief gets probation for covering up data breach

Generative AI vs privacy compliance: Who doesn’t like a happy ending?

Gmail introduces Blue Tick to verify senders, keep phishing emails at bay

Gmail users alerted as blue tick verification begins

Google’s passkey idea — Are biometrics the best option? Maybe not

GroupMe iPad Giveaway, Costco, Walmart, and Tinder — Top Scams of the Week

Hackers sabotage Dallas public facilities, emergency services

Hackers Targeting Italian Corporate Banking Clients with New Web-Inject Toolkit DrIBAN

Hardware-based defenses give hybrid workers endpoint protection

Health care giant Medibank sued over data breach that affected 9.7m people

Healthcare cyberattacks are on the rise: Here's why zero trust will prevent care disruptions

Here's how banks are coping with surge in cyber attacks, phishing, fraud

How to respond if you clicked a Scam or Phishing link on your iPhone?

How to strengthen the weakest link in your cybersecurity chain in the AI era

HTML Attachments: Increased Security Risk – What You Should Know

Isle of Man: Online gas bills suspended after data breach

Japan’s ‘myth of security’ raises cyber attack risk

Kabarak University loses Facebook account to hackers posting controversial content

"Kekw" Malware in Python Packages Could Steal Data and Hijack Crypto

Lack of Visibility: The Challenge of Protecting Websites from Third-Party Scripts

Malicious HTML attachments a popular cyber threat

McPherson Hospital, Inc. Notifies Over 19k Patients of Recent Data Breach

Meta Detects A Hacking Group Having 120 Accounts Linked To Pakistan That Targeted Indian Military Personnel

Minneapolis Data Breach a ‘Worst-Case Scenario’ after Ransomware Attack

More Swiss media groups affected by ransomware attack

Naivas data breach a wake-up call for firms to comply with privacy laws

Navigating the threat landscape: The growing menace of cybercrime

New Android FluHorse malware steals your passwords, 2FA codes

New Android Malware 'FluHorse' Targeting East Asian Markets with Deceptive Tactics

New Android Trojans Infected Many Devices in Asia via Google Play, Phishing

New Android updates fix kernel bug exploited in spyware attacks

NHS launches probe after five-year-old takes records of 150 patients to school to use as 'drawing paper'

North Korean APT Kimsuky Launches Global Spear-Phishing Campaign

North Korean Kimsuky Hackers Using New Recon Tool ReconShark in Latest Cyberattacks

OpenAI Owner of ChatGPT Suffers Data Breach

Optima Tax Relief, LLC Reports Data Breach in the Wake of November 2022 Cyberattack

Organizations brace for cyber attacks despite improved preparedness

Organizations slow to patch GoAnywhere MFT vulnerability even after Clop ransomware attacks

Packagist Repository Hacked: Over a Dozen PHP Packages with 500 Million Compromised

Passwordless Tools Are On The Rise, But Adoption Will Take Time

Payment software company AvidXchange suffers second ransomware attack in 2023

Phishing preys on known brands such as Microsoft and Adobe

PHP Packagist supply chain poisoned by hacker “looking for a job”

Pinnacle Propane Notifies Victims of Leaked Social Security Numbers Following Data Breach

Pro-Russian hackers claim blocking French Senate's website

Prosecution of Former Uber Security Chief Carries Warnings for Cyber Leaders

Ransomware Actors Extort University Via Alert System

Ransomware watchers are finding creative ways to track attacks

RIP World Password Day

Rochester Public Schools Hit by Ransomware Attack

Rochester Schools Confirm Ransomware Attack, Didn't Pay

San Bernardino County pays hackers $1.1 million ransom after cyber attack

Savannah College of Art and Design (SCAD) data breach $375k class action settlement

Security researcher finds trove of Capita data exposed online

Smart meters could be used by hackers to destabilise the power grid, experts warn

Social Media Phishing – The 2023 Cybersecurity Threat

Subscription Trojan Downloaded 600K Times From Google Play

SuperCare Health data breach $2.25 million class action settlement

Sydney cancer treatment centre caught up in cyber attack

The Cybersecurity Friction Between Globalization and Localization

The Double-Edged Sword of Crypto in Ransomware

The growing cost associated with the democratisation of fraud

The impact of ChatGPT on multi-factor authentication

The Merck appeal: cyber insurance and the definition of war

The Typology of Illicit Telegram Channels

Think your data has no value? Scammers disagree

This ransomware gang used the emergency broadcast system to tell university students they've been attacked

Thunder Bay and Sudbury: Gateway Casinos Reopen Following Cyber Attack; Full Gaming Options Available

Top US cyber official warns AI may be the ‘most powerful weapon of our time’

Ukrainian Forces Shutter Bot Farms and Illicit VPN Provider

Urgent calls for worldwide cybersecurity standards

What Are Eavesdropping Attacks and How Can You Prevent Them?

What Is Application Security and Why Do You Need It?

What Is DNS Poisoning? How Do You Stay Safe From It?

What Is Royal Ransomware? CERT-In Warns Organisations Against Attacks Targeting Critical Infrastructure

What We Know About the Group Behind the Dallas Cyber Attack

White House officials discuss AI concerns with security organizations

Will ChatGPT Revolutionize Cybersecurity?

Without Internet Service, Penncrest Schools 'Get Creative'

WordPress custom field plugin bug exposes over 1M sites to XSS attacks

You Must Look Beyond AI To Stay Ahead Of Today's Cybersecurity Threats

Z-Library eBook site disrupted again by FBI domain seizures

4th May - World Password Day

11 Steps to develop an effective ransomware response checklist

78% of survey respondents were targeted by brand impersonation scams

A Decade On – What’s Happened to Crowdsourced Security?

Adna School District Defrauded $346,000 in Phishing Scam

Android Spyware BouldSpy Linked to Iranian Government

Australia to restore dedicated privacy role amid growing data security threats

AvidXchange hit by a second major ransomware attack this year

Berlin Packaging Files Notice of Data Breach Involving “Human Resources Information”

Brightline Hack Exposes Data of Over 780,000 Child Mental Health Patients

Carvin Software Data Breach Affects 187,360 Consumers

CERT-In issues cyber alert against 'Royal' ransomware that attacks health, education sectors

ChatGPT and other AI-themed lures used to deliver malicious software

ChatGPT suffers data breach

Chinese report discloses CIA's role in cyberattacks

CIA staged ‘Color Revolutions,’ hacker attacks around globe – China

Cisco phone adapters vulnerable to RCE attacks, no fix available

City of Dallas attacked by ransomware gang 'Royal', city services still affected

City of Dallas Confirmed Struck By Ransomware, Shutting Down Several IT Services

City of Dallas hit by ransomware

Consumer Group Slams Bank App Fraud Failings

Crown Princess Mary Cancer Centre in Westmead Hospital in cyber attack, hackers threatening to release stolen data

Customer files class action against Squishable following data breach

Cyber alert issued against 'Royal' ransomware that attacks health, education sectors

Cyber attack shuts down Raleigh Housing Authority computer system

Cyber-attack cost conveyancing giant £7m - but the insurers paid up

Dallas, Texas hit by ransomware attack

Dallas City confirms Royal ransomware attack, affecting IT and police services

Dallas disrupted by hackers - courts closed, police and fire sites offline

Dallas ransomware attack causes critical service outages

Data Breach Concerns Arise Amid Montana State University Cyberattack

Discord leaks ‘demoralizing’ for US intelligence agencies

Fending off the fraudsters: how organisations can protect themselves from cyberattacks

Financial Conduct Authority (FCA) urges Capita clients to ascertain if data was compromised in cyber-attack

FluHorse – Check Point Research Exposes Newly Discovered Malware Disguised as Legitimate and Popular Android Apps Targeting East Asia

Fortra GoAnyWhere-Related Health Data Breach Tally Climbs

FTC Likely to Continue Focus on Health Care Data

Gmail gets blue verification checks to protect against spoofing and phishing

Google adds passkey option to replace passwords on Gmail and other account services

Google, Dashlane separately move to eliminate passwords

GuidePoint Study Shows a 27% Spike in Public Ransomware Victims

Hacked university warns of campus text alerts sent by ransomware group

Hacker with a Heart of Gold: Ransomware Gang Apologises After Targeting School

Harnessing the G20’s Potential for Global Counter-Ransomware Efforts

Has the Altruism Model of Open Source Security Peaked?

How the economy is impacting cybersecurity teams

How to Spot a ChatGPT Phishing Website

Insider Threat Detection: What You Need To Know

Kimsuky hackers use new recon tool to find security gaps

Malicious HTML Attachment Volumes Surge

Maxim Healthcare Services data breach class action settlement

Medusa ransomware gang publishes school students' mental health records after failing to secure a ransom

Meta Tackles Malware Posing as ChatGPT in Persistent Campaigns

Meta Takes Down Malware Campaign That Used ChatGPT as a Lure to Steal Accounts

Meta Uncovers Massive Social Media Cyber Espionage Operations Across South Asia

New Fleckpe Android malware installed 600K times on Google Play

Over 75% of global institutions anticipate a successful cyber attack within a year

Phishing attacks are targeting your business more than ever, so watch out

Phishing Attacks Target Bring-Your-Own-Device (BYOD) Through Private Messaging Apps

Physical and Cyber-Attacks on Energy Infrastructure Expected to Continue

Protecting the Future of Digital Identities

Ransomware attack affects Dallas police, court websites

Ransomware attack forces Dallas to shut down courts, disrupts some 911 services

Ransomware Attack on Dallas Shuts Down the City's Online Services

Ransomware gangs display ruthless extortion tactics in April

Ransomware group behind Oakland attack targets city in Massachusetts

Researchers Discover 3 Vulnerabilities in Microsoft Azure API Management Service

Researchers Uncover New Exploit for PaperCut Vulnerability That Can Bypass Detection

Royal Ransomware targeting health and education sectors prompts cyber alert

San Bernardino County paid $1.1 million ransom to hacker of Sheriff’s Department computers

State of cybersecurity in the UK

T-Mobile confirms second data breach in 2023

The Only Password Security Guide You Need Follow in 2023

Top API vulnerabilities organizations can’t afford to ignore

Traditions Bank experienced a data breach; were you affected?

Unpaid open source maintainers struggle with increased security demands

Unwelcome guest: Trigona ransomware group claims they’ve taken up residence in Unique Imaging’s network

US Authorities Dismantle Dark Web "Card Checking" Platform

US insurance giant United HealthCare admits data breach impacted customers' personal information

Vikings Casino group forced to shut down its casinos due to cyber attack

What Is The Dark Web, And How Much Is Your Data Worth There?

What Kinds of Cryptocurrency Crimes Are There?

When Good APIs Go Bad: Uncovering 3 Azure API Management Vulnerabilities

Why containers are susceptible to ransomware and what to do about it

Why the Things You Don't Know about the Dark Web May Be Your Biggest Cybersecurity Threat

WinRAR Weaponized by Hacker Group Against Ukraine State Organizations

World Password Day: Confusion over Password Advice Adds to Top Security Risks for Organizations

3rd May

5 API security best practices you must implement

50% of firms fell victim to ransomware in 2022, despite majority claiming preparedness

An Effective Account Takeover Trick Is Helping Scammers Steal Thousands of Facebook Profiles

Android phone users urged to beware five messages - your bank account could be emptied

Anonymous Sudan claims responsibility for failure of Israel's Iron Dome

Apple and Google Join Forces to Stop Unauthorized Location-Tracking Devices

Apple and Google Unveil Industry Specification For Unwanted Tracking

Are You Concerned About Generative AI Becoming A Cybersecurity Risk?

Attacks increasingly use malicious HTML email attachments

Attackers are trying to exploit old DVR vulnerabilities (CVE-2018-9995, CVE-2016-20016)

Australian privacy rules will “invite cyber crimewave”

Billions of Chrome and Android users warned of important ‘lock’ change – check now or it could cost you

Billions of Gmail and Outlook users warned by FBI over ‘malicious’ message that empties your bank – act fast to avoid it

BlackCat group releases screenshots of stolen Western Digital data

Brightline data breach impacts 783K pediatric mental health patients

Canadian wealth managers notify clients about data breach linked to ‘GoAnywhere’ hack

Card Skimmers and ATMs Used to Drain EBT Accounts in Southern California

Chatham Casino Reopens After Cyber Attack

China’s Hackers Vastly Outnumber U.S. Cyber Agents by 50 to 1, FBI Director Testifies

Chinese Hacker Group Earth Longzhi Resurfaces with Advanced Malware Tactics

CISA Advises Federal Communications Commission (FCC) Covered List For Risk Management

CISA Issues Advisory on Critical RCE Affecting ME RTU Remote Terminal Units

City of Dallas hit by Royal ransomware attack impacting IT services

Clone phishing can trick even the most cautious users

Companies need a wakeup call to fix chronic security shortcomings, cyber experts say

Cyber Risk Index Has Never Been Better but Companies are Still Worried

Cyber-espionage campaigns targeting military personnel in South Asia

Cybersecurity in the Middle East: insights and solutions for oil and energy companies

Dallas city government confirms ransomware attack affecting police and other services

Dallas Ransomware Attack Contained, But Ongoing; Police, Fire Service Uninterrupted

Data breach incident has been contained, says InvestorCOM

Defending Against Known, Unknown & Unknown-Unknown Email Scams

Drone goggles maker claims firmware sabotaged to ‘brick’ devices

Earth Longzhi Uses "Stack Rumbling" to Disable Security Software

Email Encryption for Enhanced Security: What You Need to Know

Emails from Minneapolis Public School officials reveal timeline of data breach

Employee Cyber Security Training - 5 Essential Elements

Facebook disrupts new NodeStealer information-stealing malware

Facing Cybersecurity Risk? Here are 6 Ways to Minimize it

FBI, Ukraine seize cryptocurrency exchanges for abetting cybercriminals

Fears pro-Russian hackers could ruin Eurovision by disrupting broadcasts and silencing the song contest next week

Fortinet Survey Finds 78% of Organizations Felt Prepared for Ransomware Attacks, Yet Half Still Fell Victim

Getting personal: Cyber-experts say scammers are shifting focus from work accounts to personal ones — as avenue to businesses’ information

Gmail is giving companies their own Twitter-style blue checkmarks

Google adds passkeys support for passwordless sign-in on all accounts

Government's New Fraud Strategy Gets Lukewarm Reception

Hackers Exploiting 5-year-old Unpatched Vulnerability in TBK DVR Devices

Hackers start using double DLL sideloading to evade detection

Healthcare’s Recent Cybercriminal Activity Attributed to Ransomware Gangs Cl0p & LockBit

How safe are your passwords? Make yours harder to hack on May 4, World Password Day

IcedID: Exploring Four Recent Malware Infection Techniques

Insurance companies can’t deny Ransomware attack payment, citing “Acts of War” clause

Iranian hackers turn to influence operations to amplify cyberattacks

Ireland: Expert warns of cyber risks for HSE without full IT upgrade

Is two-factor authentication already a thing of the past?

Is Your Critical Software-as-a-Service (SaaS) Data Secure?

Italian water supplier serving 500,000 people hit with ransomware attack

Level Finance Crypto Exchange Hacked, After Two Security Audits

'Look Who Died in an Accident' Facebook Messages Are a Scam

MacBook users beware: Atomic Stealer malware gets new capabilities

Malicious content lurks all over the web

Man accused of targeting woman in £200,000 cyber crime fraud

Marshals Service working to redeploy IT system affected by ransomware attack

Moroccan court upholds jail sentence for French man who bought a car illegally with Bitcoin

Nearly a Quarter of Iran’s Cyber Attacks Directed at Israel

NetOps, Security Pros Overwhelmed by Network Updates

Orqa drone goggles bricked: Time-bomb ransomware or unpaid firmware license?

Payment software giant AvidXchange suffers its second ransomware attack of 2023

Phishing scam via Google search ads stole over $4M from users

Phishing Websites Are Now Promoted via Google Ads; How Can You Protect Your Business?

Police dismantles Try2Check credit card verifier used by dark web markets

Popular service used by cybercriminals to verify stolen credit card info shut down

Prompt notification of cyber insurers can mitigate effects of hacker attacks

Prosecutors Argue for 15 Months in Jail for Uber CISO

Ransomware attack affects Dallas police, court websites

Ransomware attack on City of Dallas knocks police website offline

Researcher hijacks popular Packagist PHP packages to get a job

Reventics failed to prevent data breach, class action alleges

Russian hackers use WinRAR to wipe Ukraine state agency’s data

Sectrio’s OT and IoT threat report uncovers the Chinese intelligence conveyor belt

Seized: 9 Crypto Laundering Sites Used by Ransomware Gangs

Spartanburg County still struggling with ransomware attack. Here's what you need to know

Studies show ransomware has already caused patient deaths

Sweden parliament hit by denial-of-service cyber attack

Sweden's parliament hit by cyber attack

Swedish parliament website hit by DDoS attack

T-Mobile Discloses Second Data Breach...This Year

T-Mobile suffers second data breach this year

The five most dangerous new cyber attack techniques

The Philippines: House asked to probe alleged breach of Philippine National Police (PNP) data

The Philippines: House probe into massive data breach sought

The Shift From Threat Prevention To Cyber Resilience

Three-Quarters of Firms Predict Breach in Coming Year

UK gun owners at risk after cyber attack compromises Rifle Association members’ data

Using Discord? Don’t play down its privacy and security risks

Vendor for Aetna insurance announces data breach

What Is a Malware Attack? Definition, Types, and Prevention

What is a phishing scam?

Why students are at the greatest risk of being scammed

You no longer need a password to sign in to your Google account

Your phone contains your most personal information. Here's how to keep it safe

2nd May

9 out of 10 companies detected software supply chain security risks

47% of security leaders use six to ten communication tools at once

Active Exploitation of TP-Link, Apache, and Oracle Vulnerabilities Detected

Advanced Fee Fraud Surges by Over 600%

AI-generated messages claiming to be loved ones are most successful

An Anti-Trans Doctor Group Leaked 10,000 Confidential Files

Anonymous Sudan says it hacked Israeli rocket alerts, Iron Dome warning

Australia: New privacy enforcer to deal with data breach fallout

Australian law firm HWL Ebsworth hit by Russian-linked ransomware attack

Bitmarck Halts Operations Due to Cybersecurity Breach

Booking.com email scam: what phishing message looks like, how to protect yourself and report emails

BouldSpy Android Spyware: Iranian Government's Alleged Tool for Spying on Minority Groups

Can Better Training Reduce the Success Rate of Phishing Attacks?

Charter Foods, Inc. Notifies 109,194 Individuals of Recent Data Breach

ChatGPT Confirms Data Breach, Raising Security Concerns

Computer System Used To Hunt Fugitives Is Still Down 10 Weeks After Hack

Credential phishing volume increases 527% in the first quarter

Crypto Hacks and Scams on the Rise

Cyber Gets Serious: 71% of Startup Founders Look to Enhance their Cyber Protections

Cybercrime groups find a new target: religious institutions

Data breach exposed Mackenzie clients’ personal data but not holdings, firm says

Data breach reported over St Peter Port rates letters

Data-driven insights help prevent decisions based on fear

Easily exploitable flaw in Oracle Opera could spell trouble for hotel chains (CVE-2023-21932)

Enhancing Cybersecurity in the Transport and Logistics Industry

Fake ChatGPT desktop client steals Chrome login data

FBI seizes 9 crypto exchanges used to launder ransomware payments

Firms need more than trust to secure supply chains

Gone Phishing shares cybersecurity musts for protection from internet hoaxes

Hacker exploits Defi protocol Level Finance

Hackers exploit 5-year-old unpatched flaw in TBK DVR devices

Hackers Exploit High Severity Flaw in TBK DVR Camera System

HealthPlan Services, Inc. Files Notice of Data Breach Impacting Thousands

How Federal Trade Commission (FTC) Enforcement Actions Will Impact Telehealth Data Privacy

How To Build a Cyber Fortress: Lessons From Ancient Greece

Infoblox discovers rare Decoy Dog C2 exploit

Infostealer with hVNC capability pushed via Google Ads

Is legislation the best defence against ransomware attacks?

Jewel-Osco data breach potentially affects thousands of employees

Kaspersky finds no links between Tomiris and Turla APT groups

Leaked Files Show Extent of Ransomware Group’s Access to Western Digital Systems

Level Finance crypto exchange hacked after two security audits

List of Data Breaches and Cyber Attacks in April 2023 – 4.3 Million Records Breached

LOBSHOT: A Stealthy, Financial Trojan and Info Stealer Delivered through Google Ads

Mayday, Mayday our Network is Going Down

Mitigating Email Threats: A Guide To Protecting Your Email From Cyber Attacks

Mullvad VPN’s Office Raided By Police for User Data

New Jersey Appeals Court Affirms War Exclusion Does Not Apply to Cyber Attack

Nigeria: Ways to avoid online recruitment scams

North Korea's ScarCruft Deploys RokRAT Malware via LNK File Infection Chains

Optimising Cyber Security Costs In A Recession

Organisations underestimate ransomware threat

Overcoming the Cybersecurity Risks of Personalized Healthcare

Patient in Leaked Photos Drops Pursuit for Ransom Payment

PENNCREST School District dealing with ransomware attack

Ransomware Attacks on Schools Increased in Q1 2023

Researchers see surge in scam websites linked to coronation

Researchers Uncover New BGP Flaws in Popular Internet Routing Protocol Software

Russia-Linked Hackers Behind Bay Area Health-Care Breach

Samsung's response to data breach: AI ban for staff

Security leaders weigh in on school district ransomware attack

South Korea: Financial companies may shoulder some responsibility for voice phishing scams

South Korean Lures Used to Deploy ROKRAT Malware

T-Mobile announces yet another data breach affecting 800 people

T-Mobile customers impacted by personal data breach

T-Mobile data breach damaging to reputation, industry says

T-Mobile discloses 2nd data breach of 2023, this one leaking account PINs and more

T-Mobile Reveals Second Breach of the Year

T-Mobile sees another data breach compromising social security numbers and more for small group

The 2023 National Cybersecurity Strategy: How Does America Think About Cyberspace?

The costly threat that many businesses fail to address

The Ethics of Selling Hacker Tools

The latest YouTube phishing scam: what are the risks?

The Most Critical Domain Security Risks & Five Ways to Prevent Attacks

The warning signs for security analyst burnout and ways to prevent

Threats, Vulnerabilities, and Risks

Three Ways Organizations Can Mitigate The Insider Threat Conundrum

UK Gun Owners May Be Targeted After Rifle Association Breach

Unlocking the Four C’s of Cloud-Native Security

US Marshals to Unveil ‘Fully Reconstituted System’ Following Ransomware Attack

‘Whack-a-mole’: National Australia Bank’s 38 per cent increase in scam attempts

What Is Petya Ransomware?

Why, And How, To Cyber Harden Industrial Operations

Why Telecoms Struggle with SaaS Security

Why the manufacturing sector needs stronger cyber defenses

Wichita State restoring systems after cyber attack

1st May

3 Ways Businesses Need to Be Savvier than Fraudsters

90 Degree Benefits Facing Class Action Lawsuit Over 181,500-Record Data Breach

After ransomware attack, All India Institute of Medical Sciences (AIIMS) pushes for maintaining cyber hygiene

Alvaria, Inc. Files Data Breach Notice on Behalf of Carrington Mortgage Services

APT28 Targets Ukrainian Government Entities with Fake "Windows Update" Emails

APT41’s PowerShell Backdoor Let Hackers Download & Upload Files From Windows

Billions of iPhone and Android users warned over ‘sneaky’ text attack stealing money in seconds – three red flags

Bitmarck, one of Germany’s largest IT providers, hit by cyberattack

Building Cyber Resiliency in the U.S. Government

Capita: Watchdog warns pension funds over data after hack

CERT-UA warns of phishing campaign targeting Ukrainian organisations with fake Windows update

Chain Reaction: ROKRAT’s Missing Link

Chinese hackers outnumber our cyber staff 50 to 1: FBI director

CISA Launches New Ransomware Vulnerability Warning Pilot For Critical Infrastructure Entities

Cloud Attack Surface Expands, Putting Pressure on Enterprise Security

Cold storage company Americold reports cyberattack to SEC

Colleges and schools across US dealing with ransomware incidents, cyberattacks

Companies Increasingly Hit With Data Breach Lawsuits: Law Firm

Cyber attack on UK gun owners raises concerns of criminals chasing guns

Cybercriminals use proxies to legitimize fraudulent requests

FBI disrupts virtual currency exchanges used to facilitate criminal activity

German IT provider Bitmarck shuts all internal systems following a cyber attack

Google Blocks 1.43 Million Malicious Apps, Bans 173,000 Bad Accounts in 2022

Guide to Staying Safe in Increasingly Digital World

Hackers leak images to taunt Western Digital's cyberattack response

Hackers selling new malware on Telegram that targets macOS users

Hacking Caused 80% of Healthcare Data Breaches in 2022

India: Gujarat companies hit by a new Ransomware-as-a-Service (RaaS) tune

Is misinformation the newest malware?

Key law enforcement computers still down 10 weeks after breach

Latest Reported Data Breaches Impact Variety of Healthcare Orgs

Lockbit 3.0 targets Fullerton India, demands a £2.3 million ransom

Logins for 2.9 million people found on arrested Tokyo man's computer

Mandiant’s M-Trends 2023 report reveals frontline threat intelligence

Massachusetts health plan hit with ransomware and service disruptions

Mysterious Hacker Steals $300,000 In Bitcoin From Russia, Then Donates It To Ukraine

New Decoy Dog Malware Toolkit Uncovered: Targeting Enterprise Networks

New LOBSHOT malware gives hackers hidden VNC access to Windows devices

New Research Shows Ransomware Attacks Resurge with Victims Doubling in 2023

NextGen Healthcare, Inc. Reports Data Breach Affecting Thousands of Individuals’ Social Security Numbers

Oakland Reports ‘Outstanding’ Headway in Ransomware Recovery

One Brooklyn Health Sued over 235K-Record Data Breach

Ottawa hospital’s patient data stolen from test server of communications supplier

Radware Report Sees Religion Fueling More DDoS Attacks

Ransomware & crypto: The growing compliance challenge

Ransomware Gang Claims Edison Learning Data Theft

Ransomware Groups are Exploiting GoAnywhere and PaperCut Vulnerabilities

Recent Cyber Attacks Show the Importance of Cybersecurity for Businesses

Relentless Threat Activity Puts Identities in the Crosshairs

Report shows 92% of orgs experienced an API security incident last year

Report shows nearly 600% annual growth in vulnerable cloud attack surface

Restaurants Under Attack from Cybercriminals: How to Protect Your Business

Russian hacker group targets Ukraine’s government with new phishing campaign

Russian Hackers Killnet Executed a Cyber Attack on European Air Traffic Control Agency Eurocontrol

Several Israeli websites, including Knesset, two major ports, targeted in new cyberattacks

Sophos: Hackers utilize “Living off the Land” binaries (LOLBins) to attack organizations

South Africa under cybercrime siege, warns Surfshark

T-Mobile discloses second data breach since the start of 2023

The AI Takeover: Cybersecurity Tool or Terminator?

The Most Dangerous Known Hacker Groups

The Security Risks of Running a Cryptocurrency Exchange

Threats in cyber security: a small business guide

UK pension funds warned to check on clients’ data after Capita breach

US Marshals Service still recovering from February ransomware attack affecting system used by fugitive hunters

US Wellness confirms data security incident

Using just-in-time access to reduce cloud security risk

Using multiple solutions adds complexity to your zero trust strategy

Vietnamese Threat Actor Infects 500,000 Devices Using 'Malverposting' Tactics

Wanted Dead or Alive: Real-Time Protection Against Lateral Movement

Warning for New Zealand companies active in Australia of their need to comply with the Australian Privacy Act

Watchdog warns pension funds over data after hack

Western Fair casino reopens, two weeks after ransomware attack

What the Cybersecurity Industry Can Learn From the Silicon Valley Bank (SVB) Crisis

What’s the Difference Between a DOS and DDoS Attack?

Why Is Cybersecurity Important for Your Business? Neglecting It Could Be Your Downfall

Why Ransomware is Still a Successful Form of Cyber Crime

Why The Data Security Lifecycle Is Essential For Reducing Cost And Risk

Z-Library’s Closure Raises Tough Questions About Access