Editor's Message

Welcome to DBD. On March 8th we celebrated our 4th Anniversary and the 1st Anniversary of our PRiSM application, officially endorsed by the SANS Institute. Despite recent personal issues that have impacted the amount of time I have been able to dedicate to both projects, I have been doing my best to keep everything as up-to-date as possible, and I would like to take this opportunity to thank everyone for their patience and support whilst I navigate through this very difficult time. Stay safe. :)



Monday, 8 May 2023

Data Breaches Digest - Week 19 2023

Welcome to this week's Data Breaches Digest, a catalogue of links concerning Data Breaches and Cyber Security that were published on the Internet during the period between 8th May and 14th May 2023.


14th May

Beware of malware: How Indian government officials are being targeted by Pakistani hacker groups

Farmers impacted by Natural England data breach

Google to expand its Dark Web monitoring tool to all Gmail users

Hackers target Wordpress plugin flaw after PoC exploit released

'Is anyone else terrified?': Doctors concerned as GPs are targets of ransomware attacks monthly

PayPal Phishing Scam Is Latest to Challenge San Diego Computer Users

Security firm claims there’s been a 40 per cent rise in cybercrime

Stay Safe from Cyber Scam

The Philippines: National Privacy Commission (NPC) investigates GCash incident for possible data breach

The threat of nation-state attacks in energy is growing

The top tactics hackers use to break into your system – And how to stay safe

Toyota: Tragic Data Breach, 2 Million Vehicles Affected For Ten Years

Weaponization of legitimate tools

13th May

7 stages of the cyber attack lifecycle

A ransomware source code leak spawned at least 10 ‘Babuk’ imitators, researchers say

AI’s key role in cybersecurity and national security

An Overview Of Supply Chain Attacks And Protection Strategies

Billions of iPhone and Android users warned over ‘dangerous’ bank-draining message – watch out for red flags

Capita warns customers they should assume data was stolen

Did Oakland have right cyber insurance before the ransomware hack? Expert weighs in

Discord Warns of User Data Leak After Support Hack

EE issues warning to iPhone and Android users over confusing two-word texts

EE warns millions of iPhone and Android users over ‘two word’ text that raids your bank - how to spot it

Eight security recommendations to protect your social media accounts from hackers

Hacker who took over Biden, Musk Twitter accounts pleads guilty

Lockbit Ransomware Group Claims Crippled BSI, Threatens to Spread Data of Millions of Customers

Millions of Android phones are shipping with malware already installed

National Privacy Commission (NPC) probes possible data breach after GCash glitch

New cyberthreat in the horizon: QakBot malware

New Phishing-as-a-Service Platform Lets Cybercriminals Generate Convincing Phishing Pages

New scam alert: Email scammers posing as TV Licensing could steal your information

OpenAI Confirms ChatGPT Data Breach

Privacy body looking into possible breach of personal data in GCash 'glitch'

Ransomware attack on PharMerica affected 5.8 million patients

Russia-affiliated CheckMate ransomware quietly targets popular file-sharing protocol

SchoolDude Data Breach Exposes 3 Million User Accounts, According to Brightly

Swiss robotics major ABB confirms being hit by ransomware

The Ultimate Guide to Multi-Factor Authentication

U.S. Department of Transportation investigating HUGE data breach impacting 237,000 federal employees personal information

Uintah Basin Healthcare Data Breach Affects Over 100,000

US Department of Transportation says cyber attack still unidentified

Watch out - that urgent PayPal email could be a phishing scam

12th May

17 Tech Experts Share Best Practices For Managing Customer Data

A ransomware source code leak spawned at least 10 ‘Babuk’ imitators, researchers say

ABB confirms IT security incident impacting operations

Amazon/Amazonitara, Walmart, Netflix, ShareFile - Top Scams of the Week

“An avenue of redress”: Office of the Australian Information Commissioner (OAIC) launches probe into Medibank hack

Anonymous Hacker Group Warns Pakistan Government Amid Deadly Protests: 'Expect Us'

ARC Document Solutions, Inc. Experiences Data Breach in the Wake of Recent Cyberattack

Are Alternative Investment Firms Becoming Over-Reliant On AI To Solve Their Cyber Challenges?

Automation specialist ABB ‘hit by Black Basta ransomware attack’

Beyond Zero Trust: Is The Security Stack Loaded Enough?

Billions of Android and iPhone users issued US government warning over bank-emptying attack - four steps to safety

Bl00dy Ransomware Gang Strikes Education Sector with Critical PaperCut Vulnerability

Brightly says SchoolDude data breach spilled 3 million user accounts

Cambridge Student Union (SU) made ‘fundamental mistakes’ with student self-id data, report finds

Capita cyber-attack: Universities Superannuation Scheme (USS) pension fund members’ details may have been stolen

Capita leaks personal data from Colchester Council

Card 'ID Theft' Fraud Doubles in 2022

Carvin Wilson Software Failed to Prevent 2023 Data Breach Affecting 187K People, Class Action Alleges

CISA: Bl00dy Ransomware Gang using printer vulnerability to attack schools

CISA warns of critical Ruckus bug used to infect Wi-Fi access points

CISOs’ confidence in post-pandemic security landscape fades

Consider cybersecurity insurance

Criminals exploiting trusted brands in phishing attacks

Cyber landscape: META region detects 400K malicious files daily

Cybercriminals have adapted since Microsoft’s decision to block macros

Cybersecurity: Genesis Hacker Marketplace Is Still Functional Despite Police Recent Raid

Cybersecurity expert shares tips on how fintech firms can avoid phishing

Dallas Officials Say Ransomware Recovery Could Take Months

Data breach: Toyota exposes millions of Japanese customers' data due to human error

Data breach at broadband provider WhizComms affects 24,000 customers

Data breach at Community Health Systems puts 1.2 Million patients at risk

Debunking Three Myths About Ransomware

Decade-long Toyota data breach puts two million customers at risk

Difficult choices as cyberinsurance premiums rise

Discord discloses data breach after support agent got hacked

Eight ways to guard against botnet attacks on enterprise networks

Employee records exposed in Ambulance Victoria data breach

Essential Addons Plugin Flaw Exposes One Million WordPress Websites

Ex-Ubiquiti dev jailed for 6 years after stealing internal corp data, extorting bosses

FBI: Bl00dy Ransomware targets education orgs in PaperCut attacks

Fontainebleau Florida Hotel, LLC Notifies 18,653 Individuals of Recent Data Breach

Former Uber CSO Sentenced to Probation, Fined for Data Breach Cover-Up

Fraud victims risk more than money

Greatness phishing-as-a-service threatens Microsoft 365 users

Hacker marketplace still active despite police 'takedown' claim

Hackers claim to sell confidential data of US critical infrastructure manufacturer

Hackers Post Data to Dark Web After Massachusetts Cyber Attack

HC3 issues warning about widely used data backup software

How cyberstalkers could access your iPhone using the Windows Phone Link app

How to protect your identity online

Identity Governance: Right People, Right Access, Right Time

Infoblox report reveals 66% of UAE organisations experienced data breaches in the past year

Intel Boot Guard keys leak as a result of MSI data breach - what this means for you

Intel “Scrambling” for Solutions After Massive Data Breach

IT Services Giant Bitmarck Suffered a Cyber Attack Disrupting Health Insurers’ Operations

Kenya's Kabarak University regains access to Facebook page defaced by Asian hacker

Leaked Babuk Code Fuels New Wave of VMware ESXi Ransomware

Let’s put an end to secrecy and cover-ups in ransomware attacks

Listen how AI can clone your voice, use it in phishing scams

Majority of phishing attacks in Azerbaijan aimed at ordinary users

Manual processes dominate Third Party Risk Management (TPRM) as security incidents increase

Manufacturers Targeted as Ransomware Victim Numbers Spike 27%

Medusa ransomware gang hits Australian cancer treatment centre, demands a $100,000 ransom

Mercer University Posts Notice of Recent Data Breach Compromising Student and Faculty SSNs

Merck's $1.4 billion cyberattack claim – the specter of NotPetya

More Than 45,000 Met Opera Customers Exposed in Data Breach

Mother’s Day Phishing & Shopping Scams 2023: Amazon/Costco Giveaway, Samsung, Michael Kors

Mother’s Day Scams: Targeted Attacks on the Rise

Murfreesboro Medical Clinic Closes for Nearly 2 Weeks After Data Breach

NCSC and ICO challenge myths around reporting cyber attacks

Netgear Routers' Flaws Expose Users to Malware, Remote Attacks, and Surveillance

New Flaw in WordPress Plugin Used by Over a Million Sites Under Active Exploitation

New Stealthy Variant of Linux Backdoor BPFDoor Emerges from the Shadows

PaperCut Software Flaw Sparks Ransomware Attacks, CISA Warns

Pennsylvania law firm faces class action following data breach

PointsBet Suffers Crypto Phishing Hack, Customer Emails Called Safe

Ransomware Attacks on Public Institutions

Ransomware Group Uses Communication System of University

Ransomware Trends 2023: Fewer Attacks, More Sophistication

Researchers Uncovered C2 Infrastructure Used by Baking Malware Ursnif

San Bernardino County in California paid a $1.1m ransom to regain access to encrypted systems

Securing digital wallets a shared responsibility

‘Securing e-wallets a shared responsibility’

Software Supply Chain Attacks Hit 61% of Firms

Spanish Police Take Down Cyber Crime Ring that Lifted 700K Euros

Staten Island Hospital operating in network downtime amid ransomware attack

Student Medical Records May Have Been Taken in San Diego Unified Hack

Swiss tech giant ABB confirms ‘IT security incident’

Tackling ransomware with a data-centric approach

The Five Bears: Russia’s Offensive Cyber Capabilities

The State of Cybersecurity in 2023: Trends, Challenges, and Solutions

There are 50,000 cyber-attacks daily in the UAE; here’s how you can help

This WordPress plugin for Elementor leaves websites vulnerable to hackers

Those urgent emails from MetaMask and PayPal are phishing scams

Tips to prevent 'quishing' and protect patient data

Top 3 trends shaping the future of cybersecurity and IAM

Toyota: Car location data of 2 million customers exposed for ten years

Toyota: Data on more than 2 million vehicles in Japan were at risk in decade-long breach

Toyota Admits Decade-Long Data Leak Affecting 2.15 Million Customers

Toyota apologizes for data exposure of more than 2 million vehicles in Japan

Toyota exposed car location data of 2 million drivers for 10 years - what you need to know

TV licence scam: As Action Fraud reports a surge in customers being targeted via email, here's how to spot the signs

Uintah Basin Healthcare Posts Notice of Data Breach Following Cyberattack

Universities Superannuation Scheme (USS): Important information about Capita’s cyber incident

Using the MITRE ATT&CK framework for cyber-defence

Val Verde schools confirm data breach from 2022

VPN vulnerability linked to ransomware attack on Law Society

We Energies warns of online scam impacting dozens of customers

Western Digital Admits that Users’ Personal Data Was Compromised in the Company’s Hack

What Are Phishing Attacks? Ultimate Guide to Phishing

What is Malware Attack? Types, Methods, Distribution, Protection

When it Comes to Cybersecurity, ChatGPT Needs to Go Back to School

Why QR code scams are getting common and how not to be the next victim

WordPress Plugin Vulnerability Exposed Ferrari Website to Hackers

'World's biggest fraudster's paradise' is STILL active despite FBI-led raid on hacker marketplace: Identical version of cyber-bazaar which sold stolen logins for banks, Facebook and Amazon is on the darknet

XWorm Malware Exploits Follina Vulnerability in New Wave of Attacks

11th May

3 hospitals, health systems facing lawsuits for data breaches

7 Cybersecurity Tips for Digital Nomads

47% of all internet traffic came from bots in 2022

A Former Hacker’s Guide to Boost Your Online Security

A new scary ransomware group is on the rise

A Startup Guide To Phishing Attacks and Prevention Tips

Advice from the ISACA Ransomware Response Checklist

Akira ransomware - what you need to know

Ambulance Victoria data breach reveals drug and alcohol tests of graduate paramedics

America’s Most Cybersecure Companies Methodology: How We Crunch The Numbers

Amtel, LLC dba Connectivity Source Notifies 17,835 Current and Former Employees of Recent Data Breach

Andoryu Botnet Exploits Critical Ruckus Wireless Flaw for Widespread Attack

Australia, New Zealand join forces to tackle Latitude data breach

Australian software giant won’t say if customers affected by hack

Automotive industry employees unaware of data security risks

Babcock University Confirms Hack Of School Website After Hacker Threatened To Leak Sensitive Data Of Students

Babuk code used by 9 ransomware gangs to encrypt VMWare ESXi servers

Babuk Source Code Sparks 9 Different Ransomware Strains Targeting VMware ESXi Systems

Bad Bots Now Account For 30% of All Internet Traffic

Billy Corgan Paid Off Hacker Who Threatened to Leak New Smashing Pumpkins Songs

Bitcoin Security and the Human Factor: Understanding How Human Error Can Affect Bitcoin Security

Blockchain Technology & Cybersecurity: Strengthening Online Security

Breach of Mental-Health Records Challenges Nation’s Court System

Brightly warns of SchoolDude data breach exposing credentials

British hacker pleads guilty to hacking schemes, faces 77 years in prison

CACTUS ransomware evades antivirus and exploits VPN flaws to hack networks

Camp Lejeune Phishing Scam Targets Victims

ChatGPT, Bard, Bing AI can be used by scammers

CISA Addresses 'Cyber Poor' Small Biz, Local Government

City of Dallas Suffers a Ransomware Attack Disrupting Core IT Systems

Common K-12 Data Security Issues and How to Solve Them

Consumer Financial Protection Bureau experiences data breach affecting consumers, financial institutions

Cyber security service plan for businesses in Bahrain

Cybersecurity in Health Care: Critical to Patients, Medical Providers

Data at risk in elite Australian schools

Data breaches continue to be a problem, with one account being leaked every second in Q1 2023

Detecting and Responding to a Data Breach

Digital minefield deepens

Dragos blocks ransomware attack, brushes aside extortion attempt

Dragos says it thwarted extortion bid by known ransomware threat group

Elementary Data Breach Questions Remain, My Dear Capita

ESXi ransomware derived from Babuk code on the rise in early 2023

Eurovision bosses 'very confident' with plans to prevent Russian cyber attack

Eurovision Organisers Concerned About the Threat of Cyber Attacks

Eurovision prepares for potential cyberattack from Russian hackers

Ex-Ubiquiti engineer behind “breathtaking” data theft gets 6-year prison term

Experts challenge myths around reporting cyber attacks to help break cycle of crime

Fake websites impersonating link to ChatGPT pose high risk

FBI gives official warning to Gmail and Outlook users as bank drain messages help steal $3.1billion – check danger list

FBI warns all Gmail and Outlook users over ‘spearphishing’ attack that can take everything – check your messages now

Five Most Common Ransomware Strains

Former Ubiquiti dev who extorted the firm gets six years in prison

GCash secure, but phishing scams threaten users

GitHub Extends Push Protection to Prevent Accidental Leaks of Keys and Other Secrets

Google notifies users about dark web exposure

Google to expand Dark Web monitoring to all Gmail users in the U.S.

Google’s New AI Tool Poses Threat To Crypto Space

"Greatness" Phishing Tool Exploits Microsoft 365 Credentials

GRIT Ransomware Report: April 2023

Hacker group publishes stolen Swiss media data

Hackers Are Targeting Abandoned Meme Tokens in Almost-victimless Crime

HC3 Warns Healthcare of Cyberattacks Against Popular Data Backup Software

How to Tackle the Four Most Common SecOps Challenges

Incident of the Week: Sysco confirms data breach impacting company, supplier and employee data

Leaked data from tobacco giant Philip Morris posted to 4chan

Majority of cyber fraud incidents in India are ‘platform' frauds

Microsoft patches bypass for recently fixed Outlook zero-click bug

MITRE publishes policy checklist for healthcare cybersecurity

Multinational tech firm ABB hit by Black Basta ransomware attack

National Cyber Security Centre (NCSC) and Information Commissioner’s Office (ICO) Dispel Incident Reporting Myths

National Gallery of Canada recovering from a ransomware attack

NCSC and ICO Collaborate in Cyber-attack Transparency Push

New APT Group Red Stinger Targets Military and Critical Infrastructure in Eastern Europe

New DownEx malware campaign targets Central Asia

New Mexico Department of Health Data Breach Exposes Decedent Health Information

North Korean Hackers Behind Hospital Data Breach in Seoul

People are just realizing using certain apps on public Wi-Fi can cause dangerous data leaks – how to protect your bank

‘Play’ ransomware group releases 5GB of Lowell data

PointsBet Hacked With Crypto Phishing Email, Says User Data Secure

PointsBet Warns Customers About Crypto Phishing Scam

Physicians Regional part of class action lawsuit of breach of patient records

Preparing Business Defenses: How World Events Impact Us

Ransomware attack gets personal for Dragos chief

Ransomware Attacks Adapt With New Techniques

Ransomware group claims responsibility for cyberattack on Mercer Univerity’s systems

Ransomware Group Tries and Fails to Extort Security Vendor Dragos

Refined methodologies of ransomware attacks

Richmond University Medical Center suffers ransomware attack; unclear if patient info compromised

Risk of cyber-attack “worry” for Eurovision contest

Russia-affiliated CheckMate ransomware quietly targets popular file-sharing protocol

Scammers target WhatsApp users with phishing attempts

Seacom hit by cyber attack

Securing Energy and Utility Sectors Amid Critical National Infrastructure (CNI) Cyber Threats

Security leaders chime in after ex-Uber security chief is sentenced

Simple methods to secure your data when playing online video games

Smashing Pumpkins Billy Corgan Paid Hacker A Ransom To Not Leak Songs

SMEs warned to keep on top of cybersecurity

South Africa: Department of Justice nailed for negligence after ransomware attack

South African companies being hit by ransomware...hard!

Spanish Police Takes Down Massive Cybercrime Ring, 40 Arrested

State-backed cyber exclusions at Lloyd’s could cause disputes

Stealthier version of Linux BPFDoor malware spotted in the wild

SuperCare Proposes $2.25 Million Settlement to Resolve Data Breach Lawsuit

Tech Provider ABB Struck By Black Basta Ransomware Attacks

Tennessee, Georgia colleges respond to cyberattacks as school year wraps up

The Dark Side of Bitcoin Faucets: Scams and Fraudulent Practices to Watch Out For

The Effects Of Cybercrime On Small Businesses

The Importance of Data Protection

This data platform will help banks share criminal intelligence

Those urgent emails from MetaMask and PayPal are phishing scams

Threat Actors Use Babuk Code to Build Hypervisor Ransomware

Traffic to malicious sites surges through March

Twitter Hacker Admits Guilt in New York Court, Extradited from Spain

U.S. Justice Department Extradites Notorious Twitter Hacker and Alleged Crypto Thief From UK

U.S. Making Progress in Fight Against Ransomware

UK ‘increasingly concerned’ ransomware victims are keeping incidents secret

UK's National Crime Agency wins major legal challenge over Encrochat hack

Understanding the Backdoor Debate in Cybersecurity

Understanding the Intersection Between Image Annotation and Cybersecurity

Understanding the risks of cyberattacks on the farm

Urgent need for businesses to prioritize cybersecurity

US T-Mobile retailer breach exposed over 17k Social Security numbers

US-led ‘Five Eyes’ alliance dismantled Russia’s ‘premier espionage cyber-tool’

Vietnam: Campaign to steal users' passwords for Office 365 accounts discovered

VK hit with ‘exorbitant’ $780 fine after data breach compromised 3.5M users’ personal records

Wabtec faces class action over data breach that compromised employee data

Watch Out for These Delta Air Lines Scams!

Weak passwords are the biggest threat to organisational cybersecurity

What Are Lookalike Domains & How to Detect Them

WhatsApp Scams You Should Be Wary Of

Which Cyberattack Vectors Were Most Pervasive in 2022? (Part 1)

WhizComms data breach: About 50% of customers affected, notified on May 10

Why more transparency around cyber attacks is a good thing for everyone

Why Should You Take IT Security Seriously?

Why take the whole-of-state approach to ransomware protection and remediation

WordPress Elementor plugin bug let attackers hijack accounts on 1 Million sites

10th May

4 ways to secure your remote work setup

2020 Twitter Hacker Extradited to US, Pleads Guilty to Wire Fraud

56,000+ cloud-based apps at risk of malware exfiltration

A Decade of Fighting Bad Bots: Key Learnings from the 2023 Imperva Bad Bot Report

“Actual” domain hijacking in crazy cybersquatting dispute

Australia, New Zealand launch joint investigation into Latitude after massive data breach

Australia's TechnologyOne halts trading after being hit by cyber attack

AvosLocker hackers target Bluefield University's internal systems, demand a ransom

Be Aware of These Types of Phishing Attacks

Beating cybercriminals at their own game

Billions of Gmail and Outlook users warned to search inbox for two words now – dangerous message can steal everything

Black Basta ransomware attack to cost Capita over £15m

Bristol Community College suffers data breach, thousands affected

British man involved in Twitter hack extradited to US, pleads guilty to numerous cybercrimes

CACTUS Ransomware: Prickly New Variant Evades Detection

Capita says Russian cyber attack will cost £20m to clean up

Capita warns of £20m hit from cyber attack

Chattanooga State Community College Suffering from Cyber Attack

Chattanooga State cyber incident cancels some classes through May 26

Cisco warns of new ‘Greatness’ phishing-as-a-service tool seen in the wild

Clop ransomware attack on NationsBenefits impacted Aetna's customer data

Combating phishing and social engineering threats

Companies Still Face Many Barriers to Achieving Digital Trust

Company executives can’t afford to ignore cybersecurity anymore

Corporate Cybersecurity Issues in Vietnam and How to Address Them

Curry County experiences ransomware attack, impacting internal systems

Cyber crisis management: PR dos and don’ts after a data breach

Cyber Security – Gets to Grips with the Facts to Implement it Properly

Cyber-attack to cost outsourcing firm Capita up to £20m

Cyber-Criminals Exploit Hardware Wallet to Steal Almost $30,000

Cybercriminals Aren't Just Attacking Your Software - They're Coming for Your Employees. Level Up Your Company's Cybersecurity With These 4 Steps

Cybersecurity firm Dragos discloses cybersecurity incident, extortion attempt

Data Encryption from Ransomware Highest in 4 Years

‘Don’t click’: The budget night scam texts baiting victims with cost of living support

Dragos releases industrial ransomware analysis for Q1 2023

Dragos Says Ransomware Gang Accessed Limited Data but Failed at Extortion Scheme

Easily bypassed patch makes zero-click Outlook flaw exploitable again (CVE-2023-29324)

Evil digital twins and other risks: the use of twins opens up a host of new security concerns

Experts Detail New Zero-Click Windows Vulnerability for NTLM Credential Theft

Extradited UK hacker pleads guilty to 2020 celebrity Twitter hack

Fake in-browser Windows updates push Aurora info-stealer malware

FBI no longer negotiating with ransomware group that leaked Oakland data

Feds Now Investigating the Lowell, Massachusetts, Cyber Attack

Fraud as a Service: an emerging threat in the cyber landscape

Fraudster behind anomalous GCash fund transfers

Github: A Flexible Cloud Service Increasingly Exploited by State-Sponsored Threat Actors

Hacker ‘PlugwalkJoe’ pleads guilty to 2020 Twitter breach

Healthcare Cyberattacks Linked to Disruptions at Neighboring Hospitals, Study Finds

Healthcare Data Breach At Kansas Hospital Impacts 19K

Hospital vendor sued for data breach affecting 1 million

How AI is helping to advance CEO fraud and BEC attacks

How Much Does Cyber Essentials Cost in 2023?

Iranian Hacking Groups Join Attacks On PaperCut

It’s becoming more common for ransomware to lock up data

Magecart Skimmer Checkout Page Dupes Victim Store Forms

Mastermind Behind Twitter 2020 Hack Pleads Guilty and Faces up to 70 Years in Prison

Microsoft Fixes BlackLotus Vulnerability, Again

Microsoft Patches Three Zero-Day Bugs This Month

Microsoft releases fix for patched Outlook issue exploited by Russian hackers

Microsoft reports two Iranian hacking groups exploiting PaperCut flaw

Microsoft's May Patch Tuesday Fixes 38 Flaws, Including Active Zero-Day Bug

National Gallery of Canada recovering from ransomware incident

Nearly Half Of Ransomware Victims Pay Up, Sophos Finds

Never leak secrets to your GitHub repositories again

New 'Greatness' service simplifies Microsoft 365 phishing attacks

New ransomware Cactus can encrypt its own code

New ransomware decryptor recovers data from partially encrypted files

NextGen sued in federal court after data breach

North Korean hackers breached major hospital in Seoul to steal data

NSA and Allies Uncover Russian Snake Malware Network in 50+ Countries

Ontario school district hit by cyber attack discovers additional info stolen

Op PowerOFF: 13 Domains Linked to DDoS-For-Hire Services Seized

Over 189,000 Files Leaked in Minneapolis Public Schools Data Breach

Philippines’ biggest e-wallet hit by massive phishing attempt

Prevent attackers from using legitimate tools against you

Ranking ransomware: The gangs, the malware and the ever-present risks

Ransomware Encryption Rates Reach New Heights

Ransomware payments nearly double in one year

Ransomware threat against colleges grows, survey finds

RapperBot DDoS malware adds cryptojacking as new revenue stream

Report finds ‘troubling’ trend of a lack of actionable information in data breaches

Risk of cyber-attack is main Eurovision worry, says BBC executive

Scripps ransomware post-mortem reveals significant ripple effects for nearby hospitals

Securing Elections Against DDoS Attacks

Simplify Group’s November 2021 cyber attack cost the firm £6.8 million

Smashing Pumpkins frontman pays ransom to hacker to stop band's new songs leaking online

Sophisticated DownEx Malware Campaign Targeting Central Asian Governments

South Africa: DOJ found guilty of being negligent in its actions to prevent a data breach

Spanish Police Arrest 40 in Phishing Gang Bust

Starting your Zero-Trust Journey

Surge In Phishing Attacks Forces Microsoft To Launch Number Matching As New Security Upgrade

These dangerous phishing attacks are more common than ever - here's what you need to know

To pay or not to pay - ransomware attacks on public institutions

Tokyo MOU Reports Previously-Undisclosed Cyberattack in 2022

Tokyo MOU reveals details of cyber attack

Turla’s Snake malware network disrupted by Five Eyes’ authorities

TV Licence warning issued after huge increase in scams

U.S. Government Neutralizes Russia's Most Sophisticated Snake Cyber Espionage Tool

Understanding the Potential Risks of Using ChatGPT and AI

Western Digital says March cyber attack compromised customers' sensitive personal information

What Every Business Should Know About Cybersecurity Compliance

What is phishing and how to avoid this?

Why Honeytokens Are the Future of Intrusion Detection

Widespread Email Ruse Launched from Israel, an Unlikely Source in Money Grab

Your Android apps are tracking you. Here's how to stop them

9th May

3 Practices To Protect Your Business From A Data Breach

$3.4B of Bitcoin in a popcorn tin: The Silk Road hacker’s story

30 Sobering Cybersecurity Statistics for 2023

62% of CISOs Concerned About Personal Liability for Attacks

85,000+ MS Exchange servers remain vulnerable to severe RCE bugs

95% of organizations that purchased a cyber insurance policy in the last year report a direct impact

A CISO Employment Contract May Mean the Difference Between Success and Jail

Advanced Persistent Threat (APT) Networks: A Force Multiplier in China’s Push for Global Power

AI-powered cyberattacks are evolving at a frightening pace

An Overview of 3CX Supply Chain Attack

As If Bank Failures Aren’t Enough – Hackers Are Exploiting the Chaos to Breach Security

Beware of this new android malware that steals your passwords: Know-more

Billions of Gmail and Outlook users warned over money-stealing ‘odd sender’ hiding in your inbox – spot red flags now

Billy Corgan Paid Off A Hacker Who Threatened To Leak Smashing Pumpkins’ New Album; Says ‘The FBI Got Involved’

Biman Bangladesh employees facing 'salary delays' due to cyber attack

CISOs Worried About Personal Liability For Breaches

Critical Ruckus RCE flaw exploited by new DDoS botnet malware

Customers' personal info stolen in data breach, Western Digital says

Cybersecurity Is a Major Risk for SMEs

Cybersecurity Needs to Be Part of Your Product’s Design from the Start

Dallas: No Personal Data Leaked During Ransomware Attack

Data Breaches in April 2023 – Infographic

Data from charities taken in coordinated cyberattack

Data ties healthcare cyberattacks to greater disruptions at nearby hospitals

Digital trust can make or break an organization

Dishing On Dish Network: Unpacking A Cyberattack

Email users warned to stay vigilant as scammers masquerade as well-known tech brands

EU's Client-Side Scanning Plans Could be Unlawful

FBI nukes Russian Snake data theft malware with self-destruct command

FBI warns all Android and iPhone owners over ‘intrusion’ that steals everything – check list to see if you’re safe

Feds continue takedowns of DDoS-for-hire ‘booter’ sites

Financial cybercrime: 3 wacky ways to keep your data safe

Five Takeaways From the Russian Cyber-Attack on Viasat's Satellites

Food distribution giant Sysco warns of data breach after cyberattack

Fullerton India Hacked, LockBit Leaks 600GB of Data

Gateway Casinos ransomware attack highlights need for better cybersecurity, says analyst

GitHub now auto-blocks token and API key leaks for all repos

Gmail introduces Blue checkmarks for verified senders to tackle phishing: How does it work?

Government, industry efforts to thwart ransomware slowly start to pay off

Hacker committed ransomware attack on Gaston College

Hackers exploited GoAnywhere vulnerability to access Mackenzie Investments' data

How a Government Worker Extorted Millions From Canadian Businesses

How do information security announcements affect stock markets?

How the HWL Ebsworth hack unfolded, as another Medibank class action is launched

How To Combine Cyber Resilience and Cybersecurity for Maximum Cyber Protection

In focus: Managed Detection and Response (MDR) for healthcare

Indian companies adopt cyber insurance as attacks surge

Is it time for a cyber security hygiene check?

Japan: Justice Ministry website down amid Anonymous criticism of immigration policy

Kabarak University Recovers Facebook Account from Indonesian Hacker, Deletes All Cheeky Posts

Kaspersky tackles 13 million cyber attacks in Egypt during 1Q 2023

Keep Your Company Cyber Competent Without Adding Cyber Anxiety

Kremlin-linked ‘Snake’ espionage malware eliminated, Justice Department says

Microsoft Authenticator push notifications get number matching

Microsoft enables number matching for all Authenticator push notifications

Microsoft fixes two actively exploited bugs, one used by BlackLotus bootkit (CVE-2023-29336, CVE-2023-24932)

Microsoft issues optional fix for Secure Boot zero-day used by malware

Microsoft May 2023 Patch Tuesday fixes 3 zero-days, 38 flaws

Microsoft Warns of State-Sponsored Attacks Exploiting Critical PaperCut Vulnerability

Millions of possible telecom employees' passwords leaked online

Mobile World Congress (MWC) Organiser GSMA Slapped With GDPR Fine Of €200,000 By Data Protection Watchdog

More than 45,000 affected by December cyberattack on Metropolitan Opera

More than 1 million people have SSNs leaked after cyberattack on hospital technology giant

Naivas Data Breach: A Wake-Up Call for Businesses to Prioritise Customer Data Protection

New Botnet Campaign Exploits Ruckus Wireless Flaw

New Linux kernel NetFilter flaw gives attackers root privileges

New Ransomware Strain 'CACTUS' Exploits VPN Flaws to Infiltrate Networks

New York health system notifies patients of 3rd-party data breach

NextGen Healthcare Data Breach: One Million Patient Records Affected

Nigerian Extradited From the UK Sentenced for Cyber Crimes in the US

Npm Packages Vulnerable to Old-School Weapon: the 'Shift' Key

OCBC phishing scam: Only 9 of 120 alleged money mules can be charged due to gaps in law

Only 39% of IT Security Decision-Makers See it As Business Enabler

Operation ChattyGoblin: Hackers Targeting Gambling Firms via Chat Apps

Operation Power Off: 13 More Booter Sites Seized

OT&P Healthcare apologises over data breach, 100k patients reportedly impacted

Petaluma Health Center Files Official Notice of Data Breach Following Recent Cyber-Incident

Play ransomware group targets US City of Lowell, demands a ransom

PRGX Global, Inc. Notifies 13,231 Individuals of Recent Data Breach

Ransomware: Two-thirds of Aussie businesses would pay up, new survey finds

Ransomware claims jump back up

Ransomware claims see 77% spike in early 2023

Regional chaos caused by ransomware attacks on hospitals: Study calls for coordinated response

Researchers Uncover SideWinder's Latest Server-Based Polymorphism Technique

Royal Ransomware Expands to Target Linux, VMware ESXi

Royal ransomware gang quickly expands reign

Safeguarding Your Restaurant From Costly Cybercrime Through Training & Proactive Measures

Security and the power of positive engineering

Singapore pitches new law to slow spread of cybercrime

Spanish police dismantle phishing operation linked to crime ring

State-Sponsored Actors Leading Cause of Cyber Concern in Public Sector

Students, former students, victims of Huron-Superior Catholic District School Board (HSCDSB) cyber attack

SuperCare Health Reaches $2.25M Data Breach Settlement Over Alleged Negligence

T-Mobile US Had Another Data Breach, It’s 7th in 5 Years

The 10 most dangerous computer viruses ever created

The Impact of Cyber Attack on Digital Ecosystem

The Layers Of Cybersecurity: Is Your Company Covered?

The new ransomware strain is picking off big businesses one by one - and yours could be next

The Problem of Old Vulnerabilities — and What to Do About It

The Walking Dead creator allegedly leaked celebrity data

Those urgent emails from MetaMask and PayPal are phishing scams

Threat Tracking: Tracking Threats Across the Dark and Clear Web

Tik Tok Security Flaw: Allowed Hackers To Leak Personal Information

Tips for Gamifying Your Cybersecurity Awareness Training Program

To crack down on phishing, the messaging & communication ecosystem must come together

To enable ethical hackers, a law reform is needed

Tokyo MOU reveals cyber-attack compromised data

U.S. Advances Cyber Defenses Since Colonial Pipeline Attack But More Work Remains, CISA Director Says

U.S. Authorities Seize 13 Domains Offering Criminal DDoS-for-Hire Services

UK and allies expose Snake malware threat from Russian cyber actors

Unattended API challenge: How we’re losing track and can we get full visibility

US busts Russian cyber attack in NATO nations

US disrupts Russian cyber espionage campaign targeting dozens of countries

US healthcare management firm NationsBenefits loses 3 million members' data to Clop ransomware attack

User apathy reduces power of password protection

Western Digital customer data stolen in March cyberattack

What Financial Executives Need to Know and Ask About Cybersecurity

What Is a Passkey? The Future of Passwordless Authentication

What Is Pornware? Here's Everything You Need to Know

What’s Top of Mind for State, Local Government Cybersecurity?

WhatsApp missed call scam alert! Here's how you can protect yourself

White House addresses AI’s risks and rewards as security experts voice concerns about malicious use

White House announces plan to encourage safe AI use

Why health data hacks keep happening

Winnipeg Police warn of Canada Revenue Agency (CRA) phishing scam

Your Digital Soul, protect it or get offline!

8th May

1 Million NextGen Patient Records Compromised in Data Breach

$1.1M Paid to Resolve Ransomware Attack on California County

5G networks to create ‘tsunami’ of sensitive data

8 habits of highly secure remote workers

41% of IT Decision Makers Back Passwordless Authentication for Stronger Identity Security

70% of US IT Leaders Told Not to Disclose Data Breaches

Account Takeover Scenarios: Is Your Business Prepared?

After Twitter & Instagram, Google Gmail Brings Blue Tick To Keep Spam, Phishing Away

AI set to spark new cybersecurity arms race

AI-Enabled Social Engineering: How Businesses Can Safeguard Their Customers

ALPHV gang takes credit for ransomware attack on Constellation Software

Asia-Pacific cyber-attack risks in line with global trends but high attack expectations remain for 2023

Assam Power Distribution Company Limited (APDCL) smart meters are easily hackable; claims Assam techie

Be Aware of the Alarming Rise of Phishing Scams Attacking Your Business

BlackCat ransomware gang claims major cyber attack on Western Digital, leaks stolen data

California county police confirms ransom payment to hackers

Cancer Center Latest Victim of Cyber Attack, Health Data Hacks Persist

Catholic Health Announces Third-Party Data Breach at Minimum Data Set Consultants Leaked Patient Data

Catholic Paper Suffers Data Breach

CERT-UA Warns of SmokeLoader and RoarBAT Malware Attacks Against Ukraine

CISA, FBI Need Data from Cybercrime Victims to Support Policy

Clop ransomware gang deletes data stolen from pediatrics care provider Brightline

Cloud Security In The Age Of Remote Work: Strategies For B2B Success

Colonial Pipeline ransomware attack's unexpected legacy

Cracks, hacks, attacks: California’s vulnerable water system faces many threats

Cyber criminals cash-in as deepfake demand spikes

Cyberattacks on health care are increasing. Inside one hospital's fight to recover

Dallas courts, fire and police networks still crippled from ransomware incident

Decentralized Identity: Gaining Security and Trust for Digital Identities

Don’t struggle with ransomware mitigation alone when there is help available in the form of managed services

Facebook-verified accounts lure users to click on harmful links

FBI seizes 13 more domains linked to DDoS-for-hire services

Five Ways Organizations Can Help Prevent Data Leaks

For every 10,000 residents in southern Nevada, there are 48.9 identity theft reports

Former employee sues Albertsons over data breach

Former Uber CSO sentenced to probation for data breach cover-up

Four reasons to train your employees in cybersecurity in 2023

From Employment To Cryptocurrency Scam: Frauds To Watch Out For This Year

Fullerton India’s data published on the Dark Net

Gamify Your Security Culture for Higher Engagement

Generative AI: A Cybercriminal’s New Best Friend

Google Now Lets You Use Passkeys Instead of Passwords - Here’s How It Works

Google warns against new phishing attack on Gmail and YouTube Users

Hackers stole database with customer info from Western Digital

Healthcare Hackers Shifting Tactics to Fewer Hits, More Records Stolen

How ChatGPT Could Worsen the ‘Scam Pandemic’

How insurance-linked securities can improve cyber-security in India

How the ZeuS Trojan Info Stealer Changed Cybersecurity

How To: Mitigate Burnout for Cybersecurity Staff

How To Protect Your Password Against AI

How to Set Up a Threat Hunting and Threat Intelligence Program

Intel investigating leak of Intel Boot Guard private keys after MSI breach

Iranian hacking groups join Papercut attack spree

Iranian state-sponsored hackers exploiting printer vulnerability

Latitude Finance breach affecting customers of many current and former businesses

Looming Threats Face California’s Water Infrastructure

Making The Most Of Your Advisory Board’s Data Security Expert

Medicalodges, Inc. Reportedly Experiences Data Breach Affecting Patients’ Social Security Numbers

Microsoft enforces number matching to fight MFA fatigue attacks

MSI Data Breach: Private Code Signing Keys Leaked on the Dark Web

MSI’s firmware, Intel Boot Guard private keys leaked

Murfreesboro Medical Clinic Releases Information on their Tuesday Schedule after Last Week's Criminal Cyber-Attack

Nashua grapples with school district hack

NationsBenefits Holdings Confirms 3 Million Record Data Breach

New Android malware discovered that steals your passwords, 2FA codes

NextGen data breach leaves a million at risk

Northern Ireland: Department of Justice tightens IT security following data breach by former civil servant

Our Lady of the Lake University hit with class-action lawsuit over last year's data breach

'Oversaturated’ Aussie threat landscape sparks rise in espionage and supply chain attacks

Personal data, medical history of 100,000 patients may have been leaked in cyberattack at Hong Kong group OT&P Healthcare

QR codes used in fake parking tickets, surveys to steal your money

RansomHouse claims major ransomware attack on US payments giant AvidXchange

Ransomware Attack Results in 2 Week Shutdown of Operations at Tennessee Medical Clinic

Ransomware Group Claims Attack on Constellation Software

Ransomware Ratchets Up The Pressure

Ransomware Still Attacking Dallas City Government

Ransomware Task Force report two years later: Mixed signs of success

Remote workers are still more vulnerable to hackers than they should be. Here's what to do

Remote working is here to stay: but can you ensure it’s safe, effective & productive enough?

RoadSafe Traffic Systems, Inc. Notifies 9,632 Consumers of Recent Data Breach

San Bernardino County pays $1.1M ransom to hackers who breached Sheriff’s Department

Security vulnerability found in TikTok put user activity at risk

SideCopy Using Action RAT and AllaKore RAT to infiltrate Indian Organizations

Singapore: Bill allowing early action to thwart scams, voyeurism, phishing and other online crimes tabled in Parliament

Singapore: Only 9 of 120 suspected money mules in OCBC phishing scam could be charged; 790 victims lost $13.7 million

Smashing Pumpkins' Billy Corgan got Blackmailed into Paying Ransom After Hacker Threatened to Leak the Band's New Songs

T-Mobile’s Second Data Breach of 2023 Impacts Fewer Customers, But Involves Much More Sensitive Information

That MSI Data Breach Included Some Really Bad Private Code Signing Keys

The journey to cyber security maturity, resilience

The Netherlands: Suspect arrested after data theft and threat

The True Cost Of Digital Negligence: Why Tech Companies Must Take Digital Stewardship Seriously

Three ways to leverage cyberpsychology to prevent attacks

Two years after Colonial Pipeline attack: Are we better prepared for ransomware

UAW Retiree Medical Benefits Trust Announces Third-Party Data Breach Affecting Members’ Confidential Information

United Arab Emirates: Emotional cyber frauds on the rise in region - Scammers send personalised mails, messages to con people, warn experts

University alert system commandeered by hackers to declare threats

Urgent email alert issued to everyone with a TV licence - ignoring it could cost you

Urgent TV licence warning issued as con artists create new scam

USA Is The Biggest Threat To Global Cybersecurity

Website of Romanian Ministry of Education hacked, says education is “waste of time”

Western Digital Confirms Customer Data Stolen by Hackers in March Breach

Western Digital confirms ransomware actors stole customer data

Western Digital Confirms Ransomware Group Stole Customer Information

Western Digital Sends Customers a Notification About The Leakage of Personal Data

Western Digital store offline due to March breach

What Is Juice Jacking?

Why the 'Why' of a Data Breach Matters

WordPress bug threatens 2 million websites

Your Twitter Circle is finally "safe"

Your voice could be your biggest vulnerability