Editor's Message

Welcome to DBD. On March 8th we celebrated our 4th Anniversary and the 1st Anniversary of our PRiSM application, officially endorsed by the SANS Institute. Despite recent personal issues that have impacted the amount of time I have been able to dedicate to both projects, I have been doing my best to keep everything as up-to-date as possible, and I would like to take this opportunity to thank everyone for their patience and support whilst I navigate through this very difficult time. Stay safe. :)

Monday 15 May 2023

Data Breaches Digest - Week 20 2023

Welcome to this week's Data Breaches Digest, a catalogue of links concerning Data Breaches and Cyber Security that were published on the Internet during the period between 15th May and 21st May 2023.

21st May

6 Ways To Protect Yourself From Common Online Travel Scams This Year

2023 Telesign Trust Index Finds Companies Responsible For Protecting Privacy, Not Consumers

Android phones are vulnerable to fingerprint brute-force attacks

AT&T issues warning to billions of Gmail and Outlook users over bank-draining ‘fear message’

How to defend HR against social engineering attacks

How To Protect Cryptocurrency From Hackers And How To Report A Cryptocurrency Hack

How To Recognize And Fight Against Online Frauds?

Huron-Superior Catholic District School Board should be more transparent to taxpayers

Lowell: Cyberattack impact lingers

Password Protection: How to Keep Your Online Shopping Accounts Secure

PyPI Repository Under Attack: User Sign-Ups and Package Uploads Temporarily Halted

Russia now knows who hacked Medibank, but it’s doing nothing about it

Selling SIM, e-wallet accounts makes you prey to scammers

Tornado Cash Governance Compromised: TORN Price Dips 25%

What the hack? Microsoft detects on average 156,000 business email compromise attempts daily

20th May

5 signs your security camera was hacked and steps to prevent it

2021 data breach exposed data of 70 Million Luxottica customers

AI-Based Threats and Scams to Watch Out For

Amsterdam court hears case against alleged hacker, “DataBox”

As FBI warns hackers are using public charging stations to steal your iPhone data...here's how to protect yourself from bugged ports

Billions of Android, iPhone & Gmail users warned over two bank messages that destroy your savings – check your inbox now

Cloned CapCut websites push information stealing malware

Don’t fall for this sneaky notification that’s fooling people on Facebook and Instagram

EE warns every customer over text which could empty your bank account

Financial Protection: Victim of identity theft? Essential steps to take now

'Fraud is fun': Teen hacker charged with breaking into DraftKings accounts leading to theft of $600,000

Increasing Ransomware Threats Targeting Microsoft Devices

Inside The World Of Crypto Exchange Hacks

IT Leaders Told to Maintain Data Breach Confidentiality Despite Possible Repercussions

KeePass Master Password Vulnerability - Fix Available in Early June

Managers beware: How you can immediately improve IT security in your company

Meet 'Jack' from Romania! Mastermind Behind Golden Chickens Malware

Microsoft detected 35 million business email compromise attempts

Notorious Cyber Gang FIN7 Returns With Cl0p Ransomware in New Wave of Attacks

npm packages hide TurkoRAT malware in what looks like a NodeJS EXE

Paying Ransomware Is Financing Crime. How Organisations Can Break The Cycle

Peachtree Orthopedics alerts patients to cyberattack; third patient data breach in seven years

PyPI temporarily pauses new users, projects amid high volume of malware

Ransomware threats are growing, and targeting Microsoft devices more and more

San Diego Unified students’ medical data was compromised in fall cybersecurity breach, school district says

Stay Safe: Protect Your Office 365 Accounts from Microsoft Teams Hacking

Suzuki Motorcycle India plant shut after cyber attack, production affected

Suzuki Motorcycle India Suspends Production Due to Fear of Cyber Attack

The Underground History of Turla, Russia’s Most Ingenious Hacker Group

Uniswap targeted by phishing scams as protocol struggles with user retention

Warning: Samsung Devices Under Attack! New Security Flaw Exposed

WhatsApp scams on the rise in South Africa

YouBike hacked from outside Taiwan, user data of 21,000 people exposed

19th May

A Mysterious Group Has Ties to 15 Years of Ukraine-Russia Hacks

Apple fixes WebKit 0-days under attack (CVE-2023-28204, CVE-2023-32373, CVE-2023-32409)

Browser Isolation: A Secure, Effective Replacement for Virtual Desktop Infrastructure (VDI)

CISA warns of Samsung ASLR bypass flaw exploited in attacks

CommonMagic Malware Implants Linked to New CloudWizard Framework

Comprehensive legal framework a must to curb cybercrime

Councils hit by further Capita data breach

Cyber attack at NOSM University forces staff and students to stay home

Cyber attack hits Northern Ontario School of Medicine (NOSM) University, affecting digital systems

Cybersecurity attack against Amazon-owned online pharmacy PillPack exposed user health data

Developer Alert: NPM Packages for Node.js Hiding Dangerous TurkoRat Malware

DISH breach impacts 296k victims, driver’s license numbers exposed

Dish Network likely paid ransom after recent ransomware attack

Don't get scammed by fake ChatGPT apps: Here's what to look out for

Dr. Active Directory vs. Mr. Exposed Attack Surface: Who'll Win This Fight?

Europe: The DDoS battlefield

Experts Warn of Voice Cloning-as-a-Service

FBI misused controversial surveillance tool to investigate January 6th protesters

Food distributor Sysco says cyberattack potentially leaked 125,000 Social Security numbers

Hong Kong accountant loses HK$700,000 in phishing scam, joining 1,408 others who collectively lost HK$26.1 million this year

How business email compromise attacks emulate legitimate web services to lure clicks

How Companies Should Protect Sensitive Data: 6 Practical Tips

How to avoid a crypto phishing attack?

How To Prepare For When (Not If) Your Organization Experiences A Cyberattack

Inadequate tools leave AppSec fighting an uphill battle for cloud security

Incident of the Week: Location data of two million customers exposed in Toyota data breach

KeePass Flaw Exposes Master Passwords

Luxottica confirms 2021 data breach after info of 70 Million leaks online

Making The Most Of A Penetration Test: The Organizational Perspective

MedEvolve OCR Settlement for $350,000 due to Alleged Failures to Protect Data

Microsoft Warns of Increase in Business Email Compromise Attacks

NATO member websites targeted by pro-Russian hackers

Nigerian companies vulnerable to new cyber attack methods

Notorious FIN7 hackers return in Clop ransomware attacks

Philadelphia Inquirer Operations Severely Disrupted by Cyber Attack, Offices Closed for Remediation

Phishing Vendor Sells IP Addresses to Duck Anomaly Detection

Qbot and Mirai Malware Unleash Digital Havoc: Healthcare Industry Suffers as Cyber Threats Surge

Researchers tie FIN7 cybercrime family to Clop ransomware

Royal ransomware group threatens to release sensitive information from City of Dallas

Russian dissident gets three years in prison colony for DDoS attacks on military website

Scanning QR Codes: How to Stay Safe

ScanSource suffers ransomware attack

Searching for AI Tools? Watch Out for Rogue Sites Distributing RedLine Malware

Suzuki Motorcycle India halts operations due to cyberattack

Suzuki Motorcycle India plant shut for a week due to cyber-attack

Teen Charged in DraftKings Credential Stuffing Case

Teen Charged in DraftKings Data Breach

Teen hacker charged in scheme to siphon funds from sports betting accounts

The changing face of cybersecurity industry in the Middle East

The continued evolution of phishing

The Future of Cybersecurity with ChatGPT: How to Stay Ahead of the Curve

Thousands of council workers’ personal data published online in major leak

UMass Memorial to Pay $1.2M to Settle Wage Claims After Ransomware Attack

UPS, Costco, Amazon, and MORE - Top Scams of the Week

Waterloo cybersecurity researchers unmask dangerous hacker

WebKit Under Attack: Apple Issues Emergency Patches for 3 New Zero-Day Vulnerabilities

What are the dangers of ‘fake’, malicious mobile apps and how to guard against them?

What Is a Directory Traversal Attack and How Can You Prevent It?

Why Trust and Evidence Are the New Frontiers of Open-Source Risk

Yum Brands confirms ransomware attack impacted some U.S. employees

18th May

3 Ways Hackers Use ChatGPT to Cause Security Headaches

5 Data Breach Trends to Anticipate This Year

12 new vulnerabilities have become associated with ransomware

18-year-old charged with hacking 60,000 DraftKings betting accounts

42% of IT Leaders Told to Keep Data Breaches Confidential

55% of IT leaders in the US kept data breaches confidential

2023 State of the Threat for Financial Services and Banks

8220 Gang Exploiting Oracle WebLogic Flaw to Hijack Servers and Mine Cryptocurrency

A different kind of ransomware demand: Donate to charity to get your data back

Addressing The Role Of Human Factors In Cybersecurity

Agencies recommend action to protect against ransomware, data extortion threat

American Bar Association class action claims data breach affected 1.3M members

Apple fixes three new zero-days exploited to hack iPhones, Macs

Apple Thwarts $2 Billion in App Store Fraud, Rejects 1.7 Million App Submissions

Apple's App Store Blocks $2bn in Fraudulent Transactions

Are Risks, Vulnerability, and Threats the Same Thing in Cybersecurity?

As more UK patients go private, healthcare providers must bolster cybersecurity efforts

Bangko Sentral ng Pilipinas (BSP) confirms phishing, not hacking, in recent GCash fund transfer scam

Bank of Canada says cyber attack could threaten overall financial stability

Bank of New York Mellon Files Notice of Data Breach Affecting Clients’ Social Security Numbers

Basel Stadt Education Department Hard-Hit by a Massive Ransomware

Building threat intelligence to ‘mature’ your cybersecurity posture

Can a VPN actually help protect you from hackers?

Can Smartwatches Be Hacked?

Canada: Police recover $950K stolen from northern businesses through online scams

Capita data breach investigation

Cisco fixes critical flaws in Small Business Series Switches

Cisco Warns of Multiple Flaws in Small Business Series Switches

Coca-Cola bottler reportedly hit with ransomware

Consumers reported losing nearly $8.8 billion to scams in 2022. Recognizing these common fraud tactics can help you protect yourself

Critical Flaws in Cisco Small Business Switches Could Allow Remote Attacks

Crypto airdrop phishing scams: What are they

Crypto Hacks And Scams On The Rise In 2023 – Here’s How To Secure Your NFTs

Cyber attack on Uintah Basin Healthcare compromised healthcare data of over 100,000 people

Cyber Warfare Escalates Amid China-Taiwan Tensions

Cyberattacks Targeting Governments

Cybercrime Against Children Is On The Rise As New Study Shows Alarming Statistics

Cybercrime gang pre-infects millions of Android devices with malware

Dallas courts still closed 2 weeks post-ransomware attack

Dangerous functionalities in Microsoft Teams enable phishing and malware delivery by attackers

Darknet Carding Kingpin Pleads Guilty: Sold Financial Info of Tens of Thousands

Data breach at major investment firm raises alarm

Debt Collection Agency Data Breach Affects Many Healthcare Providers

Do you know which data breaches you have fallen victim to?

Dole incurs $10.5M in direct costs from February ransomware attack

Education Impacted by Ransomware More Than Any Other Sector

Escalating China-Taiwan Tensions Fuel Alarming Surge in Cyber Attacks

Eye insurance company agrees to $2.5 million settlement in 2020 data breach

Eye insurance firm agrees to $2.5 million settlement with state AGs after data breach

EyeMed Data Breach Multistate Settlement

Experts confident Newfoundland and Labrador paid ransom in health-care system ransomware attack — ‘I don’t think they’re really fooling anyone'

EyeMed Vision Care Reaches $2.5M Settlement Over Multistate Data Breach

FBI, GCHQ Unite To Foil Russian Malware Hacking Tool

Federal Trade Commission (FTC) Dings Reproductive Health App Over Data Sharing Violations

Five cyberattacks in one day expose 150k US residents to data risk

Five Years of the EU General Data Protection Regulation and Data Protection Act 2018

‘Fraud is fun’: Teen hacker charged with breaking into DraftKings accounts leading to theft of $600,000

From fleeceware to phishing sites, cybercriminals cash in on ChatGPT hype

GCash incident due to phishing not hacking

Gentex confirms data breach by Dunghill ransomware actors

Global Data Breach Statistics In Focus: Where Do The Trends Stand In 2023?

Government Publishes Playbook to Enhance Smart City Security

Great Expressions Dental Centers Notify Patients of Recent Data Breach Following Cyberattack

Hacked data appears to show scope of Lowell’s network attack

Hackers target vulnerable Wordpress Elementor plugin after PoC released

How Banks Use File Sanitization to Prevent Malware in Files & Content

How Basketball Can Be The 'Assist' On Your Security Strategy

How can cybercriminals profit from your personal information?

How to Measure Your Team’s Email Security Savviness

How To Protect Critical Infrastructures Before an Attack Happens

How to Reduce Exposure on the Manufacturing Attack Surface

Identity crimes: Too many victims, limited resources

Identity Crimes Remain at All-Time High in 2022

Illinois health department says hackers accessed citizens' personal & health benefits information

Indiana University exposes sensitive student data

‘Infostealer’ malware evolves to become even more lethal

Israeli hospitals hit with 13 significant cyberattacks

KeePass exploit helps retrieve cleartext master password, fix coming soon

KeePass Vulnerability Imperils Master Passwords

Law firm strikes deal with ransomware group BlackBasta for $150,000

LexisNexis Risk Solutions report shows increase in the digital attack rates

LockBit Leaks 1.5TB of Data Stolen From Indonesia's BSI Bank

Malicious emails aimed at Taiwan have spiked in 2023

Millions of iPhone and Android users warned of three unexpected places you’re at risk of nasty bank-draining swindle

Mitigating Dark Web Risks: The Role Of AI And Machine Learning

Most Companies Can’t Handle Cybersecurity Alone

MU Health Care reveals patient data breach

New API-based attacks on Microsoft Teams underscore the need for wider awareness training

New Cloud Data Leak Adds to Capita's Woes

New smartphone Trojan signs up users for unwanted paid services via apps with more than 620,000 downloads

NextGen Healthcare Data Breach Leaks 1 Million Patient Records, including Social Security Numbers

North Korea Affiliated Cybercriminals Stole $721 Milion Worth Crypto Assets From Japan

North Korean hackers drain Japan of $721 million in cryptocurency

Notorious State-Sponsored Hacker Group Stealthy Infrastructure Uncovered

O2 warns all Android and iPhone owners over bank-emptying text – spot the danger signs in your inbox

Odd Ransomware Targets Business Servers, Asks for Charity Donation

Organizations’ cyber resilience efforts fail to keep up with evolving threats

Patients angered after Oklahoma allergy clinic blames cyberattack for shutdown

Personal data 'compromised' and laptops stolen in Swindon police station burglary

PharMerica, a leading US pharmacy giant discloses data breach

Phishing Attacks Shift to IT, Online Services-Related Campaigns

Poland Blames Russia After DDoS Attacks On News Websites

Police arrest HBO hacker

Polish media websites fall victim to cyberattacks on Thursday morning

Portugal: Lagoa council back online – partially

Premom ovulation app accused of violating user privacy

Ransomware Research Reveals 12 Vulnerabilities Have Become Newly Associated with Ransomware in Q1 2023

Rochford Council launch investigation after personal data breach

Russian Charged with Ransomware Attacks Against U.S. Totalling $200 Million

Russian hackers hit Polish news sites in DDoS attack

Russian IT worker jailed for participating in pro-Ukraine DDoS attacks

Russian national indicted for ransomware attacks against the US

Secureworks reveals 'thriving' infostealer market enabling cyber crime

Singapore Police warns on new phishing scams with fake ScamShield App as bait

Some Of Russia’s Most Dangerous Cybercriminals Just Had Their Malware Dealer Unmasked

State Bank of India (SBI) Fake Message Alert! 'Your Account Is Temporarily Blocked Due To Suspicious Activity'

Strengthening Crypto Account Security: Beyond SMS 2FA

Strengthening Cybersecurity Defenses: The Significance of Vendor Cyber Monitoring

Teltonika’s IoT networks were vulnerable to remote attacks, research shows

Texas health system PHI compromised following phishing attack

The need to create a strong cyber response framework

This Cybercrime Syndicate Pre-Infected Over 8.9 Million Android Phones Worldwide

Threat actor uses phishing and SIM-swapping to gain access to Azure Virtual Machines

Trojan-Rigged Phishing Attacks Pepper China-Taiwan Conflict

U.S. saw 45% fewer ransomware victims posted on the dark web

UAE cybersecurity: 26,000 vulnerabilities were reported in 2022

UK steel industry supplier Vesuvius says ‘cyber incident’ cost £3.5 million

Ukraine's IT Army targets web cameras to curb Russian OSINT efforts

Understanding the Role of CISOs, CTOs and CIOs in Cybersecurity

United Health Services of Delaware (UHS) of Delaware Files Notice of Third-Party Data Breach

Uranium Finance Hacker Moves 650 ETH to Crypto Mixer Tornado Cash

Verizon warns all Gmail and Outlook users over credit card-draining email – check inbox for exact phrase

VIPRE Security Group 2023 Email Security Report Reveals Cybercriminals Posing as MFA Vendors

Virtual kidnapping: the latest cybercrime on the rise

WhatsApp missed call scam, AI voice phishing & fake job offers

When ChatGPT Goes Phishing

Which Cyberattack Vectors Were Most Pervasive in 2022? (Part 2)

Why and how to report a ransomware attack

Why We Still Haven’t Learned From the Target Data Breach a Decade Later

17th May

32% of organizations say they're effective at mitigating cyber threats

6000 Latitude cyberattack victims replace driver's licences

A month after ransomware attack, Point32 still struggling to restore services

A proactive approach to cyber and physical security

A suspect has been arrested for leaking the 'House of the Dragon' finale episode - and the alleged hacker made a rookie mistake

AddictiveTips Survey Finds 50% Of Companies Have Experienced An AI-based Data Breach

Algarve council targeted in cyber attack

Almost 6 Million Individuals Affected by PharMerica Data Breach

American living in Brazil admits to $3M phishing email scheme that defrauded Houston companies

AMP Bank warns customers about phishing scam that could cost you thousands

Are Ransomware Attacks Declining, or Has Reporting Worsened?

BatLoader Impersonates ChatGPT and Midjourney in Cyber-Attacks

BianLian ransomware gang changes tactics as it targets US and Australia

Capita accused of ‘unsafe storage of personal data’ following data breach

Capita data breach not used maliciously by hackers, it says

Carpet bomb DDoS attacks rise 300% in 2022

CISA Warns BianLian Ransomware Group Has Moved to Extortion Model

Cisco warns of critical switch bugs with public exploit code

Classes resume at Franklin County Public Schools after ransomware incident

Coalition Finds Organizations With Unresolved Critical Vulnerabilities Are 33% More Likely To Experience A Cyber Claim

Colchester City Council investigating Capita over 'serious data breach'

Congressional employees exposed in transit benefit program breach

Cyber attacks muddy the waters for investors

Cyber Extortion: 4 ways to protect yourself from online threats and ransom demands

Cyber Hygiene

Cyber insurance in question as UK shells out on ransomware hacks

Cyber-Attack Alert: ASUS Details Best Practices for South African Businesses

Cyber-Resilience Programs Failing on Poor Visibility

Cybersecurity Challenges for Governments in 2023

Dallas courts still closed 2 weeks post-ransomware attack

Data breach of Social Insurance Numbers (SINs) at one of Canada’s largest investment firms 'so dangerous'

Debt Collection Firm Credit Control Corporation Hit by Major Data Breach

Defending Your Organization Against Ransomware

Despite Genesis Market Takedown, Infostealer Malware is Booming

Despite Having to 'Start Over' After Last Month's Cyber Attack, Curry County Government is 'Continuing'

Dish Network class action alleges data breach compromised customer, employee info

Energy Industry Faces Increasing Dark Web Cyber Threats

Exploits, Botnets and Malware Spike in Q1 2023

EyeMed Vision Care Settles Multistate Data Breach Investigation for $2.5 Million

FBI confirms BianLian ransomware switch to extortion only attacks

Federal Trade Commission (FTC) says fertility tracking app Premom shared sensitive health data with third parties

Feds offer $10m reward for info on alleged Russian ransomware criminal

Fertility Specialists Medical Group Experiences Data Breach Following Cybersecurity Incident

Franklin County Public Schools ransomware attack under investigation

Generative AI: Posing Risk of Criminal Abuse

Hackers Have a New Tool in Their Toolbox: Smishing

Hospital falls prey to ransomware attack, hackers demand $70,000

How Poker Skills Help Guide Ransomware Payment Decisions

How to achieve cyber resilience through increased security vendor accountability

How to Defend Against AI-Powered Phishing Attacks and Keep Sensitive Data Secure

How to Protect Your Organization From Vulnerabilities

How weak is YOUR password? Graphic shows exactly how long it would take for hackers to get into your account based on your character combinations

Human error, inaction top cyber vulnerabilities

Infamous cybercrime marketplace offers pre-order service for stolen credentials

Inside the Mind of a Cyber Attacker - Tactics, Techniques, and Procedures (TTPs) Every Security Practitioner Should Know

Is your car safe from a cyber attack?

Israeli hospitals hit with 13 significant cyberattacks

KeePass flaw allows retrieval of master password, PoC is public (CVE-2023-32784)

Lawmakers advance cyber bills aimed at open-source, satellite vulnerabilities

Leader of darknet credit card marketplace pleads guilty

LexisNexis Risk reports 20% annual increase in digital cyber attack rates

LockBit suspect from Russia charged by US court

MalasLocker ransomware targets Zimbra servers, demands charity donation

Malicious Microsoft VSCode extensions steal passwords, open remote shells

Manufacturing a Defense Against Phishing

Massive Adoption of Generative AI Accelerates Regulation Plans

Microsoft Azure accounts hit with phishing attacks to hijack virtual machines

Newbury parents slam 'terrible communication' as cyber attack leaves school without internet access

NSO Group Spends Millions Lobbying US Government

OilAlpha: Emerging Houthi-linked Cyber Threat Targets Arabian Android Users

Online bank fraud has risen by almost 50% since before the pandemic

Online Criminals Steal $700,000 from Florida Baptists in Phishing Email Scam

PaperCut vulnerability abused by several threat actors could impact 70,000 organizations

Preparing for federal supply chain security standardization

Preventing Bot Attacks and Online Fraud on APIs

Rainbow Grocery Notice of Data Breach

Ransomware Group Adds Academy Mortgage to Victim List, Raising Concerns of a Major Data Breach

Ransomware vulnerability warning pilot yielding valuable lessons, CISA official says

Ransomware-as-a-service groups rain money on their affiliates

Researchers infiltrate Qilin ransomware group, finding lucrative affiliate payouts

Rochford District Council pins data breach on Capita’s ‘unsafe storage’

Royal Ransomware Group Builds Its Own Malware Loader

Russian National Charged with Ransomware Attacks Against Critical Infrastructure

Scammers exploit AI trend with fake ChatGPT apps on Google Play, Apple App Store

ScanSource Ransomware Attack: 5 Big Things To Know

ScanSource ransomware attack halts business operations

ScanSource says ransomware attack behind multi-day outages

Searching for Nevada Ransomware Digital Crumbs in the DNS

Serial Scammer Uses Advanced Laundering Techniques to Clean Stolen Crypto Worth $15 Million – Here's What You Need to Know

Serious Unpatched Vulnerability Uncovered in Popular Belkin Wemo Smart Plugs

Social Engineering Risks Found in Microsoft Teams

Social media was 72% of non-government or financial account abuse

State-Sponsored Sidewinder Hacker Group's Covert Attack Infrastructure Uncovered

Sunday Paper Debacle: Philadelphia Inquirer Scrambles to Respond to Cyberattack

Sysco data breach exposed over 126k Social Security numbers

Te Whatu Ora continues to negotiate Waikato DHB cyber insurance claim

The Downs School, hit by possible cyber attack, seeking help from West Berkshire Council, the Department for Education and cyber security experts

The Hacking Business Model: How Attackers Bag $20 Million Per Month

The Heritage Group Notifies Current and Former Employees of Data Breach

The Rise In Banking Services Frauds In India: How To Stay Vigilant And Prevent It

These ransomware victims are paying more to recover data

Threat Group UNC3944 Abusing Azure Serial Console for Total VM Takeover

TP-Link routers implanted with malicious firmware in state-sponsored attacks

U.S. Offers $10 Million Bounty for Capture of Notorious Russian Ransomware Operator

Uintah Basin Healthcare suffers data breach affecting over 100,000 patients

Ukraine, Ireland, Iceland and Japan officially join NATO’s cyber defense center

UMass Memorial Medical Center settles data breach suit for $1.2M

US healthcare service provider fined US$350k over 2018 data breach

US offers $10m bounty for Russian ransomware suspect outed in indictment

US Offers $10m Reward For Alleged Prolific Ransomware Actor

US Offers $10 Million Reward For Russian Hacker

US software giant Brightly says the SchoolDude data breach impacted nearly 3 million users

What Do Hackers Actually Do With Your Data?

What Is a Brute Force Attack? Definition, Prevention and Examples

What to do if a data breach happens to you

With Ransomware Attacks on the Rise in 2023, Corvus Insurance Finds Risk-aware Organizations are Better Prepared to Face Down Attackers

16th May

3 tips to accelerate zero trust adoption

5 Financial Scams That Target Your Cell Phone

5 things technology leaders wish their boards knew about cybersecurity response

Academy Mortgage allegedly targeted by ransomware gang

Alleged Babuk ransomware gang leader ‘Wazawaka’ indicted, sanctioned by US

Apple blocked 1.7 million apps for privacy, security issues in 2022

AppSec: How Do You Know Your app is 100% Secure? You Don’t

Attack automation becomes a prevalent threat against APIs

Bl00dy Ransomware Gang Exploiting Printer Vulnerability to Attack Schools

Business Email Compromise (BEC) Attackers Spoof CC'd Execs to Force Payment

Camaro Dragon APT Group Exploits TP-Link Routers With Custom Implant

China's Mustang Panda Hackers Exploit TP-Link Routers for Persistent Attacks

Coalition Finds Organizations with Unresolved Critical Vulnerabilities Are 33% More Likely to Experience a Cyber Claim

Conner Strong & Buckelew Announces Recent Data Breach Following Compromised Employee Email Accounts

CopperStealer Malware Crew Resurfaces with New Rootkit and Phishing Kit Modules

Credit Control Corporation hacked – data of over 280K people stolen

Curry County computer system ‘starting from scratch’ after ransomware attack

Dallas city sites still down after cyberattack

Don’t Insure Against Cyber-Risk, Protect Against It

EE warns all Android and iPhone owners over credit card-stealing text – five signs reveal ‘criminal’ message

Employee actions are driving cyber insurance claims

FBI on the case but infostealers remain at large

Florida Baptists continue investigation of $700K cyber attack

Fortra Data Breach Targets 130 Companies, Many in Healthcare Sector

Fraudsters send fake invoice, follow up with fake exec confirmation

Hackers infect TP-Link router firmware to attack EU entities

Hackers use Azure Serial Console for stealthy access to VMs

Hackers Using Golang Variant of Cobalt Strike to Target Apple macOS Systems

HHS Office for Civil Rights Settles HIPAA Investigation with Arkansas Business Associate MedEvolve Following Unlawful Disclosure of Protected Health Information on an Unsecured Server for $350,000

Holiday season sees 550% increase in unique threats

How to encrypt your email (and why you should)

Infostealer Malware Surges: Stolen Logs Up 670% on Russian Market

Inside Qilin Ransomware: Affiliates Take Home 85% of Ransom Payouts

Israeli hacker arrested for giving away end of the plot in hit series

Israeli hospitals suffered 13 major cyberattacks

Knocking down Hive: How the FBI ran its own ransomware decryption operation

Kronos Agrees to $6 Million Settlement for 2021 Ransomware Attack Resulting from Inadequate Cybersecurity Safeguards

Lacroix manufacturing cyberattack shuts down three facilities

Lacroix manufacturing facilities shut down following cyberattack

Lacroix Shuts Three Factories For a Week After Cyber-Attack

‘Lancefly’ espionage group targeting organizations across Asia with custom malware

LinkedIn scams are getting more dangerous with big companies being targeted - Here are some safety tips

Managing security compliance with a hybrid workforce

Maxim Healthcare Reaches Settlement Over 2021 Data Breach Case

Need for having a skilled team for combatting E-commerce security threats?

No passwords allowed

North Korean hacker groups steal billions in crypto assets

Norton Healthcare says it's working with FBI after receiving fax with 'threats and demands'

Office workers and CISOs really aren't on the same page when it comes to security

Ogden Dunes believes it was hit by a cyber attack

Open-source Cobalt Strike port 'Geacon' used in macOS attacks

Parental control app with 5 million downloads vulnerable to attacks

PharMerica Breach Hits Over 5.8 Million Customers

PharMerica data breach exposed 5.8 million customers

Ransomware Prevention – Are Meeting Password Security Requirements Enough

Ransomware represents a major threat to the maritime industry

Researchers Uncover New "RA Group" Ransomware

Russian ransomware affiliate charged with attacks on critical infrastructure

Scam Alert! Fake TV Licensing emails reported

Scared by cyber-attacks? You should be

Serious consequences for companies that invoice via e-mail

The importance of cyber security and the risks of ignoring it

The Top 5 cyber threats to the energy sector

Toyota confirms decade-long data breach

U.K. citizen pleads guilty in connection to Twitter hack

University admission platform exposed student passports

Uranium Hacker Launders $1.2M via Tornado Cash

US offers $10 million reward for info on Russian hacker accused of cyberattack on major US police department

US ‘strike force’ charges Chinese and Russian nationals with stealing sensitive tech

Virgin Media warns customers of sneaky trick bank-emptying thieves use in scam texts

What the White House’s Cybersecurity Strategy Means for CISOs

15th May

5 ChatGPT Scams to Watch Out For

90% of small business leaders underestimate cyber incident costs

A New Twist in the Ransomware Debate: Is it Negligent to Fail to Pay Ransom?

ABB is ‘hit by a ransomware cyber-attack’

Advantech’s industrial serial device servers open to attack

Airline exposes passenger info to others due to a 'technical error'

Artificial Intelligence And Cybersecurity: For Good Or Evil?

As hacking rates rise, 47% of Indian Communication Service Providers (CSPs) focus on upgrading firewalls

Bad bots are coming for APIs

Bad breach preparation leads to bad press: what you can do to minimise the impact

BlackBerry research finds UK manufacturers increasingly wary of nation-state threats

Bristol Community College says hackers stole data of 56,000 students and employees

Building a cyber resilient culture - how to embed a culture of cyber resilience in your organization

Capita breach fallout widens as customers learn of data theft

Capita says Black Basta ransomware attack inflicted £20 million in losses

CLR SqlShell Malware Targets MS SQL Servers for Crypto Mining and Ransomware

Convincing and sophisticated Canada Post scam making the rounds in Ontario

CrowdStrike Warns VMware’s Hypervisor ‘Highly Attractive’ To Cybercriminals

Customer sues Equity Bank for data breach dispute

Cybercrime: the threat situation at a glance

Cybercriminals who targeted Ukraine are actually Russian government hackers, researchers say

Cyberdefense will need AI capabilities to safeguard digital borders

Cybersecurity: Four Action Items For The Board To Review

Cybersecurity: outrunning the digital bear

Dallas says it 'will likely take weeks to get back to full functionality' after ransomware attack

Data of 5.82M PharMerica patients stolen, accessed during cyberattack

Declassified CIA document reveals secret ‘hacker phrases’ you must look out for – how to spot them

Delaware casino accused of not protecting workers’ info in data breach

Discord Alerts Users of Data Breach, Urges Caution

Digital Immune Systems: Assurance In The Midst Of Volatility

Discord Breached After Service Agent Targeted

Discord confirms data breach after a third-party support agent compromised

Discord discloses data breach - is your account safe?

Discord reveals data breach after worker hack - is your account affected?

EHR vendor NextGen hit with 7 data breach lawsuits

Emerging ransomware group quickly hits 4 critical infrastructure providers

Ex-Ubiquiti Employee Imprisoned For $2m Crypto Extortion Scheme

Extra! Extra! Don’t quite read all about it: Cyber attack hits Philadelphia Inquirer

Financial sector has highest password reuse rate

Former Ubiquiti Employee Gets 6 Years in Jail for $2 Million Crypto Extortion Case

Google warns billions of phone owners to look for four ‘dangerous’ phrases – you could lose everything

How a ransomware attack continues to affect Dallas libraries

How Can Computer Vision Be Used to Detect Phishing Attacks?

How Does Database Compliance Reduce Cyber Breaches?

How This Scammer Stole Over $15M Worth of Crypto

How to Know if You’ve Been Infected by Ransomware

In Uncertain Economic Times, Build a Robust Security Program

Industrial Cellular Routers at Risk: 11 New Vulnerabilities Expose Operational Technology (OT) Networks

Insured companies more likely to be ransomware victims, sometimes more than once

Is human threat hunting a fool’s errand?

Israel-based threat actors show growing sophistication of email attacks

Lancefly APT Custom Backdoor Targets Government and Aviation Sectors

Law enforcement crackdowns and new techniques are forcing cybercriminals to pivot

LockBit ransomware group publishes 600GB of data stolen from Fullerton India

Lowell Hit With Cyber Attack, Some Data Released to Dark Web

Malware Used for Cyber Espionage Since 2004 Shut Down in US After Years-Long FBI Operation

Microsoft Follina Bug Is Back in Meme-Themed Cyberattacks Against Travel Orgs

Microsoft macro-blocking has forced cyber criminals to innovate

Most CISOs feel their business is at risk for cyberattack

NationsBenefits class action claims data breach affects 3 Million consumers

New 'MichaelKors' Ransomware-as-a-Service Targeting Linux and VMware ESXi Systems

New Ransomware Gang RA Group Hits U.S. and South Korean Organizations

New RA Group ransomware targets U.S. orgs in double-extortion attacks

New ‘RA’ ransomware group using leaked source code to launch attacks

New ransomware gang RA Group quickly expanding operations

NextGen Healthcare attracts multiple class action lawsuits over significant data breach

No more macros? No problem, say miscreants, we'll adapt

North Korean hackers stole $721m worth of crypto from Japan

Only months after dealing with one problem, Academy Mortgage gets hit with a ransomware attack

PasswordManager.com Survey Finds 56 Percent of Cybersecurity Professionals Fear Hackers Will Use AI Tools to Steal Passwords

Pharmacy giant PharMerica says medical info of nearly 6 million patients leaked

PharMerica Discloses Data Breach Impacting 5.8 Million Individuals

Philadelphia Inquirer operations disrupted after cyberattack

Philadelphia Inquirer severely disrupted by cyber-attack

Philadelphia Inquirer unable to go to print due to ‘cyber incident’

Preventing Account Takeover Attacks: Ways to Reduce Risk

Pro-Life Doctors Targeted In Cyber Attack

Provider’s ransomware incident highlights cyber risks facing senior living and care operators

Qilin's Dark Web Ransomware Targets Critical Sectors

Ransomware: The Top 5 Myths and Misconceptions

Ransomware corrupts data, so backups can be faster and cheaper than paying up

Ransomware gang steals data of 5.8 million PharMerica patients

Ransomware group claims 2.5 terabytes of stolen data less than a month after emerging online

Ransomware Risks

Renewal by Andersen Notifies 13,464 About Recent Data Breach Involving Consumer SSNs

Researchers Uncover Powerful Backdoor and Custom Implant in Year-Long Cyber Campaign

Role of sound cybersecurity infrastructure in seamless operations for organizations

Security tools are not enough, lock everything down

Shocking Personal Data Breach Of 237,000 US Government Employees

Stealthy MerDoor malware uncovered after five years of attacks

Study Highlights Hacker Vulnerabilities Created by Smart Meters

The Battle Against IoT Cyber Threats

The new info-stealing malware operations to watch out for

The Philadelphia Inquirer’s operations continue to be disrupted by a cyber incident

The Philippines: Some victims of GCash phishing scheme shared One-Time Password (OTP) with scammers

Third-Party Data Breach at NCB Management Services Affects 15,549 TD Bank Customers

This scammer cloned crypto exchange HitBTC to steal $15M

Transportation Safety Systems Unaffected by DOT Data Breach

UK Pension Scheme: Members Should Assume Capita Data Theft

Understanding the Role of PCI DSS in the Finance Industry

US Department of Transportation responds to breach of employee data

US Helps Costa Rica Combat Cyberthreats

War, Hunh. Yeah. What is it Good For? Reducing Insurer Liability for Cyberattacks

Weeks After a Ransomware Attack, the National Gallery of Canada Is Still Working to Bring Its Operations Back Online

What is an IT disaster recovery plan and why does your business need one?

Whitworth University Notifies 65,593 Students of Data Breach Involving Their SSNs

Why do businesses and organizations fail to prevent cyber attacks?

Why High Tech Companies Struggle with SaaS Security

Will regulators take action on Malaysian university for admitting data leak?

Will Threat Actors Face Layoffs in 2023?

XDR Cannot Exist Without NDR