Editor's Message

Welcome to DBD. On March 8th we celebrated our 4th Anniversary and the 1st Anniversary of our PRiSM application, officially endorsed by the SANS Institute. Despite recent personal issues that have impacted the amount of time I have been able to dedicate to both projects, I have been doing my best to keep everything as up-to-date as possible, and I would like to take this opportunity to thank everyone for their patience and support whilst I navigate through this very difficult time. Stay safe. :)



Monday, 22 May 2023

Data Breaches Digest - Week 21 2023

Welcome to this week's Data Breaches Digest, a catalogue of links concerning Data Breaches and Cyber Security that were published on the Internet during the period between 22nd May and 28th May 2023.


28th May

Arbitrum liquidity protocol Jimbos suffers $7.5 million ETH hack

Are We Seeing Fewer Ransomware Attacks? Not Now

Artificial Intelligence’s Risks and Rewards in Cybersecurity

Banks warn to watch out for these scams in South Africa

Central agency warns of phone virus that hacks into call logs, camera

ChatGPT phishing fantasies: will AI chatbots help fight cyberscam?

Chinese hackers seeking ways to cripple infrastructure ‘likely to have targeted UK operators’

Clever ‘File Archiver In The Browser’ phishing trick uses ZIP domains

Confidential Report Flags Bitfinex Security Lapses in Huge 2016 Hack

'Cybercriminals are creating new ways of hacking'

Dutch watchdog investigates alleged Tesla data breach

Few answers in northern medical school cyber attack

Future of healthcare cybersecurity: Key strategies for 2023 and beyond

India: State-run power management firm's IT system hit by ransomware attack

India sees 31 per cent surge in malware attacks in 2022

Industrial automation giant ABB disclosed data breach after ransomware attack

Is the gig up when it comes to cybersecurity?

Nearly 60% of firms have experienced a GDPR-related data breach in the past five years

New Bandit Stealer targets web browsers and cryptocurrency wallets

Tesla Inc. (TSLA Stock) – Data Breach Allegations Halts Rally

Why passkeys might be the solution

27th May

Biggest Blockchain Hacks: Lessons Learned from Notorious Breaches

Billions of iPhone and Android users warned over bank-raiding phone call – listen out for dangerous signs

CISA warns government agencies of recently patched Barracuda zero-day

Critical OAuth Vulnerability in Expo Framework Allows Account Hijacking

Dental Health Insurer Hack Affects Nearly 9 Million

Exploring the Dark Side of Financial QR Code Transactions

FBI warns all Wi-Fi users to check router right now – you might be in serious ‘stranger’ danger

Fire Rescue Victoria's cyber-hack response a 'lesson in how not to communicate

Free VPN Data Breach – Over 360 Million User Records Exposed

Hacker Gets 51 Months For Computer Fraud

Hot Pixels attack checks CPU temp, power changes to steal data

Insurance company data breach may impact some Pennsylvanians

Learn how to protect your passwords from hacker attacks in 2023

Man steals $600k in sports betting website hack

New Stealthy Bandit Stealer Targeting Web Browsers and Cryptocurrency Wallets

New York City's Metropolitan Opera sued for massive data breach

NHS data breach: trusts shared patient details with Facebook without consent

QBot malware abuses Windows WordPad EXE to infect devices

Senegalese government websites hit with cyber attack

Stealing From Wallets to Browsers: Bandit Stealer Hits Windows Devices

The Impact of Cybersecurity Statistics on Business and Society

There's a new pocket-picker on the loose: How to protect yourself from financial fraud

Watch out - ChatGPT is being used to create malware

26th May

5 Must-Know Facts about 5G Network Security and Its Cloud Benefits

68% of organisations experienced cyber attack within the last 12 months

130K+ Patients' Social Security Numbers Leaked in UHS of Delaware Data Breach

Adams Bank & Trust experiences cyber attack; online and mobile banking still affected

Advisory warning issued for People's Republic of China (PRC) state-sponsored cyber activity

After extensive investigation, National Privacy Commission (NPC) concludes phishing caused unauthorized GCash transactions

Ahead of summer holiday weekends, IT security leaders brace for deliberate cyber mischief

Albany clinic discloses data breach affecting over 200k people

Albany ENT & Allergy Services Notified Patients of SSN Data Breach

APT Hacker Group Attacking SMBs to Use Their Infrastructure

Augusta pushes back on claims of ransomware attack; investigation underway

Backups Are Prime Targets for Ransomware Attacks, Most Remain Exposed

Barracuda Networks issue added to CISA vulnerability list

Barracuda Warns of Zero-Day Exploited to Breach Email Security Gateway Appliances

BianLian Ransomware Gang Shifts to Purely Data Extortion Attacks, Warns Joint Advisory

BlackByte ransom gang claims City of Augusta, Georgia

BlackByte ransomware claims City of Augusta cyberattack

Botnet Attacks and Their Prevention Techniques Explained

Capita Hack Fallout: Regulator Sees Breach Reports Surge

Capita probed by UK regulator over cyberattack

ChatGPT: Not All Gloom and Doom for Security Professionals

Chinese cyber-attack in the US seems to be an act of cyber reconnaissance in preparation for bigger attack, says expert

Compromised Twitter account amplifies crypto phishing scam

Consumers Wary of Biometric Security

Cyber attack on US healthcare equipment provider Apria affected nearly 2 million customers

Cyber threats to nuclear weapons

Cybercriminals Exploiting Legitimate Websites for Malicious Payloads

Cybercriminals masquerading as MFA vendors

'Daam' virus steals call records, reads history from Android phones

Dallas Faces Difficult Choices As It Continues To Navigate Active Ransomware Attack

Data breach and information theft

Dragos industrial ransomware attack analysis – Q1 2023

Dutch watchdog looking into alleged Tesla data breach

Dutch Watchdog Probes Alleged Tesla Data Breach

Elon Musk’s social security number allegedly leaked in Tesla data breach

Emby shuts down user media servers hacked in recent attack

EyeMed Pays Four State AGs $2.5M for Data Breach

Franklin Templeton exposed in GoAnywhere breach

Free VPN Suffers Huge Data Breach, Compromising Users

Fresh perspectives needed to manage growing vulnerabilities

Gaming Firms and Community Members Hit by Dark Frost Botnet

GoDaddy Refund Phishing Emails Spread Infostealer

Hacker steals PII of 1.5m customers from Indian intimate wear store Zivame's servers

Hacker who drained more than $1 million from Tornado Cash offers control back to community

How threat intelligence can improve DDoS protection

Information Commissioner’s Office (ICO) reacts to data breach fears from Capita incident

Italian Ministry hit by “heavy cyberattack”

Kyocera AVX becomes LockBit ransomware gang’s latest victim?

Latitude data breach to slash cash profit by at least $128 million

Lender OneMain fined $4.25 million for cybersecurity lapses

Massachusetts health data breach involving Harvard Pilgrim Health Care confirmed

Mercer University breach exposed nearly 100k people

Mirai Malware Hits Zyxel Devices After Command Injection Bug

More Microsoft 365 phishing attacks are using this dangerous new method - here's what you need to know

More UK Card Details Available on the Dark Web Than Anywhere Else in Europe

New Buhti ransomware uses leaked payloads and public exploits

New COSMICENERGY Malware Exploits ICS Protocol to Sabotage Power Grids

New Russian-Linked Malware Poses “Immediate Threat” to Energy Grids

Newfoundland Health wasn’t prepared for ransomware attack

New York Attorney General seeks fine over Sport Warehouse data breach

No let-up in ransomware attacks on South Africa

Passwordless Authentication: Is it Time to Bid Farewell to Passwords?

People are just realising three ways their Amazon Echo devices can be hacked – but you can protect yourself

Pentesting: a cyber-disaster prevention strategy for trucking companies

Phishers use encrypted file attachments to steal Microsoft 365 account credentials

Phishing Domains Tanked After Meta Sued Freenom

Predator Android Spyware: Researchers Uncover New Data Theft Capabilities

Ransomware attack forces Dorchester's Thomas Hardye School to switch to manual operations

Ransomware attacks that target local governments on the rise

Ransomware driving professionalisation of cyber crime

Rogue IT security worker failed to cover his tracks

Severe Flaw in Google Cloud's Cloud SQL Service Exposed Confidential Data

Singapore: Beware of phishing e-mail asking taxpayers to update personal particulars

State Department warns China could hack US 'critical infrastructure'

Suffolk University Notifies Over 53k Students of 2022 Data Breach Involving Their SSNs

Sur La Table Confirms March 2023 Data Breach Involving Employee Information

Tabby says customers could be targeted for phishing attacks

Tennessee Orthopaedic Clinics Notifies Patients of Data Breach Following Unauthorized Access to Computer Network

Tesla data breach? 100GB of company information ‘leaked by whistleblower’

The highly secretive Five Eyes alliance has disrupted a China-backed hacker group – in an unusually public manner

Threat actors exploit new channels for advanced phishing attacks

Tools like ChatGPT will boost cyber crime and cyber security equally

Top 5 Cybersecurity Breaches in Online Gambling Industry

Travel-Themed Phishing, BEC Campaigns Get Smarter as Summer Season Arrives

US government contractor ABB confirms ransomware attack, data theft

USPS, Walmart, Memorial Day, Father’s Day, and MORE - Top Scams of the Week

Vodafone warns all iPhone and Android users over money-stealing plot – check your inbox now

What is Authentication Bypass Vulnerability, and How Can You Prevent It?

What is cyber resilience?

Yearn DeFi Hacker Continues To Launder $11.6M Loot Through Tornado Cash

25th May

6 Cybersecurity Challenges in Internet-based Business Communication

10 Best Practices for Creating a Data Loss Prevention (DLP) Strategy in Your School District

12 vulnerabilities newly associated with ransomware

58% of Firms Have Had a GDPR-related Data Breach

130k+ Patients' Social Security Numbers Leaked in UHS of Delaware Data Breach

Advanced Phishing Attacks Surge 356% in 2022

Advisor Group is latest Broker-Dealer to report data breach

Attackers Manipulate Teams Features to Gain Access

Audiovox electronics claimed by BlackCat ransom gang

AI Used to Create Malware, WithSecure Observes

Bank Syariah Indonesia (BSI) on Ransomware Attacks: Digital Forensic Investigation Still Ongoing

Barracuda email security appliances hacked via zero-day vulnerability (CVE-2023-2868)

Brazilian cybercriminals recently targeted Portuguese bank customers, report says

Brazilian Hackers Targeting Users of Over 30 Portuguese Banks

Buhti Ransomware Gang Switches Tactics, Utilizes Leaked LockBit and Babuk Code

Capita wins £565m in government contracts – despite major data breach

Changing Attitudes Towards GDPR Enforcement and Compliance: 2018 – 2023

ChatGPT is being used to create malware - what you need to know

China calls US “the empire of hacking” after espionage accusations

China positioned to hack US railways and pipelines

China's Stealthy Hackers Infiltrate U.S. and Guam Critical Infrastructure Undetected

Chinese hackers behind Guam breach have been spying on US military for years

Chinese hackers threaten US cybersecurity

CISA releases updated #StopRansomware guide

CISA, FBI release updated guide on stopping ransomware attacks

Class action filed against Webster Bank over data breach

Councils complain to ICO after cyber attack at Capita

Credit Union of Southern California Announces Data Breach Following Compromised Employee Email Account

Cutting-Edge Technology: Mobile Threat Defense Solutions

Cyber Army! US Mulls Creating A New Military Unit That Can ‘Track & Whack’ Chinese, Russian Aggression

Cyber attack compromises U.K. pension plan members’ personal information

Cyber Insurance Cannot Offset the Dangers of Ransomware

D-Link fixes auth bypass and RCE flaws in D-View 8 software

Dark Frost Botnet Launches Devastating DDoS Attacks on Gaming Industry

Data breach at US debt collector exposes over a million users

Data breach victims include Empire Life

Disbelief in Kenya over alleged Chinese cyberattack on government data

Experts laud GDPR at five year milestone

Expo Framework API Flaw Reveals User Data in Online Services

Feds, local authorities warn of latest Paypal and MetaMask phishing scam

Five Eyes agencies detail how Chinese hackers breached US infrastructure

Fortinet: Cybercriminals Heavily Targeting Operational Technology (OT) Organizations

Four Key GDPR Trends on the Law’s Fifth Anniversary

Freedom Mortgage Notifies Consumers That a Recent Data Breach Compromised Their Social Security Numbers

Fresh Del Monte Produce Notifies Employees of Recent Data Breach

GDPR celebrates 5th birthday as EU faces down Meta

GDPR Fines: Are They Working?

Harrington Raceway & Casino Faces Class Action Suit Over Online Data Breach

Investing in Zero-Trust Cybersecurity Infrastructure

Iranian Agrius Hackers Targeting Israeli Organizations with Moneybird Ransomware

Iranian Hackers Deploy New Ransomware Against Israeli Firms

Major Massachusetts Health Insurer Hit by Ransomware Attack, Member Data May Be Compromised

Mastering Data Security in the Era of Industry 4.0: 5 Must-Know Tips

Media industry cites lack of native security for public cloud issues

Microsoft 365 phishing attacks use encrypted RPMSG messages

Microsoft warns of Volt Typhoon, latest salvo in global cyberwar

Millions affected by Pharmerica, Apria Healthcare data breaches

National Privacy Commission (NPC): Phishing attacks, not hacking, behind GCash fiasco

National Cyber Security Centre (NCSC) Warns Against Chinese Cyber Attacks on Critical Infrastructure

Nearly two-thirds of India-based companies victims of ransomware attack

New Buhti ransomware gang uses leaked Windows, Linux encryptors

New PowerExchange Backdoor Used in Iranian Cyber Attack on UAE Government

New Russian-linked CosmicEnergy malware targets industrial systems

New Russia-linked malware can physically harm power grids

New York’s Attorney General Fines Sports Warehouse After Data Breach

Norton Healthcare didn’t call it a ransomware attack. Then BlackCat claimed responsibility for it

Operation Magalenha: Brazilian Hackers Hit Portuguese Banks in Malware Attack

‘Operation Magalenha’ targets credentials of 30 Portuguese banks

Pegasus spyware detected in Armenia and Azerbaijan

Pegasus spyware was deployed in Armenia amid Nagorno-Karabakh war

Perception Point Report Finds That Advanced Phishing Attacks Grew by 356% in 2022

Phishing campaign targets ChatGPT users

Predator: Looking under the hood of Intellexa’s Android spyware

Qilin Affiliates Receive Up to 85% Of Each Ransomware Payout

Ransomware gang claims it hit Illinois hospital

Realistic simulations are transforming cybersecurity training

Richmond University Medical Center (RUMC) working to bring some of its systems ‘back to full capacity’ after cyber attack

Russian electronics giant hit by data leak

SAS attackers increase ransom demand to $175k

Scope of the Dallas Cyber Attack Remains a Mystery

SMBs Targeted by State-Aligned Actors for Financial Theft and Supply Chain Attacks

Spring Cleaning: 5 Cyber Tips to Tidy Up Your Digital Life

Taro Pharmaceuticals class action alleges company responsible for data breach

Telegram emerges as criminals’ top choice for handling stolen information

The essence of Operational Technology (OT) security: A proactive guide to achieving CISA’s Cybersecurity Performance Goals

The Imperative of Automating Fraud Detection in Financial Institutions

The monumental shifts in Australia & New Zealand’s threat landscape

UK data protection regulator receiving ‘large number of reports’ about Capita

Unauthorized GCash transactions caused by phishing attack

Understanding Cybercriminal Motivations Over Time

What is Data Loss and How it Can Affect Your Business

Why cyber is also a CIO problem

Why Data Protection is Critical to the Success of Emerging Technologies

Zyxel Issues Critical Security Patches for Firewall and VPN Products

Zyxel warns of critical vulnerabilities in firewall and VPN devices

24th May

50% of UK CEOs See Cyber as a Bigger Business Risk than the Economy

73 per cent of Indian firms report being ransomware victim in 2023

79% of organizations expect ransomware attacks this year

Addigy exposes Rapid Security Response (RSR) updates gap in 25% of managed macOS devices

Adur and Worthing councils investigating Capita data breach

AI could be used to craft phishing messages to health systems, CISO warns

All you need to know about the new cryptocurrency phishing service, ‘Inferno Drainer’

Almost all ransomware attacks target backups, says Veeam

Amazon-owned pharma retailer PillPack says data breach impacted over 19,000 customers

Apria Healthcare Discloses Major Data Breach Impacting 1.8M Users

AT&T warns Gmail and Outlook users over ‘malicious’ bank-emptying email in inbox – warning signs to look for right now

Backup Repositories Targeted in 93% of Ransomware Attacks

Barracuda warns of email gateways breached via zero-day flaw

Centex Personnel Services Experiences Third-Party Data Breach Following Cyberattack at Carvin Software

China’s Cyber Warfare: These special units in Chinese PLA target Indian defence research organisations, other departments

Chinese Embassy dismisses Reuters report on hacking of Kenyan govt agencies

Chinese hackers breach US critical infrastructure in stealthy attacks

Chinese state-backed hacking group compromised US critical infrastructure orgs

CISA, Partners Revamp Ransomware Prevention Guide

CISA updates ransomware guide 3 years after its debut

Cyber Attacks Strike Ukraine's State Bodies in Espionage Operation

Cyber criminals are exploiting out-of-office emails to scam small businesses

Data Stealing Malware Discovered in Popular Android Screen Recorder App

Defence giant Rheinmetall suffers cyberattack by Black Basta ransomware gang

Despite warnings, Newfoundland and Labrador health officials didn't bolster cyberdefences before ransomware attack

Don’t pay ransom: US government updates ransomware guide as attacks rise

Dorchester school's IT system struck by cyber attack

Email scams vs Phishing - is there a difference?

Free VPN Service SuperVPN Exposes 360 Million User Records

GitLab 'strongly recommends' patching max severity flaw ASAP

Hackers target 1.5M WordPress sites with cookie consent plugin exploit

How can we protect critical national infrastructure from cyber attacks?

How to prevent a data breach

How to spot a job-hunting scam

How Your Business Could Protect Its Cybersecurity in a Surprisingly Cost-Effective Fashion

In focus: Managed Detection and Response (MDR) and manufacturing

Increase In Cyberattacks: Is Your Business Safe?

Indian-origin hacker gets 51 months jail for computer fraud in US

Iran-linked hackers Agrius deploying new ransomware against Israeli orgs

Iranian hackers use new Moneybird ransomware to attack Israeli orgs

Iranian Tortoiseshell Hackers Targeting Israeli Logistics Industry

IT employee piggybacked on cyberattack for personal gain

Lazarus Group Targeting Microsoft Web Servers to Launch Espionage Malware

Legion Malware Upgraded to Target SSH Servers and AWS Credentials

Legitimate Android app transforms into data-snooping malware

New hyperactive phishing campaign uses SuperMailer templates

New PowerExchange malware backdoors Microsoft Exchange servers

New spear phishing report by Barracuda shows that 50% of organizations studied were victims of spear phishing in 2022

New Veeam research finds 93% of cyberattacks target backup storage to force ransom payment

North Korean Lazarus Group Targets Microsoft IIS Servers to Deploy Espionage Malware

Peachtree Orthopedics Posts Notice of Data Breach Potentially Compromising Patients’ Social Security Numbers

Private Sector Cybersecurity Task Force Called for to Defend Democracies

Ransomware gang pulls Philadelphia Inquirer listing after victim questions documents

Ransomware is being excluded from cyber insurance policies

Ransomware tales: The MitM attack that really had a Man in the Middle

Records Show Timeline of Cyber Attack on Rochester Schools

Resiliency must be priority as ransomware attacks increase

Rogue IT worker extorted company after hijacking ransomware attack

Royal ransomware gang threatens to publish data stolen from the City of Dallas

Safeguarding your digital identity: The importance of email account security

Security Awareness Training (SAT) is finally having its day. Here’s why

Should You Use Passkeys Instead of Passwords?

Simple Basics Are Still Needed to Thwart Cyber Threats

Singapore: Police warn of phishing scam involving fake traffic police website, fine payments

SMBs, regional MSPs under fire from targeted phishing attacks

South Africa: Forensic probe into Western Cape legislature cyber attack

Spearphishing report: 50% of companies were impacted in 2022

State-Aligned Actors Targeting SMBs Globally

Suzuki Motorcycle India breach forces plant shutdown

The Largest Federal Data Breach Fines in History

The 'look who died' scam is spreading on Facebook. Here's what to know

TMX Finance hit with another class action following data breach

Turla’s Snake May be Down, But its Legacy Lives On

U.S. Charges Russian In Ransomware Scheme Worth Up To $200 Million

Understanding Theories and Biases to Better Inform Security Decisions

US debt collector breach exposed 1 Million+ people

Vast majority of Newfoundlanders and Labradorians had personal information stolen in 2021 cyberattack, but may not have been notified, Office of the Information and Privacy Commissioner (OIPC) report finds

What Mackenzie breach says about state of data security in wealth

What to Look for When Selecting a Static Application Security Testing (SAST) Solution

23rd May

16 Tips For Creating Effective Companywide Cybersecurity Initiatives

60% of SMEs Go Bankrupt After Cyber Attacks

A call for enhanced security measures

Adur and Worthing council contractor in data breach

AI in Cybersecurity: Emerging Trends and Future Challenges

Akira ransomware is “bringin’ 1988 back”

Android App 'iRecorder – Screen Recorder' Trojanized with AhRat

Apria Healthcare LLC Data Breach Affects Over 1.8 Million Patients

April 2023 Healthcare Data Breach Report

Arms maker Rheinmetall confirms BlackBasta ransomware attack

AT&T resolves issue that would allow account takeover through ZIP code and phone number

Augusta confirms cyber crime on city computers, says unrelated to other recent outage

Auto supplier Gentex hit by ransomware attack

BianLian Ransomware Shifting Focus to Pure Data Extortion

BlackCat Ransomware Actors Use Malicious Drivers to Evade Detection

BlackCat Ransomware affiliate uses signed kernel driver to evade detection

BlackCat ransomware takes control of protected computers via new kernel driver

Bridgestone CISO: Lessons From Ransomware Attack Include Acting, Not Thinking

Bristol Community College Data Breach Affects Over 56,000 People

Business Email Compromise (BEC) attacks rise as criminal hackers employ new tactics to evade detection

Canadian Nurses Association hit by cyber attack

Carvin Software faces lawsuit after data breach put 350k clients at risk

ChatGPT Can Be Used to Create Malware: Here’s How

ChatGPT to Disrupt Maritime IT/OT Security

City of Dallas employees concerned about data compromised in ransomware attack

Content Discovery: Understanding Your Web Attack Surface

Credit card theft mostly targets US victims, study suggests

Cryptomining group traced to Indonesia uses compromised AWS accounts

Cuba ransomware claims cyberattack on Philadelphia Inquirer

Cuba ransomware likely behind The Philadelphia Inquirer attack

Cyber Signals report reveals spike in cybercriminal activity

Data breach epidemic hits Africa: Nigeria at the forefront with 64% increase

Dish ransomware attack stole details from thousands of employees

Don’t get burnt before you’re on the beach: Action Fraud reports over £15m lost to holiday fraud in the past year

Dorchester school IT system held to ransom in cyber attack

Elevance Health Flexible Benefit Plan Experiences Third-Party Data Breach Following NationsBenefits Ransomware Attack

Fata Morgana Watering Hole Attack Targets Shipping, Logistics Firms

Gentex auto supplier hit by ransomware attack

Gentex suffers ransomware attack

Going dark: Cyber attack on Western Cape parliament downs ICT systems

GoldenJackal: New Threat Group Targeting Middle Eastern and South Asian Governments

GoldenJackal state hackers silently attacking governments since 2019

GoldenJackal Targets Diplomatic Entities in Middle East, South Asia

Hackers attack medical equipment provider, almost 2 Million people affected

Hackers Can Break Fingerprint Unlocking on Phones Within Hours

Hackers steal over $400 million from crypto projects

Harvard Pilgrim says customers' information compromised in cyber attack

Health insurer says patients’ information was stolen in ransomware attack

How Software Supply Chain Vulnerabilities Lead to Attacks

How to Recognize and Avoid Phishing Scams at Work

Ignoring Cybersecurity Is Intellectually Dishonest

India: Two hospitals, pharma company hit by ransomware

Industrial sector faced highest number of ransomware attacks in April

Israel – a Hacktivist’s Dream

IT employee impersonates ransomware gang to extort employer

KeePass master password manager at risk as users await patch

Learning from the Bridgestone Ransomware Attack

Man-in-the-Middle (MitM) Attack: Definition, Types, & Prevention Methods

Meta Fined with $1.3 Billion over Data Breach

Most Organizations Expect Ransomware Attack Within a Year, Many Grossly Underestimate Recovery Times

New AhRat Android malware hidden in app with 50,000 installs

New Veeam Research Finds 93% of Cyber Attacks Target Backup Storage to Force Ransom Payment

New WinTapix.sys Malware Engages in Multi-Stage Attack Across Middle East

North Korea's BlueNoroff Group Targets macOS Systems

North Korean Hackers Pose New Crypto Threat Targeting macOS Users

North Korean Kimsuky Hackers Strike Again with Advanced Reconnaissance Malware

Online pharmacy PillPack suffers data breach

Online scams target bargain-hunting holiday travelers

Passkeys vs. Password Managers: why you shouldn't ditch your password manager just yet

Philippines 42nd most affected globally by data breaches in Q1

Popular Android Screen Recorder iRecorder App Revealed as Trojan

PyPI attack: Targeting of repository 'shows no sign of stopping'

Ransomware attacks still ‘most pressing’ cyber security risk in AI era

Ransomware group claims it’s behind cyberattack on Inquirer

Ransomware resurgence after ‘strange year’ in 2022, insurance data shows

Records show the immediate aftermath of the cyber attack on Rochester Public Schools

Rheinmetall confirms Black Basta cyberattack

Right-Hand Cybersecurity Focuses On Human Behavior To Mitigate Attacks

Russian IT firm previously praised by Sberbank leaks its admin password stash

Russian Man Faces Over 20 Years Behind Bars for Alleged Participation in $200 Million Global Ransomware Campaigns

Sallie Mae Notified Individuals of Recent Data Breach Involving Bank Account Information

Scam Vendor ‘Inferno Drainer’ Siphons $6 Million in Crypto

Sharp Decline in Crypto Hacks in Q1 2023 Unlikely to Last

Spotify scam warning on emails fraudulently telling users their payments have failed

Spying campaign targets Ukraine, Israel, India, Kazakhstan and others, cyber agency says

Suspected Iranian hackers target Israeli shipping and logistics companies

Suspicion stalks Genesis Market’s competitors following FBI takedown

Suzuki Motorcycle India temporarily shuts production following a cyber attack

The Alarming Rise of Ransomware Attacks

The fragmented nature of API security ownership

The Rising Threat of Secrets Sprawl and the Need for Action

The Security Maturity Improvement Imperative

Thomas Hardye School in Dorchester hit by cyber attack

Threat Actor Abuses SuperMailer for Large-scale Phishing Campaign

Three Biggest Issues Driving Cybersecurity

Two-Thirds of IT Leaders Say GDPR Has Reduced Consumer Trust

Types of Cybercrime: A Comprehensive Guide to Uncover and Prevent Digital Attacks

US sanctions North Korean entities involved in cyberattacks and IT worker fraud

US sanctions orgs behind North Korea’s ‘illicit’ IT worker army

What makes South Africa a target for cyber crime, what actions can be taken?

Why Remote Work Data Protection Matters More Than Ever

Zivame data breach: Personal info of 1.5 million users on sale for $500

22nd May

3 common initial attack vectors account for most ransomware campaigns

5 Privacy and Security Risks of Using Google Photos

5 quick tips for better Android phone security right now

8 Essential Tips to Stay Safe on Social Media

9 Social Media Threats You Should Be Aware Of

30% of adults have or know someone who fell victim to an online scam

Advisor Group Recently Files Notice of 2021 Third-Party Data Breach Affecting Clients’ SSNs

Amazon’s PillPack reports data breach affecting more than 19,000

Are Your APIs Leaking Sensitive Data?

Bad Magic's Extended Reign in Cyber Espionage Goes Back Over a Decade

Billions of Android and iPhone users issued warning over AI attacks lurking in your device

BlackCat ransomware is using signed Microsoft kernel drivers to avoid detection

Blacklist untrustworthy apps that peek behind your firewall

CapCut Users Beware: Phishing Sites Distributing Malware

ChatGPT to Disrupt Maritime IT/OT Security

Chinese state-sponsored attack uses custom router implant to target European governments

CISA orders government agencies to patch iPhone bugs exploited in attacks

Constellation Software Inc. Experiences Data Breach Following Cyberattack

Crypto phishing service Inferno Drainer defrauds thousands of victims

Cyber Attack on San Diego USD Involved Student Medical Data

Cyberattacks Worst Threat to Local Governments in 2023: Here’s How to Stay Protected

Cybersecurity 101: Understanding the Basics of Online Safety

Cybersecurity in 2023 is a two-speed system

Dallas Municipal Court Building Closed This Week Due to Ongoing Ransomware Attack

Dallas under pressure as Royal ransomware group threatens leak

Data Breach at Debt Collection Agency Impacts Multiple Healthcare Providers

Davao regains control of hacked traffic office page

Dish Ransomware Attack Impacted Nearly 300,000 People

Dish says ransomware gang stole almost 300,000 employee records

Dole says February ransomware attack cost over $10 million to mitigate

Don't fall victim to a new wave of holiday scams this summer: Four ways your devices can be easily hacked in hotels - and how to protect yourself

DraftKings hacker charged in US Court for enabling the theft of $600K from customer accounts

Esports Safety: Tips for Staying Safe When Online Gaming

EU hands Meta record $1.3 billion fine over data transfers to US

EU Regulators Hit Meta with Record $1.3 Billion Fine for Data Transfer Violations

EU slaps Meta with $1.3 billion fine for moving data to US servers

Eyewear company Luxottica confirms 2021 data breach after database leaks online

Fancy Bear Goes Phishing – a gripping study of five extraordinary hacks

FBI issues official warning to all Android and iPhone users – don’t fall for bank draining message on Memorial Day

FBI warns about fake job ads from cyber traffickers

Fear of German companies of hackers greater than ever

FIN7 cybergang tied to April PaperCut attacks

Food Distributor Sysco Suffers Data Breach Leaking Customer and Employee Personal Information

Four convincing scams that Which? is warning people to watch out for in 2023

Fraudsters use bogus version of Hong Kong police’s ‘Scameter’ app to target past deception victims

Gentex confirms data breach by Dunghill ransomware gang

German arms company Rheinmetall confirms Black Basta ransomware group behind cyberattack

Hacker Sentenced to 51 Months in Prison for Stealing Customer Credit Card Numbers

Hactivists expose Russian intelligence kingpin wanted for US election interference

Hitachi Energy Posts Notice of Employee Data Breach Following Fortra “GoAnywhere” Exploitation

How New York lawmakers want to strengthen cybersecurity for governments

How the ILOVEYOU worm exposed human beings as the Achilles Heel of cybersecurity

How To: Improve Your Website Security

India: Two hospitals, pharma company hit by ransomware attack in a month

Indonesia's Banking Services Still Vulnerable to Cyberattack

Indonesian Cybercriminals Exploit AWS for Profitable Crypto Mining Operations

Inferno Drainer: The new crypto and NFT nightmare – What or who is it?

Iowa hospital discloses breach following Royal ransomware leak

IT security budgets are shifting as companies target risk reduction

KeePass Exploit Allows Attackers to Recover Master Passwords from Memory

Law firm investigating class action against Latitude claims it knew of ‘real risk’ of security lapse

Lucky catch: Two northern companies hit by 'spear phishing' recoup $950K

Malicious links and misaddressed emails slip past security controls

Malicious Windows kernel drivers used in BlackCat ransomware attacks

Malta: IT firm involved in data breach given 20 days to release details

‘Man-in-the-middle’ cyber attack: Fraudsters dupe top construction tech firm in Pune of over Rs 13 lakh

Mastermind Behind iSpoof Fraud Website Sentenced to 13 Years in the UK

Mazars Group allegedly breached by BlackCat cybercrooks

Meta fined €1.2bn for data breach

Meta Fined €1.2bn for Violating GDPR

Meta ordered to suspend Facebook EU data flows as it’s hit with record €1.2BN privacy fine under GDPR

Meta slapped with record $1.3 billion fine

Meta slapped with whopping £1bn fine over Facebook data breach

Microsoft Warns of New Sophisticated Phishing Scams

Nation’s cybersecurity agency using alerts to prevent the damage of ransomware attacks

National Foods Loses US$6m To Cybercriminals In Zimbabwe

Nearly 300,000 people affected by data breach in DISH ransomware attack

On Demand Staffing, Inc. Announces Third-Party Data Breach Following Cyberattack at Carvin Software

Pakistan Telecommunication Authority (PTA) Issues Advisory Regarding Potential Ransomware Attacks

Patients Beware! Your Data Could Be Unsafe

PyPI briefly paused new users amidst wave of malware

Ransomware Group BianLian Targeted in a Joint Cybersecurity Advisory

Ransomware resurgence in 2023

Report Estimates Trillions in Indirect Losses Would Follow Quantum Computer Hack

Rheinmetall listed on ransomware victim blog

Rochford Council says Capita data breach impacted residents' personal data

Samsung Smartphone Users Warned of Actively Exploited Vulnerability

Security experts weigh in on Snake malware operation

Significant decline in Australian data breaches in 2023

Spain is the 5th most breached country globally in Q1’2023

Staying ahead of the changing threat landscape in 2023

The key to good corporate cybersecurity is defence in depth

The Risks And Rewards Of Artificial Intelligence In Cybersecurity

The top 7 cybersecurity risks in manufacturing supply chains

The U.S. Authorities Crack Down on Russian Ransomware Kingpin

Tornado Cash Hacker Hints of Undoing Attack Pushing Price of Torn Up by 10%

U.K. Fraudster Behind iSpoof Scam Receives 13-Year Jail Term for Cyber Crimes

U.S. Charges Russian National with Conspiracy to Deploy Ransomware

UK Man Sentenced to 13 Years for Running Multi-Million Fraud Website

Urgent warning to mobile banking customers over new scam where thieves steal your money in seconds

Vegas man accused of role in $45m crypto-scam

Vulnerability in Zyxel firewalls may soon be widely exploited (CVE-2023-28771)

What Capita’s cyber security breach likely means for IT contractors

What Is Inferno Drainer? New Phishing Scam Pilfering Crypto, NFTs

Who Owns Security in Multi-Cloud Operations?

Your Smart TV Can Be Hacked! 5 Ways to Stop the Bad Guys

Zivame data breach: Personal info of thousands of Indian women customers up for sale online