Editor's Message

Welcome to DBD. On March 8th we celebrated our 4th Anniversary and the 1st Anniversary of our PRiSM application, officially endorsed by the SANS Institute. Despite recent personal issues that have impacted the amount of time I have been able to dedicate to both projects, I have been doing my best to keep everything as up-to-date as possible, and I would like to take this opportunity to thank everyone for their patience and support whilst I navigate through this very difficult time. Stay safe. :)

Monday 5 June 2023

Data Breaches Digest - Week 23 2023

Welcome to this week's Data Breaches Digest, a catalogue of links concerning Data Breaches and Cyber Security that were published on the Internet during the period between 5th June and 11th June 2023.

11th June

A Closer Look at Data Breaches in the US

Android Malware Mimics VPN, Netflix and Over 60k of Other Apps

Beyond Passwords: The Future of Authentication in Cybersecurity

Disruption to people's lives is Gloucester council chief's biggest frustration over cyber attack

Fortinet fixes critical RCE flaw in Fortigate SSL-VPN devices, patch now

Hacked Documents Show Hectares Of Land Given To Iran Atomic Organization

Honda eCommerce Platform Flaw Exposes Customers’ Data

iPhones are the target of a new and malicious malware

Is Fighting Cyber-Espionage Against Dissidents Getting Difficult?

Is It Safe to Allow Pop-Ups in Your Browser?

JamaicaEye hit by cyber attack

JBS’s cybersecurity was unusually poor prior to 2021 ransomware attack, internal homeland security records show

Spyware Could End Malta’s Golden Passports

Strava heatmap feature can be abused to find home addresses

The Ukrainian Robin Hood: a hacker drains Russian wallets and transfers bitcoins to volunteers

Top 12 tips to keep your business safe from cyberattacks

Why is cybersecurity always an important factor to consider when browsing the web?

10th June

$3.86 Million: The Average Cost of a Corporate Data Breach

4 Australian Cyber Security and Data Breach Case Studies

9 Mistakes That Make You An Easy Target for Hackers

A Deep Dive Into The Digital World's Worst Calamities

Banks need to pay up for financial scams

Billions of Android, iPhone, Gmail, and Outlook users warned over ‘code message’ that’s big identity theft red flag

Department of Justice (DOJ) Charges Russian Hackers Attempting to Launder 647,000 BTC

Experts found new MOVEit Transfer SQL Injection flaws

Gloucester cyber attack likened to Wordle in how extent of damage revealed itself over time

Hackers steal $3 million by impersonating crypto news journalists

Illinois state agencies were targeted in ransomware attack by CL0P hackers

Ireland: HSE again impacted by cyber-attack

Minnesota Department of Education affected by global data breach

New Critical MOVEit Transfer SQL Injection Vulnerabilities Discovered - Patch Now!

New SPECTRALVIPER Backdoor Targeting Vietnamese Public Companies

Passkeys See Fresh Momentum With New Pilot Programs

US Government warns all iPhone and Android users to follow six Wi-Fi rules or risk ‘becoming a victim’

Warning as Sheffield schools hit by data leak after hackers target Capita

Why you need to remove these malicious extensions now

Younger, more extroverted, and more agreeable individuals are more vulnerable to email phishing scams

9th June

5 Reasons Why Access Management is the Key to Securing the Modern Workplace

9 Ways SMEs Can Protect Themselves from Cybersecurity Threats

49ers agree to settle data breach class action lawsuit, must create new IT positions

49ers Settle Class Action Lawsuit Stemming from 2022 Data Breach, Ransomware Attack

55% of organizations have experienced a SaaS security incident

Another huge US medical data breach confirmed after Fortra mass-hack

Asylum Ambuscade: A Cybercrime Group with Espionage Ambitions

AT&T warns billions of Android and iPhone owners over three killer texts that raid your bank – spot the red flags now

AtlantiCare reports third-party data breach

Barracuda tells customers to replace vulnerable email security appliances after hacker exploit

Barracuda Urges Swift Replacement of Vulnerable ESG Appliances

BBC radio staff and freelancers alerted over personal data breach

BBC, British Airways Among Those Compromised by Supply Chain Cyber Attack on Payroll Provider

BBC, British Airways, Boots hit with hackers’ ultimatum after suffering MOVEit supply-chain attack

Beware of Vacation-Related Scams: 4 Most Prevalent Types

Billions of Gmail, Outlook, Android, and iPhone users warned to search five bank-draining phrases in inbox now

BlackCat ransomware fails to extort Australian commercial law giant

Business Case for Data Privacy

Canada: Nova Scotia - Update on MOVEit Data Breach

CGM, Inc. Files Notice of Data Breach Affecting Nearly 280k Individuals Confidential Information

China calls US the ‘most powerful hacker empire’ as it denies deal to set up Cuba spy station

Cyber security incident at University of Manchester

Cyber threat shuts down some Fayetteville web services

Cybercrime outnumbers arms, drugs and human trafficking combined

Cybersecurity Incident at MercyOne Triggers Potential Patient Data Loss

Dallas releases technology accountability report following ransomware attack

Data breach exposes 95,000 Minnesota student files

Data Breaches in May 2023 – Infographic

Dental Services Organizations (DSOs) Computer Systems Hacked

Digital Behavioral Fraud Gets Increasingly Personal

Employee cybersecurity awareness takes center stage in defense strategies

Energy Companies Need to Understand Their Cyber Attack Surface To Protect Against Cybersecurity Threats

Forsyth County says swift action kept cyber attack from being much worse; offering identity monitoring for those affected

Fortinet research finds over 80 percent of organizations experience cyber attacks that target employees

Guinness Beer Father’s Day Giveaway Scams

Guinness maker's warning over WhatsApp scam that offers 'fridge full of beer' for Father's Day

Hacker allegedly stole $47K from Lehigh Carbon Community College

Hacker leaks Cortina Watch’s data online, including customer details and sales tactics

Hacker Steals Millions In Crypto In Multiple Twitter And Discord Hacks

Hackers access sensitive student data from Minnesota Department of Education

Hackers are attacking Minecraft to push malware once again

Hackers claim to have crippled Russia’s banking system

Hackers have been sitting on MOVEit bug for 2 years

Healthcare’s Life-or-Death Battle: Ransomware & Loadshedding Incident Response

Here’s how cybercriminals bypass EDR – and why security teams need a defense-in-depth approach

How one Ohio hospital decrypted LockBit ransomware

How to Defend Against Modern Ransomware Attacks

How to reduce the impact of a data breach through internal controls

Identity Security a Top Priority as Threats Evolve

If you’re a Netflix subscriber watch out for this scam

Illinois a victim of CL0P ransomware attacks, state agency says

IntelliHartx, Inc. Notifies 489k Patients of Data Breach Following an Incident at Third-Party Vendor, Fortra

IoT Botnet DDoS Attacks Threaten Global Telecom Networks

Ireland: Fresh cyber attack impacts HSE

Ireland: HSE says 20 people's data breached in cyber-attack on third party recruitment software

Japanese Pharmaceutical giant Eisai hit by a ransomware attack

List of Nova Scotians who had information stolen in cyberattack expanded

Lowe’s Factory Shop, Apple, UPS, Netflix, and Delta Air Lines – Top Scams of the Week

Manchester University flags cyber security incident

Marshall & Melhorn, LLC Notifies Over 27K Individuals of Recent Data Breach

Mayberry regains full access to data following cyberattack

MercyOne Files Notice of Data Breach Impacting the PHI of More Than 20k Patients

Microsoft’s Azure portal down following new claims of DDoS attacks

Microsoft OneDrive went down after a spate of DDoS attacks

Microsoft Uncovers Banking Adversary-in-the-Middle (AitM) Phishing and BEC Attacks Targeting Financial Giants

Millions of Turks’ personal data exposed on a website

Minecraft Community on High Alert as Malware Infects Popular Mods

Minecraft Users Warned of Malware Targeting Modpacks

Minnesota Department of Education impacted by global data breach

Minnesota Department of Education says international data breach includes some agency records

MOVEit announces second vulnerability; Minnesota schools agency breached with original bug

Nepal: Travel companies asked to deal with caution after hacker attack

New Entrants to Ransomware Unleash Frankenstein Malware

New Jersey’s Montclair Township Cyber Attack Reported on Election Day

New MOVEit Transfer critical flaws found after security audit, patch now

Notification of a cyber incident at The University of Manchester

Online muggers make serious moves on unpatched Microsoft bugs

Organizations Urged to Address Critical Vulnerabilities Found in First Half of 2023

Pearland Independent School District Notifies Over 55k Individuals of Recent Data Breach

Petaluma Health Center Suffers Data Breach

Pro-Ukraine hackers claim to take down Russian internet provider

Ransomware gang Clop prepped zero-day MOVEit attacks in 2021

Ransomware gang reportedly hacks North Carolina health system

Ransomware gangs are losing interest in US firms

Ransomware scum hit Japanese pharma giant Eisai Group

Replace Barracuda Email Security Gateway (ESG) appliances, company urges

Return Oriented Programming (ROP) Detection and Prevention: Tools and Techniques for Defending Against Return Oriented Programming

Russian nationals accused of Mt. Gox bitcoin heist, shifting stolen funds to BTC-e

Russian Nationals Charged With Hacking One Cryptocurrency Exchange and Illicitly Operating Another

Russians charged with hacking Mt. Gox crypto exchange, running BTC-e

San Francisco 49ers agree to pay out victims of 2022 data breach

Security Awareness Training 101: Which Employees Need It?

Security Experts Highlight Exploit for Patched Windows Flaw

Seventy-eight percent of domains containing 'ChatGPT' are malicious

Shell Recharge data breach exposes EV drivers’ information

Social-engineering scams get more sophisticated

South Africa: Information Regulator in dark about Western Cape Provincial Parliament’s cyber incident

Spot the Red Flags: AT&T Issues Warning to Billions of Android and iPhone Owners Against Three Killer Texts that Raid Your Bank

Stealth Soldier: A New Custom Backdoor Targets North Africa with Espionage Attacks

Swiss government data on the dark web after Play ransomware’s cyberattack on Xplain?

The Complexities of Hacking: Exploring the thin line between cybercrime and ethical hacking

The Jeopardy of Zombie APIs

The University of Manchester hit by cyber security breach after detecting 'unauthorised activity'

The University of Manchester hit with cyberattack

Twitter hackers target high-profile accounts with phishing scam

Ukrainian hackers take down service provider for Russian banks

University of Manchester announces cyber incident, says data ‘likely’ copied

University of Manchester dealing with cyber security breach

University of Manchester hit by cyber attack

University of Manchester hit by cyber attack with ‘data likely copied’ by unauthorised party

University of Manchester says hackers ‘likely’ stole data in cyberattack

University of Manchester says its data 'likely copied' in cyberattack

University of Manchester Suffers Suspected Data Breach During Cyber Incident

University of Manchester trying to resolve "cyber incident"

US cyber-attacks on iPhones began as early as 2013, says report from Chinese cybersecurity company

What Are Identity-Based Attacks and How Can You Prevent Them?

What is a cyber-attack, what types are there and what is it used for?

Who are the Clop Gang? Russian hackers behind the BBC, BA, Boots cyber attack are on a rampage

Why attackers love to target IoT devices

Why organizations shouldn't pay ransomware demands

Why Zero Trust Matters When it Comes to Phishing Prevention

8th June

37% of IT professionals report experiencing a data loss event

51 Must-Know Phishing Statistics for 2023

A.I. Is Helping Hackers Make Better Phishing Emails

Advanced Espionage Malware “Stealth Soldier” Hits Libyan Firms

Aix-Marseille, France’s largest university, hit by cyberattack

Alvaria Confirms November 2022 Hive Ransomware Attack

Asylum Ambuscade hackers mix cybercrime with espionage

Barracuda now says you'll have to replace your ESG device right away

Barracuda tells customers to rip out vulnerable hardware as experts size up the damage

Barracuda Urges Immediate Replacement of Hacked ESG Appliances

Barracuda Urges Replacing — Not Patching — Its Email Security Gateways

BBC and other organizations targeted in recent MOVEit vulnerability

Beware of ransomware: What is it? What's the cost? How can you prevent it?

Casepoint attackers: we have Meta and Google comms with special services

ChatGPT’s False Information Generation Enables Code Malware

Cisco has fixed a highly severe flaw in its business VPN - so patch now

City of Augusta refuses to negotiate with the BlackByte ransomware gang despite facing disruptions

Cl0p announces rules for extortion negotiation after MOVEit hack

Clop Ransomware Gang Likely Aware of MOVEit Transfer Vulnerability Since 2021

Clop ransomware group gives BA, BBC and other victims one week to pay

Clop ransomware likely testing MOVEit zero-day since 2021

Cyber Extortionists Seek Out Fresh Victims in Latin America and Asia

Cybercrime group ‘Asylum Ambuscade’ adds espionage to its activities

Espionage Attacks in North Africa Linked to "Stealth Soldier" Backdoor

Experts Unveil Exploit for Recent Windows Vulnerability Under Active Exploitation

Federal Trade Commission (FTC) charges Amazon for keeping children's voice recordings

German recruiter leaks sensitive job seeker info

Honda customer data could have been accessed by anyone

Honda fixes bug spotted by researcher in platform for US equipment dealers

How All India Institute of Medical Sciences (AIIMS) thwarted the second cyber attack on June 6

How Colleges Can Defend Against Cyberattacks

How to Improve Your API Security Posture

‘I am disgusted’: Retired Huron-Superior Catholic District School Board educator blasts board’s handling of cyber attack

Incident of the Week: Clop ransomware gang threatens BBC, Boots and British Airways

Japanese pharma giant Eisai discloses ransomware attack

Japanese pharma giant Eisai says ransomware attack disrupted logistics operations

Kimsuky Targets Think Tanks and News Media with Social Engineering Attacks

Lazarus Group Blamed for Atomic Wallet Heist

Microsoft OneDrive down worldwide following claims of DDoS attacks

Mitigating AI security risks with phishing-resistant MFA

Nova Scotia Health Says 100,000 Affected by MOVEit Hack

Peachtree Orthopedics facing extortion threat in wake of patient data breach

Petaluma Health Center notifies patients of data breach

Pharmaceutical Giant Eisai Hit By Ransomware Incident

“Picture in Picture” Technique Exploited in New Deceptive Phishing Attack

Prestigious Russian university puts student data at risk

Proof-of-Concept (PoC) released for Windows Win32k bug exploited in attacks

Royal ransomware gang adds BlackSuit encryptor to their arsenal

Shaving time and complexity off ransomware recovery

Shipping industry expects cyber-attack deaths, collisions, and groundings

Stanly Community College Files Notice of Data Breach After Hackers Gain Access to Employee Email Accounts

SuperVPN, Enzo Biochem experience data breaches

The Philippines: Phishing attacks identified as cause of recent GCash incident

Understanding Cloud Data Risk – Uncovering Data and Identities

Urgent Security Updates: Cisco and VMware Address Critical Vulnerabilities

US: State mail error results in Medicaid data breach; 5,800 Utah recipients impacted

VMware patches critical bugs in network analytics tool

Wealthy New Jersey township hit with cyberattack, mayor says

Why Apps Like TikTok Can Be a Security Issue for Your Business

Why nonprofits need to be more worried about cybersecurity

7th June

Aer Lingus caught up in international payroll data cyber-attack

AI used by crooks to create explicit deepfake images for blackmail, FBI warns

AI vs Cybersecurity: Preparing for the Most Transformative Meta-Invention of Our Times

Android users beware: malware mimics Free VPN, Netflix, and 60K+ more apps

Ascension Announces Data Breach Affecting the Company’s Seton and Providence Systems

Ascension Seton reports data breach of websites

Barracuda says hacked ESG appliances must be replaced immediately

BBC, British Airways among big-name cyber attack victims

BBC, British Airways and Boots issued with ultimatum by cyber gang Clop

Billions of Gmail and Outlook users warned over ‘spear phishing attacks’ that ‘get personal’ before taking over device

British Airways, Boots and BBC cyber-attack: who is behind it and what happens next?

Cambodia: Banks warn ‘phishing’ on rise through mobile apps

CISA and FBI Release Advisory on CL0P Ransomware Gang Exploiting MOVEit Vulnerability

CISA and Partners Publish Guide For Remote Access Security

Cisco fixes AnyConnect bug giving Windows SYSTEM privileges

Cl0p gang claims hundreds of MOVEit flaw victims

Clop ransomware crew sets June extortion deadline for MOVEit victims

Clop ransomware gang claims the hack of hundreds of victims exploiting MOVEit Transfer bug

Current SaaS security strategies don’t go far enough

CVEs Surge By 25% in 2022 to Another Record High

Cyber attack 2023: BBC, British Airways and Boots issued with ultimatum by Russian cyber gang Clop

Cyber attack on the Caribbean Island of Martinique disrupts Internet services

Cybergang behind Nova Scotia breach says it erased stolen data, but experts urge caution

Dallas in the homestretch of ransomware attack recovery

Deepfake Cyber Attack Hits Russia: Fake Putin Message Broadcasted

Enzo Biochem Confirms Data Breach Impacting Nearly 2.5M Individuals

Exploited zero-day patched in Chrome (CVE-2023-3079)

FBI Warns of Surge in Deepfake Sextortion Attempts

FBI warns that compromising deepfakes are on the rise

Federal Agencies Publish New Version of the #StopRansomware Guide

Fortifying The Future: The Power Of Network Security

Gateway First Bank Experiences Data Breach Following Unauthorized Access to Employee Email Accounts

Georgia university leaders waited three months to disclose data breach, lawsuits claim

Global Malware Attack Imitates VPN and Security Apps on Android Phones

Gloucester: Russian hackers behind cyber-attack on council

Google launches hacker-backed SME security training scheme

Hacker attempts to exploit old and new bugs up 55%

Hackers issue 'ultimatum' over payroll data breach

Healthcare M&A Means Acquiring Legacy Threats

High-risk vulnerabilities patched in ABB Aspect building management system

Honda API flaws exposed customer data, dealer panels, internal docs

Japanese pharma giant Eisai working with law enforcement to resolve ransomware attack

Lawyer Warns MOVEit Ransomware Attack Victims to Not Engage with Hackers

Lazarus hackers linked to the $35 million Atomic Wallet heist

LockBit ransom gang goes on another spree

LockBit Ransomware Responsible for Data Breach of Major Medicaid Dental Provider, 8.9 Million Patient Records Exposed

London secondary school closed after ‘devastating’ cyberattack

Many Android apps have been installing adware for half a year

Marshall & Mellhorn law firm reports data breach

MasterCorp, Inc. Files Notice of Data Breach Following Cyberattack

May 2023 data breach roundup

Microsoft settles Federal Trade Commission (FTC) charges for violating Children's Online Privacy Protection Act (COPPA)

Microsoft to Pay $20 Million Penalty for Illegally Collecting Kids' Data on Xbox

Most SMBs admit to paying ransomware demands - here's why

MOVEit Bug Attacks Continue By Cl0p Ransomware Group, Other Actors

MOVEit cyber attack: Cl0p sparks speculation that it’s lost control of hack

New Fractureiser malware used CurseForge Minecraft mods to infect Windows, Linux

New PowerDrop Malware Targeting U.S. Aerospace Industry

New zero-click threat targets iPhones and iPads

North Korean APT Group Kimsuky Expands Social Engineering Tactics

North Korean hackers target some 150 experts in phishing campaign

North Korean hacking group Lazarus linked to $35 million cryptocurrency heist

0mega ransomware gang changes tactics

Pacific Union College Acknowledges Ransomware Attack, but Denies Data Breach Despite Hackers’ Claims

Passwords of over 500,000 Belgians leaked in data breach

Personal information of 7,000 retired Vermont teachers stolen in cybersecurity attack

Phishing attacks cost Belgians €40 million last year, study finds

"PowerDrop" PowerShell Malware Targets US Aerospace Industry

Protecting Against Remote Monitoring and Management Phishing

Public sector apps show higher rates of security flaws

Ransomware group Clop issues extortion notice to ‘hundreds’ of victims

Ransomware, social engineering costs skyrocket

Stop Ransomware: CL0P Ransomware Gang Exploits CVE-2023-34362 MOVEit Vulnerability

Takeaways from the Optus and Medibank data breach class actions

The Dallas ransomware attack is in week 5. What can be done to prevent the next one?

The official NASA website has some out-of-this-world security flaws

The Privacy-Control Trade-Off: User Privacy Vs. Corporate Control

Toyota Data Breach: Customer Information Exposed in Asia-Pacific

UAE: ChatGPT used to launch cyber and ransomware attacks, says head of cybersecurity

Verizon 2023 Data Breach Report shows rising cost of ransomware

VMware fixes critical vulnerability in vRealize network analytics tool

Who are the Clop Gang? Russian hackers behind the BBC, BA, Boots cyber attack are on a rampage

Winning the Mind Game: The Role of the Ransomware Negotiator

6th June

5 Reasons Why IT Security Tools Don't Work For Operational Technology (OT)

2023 Data Breach Investigations Report: frequency and cost of social engineering attacks skyrocket

Android security update fixes Mali GPU flaw exploited by spyware

Apple announces next-level privacy and security innovations

At least 3 class-action lawsuits filed over Mercer University’s recent data breach

Atomic Wallet hacker sends crypto to mixer used by Lazarus Group

Beware! Hackers Are Using This Simple Tactic To Send Malicious Links

Bitcoin Fueled the Rise of Ransomware — Can It Also Play a Role in Ending Cyber Attacks?

Boots among companies hit by major cyber attack with UK staff bank details exposed

Boots and British Airways among firms affected by global cyber attack

Boots hit by cyber attack exposing UK staff bank details

British Airways, BBC and Boots hit by zero-day vulnerability attack

British Airways, BBC and Boots were impacted the by Zellis data breach

British Airways, Boots and BBC among companies targeted in cyberattack

Business Email Compromise (BEC) scams: A growing threat evolving in complexity and cost

Business Email Compromise (BEC) Volumes and Ransomware Costs Double in a Year

Chinese PostalFurious Gang Strikes UAE Users with Sneaky SMS Phishing Scheme

CISOs focus more on business strategy than threat research

Clop Ransom Gang Breaches Big Names Via MOVEit Flaw

Cloud misconfiguration causes massive data breach at Toyota Motor

Consumers overestimate their deepfake detection skills

Cortina Holdings falls prey to cyber attack

Criminal Group Strikes Montclair with Cyber Attack, Mayor Says

CVE-2023-34362 – MOVEit Transfer Zero-Day SQL Injection Vulnerability Actively Exploited in the Wild

Cyclops Ransomware Gang Offers Go-Based Info Stealer to Cybercriminals

Eisai hit with ransomware attack, launches investigation into possible data leaks

Enzo Biochem says ransomware attack compromised the data of nearly 2.5m people

Exploitation of Vulnerabilities Have Soared, Unit 42 Report Finds

Free VPN user data leaked in Telegram group

Google Addresses Latest Zero-Day Affecting Chrome

Google fixes new Chrome zero-day flaw with exploit in the wild

Hackers Leak i2VPN Admin Credentials on Telegram

Hartlepool MP data breach leaves constituent feeling 'intimidated'

Has Ransomware Turmoil Started Slowing Down for Good?

Human error still plays major role in breaches across industries

Kaspersky Releases Tool to Detect Zero-Click iOS Attacks

Many across Ireland and the UK affected by global data breach

Microsoft fined $20M for Xbox collection of kids’ data

Microsoft Outlook down after reported hack

Microsoft Outlook hackers threaten ChatGPT next

Microsoft pins MOVEit Transfer exploits on Cl0p

Microsoft settles for $20 million with Federal Trade Commission (FTC) over Xbox’s collection of children’s data

Microsoft to pay $20 million for XBOX children privacy violations

MoveIt hack: What action can data-breach victims take?

MOVEit linked to Clop ransomware gang

MOVEit Transfer hack fallout: BBC, Aer Lingus, Boots among the victims

New ChatGPT Attack Technique Spreads Malicious Packages

New Malware Campaign Leveraging Satacom Downloader to Steal Cryptocurrency

New ‘PowerDrop’ malware targeting US aerospace industry

New 'PowerDrop' PowerShell malware targets U.S. aerospace industry

New vulnerabilities published in 2022 increased 25%

North Korean hackers spoof venture capital firms in Japan, Vietnam and US

North Korean hacking group Kimsuky targeting regional experts, news outlets

Open Source Intelligence (OSINT) For and Against Fraudsters: Two Sides of the Same Coin

Outlook.com hit by outages as hacktivists claim DDoS attacks

Over 60K Adware Apps Posing as Cracked Versions of Popular Apps Target Android Devices

Over 60,000 Android apps secretly installed adware for past six months

Pupil assignments hit by Dorchester school cyber attack

Ransomware attacks have room to grow, Verizon data breach report shows

Real Demons in the Virtual World – Emerging Cyber Risks in the Metaverse

Researchers discover 60,000 ‘modded’ Android apps carrying adware

Role of impactful penetration testing amid rise of AI-powered threat actors

Russian hackers are blamed for huge cyber-attack that saw personal details of thousands of BBC, British Airways and Boots staff - including Corporation's stars - exposed in major security scare

Safeguarding K-12 school networks with proactive cybersecurity approaches

Sextortionists are making AI nudes from your social media images

The 2 BIG Exceptions to Financially Motivated Cybercrime

The FBI Could Help Retrieve Your Data After a Ransomware Attack

The opportunities and risks of ChatGPT in cybersecurity

The University of Rochester Provides Notice of Possible Data Breach Stemming from Vulnerability in File Transfer Service

Three Vulnerabilities Discovered in Game Dev Tool RenderDoc

University of Rochester, Nova Scotia first known MoveIT victims in North America

Verizon 2023 Data Breach Investigations Report: 74% of breaches involve human element

Verizon 2023 Data Breach Investigations Report: DDoS attacks dominate and pretexting lead to BEC growth

Verizon 2023 Data Breach Investigations Report: Ransomware remains steady but complicated

Warning that BBC stars whose personal details were exposed in massive cyber-attack by Russia-linked hackers will be held to ransom for MILLIONS after gang sparked security scare

What security leaders can learn from Smashing Pumpkins hacker attack

Whose Data Breach Is It Anyway?

Zero-Day Alert: Google Issues Patch for New Chrome Vulnerability - Update Now!

Zero-day MOVEit Transfer vulnerability exploited in the wild, heavily targeting North America

Zoom announces privacy enhancements and tools

Zoom brings in new privacy measures following EU fine for Meta

Zyxel Firewalls Under Attack! Urgent Patching Required

5th June

2.5 Million Impacted by Enzo Biochem Data Leak After Ransomware Attack

$35 million stolen in attacks on Atomic Wallet cryptocurrency customers

49% of organizations proactively invest in identity protection

66% of organizations have increased their investment in Software as a Service (SaaS) apps

A new wave of sophisticated digital fraud hits Europe

Alarming Surge in TrueBot Activity Revealed with New Delivery Vectors

Atomic Wallet Customers Lose Over $35m in Crypto Attacks

Atomic Wallet Hit by $35M Theft in Recent Crypto Breach

Augusta not in contact with ransomware group behind attack, mayor says

BBC and British Airways hit by zero-day hack on payroll company Zellis

Boots and British Airways among global firms affected by cyber attack

Boots, British Airways, BBC staff hit by cyber attack on payroll provider

Brazilian Cybercriminals Using LOLBaS and CMD Scripts to Drain Bank Accounts

British Airways and BBC in Russian-linked cyber attack

British Airways and Boots hit by cyber attack with UK staff bank details stolen

British Airways and Boots UK staff hit by major cyber attack as details get exposed

British Airways staff suffer cyber attack targeting bank details

British Airways, BBC and Boots caught up in file transfer hack

British Airways, BBC and Boots confirm data breach in Zellis hack

British Airways, BBC and Boots Hit by Suspected Russian Cyber Attack

British Airways, BBC and Boots staff hit in major payroll cyber attack 'linked to Russia'

British Airways, BBC and Boots UK employee bank details exposed in massive data breach

British Airways, Boots and BBC staff details targeted in Russia-linked cyber-attack

British Airways, Boots exposed in Zellis hack

British Airways, Boots, BBC payroll data stolen in MOVEit supply-chain attack

Caribbean island of Martinique dealing with cyberattack that disrupted government services

ChatGPT Is Here, and So Are Its Risk Management Challenges

Clop ransomware gang exploits the MOVEit Transfer vulnerability to steal data

Clop ransomware group behind MOVEit file transfer hacks

Cloud Security is the Greatest Area of Concern for Cybersecurity Leaders According to EC-Council’s Certified CISO Hall of Fame Report 2023

Critical Zero-Day Flaw Exploited in MOVEit Transfer

Deepfakes are adding an insidious edge to some sextortion schemes, FBI says

Department of Homeland Security (DHS) deep in technical debt, exposed to hacks and other risks

FireTail Report Finds API Security Breaches are few but Lethal

GIGABYTE releases new firmware to fix recently disclosed security flaws

Globalcaja bank confirms ransomware attack

How To: Balance Cybersecurity Budgets and Risk in Midsize Enterprises

KeePass v2.54 fixes bug that leaked cleartext master password

Killnet hacktivists say they’re disbanding

Magento, WooCommerce, WordPress, and Shopify Exploited in Web Skimmer Attack

Massive cyber attack on thousands of firms including British Airways and Boots sees bank and contact details exposed to hackers in huge security scare

Microsoft: Lace Tempest Hackers Behind Active Exploitation of MOVEit Transfer App

Microsoft links Clop ransomware gang to MOVEit data-theft attacks

Microsoft says Clop ransomware gang is behind MOVEit mass-hacks, as first victims come forward

MOVEit hack: BBC, British Airways and Boots among cyber attack victims

MOVEit Transfer zero-day was exploited by Cl0p gang (CVE-2023-34362)

MOVEit zero-day exploit used by data breach gangs: The how, the why, and what to do

New ways to reduce the chances of ransomware attacks

NHS England reports GP data breach after Capita cyber-attack

North Korea Makes 50% of Income from Cyber-Attacks

Ransomware Group Used MOVEit Exploit to Steal Data From Dozens of Organizations

RomCom ransomware is being spread via poisoned Google ads

Satacom Malware Campaign Steals Crypto Via Stealthy Browser Extension

Scrubs & Beyond Leaks 400GB of User PII and Card Data in Plain Text

Showmax passwords for over 27,000 accounts leaked online

Spanish Bank Globalcaja Hit By Ransomware Attack

SpinOk Android malware found in more apps with 30 million installs

The Cyber Resilience Imperative for Software Supply Chain Security

Third-party data breach impacts University of Rochester

Thousands of workers affected by major data hack at BBC, British Airways and Boots linked to Russia

Virtual claims raise alarms among insurance carriers and customers

When it Comes to Cybersecurity, Prepare, Protect, Deploy

Zellis cyber attack: British Airways, BBC and Boots staff have data stolen in breach