Editor's Message

Welcome to DBD. On March 8th we celebrated our 4th Anniversary and the 1st Anniversary of our PRiSM application, officially endorsed by the SANS Institute. Despite recent personal issues that have impacted the amount of time I have been able to dedicate to both projects, I have been doing my best to keep everything as up-to-date as possible, and I would like to take this opportunity to thank everyone for their patience and support whilst I navigate through this very difficult time. Stay safe. :)

Monday 19 June 2023

Data Breaches Digest - Week 25 2023

Welcome to this week's Data Breaches Digest, a catalogue of links concerning Data Breaches and Cyber Security that were published on the Internet during the period between 19th June and 25th June 2023.

25th June

CoWIN Data Breach Reveals Security Gaps In India’s Critical Information Infrastructure

Cyberattacks on hospitals 'should be considered a regional disaster,' researchers find

Grafana warns of critical auth bypass due to Azure AD integration

Jail Time: ‘PlugWalkJoe’ Gets 5 Years for Twitter Hack and Sim Swapping

Lessons for employers following major data breach

New trend of cybercrime: ‘Beware of phishing using Aadhaar-enabled Payment System’

The Anatomy of a Phishing Attack: How Anti-Phishing Technologies Work

The Importance of Data Privacy in Personalization

Three Top Tips to Battle a Cyber Attack

Trojanized Super Mario game used to install Windows malware

Twitter hack: Joseph O'Connor jailed for celebrity cyber attack

Twitter hacker sentenced to 5 years for 2020 breach

Twitter Hacker Sentenced to 5 Years in Jail for Crypto Theft

24th June

45,000 New York City (NYC) students among the victims of MOVEit global data breach, Department of Education (DOE) officials say

A Global Hack Blamed On Russian Thieves Hits An Insurance Company And A Pension Fund In California

Airline data breach: Major companies warn staff thousands had their information exposed

American Airlines, Southwest Airlines disclose data breaches affecting pilots

American and Southwest Airlines Third-Party Vendor Suffered a Data Breach

Another data breach at NYC schools exposes student and staff information

City of Fort Worth Assessing Impact After Data Breach by Hacktivist Group

CoWIN Data Leak: 2 Brothers Held In Bihar For Uploading Data On Telegram

Cyber security in the age of digital transformation: Best practices for protecting your business

Dallas Public Library system back up weeks after ransomware attack

Data Breach Exposes Personal Information of 3.5 Million Oregon Residents

Data breach exposes sensitive information on NYC Public Schools’ students and staff

Federal lawsuit blames Whitworth University for ransomware attack last summer, loss of data

Founder of the World’s Largest Hacker Forums Arrested

GCSE dropout faces extradition to the US and 52 YEARS in jail after being accused of setting up one of the world's largest hacker forums which stole £400 million from ordinary people

GPT-4 and Cybersecurity: Defending Against AI-Powered Threats

Here’s How Atomic Wallet Hacker Moved 22M+ XRP on XRPL

How switching off your mobile phone 5 minutes daily may help fight hacking

Huge Cyber Attack Hits Thousands of Pakistani and Indian ChatGPT Accounts

Keeping brand reputation strong: All it requires is avoiding data breaches

Massive Data Breach Exposes Over 1 Lakh ChatGPT Accounts, India Most Affected

Military Drone Hacking: Assessing the Threat of Cyber Warfare

National Security Compromised as Cyber attack Forces Manual Cheque Clearing in Pakistan

North Korea's Cyberspying Extends Beyond Cryptocurrency To Target State Secrets, Says Report

Northern Ireland: Police issue phishing warning to businesses after spate of scam emails

Pakistan-based hackers target Indian Army, education sector in new cyber attack

School dropout who quit before GCSEs fighting US extradition over '£400m computer hack'

Singapore: Victims lose about S$220,000, including CPF savings, in Android malware scams

Southern Illinois University investigating possible cyberattack

Sweetwater Union High School District confirms data breach caused outages in February

Thanks to Israel your government is spying on you via your phone

The Evolution of Cyber Warfare Tactics and Techniques

The Evolution of Electronic Warfare: From Jamming to Cyber Attacks

The Importance of Cybersecurity Measures for Small Modular Reactors

The Rise of Spear Phishing: How Advanced Anti-Phishing Technologies Can Help

The Risks of Data Breaches in Precision Agriculture

Twitter hacker gets 5 years in prison for breaching accounts of top US leaders

Twitter Hacker Sentenced to 5 Years in Prison for $120,000 Crypto Scam

U.S. Cybersecurity Agency Adds 6 Flaws to Known Exploited Vulnerabilities Catalog

What Is a Multi-Factor Authentication Prompt Bombing Attack?

23rd June

1.5 Million people exposed in biggest MOVEit bug breach so far

4 Trends paving the way for the future of cybersecurity

8,500 phishing cases in Singapore in 2022; more than 80% spoofed a bank or financial service

Big Four Bank Data Lost in HWL Ebsworth Cyber-Attack

BlackCat ransomware gang threatens to post plastic surgery photos

BreachForums seized by FBI three months after arrest of alleged admin

CalPERS pension fund impacted by MOVEit breach

Cambridgeshire County Council apologises for sharing residents’ data in Mill Road Bridge email

Capital One becomes latest bank affected by cyberattack on debt-buying giant

China Likely Also Sought IP In Barracuda Attacks

China threat group accused of hospital espionage in Europe

Chinese Espionage Malware Targets European Healthcare via USB Drives

Chinese state-backed hackers accidentally infected a European hospital with malware

CISA Alert: LockBit Ransomware Extorted $91 Million from US Organizations

CISA orders agencies to patch iPhone bugs abused in spyware attacks

CISOs say AI & machine learning pose the most significant cyber risks

Cl0p names PWC, Ernst & Young, and Sony in MOVEit hack

Consumers in Singapore warned of phishing e-mails by scammers impersonating Case officers

CoWIN Data Leak: Two Bihar Brothers Apprehended For Allegedly Leaking Data From Portal On Telegram

Crypto Security: Safeguarding Your Digital Assets in a Decentralized World

Cryptocurrency Hacks: Exploring the Dark Side of Digital Assets

Cyberattack may cost town more than $245K

Cybercrime Group 'Muddled Libra' Targets BPO Sector with Advanced Social Engineering

Czechia engaged in information war with Russia, says president

Data from some students and alumni copied during University cyber attack

Detectives ask Northern Ireland businesses to be on their guard against phishing scammers

FBI Analyst Gets Three Years For National Security Breach

FBI seizes BreachForums after arresting its owner Pompompurin in March

Feds seize notorious and shuttered hacking site BreachForums

Financial institutions, public agencies, logistics most spoofed sectors in Singapore in 2022

Former Highmark employee accused of hacking customer accounts, stealing thousands of dollars

Fortinet fixes critical FortiNAC remote command execution flaw

Four ways criminals could use AI to target more victims

Fullerton Healthcare and vendor face fines over data breach as hospital strengthens cybersecurity

Hacker responsible for 2020 Twitter breach sentenced to prison

Hackers Leak Over 100,000 ChatGPT Credentials on the Dark Web

Hawaii Community College targeted in ransomware attack

High-severity vulnerabilities patched in popular domain name software BIND

How to Defend Yourself Against Financial Scams and Fraud

How to Secure Your Smartphone and Protect Your Privacy in 2023

Incident of the Week: A full timeline of the MOVEit cyber attack

Insurance companies neglect basic email security

Iowa School District Says 35K Affected in January Cyber Attack

Is Cyberinsurance a Vital Protection Against Ransomware?

ITx Notifies SoutheastHEALTH Patients that GoAnywhere Data Breach Leaked Their Confidential Information

John Hopkins University suffers data breach

Know what to do if your personal information is exposed in a breach

Latest Coinbase Phishing Scam is a Warning to Everyone

LockBit ransomware is evolving: Apple and ARM devices in the crosshairs

Manchester University Breach Victims Hit with Triple Extortion

Marylanders advised to protect identity after state affected by major data breach

Marymount Manhattan College data breach $1.3M class action settlement

Medical supplier Apria sued over massive data breach

Microsoft Teams vulnerability allows attackers to deliver malware to employees

More than 1 in 3 UK&I workers are likely to click a phishing link

MOVEIt breach impacts GenWorth, CalPERS as data for 3.2 million exposed

MOVEit cyber attack has more victims

MOVEit hack claims Calpers and Genworth as millions more victims impacted

MOVEit Hacks: Data Breach Victim Count Grows by Millions

National Cyber Security Centre (NCSC) Updates Cybersecurity Guidance for the Legal Sector

National Security Agency (NSA) Releases Guide to Combat Powerful BlackLotus Bootkit Targeting Windows Systems

Nearly 10 Million Driver’s License Holders Exposed in the Oregon DMV and Louisiana OMV Cyber Attack

New Cryptocurrency Mining Campaign Targets Linux Systems and IoT Devices

New ransomware gang 8BASE behind surge of May attacks

New South Wales Cashless Gaming in Jeopardy Following Cyber Attack

New South Wales cashless gaming trial terminated after cyberattack

OpenSSH Trojan Campaign Targets IoT and Linux Systems

Operationalizing zero trust in the cloud

Passwordless Authentication and the Internet of Things: A Perfect Match

Patched OpenSSH Exploited for IoT, Linux Cryptomining

Phishing and ransomware dominate Singapore’s cyber threat landscape

Phishing attempts on Singapore targets rose 175% to 8,500, with banking sector most spoofed in 2022

Police Smash Criminal Ring Using Fake Court Summons To Extort Victims

Powerful JavaScript Dropper PindOS Distributes Bumblebee and IcedID Malware

Pressure to protect sensitive information as part of an acquisition

Proof-of-Concept (PoC) exploit released for Cisco AnyConnect, Secure Client vulnerability (CVE-2023-20178)

Public transit systems remain vulnerable to cyber threats

Ransomware and phishing attacks continue to plague businesses in Singapore

Reddit hackers want $4.5m and ethical conduct from the company

Risks to critical infrastructures remain top cybersecurity concern

Russia is targeting the US homeland with its strategy of Cyber Armageddon

Russia plans to stop blocking piracy websites

Russian-backed hackers could be targeting Canada's energy sector, intelligence agency says

San Luis Obispo (SLO) County Office of Education latest California agency to suffer from data breach

Singapore phishing targets increased to 8,500 and ransomware attacks stood at 132 in 2022

'Small proportion' of University of Manchester students' data hacked

Some hospitals are one ransomware attack away from closing

SoutheastHEALTH warns of potential data breach stemming from former vendor

Southern Illinois University Targeted in MOVEit Hack

Study Identifies Lack of Preparedness for Ransomware Attacks in Emergency Departments

The Benefits of Managed Security Services for Anti-Phishing Protection

The Philippines: Department of Information and Communications Technology (DICT) forms special task group to counter phishing, cyber scams

The Power of Browser Fingerprinting: Personalized UX, Fraud Detection, and Secure Logins

The Risks of Insufficient Privacy and Security Measures in Smart Cities

The Urgent Need to Enhance Cloud Data Security In 2023

To pay or not to pay? Ransomware attacks are the new kidnapping

Tools, Techniques, and Best Practices to Effectively Reduce Your Organization’s External Attack Surface

Two brothers in Bihar stole CoWin data, misused mother's official ID to access info

U.S. military members receive unsolicited smartwatches in the mail

UK banks expect rise in cyber crime due to economic downturn

UK cyberspies warn ransomware crews targeting law firms

University of Manchester confirms ‘criminal entity’ stole current and former students’ data

University of Manchester confirms data theft in recent cyberattack

UPS discloses data breach following exploitation of customer info in SMS phishing attacks

US Military Personnel Warned of Malicious Smartwatches

USB Drives Used as Trojan Horses By Camaro Dragon

Vincera Institute Files Notice of Data Breach Following Ransomware Attack

What is a Passkey? Definition, How They Work, Pros and Cons

What Is Kerberoasting, and Should You Be Worried About It?

Why is it so rare to hear about Western cyber-attacks?

Zero Trust and deep observability: the cybersecurity paradigm

22nd June

4 trends paving the way for the future of cybersecurity in South Africa

6 Attack Surfaces You Must Protect

$10 million reward offered for information on Cl0p ransomware gang

15% of law firms feel they have security gaps

40% of IT workers admit to working 50+ hour weeks consecutively

58 percent of malware families sold as a service are ransomware

87% of web-based businesses faced two or more threats at the same time

90% of Portuguese domains are vulnerable to phishing and spoofing

100,000 ChatGPT Accounts Hacked in Malware Attack

Alert: Millions of GitHub Repositories Likely Vulnerable to RepoJacking Attack

Anonymous Sudan: neither anonymous nor Sudanese

Another victim of the MOVEit file hosting vulnerability was the owner of Avast and Norton antivirus programs

Apple Addresses Exploited Security Flaws in iOS, macOS and Safari

Apple fixes zero-day vulnerabilities used to covertly deliver spyware (CVE-2023-32435)

Are DDoS Attacks a Hacker Goldmine for Cybercriminals?

Behavioral advertising firm Criteo fined €40M

Beware of Gambling Apps Used for Phishing, GCash Warns Users

Big tech is actually doing all this with your personal data. True or false?

Billing vendor: Data breach could impact over 200K CoxHealth patients

British law firms warned to upgrade cyberdefenses against ransomware attacks

CalPERS participants' personal information exposed in data breach

Camaro Dragon Hackers Strike with USB-Driven Self-Propagating Malware

Can ChatGPT Detect Phishing Sites? – Researchers Answered

ChatGPT shows promise in detecting phishing sites

CISA orders government agencies to patch bugs exploited by Russian hackers

CISA says latest VMware analytics bug being exploited

CISA, FBI Offer $10M for Cl0p Ransomware Gang Information

Cl0p Denies UK Data Breach

Clop Ransomware Spree: BBC, Bombardier, Shell, and Stanford University Among Other Targeted Organizations

Cloud-native security hinges on open source

Companies didn’t learn their lesson from data breaches

Connected Devices Conspicuously Absent from 2023 Verizon Data Breach Investigations Report

CoWIN data breach: 1 held, minor detained

CoWin data breach: Delhi Police nabs Bihar man and minor in probe

CoWIN Data Breach: Delhi Police Nabs Bihar Man For Allegedly Leaking Data To Telegram

CoWIN Data Breach on Telegram: Bihar Man Arrested By Delhi Police

Critical Flaw Found in WordPress Plugin for WooCommerce Used by 30,000 Websites

Crypto malware ring targeting Canada busted in Ukraine

Current Technologies That Make You Vulnerable to Hacker Attacks and How to Protect Yourself

Cybercrime Reporting Mechanisms Vary, and Agencies Face Challenges in Developing Metrics

Data Breach Lawsuit Alleges Mismanagement of 3rd-Party Risk

Data Breach Notification Law Update: Texas

‘Deeply suspicious’: Hackers target cashless gaming trial

Department of Justice (DOJ) announces new cyber unit to prosecute nation-state threat actors

Digital Health Company Suffers Breach, 103K Impacted

Dole says February ransomware attack breached data of almost 3,900 US workers

Don’t let scammers ruin your summer vacation

Driver and Vehicle Licensing Agency (DVLA) scam warning to drivers over email that could steal your bank details

Fear trumps anger when it comes to data breaches – angry customers vent, but fearful customers don’t come back

Fear trumps anger when it comes to data breaches, says researcher

Finra Issues Cybersecurity Alert After Recent Hack

Four ways criminals could use AI to target more victims

Fullerton Health and its vendor fined after patients' data offered for sale on dark web

Genworth Financial Discloses Data Breach Affecting Millions of Customers

Genworth Financial Enhances Cybersecurity Measures Following Data Breach

Genworth Financial's Life-Insurance Data Compromised by Data Breach

Global development corporation International Finance Corporation (IFC) hacked near White House

Hackers hijack Linux systems using trojanized OpenSSH version

Home working puts confidential data at risk, GCHQ warns law firms

How a Layered Security Approach Can Minimize Email Threats

How are states supporting K-12 cybersecurity amid growing threats?

How much do startups need to invest in data security?

How to Avoid Online Shopping Scams on Amazon Prime Day

How to Protect Yourself from Data Leaks While Surfing the Internet?

Increased spending doesn’t translate to improved cybersecurity posture

Internal staff data ‘compromised’ in cyber attack on Peter Mark

Iowa's largest school district says January ransomware attack affected over 6,500 individuals

Kannact & Vincera Institute Fall Victim to Cyberattacks

Largest public pension fund in US affected by MOVEit breach

Lawmakers renew effort to force data brokers to delete private information on request

LockBit Developing Ransomware for Apple M1 Chips, Embedded Systems

Manchester University students threatened by ransomware gang

Massachusetts-based software gets hacked, exposing millions of Americans’ personal data

MCNA Dental Faces Class Action Investigation for Medical Data Breach Affecting Almost 9 Million Patients' Records

Medibank says MOVEit Transfer breach compromised employees' names, emails, and phone numbers

Microsoft Teams bug allows malware delivery from external accounts

Microsoft warns of rising NOBELIUM credential attacks on defence sector

Millions of GitHub repos likely vulnerable to RepoJacking, researchers say

Millions of insecure medical devices in NHS hospitals put lives at risk in the event of a cyberattack

Minecraft server host Shockbyte puts players at risk

Miners Pension Fund members have data stolen in Capita hack

Mirai botnet targets 22 flaws in D-Link, Zyxel, Netgear devices

Modernize your cybersecurity environment with XDR and SIEM

Mondelez reveals that attackers stole employee data

MOVEit Data Breach Victims Sue Progress Software

MOVEit hack claims Calpers and Genworth as millions more victims impacted

MULTI#STORM Campaign Targets India and U.S. with Remote Access Trojans

National Cyber Security Centre (NCSC) Removes Thousands of Email Scams With Reporting Service

National Cyber Security Centre (NCSC) urges legal firms to strengthen their cyber defences

National Security Agency (NSA) shares tips on blocking BlackLotus UEFI malware attacks

National Security Agency (NSA) warns of ‘false sense of security’ against BlackLotus malware

NCBA Loop Customers: Beware of an Email Hack Attempt on Your Account

New research claims over 1 lakh ChatGPT accounts compromised, India most affected

New strain of JavaScript dropper delivers Bumblebee and IcedID malware

New Zealand: Council data breach included details of crash that killed Porirua teen

North Carolina Department of Public Instruction (DPI) sent $165k to fraudster in phishing scam

Now BlackCat extortionists threaten to leak stolen plastic surgery pics

Over 100k ChatGPT accounts stolen in dark web hacker attack

Over two-thirds of Canadian executives view cybercrime as biggest threat

Post-Incident Response Reviews Help Keep Anti-Ransomware Plans on Target

Pro-Russian hackers attack the European Investment Bank

PyPI Attackers Still At It: Malicious Packages Drop Trojans and Info-stealers

RedEyes Group Targets Individuals with Wiretapping Malware

Russian Hackers Attack US Government Agencies

Russian National Arrested in LockBit Ransomware Campaign Against U.S., Foreign Businesses

San Luis Obispo (SLO) County Office of Education Hit by Cyber Attack

Scammers attempt to steal money from Des Moines Water Trails bank account

Some CoxHealth Patients Victim Of Data Breach

South Korea: Generative AI suspected in phishing scams

Spanish companies are more commonly attacked by ransomware, but pay less ransom

State and Local Government Should Follow FBI Guidance for Thwarting Ransomware

Stay Ahead of the Threat Landscape with Cyber Protection

Strengthening Security: The Importance of Multi-Factor Authentication in Healthcare

Survey Surfaces Multiple Cloud Security Contradictions

Teams is prone to modern malware, new research shows

The Future of Cybersecurity: Advanced Anti-Phishing Technologies

The Importance Of Identity For SaaS Security

The next wave of cyber threats: Defending your company against cybercriminals empowered by generative AI

The Path To Secure Remote Network Connectivity Goes Through Company-Issued Routers

This Is How Scammers Can Drain Your Crypto Wallet

Three Cybersecurity Red Flags Investors Should Look Out For

Top Cybersecurity Threats to Look For

Top Crypto Attacks and Why They Happened

Trellix Detects Leading Threat Actor Countries Behind Nation-State Activity

Ukraine experiencing a ‘surge’ in cyberattacks as it executes counteroffensive

Unraveling the multifaceted threats facing telecom companies

Unveiling the Unseen: Identifying Data Exfiltration with Machine Learning

UPS discloses data breach after exposed customer info used in SMS phishing

UPS Mails Out the Worst Data Breach Disclosure Ever

US Auto Insurance Price Comparison Site RateForce Leaks Massive PII Data

US intelligence is buying your data – in bulk

US Justice Department Launches New National Security Cyber Section

US Military Personnel Targeted by Unsolicited Smartwatches Linked to Data Breaches

VMware fixes vCenter Server bugs allowing code execution, auth bypass

What we know about the MOVEit exploit and ransomware attacks

WhatsApp scams and online fraud: how to spot a small business scam

Why Your CEO Needs To Be A Cybersecurity Expert

Zero-Day Alert: Apple Releases Patches for Actively Exploited Flaws in iOS, macOS, and Safari

21st June

3 in 4 people at risk of being hacked due to poor password practices

6 Frequent Mistakes that Might Cause a Data Breach in Your Enterprise

10 Ways to Prevent Phishing Attacks in 2023

63% of IT leaders measure IT success by reduced risk

92% of survey respondents are concerned about compromised credentials

Alert! Hackers Exploiting Critical Vulnerability in VMware's Aria Operations Networks

An Executive Guide To Email Hygiene: Secure Communication And Boost Business Value

Apple addresses two zero-days exploited in Operation Triangulation spyware campaign

Apple fixes zero-days used to deploy Triangulation spyware via iMessage

APT37 hackers deploy new FadeStealer eavesdropping malware

Are Satellites Vulnerable to IoT Cyber Attacks?

Atlanta Women’s Health Group Data Breach Impacts 33,800 Patients

Atlanta Women’s Health Group Files Notice of Data Breach Affecting 33k+ Patients

Atomic Wallet Hackers Hide $35 Million Stolen Crypto Funds Using THORChain – Here's What You Need to Know

Australia plans to mandate file scanning for all tech companies

Avast, Norton Parent Latest Victim of MOVEit Data Breach Attacks

Belgian police make 25 arrests in connection with SMS fraud

Bitcoin ATM operator demands Texas sheriff return funds seized in ransomware scam

BlackCat Group claims responsibility for Reddit hack

BlackCat ransomware group claims major cyber attack on Reddit; threatens to leak stolen data

Capita to face class action lawsuit over data breach

ChatGPT: Analyzing the Security Risks and Ensuring User Safety

Chinese APT15 hackers resurface with new Graphican malware

Chinese Hacker Group 'Flea' Targets American Ministries with Graphican Backdoor

City of Melville delays implementing privacy policy weeks after data breach

Clicks limits access to customers' personal data after cyber attack

Clop hacking group claims not to have data of BBC, British Airways or Boots

Clop ransomware claims it has no data from BBC, British Airways, Boots

Colchester council writes to Capita data breach sufferers

Compromised ChatGPT accounts garner rapid dark web popularity

Compromised Domains account for over 50% of Embedded URLs in Malware Phishing Campaigns

CoxHealth data breach impacts potentially thousands of patients

Critical 'nOAuth' Flaw in Microsoft Azure AD Enabled Complete Account Takeover

DDoS Attack Hits European Investment Bank – Websites Unavailable

Department of Justice (DoJ) Creates Cyber Unit, Amid Growing National Security Focus

Department of Justice (DoJ) creates new National Security Cyber Section

Digital-first economy introduces unforeseen risks for 89% of CISOs

Dutch ports fall victim to Russia-friendly hackers again

European Council agrees to water down protections for journalists from spyware

Experienced China-based hacking group has new backdoor tool, researchers say

Exploit released for Cisco AnyConnect bug giving SYSTEM privileges

Fake OnlyFans content is luring users into installing malware

FIIG Securities hit with cyber breach

Final OT:ICEFALL vulnerability disclosed affecting Schneider tool

Five ways hackers can steal your data on public Wi-Fi

Good Samaritan Hospital pays 'undisclosed amount' to resolve data breach suit

Guinness Beer Father’s Day Scam Sweeps UK

Hacker group BlackCat threatens to leak 80GB of stolen Reddit data

Have you been using ChatGPT? Your details could be on the dark web

Hawaii Community College Suffers Ransomware Attack

Hawaii community college targeted in ransomware attack

HHS warns industry about resurfaced ransomware group after attack on cancer center

Honda ecommerce platform vulnerability: a walkthrough

Insider Risk Hits Closer to Home

iOttie discloses data breach after site hacked to steal credit cards

Ireland's transport system among those at risk from cyber attack says major threat assessment

Kremlin-backed hacking group puts fresh emphasis on stealing credentials

LastPass CEO Acknowledges Communication Failings During 2022 Breaches

Louisiana and Oregon motor vehicle departments victimised by MOVEit Transfer hack, millions affected

Malware Devs Update Legion Hacktool, Boost Capabilities

Maryland Urges Identity Protection Following Major Cyber Attack

Massive data breach claims another health system victim

Military Satellite Access Sold on Russian Hacker Forum for $15,000

Mondelēz retirement data breached after hacker targets law firm Bryan Cave

More 21 million dodgy emails reported to Suspicious Email Reporting Service

MOVEIt Vulnerability: A Painful Reminder That Threat Actors Aren’t the Only Ones Responsible for a Data Breach

Nearly quarter of a million malicious websites reported and removed through National Cyber Security Centre (NCSC) service

New Condi Malware Hijacking TP-Link Wi-Fi Routers for DDoS Botnet Attacks

New DDoS Botnet ‘Condi’ Targets Vulnerable TP-Link AX21 Routers

New Report Exposes Operation Triangulation's Spyware Implant Targeting iOS Devices

New Zealand: 'Be vigilant' - Warning after big spike in cybercrime losses

Norton LifeLock owner, Vancouver Transit Police confirm MOVEit breaches

One in Three UK&I Workers Susceptible to Phishing

Onix Group says March ransomware attack impacted more than 300,000 individuals

Onix Group Sued for Failing to Prevent Ransomware Attack and 320K-Record Data Breach

Organizations actively embrace zero trust, integration remains a hurdle

Over 100,000 ChatGPT accounts have had info stolen

‘Pay $4.5 Million and Withdraw New Pricing Policy’: Hackers Threaten To Leak Stolen Reddit Data

Paying Ransomware’s Ransom: Why it’s Time to Reconsider

Phishing Tools for Purchase: A Closer Look at Facebook Scamming Groups

Pink Drainer Hacker Group Targets DeFi Platform Slingshot, Steals Over $3.5M

Placing People & Realism at the Center of Your Cybersecurity Strategy

Pretexting outpaces phishing

PricewaterhouseCoopers (PwC) and Ernst & Young (EY) impacted by MOVEit cyber attack

Progress Software faces federal class action lawsuits as MOVEit breach exposure widens

Progress Software Hit With Class Action Over MOVEit Data Breach

Ransomware Attack Reported At Hawaiʻi Community College

Ransomware attacks – which countries are the major targets?

Ransomware attacks becoming more frequent

Ransomware attacks pose communications dilemmas for local governments

Ransomware group threatens to leak ‘pictures of patients’ from Beverly Hills plastic surgery clinic

Ransomware Redefined: RedEnergy Stealer-as-a-Ransomware attacks

Ransomware Misconceptions Abound, to the Benefit of Attackers

Reddit Gets Hacked, Data Held Hostage For Millions Of Dollars

Remote work and the cloud create new endpoint security challenges

Researcher Identifies Popular Swing VPN Android App as DDoS Botnet

Rogue Android Apps on Google Play are Spreading Malware

Russian Cyber Attack a Wake-Up Call for Georgians

ScarCruft Hackers Exploit Ably Service for Stealthy Wiretapping Attacks

Secure Your Business in the Digital Age: Essential Data Protection Strategies

Security incidents surge in line with growth in hybrid work

Security Researchers Uncover New Spyware Implant TriangleDB

Security Training Needs to Nudge, Not Nag

Snack food company Mondelez warns employees of data theft

Standardized information sharing framework 'essential' for improving cyber security

Supply Chain and APIs Top Security Concerns, CISO Survey Shows

Survey shows vast majority of IT pros consider ‘passwordless’ access a top priority

Telos confirms data breach over MOVEit bug

The Cost of Convenience: The Top Mobile App Security Risks in Banking

The Great Exodus to Telegram: A Tour of the New Cybercrime Underground

The Role of Domain Authentication in Effective Anti-Phishing Strategies

The true cost of cyber protection

The Ultimate Guide to Ransomware Protection Solutions: Safeguarding Your Digital Assets

Through the eyes of an adversary: moving beyond the external attack surface

Trellix Detects China-Affiliated APT Groups Behind Most Nation-State Threat Activity

Umpqua Bank Confirms Data Breach Following MOVEit File Transfer Software Vulnerability

University of Manchester: Students and staff sent data leak threat

University of Manchester (UoM) students threatened with “data leakage” following cyber attack

UPS discloses data breach after exposed customer info used in SMS phishing

US and European IT decision-makers have different cloud security priorities

USDA Allegedly Impacted by Russian-Speaking Hackers

Vincera Institute notifies patients after ransomware attack

VMware Aria Operations for Networks vulnerability exploited in the wild (CVE-2023-20887)

Washington Department of Licensing data breach $3.6M class action settlement

What one hospital's slow recovery from a cyberattack means for patients

What Type of People Fall for Internet Scams?

WhatsApp had continuous mic access, Google tackled the issue

Who Is Responsible for Identity Threat Detection and Response?

Why CISOs should be concerned about space-based attacks

Why API Security Could Be the Next Big Thing in Cyber

Why Immutable Storage Is Key to Stopping Ransomware

Why you should question messages from delivery companies

With South Africa experiencing a cybercrime epidemic, startups are coming to the rescue

You’ve got mail: US Army personnel receive suspicious smartwatches

20th June

6 million Louisiana Office of Motor Vehicles (OMV) records compromised in data breach, exposing most residents’ data

55% of employees solely use mobile device for work while traveling

100,000 Hacked ChatGPT Accounts Discovered on Dark Web

A disappointing majority of people are still using bad passwords - are you one of them?

A Multi-Stage AiTM Phishing & BEC Campaign Targeting Banks and Financial Giants

A Policy of All Privileged Accounts – Overkill or Common Sense?

Advanced Phishing Attacks: How to Stem the Tide

Arcserve Survey Reveals Vulnerabilities in Ransomware and Data Recovery Preparedness of Local Government and Public Services

ASUS Releases Patches to Fix Critical Security Bugs Impacting Multiple Router Models

Australia Inc roiled by raft of cyber attacks since late 2022

Australian Government Says Its Data Was Stolen in Law Firm Ransomware Attack

Basic password mistake one in 10 Aussies is making with their social media and bank accounts - despite scams robbing us of $200million this year alone

Changes in the Ransomware Threat to State and Local Governments

ChatGPT and data protection laws: Compliance challenges for businesses

ChatGPT will definitely up attackers’ game. How will you respond?

Compromised ChatGPT accounts are for sale on dark web

Compromised Linux SSH servers engage in DDoS attacks, cryptomining

Cyber Attack Targets Microsoft Services, Anonymous Sudan Claims Responsibility

Cyberattack hits European Investment Bank

Cyberattack Methods That You Should Be Wary Of and How to Avoid Them

Cybercriminals Exposed: ESET Researchers Crack the Code

Demystifying the Dark Web: How Anti-Phishing Technologies Monitor and Mitigate Threats

Department of Justice (DOJ) launches cyber unit with national security focus as China, Russia threats mount

Digital transformation in India brings new cyber security risks

Employees are nearly always to blame for data breaches

European Investment Bank (EIB) confirms DDoS attack by Anonymous Sudan and Killnet

Experts Uncover Year-Long Cyber Attack on IT Firm Utilizing Custom Malware RDStealer

Fire Rescue Victoria still hampered by December 2022 cyber attack

FirstBank supplier falls victim to cyber attack and customer data exposed

Group behind Reddit hack demands $4.5 million and reversal of API pricing changes

Hackers can weaponize exposed cloud secrets in just 2 minutes

Hackers infect Linux SSH servers with Tsunami botnet malware

Hackers warn University of Manchester students’ of imminent data leak

Hackers who say they stole Reddit data demand the platform reverses its API pricing policy and pay $4.5 million ransom it previously asked for

Half of Irish companies unprepared for ransomware attacks

How cyber attack disrupted operation at German’s Rheinische Post

Human error, not data breach, behind Port Arthur staff information appearing 'live' on library website

Illinois hospital attributes closure to ransomware attack

India: Cyber Crime Cell to Probe Alleged CoWIN Data Breach

India: The evolving threat landscape in the financial services sector

Infostealers: The Growing Threat

IoT Security: Key Findings from Nokia's 2023 Threat Intelligence Report

Is AI revolutionizing cybersecurity? The answer isn’t as clear

Is IPTV Safe to Use?

Isle of Man: Investigation into Freedom of Information request data breach

KnowBe4’s Annual Phishing Benchmarking Report Finds Untrained Users Are Biggest Flaw in Organizations’ Cyber Defense Layer

Lockbit ransomware still poses persistent threat to businesses, warn international agencies

Looking To Prevent Ransomware? Lock Down These Initial Access Methods First

Majority of Users Neglect Best Password Practices

Malvertising delivers cryptocurrency-stealing browser extension

May 2023 Healthcare Data Breach Report

Medibank staff information breached in MOVEit fallout

Medibank’s employee data leaked in MOVEit attacks

Microsoft fixes Azure AD auth flaw enabling account takeover

More State, Federal Agencies Hit by MOVEit Compromise

Moveit hack: attack on BBC and BA offers glimpse into the future of cybercrime

MOVEit hack: Gang claims not to have BBC, British Airways and Boots data

Murfreesboro Medical Clinic alerts patients at risk after 'criminal cyber-attack'

National Disability Insurance Agency (NDIS) agency scrambles over risk of leaked sensitive client information in HWL Ebsworth hack

Naughty internet users warned NOT to search for free OnlyFans pics as it could land you in deep trouble

Navigating Data Breach Compensation Claims: A Business Perspective

New Condi malware builds DDoS botnet out of TP-Link AX21 routers

New Department of Justice (DOJ) unit will focus on prosecuting nation-state cybercrime

New RDStealer malware steals from drives shared over Remote Desktop

Nigeria ranked second most cyber-secured African country for business

Nigeria ranks 2nd most cyber-secure African country for business in 2023

Norton Parent Says Employee Data Stolen in MOVEit Ransomware Attack

One overlooked element of executive safety: Data privacy

Over 100,000 ChatGPT Accounts Found in Dark Web Marketplaces

Over 100,000 ChatGPT accounts stolen via info-stealing malware

Over 100,000 Stolen ChatGPT Account Credentials Sold on Dark Web Marketplaces

Pakistan: Major cyber attack on the country’s Automated Check Clearing System ‘NIFT’

Philadelphia healthcare facility suffers ransomware attack

Phone scammers are targeting O2 customers with calls offering fake discounts

Pro-Russia hacker group claims major DDoS attack on the Port of Rotterdam

Pro-Russian hackers take down European Investment Bank

Probation for teen who received more than $85k in bank account from scams targeting OCBC customers

Protecting Your Personal Information: Effective Strategies to Boost Data Security

Ransomware Attack Linked to Permanent Shut Down of Illinois Hospital St. Margaret’s Health in Spring Valley

Ransomware attack strikes Hawaii Community College

Ransomware gang preys on cancer centers, triggers alert

Ransomware Gang To Reddit: We Stole 80GB Of Your Data

Ransomware is only getting faster: Six steps to a stronger defense

Ransomware named top malware for past seven years

Reddit: Hackers demand $4.5 million and API policy changes

Reddit hackers demanding for $4.5 million ransom and API price change

Researchers Expose New Severe Flaws in Wago and Schneider Electric Operational Technology (OT) Products

Rhysida ransomware group claims major attack on the Chilean army's internal network

Rogue Android apps available on Google Play are spreading malware

Rogue Android Apps Target Pakistani Individuals in Sophisticated Espionage Campaign

Russia’s ‘Fancy Bear’ hackers targeted Ukrainian government, military orgs

Russian APT28 hackers breach Ukrainian government email servers

Russian-Linked Hackers Taunt Hwl Ebsworth Over Data Breach, Claim to Have Published Files to Dark Web

SaaS in the Real World: How Global Food Chains Can Secure Their Digital Dish

Safeguarding autofinance lending: Cybersecurity best practices

Security leaders discuss the spread of MOVEit vulnerability

Server Misconfiguration: The Exploitation

Small and medium businesses: Remember - your own employees might cause cyber compromise

Smart Pet Feeders Expose Personal Data

SmartPay investigates data breach

Square Yards data leak: passports, financial data exposed

Sturdy Finance Sends Chain Threats From DeFi Hackers To Return Funds, ‘This Isn’t Going Away’

Sturdy Finance Sends DeFi Hacker On-Chain Threat to Return Funds, ‘This Isn’t Going Away’

Supply Chain Attack: Abandoned S3 Buckets Used for Malicious Payloads

The Cybersecurity Confidence Gap: Are Executives Equipped to Protect Their Digital Lives?

The Reddit Files: Hackers Demand $4.5M Ransom and API Access Waiver

Top 8 information security tips for businesses

Ukraine Tracks Multiple Spear-Phishing Campaigns From Russia

Understanding the Microsoft Teams Vulnerability: The GIFShell Attack

University of Toledo Medical Center (UTMC) involved in Fortra data breach

Unmasking Black Basta: A Closer Look at the Notorious Ransomware Group

Unpacking the MOVEit data breach: why cyber risk management is non-negotiable

Untrained users are biggest flaw in organizations’ cyber defense layer

US Department of Agriculture (USDA) investigates potential data breach linked to MOVEit hack

US Department of Energy and its affiliates emerge as new victims of the MOVEit Transfer hack

Vietnam: Nearly 7,000 illegal websites prevented from operating

Vincera Institute Reports Potential Patient Data Breach Due to Ransomware Attack

VMware warns of critical vRealize flaw exploited in attacks

VPN for Privacy: Shielding Your Online Activities from Prying Eyes

Vulnerable information is discovered within minutes by cybercriminals

Washington alleges Bellevue’s T-Mobile is uncooperative in data security probe

Wellington City Council data breach: Investigation launched, Mayor Tory Whanau disappointed, frustrated

What Business Owners Can Learn from Prudential Malaysia Breach (MOVEit)

What Is Network Hacking? How to Avoid Being Hacked

What to Do If Your Phone Has Been Hacked

Zeeland port website hit by DDOS attack, possibly by Russian hackers

Zyxel patches critical vulnerability in NAS devices (CVE-2023-27992)

Zyxel Releases Urgent Security Updates for Critical Vulnerability in NAS Devices

Zyxel warns of critical command injection flaw in NAS devices

19th June

3 Reasons Why Your Company Should Implement a Layered Security Approach to Prevent Ransomware

58 percent of malware families sold as a service are ransomware

73% of consumers trust what generative AI wants us to see

16,000 Vermont health insurance customers affected by data theft, more than previously known

A History of Ransomware and the Cybersecurity Ecosystem

A North Korean "Hacker Army" Stole $3 Billion In Crypto Assets

A third MOVEit vulnerability fixed, Cl0p lists victim organizations (CVE-2023-35708)

Android spyware camouflaged as VPN, chat apps on Google Play

Asset Visibility Gaps Jeopardize Security Compliance in NHS Trusts, Report Finds

ASUS urges customers to patch critical router vulnerabilities

Attorney General Raoul Urges Illinois Residents to be Alert for Email and Text Message Scams

Britain to double cyber defense funding for Ukraine

British healthcare platform Lantum leaked doctors' personal data via cloud misconfiguration

Capita faces class action lawsuit after data breach

Crypto Lender Midas Capital Suffers Security Breach, Loses $600k+

Cyber attacks on Italy boomed due to Ukraine war

Cyber heists in digital playground, school-age hackers steal millions in NFTs

Cyberattack targets European Investment Bank

Data Breach at New BreachForums: 4,000 members’ data leaked

Data Leaks Explained: What Does Data Leak Mean?

Department of Justice (DOJ) Charges Russian National For Role in LockBit Ransomware Attacks

Digital Identity Theft: Tips & Techniques To Protect Yourself Online

Embattled PwC caught up in Russian cyberattack

Euler Hacker Sends Cryptic Messages Encouraging Ethical Hacking and Hints at Future Actions

European Investment Bank attacked, hackers claiming to “impose sanctions on EU”

European Investment Bank hit by cyber attack after Russian hackers vow to bring down financial system

Every Louisiana Driver’s Details Leaked In Huge Russian Cyber Attack

Extensive cyber espionage campaign traced back to China

Fayetteville, Arkansas latest city dealing with debilitating cyberattack

Former RAIDforums member “DataBox” sentenced to prison

From Reactive to Proactive: How Anti-Phishing Technologies are Evolving to Stay Ahead of Threats

Great Valley Cardiology says GoAnywhere software hack compromised the data of 181k patients

Hackers behind Microsoft outage most likely Russian-backed group aiming to ‘drive division’ in the west

Hackers Have Renewable Energy Projects In Their Crosshairs

Hackers threaten to leak stolen Reddit data if company doesn’t pay $4.5 million and change controversial pricing policy

Hackers use fake OnlyFans pics to drop info-stealing malware

High-Profile Attacks Improve Cyber Hygiene - But Not Enough

How a Zero-Day Flaw in MOVEit Led to a Global Ransomware Attack

How To Make MFA Protocol Usage Less Annoying

How to Protect Against the Four Largest Cybersecurity Threats to Your Supply Chain

How we tried to book a train ticket and ended up with a databreach with 245,000 records

If Your Password Is On This List, It’s Time to Change It

India: Health Ministry mulls filing FIR on reports of CoWIN data breach

Iowa’s largest school district confirms ransomware attack, data theft

IT security weaknesses ‘expose Switzerland to hacker attacks’

Louisiana Office of Motor Vehicles suffers data breach

Maryland leaders encourage residents to protect identity after recent cyber attack on the state

Microsoft Blames Massive DDoS Attack for Azure, Outlook, and OneDrive Disruptions

Microsoft confirms blackout caused by hacker attack

Microsoft confirms DDoS attacks against M365, Azure Portal

Microsoft Discloses DDoS Attack Impact with Limited Details

Microsoft resolves ‘dangerous’ new Azure vulnerabilities

Millions of UK University Credentials Found on Dark Web

Moveit hack: attack on BBC and BA offers glimpse into the future of cybercrime

New BreachForums site hacked by rivals

New Horizons Medical, Inc. Reports Leaked Patient SSNs Following Recent Data Breach

New Mystic Stealer Malware Targets 40 Web Browsers and 70 Browser Extensions

Over 90% of Indian organisations faced ransomware attacks in 2022

Parker Wellbore Files Notice of Recent Data Breach

PharMerica Breach: The Lure of Health Care Data

Phishing remained the top identity abuser in 2022

Possible data breach at U.S. Department of Agriculture

Protect yourself during the rise of Crimeware-as-a-Service is on the rise

Ransomware attacks continue to rise, Verizon data breach report finds

Ransomware attacks, like the one targeting City of Dallas, are becoming more common

Ransomware Gang Haunted US Firms Long Before MOVEit Hack

Ransomware Gang Takes Credit for February Reddit Hack

Recent Satacom campaign delivers cryptocurrency-stealing browser extension

Reddit hackers demand $4.5 million and API changes in threat to leak 80GB of data

Reddit hackers warn of February breach data leak

Reddit Hackers Side with Protesters Along with Ransom Demands

Reddit says ransomware posting connected to February incident

Researchers Discover New Sophisticated Toolkit Targeting Apple macOS Systems

Roblox metaverse attracts NFT thieves using crypto phishing

Scam Vendor ‘Infernal Drainer’ Strikes Again, Steals 6 NFTs On OpenSea In A Phishing Attack

School Kids Reportedly Phishing Millions in NFTs for Roblox Skins

‘Sign in to continue’ and suffer: Attackers abusing legitimate services for credential theft

Six generative AI cyber security threats and how to mitigate them

SmartPay investigating breach after ransomware attack

State-Backed Hackers Employ Advanced Methods to Target Middle Eastern and African Governments

The BlackCat ransomware gang is now threatening to leak stolen Reddit data

The Hatcher Agency Confirms Data Breach Involving 9,500 Individuals’ Personal Information

The Intersection of Anti-Phishing Technologies and Data Privacy Regulations

The Role of Artificial Intelligence in Combating Phishing Attacks

These are the most hacked passwords. Is yours on the list?

Three cybersecurity actions that make a difference

TimisoaraHackerTeam Ransomware Attacks US Cancer Center

TimisoaraHackerTeam Ransomware Group Linked to Recent Attack on U.S. Cancer Center

Two US energy department entities compromised in a global hacking spree

UK Pledges Millions in Cyber-Defense Aid to Ukraine

Understanding and Mitigating the MOVEit Incidents

US: Scams against DoorDash and other delivery drivers are popping up across the country

US feds offer $10M reward for info on Cl0p hackers

US Government offers $10 million bounty for Clop Ransomware information

US government under siege: MOVEit breach exposes critical data to ruthless Clop ransomware attack

US Offers $10m Reward For MOVEit Attackers

What PR Professionals Need To Know About Cybersecurity

Who are Anonymous Sudan? Hacker group behind Microsoft outage linked to Russia

Why Hackers Have Their Sights Set on Healthcare

Why School Cyber Hygiene Is Critical in The Education Industry

Will Hack For Nukes: Inside North Korea's Cryptocurrency Extortion Ring

Zero trust for SMBs: Start thinking incrementally