Editor's Message

Welcome to DBD. On March 8th we celebrated our 4th Anniversary and the 1st Anniversary of our PRiSM application, officially endorsed by the SANS Institute. Despite recent personal issues that have impacted the amount of time I have been able to dedicate to both projects, I have been doing my best to keep everything as up-to-date as possible, and I would like to take this opportunity to thank everyone for their patience and support whilst I navigate through this very difficult time. Stay safe. :)

Monday 26 June 2023

Data Breaches Digest - Week 26 2023

Welcome to this week's Data Breaches Digest, a catalogue of links concerning Data Breaches and Cyber Security that were published on the Internet during the period between 26th June and 2nd July 2023.

2nd July

5 Common Myths About Two-Factor Authentication Debunked

31 Insider Threat Statistics You Need to Know in 2023

Boosting Operational Technology (OT) Security: A comprehensive guide for CISOs in the age of Industry 4.0

CL0P Ransomware Gang Attacks Top June Cyber Headlines

Commissioner's Irresponsibility Caused Unacceptable Data Breach

Deja vu: Optus suffers data breach from major cyber attack

Dublin airport staff’s pay, benefits compromised in cyber attack

Embracing Passwordless Authentication: A Step Towards Enhanced Cybersecurity

Four ways criminals could use AI to target more victims

India: AP Mahesh Co-operative Urban Bank Ltd penalised for lapses leading to loss of ₹12.48 crore

'Pay and benefits compromised' in Dublin Airport cyber attack

Reserve Bank of India (RBI) slaps Rs 65 lakh fine on Mahesh Bank for failing to boost cyber security

South Africa: Independent Electoral Commission (IEC) warns local job seekers about scams

Submarine Cable Growing Popularity Intensifying Cyber Attacks

The dangers of phishing: A look at the Garmin account deletion scam

The Power of Collaboration: How Sharing Threat Intelligence Strengthens Anti-Phishing Efforts

1st July

$135K worth of Rugged App NFTs stolen by prolific phishing thief

$656M Lost In Crypto Scams During H1 2023

Account Takeover Risks: How to Safeguard Your Digital Assets

Apple supplier TSMC confirms data breach, hackers demand $70 million

Apple supplier TSMC reports data breach, ransomware gang demand $70 million

Avast released a free decryptor for the Windows version of the Akira ransomware

Avoiding Insider Threats When Layoffs Occur

Beware: New 'Rustbucket' Malware Variant Targeting macOS Users

BlackCat ransomware pushes Cobalt Strike via WinSCP search ads

Bored Ape NFTs Worth $135K Stolen by Prolific Phishing Thief

Breach Victims Have Standing When Data Misused, 1st Circuit Says

Crimeware services for criminals are fueling the rise in cybercrime

Cyber Security For Businesses: How Malware Works And How To Fight It

Cyber-concerns - How to combat them with a VPN

Cybercriminals are circumventing email security with image-based scams

Essential Tips To Protect Yourself From Identity Theft

ESXi Servers are Targeted by Linux-Based Akira Ransomware

Financial impact of a cyber security breach remains highest for South Africa

Freedom from fraud: Protecting your identity and finances

Google, Apple, Paytm called to discuss rising cyber crimes in India

Hackers Exploiting Unpatched WordPress Plugin Flaw to Create Secret Admin Accounts

Increasing attacks on manufacturers using data encryption

Iranian APT Group Charming Kitten Updates Powerstar Backdoor

It’s easy to be blasé about cybercrime but we need to be extra vigilant

Millions affected by MOVEit mass-hacks as list of casualties continues to grow

Mobile Cyberattacks Soar, Especially Against Android Users

More sensitive Optus data leaked in major cyberattack on law firm

Most common causes of health data breaches in the last three months

Reserve Bank of India (RBI) fines Mahesh Bank Rs 65 Lakh over cybercrime

Rising Cyber Crimes in India: Summon to Google, Apple, and Paytm

Text scam targets Golden 1 customers on heels of data theft from CalPERS, CalSTRS members

The Surge of Cybercrime: Crimeware Services Empower Criminals

These are the most dangerous software security flaws of the year - are you at risk?

Understanding common internet-facing footholds exploited by bad actors

30th June

3 Reasons SaaS Security is the Imperative First Step to Ensuring Secure AI Usage

5 Patch Management Best Practices for Success in 2023

8Base Ransomware Group Emerges as Major Threat

75% of businesses report security as an increasing priority

Add HHS to List of Victims of Massive MOVEit Data Breach by Ransomware Gang

American Airlines and Southwest Airlines suffer data breach

Applying Zero-Trust Principles: Case Studies and Lessons From the Field

AQA also hit by exam paper cyber attack

Aqua Security Study Finds 1,400% Increase in Memory Attacks

Australian private insurer Medibank told to set aside £131m to strengthen security systems

Barts Health NHS Trust appears on BlackCat ransomware gang’s victim blog

Businesses are ignoring third-party security risks

Chipmaker TSMC confirms data leak after a cyberattack targeted its supplier

CISA issues DDoS warning after attacks hit multiple US organizations

City of Fort Worth in Texas acknowledges hacker group's claims of stealing 180 GB of government data

Clop Ransomware Continues to Exploit MOVEit Vulnerability

Critical Flaw Exposes ArcServe Backup to Remote Code Execution

Cybercriminals exploiting AI, persistence in ransomware

Cybercriminals Hijacking Vulnerable SSH Servers in New Proxyjacking Campaign

Cybercriminals ramp up tactics, employees remain top targets

Cybersecurity company INKY sheds light on emerging QR code phishing threats

Cybersecurity in Precision Agriculture: Safeguarding America’s Connected Fields

E-wallet phishing scams seen getting more sophisticated

Email Attacks Surge 464% as Ransomware Reigns Supreme

Email-based phishing attacks surge 464% in 1st half of 2023

Employees worry less about cybersecurity best practices in the summer

Free Akira ransomware decryptor helps recover your files

French, UK watchdogs say hackers-for-hire are targeting law firms

GCHQ reveals British government was hacked by foreign cyber spies 20 years ago

GCHQ Reveals Details of State-Backed Breach

Gigamon’s Cloud Security Report Shares Insights on Undetected Breaches & Deep Observability

GTBank, Unity Bank, others risk fines as Nigeria Data Protection Commission (NDPC) probes banks over data breach

GTBank, Zenith, Fidelity, Unity Bank Under Investigation For Data Breach

Hackers Claim $70 Million Ransomware Attack on TSMC, Hits Supplier Instead

Hackers exploit zero-day in Ultimate Member WordPress plugin with 200K installs

How Adversaries Exploit Generative AI in Cyber Attacks and How to Counter Them

How Injection Attacks Can Cripple Your Business?

Illegal access to data a serious threat to Africa

Incident of the Week: US Patent and Trademark Office suffers years-long data leak

Introducing 8Base, the new, highly active ransomware kid on the block

Iranian Hackers Using POWERSTAR Backdoor in Targeted Espionage Attacks

Keeping Cybercriminals Guessing: The Rise of Automated Moving Target Defense

LetMeSpy phone tracking app suffers data breach, exposing user information

LetMeSpy Users at Risk! Significant Data Breach Exposes Personal Information Of Users In India, US

LockBit Claims Taiwan Semiconductor Manufacturing Company (TSMC) Hack, Demands $70 Million Ransom

LockBit Ransomware Gang Takes $70M Chip Shot At TSMC After Alarming Security Breach

Mission Linux: How the open source software is now a lucrative target for hackers

MITRE Announces Most Dangerous Software Weaknesses

MITRE Unveils Top 25 Most Dangerous Software Weaknesses of 2023: Are You at Risk?

NCSC marks 20th anniversary of first response to state-sponsored cyber attack

NCSC Reveals Info on GCHQ’s First Response to State Cyber-attack

New proxyjacking attacks monetize hacked SSH servers’ bandwidth

New Ransomware Actor 8Base Rivals LockBit in Extortion

NHS data leak raises ‘serious questions’ about Manchester University cyber attack

NHS data stolen in Manchester University ransomware attack

NHS patient data compromised in university cyber attack

North Korea-linked Andariel APT used a new malware named EarlyRat last year

Over a million NHS users have data leaked following ransomware attack

Over Two-Thirds of Manufacturing Companies experience Data Encryption from Ransomware Attacks

Phishing Attacks, Account Takeovers Big Threat to Businesses on Social Media

Police investigate stolen exam papers after cyber attack

Pro-Russian hackers upgrade DDoSia bot used to attack Ukraine, NATO countries

Researchers Use Power LED to Extract Encryption Keys in Groundbreaking Attack

Rethinking cybersecurity strategies for the AI era

Russians may have hacked NHS trust with 2.5 million patients

Schneider Electric confirms being affected by MOVEit hack, denies data breach

Semiconductor giant says IT supplier was attacked; LockBit makes related claims

Seven Things To Include In Your Anti-Phishing Policy

Several US states investigating ‘SiegedSec’ hacking campaign

Silicon Heist: Notorious LockBit 3.0 Ransomware Gang Targets World's Biggest Chip Maker TSMC in a Daring 70 Million Ransom

Suncor Energy could see significant losses following cyber attack

Taiwan Semiconductor Manufacturing Company (TSMC) allegedly hacked by LockBit ransomware

Taiwan Semiconductor Manufacturing Company (TSMC) confirms data breach after LockBit cyberattack on third-party supplier

Taiwan Semiconductor Manufacturing Company (TSMC) denies LockBit hack as ransomware gang demands $70 million

Terrorism victims among those caught up in UK health data breach affecting 1.1 million

The Cloud Security Risks of Overprivileged Vendors

The healthcare sector needs better defence against phishing

The Virtual Digital Stranger: What ChatGPT Means for Network Security

Third Nigerian pleads guilty in BEC scams dating back nearly a decade

Torrent of image-based phishing emails are harder to detect and more convincing

TSMC hit by $70m cyberattack from LockBit ransomware gang

TSMC Says Supplier Hacked After Ransomware Group Claims Attack on Chip Giant

Ukrainian banks hit by pro-Russian NoName hackers

Understanding common internet-facing footholds exploited by bad actors

Understanding the Growing Professionalism of Cyber-Criminals

Understanding the threat of Business Email Compromise

US health department, law firms latest hit in wide-ranging hack

WeChat collects more usage data than they disclose

Western Australia government insurance claim data potentially stolen by ransomware gang AlphV in law firm hack

What are account takeovers (ATOs)?

Why mobile security protection is a public necessity

29th June

8Base Ransomware Attacks Show Spike in Activity

31% of breaches are being identified later

Akira Ransomware Expanded its Toolkit to Attack Linux Machines

Android Spy App LetMeSpy Suffers Major Data Breach, Exposing Users' Personal Data

As cybercrime evolves, organisational resilience demands a mindset shift

At least 100,000 could have had data exposed after US health department was hit by global cyberattack

Atomic Crypto wallet facing criticism, after giving security update

Audio deepfakes: How hackers are stealing your voice

Australian Capital Territory (ACT) Government confirms 'no definitive evidence' information was removed or misused in cyber security breach

Banks’ Grip on Online Fraud Is Growing, but Fincrime Attacks Remain a Threat to the Industry’s Future

Beware of Atmos Energy scammers, spoofed websites

Charming Kitten APT Group Uses Innovative Spear-phishing Methods

Charming Kitten’s PowerStar Malware Evolves with Advanced Techniques

ChatGPT Becomes Target for Hackers

Chattanooga State Hit by Ransomware, Affecting 1,244 People

CISA working with agencies to pull exposed network tools from public internet

Citi Trends, Inc. Announces Data Breach Affecting Thousands of Employees and Job Applicants

Clop's MOVEit Campaign Affects Over 16 Million Individuals

Construction and transport are most targeted by cybercriminals

Critical Security Flaw in Social Login Plugin for WordPress Exposes Users' Accounts

Cyber attack has caused significant loss to revenue, profitability: Granules India

Dallas to spend $4M on threat detection after ransomware attack

Dark Web Intelligence Shows Everest Ransomware Group Increasing Initial Access Broker Activity

Data Breach: Nigeria Data Protection Commission (NDPC) investigates banks, varsity, others

Data Breach: US Patent and Trademark Office Confirms Private Addresses of About 61,000 Filers in Years-Long Data Leak

Data Centers Can Fend Off DoS Attacks by Taking a Layered Approach

Department of Health and Human Services (HHS) among targets in government hacking attack

Encryption-less ransomware: Warning issued over emerging attack method for threat actors

England and Wales Introduce Stricter Laws on Revenge Porn and Deepfakes, But Are They Strong Enough?

Enterprise SIEMs miss 76% of all MITRE ATT&CK techniques used

Enterprises Unprepared to Defend Against MITRE ATT&CK Techniques

Experts published PoC exploits for Arcserve UDP authentication bypass issue

Explosive allegations: OpenAI faces lawsuit for data breach

Fluhorse: Flutter-Based Android Malware Targets Credit Cards and 2FA Codes

Fraud in Hong Kong: banks and businesses vow not to collect client data by text in joint effort with authorities to clamp down on phishing scams

From MuddyC3 to PhonyC2: Iran's MuddyWater Evolves with a New Cyber Weapon

Global rise in DDoS attacks threatens digital infrastructure

Granules India faces significant revenue loss following cyber security attack

Granules India flags significant loss of revenue as it continues to recover from cyber attack

Great Valley Cardiology Sued over 181,000-Record Data Breach

Hacker sets up Tor-based online shop to sell access to firms

Hackers attack Russian satellite telecom provider, claim affiliation with Wagner Group

Hackers attacked the Canadian government 2,300,000,000,000 times last year

Hackers claim to take down Russian satellite communications provider

Health IT vendor fined $75K for violating HIPAA

How advanced AI threatens banking security systems

How Advances in IT Security are Assisting in The Fight Against Data Breaches

How Financial Institutions Can Protect Themselves From Digital Transformation Data Security Risks

How major data breaches become finance’s problem

How the new deepfake reality will impact cyber insurance

How threat actors are weaponizing social media, from phishing to AI-powered deepfakes

How to Reduce Public Cloud Data Risks with a 3-Step Approach

Indigo ransomware attack cost millions, company says

Insider threats: Bungling IT operative caught in ransomware sting

IP Address Tracking and How To Protect Yourself

Ireland: Minister mulls outlawing cyber-attack ransom payments

Is AI ready to handle cyber-economic warfare?

Is Your Data Insider-Proof? Five Steps To Keep Your Secrets Safe

Japan in the Crosshairs of Many State-Sponsored Threat Actors New Report Finds

Japan Threat Landscape Takes on Global Significance

Japanese companies exposed to increased ransomware risk

Kaspersky’s New Report Reveals the Top Cyber Threats for SMBs in 2023

Kenya experienced an 82% increase in cyber attacks in 2022

Key differences between phishing and spear phishing

LockBit Dominates Ransomware World

LockBit expands its reach, targets macOS

Lumberton ISD cyberattacked, personal information stolen

MITRE releases new list of top 25 most dangerous software bugs

Mondelez class action alleges company data breach affects thousands

More than 16 million people and counting have had data exposed in MOVEit breaches

More than a million NHS patients’ details compromised after cyberattack

More Than Two-Thirds of Manufacturing Companies Hit by Ransomware Had Their Data Encrypted

MOVEit cyber attack impacts HHS, law firms

MOVEit hackers may have found simpler business model beyond ransomware

New EarlyRAT malware linked to North Korean Andariel hacking group

New ransomware group starts to wreak havoc

New Ransomware Variant Recruit users for Russian Wagner Group

Newly Uncovered ThirdEye Windows-Based Malware Steals Sensitive Data

Nigeria: Data Protection Act - Telcos, banks risk paying heavy fines

No consensus on creating a unified US cyber incident reporting framework

No place for ‘blame culture’ in cybersecurity

North Korean Hacker Group Andariel Strikes with New EarlyRat Malware

Over 130 Organizations, Millions of Individuals Believed to Be Impacted by MOVEit Hack

Personal data leaks as Perpetual hit by ransomware attack

Petro-Canada payment problems continue, but company says it's 'making progress' on fix

Phone-Tracking App LetMeSpy Says It Has Been Hacked

Popular generative AI projects pose serious security threat

Pornhub accused of illegal data collection in Europe

Precision Imaging Centers Experiences Data Breach Affecting Over 31k Patients’ Confidential Information

Pro-Russia DDoSia hacktivist project sees 2,400% membership increase

Proof-of-Concept (PoC) for Arcserve UDP authentication bypass flaw published (CVE-2023-26258)

Quishing on the rise: How to prevent QR code phishing

Ransom Payments by Companies Are Creating an Industry for Middlemen

Ransomware attack hits Lebanon schools

Ransomware attack on Econsult, major Philadelphia consulting firm, reportedly exposes employees’ personal info

Ransomware gang Akira adds malware targeting Linux to its arsenal

Ransomware is up significantly this year - is your business a prime target?

Re/insurance alone cannot absorb all risks from cyber incidents

Research reveals significant increase in sophisticated attacks against mobile devices

Rhysida Ransomware: RaaS Crawls Out of Crimeware Undergrowth to Attack Chilean Army

Rise of the script kiddie: a tenth of children say they can hack websites

Russian satellite telecom Dozor allegedly hit by hackers

Social engineering scams on the rise in APAC region

State treasurer alerts retirees of breach in vendor data security

Suncor cyberattack likely to cost company millions of dollars, expert says

Sweetwater UHSD Data Breach Compromises Student, Staff Info

Talcott Resolution Life Insurance Company Confirms 552,821 Customers Affected by Third-Party MOVEit Data Breach

The 10 Biggest Data Breaches of 2023 (So Far)

The Evolving Threat Landscape: Navigating the Challenges of Modern Cybersecurity

The key to Cyber Protection is Preparation: How to be cyber protected?

The latest victim of the MOVEit data breach is the Department of Health and Human Services

The top five cyber security incidents in June 2023

There’s no need for providers to ban ChatGPT use in healthcare

These taxpayers are being targetted by criminals in South Africa

Third Party Vendor Data Breach Hits Travel Industry During Peak Season: American, Southwest Airlines Lose Pilot PII

Third-Party Data Breach at Law Firm Impacts Snack Giant Mondelēz International

Three of the world's most expensive phishing attacks...and how they could have been prevented

To Be Cyber Resilient, It's Best To Layer Up

UCLA among victims of worldwide cyber attack

UCLA confirms it was hit by wide-ranging cyberattack but offers few details

Unmasking HMRC Self-Assessment Phish: How Attackers Outsmart Secure Email Gateways (SEGs)

US health department, law firms join list of MOVEit victims

US health department, law firms latest hit in wide-ranging hack

US health department, several companies affected by hacking campaign

USAA: Data breach gave ‘unauthorized individuals’ access to about 19,000 members’ personal info

VMware researchers issue alert on rising 8Base ransomware activity

VPN and RDP Exploitation the Most Common Attack Technique

'Wagner' Hackers Say They Shut Down Russian Satellite Internet Provider

WatchGuard Threat Lab report reveals new browser-based social engineering trends

WatchGuard Threat Lab Report reveals new security threats

What CalSTRS, CalPERS did in days after learning hackers had stolen retirees’ personal info

What Is Cybersecurity? Definition & Best Practices

What Is Virtual Desktop Infrastructure (VDI) and Is It a Safe Way to Work Online?

What to do after a data breach

White House outlines cyber budget priorities, including making ransomware ‘no longer profitable’

Why an Illinois law is at the center of Congress’ debate on new data privacy legislation

Zero-Day Exploits Dominate Malware from Web Traffic in Q1

Zimperium research reveals significant increase in sophisticated attacks against mobile devices

Zscaler uncovers increasing complexity and sophistication of ransomware

28th June

5 Things CISOs Need to Know About Securing Operational Technology (OT) Environments

8Base ransomware gang escalates double extortion attacks in June

8Base ransomware group leaks data of 67 victim organizations

8Base Ransomware Spikes in Activity, Threatens U.S. and Brazilian Businesses

‘200% rise’ in voice scams in APAC as gangs pivot to call centers

Activate Healthcare Notifies Patients of Data Breach Affecting Their PHI and SSNs

AI tools immature and prone to cyber-sabotage

Alert: New Electromagnetic Attacks on Drones Could Let Attackers Take Control

Andariel’s Mistakes Uncover New Malware in Lazarus Group Campaign

Atomic Wallet knew of security flaws prior to breach, class action claims

Attackers Using Social Engineering to Capitalize on the ChatGPT Buzz

Biden administration takes credit for warning hundreds of targets before ransomware attacks

California Official Urges Meetings After Large Data Breach

Community Health Systems sued again over data breach affecting 1 million patients

Community Research Foundation Posts Notice of Data Breach with the HHS-OCR

Critical Infrastructure Security Needs an Overhaul

Critical SQL Injection Flaws Expose Gentoo Soko to Remote Code Execution

CryptosLabs Scam Ring Targets French-Speaking Investors, Rakes in €480 Million

Cybersecurity incident at Suncor knocks Canadian gas stations offline

Data Breach at Australian Law Firm That Caters to Government Agencies, Finance Institutions Could Be the Worst in National History

Dozens of Businesses Hit Recently by ‘8Base’ Ransomware Gang

EncroChat Bust Leads to 6500 Arrests in Three Years

Experts Unconvinced by Upskill in UK Cyber Program

Experts warn of a spike in May and June of 8Base ransomware attacks

Exploit released for new Arcserve UDP auth bypass vulnerability

Exposed Interfaces in US Federal Networks: A Breach Waiting to Happen

Good Samaritan Hospital Settles Class Action Data Breach Lawsuit

Indigo lost $50M last year, in large part due to February cyberattack

Indigo ransomware attack cost millions, company says

Ireland: Government promises more cash and anti-ransomware taskforce in fight against cybercrime

Japanese companies exposed to increased ransomware risk through global business footprint

LG and Solar Service Guys Respond to Data Breach Allegations

Linux version of Akira ransomware targets VMware ESXi servers

MAC Pizza Files Notice of Data Breach Following Recent Ransomware Attack

Mobile Malware and Phishing Surge in 2022

Newly Surfaced ThirdEye Infostealer Targeting Windows Devices

NPM ecosystem at risk from “Manifest Confusion” attacks

Phishing Resistant Credentials For Azure and On-Premises: Cheaper and More Secure than Password-Based Authentication

Phishing Scam: Users Lose Over $1.2 Million in Polygon NFT Airdrop Fraud

Preparing health systems for cyber risks and insurance coverage

Providers Should Beware of Ransomware Gang Clop & The Latest Software Vulnerability It’s Targeting

Ransomware: Your Security Insurance Will No Longer Save You

Ransomware Attacks on US Hospitals Trigger Significant Ripple Effects on Neighboring Facilities

Ransomware Attacks up 37% Through April, Zscaler Report Says

Ransomware is on the rise, what can telcos do about it?

Research reveals rise in sophisticated attacks against mobile devices

Retailers and Ransomware 2023

Rezilion Report Finds World’s Most Popular Generative AI Projects Present High Security Risk

Security leaders discuss NSA guide to mitigate BlackLotus threat

Singapore: At least S$20,000 lost to fake Singtel SMS phishing scams since June

Spot Fake Extortion Attacks Without Wasting Time and Money

Standing up to the ransomware issue with Artificial Intelligence

State Department Offers $10M Reward for CL0P Ransomware Gang

Submarine Cables Face Escalating Cybersecurity Threats

Suncor Energy Responds to Cybersecurity Incident

The ransomware gang behind the sweeping MOVEit hack

The Risk of Generative AI and Large Language Models

'The threat is real' for oil and gas sector, says head of Canada's Cyber Centre

ThirdEye Infostealer Poses New Threat to Windows Users

Top 5 cyber threat actors of 2023

Treasurer Urges CalPERS, CalSTRS to Meet on Large Data Breach

Twitter Hacker Sentenced: A look into the 2020 Twitter Crypto Scam

UPS working with experts after phishing attack on some shippers, customers

US Patent and Trademark Office notifies filers of years-long data leak

USAA: Data breach gave ‘unauthorized individuals’ access to about 19,000 members’ personal info

Vitality Group Confirms MOVEit Vulnerability Resulted in Data Breach Affecting Consumers’ Health Information

Wagner ransomware wants to recruit its victims

Who is 8BASE? A deep dive into the "newish" ransom gang

Zurich Insurance Group secures data leak

27th June

5 ways to improve employee cybersecurity awareness

95% fear inadequate cloud security detection and response

Addressing the Persistent Challenge of Cyber Attacks: Understanding the Struggles Faced by Companies and Organizations

Altoona Water Authority (AWA) official recounts ransomware attack

Anatsa Banking Trojan Targeting Users in US, UK, Germany, Austria, and Switzerland

Anatsa Banking Trojan Targets Banks in US, UK and DACH Region (Germany, Austria and Switzerland)

Are GPT-Based Models the Right Fit for AI-Powered Cybersecurity?

Atlantic General Hospital Increases Ransomware Victim Count to Almost 140,000 Individuals

Australia regulator tells Medibank to set aside $167 million after data breach

Australia Regulator Tells Medibank to Set Aside $167M After Major Cyber Attack

BlackCat Claims Reddit Hack, Threatens to Leak Damaging Info Stolen During the February Data Breach

Brunswick provides operations update following cyber attack

CalSTRS Notifies Members of Third-Party Data Breach Related to Vendor’s Use of Hacked Software

Chattanooga State Says Personal Information Of 1,244 Compromised During Ransomware Attack

Conner Strong & Buckelew Notifies 15,064 Consumers of Data Breach That Leaked Their SSN

Cyber Attack Targets SPD Party Executive Email Accounts

Data protection and security: strengthening defences, redefining collaboration

Desert Physicians Management Announces Data Breach on Behalf of Multiple Providers

Employees notified of data breach at Sweetwater Union High School District

EncroChat Bust Leads to 6,558 Criminals' Arrests and €900 Million Seizure

EncroChat dismantling lead to 6500 arrests, EUR 900 million seized

EncroChat takedown led to 6,500 arrests and $979 million seized

Enhancing data security in the defence industry through encryption

Fort Worth's online services affected by data breach

Google removes trojan-laden Android apps from Play Store: How they affected users

Hacker Gains Access To Southwest Airlines And American Airlines Pilot Applications

Hacker Plugwalkjoe who targeted President Obama, Jeff Bezos, Elon Musk social media accounts sentenced to prison

Hackers Hiding DcRAT Malware in Fake OnlyFans Content

How Application Allowlisting Combats Ransomware Attacks

How better cyber sense, zero trust can help overcome the new 'CEO scam'

How ChatGPT and AI Impact Cyber Risk

How does your board measure cyber resilience?

How to Recover From a Cyber Attack

Hundreds of devices found violating new CISA federal agency directive

Lackawanna County, Pennsylvania, Lawsuit Filed Over Data Breach

Latitude’s woes continue as firm hit with $1 million lawsuit over data breach

Lawsuit filed against Commonwealth Health cardiology following patient data breach

Lessons From Clop: Combating Ransomware and Cyber Extortion Events

Losses from online payment fraud to exceed $362bn globally over next 5 years, fuelled by accelerating ecommerce

Manchester University students threatened by ransomware gang

Maryland Department of Human Services, Johns Hopkins University affected by data breach

Medibank hit with $250m extra capital requirement for data breach

Meta’s Data Practices Are in the Spotlight: Brands Should Pay Close Attention

Millions warned over bank-raiding email lurking in your inbox – check your Gmail and Outlook right now

More than 6,500 arrested since French and Dutch police’s EncroChat hack

NCSC Launches Cyber Risk Management Toolbox

New Fortinet's FortiNAC Vulnerability Exposes Networks to Code Execution Attacks

New Mockingjay Process Injection Technique Could Let Malware Evade Detection

New Mockingjay process injection technique evades EDR detection

New Ongoing Campaign Targets npm Ecosystem with Unique Execution Chain

New York City Department of Education Confirms Student and Employee Information Leaked in MOVEit Data Breach

New York City Public Schools among MOVEit data breach victims

North Oak Cliff Branch Library back to normal following city ransomware attack

Over Half of UK Banks Are Exposing Customers to Email Fraud

Payments Lobby: Anti-APP Fraud Policies Could Increase Scams

Petro-Canada stations hit by Suncor cyberattack

Pilot Applicant Information for American, Southwest Hacked

Priorities in preparing for a ransomware attack: people, processes, and technology

Ransomware toll at Maryland hospital increases to 137,000 patients

Regulator sanctions Medibank following data hack review

Rise in phishing and smishing attempts

School cyber teams go back to the drawing board

School’s out for summer, but it’s not time to let your cyber guard down

See Something, Say Something – The Importance of Employee Reporting in Cybersecurity

Seizure of EncroChat Enables Police Access to 115 Million Conversations

Siemens and UCLA say data compromised in MOVEit data breach

Siemens Energy confirms data breach after MOVEit data-theft attack

Siemens Energy Investigating Dark Web Ransomware Claim

Siemens Energy, UCLA listed by MOVEit hackers

SMEs Face Ransomware Risk

SOTI Research Shows 78% of Global Healthcare Providers Experienced One or More Security Breaches Since 2021

South Africa: FNB’s 5 Essential Safety Tips to Foil Phishing and Smishing Attempts

South Africa Revenue Service (SARS) warns of new scam targeting taxpayers – this is what it looks like

State and Local Governments Must Develop a Multilayered Approach to Ransomware

Study Reveals Alarming Gap in SIEM Detection of Adversary Techniques

Study shows a 54% increase in ransomware incidents in Singapore

Submarine Cables at Growing Risk of Cyber-Attacks

Suncor cyberattack likely to cost company millions of dollars, expert says

Surviving 2020’s ransomware: SolarWinds’ cybersecurity revamp and APAC expansion

Swiss intelligence warns of fallout in cyberspace as West clamps down on spies

The ChatGPT-powered cyber threats you should absolutely know about

The Human Element in Phishing: How Behavioral Analysis Enhances Anti-Phishing Solutions

The rise and fall of the Conti ransomware group

The Role Of Sandboxes In Enhancing Cybersecurity Measures

The Unsung Heroes: Security Teams Grappling with Personal Cyber Threats to Executives

There’s no winning the cyber war - but that’s OK

UCLA, Siemens Energy latest MOVEit victims to confirm breaches

Ultimate Guide to Optimizing Android Privacy and Security Settings

University System of Georgia contract and emails reveal more information about data breach

Users Lose Over $1.2M To NFT Airdrop Phishing Scam on Polygon

Vietnam: APT attacks at important establishments increase

'Wagner' Ransomware Targets Computers in Russia

What is Data Loss Prevention (DLP)?

What is RepoJacking and How Organizations are Vulnerable to It?

Who is behind the sweeping MOVEit hack?

Widespread BEC attacks threaten European organizations

With phishing scams on the rise, firms need to act and adopt 'simple' cybersecurity solutions

26th June

3 Steps to Successfully & Ethically Navigate a Data Breach

$10 Million Offered to End Clop Ransomware Spree Through State Department “Reward for Justice” Program

12 Negative Effects Cyber Attacks & Data Breaches Have on Businesses & Consumers

52% of reported breaches came through third-party partners

81% of organizations have implemented policies around generative AI

Activision Blizzard games crippled by hours-long DDoS attack

Addressing the Persistent Challenge of Cyber Attacks: Understanding the Struggles Faced by Companies and Organizations

All Gmail and Outlook users warned over ‘picture attack’ - check email addresses for clue or risk bank drain in seconds

American, Southwest Airlines Disclose Pilot Data Breach

Anatsa Android trojan now steals banking info from users in US, UK

Anonymous Sudan’s Attack of European Investment Bank: Money, Politics and PR

April’s Harvard Pilgrim Health Care Data Breach May Impact 200,000 in New Hampshire

Atlanta Postal Credit Union Files Notice of Recent Data Breach Following Ransomware Attack

BlackCat ransomware gang publishes 1.4TB of data stolen from Australian law firm HWL Ebsworth

Blizzard Entertainment hit by DDoS attack

British Twitter Hacker Sentenced to Prison in US

Brunswick Operations Normal Again After Cyber Attack

Buried Story of the 2023 Verizon DBIR: Ransomware Stopped Growing

Calgary-based Suncor Energy says it suffered a cyber security incident

CalPERS, CalSTRS, Genworth Among Those Affected by Moveit Data Breach

Canadian oil giant Suncor confirms cyberattack after countrywide outages

ChatGPT’s phishing ‘problem’ may not be overstated

Chinese APT Group Uses New Tradecraft to Live Off the Land

Chinese Hackers Using Never-Before-Seen Tactics for Critical Infrastructure Attacks

CISOs are More Concerned with Lawsuits, and API Security

Cl0p in Your Network? Here's How to Find Out

Companies Call for Changes to UK’s Cyber Essentials Scheme

Cyber Attack Causes Problems for Fort Worth, Texas

Data Breach at UPS Canada Disclosed: Some Stolen Customer Information Was Abused in SMS Phishing Attempts

Data Breach of Third-Party Vendor Used by Genworth

Data Is Key to Agencies’ Zero-Trust Implementations for the Rest of 2023

Effective security training programs are vital to creating a cyber-aware workforce

Email Phishing Scam Targets Licensed Insurance Producers in Nevada

Employee security awareness is key in fight against cyberattacks

Exploring the persistent threat of cyberattacks on healthcare

Fake Super Mario 3 Installers Drop Crypto Miner, Data Stealer

Fintech’s Crucial Role in Reducing Cyber Threats

Former RAIDForums member sentenced to three years in prison by Amsterdam court

Fort Worth government officials confirm cyber incident but deny leak of sensitive info

Fortra GoAnywhere hack impacted the University of Toledo Medical Centre

Generations Federal Credit Union is latest San Antonio institution hit by data breach

Genworth Financial Reports Data Breach Leaking SSNs Belonging to 2.7M Policyholders and Customers

GeoSouthern Energy Corporation Confirms Employee Data Breach Leaked Over 21k SSNs

Government Cautions ChatGPT Users Against Threat of Phishing and Malware

Growing Need for Cybersecurity in Interconnected World

Hacker Behind Massive Twitter Breach Finally Jailed

Hackers steal data of 45,000 New York City students in MOVEit breach

High-Impact Attacks On Critical Infrastructure Climb 140%

How Generative AI Can Dupe SaaS Authentication Protocols - And Effective Ways To Prevent Other Key AI Risks in SaaS

How To: Protect Organizations Against ChatGPT Cyber-Threats

India: Not immune to cyber attacks, police plan counter-offensive

Indian tech retail giant Poovika leaked over 8 million sensitive data records via unsecured cloud database

Infamous Twitter Hacker Sentenced to 5 Years in Prison

Japanese Cryptocurrency Exchange Falls Victim to JokerSpy macOS Backdoor Attack

Latitude hit with $1 million lawsuit over data breach

Lutheran Social Services of Illinois Announces Data Breach Affecting Over 150k Individuals

Malicious Actors Utilizing QR Codes to Deploy Phishing Pages to Mobile Devices

Mallox Ransomware Attack IT Industries With New Attack Pattern

Metro Vancouver Transit Police Hit by Cyber Attack

Microsoft Teams Flaw Sends Malware to Employees’ Inboxes

Microsoft Warns of Widescale Credential Stealing Attacks by Russian Hackers

Millions Face RepoJacking Risk on GitHub Repositories

MOVEit breach exposes data of 45,000 New York City students

MOVEit compromise affects pension systems, insurers

Nevada Division of Insurance Warns About Email Phishing Scam

New PindOS JavaScript dropper deploys Bumblebee, IcedID malware

New York City (NYC) Schools Data Breach Compromises 45,000 Students and Staff

New York's D’Youville University says students' names and SSNs were compromised in a security incident

NHS Psychiatrist Jailed; Dark Web Forum and 7,000 Images Seized

Notorious Hacker PlugwalkJoe Sentenced to Five Years for Cryptocurrency Swindle

NSA Releases Guide to Mitigate BlackLotus Bootkit Infections

Oregon Department of Transportation Confirms an Estimated 3.5 Million Affected by MOVEit Data Breach

Pakistan-based threat actors attacking IITs, Indian Army: Modus operandi, motive, and other details to know

Palomar Health Announces Third-Party Data Breach Affecting Patients at Palomar Two Locations

Pilot data of American Airlines and Southwest stolen in data breach

Policy, Plan & Playbook: Preparing a Cybersecurity Incident Response

Ransomware: recovering from the inevitable

Ransomware attacks affect consumer behaviors

Ransomware is most popular Malware-as-a-Service

Reported data breach of NYC schools compromises sensitive information of 45,000 students

Researchers Find Way to Recover Cryptographic Keys by Analyzing LED Flickers

Scammers Target Major US Grocery Chains Demanding Bitcoin Payments

Security leaders say cloud platform misconfiguration is biggest threat

Serious IDOR Vulnerability Found In Microsoft Teams

Singapore: 16-year-old arrested alongside 8 others in massive phishing scam that saw victims lose CPF deposits

SolarWinds executives receive Wells notice from US Securities and Exchange Commission (SEC)

SolarWinds says Securities and Exchange Commission (SEC) investigation ‘progressing to charges’

Southwest, American Airlines pilot data exposed

Student Sues Whitworth University for Ransomware Damages

Suncor Energy confirms it was the victim of a cyberattack

Suncor Energy cyberattack could prove 'sizable incident,' security expert warns

Suncor Energy cyberattack impacts Petro-Canada gas stations

Suncor Energy hit by cyber attack; Petro-Canada gas stations impacted

Super Mario gamers targeted by malicious hackers

The Growing Threat of Mobile Phishing: How Anti-Phishing Technologies Adapt to New Challenges

The potent cyber adversary threatening to further inflame Iranian politics

The Role of 2FA in Protecting Against Phishing Attacks

The top five cybersecurity mistakes SME businesses are making

The University of Manchester Confirms Data Breach in June 2023 Owing to Cyberattack

Three-quarters of consumers are ready to ditch a company after a ransomware attack

Twitter Celeb Account Hacker Heads to Jail for 5 Years

Twitter Celeb Hacker Jailed For Five Years

Twitter Hacker Sentenced To 5 Years In Prison For 2020 Breach

Twitter hacker who took over Musk, Obama, Biden accounts in 2020 gets prison sentence

UK hacker busted in Spain gets 5 years over Twitter hack and more

UK-based university confirms data breach in recent cyberattack

Umbral Stealer Discovered in Trojanized Super Mario Installer

Uncovering attacker tactics through cloud honeypots

Uncovering The Path Of 22M+ XRP Moved By The Atomic Wallet Hacker On XRPL

US Authorities Seize BreachForums Domain

Vincera Institute says ransomware attack compromised the healthcare information of 25,000 patients

What Would a Ransomware Attack on Your Smart Home Look Like?

Why cyberattacks against Australian organisations are increasing

Why immutable backups are key in the fight against ransomware

Why Pakistani Hackers Are Now Targeting IITs, NITs

Why you need a fresh approach to cloud security in 2023

Wilton Reassurance Announces Data Breach Related to MOVEit Software Vulnerability