Editor's Message

Welcome to DBD. On March 8th we celebrated our 4th Anniversary and the 1st Anniversary of our PRiSM application, officially endorsed by the SANS Institute. Despite recent personal issues that have impacted the amount of time I have been able to dedicate to both projects, I have been doing my best to keep everything as up-to-date as possible, and I would like to take this opportunity to thank everyone for their patience and support whilst I navigate through this very difficult time. Stay safe. :)



Monday 31 July 2023

Everlast: US Boxing Equipment Manufacturer's Online Store Suffers "Magecart" Attack Compromising Customers' Payment Card Details

Data Breaches Digest - Week 31 2023

Welcome to this week's Data Breaches Digest, a catalogue of links concerning Data Breaches and Cyber Security that were published on the Internet during the period between 31st July and 6th August 2023.


6th August

AI tools like ChatGPT increasingly used by cybercriminals for phishing, experts warn

Anger after Hastings Council mistakenly reveal hundreds of personal email addresses

BlueCharlie changes attack infrastructure in response to reports on its activity

Calls to investigate blacklisted spyware firm with offices in Dublin

Colorado Department of Higher Education (CDHE) discloses data breach after ransomware attack

Crypto Hackers’ Tendency Toward Returning Stolen Funds Rises In 2023’s First Half! What’s the Reason?

Curve Finance recovers all stolen funds from hacker

Cyberattack disrupts California based health-care system’s services

DeFi Lender Alchemix Says Vyper Hacker Returned Stolen Crypto

FBI investigates ransomware attack on California-based healthcare provider

FBI Investigating Ransomware Attack on Rhode Island Hospital Group

FBI warns of phishing scams and social media account hijackers

From Passwords to Phone Verification: The Evolution of Authentication Solutions in the Digital Age

Global Ransomware Attacks: Cyber Attacks at All-Time High, US Primary Target

How AI is Enhancing Database Security for a Safer Digital World

Indian Railway Catering and Tourism Corporation (IRCTC) warns against fake mobile app targeting users

Insider Threat Statistics 2023: Insider Threats Cause 60% of Data Breaches

O2 issues urgent warning over new elaborate 'one time code' scam fraudsters are using

Package undelivered: Kaspersky warns of scams targeting courier service users in the Middle East

Protecting Passwords in the Age of Artificial Intelligence

Public Charging Scam: How To Know If Your Phone Has Been Hacked

Ransomware cyber attack disrupts hospitals and clinics in Pennsylvania, four other states

Salesforce Zero-Day Flaw Exploited In Facebook Phishing Attacks

Securing Our Connected World: Cybersecurity Challenges and Solutions for Global Smart Homes

Singapore: 83-year-old among 426 suspects investigated for their roles in scams involving over $14 million

Social Security Number: What can someone do with your SSN?

Spyware maker LetMeSpy to close shop after hacker trashes server

The Cost of Ransomware in Europe: Evaluating the Impact on Telecom and Internet Industries

The Philippines: Fortifying cybersecurity to combat threats

The Role of Internet Security Services in Shaping Africa and the Middle East’s Digital Landscape

Threats to Cybersecurity in the Digital Banking Industry

Using AI to predict and prevent AI-powered job scams

What Is a Pass-the-Cookie Attack? How to Stay Logged In to Websites Safely

Years later, the Ashley Madison hack remains an unsolved internet mystery

5th August

AI may prevent or worsen hacking incidents

Alchemix and JPEG’d Recoup Losses as Curve Finance Hacker Returns Stolen Funds

Alchemix reports return of all stolen funds from Curve pools

Artificial intelligence provides weapon in war against scams and data theft

Australia: National Disability Insurance Scheme hit by law firm's data breach

Can Deleting Browser Cookies Prevent Session Hijacking?

Clop ransomware now uses torrents to leak data and evade takedowns

Colorado Department of Higher Education reports massive data breach

Colorado Department of Higher Education warns of massive data breach

Critical infrastructure: Combat cyberattacks in South Africa

Cyberattack disrupts health-care system’s services in several states

Delete immediately: Urgent warning over 32 password-stealing Android apps

Generative AI Cybercrime Tools: The Dark Side of AI

Government and public services face 40% more cyberattacks, struggle to protect due to lack of resources

Hacker Steals Over 60,000 American Airlines AAdvantage Miles

How can data be stolen from a WiFi network?

How to Check If Companies Are Selling Your Email Address

India: Union Government to Pocket Data Breach Penalties Under Digital Personal Data Bill

Large Sporting Events Potential Easy Targets of Cyberattacks, Microsoft Warns

Litres admitted to a user data leak and promised to strengthen security measures

Microsoft Addresses Critical Power Platform Flaw After Delays and Criticism

New acoustic attack steals data from keystrokes with 95% accuracy

New High-Severity Security Flaw Found in PaperCut Print Management Software

New Study Shows How AI is Boosting Ransomware

Niger coup: Hacker ring targets Nigerian companies over ECOWAS threat of military action

Protecting Your Data in the Age of Global Cloud Computing: Strategies and Solutions

Ransomware attack disrupts healthcare systems in at least three states

Reptile Rootkit: Advanced Linux Malware Targeting South Korean Systems

Researchers Uncover New High-Severity Vulnerability in PaperCut Software

Russia has turned to the ‘hackers’ of its intelligence service to launch a massive attack against the West

Security Considerations for Cryptocurrency Wallets: Best Practices and Tips

Spyware maker LetMeSpy shuts down after hacker deletes server data

The biggest health care data breaches you should know about in Wisconsin

The Clop Ransomware Gang Adopts Torrents for Data Leak

The FBI is investigating a multiple-state hospital ransomware attack

The Recovery of $10 Million in Crypto: Inside the JPEG’d and Curve Finance Incident

What happens when a cybercriminal gets access to your email address?

4th August

97% of executives access work accounts on personal devices

2,000 firms hit by ransomware, small firms more likely to pay

About 1.7 million Oregon Health Plan members affected by data breach

Arkham Intelligence offers bounty for identifying FTX hacker

Bangladesh: Country in risk of targeted cyber attack on August 15, says Computer Incident Response Team (CIRT)

Bangladesh: Government issues cyber attack alert on August 15

BlackBerry Identifies Notorious Malware Targeting Crypto

BPP Law School hit by cyber attack

Capita draws a line under £25 million cyber attack as it swings to half-year loss

Capita drops to loss as outsourcer flags up to £25m in cyber attack costs

Capita falls as it reports loss, counts cost of cyber attack

Capita shares plummet 11 per cent as contractor reveals cyber attack cost £25m

Colorado Department of Higher Education victim of a major data breach, over a decade of students affected

Colorado students' records exposed after massive data breach

Credentials Account For Over Half of Cloud Compromises

Curve hacker behind $61M heist begins returning funds

Cyber insurance pricing in Asia surged by 8%

Cyber-attack to cost outsourcing firm Capita up to £25m

Dallas Ransomware Attack May Have Compromised Names, SSNs

Data breaches increase almost three times globally

Defending Against AI-Based Phishing Attacks

Discarded medical devices found to have troves of information on healthcare facilities

Employee data stolen in Aristocrat cyber-attack

Expert voices pile up on Microsoft’s “negligent” security management

Extended warranty robocallers fined $300 million after 5 billion scam calls

Fake VMware vConnector package on PyPI targets IT pros

FBI Investigating Cyber Attack Affecting Connecticut Hospitals

FBI investigating ransomware attack crippling hospitals across 4 states

FBI warns of scammers posing as NFT devs to steal your crypto

Finland: Scammers phishing bank IDs with fake Suomi.fi messages

Generative AI Adding to the Risks for Embedded Credentials

Global ransomware attacks at an all-time high and the US is the primary target

Globally Used Points.com Loyalty System Hacked for Good

Google explains how Android malware slips onto Google Play Store

Google Report Reveals Most Widely Used Cloud Attack Vectors

Hackers are now targeting high-profile sports events, venues

Hackers Deliver Magniber Ransomware Disguised as Windows Security Update Package

Hacktivist or just hacker: Compromising morals for money

Health data of 1.7 million Oregon residents accessed by MOVEit hackers

Hong Kong: Revised Breach Handling and Notifications Guidance published by the PCPD

Hopedale police say they have their Facebook page after losing control earlier

Hospitals around the country affected by Prospect Medical ransomware attack

How a Federal Ban on Ransomware Payments Could Help CISOs

How phishing scams have changed and how to protect against them

How SMBs Can Navigate The Data Security And Privacy Implications Of Generative AI

India: Data Protection Bill, 2023 Goes Hard On Data Breach, Proposes Severe Penalties

Jefferson County Schools still recovering from spring break ransomware attack as students return for new school year Tuesday

Lawsuit accuses hospital of sharing patient health data with Facebook

Legacy Flaws Dominate Top 12 Vulnerabilities List

Major Cybersecurity Agencies Collaborate to Unveil 2022's Most Exploited Vulnerabilities

Malicious npm Packages Found Exfiltrating Sensitive Data from Developers

Mastering Network Security: A Comprehensive Guide to Cyber Defence

Mauna Kea telescope suspends operations following attempted cyber attack

Medical Records Score Large Paydays for Identity Thieves

Microsoft fixes flaw after being called irresponsible by Tenable CEO

Microsoft resolves vulnerability following criticism from Tenable CEO

Microsoft Says Russia-Linked Hackers Behind Dozens of Teams Phishing Attacks

Microsoft Warns of Growing Cyber-Threats to Sporting Events

Morehead State Gives No New Details on July Cyber Attack

Most vulnerabilities have one thing in common: they’re old

National Disability Insurance Scheme (NDIS) participants distressed after data caught up in HWL Ebsworth breach

New PaperCut critical bug exposes unpatched servers to RCE attacks

North Kingstown to offer free credit monitoring after cyber attack

On average shareholder value drops 9% year after major cyber incident

Pennsylvania's Allegheny County says MOVEit data breach impacted over 967k residents

Phishing Statistics By Types, Country and Age Group

Points.com glitch left millions of records exposed

Ransom attack forces multiple US hospitals to suspend services in northeast

Ransomware attacks cost manufacturing sector $46 billion in downtime since 2018, report claims

Serco confirms data on 10,000 people was stolen in a MOVEit Transfer vulnerability breach

Sophisticated Phishing Exploits Zero-Day Salesforce Vulnerability

Stealthy npm Malware Exposes Developer Data

Teach a Man to Phish and He’s Set for Life

Telcos facing marked increase in cyber attacks

Tempur Sealy Resumes Operations After Cyber Attack

The direct impact of cyberattacks on patient safety and care delivery

These were the most exploited security vulnerabilities of 2022 - is your business protected?

Top 12 vulnerabilities routinely exploited in 2022

Top Cloud Misconceptions that Could Damage Your Organization

UK Government: Cyber-Attacks Could Kill or Maim Thousands

Ukraine may be winning ‘world’s first cyberwar’

Unmasking the vulnerabilities: Data breaches and Blockchain’s shield of security

Unum Group Confirms MOVEit Data Breach Leaked Customer Info, Including SSNs

US retail chain Hot Topic said multiple credential attacks led to a major customer data breach

VMConnect: Python PyPI Threat Imitates Popular Modules

VPNs remain a risky gamble for remote access

Watch out - that PowerPoint link could be Chrome malware

3rd August

7 fake cryptocurrency investment apps discovered in Google Play, Apple App Store

13 simple ways SMEs can improve cyber security

Apple Mac Crypto Stealing Hack Tool for Sale on Dark Web

Avoiding Bitcoin Phishing Scams: Tips and Best Practices

Bangladesh hacktivists target critical infrastructure in India, Israel, and Australia

Bangladeshi hacktivists targeting India, Israel with DDoS attacks

Beware! Google AMP's use in phishing campaigns is on the rise

Beware of this latest phishing attack disguised as an official Google email

Bitcoin Investment Education: Reducing the Risk of Falling for Scams

BlackBerry Quarterly Threat Intelligence Report finds governments and public services facing 40 per cent more cyberattacks

BlackBerry reveals top crypto-focused malware amid rising cyber threats

Board Rooms and Cybersecurity: How to Protect Sensitive Information

BPP targeted in cyber attack

CERT-In flags ransomware: What is Akira, a new virus spotted in cyberspace?

Chrome malware Rilide targets enterprise users via PowerPoint guides

Cisco Talos Discusses Flaws in SOHO Routers Post-VPNFilter

Companies Should Implement ROI-Driven Cybersecurity Budgets, Expert Says

Consolidated network visibility, security can help enterprises minimize cyberthreats

Critical Infrastructure Workers Better at Detecting Phishing

Crypto hacks drain Curve money pools of $70 Million

Cyber-Attacks Targeting Government Agencies Increase 40%

Cyberattack suspected in computer system outage for Eastern Connecticut Health Network, Waterbury HEALTH

Cyberattacks on governments and public services were way up this spring, research shows

Cybersecurity: How Can Companies Benefit From FBI and Homeland Security Collaboration?

Cybersecurity Firm Blasts Microsoft for Slow, Incomplete Bug Patches

Data breaches grow nearly three times, with US accounts most compromised

Data breaches have seen a huge rise in 2023 so far

Dorchester Police issues warning over 'phishing' emails

Exploring the Impact and Prevention of Ransomware Attacks

FBI, CISA, and NSA reveal top exploited vulnerabilities of 2022

Feds launch probe into China's US government email hack

Finland sees fourfold spike in ransomware attacks since joining NATO

Food manufacturers top three for ransomware attacks

Fortinet VPN bug tops CISA’s list of most exploited vulnerabilities in 2022

Got a data breach alert? Don't ignore it. Here's how to protect your information

Hacker group targets Nigerian companies over ECOWAS threat of military action against Niger

Hackers can abuse Microsoft Office executables to download malware

Hackers exploit Salesforce email zero-day for Facebook phishing campaign

Hacktivist Collective “Mysterious Team Bangladesh” Revealed

Hacktivists fund their operations using common cybercrime tactics

Hawai'i's Gemini North observatory suspends operations following cyberattack

Hospitals double the odds of a data breach during merger period, study finds

Humans Unable to Reliably Detect Deepfake Speech

Hundreds of Citrix Endpoints Compromised With Webshells

Hundreds of Citrix NetScaler ADC and Gateway Servers Hacked in Major Cyber Attack

Illegal movie streamers targeted by viruses, warns leading VPN

India: Government has a warning about this 'ChatGPT scam'

India resurrects data privacy bill following abrupt pullback last year

Ivanti discloses another vulnerability in MobileIron Core (CVE-2023-35082)

Ivanti Discloses Yet Another Critical Flaw

Ivanti Zero-Day Vulnerability Exploited in a Cyber Attack on 12 Norwegian Government Ministries

Malicious Apps Use Sneaky Versioning Technique to Bypass Google Play Store Scanners

Malicious PyPI package ‘VMConnect’ imitates VMware vSphere connector module

Manufacturing Sector Reeling From Financial Costs of Ransomware

Martin University 2022 data breach still impacting those needing transcripts

Microsoft: Russian hackers behind Teams attacks

Microsoft Exposes Russian Hackers' Sneaky Phishing Tactics via Microsoft Teams Chats

Microsoft Flags Growing Cybersecurity Concerns for Major Sporting Events

Microsoft Identifies Russia-Based Hackers For Teams Phishing Attacks

Microsoft Teams Targeted in Midnight Blizzard Phishing Attacks

Mobile Security: How to Keep Employee Cell Phones Safe

Montclair Township's IT department resumes operations after $450,000 settlement with attackers

MoveIt Transfer attacks dominate July ransomware disclosures

"Mysterious Team Bangladesh" Targeting India with DDoS Attacks and Data Breaches

Mythbusting Through the AI Noise in Cyber: What You Need to Know

New Microsoft Azure AD Cross-Tenant Synchronization (CTS) feature can be abused for lateral movement

New Version of Rilide Data Theft Malware Adapts to Chrome Extension Manifest V3

Payroll Issues Persist At Ross Memorial Hospital Months After System Hacked

People with Disability Australia (PWDA) Addresses National Disability Insurance Scheme (NDIS) Data Breach Incident

PH Tech Data Breach Impacts 1.7 Million Oregon Health Plan Members

Philippine authorities strike a major blow against cybercrime

Ransom gangs have cost manufacturers $46 Billion

Ransomware Attacks Have Doubled Across Key Industries

Ransomware on manufacturing industry caused $46 Billion in losses

Researchers Discover Bypass for Recently Patched Critical Ivanti EPMM Vulnerability

Researchers Leverage ChatGPT to Expose Notorious macOS Malware

Resilience Reimagined: Transportation Security Administration (TSA) Amends Critical Pipeline Security Directive

Rhysida ransomware group claims major cyber attack on the University of West Scotland

Russia-backed hackers used Microsoft Teams to breach government agencies

Russian APT 'BlueCharlie' Swaps Infrastructure to Evade Detection

Russian APT phished government employees via Microsoft Teams

Russian Hacking Group Shakes Up Its Infrastructure

Russian Midnight Blizzard Hackers Hit Microsoft Teams in Precision Attack

Safeguarding User Data: How Innovative Technologies Are Bolstering Client Security

Satellites easier to hack than a Windows device

Scams with HR credentials spread this summer season

Scottish NHS trust ducks fine after staff shared patient data via WhatsApp

Serco employee data exposed via MOVEit attack on third-party

South Africa: Courier package undelivered email scam on the rise

Storm-0558 Isn’t Over Yet

Terrorism and cyber attack warning as 25 biggest threats facing Ireland revealed

The Crucial Need for Modern Web Security: Reinforcing Endpoint Protection in Organizations

The rise of cyber security threats in retail: a call for proactive measures

Understanding Carriage Return Line Feed (CRLF) Injection: A Web Application Vulnerability and Mitigation

Understanding social engineering and preventing account takeovers

Unified Payments Interface (UPI) Fraud: Tips to keep yourself safe from scammers while making UPI payments

US government contractor Serco discloses data breach after MoveIT attacks

US healthcare firm Synergy said December cyber attack affected over 58,000 patients

Was the digital transformation worth it, security-wise?

What happens to your personal info after a data breach?

What Is Hyperautomation? What It Means For Security Teams

What is Privileged Access Management (PAM)?

What is Vishing? Definition, Examples and Prevention

Why You Should Never Share Your Boarding Pass On Social Media

2nd August

1 in 100 emails is malicious

67% of data breaches start with a single click

AI drives ransomware to new highs

AI-Enhanced Phishing Driving Ransomware Surge

AI-Powered CryptoRom Scam Targets Mobile Users

Allegheny County issues notice of data breach

Amazon cloud service targeted using own system manager

Amazon's AWS SSM agent can be used as post-exploitation RAT malware

Anyone streaming free movies urged to avoid blockbuster with 'worst' virus risk

Attackers can turn AWS SSM agents into remote access trojans

Audit finds Calcasieu Parish School Board still missing $789K from scam

Billions of Google Chrome users warned to delete ALL popular extensions right now – experts explain why

Brazilian man arrested for hacking into judicial system claimed that former President Jair Bolsonaro asked him if he could hack electronic voting machines

Burger King forgets to put a password on their systems, again

Business email compromise attacks outpace malware

Cado Security Report Surfaces Most Common Cyberattack Vectors

Can hackers see your screen?

Canon warns printers might expose sensitive data

CareSource victim of Cl0p attack, patient data allegedly leaked

Children’s Time Spent Online Increases Risks of Scams

China blames the US for a cyber attack on the Wuhan Earthquake Monitoring Centre

CISA in New Warning Over Ivanti Vulnerabilities

Cloud firm assisted 17 state-sponsored hacking groups

Cloud Firm Under Scrutiny For Suspected Support of APT Operations

Cloud Providers Becoming Key Players in Ransomware

Cloud Service Provider Cloudzy Accused of Aiding Ransomware and APTs

Cost of data breach in ASEAN, The Philippines reaches all-time high

CryptoRom scammers exploit AI to target iPhone and Android users

Cyberattack response times are accelerating

Data breach affects 1.7 million Oregon Health Plan members

Empowering Learners And Protecting Privacy: Advancing Data Security In EdTech

Fake Chat App On Android Steals Signal and WhatsApp Data

Fake FlipperZero sites promise free devices after completing offer

Hacker steals $20 million USDT through zero-value transfer scam

Hackers exploited Salesforce zero-day in Facebook phishing attack

Halcyon Unveils The Facilitators Of Ransomware Attacks

Healthcare Cyber Threats: 5 Essential Insights for Ensuring Your Safety

Healthcare workers info exposed in British Columbia Health data breach

Hong Kong records drop in email phishing cases, but scam drill shows cybersecurity awareness ‘still lacking’

Hot Topic hit by wave of cyber attacks

How AI can make businesses more resilient to data breaches

How do hackers find you?

How to Manage Cyber Risk

Industrial Control Systems Vulnerabilities Soar: Over One-Third Unpatched in 2023

Iranian Company Cloudzy Accused of Aiding Cybercriminals and Nation-State Hackers

Is AI Behind the Rise in Ransomware Threats?

Ivanti discloses new critical auth bypass bug in MobileIron Core

Kenya Suspends Worldcoin Amidst Data Breach Concerns

macOS malware takes a bite out of Apple

Marine industry giant Brunswick Corporation lost $85 million in cyberattack, CEO confirms

MHMR Authority of Brazos Valley Files Notice of Data Breach Impacting 83,245 Individuals

Mondee security lapse exposed flight itineraries and unencrypted credit card numbers

MOVEit Data Breach Hits US Government Contractor, Exposes Health Data of 8 to 11 Million People

New Collide+Power side-channel attack impacts almost all CPUs

New NodeStealer 2.0 Phishing Campaign Targets Facebook Business Accounts, Steals Cryptocurrency and Data

New variants found of malware that targets Facebook business accounts

NodeStealer 2.0 Poses as ‘Microsoft’ to Hack Facebook and Browser Data

NoName hacker group targets Italy's top-tier banks

Northern Ireland: Executive Office and Patient and Client Council rapped for data breach risks

Norwegian Entities Targeted in Ongoing Attacks Exploiting Ivanti EPMM Vulnerability

Operational Technology (OT)/Internet of Things (IoT) Malware Surges Tenfold in First Half of the Year

Optus customer data containing 10 million records allegedly for sale on Dark Web

Over 640 Citrix servers backdoored with web shells in ongoing attacks

Phishers Exploit Salesforce's Email Services Zero-Day in Targeted Facebook Campaign

Portsmouth, Dover officials offer tips on avoiding scams when you pay to park

Potential data breach at Southern Association of Independent Schools raises concerns

Pro-Russian hackers claim attacks on Italian banks

Progressive Insurance Notifies 347,100 Customers of Recent Data Breach Involving Their Confidential Information

Protecting Critical Infrastructure: Cybersecurity Challenges

Prudential Insurance Company Files Notice of PBI Data Breach Caused by MOVEit Vulnerability

Report finds governments, public services facing 40% more cyberattacks

Researchers Uncover AWS SSM Agent Misuse as a Covert Remote Access Trojan

Russia-based hackers building new attack infrastructure to stay ahead of public reporting

Russia-linked cybercriminals target school for children with learning difficulties

Russian Cyber Adversary BlueCharlie Alters Infrastructure in Response to Disclosures

Russian hackers target government orgs in Microsoft Teams phishing attacks

Russian military hackers sent phishing lures masquerading as Microsoft Teams chats

Salesforce and Meta suffer phishing campaign that evades typical detection methods

Scammers targeting parking meters with QR codes

SpyNote Spyware Returns with SMS Phishing Against Banking Customers

SSH Remains Most Targeted Service in Cado’s Cloud Threat Report

Strength in numbers: Mid-size manufacturers and cloud security

Students 'locked out' as BPP hit by cyber attack

Swiss Financial Market Supervisory Authority (FINMA) Warns of Phishing Scam Using Its Name

The CISO role has changed, and CISOs need to change with it

The generative A.I. battle between companies and hackers is starting

The most-clicked phishing emails pretend to come from HR - and their subject matter might surprise you

Threat Actors Use AWS SSM Agent as a Remote Access Trojan

Top Industries Significantly Impacted by Illicit Telegram Networks

Two Subsidiaries Confirm Data Breach Following Group 1001 Ransomware Attack

Understanding Generative AI Cybersecurity Risks

University of Hawaii paid ransom to the NoEscape gang to recover the data of 28,000 students

Urgent DVLA scam warning issued to all motorists

US, Norway say hackers have been exploiting Ivanti zero-day since April

VALIC Retirement Services Company Experiences PBI Data Breach Exposing Approximately 798,000 Social Security Numbers

Vancouver Island University didn't do enough to protect personal data, audit finds

Voyager Potentially Suffered Data Breach In Withdrawal Period

Worldcoin suspended in Kenya as project faces global scrutiny

Zero-day bug exploiting Meta hits Salesforce

1st August

10% of expired certificates on the internet pose a security threat

A bankrupt crypto firm tried to return funds - but customer data might’ve been stolen instead

After WormGPT and FraudGPT, DarkBERT and DarkBART are on the Horizon

Allegheny County, Pennsylvania Confirms MOVEit Vulnerability Resulted in Data Breach Affecting Over 950k Residents

Analyzing Data Breaches by Industry

Android n-day bugs pose zero-day threat

Arizona Governor Raises Questions About Data Breach That Exposed Empowerment Scholarship Account (ESA) Student Info

Arizona school voucher program questioned after investigators find data breach

Beware - that email from HR could well be a phishing scam

California agency probes automakers' data privacy practices

Can Hackers Remotely Control Your Phone?

Canon Inkjet Printers at Risk for Third-Party Compromise via Wi-Fi

Canon Inkjet Printers Expose Wi-Fi Threat

China's APT31 Suspected in Attacks on Air-Gapped Systems in Eastern Europe

Chinese APT Group Hits Air-Gapped Systems in Europe with Malware

CISA: Ivanti hacks targeting Norway began in April

CISA issues new warning on actively exploited Ivanti MobileIron bugs

Cloud Tech Debt Puts Millions of Apps at Risk, Says New Report

Comcast Business Threat Report: Vast Majority of Attacks Start with Phishing

Cyber-security challenges for the medium term

Cyberattack forces Tempur Sealy to temporarily shut down IT systems

Cybercriminals Renting WikiLoader to Target Italian Organizations with Banking Trojan

Cybercriminals train AI chatbots for phishing, malware attacks

Data breach exposes 58K patient health records

Digital Certificates Riddled With Security Weaknesses

Discovery at Home notifies patients after phishing incident

Doctors sign up to legal case against Capita over GP data breach

EU’s financial institutions face cyber resilience crisis

European Bank Customers Targeted in SpyNote Android Trojan Campaign

Flagstar Bank Files Subsequent Notice of 2021 Data Breach Affecting 1.4 Million

Hackers use new malware to breach air-gapped devices in Eastern Europe

Hawaii Community College pays ransomware group

Hot Topic discloses data breach

Hotel Data Security Update: Time is Short – Reporting your Data Breach

How Much Money Are State-Backed Hackers Making in Crypto?

How You Can Protect Your Data from Cybercriminals

In new ransomware model, cloud provider acts as front for bad actors

India: The government issues a warning opposing Akira. What is the Akira ransomware? Understand it today

Indiana State University Statement: MOVEit Data Breach

Iranian cloud company accused of hosting cybercriminals, nation-state hackers

Iranian Hackers Posed as Israelis in Targeted LinkedIn Phishing Attack

Keeping the cloud secure with a mindset shift

Lawsuit: ByteDance’s CapCut app secretly reaps massive amounts of user data

List of Data Breaches and Cyber Attacks in July 2023 – 146 Million Records Breached

MacOS malware discovered on Russian dark web forum

Maximus data breach confirmed, 11 million people at risk

Millions stolen from crypto platforms through exploited ‘Vyper’ vulnerability

MW Components Announces Data Breach Following Ransomware Attack

Nailed By A Data Breach? Here’s 4 Ways To Practice Cyberhygiene

New Infostealer Uncovered in Phishing Scam Targeting Facebook Business Accounts

New malware can give a hacker control of your Mac without you realizing it

New NodeStealer Targeting Facebook Business Accounts and Crypto Wallets

New WikiLoader Malware Goes to Extreme Lengths to Hide

New WikiLoader malware targets Italian organizations

NHS Staff Reprimanded For WhatsApp Data Sharing

Novel Worm-Like Malware P2Pinfect Targets Redis Deployments

Paramedic Billing Services reports data breach: Sensitive information compromised

Pension Benefit Information, LLC (PBI) Files Notice of MOVEit Data Breach Affecting Transamerica Life Insurance Company Customers

Ransomware Attacks in U.S. and Cyberattacks in Pacific Islands are Battlefields in Global Cyber War

Ransomware Attacks on Industrial Organizations Doubled in Past Year

Ransomware Command-and-Control Providers Unmasked by Halcyon Researchers

Report finds 164% increase in cyber threats targeting brands

Researchers Expose Space Pirates' Cyber Campaign Across Russia and Serbia

Retail chain Hot Topic discloses wave of credential-stuffing attacks

State of the Nation: Exploring the UK Cyber Landscape

Stremio vulnerability exposes millions to attack

Tax pros should remain vigilant against phishing emails and cloud-based attacks

Tel Aviv-based firm uncovers Mexico phishing campaign

Tempur Sealy International hacked in July

Tether Swiftly Blacklists Phishing Address After $20M Theft

The 5 most common scams of 2023 and how to avoid them

The Chattanooga Heart Institute Notifies Upwards of 160k Patients of Recent Data Breach

The gap in users’ identity security knowledge gives cybercriminals an opening

These are the methods that are most commonly used by cyber criminals

Thousands of British Columbia health-care workers’ information exposed in data breach

Threat actors abuse Google Accelerated Mobile Pages (AMP) for evasive phishing attacks

Unsafe VPNs are a major security worry for many firms

What Is a Golden Ticket Attack? Stop Hackers From Having Complete Access to Your Data

What is Akira, a ransomware CERT-In has flagged

What is Data Security Posture Management (DSPM)?

Why do ransomware organisations target pharmaceutical firms and the healthcare industry?

Your car is recording your every move. A California agency wants to investigate

Your First Line of Defense Against Ransomware: Secure Access Service Edge (SASE)

31st July

50+ Phishing Statistics For 2023

78% of European big banks saw data breach in 2022

700,000 Highly Sensitive School Records Exposed Online

AI has a place in cyber, but needs effective evaluation

AI reduces data breach lifecycles and costs

Amid Switch to X, a Phishing Scam Targets Twitter Users

Another CalPERS retiree sues PBI over data breach that exposed social security numbers

APT31 Implants Target Industrial Organizations

Average Healthcare Data Breach Cost Reaches Nearly $11M

AVRecon Botnet Leveraging Compromised Routers to Fuel Illegal Proxy Service

BAZAN Group battles alleged cyber attack: Iranian hacktivist group claims responsibility

Be aware: Someone could steal your medical records and bill you for their care

Benevolent hacker pulls back $5.4 million targeted in $52 million Curve Finance hack

Between 80% and 95% of cyberattacks begin with phishing

Biden Administration Hunts Chinese 'Malware' That Could Disrupt US Military Operations, Critical Infrastructure

Bug in Minecraft mods allows hackers to exploit players' devices

Calcasieu Parish School Board recovers over $800,000 following 2022 phishing scam

Canon warns of Wi-Fi security risks when discarding inkjet printers

China-Backed Hackers Threaten Texas Military Sites, Utilities

CISA: New Submarine Backdoor Used in Barracuda Campaign

CISA Analyzes Malware Used in Barracuda ESG Attacks

CMS announces data breach affected about 612,000 beneficiaries

Coverage Challenges in Ransomware Claims: Cyber Insurance Policies and Trends in Denials

Cryptocurrency Security: A Guide to Private Keys, 2FA, and Phishing Prevention

Cyber attack forces Tempur Sealy to shut down its IT systems

Cyber Attacks Are Taking a Financial Toll on Louisiana

Cyber Security Essentials: Safeguarding Your Digital Life In An Increasingly Connected World

Cybercrime cops warn against clicking on phishing links of India Posts Payment Bank

Cybercrime Wave Hits Karnataka: Rs 65 Crore Lost In 6 Months In 4090 Cases, Rs 17 Crore Recovered

Cybersecurity Measures for Water Purification Plants: A Must in the Digital Age

Cybersecurity Recovery Guide: How to Recover from a Data Breach

‘Dark Web ChatGPT’ – Is your data safe?

Data Breach Costs At All-time High

Data incidents in Singapore’s public sector on the rise, 182 recorded in 2022

Data privacy vault: Securing sensitive data while navigating regulatory demands

Data under siege: Responding to ransomware

Discovery, Radisson, Honeywell data published by MOVEit hackers

DNS Security in Healthcare: The Gem in Your Cybersecurity Arsenal

Everlast hacked, customer credit cards compromised

FakeTrade Android Malware Attack Steals Crypto Wallet Data

Family Vision said a ransomware attack compromised the healthcare data of 62k patients

FBI: Cyber Attacks Are on the Rise Thanks to AI

Fidelity Life Association Notifies an Unknown Number of Consumers of Recent Data Breach

Fines for data mishandling won’t be the greatest cost to your business. Fixing reputational damage will be

Four measures SMBs can take to avoid common security pitfalls

Fruity Trojan Uses Deceptive Software Installers to Spread Remcos RAT

Global Lawyers Unveil Cyber Best Practices for Execs

Hackers Capitalize On X Rebrand Chaos with Twitter Blue Phishing Scam

Hackers exploit BleedingPipe RCE to target Minecraft servers, players

Hackers steal Signal, WhatsApp user data with fake Android chat app

Hackers threaten to auction off DNA patient records from Oklahoma hospital

Half of the most-clicked phishing emails contain HR-related subject lines

Hawai‘i Community College Pays Ransom After Data Breach

Healthcare data breach detected on IIIT Delhi's informatics platform

Hotel Data Security Update: Time is Short – Reporting Your Data Breach

How a virus has wiped out 2009’s Modern Warfare 2 as Activision scrambles to get it fixed

How AI Is Helping In Curbing Frauds In Digital Real Estate Market

How Multi-Factor Authentication is Shaping the Future of Online Business Transactions

How Tampa General Hospital thwarted a ransomware attack

How Thermal Cameras are Revolutionizing Internet Security in the Middle East and North Africa

How to Create a Culture of Incident Reporting

How to Think Like a Hacker and Stay Ahead of Cyber Threats

Hyderabad Police Unravel Massive Rs 712 Crore Scam: Chinese Masterminds Employ Creative Tactics to Deceive Victims

Inside The Organizational Structure Of A Modern Ransomware Syndicate

Israel Busts Iran’s Phishing Network Active In LinkedIn

Israeli Oil Refinery Giant BAZAN Hit by Fresh Wave of Cyber Attacks

Italy targeted by new malware strain

Ivanti fixes second zero-day exploited by attackers (CVE-2023-35081)

Kaspersky: Crypto phishing scam targets ‘hot and cold’ wallets

Kenya: Owalo reiterates no breach of data during last week cyber attack

Latest cyberattack on San Luis Obispo (SLO) County schools resolved, but at what cost?

Law firm says more than 150 people in Lichfield have joined claim against water company after cyber attack

LinkedIn scam trends uncovered: study sheds light on sophisticated tactics employed by fraudsters

Magnanimous Hacker recovers $5.4M stolen assets for Curve Finance

Mattress giant Tempur Sealy hit with cyberattack forcing system shutdown

Maximus said MOVEit Transfer hack compromised its customers' protected health information

Michigan State University Notifies Students and Retirees of Two Vendor Data Breaches

MOVEit attacks provide key lessons for cyber re/insurance industry

Multiple Flaws Found in Ninja Forms Plugin Leave 800,000 Sites Vulnerable

Navigating the Complex Landscape of Digital Identity Verification Solutions

Navigating the Landscape of North American Data Security Services

New P2PInfect Worm Targets Redis Servers with Undocumented Breach Methods

New persistent backdoor used in attacks on Barracuda ESG appliances

No cause for alarm: North Kingstown reassures 103,000 recipients of data breach letters

No evidence ransomware victims with cyber insurance pay up more often, UK report says

Ongoing STARK#MULE Attack Campaign Discovered

P2PInfect server botnet spreads using Redis replication feature

Paramedic Billing Services Provides Notice of Data Breach Affecting Patient SSNs and PHI

Patchwork Hackers Target Chinese Research Organizations Using EyeShell Backdoor

Pentagon investigating “critical compromise” of comms – media

Phishing scams love mimicking Microsoft

Preventing Fraud in Digital Banks

Relying on CVSS alone is risky for vulnerability management

Researchers warn about SMS location tracking flaw that puts millions of Android phones at risk: How to stay safe

RSA ID IQ report reveals what you don’t know will breach you

Safeguarding critical Infrastructures from cyber threats

Scottish NHS data breaches up by a third in five years

Securities and Exchange Commission (SEC) data breach rules branded “worryingly vague” by industry body

Security leaders discuss CISA advisory of IDOR web app vulnerabilities

Selling second-hand apparel online is a scammer's paradise

Singapore government sees rise in security incidents amid increased data sharing

Smishing, Phishing, the rise of cybercrime and what to do about it

So, You've Been Hacked. These are the Best Practices for Business Leaders Post-Hack

Southborough police chief warns teens, parents of online sextortion

SpyNote Android Spyware Strikes Financial Institutions

Strengthening Cybersecurity in the Asia Pacific: Challenges and Solutions

Strengthening security in a multi-SaaS cloud environment

The Future of Cyber Defense: Breach and Attack Simulation in Telecommunications

The Growing Importance of Cybersecurity in the Sports Industry: Protecting Teams and Fans

The Hidden Dangers of Over-Sharing: Cybersecurity Risks for Travelers Posting on Social Media

The race against time in ransomware attacks

The Rising Threat of Cyber Attacks on Global Critical Infrastructure: What You Need to Know

Think Tank: Insurers Not Fuelling Ransomware Market

Time to Harness the Power of Threat Intelligence and Dark Web Monitoring

UK Military Embraces Security by Design

University of the West of Scotland (UWS) cyber hack data put on sale at £450,000 by ransomware gang

Web browsing is the primary entry vector for ransomware infections

What Kenyan small businesses should do to keep online data breaches at bay

‘Worm-like’ botnet malware targeting popular Redis storage tool

Would a Data Leak Expose Your Bank Loan and Mortgage Information?