Editor's Message

Welcome to DBD. On March 8th we celebrated our 4th Anniversary and the 1st Anniversary of our PRiSM application, officially endorsed by the SANS Institute. Despite recent personal issues that have impacted the amount of time I have been able to dedicate to both projects, I have been doing my best to keep everything as up-to-date as possible, and I would like to take this opportunity to thank everyone for their patience and support whilst I navigate through this very difficult time. Stay safe. :)

Monday 17 July 2023

Data Breaches Digest - Week 29 2023

Welcome to this week's Data Breaches Digest, a catalogue of links concerning Data Breaches and Cyber Security that were published on the Internet during the period between 17th July and 23rd July 2023.

23rd July

5 Top Scams in Crypto: Know Everything About It in Detail

5 types of scams - and how to spot them

AI scam calls imitating familiar voices are a growing problem

‘Barbenheimer’ scam: Fraud pages offer bogus ‘Barbie,’ ‘Oppenheimer’ products

Beware of a sophisticated phishing attack targeting Microsoft 365 users

ChatGPT can write ransomware, but what about incident response plans?

CISA warns government agencies to patch Adobe ColdFusion servers

Clop now leaks data stolen in MOVEit attacks on clearweb sites

Crypto Payment Processor Alphapo Hot Wallet Hacked For $23 Million

Cryptocurrency Theft - How Far Are We From a Long-lasting Solution?

Digitised medical records a magnet for hackers

Emails with link to pay fines a phishing scam, warn Dubai Police

Facebook Recovery Code Scam Emails on the rise again

From Detection to Prevention: AI’s Impact on Cybersecurity

Hackers and Propagandists Harnessing Artificial Intelligence for Malicious Purposes

Hackers Are Using Special AI To Produce Malicious Software And Deceptive Phishing Emails

Logistics: Ransomware Targets Ports

Safeguarding Your Business from Email Compromise: A North American Perspective

Spotting the Signs of Whaling Attacks: Stay One Step Ahead of Cybercriminals

The Emergence of WormGPT: Unleashing the Dark Side of AI Generative Text Services

The Privacy Paradox: Striking a Balance Between Data Security and Surveillance

Your personal info was exposed in a data breach. Now what?

22nd July

5 signs of a hacked webcam

10 Essential Cybersecurity Tips for Small Businesses

10 most ‘copied’ brands by hackers to steal your personal, financial data

AI being used for hacking and misinformation, top Canadian cyber official says

AI scam calls imitating familiar voices – here’s how they work

AI-Powered Hacking And Disinformation on the Rise

Apple Threatens to Pull iMessage and FaceTime from U.K. Amid Surveillance Demands

As More MOVEit Hack Victims Emerge, Ofcom Declares Non-Payment of Ransom

Attention: Here are the 10 brands that are used most for phishing in data theft

Beware of nasty Facebook recovery code email scam that will steal your info

Class action lawsuit targets Johns Hopkins University after health system data breach

Couple Who Allegedly Laundered Bitcoin (BTC) From Massive 2016 Bitfinex Hack Appear To Reach Plea Deal

CoWIN Portal Data Breach: Indian Health Ministry Registers FIR, Vows Serious Action

Emails Of US Envoy To China, Senior State Department Official Accessed In Chinese Cyber Attack

Estée Lauder: Cosmetic Brand Amongst the new Victims of Ransomware Attack

Free credit monitoring offered for Louisianans affected by data breach

Google Docs phishing scams are on the rise - here's what you need to know

Here Is The Dank & Offensive AI

Microsoft Dominates as the Most Impersonated Brand for Phishing Scams in Q2 2023

NTT Docomo data breach: Ex employee steals millions of user info

Over 15K Citrix servers likely vulnerable to CVE-2023-3519 attacks

Phishers Exploiting Google Docs to Harvest Crypto Credentials

Practical Ways to Prevent Your Home Security Cameras From Being Hacked

Protecting Your Smartphone: Top Mobile Security Tips for Global Users

Rite Aid customers’ personal information accessed in data breach

Roblox Data Leak Resurfaced With The Personal Details Of Nearly 4,000 Employees

Roblox Leak Reveals Tons Of Personal Information

Tech lead of Google-owned virus database apologises for leak

The Evolution of Passwordless Authentication Methods in Internet Security

The Global Impact of Ransomware on Business Operations and How to Stay Protected

The Philippines: Phishing threats loom as SIM registration deadline nears

Training Your Employees to Be Cybersecurity Warriors: A Comprehensive Guide

UK Government warns all iPhone and Android owners over ‘hard target’ trick that stops bank-emptying attack

Unlocking Security Success: The Power of an Adversary-Focused Approach for Organizations

What Are Dark Web Alerts? Know When Your Info Falls Into the Wrong Hands

21st July

1st Source Bank reports data breach exposing Social Security numbers, other personal data

5 concerns keeping IT leaders up at night

Amazon agrees to $25 million fine for Alexa children privacy violations

Apple threatens to remove FaceTime from UK over surveillance bill

As Ransomware Attacks Rise, How Should K-12 Schools Evaluate Network Security?

Attackers could get “superuser” status on millions of computers due to old Gigabyte ransomware leak

Attackers intensify DDoS attacks with new tactics

Azure AD Token Forging Technique in Microsoft Attack Extends Beyond Outlook

Banks In Attackers' Crosshairs, Via Open Source Software Supply Chain

Binance CEO warns of phishing scams as Uniswap founder gets hacked

Chinese Hackers Breached Ambassador’s Email

CISOs are making cybersecurity a business problem

Citi Trends Facing Class Action Over January 2023 Data Breach

Citrix ADC zero-day exploitatation: CISA releases details about attack on Critical Infrastructure organization (CVE-2023-3519)

Citrix NetScaler ADC and Gateway Devices Under Attack: CISA Urges Immediate Action

City of Dallas tells employees ransomware attack included personal information

Citywide Home Loans settles a $1.2M data breach lawsuit

Cleantech and Quantum Computing: Critical Infrastructure Cybersecurity

Clop and BlackCat Ransomware Gangs Claim Separate Attacks Against Estée Lauder

Clop Drives Record Ransomware Activity in June

Clop gang to earn over $75 million from MOVEit extortion attacks

Clop ransomware hacked DHL, summing up 20 million victims & profit of $100 million via MOVEit

Controversial’ application deferred after council confirms data breach at planning board in Rotherham

Could hackers really take down the power grid?

Cyber Criminals Using AI To Write Phishing Emails, Warns Security Expert

Cyberattacks on Healthcare: How They Happen and What You Can Do

Dark Web: services and products offered there by cybercriminals

Data breach exposes personal information of 4,000 Roblox developers

Data breach may affect Fayette EMS customers

DDoS Botnets Hijacking Zyxel Devices to Launch Devastating Attacks

Department of Justice (DOJ) merges cyber, cryptocurrency units to go after ransomware attacks

DHL investigating MOVEit breach as number of victims surpasses 20 million

Domino’s Pizza Franchisee Hit with Class Action Over April 2023 Data Breach

East Texas law enforcement agencies warning people about potential phishing scams

Enhancing Email Security in Office 365: Why It’s Necessary and What It Provides

Ensuring operational continuity is critical with healthcare data breaches

Estée Lauder Files Notice of Cyber Incident Raising Concerns of a Potential Data Breach

Europol’s IOCTA 2023 Report Reveals Cybercriminals are Increasingly Interdependent

FIN8 Updated Sardonic Backdoor to Deliver Noberus Ransomware

First cyber insurance case law in Germany

Florida’s Tampa General Hospital data breach involved 1.2 million patients

Free credit monitoring offered for Louisianans affected by data breach

GhostSec hackers target satellites to “change the world”

GitHub Developers Targeted by North Korea’s Lazarus Group

GitHub Warns Devs of North Korean Attacks

Global CDN Service ‘jsdelivr’ Exposed Users to Phishing Attacks

Hacker Drains 1700 ETH From DeFi Protocol Conic Finance

HHS OCR Settles with iHealth Solutions Over Alleged HIPAA Violations

Hong Kong Issues Guidance on Data Breach Handling and Notifications

HotRat: New Variant of AsyncRAT Malware Spreading Through Pirated Software

Improve Asset Visibility in Operational Technology (OT) Security With Hybrid AI-Cloud Approaches

Incident of the Week: Estee Lauder data stolen in cyber attack

Industrials the No. 1 Most Targeted Sector for Ransomware Attacks in June

It’s not just about security when it comes to cyberattacks

Johns Hopkins hit with class action lawsuit connected to data breach

Life sciences leaders act to counter insider-driven data loss

Local Governments Targeted for Ransomware – How to Prevent Falling Victim

Microsoft disputes report that Chinese hackers could have accessed suite of programs

Microsoft the most impersonated brand in Q2 2023 phishing scams

Microsoft, Google, Apple most imitated brands for phishing scams

Microsoft’s servers might’ve been breached, but a lack of information contradicts it

MOVEit Attacks Could Yield Up To $100M In Extortion Payments

MSX International Reports Data Breach Affecting Confidential Information of Over 13k Consumers

Multiple Colleges and Universities Notified of National Student Clearinghouse Data Breach Involving MOVEit Vulnerability

Netscaler ADC bug exploited to breach US critical infrastructure org

North Korean hackers linked to cyberattack on US software company

North Korean hackers targeted tech companies through JumpCloud and GitHub

Open-source supply chain attacks expand to the banking sector

Orrick, Herrington & Sutcliffe, LLP Provides Notice of Data Breach

Palo Alto Networks shares tips on how to spot phishing attacks

PokerStars data breach exposes over 110K customers

Ransom Monetization Rates Fall to Record Low Despite Jump In Average Ransom Payments

Ransomware attack on rural Mississippi county a ‘cautionary tale’

Rite Aid data breach: Here’s what you need to know

Roblox Data Breach: PII of Thousands of Developers Stolen

Russian Prosecutor Asks for 18 Years in Jail for Group-IB Founder

Rutgers: Data breach involving National Student Clearinghouse impacts university

Scams, Crimes Related to Crypto Drop By 65% in First Half of 2023

Software Supply Chain Attackers Targeting Banks

Some Missouri students' personal medical information may have been compromised in data breach

Sophisticated BundleBot Malware Disguised as Google AI Chatbot and Utilities

South African government fined for data breach

Stolen Microsoft key offered widespread access to Microsoft cloud services

Stressed for a Bit? Then Don’t Click It, Cybersecurity Experts Advise

Summertime Phishing Schemes Are Heating Up, IRS Warns

Sunflower Bank Confirms MOVEit Vulnerability Resulted in Data Breach

Tampa General Hospital Says Patient Information Stolen in Ransomware Attack

Tampa hospital hit hard in cyberattack

The case for phishing-resistant Multi-Factor Authentication (MFA)

The Franklin Mutual Insurance Group Notifies Victims of Recent Data Breach Following Ransomware Attack

The Rise of QR Codes Spurs Rise in ‘Fresh Phish’

The Vitality Group Notifies Alfa Laval Employees of MOVEit Data Breach

Top Threatening Network Vulnerability in 2023

Turning the tables: how to improve ransomware defence in the finance sector

US Department of Justice (DoJ) Announces Plan to Shakeup Cybercrime Investigations

US Justice Department to double its crypto team, target ransomware crimes

UT Southwestern One of 400 Organizations Hit by International Data Breach

VirusTotal apologizes for accidental leak that exposed customer data

VirusTotal apologizes for data leak affecting 5,600 customers

WormGPT, an AI bot used for phishing attacks: All you need to know

20th July

1st Source Bank attack exposes 450,000 people

67% of daily security alerts overwhelm SOC analysts

97% of organizations report plans to use generative AI by 2025

260,000 dating app accounts exposed in enormous 340GB data breach

A Few More Reasons Why RDP is Insecure (Surprise!)

Activists target Ontario hog farm with ransomware

Adobe Rolls Out New Patches for Actively Exploited ColdFusion Vulnerability

Addressing patterns of cryptocurrency fraud

AI, Ransomware Remain Prevalent in Evolving Cybersecurity Landscape

Apache OpenMeetings Web Conferencing Tool Exposed to Critical Vulnerabilities

API-Specific Controls are Lacking

Apple accuses UK government of trying to become ‘global arbiter’ of encryption

APT41 hackers target Android users with WyrmSpy, DragonEgg spyware

As online engagement rises, Indian firms vulnerable to cyber attacks

Attention-seeking KillNet hacktivists becoming more dangerous

Bangladesh Bank (BB) issued cyber-attack warning for banks, financial institutions

CDN Service Exposes Users to Malicious Packages for Phishing Attacks Invisible to Security Tools

CISA and Microsoft partner to expand access to logging capabilities

Clop lists ten more organisations as victims of the MOVEit Transfer hack

ComReg: Russian hacker group threatens to release data stolen from Irish communications regulator

Critical AMI MegaRAC bugs can let hackers brick vulnerable servers

Critical Flaws in AMI MegaRAC BMC Software Expose Servers to Remote Attacks

Critical National Infrastructure (CNI) Firms: Climate Tech is Increasing Cyber Risk

Cyber Fortresses: Building Trust and Ensuring a Safe Shopping Journey in E-commerce

Cyber insurers adapting to data-centric ransomware threats

Cyber Resilience Act: The Future of Software in the European Union

Cyber Security Concerns of a Homeowner

Cyberattack on GitHub customers linked to North Korean hackers, Microsoft says

Cybersecurity Best Practices: Strengthening Defenses to Mitigate the Risk of Cybercrime

Cybersecurity Compliance Confidence: The New Competitive Advantage for Enterprises

Cybersecurity must evolve to tackle rising phishing trends

Eight Steps To Negotiating With Ransomware Hackers

Email attacks skyrocket by 464% in H1 2023

Enhancing Security: The Importance of Two Factor Notification in Today’s Digital World

Estee Lauder Breached by Two Ransomware Groups

Expert warns Barbie and Oppenheimer fans to watch out for scammers that may drain your bank account

Explained: WormGPT, A New AI-Powered Chatbot That's Trending

Exploring the macro shifts in enterprise security

Fake ChatGPT and AI pages on Facebook are spreading infostealers

Federal Trade Commission (FTC), Department of Health and Human Services (HHS) warn health providers not to use tracking tech in websites, apps

FIN8 Group Using Modified Sardonic Malware for Deployment of BlackCat Ransomware

First search result leads to malware: crooks now paying for ads

FTX Users Potentially Targeted in Possible Phishing Attack as Bankruptcy Claims Deadline Nears

GitHub warns of Lazarus hackers targeting devs with malicious projects

Global Ransomware Attacks in June up 221% Year-on-year

GuidePoint Research and Intelligence Team’s (GRIT) 2023 Q2 Ransomware Report Highlights a 100% Year-Over-Year Increase in Public Ransomware Victims

Hacker steals 4 Mutant Ape Yacht Club (MAYC) NFTs using less than $15

Hacking the Las Vegas MSG Sphere: Is It Possible?

Harnessing the Power of AI and Deep Learning for Enhanced Cybersecurity in IoT Devices and Telecommunication Systems

How municipalities are dealing with being low-hanging targets for hackers

How to Avoid Getting Phished and Being a Victim of Digital Fraud

How to protect your child's credit following a data breach

How to strengthen data security for Office 365

Human Cyber-Risk Can Be Demonstrably Mitigated by Behavior Changing Training

India: Government’s Data Protection Bill is worried about privacy too

‘It feels like a digital hurricane’: Coastal Mississippi county recovering from ransomware attack

JumpCloud breach traced back to North Korean state hackers

JumpCloud Cyberattack Linked to North Korean Hackers

June 2023 Healthcare Data Breach Report

Mallox Ransomware Exploits Weak MS-SQL Servers to Breach Networks

Mass hack at BBC, British Airways, Boots and DHL sparks class action lawsuit probe

Microsoft Exchange servers compromised by Turla APT

Microsoft expands access to cloud logs after hacker forged tokens to get Exchange Online email

Microsoft Expands Cloud Logging to Counter Rising Nation-State Cyber Threats

Microsoft Strengthens Cloud Logging Against Nation-State Threats

MOVEit Data Breach Hits 30 Colleges via Teachers Insurance and Annuity Association of America (TIAA), Other Vendors

Never skip ‘backup day’

New P2P Worm Puts Windows and Linux Redis Servers in its Sights

New P2PInfect worm malware targets Linux and Windows Redis servers

New P2PInfect Worm Targeting Redis Servers on Linux and Windows Systems

New Ransomware With RAT Capabilities Impersonating Sophos

New Study Highlights Critical Infrastructure's Resilience

Nice Suzuki, sport: shame dealer left your data up for grabs

North Korean hackers linked to attempted supply-chain attack on JumpCloud customers

North Korean State-Sponsored Hackers Suspected in JumpCloud Supply Chain Attack

Norwegian recycling giant TOMRA forced to take systems offline following a cyber attack

Old Roblox Data Leak Resurfaces, 4000 Users' Personal Information Exposed

Only Fans hacked by Anonymous Sudan

OpenSSH vulnerability uncovered by researchers, RCE exploit developed

P2PInfect: Self-Replicating Worm Hits Redis Instances

Phishing in the Metaverse: The New Reality of Brand Protection

Phishing pages appear high in search results for VFS, 40 embassies

Phoenician Medical Center said March cyber attack compromised the data of 162k patients

Public ransomware victims increase 100 percent year-on-year

Q2 observed more ransomware events than Q1

Ransomware Attack Hit Japan's Busiest Port

Ransomware attacks shift focus to data theft

Russian hacker group leaks data on 1,700 Ukrainian security servicemen

Scammers have invaded Google searches, putting stranded travelers in harm’s way

South Africa on the verge of being named the cybercrime capital of Africa

Tampa General reports confidential data of 1.2 million patients hacked

Tampa hospital says sensitive data of 1.2 million stolen in failed ransomware attack

Thanks Storm-0558! Microsoft to expand default access to cloud logs

The Art of Cybersecurity Risk Assessment: A Five-Step Dance

The Evolving Cyber Threat Landscape: Proactive Measures

The Philippines ranks 5th in SEA for highest phishing incidents

Thousands of players affected in Roblox security breach and blackout

Turla's New DeliveryCheck Backdoor Breaches Ukrainian Defense Sector

Watch out - that unexpected Microsoft alert could well be a phishing attack

What Is an SSL Stripping Attack?

What the Government Email Account Hack Says About the Future of Cybersecurity

What to do about the rise of financial fraud

Why data travel is healthcare’s next big cybersecurity challenge

Why Generative AI is a Threat to API Security

Will New Sustainable Tech Become a Major Cyber-attack Vector?

Windows ransomware group Cl0P leaks some PwC files on clear web

WormGPT: What to know about ChatGPT's malicious cousin

Zyxel Vulnerability Exploited by DDoS Botnets on Linux Systems

19th July

5 Deepfake Scams That Threaten Enterprises

2022 ransomware attacks declined in number but grew in sophistication

A Guide to GDPR Compliance

Adobe emergency patch fixes new ColdFusion zero-day used in attacks

American students bombarded with job scam emails

An ‘Alarming Escalation’ of Sophistication in DDoS Attacks, Cloudflare Says

Attacker ID’ed After Infecting Own Computer With Malware

Australia’s Fortescue Hit by Cyber Attack That Disclosed Some Network Data

Bad.Build Flaw in Google Cloud Build Raises Concerns of Privilege Escalation

Banks reveal concern over insider threats

Belize Electricity Limited (BEL) victim of ransomware cyber attack

Biden-Harris Administration Unveils Smart Device Cyber Program

BlackCat and Clop gangs both claim cyber attack on Estée Lauder

BlackCat, Clop claim ransomware attack on cosmetics maker Estée Lauder

ChatGPT Provides Limited Help Identifying Malware

China-linked hackers target mobile devices with WyrmSpy and DragonEgg spyware

Chinese APT41 Hackers Target Mobile Devices with New WyrmSpy and DragonEgg Spyware

Chinese APT41 Linked to WyrmSpy and DragonEgg Surveillanceware

CISA and NSA Issue New Guidance to Strengthen 5G Network Slicing Against Threats

Citrix NetScaler zero-day exploited in the wild, patch is available (CVE-2023-3519)

Cloudflare reports surge in sophisticated DDoS attacks

Critical API Security Gaps Found in Financial Services

Critical infrastructure workers more likely to detect, report phishing

Cybersecurity Challenges of Online iGaming Sites

Cybersecurity measures SMBs should implement

Dark.IoT & Custom Botnets Exploit Zyxel Flaw in DDoS Attacks

Estée Lauder beauty giant breached by two ransomware gangs

Estee Lauder hit by cyber attack

Estee Lauder Hit by Cyber Attack, With Some Business Operations Disrupted

Estee Lauder joins Mary Kay on MOVEit victim list

Exploring the Dark Side: OSINT Tools and Techniques for Unmasking Dark Web Operations

FBI: Tech support scams now use shipping companies to collect cash

HCA Healthcare Admits Massive Data Breach

HCA Healthcare data breach impacts 11 million patients

Henry Ford Health System Announces Data Breach Following Email Phishing Attack

How Cyber Threat Intelligence Practitioners Should Leverage Automation and AI

Industry Experts Urge CISA to Update Secure by Design Guidance

Malware risk in AI software packages, warns analyst

Microsoft: Hackers turn Exchange servers into malware control centers

Microsoft the Most Phished Brand in Q2 2023

Microsoft Tops List of the Most Impersonated Brand for Phishing Scams in Q2 2023

Milliman Solutions, LLC Notifies Over 1.2 Million of Third-Party Data Breach Involving File-Transfer Program MOVEit

MOVEit Data Breach Leaks Deutsche Bank, ING, Postbank, and Comdirect’s Customer Data

Naming Threat Actors: Building the Attribution Taxonomy

National Crime Agency (NCA): Nation States Using Cybercrime Groups as Proxies

Norwegian Giant Tomra Suffers “Extensive” Attack

Odessa, Texas, Mayor Calls for Transparency in Breach Investigation

OpenAI credentials stolen by the thousands for sale on the dark web

Open Source Security Incidents and How Organizations Can Respond

PCI-DSS 4.0 is Here. What Does it Mean for Online Retailers?

PharMerica neglected to tell consumers about data breach for 2 months

Phishing scams in Meta’s Threads

Phoenician Medical Center, Inc. Notifies 162,500 Patients of Recent Data Breach

PlainsCapital Bank Announces Data Breach Involving Vendor’s Use of MOVEit

Quorum Federal Credit Union Announces Data Breach Resulting from MOVEit Vulnerability

Ransomware attacks becoming common, more sophisticated in Canada

Ransomware is cashing in on cyber insurance payouts

Rising threat of phishing scams - How to stay safe

Russia Expected to Increase Critical Infrastructure Attacks

Russia’s Turla hackers target Ukraine’s defense with spyware

Scam Job Offers Target University Students

Scammers are targeting college kids with fake bioscience job offers

Scammers now asking victims to send cash wrapped in magazines

SophosEncrypt: Researchers expose new ransomware abusing the Sophos name

SophosEncrypt Ransomware Fools Security Researchers

Sound Community Bank Announces Potential Data Breach Involving Vendor’s Use of MOVEit Software

TD Ameritrade, Ernst & Young MOVEit negotiations fail, data published

TomTom moves to protect data after being targeted by ransom group in cyber attack

Trends in ransomware-as-a-service and cryptocurrency to monitor

U.S. Cyber Trust Mark labeling program raises the bar for smart devices’ cybersecurity

U.S. Government Blacklists Cytrox and Intellexa Spyware Vendors for Cyber Espionage

UK airports 'targeted by coordinated Russia cyber attack groups'

Ukraine takes down massive bot farm, seizes 150,000 SIM cards

Up to 20% of state impacted by Tacoma-Pierce County data breach

US blacklists European spyware maker over cyber spying

US government bans European spyware vendors Intellexa and Cytrox

What Is Credential Harvesting?

What is Smishing? Definition, Examples and Prevention

Why health systems might be victims of a huge data breach - and not yet know it

Why Ransomware Has Become a Major Identity Threat

WormGPT: What you need to know about the cybercriminal version of ChatGPT

Zero-Day Attacks Exploited Critical Vulnerability in Citrix ADC and Gateway

18th July

$8 Million cyber scammer gets eight years in US jail

70% of life sciences see a rise in insider data loss incidents

A Look at the Email Threat Landscape in Q1 2023

Adobe ColdFusion vulnerabilities exploited to deliver web shells (CVE-2023-29298, CVE-2023-38203)

Adobe, Microsoft and Citrix vulnerabilities draw warnings from CISA

Advanced AI security tools are improving security posture of cloud-driven businesses

Are Facebook Quizzes a Cybersecurity Risk?

Armis, Honeywell Uncover Vulnerabilities in Honeywell Systems

Broadband consumers demand security and sustainability

Business Leaders Appear Less Concerned by Cyber Risk

Canadian phishing scammer Soup allegedly stole over $1m in crypto

CISA orders government agencies to mitigate Windows and Office zero-days

CISA to Government Agencies: Mitigate a Flaw in Windows and Office

Crypto Ransomware Attacks Rise in First Half of 2023

Cyber Attacks at 2-Year High

Cybercriminals Exploiting WooCommerce Payments Plugin Flaw to Hijack Websites

Cybercriminals in the UAE are upping their game

Cybersecurity firm Sophos impersonated by new SophosEncrypt ransomware

Cybersecurity threatscape in the Middle East: 2022-2023

Data compromises on track to set a new record

drIBAN Fraud Operations Target Corporate Banking Customers

Email Phishing Protection Must Leave No Stone Unturned

Fair Work Ombudsman caught up in HWL Ebsworth breach

Fair Work Ombudsman exposed to HWL Ebsworth breach

FIA World Endurance Championship driver passports leaked

FIN8 cybercrime group using updated backdoor amid shift to ransomware

FIN8 deploys ALPHV ransomware using Sardonic malware variant

FIN8 Group Using Modified Sardonic Backdoor for BlackCat Ransomware Attacks

FortiGuard Labs Discovers .ZIP Domains Fueling Phishing Attacks

From Colonial Pipeline to JBS, how ransomware gangs negotiate ransom payments

Generative AI Tool Without Ethical Restrictions Offered on Hacking Forums

Google Bard found to have some serious security flaws

Google Cloud Build bug lets hackers launch supply chain attacks

Google exposes intelligence and defense employee names in VirusTotal leak

Google fixes ‘Bad.Build’ vulnerability affecting Cloud Build service

Google’s VirusTotal leaks user details

Grand Theft Auto 6 (GTA 6) teenage hacker deemed unfit to appear in trial

Hacker Infected & Foiled by Own Infostealer

HCA Healthcare sued for recent data breach

Healthcare organizations in the crosshairs of cyberattackers

Henry Ford Health notifies 168,000 patients of data breach

Herts County Council subject to ‘targeted phishing attack’

Hillsborough County notifies over 70,000 individuals of potential data breach

How low payment demands keep fraudsters invisible

How Massive Phishing Campaigns Abuse Decentralized Web Hosting To Scam Victims

How to Protect and Secure Your Data in 10 Ways

HTML Attachments Used in Malicious Phishing Campaigns Skyrocket: Increase 168% from 2022 and 450% from 2021

Imagine360 Suffers Third-Party Data Breach, 112K Impacted

India: Cybercrime accounts for 20% of cases registered in Karnataka

Indian Organisations Targeted 2146 Times Per Week, Double The Global Average

Iron ore giant Fortescue Metals targeted by Russian ransomware group

IT Security Pro Jailed for Attempted Extortion

Jordan: National Center for Cybersecurity urges reporting Ransomware

JumpCloud Blames 'Sophisticated Nation-State' Actor for Security Breach

JumpCloud Confirms Data Breach By Nation-State Actor

JumpCloud revealed it was hit by a sophisticated attack by a nation-state actor

Kaspersky: Malaysia remains top three phishing targets in South-East Asia

Key cybersecurity risks to consider during custom apps and software development

Linux Ransomware Poses Significant Threat to Critical Infrastructure

LockBit expands its reach, now targeting macOS

Major government hack a wake-up call for agencies

Malicious ChatGPT Clone WormGPT Used to Launch Email Attacks

‘Man-in-the-Middle’ Cyber Heist: How Change Of One Letter Cost Pune Engineering Firm Rs 22 Lakh

Manga App Shonen Jump+ Apologises for Data Breach

Maritime cyber attacks database launched

Microsoft Dominates as the Most Impersonated Brand for Phishing Scams in Q2 2023

New critical Citrix ADC and Gateway flaw exploited as zero-days

New Vulnerabilities Found in Adobe ColdFusion

Norwegian Refugee Council says thousands affected in online database breach

Odessa, Texas, Mayor Says City Hit by Data Breach

Owner of BreachForums Pleads Guilty to Cybercrime and Child Pornography Charges

Pakistani Entities Targeted in Sophisticated Attack Deploying ShadowPad Malware

Phishers Targeting Diplomats in Kyiv with Fake 2011 BMW Flyers

Phoenician Medical Center notifying 162,500 patients of attack that “disrupted” IT systems

Ransomware on the rise: Cohesity’s research exposes UK firms’ security vulnerabilities

Russian medical lab suspends some services after ransomware attack

Safeguarding mobile health patients from the threat of ransomware

Six steps to protect your organisation from a cyber attack

Sogu, SnowyDrive Malware Spreads, USB-Based Cyberattacks Surge

Stephen F. Austin State University (SFA) reports some personal student info stolen in June cyber hack

Suspected Scareware Fraudster Arrested After Decade on the Run

Ten ways to stop ransomware attacks

The growing need for business communication security

The Two Faces of AI in Identity Management

This is why personal encryption is vital to the future of business

Threat Intelligence & The Cyber Kill Chain: The Complete Guide

TJ Maxx parent company named in MOVEit hack

Two more foreign spyware firms blacklisted by US

Typo directs millions of US military emails to Mali by mistake

UKG agrees to pay up to $6M in lawsuit tied to 2021 breach

Ukraine cops crack down on pro-Russian bot farm

Ukraine police bust another bot farm accused of pro-Russia propaganda, internet fraud

VirusTotal Data Leak Exposes Some Registered Customers' Details

VirusTotal Data Leak Exposes User Info, Including Intel Agencies’ Data

VirusTotal leaked data of 5,600 registered users

What happens when our data gets leaked: Here's how concerned you should be

What to do if you accidentally click on a phishing link

WooCommerce Bug Exploited in Targeted WordPress Attacks

WordPress WooCommerce Payments bug exploited in the wild

17th July

7 remote work cyber security rules every business should follow

95% of patients fear they will face data breach

A single Indian firm facing 2,146 cyber attacks a week on average

Accreditation Commission for Education in Nursing reveals data breach

Adobe warns of critical Colfdusion RCE bug exploited in attacks

Addressing the Mobile Malware Threat With Zero-Trust

Admins of Genesis Market marketplace sold their infrastructure on a hacker forum

Advanced Medical Management Experiences Data Breach That Leaked PHI and SSNs

Alleged Ukrainian scareware developer arrested after a decade on the run

AMC Theatres Files Notice of Data Breach That Leaked an Unknown Number of Social Security Numbers

APT Group Red Menshen is Rapidly Evolving its BPFDoor Malware

Augusta systems restored after cyber attack; effect on residents still unknown

Barts Health NHS Trust faces ransomware threats from Russian organisation BlackCat

Beware of AI-generated phishing attacks; they are so real!

Biden Administration Sets Deadlines for Cybersecurity Goals

BreachForums Admin Pleads Guilty to Hacking Charges

By criminals, for criminals: AI tool easily generates ‘remarkably persuasive’ fraud emails

Canadian Phishing Scammer Exposed For Stealing Over $1 Million In Crypto And NFTs

CERT-UA Uncovers Gamaredon's Rapid Data Exfiltration Tactics Following Initial Compromise

Cisco Nexus 9000 Users Must Disable Encryption to Dodge Vulnerability

CISOs under pressure: Protecting sensitive information in the age of high employee turnover

Confidence in the cloud: why cloud security matters more than ever

Criminals launch subscription-based WormGPT without ethical constraints

Critical XSS vulnerability in Zimbra exploited in the wild (CVE-2023-34192)

Crypto Hackers Net Nearly $480 Million Year-to-Date

Cyberattack compromised JumpCloud customer environments

Cyberattacks are Warfare

Cybercriminals Exploit Microsoft Word Vulnerabilities to Deploy LokiBot Malware

Cybercriminals in the UAE are upping their game

Cybersecurity Report: Growing Risks in Healthcare

Data Breach Exposes Student, Staff Info at 7 Idaho Colleges

Data Breach Impacts Nearly 172,000 Tennessee Retirees

Data breaches on pace for a new record in 2023

Database Mess Up Exposed PII and Photos of 2.3M Dating App Users

Dating App That Claims 50 Million Users Suffered a Data Breach

Digital maturity is a growing factor in cybersecurity practices

E-Commerce Cybersecurity: How to Protect Customer Data and Online Transactions

European Union (EU) Urged to Prepare for Quantum Cyber-Attacks

Facebook and Microsoft are the Most Impersonated Brands in Phishing Attacks

Fake Ads Manager Software and Malicious Extensions Target Facebook Accounts

FBI: Texas, Rest of U.S. Experiencing More Cyber Attacks

FBI, CISA Confirm Collaboration To Address Cyberattack On U.S.

Fostering growth in the digital era through cyber resilience

Global Internet Breach May Impact Hillsborough Residents, Businesses

Google Bard security flaw could be attracting scammers to its services

Google Removes Swing VPN Android App Exposed as DDoS Botnet

Grand Theft Auto 'hacker' from Oxford is 'not fit to stand trial'

Growing scam activity linked to social media and automation

'Hacker's dream': Threads gobbling up sensitive information on its millions of users

Hacker's Latest Target: The Electric Vehicle

Hackers Exploit WebAPK to Deceive Android Users into Installing Malicious Apps

Hackers exploiting critical WordPress WooCommerce Payments bug

Hackers Target Multichain Users With Fake Twitter Account

Healthcare organizations hesitant to adopt new software patches

HMRC issues urgent warning over ‘money stealing’ text ahead of deadline in weeks

Hospitals, health systems facing lawsuits for data breaches

How AI is Tightening Cybersecurity for Businesses

How popular AI apps are invading your privacy

How Threat Actors Leverage AI to Advance Healthcare Cyberattacks

How To: Prevent Ransomware Attackers Striking Again

Hyderabad companies scramble to firewall hackers as ransomware holds data hostage

Idea Financial Files Notice of Data Breach Impacting Over 37k Consumers

Indian researchers remove 3K malicious content targeting firms across sectors

Insights from BDO & AusCERT Cyber Security Survey

IT worker jailed for impersonating ransomware gang to extort employer

JumpCloud discloses breach by state-backed APT hacking group

Kent County's website and citizen services impacted by a significant cyber attack

Linux-friendly email program hit by zero-day bug

LockBit and Clop were responsible for almost 40% of June’s ransomware attacks

Malicious USB Drives Targetinging Global Targets with SOGU and SNOWYDRIVE Malware

Meet NoEscape: Avaddon ransomware gang's likely successor

Meet WormGPT: an expert phishing chatbot

Meta faced with daily $100K fine over privacy breaches

Millions of Telekom Malaysia's broadband customers possibly impacted by data breach

MOVEit Hack: Number of Impacted Organizations Exceeds 340

Naked Patient Photos Published After Ransomware Attack on Plastic Surgery Clinic

Norwegian recycling giant Tomra dealing with ‘extensive’ cyberattack

Owner of Cybercrime Website BreachForums Pleads Guilty

Police arrests Ukrainian scareware developer after 10-year hunt

Practices for Password Security and Management

Public Health Management Corporation Announces Data Breach Affecting an Unknown Number of Individuals

Quick: Manually patch this Zimbra bug that's under attack

RedCurl hackers return to spy on 'major Russian bank,' Australian company

Russian cyber gang Armageddon leaves 30 minutes to react

Security researchers concerned over Google Bard's limitations

Security Teams Need to Address One of the Biggest Software Supply Chain Risks: Open Source

Seven new gadgets added to riskiest connected devices list

Sorillus RAT and Phishing Attacks Exploit Google Firebase Hosting

Steps Involved In Penetration Testing And Their Methodology In Cybersecurity

The New Cybersecurity Is Data Security

The Philippines: 5th in SEA with most phishing incidents in 2022

The Role of Out of Band Authentication in Enhancing Internet Security

The winning strategy for SMB ransomware protection

Things You Need To Know About Security Mobile Application Testing

Threads collects so much sensitive information it’s a ’hacker’s dream,’ experts say

Threads sees intensified scamming activity

TJ Maxx, Shutterfly, TomTom latest organizations to confirm MOVEit breaches

TOMRA: Subject to cyber attack

Trustwave uncovers the truth about healthcare sector cybersecurity risks

Uganda Securities Exchange (USE) investor data was exposed to hackers, investigation finds

Ukraine's CERT-UA Exposes Gamaredon's Rapid Data Theft Methods

Using Snapshots to Improve Data Security

Vitesco Technologies among nine new MOVEit Transfer vulnerability ‘victims’ posted by Cl0p

Washington State University warns data breach may have hit students, employees

Wearables and data security

Weekly cyber attacks reach two-year high amid ransomware resurgence

What Is Smishing? Definition, Examples & Protection

What We Learned from the 2023 Pen Testing Report

White House Should Update Cybersecurity Strategy to Consider Impact of AI

Who are the ransomware gangs wreaking havoc on the world’s biggest companies?

Why you should think twice before posting an ‘airport selfie’ this summer

Wisconsin county dealing with ‘catastrophic software failure’; California city declares ransomware emergency

WormGPT: Newest Tool in a Phishing Scammer’s Arsenal

WormGPT – A ChatGPT Themed Hacking Tool Used to Launch Cyber Attack