Editor's Message

Welcome to DBD. On March 8th we celebrated our 4th Anniversary and the 1st Anniversary of our PRiSM application, officially endorsed by the SANS Institute. Despite recent personal issues that have impacted the amount of time I have been able to dedicate to both projects, I have been doing my best to keep everything as up-to-date as possible, and I would like to take this opportunity to thank everyone for their patience and support whilst I navigate through this very difficult time. Stay safe. :)

Monday 24 July 2023

Data Breaches Digest - Week 30 2023

Welcome to this week's Data Breaches Digest, a catalogue of links concerning Data Breaches and Cyber Security that were published on the Internet during the period between 24th July and 30th July 2023.

30th July

Beware! Public Chargers Can Steal Your Data: 8 Ways To Be Safe From Juice Jacking Scam

Chatbots: A hacker’s best friend

Curve Finance hacker returns part of stolen funds

Cyberattacks And Compromise of Attorney Client Confidences

Enhancing Online Privacy: The Power of Remote Browsers

Exploring the Impact of Physical Security Information Management on Internet Safety

From Passwords to Biometrics: The Evolution of Identity and Access Management in the Tech Industry

Google: Android patch gap makes n-days as dangerous as zero-days

Got a letter about North Kingstown's data breach? Here's why the town had your information

Hacktivism: We must urgently raise our game in cybersecurity

How can hackers get into your phone without even installing script software?

Industry-Specific Cybersecurity Concerns: Safeguarding Your Business in the Digital Age

Israel busts Iranian attempt to phish state workers via LinkedIn

Israel's largest oil refinery website offline amid cyber attack claims

Ivanti warns of second vulnerability used in attacks on Norway government

Knowledge is power when it comes to cybersecurity

Medical Institutions Remain One of the Most Vulnerable Sectors to Ransomware Attacks

MHMR Authority of Brazos Valley provides notice of ransomware attack last November

New smartphone vulnerability could let hackers track your location

Overcoming Data Privacy Challenges in the European Cloud Computing Industry

Protecting Your Personal and Financial Information from Spoofing Attacks

Scammers Are Impersonating Dubai Electricity and Water Authority (DEWA), Authorities Urge People To Be Aware Of Scam

School Accreditation Organization Data Breach Exposed Sensitive Information on Students, Parents, and Teachers Online

Spyware Attack on Google Play: Malware CherryBlos and FakeTrade Targeting Android Users To Steal Sensitive Data Using Optical Character Recognition

Tackling Cybersecurity Challenges in the Asia Pacific: Strategies for Effective Malware Detection and Prevention

The FBI’s Concerns about Artificial Intelligence

The Next Frontier in Cyber Threat Management: The Growing Adoption of Automated Breach and Attack Simulation Technologies

The Role of Telecommunications in Strengthening North American Healthcare Cybersecurity

The Role of World Secure Web Gateway in Safeguarding Internet Users

Understanding Advanced Persistent Threat Protection: A Comprehensive Guide

Understanding the Difference Between Identity Access Management On-Premise and Cloud

What happens to your personal info after a data breach?

What is a Keylogger?

WormGPT is an AI chatbot with no limits and ethical boundaries

29th July

8 Charged in $1.1M Identity Fraud Scheme: Theft of 19 Rental Cars

'Added stressor to university life': University of Guelph student speaks out following data breach

Anonymous Sudan: Dissecting The Recent Cyber Attacks On Kenya Infrastructure

Anonymous Sudan: Inside billion-shilling cybercrime underworld

Attacked by Black Basta, BankCard USA paid ransom

CoinsPaid Resume Operations Post Hacker Attack, Funds Secure

Data breach reported in Arizona's school voucher program

Education Sector Sees Highest Rate Of Ransomware Attacks Among All Industries

Hackers Deploy "SUBMARINE" Backdoor in Barracuda Email Security Gateway Attacks

Hackers threaten to auction off DNA patient records from Oklahoma hospital

Hacking gang demands £450,000 ransom after cyber raid on Scottish university sees them make off with student and staff bank details

How AI Data Lineage Enhances Data Security and Reduces Risk

IBM: Data breach cost all-time high, but AI lessens impact

Ivanti Says Second Zero Day Used in Norway Govt Breach

Ivanti Warns of Another Endpoint Manager Mobile Vulnerability Under Active Attack

Modern Warfare 2 Servers Were Offline Amid Malware Attack

More than 40% of zero-days in 2022 were variants of previous vulnerabilities

New Android Malware CherryBlos Utilizing OCR to Steal Sensitive Data

New phishing campaign targets Twitter Blue users amid X rebrand confusion

No, PayHere didn’t get hacked again

Now Abyss Locker also targets VMware ESXi servers

Original BreachForums Breached, PII Data of 210K Users Sold Online

Protecting Your Bitcoin: Safeguarding against Cryptocurrency Scams and Fraud

The Alarming State of Email Security Worldwide

The (Not-So) Great PROCOM Hack of 2023: What Happened, How’s ProRodeo Fixing It and Who’s Saving the Day?

The Rise of ChatGPT Scams: How AI Language Models are Exploited for Fraud

What happens to your personal info after a data breach

What is the Akira ransomware, and why has the government issued a warning against it?

28th July

40% of Ubuntu Cloud Workloads Vulnerable to Exploits

A Data Exfiltration Attack Scenario: The Porsche Experience

Accelya Confirms Confidential Data Leaked Following MOVEit Data Breach at Alight Solutions

Activists target Ontario hog farm with ransomware

AI Technology Triggers Concerns Over Social Engineering Threats

Andrews McMeel Universal Notifies Employees and Contractors of 2022 Data Breach

Another AI Pitfall: Digital Mirroring Opens New Cyberattack Vector

Apache OpenMeetings Network Security Vulnerabilities

Aurora National Life Assurance Company Notifies Over 48k Consumers of Third-Party Data Breach

Australia and US Issue Warning About Web App Threats

Average cost of a data breach at an all time high

Bi-Bett Corporation Announces Data Breach Following Compromised Employee Email Account

Blocking access to ChatGPT is a short term solution to mitigate risk

BlueBravo Deploys GraphicalProton Backdoor Against European Diplomatic Entities

British Ministry of Defence accidentally emails Mali instead of Pentagon

CherryBlos Malware Uses OCR to Pluck Android Users' Cryptocurrency

CISA: New Submarine malware found on hacked Barracuda ESG appliances

CISA warns of breach risks from IDOR web app vulnerabilities

CISA, Australia warn of IDOR vulnerabilities after major breaches

CISOs consider zero trust a hot security ticket

Cognisight Files Notice of Data Breach on Behalf of Sutter SeniorCare PACE Following MOVEit Vulnerability

Cohesity reveals companies’ cyber resilience deficiencies

Cost of a data breach for ASEAN businesses hits record high

CRC Insurance Services, LLC Announces Data Breach Following Email Phishing Attack

Crypto payments platform CoinsPaid loses $37M, points finger at Lazarus Group

Cyber Attack on Montclair Township Led to $450K Settlement

Cyber attack on Ortivus' UK network impacts multiple NHS ambulance trusts' operations

Cyber Resilience Act: EU Regulators Must Strike the Right Balance to Avoid Open Source Chilling Effect

Cyber security firm detects NATO data breach in Bengaluru

Cybercrimes causing state agencies to lose millions of dollars

Cybersecurity Agencies Warn Against IDOR Bugs Exploited for Data Breaches

Data Leak Exposes 572 GB of Student, Faculty Info from Accreditation Org

ESL Federal Credit Union warns members of phishing text scam in Rochester

Fairfax Oral & Maxillofacial Surgery Announces Data Breach Affecting Over 208k Patients

Family Vision of Anderson Data Breach Leaks Social Security Numbers of Up to 62,631 Patients

FBI warns of adversaries using AI in influence campaigns, cyberattacks

Federal Trade Commission (FTC) warns against online tracking technology for healthcare providers

Hackers Abusing Windows Search Feature to Install Remote Access Trojans

Hackers Are Having a Field Day With Open-Source AI Programs

Hawai'i Community College pays ransomware gang to prevent data leak

Hayward city service coming back online following ransomware attack

Healthcare leads industries in data breach costs for 13th straight year

How Indian organisations are keeping pace with cyber security

IcedID Malware Adapts and Expands Threat with Updated BackConnect Module

Incident of the Week: Data breach victim ordered to pay $1.21 million to Adidas and NBA

India sees 133% rise in Ransomware and 311% surge in IoT attacks, meanwhile Cryptojacking soars globally

Ivanti patches new zero-day exploited in Norwegian government attacks

Kennedy Krieger Institute Data Leaked Following MOVEit Data Breach at Johns Hopkins

Kenya cyber-attack: Why is eCitizen down?

Kenya ICT minister admits cyber-attack on eCitizen portal, insists data secure

Linux version of Abyss Locker ransomware targets VMware ESXi servers

Major Security Flaw Discovered in Metabase BI Software – Urgent Update Required

Malvertising Attack Drops BlackCat Ransomware via Fake Search Results

Medicaid administrator breach exposes 8M+ people

Medicare beneficiaries alerted to contractor data breach

Microsoft Accused of Negligence in Recent Email Compromise

Minneapolis Public Schools (MPS) data breach exposed student and staff personal information

MOVEit Campaign Claims Millions More Victims

National Bank of Kuwait (NBK) warns against phishing e-mails and provides protection tips

National Student Clearinghouse Notifies Colleges and Universities of MOVEit Data Breach Affecting Student Information

New Android malware uses OCR to steal credentials from images

New report highlights the rise of IPv6 in cybercriminal activities

New Study Reveals Forged Certificate Attack Risks

Nitrogen Campaign Starts with Fake Ads, Ends with Ransomware

North Korea-linked operation combines US military lures, South Korean e-commerce sites

North Korean Hackers Bag Another $100m in Crypto Heists

North Korean Lazarus Group Suspected in $37.3M CoinsPaid Crypto Heist

North Korean Lazarus Group Suspected in $37.3M CoinsPaid Crypto Heist

Pacific Premier Bank Announces Third-Party Data Breach Affecting Customers’ SSNs

Park Royal Hospital Notifies Patients of a Recent Data Breach That Leaked Protected Health Information

Phishing Emails Pretend They're From HR

Previously Unknown Data Breach Exposed Roblox Developers’ Personal Information

Scottish university allegedly targeted in cyber attack

Scottish university staff’s personal data ‘breached’ in sinister cyber attack

Securities and Exchange Commission (SEC) forces companies to warn you about hacks in four days, but not it’s not about your safety

Senator Wyden: Microsoft is Responsible for China-Linked Group’s Hack

Sovos Compliance Notifies Northwestern Mutual Clients of MOVEit-Related Data Breach

SSNDOB Marketplace Admin Pleads Guilty

STARK#MULE Targets Koreans with U.S. Military-themed Document Lures

Staying Above the Cybersecurity Poverty Line

Teachers’ Retirement System of the City of New York Confirms PBI Data Breach Impacting Retirees and Beneficiaries

The 5 Pillars of Cloud Security: Safeguarding Your Digital Horizon

The Education Sector Reports the Highest Rate of Ransomware Attacks

The Rise of Online Scams and Phishing Attacks

UK Ministry of Defence (MoD) Error Sends Emails to Russia’s Ally Instead of US

United Bank Informs The Health Plan About May 30 Data Breach

University of Guelph students notified of benefits data breach 4 months later

US Senator demands feds investigate Microsoft over China email and SolarWinds hack

Victims of online pharmacy’s data breach have standing for class action

Want to stay ahead of cybercrime? Think like a hacker

Who is really behind the Anonymous hacker group?

Willis Towers Watson Confirms Data Breach at Pension Benefits Information Leaked Consumer Data

Zero Trust Network Access (ZTNA) can be more than a VPN replacement for application access

27th July

4 Most Dangerous and Destructive Ransomware Groups of 2022

8 million people hit by data breach at US government contractor Maximus

98,000 UT Southwestern Medical Center Patients Affected by MOVEit Cyberattack

A Cybersecurity Wake-Up Call: It's Time to Take a Fresh Stance

A step-by-step guide for patching software vulnerabilities

Akira Ransomware Racks Up at Least 63 Victims in 4 Months

All the Ways Your Credit Card Info Can Be Stolen

AXIS A1001 Network Door Controller Flaw Exposes Secure Facilities

Barbie's Data Privacy Scandal

Blockchain data shows Conti gang tied to Akira and spate of ransomware attacks

BreachForums database and private chats for sale in hacker data breach

Businesses urged to check their cyber insurance as ransomware attacks continue to rise

CardioComm Takes Systems Offline Following Cyberattack

China’s Wuhan Earthquake Center Suffers Cyber-Attack

CoinsPaid blames Lazarus hackers for theft of $37,300,000 in crypto

Countering Cyberthreats with a Whole Enterprise Security Approach

Cryptojacking soars as cyberattacks increase, diversify

Cyber Attack Leaves NHS Ambulance Trusts Unable to Access Patient Records

Cyber criminals pivot away from ransomware encryption

Cyber security is business issue not technical one

Cyberattack on University of West Scotland claimed by Rhysida ransomware gang

Cybersecurity and AI/ML, Before the New Age of AI: Email Security

Data breaches must be reported within 4 days, says Securities and Exchange Commission (SEC)

Data for thousands compromised in ransomware attack on Hawaii Community College (HCC)

Deloitte denies Cl0p data breach claims in wake of MOVEit attack

Deloitte joins Big Four MOVEit victims PWC, EY

Department for Work and Pensions (DWP) warning as £750 cost of living text scam is on the rise - what to look out for

ESET Detects Phishing Campaign Targeting OpenAI’s Chatbot

Evotec Provides Update on Financial Impact of Cyber-Attack

Facebook top hacker now sells “proof of exploitability”

First Circuit Revives Data Breach Class Action Claims in Webb v. Injured Workers Pharmacy, LLC

Five Ways To Boost Cybersecurity Training Efforts Using AI

Forged Azure Access Tokens Exploited by Storm-0558: A Cloud Vulnerability Transparency Gap

Franklin Mint Federal Credit Union said MOVEit hack compromised the data of 140k customers

GameOver(lay): Two Severe Linux Vulnerabilities Impact 40% of Ubuntu Users

Google Cloud Build Flaw Could Enable Supply Chain Attacks

Group-IB Co-Founder Sentenced to 14 Years in Russian Prison for Alleged High Treason

Group-IB Founder Ilya Sachkov Jailed for 14 Years in Russia

Hacker reportedly selling 2 million data records stolen from Egypt's Ministry of Health and Population

Hacker-Attacking Developers Using Weaponized MS Visual Studio

Hackers Heart Dormant and Default Credentials for Access

Hackers strike largest US hardware store, steal credit card data

Hackers Target Apache Tomcat Servers for Mirai Botnet and Crypto Mining

Hawaiʻi Community College pays ransom after attackers steal personal info of 28,000 people

Hayward city website restored following ransomware attack

High Severity Vulnerabilities Discovered in Ninja Forms Plugin

Higher Education Sees Massive Spike in Encrypted Threats and CryptoJacking in First Half of 2023

How Providers Can Defend Against AI-Assisted Cyberattacks

How scammers are using ‘Barbie’ craze to steal personal information

How scammers are using 'Barbie' frenzy to steal bank info from moviegoers

How to prepare your business against third-party cyberattacks

HR-disguised phishing emails duping staff worldwide

Iranian Stalkerware ‘Spyhide’ Steals Data from 60,000 Android Devices

Ireland: Data Protection Commission (DPC) rejects claims it didn’t fully investigate alleged data breach by Google

Israel National Cyber Directorate Warns of Increase in Cyberattacks Ahead of Jewish “Holiday of Love”

Kenya ICT minister admits cyber-attack on eCitizen portal, insists data secure

Key factors for effective security automation

Lack of Transparency About Cyber Attacks Undermines Public Trust

Law office scammed by phishing email; U.S. Attorney’s Office uses Civil Forfeiture to Recover $273,082.50

More patients hit by Beverly Hills plastic surgeon data breach, exposing sensitive photos, private information

MOVEit Attack Signals Growing Cybersecurity Threats for Higher Education

MOVEit data breach: Is your info safe?

“Mysterious Elephant” Emerges, Kaspersky Reports

National Bank of Kuwait (NBK) warns against phishing e-mails, offers protection tips

NATO “looking into” supposed data theft by hackers

New Malvertising Campaign Distributing Trojanized IT Tools via Google and Bing Search Ads

New Securities and Exchange Commission (SEC) Rules Require U.S. Companies to Reveal Cyber Attacks Within 4 Days

North Korean Hacker Cell Lazarus Allegedly Behind $60 Million Alphapo Hack

Norway says a zero-day vulnerability in Ivanti's EPMM software led to cyber attacks on 12 ministries

Perception Point Reports Business Email Compromise and Phishing Attacks Soar by 20% and 41% Respectively in H1 2023

Perception Point reports rates of ‘BEC,’ phishing attacks climb in the first half of 2023

Phishing Scam Affects Nearly 170K Henry Ford Health Patients

Ransomware attacks on Nigerians increased by 7%, says Kaspersky

Ransomware strikes healthcare clinic, over 60K patients affected

Renfrewshire Council staff should 'remain cautious' of university's emails after 'major' cyber attack

Report reveals new information about Akira Group connection to Conti

Resignations Are An Appropriate Response For Firearm Data Breach

Risks, Including the Defense, of Using Open-Source Software

RSA ID IQ Report Reveals What You Don’t Know Will Breach You

Russia jails Group-IB cofounder for treason

Securing Your Cloud Database: A Practical Guide

Securities and Exchange Commission (SEC): Companies Have 4 Days to Disclose Cyberattacks

Securities and Exchange Commission (SEC) introduce a four-day deadline to report hacks

Securities and Exchange Commission (SEC) Wants Cyber-Incident Disclosure Within Four Days

Security Breaches Are on the Rise and Your Identity Isn't Safe. Here's How Verified Identities Can Help

Security Incident Impacts CardioComm’s Operations

Senator calls on Department of Justice (DOJ) to investigate alleged China hack of Microsoft cloud tools

SSNDOB cybercrime market admin faces 15 years after pleading guilty

Supply Chain Attack Hits NHS Ambulance Trusts

Swiss visa appointments cancelled in UK due to 'IT incident'

The Education Sector Reports the Highest Rate of Ransomware Attacks, Sophos Survey Finds

The MOVEit Effect: Protecting Public-Facing Applications

The top 6 cyber security incidents in July 2023

The top 10 data breaches since 2000

Transportation Security Administration (TSA) renews cybersecurity guidelines for pipelines

Tricky phishing email targeting Twitter Blue subscribers with X rebranding confusion

UAE scam alert: Got an email from Dubai Police, Salik, asking for payment? Beware

UC Davis Health Suffers Data Breach

UK NHS ambulance organizations struggle after cyber-attack on health software vendor Ortivus

US contractor says info of up to 10 million leaked in MOVEit breach

Vulnerabilities could expose Ubuntu users to privilege escalation attacks

Vulnerabilities exposed Peloton treadmills to malware and DoS attacks

What Cyber Assessments Does My Business Need?

What happens to your personal info after a data breach

What is Tailgating? Definition, Examples & Prevention

What would you do if a hacker stole all your bitcoin?

Why are computer security guidelines so confusing?

Why Businesses Are Willing to Pay Ransoms: Exploring Cyber Resilience and Data Recovery Gaps

WordPress Ninja Forms plugin flaw lets hackers steal submitted data

Zimbra patches zero-day vulnerability exploited in XSS attacks

26th July

84% of financial institutions were exposed to a fourth-party breach

90% of SOC analysts believe current threat detection tools are effective

Akira ransomware compromised at least 63 victims since March

Almost 40% of Ubuntu users vulnerable to new privilege elevation flaws

ALPHV ransomware adds data leak API in new extortion strategy

Ambulance patient records system hauled offline for cyber-attack probe

Attackers are Hiding Malware Behind Barbie-Themed Scams

British ambulances unable to access patient records system following cyberattack

CISA: Most cyberattacks on governments, critical infrastructure involve valid credentials

Companies encounter months-long delays in filling critical security positions

Critical MikroTik RouterOS Vulnerability Exposes Over Half a Million Devices to Hacking

Cyber attack affects two south England ambulance services

Cyber attack hits two ambulance trusts leaving hospitals without access to electronic patient records

Cyber attack on IT supplier hits two major ambulance trusts

Cyber Storm Unleashed: Unmasking STORM-0978’s Exploitation of the CVE-2023-36884 Vulnerability

Cyber-criminals Shifting Methods, Ransomware Surges 74% in Q2

Dallas police crime data back online after ransomware attack in May

Dark Web Markets Offer New FraudGPT AI Tool

Decoy Dog: New Breed of Malware Posing Serious Threats to Enterprise Networks

Education Sector Has Highest Ransomware Victim Count

Enterprises should layer-up security to avoid legal repercussions

Fenix Cybercrime Group Poses as Tax Authorities to Target Latin American Users

Following WormGPT, FraudGPT Emerges for AI-Driven Cyber Crime

Group-IB Founder Sentenced in Russia to 14 Years for Treason

Heart monitoring technology provider confirms cyberattack

How to Avoid Being the Victim of Malvertising

How to avoid LinkedIn phishing attacks in the enterprise

Industry Coalition Calls For Enhanced Network Resilience

Insurance broker urges businesses to check their cyber insurance as ransomware attacks continue to rise

Lazarus hackers linked to $60 million Alphapo cryptocurrency heist

macOS RedLine Stealer malware found on fake blockchain games

Meta GDPR data fines: the EU suffers, but Ireland keeps the money

MikroTik OS bug exposes over 500,000 devices

MikroTik vulnerability could be used to hijack 900,000 routers (CVE-2023-30799)

NATO investigates alleged data theft by SiegedSec hackers

New AI Tool 'FraudGPT' Emerges, Tailored for Sophisticated Attacks

New Nitrogen malware pushed via Google Ads for ransomware attacks

No, criminals are not in love with VPNs, expert insists

Norwegian government ministries hit by cyber attack

Over 900,000 MikroTik Routers Exposed to Critical Bug

Police Thwart Cyber Attack on Yorkshire Coast Firm

Protecting Your Phone from the Looming Threat of Juice Jacking

Ransomware Attacks Skyrocket in Q2 2023

Ransomware gang increases attacks on insecure MSSQL servers

Repeatable Vendor Email Compromise (VEC) Attacks Target Critical Infrastructure

Researchers say more than 900,000 MikroTik routers vulnerable to hackers

Russia jails Group-IB co-founder for 14 years in treason case

Rust-based Realst Infostealer Targeting Apple macOS Users' Cryptocurrency Wallets

Securities and Exchange Commission (SEC) adopts new cybersecurity incident disclosure rules for companies

Securities and Exchange Commission (SEC) now requires companies to disclose cyberattacks in 4 days

Securities and Exchange Commission (SEC) to require companies to disclose cybersecurity incidents

SiegedSec Allegedly Breached NATO’s COI Portal Affecting 31 Nations Leaked Sensitive Data

South Staffs Water data breach victims may be in line for compensation

South Western Ambulance Service supplier targeted in cyber attack

Teachers Insurance and Annuity Association of America (TIAA) Reports Over 2.6 Million Leaked Social Security Numbers Following Pension Benefit Information (PBI) MOVEit Data Breach

Teenager arrested in exam board cyber attack investigation

The Power of Open Source Cybersecurity: Transparency and Community-Driven Development for Continuous Improvement

Threads may be collecting data illegally, analyst warns

VMware Patches Vulnerability Exposing Admin Credentials

What to know about Michigan State University (MSU) third-party data breach

You’ve been the victim of a data breach. What should business leaders do next?

Zero trust rated as highly effective by businesses worldwide

25th July

$1 Million skimmer fraudster jailed for gas pump thefts

4 ways to avoid clicking malicious links that everyone online should know

67% of organizations not confident in cyberattack recovery

$87 Billion Italian Asset Manager Azimut Hit With Ransomware Attack

Account takeover fraud: 5 steps for protecting your customers

AI: Cyber Friend or Cyber Foe?

Amazon Prime scams are on the rise - here are 4 ways to avoid them

Amazon pushes biometric payments, raising surveillance and identity theft fears

Apple extends spyware patch to all devices

Apple fixes exploited zero-day in all of its OSes (CVE-2023-38606)

Apple Rolls Out Urgent Patches for Zero-Day Flaws Impacting iPhones, iPads and Macs

Atlassian Releases Patches for Critical Flaws in Confluence and Bamboo

Australian Government Exposed Personal Info Via Security Report

Average cost of data breach in India reaches over Rs 17cr

“Biggest Dutch user” arrested in continuing hacker website probe

Butler County Community College (BC3) Impacted By Data Breach At Student Clearinghouse

Casbaneiro Banking Malware Goes Under the Radar with UAC Bypass Technique

CISA warns government agencies to patch Ivanti bug exploited in attacks

Companies are rushing into generative AI without a cohesive, secure strategy

Critical Flaws Exposed Microsoft Message Queuing Service to DoS Attacks

Critical Flaws Found in Microsoft Message Queuing Service

Cyber threat report reveals misalignment between execs & security analysts

Cyber-security and human psychology

Dallas City Manager: Employee Data Was Accessed in Hack

Data Breach Costs Hit Record High but Fall For Some

Decoy Dog Malware Upgraded to Include New Features

DHL UK investigates data breach linked to MOVEit software

Engaging A Paradigm Shift in Cybersecurity: CISO Is Leading The Battle Against Ransomware

Ethiopia: In 12 months, Information Network Security Administration (INSA) Foils Over 6,700 Cyberattacks

FraudGPT Follows WormGPT as Next Threat to Enterprises

From Power Grids to Airports: TETRA Radio Hacking Risks Global Infrastructure

Gaming DAO warns users of fake airdrops amid social media hacks

Geopolitics and defending against cyber-threats

Global police and airport radio system open for spying

Hacker Claims to Have Stolen Sensitive Medical Records from Egypt's Ministry of Health

Hackers exploited Ivanti zero-day to breach Norway’s government

Half of top malicious email subjects are HR related

How do Organizations face threats from the Dark Web?

How to prevent e-commerce fraud with intelligent automation

HWL Ebsworth data breach update

India: Government warns of 'Akira' ransomware targeting Windows and Linux users

Indiana-based 1st Source Bank suffers a MOVEit Transfer hack, loses 450k customers' data

Ivanti Patches Zero-Day Bug Used in Norway Attacks

Ivanti Releases Urgent Patch for EPMM Zero-Day Vulnerability Under Active Exploitation

Ivanti zero-day exploited to target Norwegian government (CVE-2023-35078)

Kaspersky Warns of HR Credential Scams on the Rise

Kenya Bureau of Standards (KEBS) Suffers A Massive Data Breach

KnowBe4 Phishing Test Results Reveal Half of Top Malicious Email Subjects Are HR Related

Law firm must hand over names of some clients affected by 2020 cyberattack, judge says

Luca Stealer Spreads Via a Phishing Microsoft Crypto Wallet Site

macOS Under Attack: Examining the Growing Threat and User Perspectives

Mississippi's George County suffers a major ransomware attack, takes critical systems offline

MOVEit attacks shine light on cyber (re)insurance industry’s blind spots

Navigating the digital maze: Unraveling cybersecurity risks in social media platforms

New Realst macOS malware steals your cryptocurrency wallets

NoName, the Russian hacker group behind the cyberattacks on Election Day

North Korean Cyber Group Suspected in JumpCloud Breach

North Korean Nation-State Actors Exposed in JumpCloud Hack After OPSEC Blunder

Norway says Ivanti zero-day was used to hack government IT systems

Online banking fraud: UK’s poor password practises are putting users at risk

Over 400,000 corporate credentials stolen by info-stealing malware

Pacific Premier Bank clients exposed in MOVEit attacks

Pro-XRP attorney’s Twitter hacked to promote fake giveaways

Protect Your Data Like Your Reputation Depends On It (Because it Does)

Ransomware-as-a-Service (RaaS) proliferation: 14 new ransomware groups target organizations worldwide

Security operations teams fail to recognise connection between failing threat detection tools and growing burnout

Seven Common Lateral Movement Techniques

SiegedSec Hacktivist Claims to Strike NATO and Leak Sensitive Docs

SlowMist Executive Discovers Crypto Phishing Involving 2FA on Apple Devices

Super Admin elevation bug puts 900,000 MikroTik devices at risk

TETRA:BURST - 5 New Vulnerabilities Exposed in Widely Used Radio Communication System

The Dramatic Cyberattack That Put Latin America on Alert

The Role of Artificial Intelligence and Machine Learning in Enhancing Cybersecurity in the Asia Pacific Region

Travel and tourism sector ranked third in cyberattack incidents

UK's Online Safety Bill, explained

US Neutralizes Russian Snake Malware Program

Victoria's privacy watchdog tasks health department with new recommendations following COVID data breaches

VMware fixes bug exposing CF API admin credentials in audit logs

Wesco Settles Coverage Dispute Over $36 Million IRA Financial Cyber Attack

What do SMEs need to do for a cyber secure future?

What is Akira? All About New Ransomware and Preventive Guidelines

Zenbleed: New Flaw in AMD Zen 2 Processors Puts Encryption Keys and Passwords at Risk

24th July

1st Source says 450,000 records affected in client data breach

5 Hidden Dangers of Browser Extensions

5 top tips for sourcing port cyberattack insurance cover

8 Simple Steps to Secure Your NAS

2023 healthcare data breaches set to outpace last year

AI is helping to reduce data breach impact says IBM

Another Cl0p data breach victim goes public, millions affected

Apple fixes new zero-day used in attacks against iPhones, Macs

Are AI-Engineered Threats FUD or Reality?

As Ransomware Monetization Hits Record Low, Groups Innovate

Athene Annuity and Life Company Files Notice of MOVEit Data Breach at Pension Benefit Information

Australian iron ore giant Fortescue Metals victimised by the MOVEit Transfer hack

Average cost of a data breach reaches $4.45 million in 2023

Average cost of data breach reaches $4.5M – you’re the one who pays

Azimut faces cyber attack from DarkFeed: BlackCat

Banking Sector Targeted in Open-Source Software Supply Chain Attacks

Bridging the cybersecurity skills gap through cyber range training

Citi Trends class action claims data breach compromised employee data

Clop Could Make $100m from MOVEit Campaign

Cl0p Ransomware Gang Leaks MOVEit Data on Clearweb Sites

Cl0p’s MOVEit Transfer attacks will spur copycats

College Students Increasingly Victimized by Phishing, Cyberscams

Consumers demand more from businesses when it comes to security

Cost of data breaches continues to go in wrong direction

Critical infrastructure radio tech ‘easily hacked’ through deliberate backdoor

Critical Zero-Days in Atera Windows Installers Expose Users to Privilege Escalation Attacks

Crypto Scams Plummet While Ransomware Payments Approach Record Levels in 2023

Cyber-Attack Strikes Norwegian Government Ministries

Data stolen in MOVEit breach leaked by notorious ransomware gang

Dear all! What are some common subject lines in phishing emails?

Department for Work and Pensions (DWP) issues warning over fake £750 'Living Payment' text

Dubai police warn against phishing emails asking to pay fines

Email users warned about new DHL email phishing scam

Estée Lauder Confirms Data Breach

EU governments reject requiring manufacturers to report vulnerabilities to central cyber agency

Financial burden of cybercrime remains high even as awareness grows

Franklin Mint Federal Credit Union Confirms MOVEit Data Breach Affected Over 140k Customers

Fraudsters exploit ‘Barbienheimer’ hype to scam people

Gozi and IcedID Trojans Spread via Malvertising

GuidePoint Study Shows 38% Spike in Public Ransomware Victims

Hacker Successfully Drains $23 Million from AlphaPo Hot Wallet

Has the MOVEit hack paid off for Cl0p?

HIPAA Email Security: Protecting Sensitive Patient Information with Confidence

Home affairs cyber survey exposed personal data of participating firms

How a layered security approach can prevent AI-based phishing

How is the Dark Web Reacting to the AI Revolution?

How To: Tackle Deepfakes and Manipulation

How to Protect Patients and Their Privacy in Your SaaS Apps

How to protect yourself from a Bluetooth cyber attack

IBM Report: Average Cost of a Data Breach Rises to $4.45 Million

Imagine360 data breach: medical information, Social Security numbers compromised

India: Government has 'Akira' ransomware warning for users

India: Government warns users against Akira ransomware targeting Windows users, here is how you can stay safe

Insider Indicted for Attempting to Sabotage California Water Plant

Insider threats: What they are and how to prevent them

Investigations are causing data breach costs to skyrocket, IBM finds

IoT Connected Devices Pose Significant Risk to Organizations

Is Your Peloton Attracting Security Threats?

Italian asset manager Azimut targeted by BlackCat hackers

Ivanti patches MobileIron zero-day bug exploited in attacks

Ivanti urges customers to apply patch for exploited MobileIron vulnerability

JumpCloud breach led to supply chain attack

JumpCloud hack linked to North Korea after OPSEC mistake

June 2023 Saw Massive Spike in Ransomware Activity

Kenya Bureau of Standards Hit by Ransomware Attack

KillNet's Kremlin Connection Unclear as the Cybercrime Collective Grows

Law Firm Hack Affects Victims of an Earlier Breach Again

Lazarus hackers hijack Microsoft IIS servers to spread malware

Louisiana Office of Motor Vehicles (OMV) Offering Free LifeLock Credit Monitoring After Cyber Attack

Maritime cyber incident database unveiled

Michigan Avenue Immediate Care data breach class action settlement

Michigan State vendors affected by data breach; personal data possibly compromised

Microsoft denies Chinese hackers could have cracked its cloud services too

More plastic surgery patients have their nude photos and information leaked

National Cyber Security Centre (NCSC) updates advice for Legal Firms

New OpenSSH Vulnerability Exposes Linux Systems to Remote Command Injection

North Korean Hacker Group Breached US IT Firm JumpCloud

Norway government hit by cyberattack

Norway government ministries hit by cyber attack

Norway investigates cyberattack affecting 12 government ministries

Norway Probes Major Cyberattack on 12 Government Ministries

Norway's government hit by cyber attack

Norwegian Government Hit by Widespread Cyber Attack

Norwegian government IT systems hacked using zero-day flaw

Novel Open Source Supply Chain Attacks Target Banking Sector

Over 15000+ Citrix Servers Vulnerable to Code Injection Attacks

Peachtree Orthopaedic Clinic data breach impacted close to 35,000 patients

Personal data of millions of Bangladeshis was leaked by a government site. A probe finds no one is culpable

Physicians Insurance Files Notice of Data Breach Following Unauthorized Access to Employee Email Account

PokerStars Confirms MOVEit Data Breach Leaked Up to 110k Social Security Numbers

Predictive Risk Profiling: A Game-Changer in Safeguarding Your Supply Chain from Cyber Threats

Protect your printer from data breaches and cyber-attacks

QILIN Ransomware Report

Ransomware Prompted Emergency Declaration for Mississippi County

Rising Cyber Threats Need Robust Defence Mechanism

Rite Aid Corporation Posts Notice of Data Breach Affecting Customers’ Protected Health Information

Roblox data breach exposes employee data

Singapore recorded as a prime target for cybercriminals

Smishing Campaign Impersonates Japanese Utilities

Stolen Session Cookies: The Next Big Cyber Threat

Suspected cyber criminal who targeted Irish bank customers arrested in Amsterdam

Tampa General Hospital Data Breach Impacts 1.2 Million Patients

The Benefits of Implementing Cloud-Based Email Security in Your Organization

The Digital Trail Unveiled: Can Hackers Really Be Traced? Unlocking the Secrets of Cyber Sleuthing

The Mission Essential Group Files Notice of Potential Employee Data Breach

The New Summer Vacation Necessity: Cyber Hygiene

The old “trust but verify” adage should be the motto for every CISO

The Philippines: Anti-cybercrime center warns public amid ‘growing’ social media phishing scams

The top 10 technologies defining the future of cybersecurity

Thousands of Citrix Servers Exposed to Zero-Day Bug

Threat actors add .zip domains to their phishing arsenals

Three Reasons Why CISOs Need to Know How Their Company Is Managing Their Domains

Top 4 industries that need better cybersecurity

Two new vulnerabilities found in popular baseboard software

U.S. amps up crypto crime unit to focus on ransomware attacks

UAE phishing scam: Dubai Police issues ‘urgent alert’ warning against clicking on emailed links to pay fines

UK: Locals warned about low-rate mortgage emails from scam lenders

VirusTotal apologizes for exposing Premium clients

VirusTotal issues apology for recent sensitive data leak

What Are the Risks of Scambaiting?

What Happens to My Personal Information After a Data Breach?

What’s new in the 2023 Cost of a Data Breach report

What’s Your DDoS Threat Level?

Why API attacks are increasing and how to avoid them

Why businesses need an IT guardian

Why it’s high time for us to rely primarily on passwordless authentication

Why Your Customers Trust You More When You Prioritize Cybersecurity

Will cyber insurance help protect your business?

With online banking fraud increasing fast, here are some ways to protect your bank account and other data

Yamaha confirms cyberattack after multiple ransomware gangs claim attacks

Zenbleed attack leaks sensitive data from AMD Zen2 processors

Zurich lists five controls to thwart two thirds of SME cyberattacks