Editor's Message

Welcome to DBD. On March 8th we celebrated our 4th Anniversary and the 1st Anniversary of our PRiSM application, officially endorsed by the SANS Institute. Despite recent personal issues that have impacted the amount of time I have been able to dedicate to both projects, I have been doing my best to keep everything as up-to-date as possible, and I would like to take this opportunity to thank everyone for their patience and support whilst I navigate through this very difficult time. Stay safe. :)

Monday 7 August 2023

Data Breaches Digest - Week 32 2023

Welcome to this week's Data Breaches Digest, a catalogue of links concerning Data Breaches and Cyber Security that were published on the Internet during the period between 7th August and 13th August 2023.

13th August

A Glimpse into the World of Hackers: Researchers Observe Honeypot Activities

Abu Dhabi Police warn against online job and pet sale scams

AI-powered chatbots present both risk and hope

Android Spyware App Forced To Shut Down After Hackers Delete Server Data

Bangladesh: Banks alerted to prevent cyberattacks

Beware of these 4 phishing phrases! They are dangerous, handle with care

Canadian dental service pays ransom in 8base ransomware attack

China closes record 36K personal data breach cases in 3 years

Combating Business Email Compromise in the Asia Pacific: Strategies for Strengthening Cybersecurity

Data Breach Alert: Unauthorized Access to Pennsylvania Child Care Works Program Exposes Personal Information

Data Security and Privacy Challenges in HR Software Development

Data usage and ground-rules: Inside India's new Digital Personal Data Protection framework

DNS Firewall Solutions: Safeguarding the Internet from Cyber Threats

FBI Warns of Digital Currency Scammers Posing as NFT Developers

Five-point plan for businesses to boost their cybersecurity arrangements

How businesses and governments can work together to stop cyberattacks before they start

How SAML Authentication is Shaping the Future of Internet Security

MaginotDNS attacks exploit weak checks for DNS cache poisoning

Mitigating Risk - The Importance of IT, Cyber, and Privacy Risk Assessments in Protecting Organizations

Navigating the Digital Landscape: Key Strategies for Implementing a Successful Digital Vault

Parivahan Data Leak: Report Claims Indian Govt Website Breached To Sniff Sensitive Data Of 10,000 Users

PSNI Chief Constable 'deeply sorry' over data breach as worst-case scenario outlined to Policing Board

PSNI data breach: Civilian worker 'no longer feels safe in home'

PSNI support worker no longer attends his child’s Gaelic football training after data breach

Real estate industry grapples with cyberattack on Rapattoni

Russian and Chinese cyber attacks on the Foreign Office risked national security, ex-GCHQ boss warns

Scams and digital harm rising: Tech professionals share how they stay safe online

Taking a break: Risk of using Wi-Fi for work when on vacation

The Role of Cybersecurity Software in Preventing Data Breaches and Cyber Attacks

The Significance of Cybersecurity Automation for Startups

Third-Party Data Breach at Bellevue College Raises Account Security and Data Privacy Concerns for Students and Faculty

Top 5 Threats to Customer Data Security in 2023

Top Categories of Digital Harm Reported to Netsafe, New Zealand’s Online Safety Charity

Top U.S. cyber official offers 'stark warning' of potential attacks on infrastructure if tensions with China escalate

Transportation app Moovit’s bugs allowed hackers to ride for free

UK: Hackers steal voter list data

Unveiling the Dark Web: A Closer Look at Hidden Data Trade

Urgent warning as hackers put thousands of students’ details on dark web

Warning Signs of Scam Texts on iPhones

What Is Network Security? How It Works and Why It's Important

12th August

Billions of Gmail, Outlook, iPhone, and Android users warned to check inbox for four ‘bank killer phrases’

CERT-In Issues High-Severity Warning for Google Chrome Vulnerabilities

Chinese Police Crack Down on Cybercrime in the Web3 Sector

Cumbria Police admits huge data breach as names and salaries of staff published online

Curve Finance Pledges Refunds Following $62 Million Hack

Cybersecurity Trends that Every Startup Needs to Know

Data breach may have affected almost 4,000 University of Utah Health Plan members

Evolution Hackers Unveils Unprecedented Expertise in Website and Database Hacking, Raising the Bar for Cybersecurity Challenges

Ford says cars with WiFi vulnerability still safe to drive

Foss Swim School Loses $1.3 Million in Email Scam

Hackers Leak PII Data and Photos of Brazilian Plastic Surgery Patients

Hacking satellites remotely turned out to be surprisingly easy

Here are 5 critical security tips for your laptop you need to know

India: Government Parivahan Website Data Breach: Source Code And 10,000 Records Exposed

India: New law makes govt equally liable for any data breach

Intel Discovers Scary Vulnerability in Some Processors

Knight ransomware distributed in fake Tripadvisor complaint emails

Lolek Bulletproof Hosting Servers Seized, 5 Key Operators Arrested

MOVEit Hacks: Valuable Lesson for Software Industry

Multiple Flaws in CyberPower and Dataprobe Products Put Data Centers at Risk

Navigating the Cyber Threat Landscape: How Global Content Disarm and Reconstruction Enhances Data Security

New Python URL Parsing Flaw Enables Command Injection Attacks

Northern Ireland: Data theft - Police officers and staff not informed for month

Northern Ireland: Police officers and staff not told about data breach for almost a month

Notorious phishing platform shut down, arrests in international police operation

Portugal: Cyber Attack On SESARAM Was A "Criminal And Ignoble" Act

PSNI data breach: 200 officers and staff not informed about theft for month

PSNI data breach: 200 officers and staff not told of theft for a month

PSNI data breach: Officers looking over their shoulders

PSNI data breach Freedom of Information (FOI) passed through at least three departments

PSNI threat management group has more than 600 referrals after data breach

Ransomware Attacks on the Rise Globally and in Israel

South Africa’s websites are under attack

The Evolution of Cyber Warfare: Understanding the Global Landscape of Cyber Threats

The Nigerian Prince Scam Has Evolved: How to Spot This Phishing Email

Thousands of Northern Irish police officers could sue force after 'massive' data breach of personal details

Threat Actors Increasingly Targeting Mac Users with Tailored Malware

US cyber safety board to probe Microsoft hack of government emails

Victim of 90 ETH exploit set to claw funds back after hacker was blacklisted

White House holds first-ever summit on the ransomware crisis plaguing the nation’s public schools

Zoom ZTP & AudioCodes Phones Flaws Uncovered, Exposing Users to Eavesdropping

11th August

7 Machine Identity Management Best Practices For Strengthening API Security

16 New CODESYS SDK Flaws Expose OT Environments to Remote Attacks

Alberta dental plan administrator paid ransomware gang after attack

Amazon AWS distances itself from Moq amid data collection controversy

An email security vendor is leaving 2 Million domains open to phishing hacks, study finds

As Phishing Gets Even Sneakier, Browser Security Needs to Step Up

Attackers fooled by honeypot: researchers reveal five hacker factions

Average cost of UK data breach hits £3.2m

Billions of Intel CPUs are leaking passwords and killing performance

British Columbia LifeLabs patients could get $50 from data breach settlement

‘Bulletproof’ hosting site that allegedly enabled 400 ransomware attacks seized, founder indicted

Canada: ‘Phishing’ phone scam making rounds

Catholic Police Guild voice concern over PSNI data breach as 900 staff request support from threat management group

China closes record number of personal data breaches, moots facial recognition law

CISA: New Whirlpool Backdoor Used in Barracuda ESG Campaign

CISA Adds Microsoft .NET Vulnerability to KEV Catalog Due to Active Exploitation

CISA is Asking the IT Industry for Input in Securing Open Source Software

Connecticut school district lost more than $6 million in cyber attack, so far gotten about half back

'Cozy Bear' Russian hackers target Irish Embassy in Kyiv

Data breach at University of Utah Health Plans could impact members

Data breach exposes personal information of more than 700,000 Medicaid clients in Indiana

Data breach impacting millions of Oregon Health Plan members

Data breach targets patients transported by Johnson County ambulance service

Department of Homeland Security (DHS) to Review Microsoft’s Security in Chinese Email Hack

Dependency Confusion Attacks: New Research Into Which Businesses are At Risk

DNS Revelations on Eevilcorp

Downfall Vulnerability Affects Millions of Intel CPUs With Strong Data Leak Impact

DroxiDat-Cobalt Strike Duo Targets Power Generator Network

Email Hacking Reigns as Top Cybersecurity Threat

Freeport hit by cyberattack; impact on production limited

Google search exposes academics using ChatGPT in research papers

Hackers can target schools for kids’ data, here’s how to stay safer

Healthcare incurs highest data breach costs – for the 13th year in a row

Hillsborough County Confirms MOVEit Data Breach Leaks Information of 70k+

Hosting service used by criminals taken down in Poland

How executives’ personal devices threaten business security

How to handle API sprawl and the security threat it poses

How to Prevent Data Leakages

How to Prevent Phishing Attacks with Multi-Factor Authentication

Hub discloses data breach

Indigo earnings hit by ransomware fallout, softer demand from price-wary consumers

Industrial PLCs worldwide impacted by CODESYS V3 RCE flaws

It's time for companies to double down on cybersecurity measures as ransomware attacks rise, say experts

Lapsus$ Hacker Group Exposed in Latest Cyber Safety Review Board (CSRB) Report

Lapsus$ hackers took SIM-swapping attacks to the next level

Largest switching and terminal railroad in US investigating ransomware data theft

LOLEKHosted admin arrested for aiding Netwalker ransomware gang

Meet the Most (In)Famous Hacking Groups Active Today

Microsoft Exchange hack is focus of cyber board’s next review

Microsoft's role in data breach part of US cyber inquiry

‘MoustachedBouncer’ espionage hackers targeting embassies in Belarus

MoustachedBouncer Hackers Caught Spying on Embassies

Multiple Flaws Found in the Avada WordPress Theme and Plugin

National Security Agency (NSA), Viasat say 2022 hack was two incidents; Russian sanctions resulted from investigation

New SystemBC Malware Variant Targets Southern African Power Company

New Zealand intelligence report accuses China of cyber-enabled interference

Northern Ireland’s top police officer apologizes for ‘industrial scale’ data breach

Phishing 3.0: Crooks Leverage AWS in Deceptive Email Campaigns

Prudential joins the club of MOVEit victims

PSNI data breaches: Officer says he will leave Northern Ireland

Radius Global Solutions Reports Data Breach Due to MOVEit Vulnerability

Ransomware attack continues to disrupt 2 Connecticut hospital systems

Researchers Shed Light on APT31's Advanced Backdoors and Data Exfiltration Tactics

Researchers Suggest Ways to Tackle Thermal Attacks

Researchers Uncover Years-Long Cyber Espionage on Foreign Embassies in Belarus

Security Risks to Boom in the Era of Widespread Generative AI Adoption

Southern African power generator targeted with DroxiDat malware

Spear Phishing vs Phishing: How to Tell the Difference in a Cloud Infrastructure

Takedown of Lolek bulletproof hosting service includes arrests, NetWalker indictment

The Challenges of Cybersecurity in the Broadcast Industry

The Five Stages of Grief: Coping With a Data Breach

The Police Service of Northern Ireland data breach: ‘simple human error’ has significant implications

The Road Map To Sino-US Cyber Cooperation Requires Both Nations To Look In The Mirror

The Role of AI GPUs in Strengthening Internet Security

Threat intelligence’s key role in mitigating malware threats

UK Government Slammed For Encryption Mistruths

US cyber safety board to analyze Microsoft Exchange hack of government emails

US cyber safety board wants feds more involved in eliminating passwords

US government finally releases report on Lapsus$ gang

White House, CISA call for help with security of open source software

XWorm, Remcos RAT Evade EDRs to Infect Critical Infrastructure

Your data, your compensation: LifeLabs data breach victims eye $150 relief

10th August

37% of third-party applications have high-risk permissions

77% of financial firms saw an increase in cyberattack frequency

AMD and Intel CPU security bugs bring Linux patches

APT31 Linked to Recent Industrial Attacks in Eastern Europe

California city investigating data theft after ransomware group’s claims

Canadian businesses hit hard by data breach costs

Chinese hackers stole US government emails

CISA: New Whirlpool backdoor used in Barracuda ESG hacks

Cybercriminals Increasingly Using EvilProxy Phishing Kit to Target Executives

Dallas Approves $8.6M in Ransomware Response Payments

Derby City Council: Names and addresses accessed in UK electoral role cyber-attack

Dissident republicans claim to have PSNI data breach information as stolen laptop not recovered

Dissident republicans claiming to possess information from PSNI data breach, says Byrne

Does the White House’s National Cyber Workforce and Education Strategy Go Far Enough?

Electoral Commission: 'Sufficient protections not in place' to prevent data breach, regulator admits

Electoral Commission subject to cyber-attack

Email Phishing Tempts 33% of Employees to Click on Suspicious Links

Emerging Attacker Exploit: Microsoft Cross-Tenant Synchronization

Encryption Flaws in Popular Chinese Language App Put Users' Typed Data at Risk

Ernst & Young (EY) breach exposes Bank of America customer credit card numbers

ESET Unmasks Cyber-Espionage Group Targeting Embassies in Belarus

EvilProxy Campaign Fires Out 120,000 Phishing Emails

EvilProxy Cyberattack Flood Targets Execs via Microsoft 365

EvilProxy Phishing Kit Hits 100+ Firms, Bypasses MFA via Reverse Proxy

Ex-employee claims Paycom failed to protect against hacker's data breach of MOVEit software

Feds Seize Bulletproof Hosting Service ”Lolek Hosted”

Foreign diplomats targeted by Belarus MustacheBouncer hackers

Fresh Blow to PSNI Security as Second Data Breach Disclosed

Gafgyt malware exploits five-years-old flaw in EoL Zyxel router

German military procurement officer arrested on suspicion of spying for Russia

Gibraltar: GHA data breach - 273 patients affected

Global Atlantic Financial Group Notifies Customers of MOVEit Data Breach at Third-Party Vendor PBI

Hacker stole more than $6 million from New Haven Public Schools

How to repel ransomware using recent data

Incident Response: Your Company's ICU

Interpol Busts Phishing-as-a-Service Platform '16Shop,' Leading to 3 Arrests

Iranian cyber spies are targeting dissidents in Germany, warns intelligence service

Judo Bank and REX company caught in data breach

Learning from past healthcare breaches to fortify future cybersecurity strategies

LockBit targets Varian Medical Systems, threatens data leak

Michigan State University data breach linked to global ransomware attack

Microsoft 365 accounts of execs, managers hijacked through EvilProxy

Microsoft OneDrive a willing and eager 'ransomware double agent'

MoustachedBouncer hackers use AiTM attacks to spy on diplomats

Multiple zero days found affecting crypto platforms

National Institute of Standards and Technology (NIST) Expands Cybersecurity Framework with New Pillar

Need for stronger mobile carrier protections stressed in new Cyber Safety Review Board report

New .zip and .mov domains are a hacker's dream and a user’s nightmare

New Attack Alert: Freeze[.]rs Injector Weaponized for XWorm Malware Attacks

New Ransomware Threat Rhysida Linked to Notorious Vice Society Actors

New Statc Stealer Malware Emerges: Your Sensitive Data at Risk

New York Introduces First-Ever Statewide Cybersecurity Strategy

Northern Ireland police chief under pressure as officers fear for safety after data breach

Northern Ireland police chief urged to consider position over data breach

Northern Ireland's top police officer apologizes for 'industrial scale' data breach

Only 22% of Firms Have Mature Threat Intelligence Programs

Police Service of Northern Ireland discloses second data breach in as many days

Potent Trojans Targeting MacOS Users

Private network adoption grows as enterprises seek greater control and security

Pro Wrestling Tees data breach class action settlement

Protecting IoT: Addressing Connected Device Security

PSNI chief admits officers anxious and angry at data breach

PSNI data breach: Dissident republicans claim to be in possession of information about officers whose surnames and work locations were revealed

PSNI officers move in with relatives as data breach could cost police force £100m

PSNI reviewing claims that dissident republicans possess information from data breach

Q2 of 2023 saw a rise in spam calls featuring family impersonations

Ransomware Attacks: 20 Essential Considerations For Prep And Response

Regulator: “Harmful” Web Design Could Break Data Protection Laws

Reported ransomware attacks double as AI tactics take hold

Rhysida ransomware - what you need to know

Security leaders chime in on new Securities and Exchange Commission (SEC) disclosure rules

Takeovers of MFA-protected accounts increase, as Microsoft 365 phishing campaign shows

US should crack down on SIM swapping following Lapsus$ attacks

Vulnerability management, its impact and threat modeling methodologies

We know the risks of policing Northern Ireland, but this data breach exposes us as never before

White House Holds First-Ever Summit on Ransomware Crisis Plaguing Public Schools

Zero-Day Flaws an Evolving Weapon in Ransomware Groups’ Arsenals

9th August

Adobe releases patches for dozens of vulnerabilities affecting suite of programs

Adopted children's names were disclosed on Scotland's People website

An Overview of the New Rhysida Ransomware Targeting the Healthcare Sector

Attackers use EvilProxy phishing kit to take over executives’ Microsoft 365 accounts

Attackers using AI in ransomware campaigns

Balada Injector still at large – new domains discovered

Breach Connected to MOVEit Flaw Affects Missouri Medicaid Recipients

China-Linked Hackers Strike Worldwide: 17 Nations Hit in 3-Year Cyber Campaign

Collide+Power, Downfall, and Inception: New Side-Channel Attacks Affecting Modern CPUs

Cyber fraudster jailed over internet scam that provoked suicide

Data exfiltration is now the go-to cyber extortion strategy

Dell Compellent hardcoded key exposes VMware vCenter admin creds

Downfall attacks can gather passwords, encryption keys from Intel processors

Eight Ransomware Containment Best Practices

Electoral Commission and PSNI data breaches: what we know so far

Electoral roll cyber attack could have been work of China, Iran or North Korea

EvilProxy phishing campaign targets 120,000 Microsoft 365 users

Good news for fraudsters: we cannot reliably detect speech deepfakes

Google to fight hackers with weekly Chrome security updates

Hackers use open source Merlin post-exploitation toolkit in attacks

High-Severity Access Control Vulnerability Found in Spring WebFlux

How safe is my data after a hack or leak?

Intel Responds to ‘Downfall’ Attack with Firmware Updates, Urges Mitigation

Internal Revenue Service (IRS) confirms takedown of bulletproof hosting provider Lolek

INTERPOL Dismantles Infamous ’16shop’ Phishing-as-a-Service Platform

Interpol takes down phishing-as-a-service platform used by 70,000 people

Large-user applications vulnerable to dependency confusion attacks

LockBit Ransomware Group Threatens to Publish Stolen Cancer Patient Data

Malicious Campaigns Exploit Weak Kubernetes Clusters for Crypto Mining

Michigan State University says third-party data breach could impact MSU community

Microsoft accounts targeted by EvilProxy phishing kits

Microsoft Patches 80+ Flaws Including Two Zero-Days

Microsoft Releases Patches for 74 New Vulnerabilities in August Update

Missouri says some Medicaid health information was compromised in MOVEit breach

Missouri warns that health info was stolen in IBM MOVEit data breach

‘Monumental’ data breach exposes names of entire Northern Ireland police force

New BitForge cryptocurrency wallet flaws lets hackers steal crypto

New Zero-Day Vulnerabilities Could Instantly Drain Crypto Wallets

Northern Ireland police data breach: PSNI officers left 'incredibly vulnerable' due to human error

Northern Ireland police data breach: Why is the information leak so serious and why do some officers feel vulnerable?

Northern Ireland police data breach is second in weeks, force reveals

Northern Ireland police expose details of all officers in ‘monumental’ data breach blaming 'human error'

Northern Ireland police may have endangered its own officers by posting details online in error

Northern Ireland Police Officers Vulnerable After Data Leak

Northern Ireland police under further pressure as they investigate second data breach

Northern Ireland’s chief constable fights to save job after ‘very serious’ data breach

Northern Irish police accidentally exposes data of all its staff

Notorious Phishing-as-a-Service Platform Shuttered

Novel ‘Inception’ Attack Exposes Sensitive Data in CPUs

Organizations concerned about enterprise security from unsafe VPNs

Paracetamol maker Granules India' Q1 profit hurt by cyber attack disruptions

Phishing platform 16shop shut down

Police Security Breach Rattles Northern Ireland’s Security Landscape

Popular Chinese-language service Sogou exposed to ‘eavesdropper,’ report says

Popular open source project Moq criticized for quietly collecting data

Pro-Russian hackers claim attacks on French, Dutch websites

Prospect Medical hospitals still recovering from ransomware attack

PSNI: How did the police data breach happen?

PSNI data: Police investigate second breach after documents stolen

PSNI data breach: 'Family fears for my safety as a police officer'

PSNI staff ‘shocked and angry’ after data breach

Recent ransomware attacks share curiously similar tactics

Regulators fear Russia could access Yandex taxi data from Europe, Central Asia

Rhysida Ransomware Analysis Reveals Vice Society Connection

Rhysida ransomware behind recent attacks on healthcare

Russia Tipped As Prime Suspect Over Huge Cyber Attack On UK Electoral Commission

Rust-Based Injector Deploys XWorm and Remcos RAT in Multi-Stage Attack

Shocked wife of Northern Ireland police officer says they are 'living in fear' after data breach

TD Ameritrade reveals that MOVEit attacks exposed thousands

Tencent trouble: millions at risk of spying on Chinese language app

The ransomware rollercoaster continues as criminals advance their business models

TWO data breaches that defy belief: Details of more than 40 MILLION voters are exposed in a cyber attack on the electoral roll while the name of EVERY police officer in Northern Ireland is published in error

U.K. Electoral Commission Breach Exposes Voter Data of 40 Million Britons

UK: What data was accessed? Is my name and address online? Your questions answered after electoral roll cyber attack sees the details of more than 40 million people leaked

UK explains likelihood of catastrophic cyberattacks - and its response plans

UK Electoral Commission suffers years-long cyber attack

Washington School District Targeted by Phishing Scam

What to know about Police Service of Northern Ireland (PSNI) ‘major data breach'

Why we Need to Manage the Risk of AI Browser Extensions

Will data backups save you from ransomware? Think again

8th August

5 Tips To Secure Your Crypto From Getting Hacked In 2023

2022’s Most Exploited Vulnerabilities: Insights and Future Preparedness

American National Insurance Company Experiences Data Breach Affecting Consumers’ Social Security Numbers

Apple Users See Big Mac Attack, Says Accenture

Australia: New warning issued by government over PayPal invoice scam

Australia’s Banking Industry Mulls Better Cross-Collaboration to Defeat Scam Epidemic

Average Cost of a Data Breach Has Reached an All-Time High: IBM Report

BAE offers advice to those hit by Capita cyber attack

Brits urged not to take photos of boarding passes at the airport over security risk

Canada: Hog farm targeted by ransomware

China hacked Japan’s sensitive defense networks, officials say

Chinese hackers targeted at least 17 countries across Asia, Europe and North America

CISA joins partners to warn of routinely exploited vulnerabilities

Collaboration between public and private sectors is crucial for defence against cyber threats

Colorado Department of Higher Education (CDHE) discloses massive data breach impacting students and teachers after a ransomware attack

Cryptomining and Malware Flourish on Misconfigured Kubernetes Clusters

Cyber attack: A detrimental hurdle for ‘Smart Bangladesh’

Cyber attack cost Interserve more than £11 million

Cyber attack paralyzes Israeli hospital's computer systems

Cybersecurity Tips to Protect Your Phone from Hackers

Department of Homeland Security (DHS) grants $375 million to boost state and local government cyber resilience

Education department in US state reveals data breach spanning 16 years

Electoral Commission apologises for data breach affecting millions of voters

Electoral Commission targeted by 'hostile actors' in cyber attack as hackers access millions of name and address details

Elections watchdog issues data warning after cyber attack

Elections watchdog reveals it was hit by cyber attack

Electoral Commission apologises for security breach involving UK voters’ data

Electoral Commission reveals it was targeted by cyber attack in 2021 with hackers accessing name and address details of anyone registered to vote

EvilProxy Phishing Campaign Targets High-Level Executives

ExtraHop reveals financial impact of high-profile data breaches

Fears for police officers’ safety after catastrophic data breach in Northern Ireland

Financial sector saw an 80% increase in interactive intrusions

Freedom Debt Relief, LLC Files Notice of Data Breach Affecting an Unknown Number of Consumers

GDPR compliance is not cybersecurity, says analyst

German Firms Scramble to Outwit Cybercriminals

Getting the best possible outcome in ransomware negotiation

Hospitals’ data breach risk doubles just before and after Mergers and Acquisitions (M&A), research finds

Hospitality staffer breach exposed over 100,000 people

‘Hostile actors’ hacked UK electoral register, accessed ‘high volume’ of data

Identity Compromise the Cause of Most Breaches

Instagram Scam Alert: Fake/Cloned Accounts Reaching Out To You On DMs? Here’s What You Should Do

Israeli hospital redirects new patients following ransomware attack

Israeli Hospital Under Cyber Attack

Japan refuses to confirm if China hacked its defence networks

Joint Advisory Warns of Threat From IDOR Vulnerabilities

KnowBe4 Phishing Test Results Reveal Half of Top Malicious Email Subjects Are Human Resources Related

LOLBAS in the Wild: 11 Living-Off-The-Land Binaries Used for Malicious Purposes

Managing human cyber risks matters now more than ever

Miami law firm subject of data breach

Microsoft August 2023 Patch Tuesday warns of 2 zero-days, 87 flaws

Microsoft Office update breaks actively exploited RCE attack chain

Microsoft Visual Studio Code flaw lets extensions steal passwords

Mutual of Omaha Rx Reports Data Breach Leaking Confidential Member Information

New IAM Research by Stack Identity Finds Machine Identities Dominate Shadow Access in the Cloud, Revealing Easy Attack Vector for Hackers

New Phishing Campaign Targets Users of the Chat GPT App

New Study Backs An Identity-First and Inside-Out Approach to Cloud Security

New Yashma Ransomware Variant Targets Multiple English-Speaking Countries

North Korean Hackers Compromise Russian Missile Maker

North Korean hackers had access to Russian missile maker for months, say researchers

Over 200 Million Brits Have Data Compromised in Four Years

Pentagon confident on sharing intelligence with Japan despite China hacking report

Phishing-resistant authentication a key to breach prevention

Positive Technologies reveals 10 worst cyberattacks in the Middle East in the last 18 months

Probe launched into cyber-attack on UK’s election registers

Prospect Medical Holdings said cyber attack impacted multiple hospital networks

PSNI: Major data breach identifies thousands of officers and civilian staff

PSNI apologises to officers and civilian staff after major data breach lasted nearly three hours

PSNI data breach: 'Dismay and anger' from Police Federation over information dump

PSNI data breach: security blunder could do 'incalculable damage' says Police Federation

PSNI respond to major data breach which identified thousands of officers

PSNI staff and civilians affected in ‘major data breach’

PSNI staff details leaked in "monumental" data breach

Qatar’s public hit with fraudulent investment calls amid rise in cyber scams

'Ransomware ecosystem is evolving with wide range of attack campaigns'

Ransomware Threat Activity Cluster Uncovered

Ransomware Victims Surge as Threat Actors Pivot to Zero-Day Exploits

Russia ‘tops list of suspects’ in cyber attack which exposed data of 40 million UK voters

Say goodbye to SMS 2FA – we won’t see it around much longer

Seasoned cyber pros are more complacent in their skills than junior staff

Sophos Uncovers New Connections Between Hive, Royal, and Black Basta Ransomware

'Successful' cyber attack on elections body put details of more than 40 million voters at risk

Tampa General Hospital faces suit over data breach

Tampa General Hospital Sued Over Data Breach

Tax Professionals Warn to Stay Vigilant Against Phishing and Cloud-based Attacks

The dark side of the cloud: How cloud is becoming prey to sophisticated forms of cyber attack

The Rhysida Ransomware: Activity Analysis and Ties to Vice Society

Two-Thirds of UK Sites Vulnerable to Bad Bots

UK Electoral Commission Admits Major Data Breach Spanning Over a Year

UK Think Tank Proposes Greater Ransomware Reporting From Cyberinsurance to Government

UK voter data hacked in cyber attack on election watchdog

UK Voters’ Data Exposed in Electoral Commission Cyber-Attack

UK voters exposed to cyber attack after Electoral Commission is hacked by ‘hostile actors’

Ukraine says it thwarted attempt to breach military tablets

Understanding Active Directory Attack Paths to Improve Security

Vietnamese-Origin Ransomware Operation Mimics WannaCry Traits

Will Securities and Exchange Commission (SEC) Cybersecurity Regulations Make a Difference?

Zero-day, one-day vulnerabilities led to over 200% increase in ransomware attacks

7th August

A New AI-Driven Cyberattack Can Steal Your Data Just By Listening to You Type

After Prospect Medical cyberattack, ransomware remains a big problem for big health systems

AI Flagged as “Chronic Risk” in UK Government’s Risk Register 2023 Report

AI Model Listens to Typing, Potentially Compromising Sensitive Data

All versions of Ivanti product affected by vulnerability used in Norway gov’t attack

Anatomy of a Black Basta Ransomware Attack on BankCard USA

As cars hoover up more and more driver data, is it time to regulate the industry?

Australians increasingly concerned about online privacy after high-profile cybersecurity breaches

Bangladeshi hacker group targeting these sectors in India, claims report

Behind the Scenes of a Tailor-Made Massive Phishing Campaign

Budget constraints threaten cybersecurity in government bodies

ChatGPT Security Concerns: Credentials on the Dark Web and More

CISA Outlines Plan to Get Ahead of Cyberthreat Groups

Clop Gang Offers Data Downloads Via Torrents

Colorado education department admits data breach

Colorado Education Department Suffers Ransomware Breach

Colorado Warns Ransomware Attack Caused Massive Data Breach

Criminal Actors Posing As NFT Developers in Crypto Phishing Scams, Warns FBI

Curve Finance Hacker Returns Incomplete Funds, Firm Offers Bounty To Identify Hacker

Elite North Korean Hackers Breach Russian Missile Developer

FBI Alert: Crypto Scammers are Masquerading as NFT Developers

FBI Warns Against Criminals Posing as NFT Developers

Feds investigate data breach at Johns Hopkins

Five most common cybersecurity vulnerabilities in 2023

Five Tips To Avoid, Manage And Respond To A Cyber Attack

Google Play apps with 2.5 Million installs load ads when screen's off

Google Play Infiltrated by 43 Android Apps with Adware

Hackers accessed 16 years of Colorado public school student data in June ransomware attack

Hackers increasingly abuse Cloudflare Tunnels for stealthy connections

HC3 Sounds Alarm About Rhysida Ransomware Group

Hospitals deal with ransomware fallout: 5 Prospect Medical updates

Hospitals' risk of data breach doubles just before, after a merger deal, research shows

How an 8-Character Password Could be Cracked in Just a Few Minutes

How To: Challenge Deepfake Fraud

Indiana University Health Reports Data Breach Stemming from Incident at TMG Health

Insider Threat: fugitive hacker breaches US Customs-controlled shipyard

Invisible Ad Fraud Targets Korean Android Users

Is Cybersecurity Having an Identity Crisis?

Keystroke sounds can betray passwords

Lazarus hack Russian missile maker as Moscow pleas for shells

LetMeSpy Android Spyware Service Shuts Down After Data Breach

LetMeSpy spyware maker shuts down over data breach

LockBit threatens to leak cancer patient medical data

Mallox Ransomware Group Revamps Malware Variants, Evasion Tactics

Medibank, Optus hacks hurt, but Aussies still at risk

Moscow civil servant and politicians’ addresses leaked say pro-Ukrainian attackers

New 'Deep Learning Attack' Deciphers Laptop Keystrokes with 95% Accuracy

New Malware Campaign Targets Inexperienced Cyber Criminals with OpenBullet Configs

New SkidMap Redis Malware Variant Targeting Vulnerable Redis Servers

North Korean hackers 'ScarCruft' breached Russian missile maker

North Korean Hackers Targets Russian Missile Engineering Firm

North Korean state-backed hackers breached major Russian missile maker

Organizations Detecting Ransomware Decline as the Volume and Impact of Targeted Attacks Continue to Rise

PaperCut fixes bug that can lead to RCE, patch quickly! (CVE-2023-39143)

Patients scramble after Eastern Connecticut Health Network (ECHN) cyberattack shuts emergency rooms, delays appointments

Personal Data Might Have Been Accessed During Dallas Ransomware Attack

Precision Anesthesia Billing, LLC Files Notice of Data Breach Affecting Over 209k Individuals

Protecting your data center from the ransomware menace

Ransom attack forces multiple US hospitals to suspend services in northeast

Ransomware victim numbers surge as attackers target zero-day vulnerabilities

Research Eyes Misconfiguration Issues At Google, Amazon and Microsoft Cloud

Researcher Exposes Cryptocurrency Scam Network of 300 Domains

Residents raise alarm on scams as Qatar faces 88% increase in phishing attacks

Russia scrambles to hide sensitive data from investigative journalists

Russian Hacktivists Overwhelm Spanish Sites With DDoS

Steadefi Hit With Exploit: ‘All Funds Are Currently at Risk’

SUNY Broome impacted by statewide data breach

Suspected Vietnamese hacker targets Chinese, Bulgarian organizations with new ransomware

Tennessee Heart Clinic Data Breach Impacted 170,000 Patients

Threat of Side-Channel Attacks Increases with Deep-Learning Model

Two arrested for stealing ₹1 crore from Noida firm after phishing mail

Ukrainian state agencies targeted with open-source malware MerlinAgent

Unmasking the threat: Navigating the perils of phishing attacks

US hospital network hit with ransomware attack

US Primary Care Services Shuttered After Cyber-Attack

US suffers 49.8 Million leaked accounts in Q2

What is the dark web? Everything you need to know before you access it

White House announces K-12 cybersecurity plans

White House rolls out millions in funding to combat K-12 cyberattacks

White House to roll out array of cyber initiatives to bolster K-12 defenses