Editor's Message
Welcome to DBD. On March 8th we celebrated our 4th Anniversary and the 1st Anniversary of our PRiSM application, officially endorsed by the SANS Institute. Despite recent personal issues that have impacted the amount of time I have been able to dedicate to both projects, I have been doing my best to keep everything as up-to-date as possible, and I would like to take this opportunity to thank everyone for their patience and support whilst I navigate through this very difficult time. Stay safe. :)
Wednesday 27 September 2023
Monday 25 September 2023
Data Breaches Digest - Week 39 2023
Welcome to this week's Data Breaches Digest, a catalogue of links concerning Data Breaches and Cyber Security that were published on the Internet during the period between 25th September and 1st October 2023.1st October
Are recent cyberattacks a result of a worker shortage?
Bermuda: Government Update On Services Following Cyber-Attack
BlackCat gang claims they stole data of 2.5 million patients of McLaren Health Care
FTX Hacker Moves New 7,500 ETH Taking Total Tranche to 22,500 Units
Meet LostTrust ransomware - A likely rebrand of the MetaEncryptor gang
New Marvin attack revives 25-year-old decryption flaw in RSA
PlayStation owners urged to make simple five-step check to keep accounts safe following Sony cyberattack claims
Royal Family website crashes after it is 'targeted by Russian hackers in cyber attack'
Royal family website hit by cyber attack
Royal family website ‘targeted in Russian cyber attack’
Royal Family's official website targeted in cyber attack
Royal website goes down after being targeted by cyber attack
Russian hacker takes down Royal Family's official website in cyber 'attack'
Russian hacker takes Royal Family's website down in cyber 'attack'
Russian hackers claim responsibility for cyber attack on official Royal Family website
UK royal website targeted in cyber attack
30th September
Apple, Microsoft, and Google Just Fixed Multiple Zero-Day Flaws
Cloudflare DDoS protections ironically bypassed using Cloudflare
Cybersecurity threats on the rise in Việt Nam's SMB sector
Don’t take the bait when it comes to phishing!
FBI issues warning on Phantom hacker scams – don’t fall for it
FBI Warns of Rising Trend of Dual Ransomware Attacks Targeting U.S. Companies
FBI warns phantom hacker scams are emptying financial accounts — how to stay safe
Iranian APT Group OilRig Using New Menorah Malware for Covert Operations
New BEC 3.0 Attack Exploiting Dropbox for Phishing
New Critical Security Flaws Expose Exim Mail Servers to Remote Attacks
Surge in Ransomware Attacks: Experts Advise UK SMEs to Strengthen Cybersecurity
US, Japan authorities warn of China-linked hacking group BlackTech
29th September
5 strategies for advocating for a security budget increase
14 Pinal County school districts hit with ransomware attack to payroll system
Admins urged to quickly patch holes in WS_FTP file transfer server
AI Phishing Attacks Illustrate the Importance of Employee Awareness
Alleged Iranian hackers target victims in Saudi Arabia with new spying malware
Auckland Transport (AT) Website Issues Due To Ransomware Incident
Australia's Energy One says no proof of malicious activity after cyber incident
Bermuda: Several notorious gangs behind cyberattacks
Bermuda slowly bringing operations back online following major cyberattack
Beware of Phishing via Dropbox
Billions of usernames and passwords leaked online - what you should do right now
Bing Chat is reportedly serving ads pushing malware
Booking.com users targeted in large-scale phishing campaign, warns security firm
Booking.com customers targeted in major new phishing campaign
Capital One data breach settlement payments have started
Censys Reveals Open Directories Share More Than 2,000 TB of Unprotected Data
Chinese Hackers Stole 60,000 US State Department Emails from Microsoft
CISA, NSA, FBI and Japan warn of BlackTech, People’s Republic of China (PRC)-linked cyber activity
Cisco Warns of Vulnerability in IOS and IOS XE Software After Exploitation Attempts
City of Dallas sets aside $8.5m to respond to a devastating Royal ransomware attack
Cyberattack on Australia-based telemarketing group put donor data on dark web
Cybercriminals Using New ASMCrypt Malware Loader Flying Under the Radar
Cybersecurity budgets show moderate growth
Cybersecurity in the Healthcare Industry: Safeguarding Patient Data
Dark Angels ransomware group claims major attack on Johnson Controls, demands a $51m ransom
Diverse threat intelligence key to cyberdefense against nation-state attacks
Dozens of Mullvad VPN accounts discovered on the dark web
Eastern Gateway Community College (EGCC) Among Colleges Affected by Data Breach
Edinburgh Trams website attacked by Russian group for supporting Ukraine
Education, Health Officials Want More Help Mitigating Ransomware Attacks
Endpoint security: How to protect end users from themselves
Exploit released for Microsoft SharePoint Server auth bypass flaw
FBI warns energy sector of likely increase in targeting by Chinese, Russian hackers
Federal Shutdown Raises Cybersecurity Risks, Experts Warn
Financial crime compliance costs exceed $206 billion
Generative AI Poses Risks, But Outright Bans Aren’t The Best Solution
Hong Kong Laureate Forum hit by ransomware attack
How generative AI is enabling cyber criminals
How should organizations navigate the risks and opportunities of AI?
How To Avoid Facebook & Facebook Marketplace Scams in 2023
How to avoid government shutdown-related scams, phishing attempts
Initial Access Broker Targeting Organizations With Microsoft Teams Phishing Attacks
InterPlanetary File System (IPFS) Malware And Phishing Kit Cyberattacks Increase To Epidemic Proportions
Iranian hackers hijacked websites to target Israelis in new attacks
Is Your Private Information on the Dark Web?
Israel allows police to use Pegasus spyware to probe killings of Palestinian citizens
Johnson Controls cyberattack disrupting operations, may involve sensitive Department of Homeland Security (DHS) info
Johnson Controls Ransomware Hijack Could Contain Sensitive DHS Information
Large Michigan healthcare provider confirms ransomware attack
Lazarus APT Exploiting LinkedIn to Target Spanish Aerospace Firm
Lazarus Group Impersonates Recruiter from Meta to Target Spanish Aerospace Firm
Lazarus hackers breach aerospace firm with new LightlessCan malware
Major Cyber Attack Targets Global Companies, Reveals Online Security Issues
Malicious ads creep into Bing Chat responses
Malicious Ads Infiltrate Bing AI Chatbot in Malvertising Attack
Methods To Protect Yourself From Identity Theft
Microsoft Breach Exposed 60,000 State Department Emails
Microsoft's AI-Powered Bing Chat Ads May Lead Users to Malware-Distributing Sites
Microsoft’s Bing AI Faces Malware Threat From Deceptive Ads
Misconfigured World Baseball Softball Confederation (WBSC) server leaks thousands of passports
Millions of Exim mail servers exposed to zero-day RCE attacks
More than 3.8 billion records exposed in DarkBeam data leak
MOVEit Developer Patches Critical File Transfer Bugs
MOVEit maker warns of new critical bug affecting thousands
Mozilla Rushes to Fix Critical Vulnerability in Firefox and Thunderbird
Netflix Taken Down by Hackers Over LGBTQ+ Content
New Age Phishing Threats and How to Plan Ahead
No evidence yet of personal data breach in Bermuda cyberattack
North Korean government hackers targeted aerospace company in Spain
North Korean hacker group Lazarus amasses $46m in digital assets
North Korean Hackers Posing As Facebook Recruiters Hit Job Hunters With Malware
Organizations Detecting Ransomware Decline as the Volume and Impact of Targeted Attacks Continue to Rise
"Phantom Hacker" Scams Target Senior Citizens and Result in Victims Losing their Life Savings
PhilHealth network breach bound to happen
Philippine State Insurer Experiences Ransomware Attack on IT System
Phishing, Smishing Surge Targets US Postal Service
Pinal County schools affected by ransomware attack
Plot twist? Younger generations actually ‘more likely’ to fall for scams than elders
Post-Quantum Cryptography: Finally Real in Consumer Apps?
Privacy Regulator Orders End to Spreadsheet FOI Responses
Progress Software Releases Urgent Hotfixes for Multiple Security Flaws in WS_FTP Server
Ransomware gangs destroying data, using multiple strains during attacks
Rugby World Cup highlights needs for cybersecurity
Russian Company Offers $20m For Non-NATO Mobile Exploits
School admits serious data breach after details of pupil's suspension are emailed to parents
Security leaders discuss implications as Sony investigates recent cyber attack
Seven scams to watch out for as criminals find new ways to trick you out of your cash
ShinyHunters member pleads guilty to $6 million in data theft damages
Should your business worry about North Korean cyber attacks?
Sophisticated Ransomware Calls for Sophisticated Protection and Recovery
Tahoe Forest Hospital District notifies patients of data breach
The changing face of cybersecurity threats in 2023
The Disturbing Trend of Cloud-Based DDoS Attacks: Steps for Protection
The Role of DNS in Email Security
The Search for Certainty When Spotting Cyberattacks
Top 4 threats targeting small and medium business in Southeast Asia (SEA)
Top 5 Actionable Cybersecurity Tips for Financial Institutions
UK SMEs Report Rise of Cyberattacks, with Staff Being Significant Risk to Company’s Online Security Framework
United States and Japan Warn about Chinese Hackers Infiltrating Cisco Routers
Unraveling the Johnson Controls Ransomware attack: Dark Angels wants $51 million
US Healthcare Industry Top Target of Cyber Attacks
USA: Shutdown is a hacker’s delight
USAA, Adobe, Walmart and MORE: Top Scams of the Week
Video Encoding Library Leaves Chrome, Firefox and More Open to Zero-Day Attack
VMware users anxious about costs and ransomware threats
Vulnerabilities Found In Another Progress Software File Transfer App
What Is A Crypto Phishing Scam and How Can You Spot One?
ZenRAT Malware Targets Windows Users Via Fake Bitwarden Password Manager Installation Package
28th September
4 Legal Surprises You May Encounter After a Cybersecurity Incident
2022 US Cyber insurance premium surge, but CL0P/MOVEit attack threat looms in 2023
A Guide to Zero-Day Vulnerabilities and Exploits for the Uninitiated
Aeroflot, other airlines’ flights delayed over DDoS attack
Alleged Sony Cyberattack by New Ransomware Group Sparks Controversy
Android Banking Trojan Zanubis Evolves to Target Peruvian Users
Asian banks are a favorite target of cybercooks, and malicious bots their preferred tool
Bermuda public officers to receive salaries despite cyber attack
Billions of passwords and email addresses have been leaked online - so change your logins now
Bing Chat responses infiltrated by ads pushing malware
Booking.com Customers Targeted in Major Phishing Campaign
Budworm APT Evolves Toolset, Targets Telecoms and Government
Budworm hackers target telcos and government orgs with custom malware
Businesses disconnected from realities of API security
China-Linked Budworm Targeting Middle Eastern Telco and Asian Government Agencies
China's BlackTech Hacking Group Exploited Routers to Target U.S. and Japanese Companies
Chinese Hackers Steal 6,000 Sensitive Emails From 10 Employees Of US State Department
Chrome Patches 0-Day Exploited by Commercial Spyware Vendor
Chrome users need to watch out for fake update prompts
Cisco Catalyst SD-WAN Manager flaw allows remote server access
Cisco urges admins to fix IOS software zero-day exploited in attacks
Community First Medical Center Suffers 216K-Record Data Breach
Consultancy Issues Alert About QR Code Phishing
Critical Chrome Update Counters Spyware Vendor’s Exploits
Critical Cisco WAN Manager Vulnerabilities Let Attacker Conduct DoS Attack
Cyberattacks hit military, Parliament websites as India hacker group targets Canada
Cyberattacks on health care industry growing
Dark Angels Team ransomware group hit Johnson Controls
Department of Defense overhauls cyber strategy: Experts weigh in
Department of Homeland Security (DHS) investigating whether floor plans and other security information were exposed in ransomware attack on contractor
Department of Information and Communications Technology (DICT) restoring PhilHealth systems affected by ransomware
Domestic abuse victims at risk over data breaches
Edinburgh trams targeted by ‘cyber attack’ as fears grow over Russian hackers
Edinburgh Trams website offline following 'cyber-attack'
Exiled Russian Meduza Journalist Claims Being Hacked by European State with Pegasus Spyware
Expert advice to protect schools and students from ransomware attacks
FBI: Dual ransomware attack victims now get hit within 48 hours
Francesca’s Acquisition, LLC Provides Notice of Data Breach to 58k Individuals
Francesca's says January data breach impacted over 58,000 customers
Game Over for Cyber Fraudsters: GV Football Scam Busted, China Link Exposed
GitHub Repositories Hit by Password-Stealing Commits Disguised as Dependabot Contributions
Google Catches Surveillance Company Exploiting Serious Flaw in Chrome
Google Patches Chrome Zero-Day Used in Spyware Attacks
GPS Spoofing Raises Alarms
Guide to ransomware and how to detect it
Halifax customers being targeted by new email scam that could drain your bank account
Healthcare industry ranks in top 10 for client data leaks
Honeywell facing multiple lawsuits over data breach
How Can Energy & Utility Companies Detect Hardware and Software Vulnerabilities in Their Networks?
How to avoid the 4 main pitfalls of cloud identity management
How To Implement Zero Trust: Best Practices and Guidelines
In just 3 months, this data breach has compromised nearly 900 institutions
Infusion Firm Faces Lawsuit After Hackers Hit Parent Company
KnowBe4 Finds U.S. Healthcare a Top Target For Cyber Attacks
Making cybersecurity part of the Middle East’s DNA
Marsh McLennan Asks Court to Revisit Data Breach Ruling to Avoid Flood of Litigation
MFA Bombing: Everything You Need to Know
MGM class action claims data breach exposed sensitive customer information
Microsoft breach led to theft of 60,000 US State Dept emails
Microsoft Data Leak - Are You at Risk?
Misconfigured World Baseball Softball Confederation (WBSC) server leaks thousands of passports
Mobile cyber threats rising in Nigeria, others
Mobile threats in the Middle East, TĂ¼rkiye, Africa region rise in Q2 2023
MOVEit maker announces new critical vulnerability affecting a different file transfer tool
Navigating Data Breach Claims
Need To Mitigate Rising Cyber Incidents In Africa
New GPU Side Channel Vulnerability Impacts GPUs from Intel, AMD, Apple & Nvidia
NordLocker survey reveals: 50% of respondents face cyberattacks yearly - employers blame employees
OpenSea User Data Breach Alert: Essential Steps To Take
Passkeys Explained: How They Work, And Why You Should Use Them
PHH Mortgage Notifies Consumers of a Recent Data Breach That Leaked Their Social Security Numbers
PhilHealth website services 'likely' back to normal soon
Phishing bank scams in Australia: How to protect your business
Pro-India Hacker Group Claims Responsibility for Cyberattack on Canadian Forces Website
Progress warns of maximum severity WS_FTP Server vulnerability
Ransomware group demands $51 million from Johnson Controls after cyber attack
Ransomware groups are shifting their focus away from larger targets
Ransomware Insurance Claims From Businesses Hit Historic High
Recent Hack Sees HTX Lose $8 Million, Binance's CEO Offers Expertise
Reporting Cryptocurrency Scams: Your Guide to Taking Action
Rhysida ransomware group claims major cyber attack on Kuwait's Ministry of Finance
Risk-Based Vulnerability Management for Efficient Security
Royal HZPC Group takes steps forward after cyber attack
Russian flight booking system suffers ‘massive’ cyberattack
Russian state hackers attempted to block Ukrainians from opening US bank accounts
Security researcher stopped at US border for investigating crypto scam
Senior managers are more likely to click on phishing emails
South Yorkshire residents warned to be alert of telephone fraudsters
Study Reveals Conti Affiliates Money Laundering Practices
Supply Chain Attackers Escalate With GitHub Dependabot Impersonation
Suspected China-based hackers target Middle Eastern telecom, Asian government
Tesla class action claims data breach exposed employee info
The anatomy of a Facebook account heist
The Disturbing Trend of Cloud-Based DDoS Attacks: Steps for Protection
The hidden costs of neglecting cybersecurity for small businesses
This devious phishing scam makes it look like dodgy emails are actually safe
Tips for Small Businesses to Stay Cyber-Safe
Types of Adversarial Machine Learning Attacks and How To Overcome Them
U.S. Businesses See Cyberattacks Tick Down–But They’re Still At Unsustainably High Level
UK data regulator warns that data breaches put abuse victims’ lives at risk
UK Logistics Firm Forced to Close After Ransomware Breach
University of Illinois provides update on earlier ransomware attack
Unpatched Cisco Catalyst SD-WAN Manager Systems Exposed to DoS Attacks
Update Chrome Now: Google Releases Patch for Actively Exploited Zero-Day Vulnerability
US: China’s BlackTech Group Hacks Cisco Firmware in Cyberattacks
US and Japan Warn of Chinese Router Attacks
US businesses see cyberattacks decrease; Still too high to sustain
US Lawmaker: Government Shutdown Will Leave Americans Exposed to Cyber-Attacks
US State Department emails stolen by Chinese hackers in Microsoft leak, staffer says
US, Japan Warn of New China Hacker After ‘60,000 Emails Stolen’
Wakefield Council data breach put mum and children at risk
Web application & API attacks surge in Asia Pacific and Japan (APJ) financial sector
Why cyber risk policies don’t deserve their sticky reputation
Why Trust Is Key In Cybersecurity: Analyzing The MOVEit Ransomware Attacks
Yet another Chrome zero-day exploited in the wild! (CVE-2023-5217)
27th September
40% of U.S. security leaders cite malware as threat focus
Ahmedabad: Cop held for leaking data to help unethical hacker extort money
Are you one cyber breach away from insolvency?
Attacks on European Financial Services Double in a Year
Baruch College: ‘No evidence’ of personal data compromised in malware attack
BEC Attacks Increase By 279% in Healthcare
Behind the Screens: Are Your Text Messages Safe from Hackers?
Bermuda government departments and services paralysed by a significant cyber attack
Browser-in-the-Browser (BitB) Attack Takes Advantage of Single-Sign-On Trust
Building automation giant Johnson Controls hit by ransomware attack
CareSource Facing Multiple Class Action Lawsuits Over MOVEit Data Breach
ChildFund NZ discloses third-party breach
Clorox Cyber Attack to Cause Product Shortages, Impact First Quarter Results
Cost of a data breach 2023: Geographical breakdowns
Critical infrastructure: Beyond just cyber security
Critical libwebp Vulnerability Under Active Exploitation - Gets Maximum CVSS Score
Cyber threats remain top concern for businesses in 2023: Travelers Risk Index
Cyber-Attacks on Ukraine Surge 123%, But Success Rates Plummet
Cyber-risk at live sporting events is growing
Cybersecurity Mistakes That Have Nothing To Do With Technology - And How Companies Can Fix Them
Dallas: Royal ransomware gang infiltrated networks weeks before striking
DarkBeam leaks billions of email and password combinations
David Walliams Sues Britain's Got Talent Producers Over Data Breach
Debt Collection Company LCS Financial Services Files Notice of Data Breach
Endpoint detection and response (EDR) saves the day for faster response to cyber attacks
Fake Bitwarden installation packages delivered RAT to Windows users
Fake Bitwarden Password Manager Website Drops Windows ZenRAT
Fake Bitwarden sites push new ZenRAT password-stealing malware
Florida city duped out of $1.2M in simple BEC scam
GitHub repos bombarded by info-stealing commits masked as Dependabot
Google “confirms” that exploited Chrome zero-day is actually in libwebp (CVE-2023-5129)
Google Indexed Trove of Bard AI User Chats in Search Results
Hacker Stole $200 Million in Cryptocurrency from Mixin Network
High number of security flaws found in EMEA-developed apps
How do you know if your business is protected enough against the rising tide of cybercrime?
How do you spook cyber criminals?
How to prevent pesky compromised endpoints
How to Store Employee Information Safely
Huron Perth Healthcare Alliance (HPHA) patients may be affected by provincial data breach
IBM and Johnson & Johnson Health Care Systems Sued Over August 2023 Data Breach
Improving Communication Could Strengthen Federal Efforts to Prevent the Next Major Cyberattack
Is your home office cyber safe?
JetBrains Patches Severe TeamCity Flaw Allowing RCE and Server Hijacking
Justin Sun Offers 5% Reward for Hackers That Stole $8,000,000 From Crypto Exchange HTX
Kannact says March data breach impacted more than 117,000 individuals
Kenya: Three Entities Fined over Sh9 Million for Data Breach
Kingston Police warn of top-level domain phishing attacks
Kuwait: Cyber attack involved unauthorized duplication of records
Lack of cyber education leaves SMEs vulnerable to cyberattacks
Lateral Movement: What Every Business Should Know
Leading CISO Creates Model for Ransomware Payment Decisions
Lindale ISD warns of student email hack, says police are investigating source
Major charities reassure supporters as regulators assess data breach
Malicious Actors Exploiting AI Chatbot Jailbreaking Tips
Malware Concealed as Dependabot Contributions Strikes GitHub Projects
MEDUSA Ransomware Group Strikes Again: Italian Company and Canadian Firm Latest Victims
Modern GPUs vulnerable to new GPU.zip side-channel attack
Most contractors unprepared for cyberattacks
MOVEit cyberattacks: keeping tabs on the biggest data theft of 2023
Multiple hackers claim responsibility for Sony data breach
Mysterious crypto vendor hacked, OpenSea, Nansen warn users
Nation-state Level Cyberattacks
New Survey Uncovers How Companies Are Confronting Data Security Challenges Head-On
New twist on ZeroFont phishing technique spotted in the wild
New ZenRAT Malware Targeting Windows Users via Fake Password Manager Software
NSA releases guide to spot China-linked router hackers
Ontario’s birth registry says MOVEit Transfer hack impacted over 3.4m residents
Preventing employees from becoming the gateway for cyberattacks
Preventing Ransomware and Malware Starts with Good Cyber Hygiene
Racketeer Influenced and Corrupt Organizations Act (RICO) class-action data privacy lawsuit filed against H&R Block, Google, Meta
Ransomed.vc Group Hits NTT Docomo After Sony Breach Claims
Ransomware Attack Blamed As Logistics Firm Collapses
Ransomware soars as enterprises struggle to respond
RATs, rootkits, and ransomware (oh my!)
Red Cross-Themed Phishing Attacks Distributing DangerAds and AtlasAgent Backdoors
Regulator Warns Breaches Can Cost Lives
Researchers Uncover New GPU Side-Channel Vulnerability Leaking Sensitive Data
Rug Pulls, Hacking Attacks, Phishing Scams; Crypto Loses $890 Million In Q3
Russian zero-day seller offers $20M for hacking Android and iPhones
Security researcher hit with a Grand Jury subpoena after feds confuse crypto crook investigation with crime
ShadowSyndicate: A New Player in the RaaS Landscape
Simple Membership Plugin Flaws Expose WordPress Sites
Skidmore College may face potential lawsuits over data breach
‘Snatch’ Ransom Group Exposes Visitor IP Addresses
Sony devices hacked? Hacker 'threatens' to release 'stolen' data by 28 September
Sony investigates the alleged data breach that has led to hacker infighting
Sony’s Systems Might Have Been Hacked by a New Ransomware Group
SSH keys stolen by stream of malicious PyPI and npm packages
T-Mobile blames reseller for April data breach that compromised employee records
The Cost of Cybercrime in the US: Facts and Figures
The cyber scam that’s trending more than ransomware
These are the IoT-related threats to be aware of
This dangerous Android malware is stealing from 100 banking apps - protect yourself now
Tribal Gaming Regulator Chides Caesars, MGM on Ransomware Attacks
US and Japan warn of Chinese hackers backdooring Cisco routers
US, Japan say ‘BlackTech’ Chinese government hackers exploiting routers during attacks
Vulnerability in popular ‘libwebp’ code more widespread than expected
Wakefield Council reprimanded over domestic abuse data breach which put the safety of family at risk
Web app, API attacks surge as cybercriminals target financial services
Why root causes matter in cybersecurity
Why The New U.S. National Cybersecurity Strategy Is At Risk
Why You Should Be Concerned About the MGM ‘Vishing’ Attack
WVU Medicine Provides Notice of Third-Party Data Breach
Your Bard conversations are someone else's Google results
ZenRAT Targets Windows Users with Fake Bitwarden Site
26th September
15 Virtual Private Server (VPS) Security Tips to Prevent Attacks on Your Server
75% who didn't report cyber attack to leadership, felt guilty about it
85% of IT anticipate leaving their role due to burnout
A Primer On Artificial Intelligence And Cybersecurity
Accountability sought for PhilHealth cyberattack
Alberta Dental Service Corporation says no fallout from ransomware attack so far
‘All Of Sony Systems’ Allegedly Hacked By New Ransomware Group
All Sony systems including PlayStations have been hacked, new ransomware gang claims and threatens to sell stolen data
Are developers giving enough thought to prompt injection threats when building code?
Auckland Transport (AT) ransomware attack: Customers urged to reset top-ups on Hop cards
August data breach roundup
Australian Government’s ‘Six Cyber Shields’ Is Potentially a Well-Meaning Skills Crisis
Aware but unprepared: Canadians know fraud is on the rise, but don't know what to do if their data is compromised
Bermuda Public Services Remain Disrupted After Cyber Attack
Beware, Scammers are now attacking people through calls and fake OTPs
BORN Ontario data breach left health data of millions exposed. What went wrong?
Broomfield Skilled Nursing and Rehabilitation Center settles breach-related charges with Colorado Attorney General
Canadian Flair Airlines left user data leaking for months
China’s hackers target Tibetans, Uyghur, and Taiwanese
Chinese Hackers TAG-74 Targets South Korean Organizations in a Multi-Year Campaign
CISA Publishes Hardware Bill of Materials Framework
Cl0p’s MOVEit attack tally surpasses 2,000 victim organizations
College kids should review passwords and credit amid massive Progress software data breach
CommonSpirit Health Increases Ransomware Attack Cost Estimate to $160 Million
Critical JetBrains TeamCity Flaw Could Expose Source Code and Build Pipelines to Attackers
Critical JetBrains TeamCity vulnerability could be exploited to launch supply chain attacks (CVE-2023-42793)
Cyberattacks on local governments are on the rise, highlighting a need for enhanced security
Cybercriminals Steal $200 Million From Crypto Firm Mixin In Data Breach
DJI Mavic 3 drone manuals abused to deliver malware
Emerging cybersecurity threats in healthcare
Essential Guide to Cybersecurity Compliance
Fake Red Cross blood drive info lures phishing victims
FBI, CISA Warn of ‘Snatch’ Ransomware Threat to Defense Industrial Base (DIB), Other Sectors
Francesca’s nightmare: women’s boutique hacked
Generative AI Security Challenges – Fighting fire with fire
Google assigns new maximum rated CVE to libwebp bug exploited in attacks
Hackers actively exploiting Openfire flaw to encrypt servers
Hackers Exploit Openfire Vulnerability to Deploy Ransomware and Cryptominers
Hackers Lures Drone Manual to Deliver Notorious MerlinAgent malware
Half of Cyber-Attacks Go Unreported
Has Sony been hacked again?
Honeywell class action claims data breach exposed personal information of 100,000+
Hong Kong: Consumer council in fight mode on hack
How to keep the latest cyber-attack dog on the leash
HTX Hacker Makes Off With $8 Million
Image Extortion: A Sinister new Tactic for Ransomware
Iran-Linked OilRig Group Launches New Cyber Attack on Israel
IT workers see generative AI as a serious threat to their profession
Johnson & Johnson, IBM face class-action lawsuit over patient data breach
Kaspersky discovers harmful phishing scam targeting employee self-evaluation requests
Kenya: Microlender fined Sh3m for data breach
Kettering logistics firm enters administration with 730 jobs lost
Kuwait isolates some government systems following attack on its Finance Ministry
Lawsuit: Honeywell cyberattack exposes personal information of thousands
LockBit 3.0 tops hacking list in August amid decrease in ransomware attacks
Maries County Courthouse under cyber attack for past few days
Maries County Emergency Managements says it was hit with cyber attack, says one 911 call affected
MassMutual Annuity Unit Faces Federal MOVEit Data Breach Suit
Metromile data breach $775K class action settlement
MGM and Caesars-like phishing campaign continues targeting luxury hotels
Microsoft AI Researchers Exposed 38TB Private Info
More technical woes hit Auckland Transport, commuters
More than 30 US Banks Targeted in New Xenomorph Malware Campaign
MOVEit cyberattack is pause for concern
MSP shares details of Kaseya VSA ransomware attack, recovery
New AtlasCross hackers use American Red Cross as phishing lure
New ZeroFont phishing tricks Outlook into showing fake AV-scans
NFT marketplace OpenSea has been hacked, again
Online Banking Security: Best Practices for Your Protection
Pay Attention: Hackers Are Targeting LastPass Users With Phishing Emails
Pension Firms Report 4000% Surge in Breaches
Philippines state health org struggling to recover from ransomware attack
Pizza Hut Australia’s Data Breach Impacts over 190K Customers
Product leasing giant Progressive Leasing warns sensitive information stolen in cyberattack
Progress Software stock struggles as data breach updates sour promising results
Ransomware and Social Engineering Threats Are Real
Ransomware Group Claims 'All of Sony Systems' Hacked
Ransomware group offering Sony data for sale
Report shows cybersecurity budgets increased 6% for 2022-2023 cycle
Researchers Uncover RaaS Affiliate Distributing Multiple Ransomware Strains
Rising cyberattacks on schools put students at risk
Russian hackers target Ukrainian government systems involved in war crimes investigations
Security leaders weigh in on latest MOVEit data breach
Settlement reached with Broomfield nursing facility over 2021 data breach
Seven notorious cloud security breaches uncovered
ShadowSyndicate: A New Cybercrime Group Linked to 7 Ransomware Families
ShadowSyndicate hackers linked to multiple ransomware ops, 85 servers
ShadowSyndicate Investigation Reveals Ransomware-as-a-Service (RaaS) Ties
ShadowSyndicate linked to 7 ransomware attacks in the past year
SickKids impacted by Better Outcomes Registry & Network (BORN) Ontario data breach that hit 3.4 million
Smishing Triad Stretches Its Tentacles into the United Arab Emirates
Sony breach: company investigating ransomware claims
Sony Confirms They Are Investigating Potential Ransomware Attack
Sony investigates cyberattack as hackers fight over who's responsible
Sony Investigating Alleged Hack of 'All Systems' by Ransomware Group
Sony investigating alleged ransomware attack, group threatens to sell data
Sony Investigating Potential Data Breach
Sony Launches Investigation After Ransomware Group Claims to Have Breached Company’s Systems
Sony Under Siege: Company Allegedly Hacked By New Ransomware Group
South Africa faces a rising tide of ransomware
Strategies for Merchant Ransomware Protection
Swan Retail cyber attack woes continue
Telcos targeted with novel kit – mysterious adversary behind the attacks
Temu class action alleges company failed to protect customer data, resulting in breach
Threat Report: The High Tech Industry Targeted the Most with 46% of NLX-Tagged Attack Traffic
Top Five Things You Need to Know to Protect Against Insider Threats
Travelers’ latest Risk Index finds cyber threats still a major concern
Travelers Risk Index: Amid Fluctuating and Emerging Business Risks, Cyber Threats Remain a Leading Concern
Two Concordia Parish banks affected by data breach
UK logistics firm blames ransomware attack for insolvency, 730 redundancies
Ultimate Guide to IoT Security Testing
Wawa’s $10.7M data breach lawsuit against Mastercard thrown out
Welsh furniture store chain Leekes ‘suffers ransomware attack’ by NoEscape
What to do after falling to a phishing scam - 10 urgent steps
Why the public sector is an easy target for ransomware
WormGPT, WolfGPT and FraudGPT – how to spot scams created by ChatGPT's 'evil cousins'
Xenomorph Android Banking Trojan Makes Landfall in US
Xenomorph Android Malware Campaign Targets US Banks
Xenomorph Banking Trojan: A New Variant Targeting 35+ U.S. Financial Institutions
ZenRAT Malware Uncovered in Bitwarden Impersonation
25th September
$70 Million Loss After Data Breach of CoinEx Crypto Exchange, Services Temporarily Suspended
79% of organizations confident in ransomware defenses
$200 million stolen in Hong Kong crypto heist
900 U.S. Schools Hit by MOVEit Hack, Exposing Student Data
A ransomware group claims to have breached ‘all Sony systems’
Air Canada reports data breach, employee data affected
‘All Sony Systems’ Reportedly Breached by Ransomware Group
Almost 900 US Schools Breached Via MOVEit
Apple issues security fixes for iPhone, iPad, Apple Watch to fight Predator spyware
Are you ready to build your organization’s digital trust?
Are You Willing to Pay the High Cost of Compromised Credentials?
As ransomware threats climb again, businesses need peace of mind
Australia: Government assists law firm for 16 weeks after cyber attack
Australian Federal Police claw back $45m lost to BEC scammers
Balancing cybersecurity with convenience and progress
Better Outcomes Registry & Network (BORN) Ontario child registry data breach affects 3.4 million people
Business Email Compromise (BEC) Scammer Pleads Guilty to Part in $6m Scheme
Canada: Perinatal and child registry data breach affects health info of 3 million Ontarians
Carding: what is this popular cyber scam and how to avoid it
China-Linked EvilBamboo Targets Mobiles
Clearinghouse Gets An F-Grade For Data Breach Affecting Nearly 900 US Schools
Crypto Exchange HTX Lost $8M of Ether Due to a Hack
Crypto firm Nansen issues data breach alert, asks users to reset password
Crypto Heist: North Korean Lazarus Group Holds $47M In Bitcoin & More
Current ransomware defensive efforts are not working
Cyber attack pushes KNP Logistics into administration with loss of 730 jobs
Cyber Security in Banking: Top Threats and Best Ways to Prevent Them
Data Breach Toll Tied to Clop Group's MOVEit Attacks Surges
Data Breaches from MOVEit Zero-Day Still Piling Up
Data Security Posture Management: What’s Fact and What’s Fiction?
Deadglyph: A New Backdoor Linked to Stealth Falcon APT in the Middle East
Defending Against Generative AI
Despite rising insider risk costs, budgets are being wasted in the wrong places
Facebook live streaming fakes used as lure by phishers
FBI director urges private sector to work with the agency on cyber threats
Five key threats facing cyber teams and how to navigate them
Five years on: the legacy of GDPR
Florida city duped out of $1.2 million in phishing scam, police say
Four Data Security Challenges Set to Impact Organizations in the Coming Years
From Watering Hole to Spyware: EvilBamboo Targets Tibetans, Uyghurs, and Taiwanese
GenZ Falls For More Online Scams Than Their Grandparents, Report Says
Gold Melody cyber crime group selling access to breached networks to other cyber criminals
Grand Valley State University warns about potential direct deposit scams
Hackers damage Bulgarian fact-checking site fighting Russian disinformation
Hackers target Pakistan military's media site, claim Pakistan army 'best' in world, warn politicians
Hands-on threat simulations: Empower cybersecurity teams to confidently combat threats
Harnessing GenAI: Building Cyber Resilience Against Offensive AI
Hong Kong: Consumer Council says over 20,000 alerted of data breach
Hong Kong crypto business Mixin says hackers stole $200 million in assets
How can businesses learn to live with ransomware?
How global enterprises navigate the complex world of data privacy
Human misconceptions of risk: The blocker to password evolution
Hundreds of US schools compromised following ransomware hack
Mixin Network hack drains $200M from mainnet assets
Mixin Network suspends operations following $200 million hack
Mount Desert Island Hospital data breach compromised the data of over 32k patients
MOVEit fallout continues as National Student Clearinghouse says nearly 900 schools affected
National Student Clearinghouse discloses data breach affecting 900 US schools
National Student Clearinghouse MOVEit breach impacts nearly 900 schools
New data from Netskope reveals growing malware threat in the financial services industry
New Report Uncovers 3 Distinct Clusters of China-Nexus Attacks on Southeast Asian Government
New variant of BBTok Trojan targets users of +40 banks in LATAM
North Korean Lazarus Group amasses over $40M in Bitcoin, data reveals
Northern Ireland: Protecting people’s data is paramount
Personal data of 25,000 Hongkongers at risk after cyberattack against consumer watchdog, up from earlier estimate of 8,000
Personalized Customer Experiences Are Important - But Not At The Cost Of Data Privacy
Philippines leads ASEAN in disruptive cyberattacks
'Power, influence, notoriety': The Gen-Z hackers who struck MGM and Caesars
Prime Big Deal Days: How to avoid scams and shop safely during Amazon’s next big sale
Product leasing giant warns that sensitive information was stolen during cyberattack
Protecting your business: Data breach cost averages £3.4M for UK companies
Qakbot Takedown Resembles Hack Back, Will Botnet, Malware Be Resurrected?
Ransomed.vc group claims hack on ‘all of Sony systems’
Ransomware a threat to the trucking industry
Ransomware group claims to have breached "all of Sony's networks" and is selling the data
Ransomware Group Claims to Have Compromised Sony’s Systems
Ransomware group reportedly selling stolen Sony data
Ransomware group threatened to sell Sonys data on dark web
Ransomware groups are once again targeting smaller businesses for more lucrative payouts
Researchers Spot Novel “Deadglyph” Backdoor
Rise in cybercriminals leveraging voice phishing and OTP theft for data breaches
Royal lurked in Dallas’ systems weeks before ransomware attack
Russia’s APT29 intensifies espionage operations
Scattered Spider “bites” in Las Vegas
Six Additional Companies Impacted by Sovos Compliance Data Breach Related to MOVEit Vulnerability
Sony Faces Another Ransomware Attack with Potential Impact on PlayStation Network
Sony Falls Victim to Major Ransomware Attack
Sony Has Allegedly Suffered a Huge Hack by Ransomware Group
Sony reportedly facing another ransomware attack, PlayStation Network may get affected
Sophisticated APT Clusters Target Southeast Asia
T-Mobile data breach exposes personal customer information
T-Mobile data leak exposed customers' personal and card details online
The importance of DNS Filtering in Cybersecurity
The Philippines: Department of Information and Communications Technology (DICT) issues warning, guidelines to government agencies vs. Medusa ransomware
There is A New Scam Targeting Spectrum Internet Customers – Here is What You Need To Know To Avoid It
Three US firms add over a million MOVEit victims
TikTok Scandal Unveiled: Temu Referral Scams Exploit Fake Celebrity Leaks for Rewards
UAE: Cybersecurity Council exposes phishing methods
Ukrainian Military Targeted in Phishing Campaign Leveraging Drone Manuals
Unmasking cyber criminals: The power of privileged identities
Web3 Platform Mixin Network Hit by $200m Crypto Hack
What businesses can do to promote a security culture
Why Modern, Phishing-resistant Authentication Is The Key To Securing Digital Identities
Xenomorph Android malware now targets U.S. banks and crypto wallets
Zero Trust Architecture: Strengthening User Authentication and Access Management
Zero Trust Authentication: 7 key principles of the new security concept
Subscribe to:
Posts (Atom)