Editor's Message

Welcome to DBD. On March 8th we celebrated our 4th Anniversary and the 1st Anniversary of our PRiSM application, officially endorsed by the SANS Institute. Despite recent personal issues that have impacted the amount of time I have been able to dedicate to both projects, I have been doing my best to keep everything as up-to-date as possible, and I would like to take this opportunity to thank everyone for their patience and support whilst I navigate through this very difficult time. Stay safe. :)

Monday 11 September 2023

Data Breaches Digest - Week 37 2023

Welcome to this week's Data Breaches Digest, a catalogue of links concerning Data Breaches and Cyber Security that were published on the Internet during the period between 11th September and 17th September 2023.

17th September

10 Cybersecurity Blunders and How to Prevent Them

A single phone call unravels MGM Resorts' cybersecurity

As AI boosts Texas cybercrime, challenges in bringing international criminals to justice remain

Billionaire Mark Cuban Falls Victim to Crypto Hack Again, Loses $900K

CardX released a data leak notification impacting their customers in Thailand

Cost of recovering information hijacked in a cyberattack

Cyber Attack! How Hackers Broke Into MGM Resports

FTX claims portal back online; Mark Cuban's phishing attack could have been way worse!

Hackers Can Access Your Recently Deleted Photos On Apple iPhone X

How cyber scammers are trying to make AI tools pay

Israeli railroad network targeted in cyberattack by pro-Palestine hackers

Leading Health Applications on Android Have Hazardous Permissions

Manpower services firm fined $9,000 for data leak affecting 23,940 people

North Korea's Lazarus Group Suspected in $31 Million CoinEx Heist

Over 6,000 in Singapore fall prey to job scams this year

Ransomware was so powerful that only 14% of companies were able to recover all their data after recovering it

Software Giant Retool Announces Customer Account Breach After Targeted Social Engineering Attack

Sri Lanka: Government loses months of data following ransomware attack

The Philippines: Online scams now worse than drug menace

TikTok flooded by 'Elon Musk' cryptocurrency giveaway scams

What Is Sidejacking?

What Is SMS Phishing?

What Is Spear Phishing? Definition, Types, How To Protect Yourself

What Is Spoofing?

Why Is Computer Security Advice So Confusing?

16th September

10 Ways to Stay Safe in the Digital World

$9,000 fine for manpower service firm which leaked data of 23,950 people

A Guide for Keeping Your Cryptocurrency Secure

Airbus supplier contacts stolen in cyberattack

Apple iPhones Vulnerable To Hacking Via 8-Year-Old Bug In iOS ‘Mail’ App

Australia: Federal government could pay millions in compensation over asylum seeker data breach

BlackCat ransomware hits Azure Storage with Sphynx encryptor

China becomes main victim of advanced persistent threat attacks: Ministry of State Security

Chinese hacker group targets power grid, its not their first time

Coinbase Earned $1M In Hack But Hasn’t Repaid Victims

Corporates must beware of risks lurking behind public Wi-Fi

Crypto fraud: $70 billion worth of illicit transactions in five years

Cyber seduction: Unmasking the dangerous liaisons of honey trapping

Cybersecurity in the Digital Gambling Era: Insights from New Online Casinos

Cyberthreats Against Schools

ETH Founder Vitalik Buterin’s X (Twitter) Hacked, $700k Stolen

Guarding Healthcare: Strengthening Cybersecurity in a Vulnerable Sector

How effective are credit monitoring services?

How fintechs can combat the growing ransomware threat

How to Prevent Cyberattacks on Critical Infrastructure

Insurance for cyber attacks can help but experts say it can cost a lot

'Israel's' railroad network targeted by cyberattack

Japanese YouTubers are hackers' newest target

Major cyber attacks on Las Vegas casinos making slot and ATM machines unusable

Mark Cuban’s MetaMask wallet drained of nearly $900,000 in suspected phishing attack

Massive MGM and Caesars Hacks Epitomize a Vicious Ransomware Cycle

MGM and Caesars hack create Las Vegas-style media circus

MGM Resorts begins recovery from cyberattack, guests experience fallout

Microsoft Teams Phishing Attacks Target Corporate World

Most Common Internet Privacy Issues and How to Mitigate Them

North Korean hackers use Russian exchanges to move stolen crypto

Protecting Your Data and Privacy on macOS: Mac Security Essentials

Russian cyber thieves linked to personal data breach at North Carolina hospitals

The future of AI and cybersecurity

There Has to Be a Better Way to Store Sensitive Travel Information

TikTok Faces Massive €345 Million Fine Over Child Data Violations in E.U.

Trojan Set By Ex-Huobi Employee Leaks iToken Wallet Private Keys

UAE: You've heard about phishing attacks; now beware of quishing

Warning over criminals using digital switchover to scam vulnerable residents

What are address poisoning attacks in crypto and how to avoid them?

What is a Cybersecurity Services Provider and How to Choose One?

What is a Password Policy and How to Create One?

What Is A Remote Access Trojan (RAT)?

What Is A Replay Attack?

What is a Social Engineering Attack?

What Is Credit Card Fraud?

What Is Ransomware As A Service (RaaS)?

What Is Ryuk Ransomware?

What Is Security Incident?

15th September

3AM Ransomware Backs Up LockBit In Cyberattacks

5 Cryptocurrency scams and how to avoid them

30k primary pupils’ data may be at risk after Capita cyber attack

A cybersecurity checklist: What every team needs to know when working remotely

Airbus Opens Probe Into Hacking Of Supplier Data

Alert for Businesses: Increase in remote access frauds – safeguard your business

ALPHV/BlackCat group claims responsibility for a damaging ransomware attack on MGM Resorts

Apple warns Latvia-based journalists about possible hacker attacks

Attackers Target Crypto Companies in Retool Data Breach

Australia: Federal police caught up in huge law firm data breach

Australia Inc roiled by raft of cyber attacks since late 2022

Assessing the true cost of a cyber attack

BYOD and mobile devices heighten healthcare cyber risks

Caesars Entertainment Reveals Major Ransomware Breach

Caesars hit with class action after cyberattack

Caesars Securities and Exchange Commission (SEC) breach report: $15m ransom paid

Canada: Provincial websites target of cyberattack

China's Malicious Cyber Activity Informing War Preparations, Pentagon Says

CISA announces open source software security roadmap

Cloud to Blame for Almost all Security Vulnerabilities

Colombia Reports Cyberattack With Impact Across Latin America

Cyberattack knocks out Government of Nunavut servers for most of Thursday

Cyberattacks Increasingly Target APIs

Cybercriminals Combine Phishing and EV Certificates to Deliver Ransomware Payloads

Cybersecurity Goals Conflict With Business Aims

Cybersecurity risks dampen corporate enthusiasm for tech investments

Cyberthreat Intelligence: Are Telecom Networks Easy Targets?

Dangerous permissions detected in top Android health apps

Data of Free internet and phone clients in France stolen and on sale

‘Data security incident’ at St. Paul school district involved 43,000+ student names, email addresses

DDoS 2.0: Internet of Things (IoT) Sparks New DDoS Alert

Don’t toss your old internet router until you do this

Dymocks confirms details of 1.2 million customers shared on dark web in data breach

Emotional impact of online scams affects Africans more than financial loss, survey finds

Enterprises persist with outdated authentication strategies

EU panel fines TikTok €345 million for child settings

Evidence points to North Korea in CoinEx cryptocurrency hack, analysts say

Free Download Manager Site Pushed Linux Password Stealer

Generative AI lures DevOps and SecOps into risky territory

Google Account Sync Vulnerability Exploited to Steal $15M

Google Agrees to $93 Million Settlement in California's Location-Privacy Lawsuit

Google pays $93M to settle Android tracking lawsuit in California

Google to pay California $93 million for allegedly lying to users about location data practices

Google to pay $93M over alleged location privacy deceptions

Hacker attacks on the rise in Italy. And in 80% of cases the victims are SMEs

Hacker Deepfakes Employee's Voice in Phone Call to Breach IT Company

Hacker Group Konni Uses WinRAR Vulnerability To Steal Crypto

How to spot a fake website

Iranian Nation-State Actors Employ Password Spray Attacks Targeting Multiple Sectors

Ireland: Nearly 50 data breaches at nine Stormont departments - Department for Infrastructure (DfI) civil servant accessed colleagues’ personal files

Las Vegas hackers lash out with barbed words

Major trucking software provider confirms ransomware incident

Manchester police data breach a classic supply chain incident

MGM and Caesars Casinos Suffer Massive Cyberattack

MGM and Caesars hackers: who are they?

MGM Resorts is still suffering from a massive outage after a notorious group of young hackers apparently tricked workers into handing over access to the company's network

MidgeDropper Variant Targets Work-from-Home Employees on Windows PCs

Modernizing fraud prevention with machine learning

More Russian journalists investigating possible spyware infections

Mumbai Cyber Police Crack First Online Task Fraud Case: Arrest Made in Rs 35-lakh Scam

New Zealand: CERT NZ reveals how much Kiwis have lost to scammers

NodeStealer Malware Now Targets Facebook Business Accounts on Multiple Browsers

North Korean Crypto Hacker Stolen $340M, 80% Down from Last Year

ORBCOMM ransomware attack causes trucking fleet management outage

Over 12,000 Greater Manchester Police staff impacted in major personal data breach

Pegasus strike on Putin critics prompts warnings from Apple and experts

Phishing attack styled as demand letters targets natural products industry

Pirated Software Likely Cause of Airbus Breach

Private information of over 20,000 Sanford patients potentially compromised in data breach

Protecting private and public sector organisations from cyberattacks

Ragnar Locker ransomware group claims cyber attack on Israeli hospital, releases stolen data

Retool blames breach on Google Authenticator MFA cloud sync feature

Russia inches closer to Chinese-style great firewall

Security leaders share thoughts on MGM cyberattack

Several Colombian government ministries hampered by ransomware attack

The Interdependence between Automated Threat Intelligence Collection and Humans

TikTok slapped with $368 million fine over child privacy violations

Time to Demand IT Security by Design and Default

Two Vegas casinos fell victim to cyberattacks, shattering the image of impenetrable casino security

What Is A Data Breach?

What Is A Degradation Of Service Attack?

What Is A Directory Harvest Attack (DHA)?

What Is Dictionary Attack?

What Is Doxware?

When Ransomware Attacks Seem Inevitable, What Can IT Teams Do?

14th September

2 Casino Ransomware Attacks: Caesars Paid, MGM Did Not

A Cyber Attack’s Emotional Toll Is More Impactful Than Financial Loss

A full timeline of the MGM Resorts cyber attack

A Proactive Approach For Protecting Enterprise Networks

A second major British police force suffers a cyberattack in less than a month

After MGM Resort Hack, Caesars Entertainment Also Reports a Breach

Airbus Suffers Data Breach: 3,000 Suppliers Leaked

ALPHV Ransomware Used Vishing to Scam MGM Resorts Employee

Attackers hit software firm Retool to get to crypto companies and assets

Attackers use fallback ransomware if LockBit gets blocked

Auckland transport authority hit by suspected ransomware attack

Australian Federal Police cyber hack: Names and private information of AFP officers working on some of the country's most top secret cases is breached by Russians

Automotive supply chain vulnerable to attack as cybersecurity regulation looms

BlackCat on the hook for cyber attack that crippled Vegas casinos

BLASTPASS: Government agencies told to secure iPhones against spyware attacks

Caesars Entertainment confirms ransom payment, customer data theft

Caesars Entertainment Faces Cyber Attack and Pays Hackers to Prevent Data Leak

Caesars Entertainment, MGM Resorts hit by Russian hacking group

Caesars ransom attack linked to MGM, tens of millions paid to hackers

California enacts first-of-its-kind bill targeting data brokers

Canada emergency alert system not compromised by cyber-attack on operating company

Canadian Nurses Association (CNA) confirms data theft after group dumps stolen info

Car companies are collecting data on your sex life, and apparently you’re fine with that

Caesars Entertainment ransomware attack targeting loyalty members revealed in Securities and Exchange Commission (SEC) filing

Caesars Entertainment Reportedly Pays Ransom to Attackers

Caesars reportedly paid millions to stop hackers releasing its data

Canadian weather websites still struggling after supplier attack

Casino giant Caesars confirms data breach

CISA panel pitches idea of a National Cybersecurity Alert System

City of North Bay: Customer accounts compromised in phishing attack

Cloud Vulnerabilities Surge 200% in a Year

CoinEx confirms hack with $31 million in cryptocurrency allegedly stolen

Colombia’s judicial branch thrown offline in major cyber attack

Combating Ransomware: 3 Growing Trends That Security Teams Must Watch

CommonSpirit caught up in MOVEit hack

Contractor Data Breach Impacts 8k Greater Manchester Police Officers

Corporate data breach detection through an OSINT lens

Crypto Theft from Fortress Trust Traced Back to Phishing Attack on Cloud Vendor

Crypto worth $15 million at risk amidst phishing attack on software provider

Cuba Ransomware Gang Continues to Evolve With Dangerous Backdoor

Cyber Attack Continues to Roil MGM's Vegas Operations

Cyber Attack On CoinEx Results In $27M Stolen, Exchange Suspends Withdrawals Temporarily

Cyber attack shuts down Yukon government’s websites

Cybercrime Trends: What Data Reveals About Phishing, Investment Fraud, and More

Cybersecurity - managing risks in the information age

Deepfake cyberthreats keep rising. Here’s how to prevent them

Details of Greater Manchester Police officers leaked in cyber attack

Dutch football association admits paying LockBit in ‘April Fools’ ransomware attack

Ethical hacking: what is it?

Fake Cisco Webex Google Ads abuse tracking templates to push malware

FBI hacker leaks Airbus data, threatens Lockheed and Raytheon

Fidelity, Bank of America, Others Face New Lawsuit Over MOVEit Data Breach

Four myths that expose companies to cybercrime

Free Download Manager Site Compromised to Distribute Linux Malware to Users for 3+ Years

French apps accused of illegally sharing user data

Great security training is a real challenge

Greater Manchester Police is 'hacked' as 'details of thousands of officers are stolen in huge cyber-attack'

Greater Manchester Police latest force to suffer serious data breach

Greater Manchester police officers’ data hacked in cyber-attack

Greater Manchester Police officers' details hacked in cyber attack

Greater Manchester Police officers’ details stolen in cyber attack

Greater Manchester Police officers' details targeted in 'ransomware attack'

Greater Manchester Police statement on data breach

Greater Manchester Police victim of hack with thousands of warrant card details stolen

Greater Manchester Police victim of huge hack - with thousands of ID badge details stolen

GRIT Ransomware Report: August 2023

Guarding Against Fileless Malware: Types and Prevention

Hacker group identified as possible source of MGM Resorts cyberattack

Hacker group made up of minors claims to be behind MGM Resorts cyberattack

Hacker group threatens MGM Resorts if ‘deal is not reached’

Hackers Claiming to Jailbreak AI Chatbots to Write Phishing Emails

Hackers targeted Delhi Police website multiple times during G20 Leaders' Summit

Health Sector Cybersecurity Coordination Center (HC3) Warns Healthcare of Akira Ransomware Group

Honeywell hack exposed nearly 120K people

Hong Kong’s Cyberport apologises over data theft and vows to improve security, but insists no human error involved

Horseshoe in Hammond affected by recent ransomware attacks targeting casinos

How to fight back against debit card hackers who are after your money

HSHS St. Elizabeth’s Hospital working to restore networks after cyber attack

Identity of NSA hacker behind cyberattack on China's leading aviation university identified; to be disclosed in due course

Iranian hackers breach defense orgs in password spray attacks

Iranian state hackers targeted satellite, defense organizations worldwide

Is Someone Stealing Your Code? How to Lock Down Intellectual Property

IT expert accused of offences linked to PSNI data breach back in court after two days

It’s Back to School for Cyber Gangs, Too

Kingston Police warn public of scannable QR code phishing scams

Lack of cloud visibility, machine-speed attacks make every company a target

Lazarus Group Blamed For $53m Heist at CoinEx

LokiBot malware going for a song at $80

Manchester Police officers' data exposed in ransomware attack

Manchester police officers’ data stolen following ransomware attack on supplier

Manchester police officers’ warrant card details stolen in cyber attack

MGM casino's ESXi servers allegedly encrypted in ransomware attack

MGM Hit with Cyber Attack

MGM reeling from cyber 'chaos' 5 days after attack as Caesars Entertainment says it was hacked too

MGM Resorts breached by 'Scattered Spider' hackers

MGM still responding to wide-ranging cyberattack as rumors run rampant

Microsoft promises to act as Teams continues to get pummeled by phishing attacks

Microsoft Teams Hacks Are Back, as Storm-0324 Embraces TeamsPhisher

Microsoft Uncovers Flaws in ncurses Library Affecting Linux and macOS Systems

Mind the trust gap: Data concerns prompt customer caution over generative AI

Moroccan authorities warn of risk of cyber-attacks in aftermath of earthquake

Mozilla, CISA urge users to patch Firefox security flaw

N-Able's Take Control Agent Vulnerability Exposes Windows Systems to Privilege Escalation

Nearly Half of Survey Respondents Fooled by ChatGPT in Phishing Schemes

New DarkGate Malware Campaign Hits Companies Via Microsoft Teams

Northfield Bank Reports Third-Party Data Breach Stemming from Vendor’s Use of MOVEit

Phishing attack on software firm Retool enabled Fortress Trust hack

Phishing disguised as hacking: GCash advises users vs scam targeting e-wallet users

Preventing DDoS attacks

Ransomware in top three threats for 65% of organizations

Rearo issues warning to businesses following cyber attack

Remote Desktop Protocol exposures leave 85% of organizations vulnerable to attack

Report Surfaces Root Causes of Cloud Security Issues

Rising OT/ICS cybersecurity incidents reveal alarming trend

Run Linux? Check For This Password-Stealing Malware That Went Undetected For Years

Russian Journalist's iPhone Compromised by NSO Group's Zero-Click Spyware

School lockdowns: Person arrested after email threats in West Yorkshire cities of Leeds and Bradford

Sneaky spyware is after your most sensitive data

SouthCoast Medical Group, LLC Notified Patients of Recent Data Breach

Sri Lanka government loses vital email data in a major ransomware attack

Stealer Thugs Behind RedLine & Vidar Pivot to Ransomware

Study Finds Deprived Teens with Poor Learning Skills at Highest Risk from Email Scams

Surface brand issues stark warning following cyber-attack

Suspected ransomware attack hits Auckland Transport's Hop cards

The MOVEit Hack, Ransomware Attacks, and Cyber Insurance

The Role of Bitcoin in Ransomware Attacks

Third of Americans use password managers

Thousands of police officers’ details hacked in cyber attack

Thousands of police officers' names and pictures stolen in huge cyber attack

Threat actors target remote endpoints to conduct BECs, steal credentials and load malware

Toyota outage shows not all backup failures are ransomware

UK is Confronted with an Increase in Ransomware Attacks

UK police officers’ details exposed in cyberattack

US and UK Authorities Have Sanctioned Conti Ransomware and TrickBot Cybercrime Gangs

Upstate New York nonprofit hospitals still facing issues after LockBit ransomware attack

Vendor used by Baylor College of Medicine for employee wellness portal reports possible data breach

Vodafone investigating potential data breach after Twitter accounts compromised

Wake-Up Call as 3AM Ransomware Variant Is Discovered

What Is A Blue Bomb?

What Is A Computer Emergency Response Team (CERT)?

What Is An Advanced Persistent Threat (APT)?

What Is An Anti-Phishing Service?

What Is An Attack Vector?

What is double extortion ransomware?

What Is Obfuscated URL?

When and How to Report a Cyber Attack Attempt

Who is behind the latest wave of UK ransomware attacks?

Why Are You Texting Me? UNC3944 Leverages SMS Phishing Campaigns for SIM Swapping, Ransomware, Extortion, and Notoriety

Windows 11 ‘ThemeBleed’ RCE bug gets proof-of-concept exploit

Zero-Day Security Vulnerability Found in Chrome, Firefox and Other Browsers

13th September

5 Reasons Why You Should Conduct Regular Cybersecurity Audits

44% of IT leaders describe their organization as secure

49% of survey respondents were fooled by ChatGPT

AI Models Under Attack: Protecting Your Business From AI Cyberthreats

Airbus Launches Investigation After Hacker Leaks Data

Airbus suffers data leak turbulence to cybercrooks' delight

Alert: New Kubernetes Vulnerabilities Enable Remote Attacks on Windows Endpoints

American National Insurance Company Facing Class Action Over May 2023 Data Breach

Audit Finds Department of Social Services (DSS) Failed to Report Data Breaches, Losses in Medicaid Funding

Australian boards view GenAI as a security risk

BianLian ransomware gang holds Save the Children hostage

Caesars Entertainment Paid $15 Million Ransom After Cyberattack

Capita class action: 2,000 folks affected by data theft sign up

Chambersburg Area School District (CASD) answers some questions about ransomware attack, won’t say if they paid hackers

Chilling Lack of Cyber Experts in UK Government, Finds Parliamentary Inquiry

China-linked malware spotted in national power grid

Chinese are running new phishing scams across Cambodia, Myanmar, Thailand. It’s a scamdemic

CISA Publishes Plan to Enhance Open Source Security

City of Tomball, Texas, Announces Data Breach in the Wake of 2022 Ransomware Attack

CoinEx confirms hack after $31 million in cryptocurrency allegedly stolen from exchange

‘Computer geek’ on PSNI spreadsheet charge accused of breaching bail by refusing to be tagged

Cost of a data breach 2023: Pharmaceutical industry impacts

CrelioHealth leak exposed 28M+ records of patients

Cyberport reveals stolen data of staff and job applicants appear on dark web

Data breach by Pareto Phone

Dutch football association pays ransom to Russian cybercriminals

Ethereum Creator Vitalik Buterin Says Hacker Used SIM-Swap Attack To Compromise X Account

Europol: malware remains top cyberthreat

Exiled Russian journalist had phone hacked with Pegasus spyware

Exploring the Security Measures Implemented by Loan Apps

FBI Hacker Dropped Stolen Airbus Data on 9/11

FBI Helps Seize Control Of Million-dollar Global Malware Network Qakbot

Gloomy forecast: The Weather Network is down after a cyber-attack

Hackers claim it only took a 10-minute phone call to shut down MGM Resorts

Hackers steal $53 million worth of cryptocurrency from CoinEx

Hackers use new 3AM ransomware to save failed LockBit attack

Here’s how to stop cyber risks at sporting events

How Cyberattacks Are Transforming Warfare

How should SMBs navigate the phishing minefield?

How to Prevent Risky Cybersecurity Behaviors Creeping into Your Organization

If You Didn’t Change Your Passwords After the LastPass Data Breach, Do It Now

Implementing the Least Privilege Principle to Safeguard Your Assets

Inside The Ransomware Attack That Shut Down MGM Resorts

Insurer Mapfre Faces Class Actions Over Data Breach

Intel-based Macs under attack from new MetaStealer malware - how to stay safe

Internet Organised Crime Assessment (IOCTA) spotlight report on malware-based cyber-attacks published

Kent's St Augustine Academy says hackers encrypted student and staff data following a cyber attack

Latest fraud schemes targeting the payments ecosystem

LokiBot - Phishing Malware Baseline

Machine Learning is a Must for API Security

Market Maker Virtu Sued by US Regulators for Alleged Data Breach

MetaStealer malware is targeting enterprise macOS users

MGM Criticized for Repeated Security Failures

MGM cyberattack claimed by ALPHV/BlackCat ransom gang

MGM Resorts breach is costing the casino giant 'every minute' after hacker gang known as BlackCat infiltrated them in 10 MINUTES using an employee's name and a phone call

MGM Resorts International Cyberattack Allegedly Engineered By BlackCat Hacker Group

MGM Resorts’ ransomware attack started with a single phone call

Microsoft Fixes Two Zero-Day Bugs Used in Attacks

Microsoft Releases Patch for Two New Actively Exploited Zero-Days Flaws

Microsoft Teams phishing: Enterprises targeted by ransomware access broker

Microsoft Teams phishing attack targets corporate networks

Microsoft Warns of New Phishing Campaign Targeting Corporations via Teams Messages

Mom’s Meals class action alleges data breach exposed information of 1.2M individuals

Moody’s says breach at MGM is credit negative as disruption lingers

More than S$330 million lost to scammers in first half of 2023; cases continue to rise

Mozilla Rushes to Patch WebP Critical Zero-Day Exploit in Firefox and Thunderbird

Navigating the Cybersecurity Landscape of Web3

New Microsoft Teams Phishing Campaign Targets Corporate Employees

New Securities and Exchange Commission (SEC) Disclosure Rule: Do the Benefits Outweigh the Concerns?

North Korea’s Lazarus Group responsible for $55M CoinEx hack

Overconfidence leaves Egyptian consumers vulnerable to scams

Overconfident Organisations Prone to Cyber Breaches, Study Finds

Privacy concerns cast a shadow on AI’s potential for software development

Protecting sensitive data in the cloud in regulated industries

Quebec government says data not compromised after websites hit by cyberattack

Quebec government sites under cyber attack

Ransomware attack hits Sri Lanka government, causing data loss

Ransomware gang steals 6.8TB of data from Save The Children

Read it right! How to spot scams on Reddit

Recent Rhysida attacks show focus on healthcare by ransomware actors

Researchers Detail 8 Vulnerabilities in Azure HDInsight Analytics Service

Rollbar discloses data breach after hackers stole access tokens

Royal Dutch Football Association confirms ransom payment for hacked employee data

Russian National Indicted for Scripps Health Ransomware Attack; 11 TrickBot/Conti Actors Sanctioned

Rust-Written 3AM Ransomware: A Sneak Peek into a New Malware Family

Scams cost New Zealanders $4.2m, with 'smishing' on the rise

SIM swap scams: growing threat to crypto community

Storm-0324 Exploits Microsoft Teams Chats to Facilitate Ransomware Attacks

Tamil Nadu police website hacked in ransomware attack

The 10 biggest ransomware attacks in history

The Art of Data Privacy

The Escalation of Ransomware Threats in the UK: An Analytical Dive

These Are the Absolute Worst Passwords For Online Security

Thousands of unprotected security cameras surveilling the world

Three Persistent Data Security Challenges Orgs Need to Address

TikTok’s latest GDPR breach could cost them up to $376M

Twitter Data Breach: Personal Information of Over a Million French Individuals Compromised

UK ICO and NCSC Set to Share Anonymized Threat Intelligence

Understanding phishing and how to prevent it

UnitedHealthcare Services Sued for MOVEit Transfer Data Breach

Update Adobe Acrobat and Reader to Patch Actively Exploited Vulnerability

US Cybercrime and Cybersecurity Statistics

US-Canada water commission investigating cyberattack

Visa tracks spike in retail, e-commerce fraud

Walmart shoppers warned to check inbox now for bank-draining message that puts you at risk with one click

Warning: High school sports fans being victimized by website phishing scams

What Is A Black Hat Hacker?

What Is A Hacker?

What Is A Rainbow Table Attack?

What Is A Targeted Attack?

What Is Doxing?

White House urging dozens of countries to publicly commit to not pay ransoms

12th September

5 Types of Malware Every Business Should Be Aware Of

6 simple cybersecurity rules to live by

6 Ways Passwords Can be Stolen — and How Passwordless Can Stop Them All

74% of Indian enterprises hit by ransomware attacks in 2022

60,000 Individuals Affected by Texas Medical Liability Trust Data Breach

Adobe warns of critical Acrobat and Reader zero-day exploited in attacks

AI jailbreaking: turning chatbots into accomplices

Airbus Cyber Attack: Over 3,200 Vendor Data Accessed by Hackers

Airbus investigates data leak allegedly involving thousands of suppliers

Almost Half of Security Chiefs Expect to Raise Security Spending After $1 Trillion Loss in 2022

An Avoidable Breach - FBI Hacker Leaks Sensitive Airbus Data

'Anonymous Sudan' Sets Its Sights on Telegram in DDoS Attack

API Security’s Role in Protecting Retail Cloud Apps

Apple backports BLASTPASS zero-day fixes to older iPhones

Australia is the 5th most hacked country in the world

Beware: MetaStealer Malware Targets Apple macOS in Recent Attacks

Beware of Fake Browser Updates that Install Malware on Systems

Building a cyber-aware staff is essential to protecting your SME against threats

Businesses are losing the battle of the endpoint

Buterin's Twitter Account Reclaimed After $700,000 Crypto Theft

Catch Of The Week: Package Delivery Text Scams

Check Point Research reports a large-scale phishing attack targeting over 40 Colombian based companies

Chinese Redfly Group Compromised a Nation's Critical Grid in 6-Month ShadowPad Campaign

Chrome zero-day exploited in the wild, patch now! (CVE-2023-4863)

CISA offers free security scans for public water utilities

CISA warns of attacks using Microsoft Word, Adobe bugs

CISOs need to be forceful to gain leverage in the boardroom

Cloud Threats Rise: Who’s Attacking and How They Get In

Companies need to rethink how they implement identity security

'Computer geek' Christopher O'Kane bailed on PSNI data breach spreadsheet charge

Computer Systems and Individuals Need to Be Better Prepared for Cyber Attacks

Critical GitHub Vulnerability Exposes 4,000+ Repositories to Repojacking Attack

Crypto hackers shift additional $328M in stolen funds

Crypto market saw illicit transactions of $70 billion in 5 years

Cuba ransomware deploys new malware

Cyber attack hits UK school: St. Augustine Academy in Maidstone falls victim

Cyber-criminals “Jailbreak” AI Chatbots For Malicious Ends

Cyber Security Strategy for Executives in the UK Nuclear sector

Cyberattack Hits MGM Hotels in Vegas, Bricking Slot Machines, Room Keys

Cybercriminals are now targeting top executives - and could be using sensitive information to extort them

Cybersecurity threatscape of Asia: 2022–2023

Data breach at Minnesota jobs website reported, users warned to protect info

Defending the future: What does tomorrow's cyber security look like?

Do cyber events influence stock market performance?

Electric Cars: A Hacker’s Playground?

Ethereum’s Buterin says X account hacked in T-Mobile SIM swap

Europol: Financial Crime Makes “Billions” and Impacts “Millions”

Facebook Messenger phishing attack pumps out 100K+ weekly messages

Fighting Individual Ransomware Strains Fruitless, UK Agencies Suggest

Five Steps For Securing Your Company Against Insider Threats

Free Download Manager site redirected Linux users to malware for years

Germany still lags in cybersecurity ‐ report reveals

Google Fixes Chrome Zero-Day Exploited in the Wild

Google patches Chrome zero-day exploited in wild

Google Rushes to Patch Critical Chrome Vulnerability Exploited in the Wild - Update Now

Guests react to MGM electronic shutdown following data breach

Hacker arrested for stealing customers' points from reward program company

Hacker discovered serious vulnerabilities in Dutch vote counting software

Hacker Hijacks Ethereum Cofounder's Twitter Using SIM-Swap Attack

Hackers Dropping Physical USB Drives at Watering Holes

Hong Kong Cyberport defends move to not reveal hacking attack, says stolen data includes details on staff and ex-workers, credit card records

How Cyber Scammers Are Trying To Make AI Tools Pay

How Hospitals Should Manage Cybersecurity Risks

How To Answer The General Counsel’s Questions After A Cybersecurity Incident

How To Spell Cybersecurity

Human behaviour as both threat and defence

IBM data breach compromised the personal data of Janssen CarePath customers

Insurance among top sectors to report data breaches

Journalists, authors, and other writers targeted by phishing emails

KNVB football association admits settling after cyber attack

Las Vegas Slot Machines Shut Down By MGM Resorts Hack

Man charged in connection with Scripps Health ransomware attack

MGM Cyber-issues Have “Markings of a Ransomware Attack”

MGM ‘cybersecurity issue’ shuts down slot machines and ATMs in Las Vegas casinos

MGM Resorts: Slot machines go down in cyber-attack on firm

MGM Resorts Hit By Cyber-Attack, Systems Down

MGM Resorts suffers cyber-attack as booking systems crash

MGM resorts suspected ransom attack forces system shut down

Microsoft, Adobe fix zero-days exploited by attackers (CVE-2023-26369, CVE-2023-36761, CVE-2023-36802)

Mozilla patches Firefox, Thunderbird against zero-day exploited in attacks

National Cyber Security Centre (NCSC) report on ransomware

National Registration Identity Cards (NRICs), home addresses of doctors among data leaked from Academy of Medicine, Singapore

Nearly 15,000 accounts raided at automaker sites to harvest vehicle IDs, report says

New backdoor tool spotted in use against targets in Brazil, Israel, UAE

New 'MetaStealer' malware targets Intel-based macOS systems

Phishing campaign uses Word documents to distribute three malware strains

Phishing or Hacking – What’s the difference

Portuguese court convicts hacker behind biggest leak in football history

Power grid of Asian nation shows signs of intrusion by espionage group

Ragnar Locker group claims major attack on Israeli hospital, starts leaking stolen data

Ransomware access broker steals accounts via Microsoft Teams phishing

Ransomware attacks hit record level in UK, according to neglected official data

Ransomware gang says it has hit International Joint Commission

Ransomware takes backseat to data theft as protection of sensitive data keeps IT professionals awake at night

Redfly Group Compromises National Power Grid

'Redfly' hackers infiltrated power supplier's network for 6 months

Requests via Facebook Messenger lead to hijacked business accounts

Royal Dutch Football Association confirms it paid ransom for hacked employee data

Save the Children International hit with cyberattack, but says operations weren’t impacted

Securing the supply chain: The imperative of Early Warning Systems

Social Security Scams: Why Younger Generations Are Surprisingly Victims More Often

Sophisticated Phishing Campaign Deploying Agent Tesla, OriginBotnet, and RedLine Clipper

Sri Lanka: Information and Communication Technology Agency (ICTA) reveals of email data loss in latest cyberattacks

St. Paul Public Schools warns families of potential data breach

Stake’s Hacker Moves $328,000 Worth Of Crypto From Stolen Funds

Teen Crypto Hacker Surrenders $3.1M Bitcoin and Sports Car to Authorities

Texas Medical Liability Trust Announces Data Breach

Texas Medical Liability Trust updates its data breach notification; now provides notification on behalf of almost 60,000 individuals

The Art Of Exploiting Cybersecurity Vulnerabilities: Ethical Hacking

The cyber-insurance vision is failing for ransomware attacks in India

The Cybersecurity Risks In Education Cannot Be Ignored

The Data Dilemma: How to Balance Privacy and Security in the Digital Age

Think before you click: parents shirking online safety talks with children

U.S. News & World Report Identity Theft Survey 2023

UK businesses could escape data breach fines if they engage with NCSC over cyber incidents

UK Electoral Commission failed Cyber Essentials test, suffered a breach of 40 million voters' records

Understanding Cyber Security Posture: Assess and Strengthen Your Organization’s Defenses

US casino giant MGM Resorts battles 36-hour outage after cyber attack

US Government Ordered to Urgently Patch Apple Zero-Day Bugs

What 3 Data Breaches Tells Us about the World of Crime and Security

What is a Prompt Injection Attack?

What is Account Hijacking?

What Is Bluebugging?

What is Cyberwarfare (Cyber War)?

What Is Threatware? Definition, Types, How To Protect Against It

What Is Two-Factor Authentication?

Why Comprehensive Cybersecurity Can Be Very Complex To Implement In Reality

Windows Systems Targeted in Multi-Stage Malware Attack

11th September

600 Ether from phishing exploit deposited into Tornado Cash

Another day, another police data breach

Associated Press (AP) Stylebook Breach May Have Hit Hundreds of Journalists

Associated Press Stylebook Users Targeted in Phishing Attack Following Data Breach

Board Members Struggling to Understand Cyber Risks

Bookstore Chain Dymocks Discloses Data Breach Possibly Impacting 800k Customers

Canadian Nurses Association confirms data theft after group dumps stolen info

Chambersburg Area School District Hit by Ransomware Attack

Charming Kitten's New Backdoor 'Sponsor' Targets Brazil, Israel, and U.A.E.

CISA and FBI release joint cybersecurity advisory

CISA warns government agencies to secure iPhones against spyware attacks

Cisco VPN flaw faces attempted Akira ransomware attacks

Community Trust Bank, Inc. Confirms Vendor Data Breach Related to MOVEit Vulnerability

Council of Europe report calls use of Pegasus spyware by several countries potentially illegal

Cuba Ransomware Group Unleashes Undetectable Malware

Cyber Insurance - Your Secret Weapon Against Digital Risk

Cybercriminals Using PowerShell to Steal NTLMv2 Hashes from Compromised Windows

Cybersecurity In Business Aviation: What Operators Should Do To Protect Themselves

DarkGate Malware Operators on a Phishing Spree

Data Breach of AP Stylebook Leads to Phishing Attacks

Dissecting the MOVEit breach: Lessons learned from the ransomware attack

Don’t focus on ransomware variants, say UK’s national cyber and crime agencies

Dymocks discloses breach after dark web data leak

Dymocks discloses data breach impacting 836,000 customer accounts

Elevating API security to reinforce cyber defense

Email forwarding flaws enable attackers to impersonate high-profile domains

Evil Telegram Mods Removed From Google Play

Facebook Messenger phishing wave targets 100K business accounts per week

FBI investigates cyberattack that forced Hinds County government offices to close

Fed orders teen hacker to return $5.2M in BTC stolen in 2016

Google fixes another Chrome zero-day bug exploited in attacks

Google Play axes batch of Telegram clones that spy on users

Hackers Steal Over $691,000 in Phishing Attack on Social Media

Hinds County under ransomware attack; essential services disrupted

Hospitality sector facing distinct security challenges

How to Prevent API Breaches: A Guide to Robust Security

Indiana hospital settles suit over 2021 data breach, will pay $250K

Insurance-Linked Securities (ILS) funds shouldn’t fear “double-whammy” after widespread cyber attack

Iranian hackers backdoor 34 orgs with new Sponsor malware

Israel investigates potential breach of lawmakers’ phones

IT Systems Encrypted After UK School Hit By Ransomware

L.A. Care must pay $1.3M settlement over data breaches that violated HIPAA

Lazarus Group Targets macOS in Supply Chain Assault

LockBit ransomware gang claims to have 800GB of Hanwha data, will leak in 7 days

MGM Must Disclose Ransomware Demand if it Pays One

MGM Resorts Las Vegas hit by major cyber attack as guests locked out of rooms

MGM Resorts shuts down IT systems after cyberattack

MGM Resorts Suffers Cybersecurity Attack, System Outage Reported

MGM Resorts takes systems offline following cyberattack

Microsoft Teams users targeted in phishing attack delivering DarkGate malware

More Details Emerge on Dallas Ransomware Attack

New HijackLoader Modular Malware Loader Making Waves in the Cybercrime World

New WiKI-Eve attack can steal numerical passwords over WiFi

New York police spend millions to scrape social media and spy on users

Nookazon data breach is caused by another Akrew website

PayPal and Norton caught up in new phishing scam

Peninsula College staff follows up on cyber attack

Pentagon Urges Collaboration in Cyber Defense

Personal data in Freedom of Information (FOI) requests: cautionary tales

Phishing: 10 Things to Do Immediately When You Click on a Fake Link

Portuguese hacker in Football Leaks trial convicted, gets 4-year suspended sentence

Prevention better than cure in battling AI-driven ransomware

PSNI data breach: Spreadsheet 'highlighted police commanders'

Quishing: What is it?

Ransomware Attack Wipes Out Four Months of Sri Lankan Government Data

Record number of cyberattacks targeting critical IT infrastructure reported to UK gov’t this year

Russians who deployed ransomware against hospitals are charged

Save the Children hit by ransomware, 7TB stolen

Second hacking group claims access to Core Desktop data, including passport scans

Sri Lanka Government emails missing after massive ransomware attack

Sri Lankan government loses months of data following ransomware attack

St. Paul Public Schools notifies students about winter data breach

The MOVEit Hack, Ransomware Attacks, And Cyber Insurance

The Struggle Against Unauthorised Hacker Intrusions and Website Protection

Unlocking the Data Transfer Dilemma: the EU-US Data Privacy Framework

Vietnamese Hackers Deploy Python-Based Stealer via Facebook Messenger

Visa highlights emerging fraud schemes in retail and e-commerce

Vitalik Buterin’s X Account Compromised, Nearly $700,000 Drained

What is a data leak and how does it impact the security of people and companies?