Editor's Message

Welcome to DBD. On March 8th we celebrated our 4th Anniversary and the 1st Anniversary of our PRiSM application, officially endorsed by the SANS Institute. Despite recent personal issues that have impacted the amount of time I have been able to dedicate to both projects, I have been doing my best to keep everything as up-to-date as possible, and I would like to take this opportunity to thank everyone for their patience and support whilst I navigate through this very difficult time. Stay safe. :)



Monday, 25 September 2023

Data Breaches Digest - Week 39 2023

Welcome to this week's Data Breaches Digest, a catalogue of links concerning Data Breaches and Cyber Security that were published on the Internet during the period between 25th September and 1st October 2023.


1st October

Are recent cyberattacks a result of a worker shortage?

Bermuda: Government Update On Services Following Cyber-Attack

BlackCat gang claims they stole data of 2.5 million patients of McLaren Health Care

FTX Hacker Moves New 7,500 ETH Taking Total Tranche to 22,500 Units

Meet LostTrust ransomware - A likely rebrand of the MetaEncryptor gang

New Marvin attack revives 25-year-old decryption flaw in RSA

PlayStation owners urged to make simple five-step check to keep accounts safe following Sony cyberattack claims

Royal Family website crashes after it is 'targeted by Russian hackers in cyber attack'

Royal family website hit by cyber attack

Royal family website ‘targeted in Russian cyber attack’

Royal Family's official website targeted in cyber attack

Royal website goes down after being targeted by cyber attack

Russian hacker takes down Royal Family's official website in cyber 'attack'

Russian hacker takes Royal Family's website down in cyber 'attack'

Russian hackers claim responsibility for cyber attack on official Royal Family website

UK royal website targeted in cyber attack

30th September

Apple, Microsoft, and Google Just Fixed Multiple Zero-Day Flaws

Cloudflare DDoS protections ironically bypassed using Cloudflare

Cybersecurity threats on the rise in Việt Nam's SMB sector

Don’t take the bait when it comes to phishing!

FBI issues warning on Phantom hacker scams – don’t fall for it

FBI Warns of Rising Trend of Dual Ransomware Attacks Targeting U.S. Companies

FBI warns phantom hacker scams are emptying financial accounts — how to stay safe

Iranian APT Group OilRig Using New Menorah Malware for Covert Operations

New BEC 3.0 Attack Exploiting Dropbox for Phishing

New Critical Security Flaws Expose Exim Mail Servers to Remote Attacks

Surge in Ransomware Attacks: Experts Advise UK SMEs to Strengthen Cybersecurity

US, Japan authorities warn of China-linked hacking group BlackTech

29th September

5 strategies for advocating for a security budget increase

14 Pinal County school districts hit with ransomware attack to payroll system

Admins urged to quickly patch holes in WS_FTP file transfer server

AI Phishing Attacks Illustrate the Importance of Employee Awareness

Alleged Iranian hackers target victims in Saudi Arabia with new spying malware

Auckland Transport (AT) Website Issues Due To Ransomware Incident

Australia's Energy One says no proof of malicious activity after cyber incident

Bermuda: Several notorious gangs behind cyberattacks

Bermuda slowly bringing operations back online following major cyberattack

Beware of Phishing via Dropbox

Billions of usernames and passwords leaked online - what you should do right now

Bing Chat is reportedly serving ads pushing malware

Booking.com users targeted in large-scale phishing campaign, warns security firm

Booking.com customers targeted in major new phishing campaign

Capital One data breach settlement payments have started

Censys Reveals Open Directories Share More Than 2,000 TB of Unprotected Data

Chinese Hackers Stole 60,000 US State Department Emails from Microsoft

CISA, NSA, FBI and Japan warn of BlackTech, People’s Republic of China (PRC)-linked cyber activity

Cisco Warns of Vulnerability in IOS and IOS XE Software After Exploitation Attempts

City of Dallas sets aside $8.5m to respond to a devastating Royal ransomware attack

Cyberattack on Australia-based telemarketing group put donor data on dark web

Cybercriminals Using New ASMCrypt Malware Loader Flying Under the Radar

Cybersecurity budgets show moderate growth

Cybersecurity in the Healthcare Industry: Safeguarding Patient Data

Dark Angels ransomware group claims major attack on Johnson Controls, demands a $51m ransom

Diverse threat intelligence key to cyberdefense against nation-state attacks

Dozens of Mullvad VPN accounts discovered on the dark web

Eastern Gateway Community College (EGCC) Among Colleges Affected by Data Breach

Edinburgh Trams website attacked by Russian group for supporting Ukraine

Education, Health Officials Want More Help Mitigating Ransomware Attacks

Endpoint security: How to protect end users from themselves

Exploit released for Microsoft SharePoint Server auth bypass flaw

FBI warns energy sector of likely increase in targeting by Chinese, Russian hackers

Federal Shutdown Raises Cybersecurity Risks, Experts Warn

Financial crime compliance costs exceed $206 billion

Generative AI Poses Risks, But Outright Bans Aren’t The Best Solution

Hong Kong Laureate Forum hit by ransomware attack

How generative AI is enabling cyber criminals

How should organizations navigate the risks and opportunities of AI?

How To Avoid Facebook & Facebook Marketplace Scams in 2023

How to avoid government shutdown-related scams, phishing attempts

Initial Access Broker Targeting Organizations With Microsoft Teams Phishing Attacks

InterPlanetary File System (IPFS) Malware And Phishing Kit Cyberattacks Increase To Epidemic Proportions

Iranian hackers hijacked websites to target Israelis in new attacks

Is Your Private Information on the Dark Web?

Israel allows police to use Pegasus spyware to probe killings of Palestinian citizens

Johnson Controls cyberattack disrupting operations, may involve sensitive Department of Homeland Security (DHS) info

Johnson Controls Ransomware Hijack Could Contain Sensitive DHS Information

Large Michigan healthcare provider confirms ransomware attack

Lazarus APT Exploiting LinkedIn to Target Spanish Aerospace Firm

Lazarus Group Impersonates Recruiter from Meta to Target Spanish Aerospace Firm

Lazarus hackers breach aerospace firm with new LightlessCan malware

Major Cyber Attack Targets Global Companies, Reveals Online Security Issues

Malicious ads creep into Bing Chat responses

Malicious Ads Infiltrate Bing AI Chatbot in Malvertising Attack

Methods To Protect Yourself From Identity Theft

Microsoft Breach Exposed 60,000 State Department Emails

Microsoft's AI-Powered Bing Chat Ads May Lead Users to Malware-Distributing Sites

Microsoft’s Bing AI Faces Malware Threat From Deceptive Ads

Misconfigured World Baseball Softball Confederation (WBSC) server leaks thousands of passports

Millions of Exim mail servers exposed to zero-day RCE attacks

More than 3.8 billion records exposed in DarkBeam data leak

MOVEit Developer Patches Critical File Transfer Bugs

MOVEit maker warns of new critical bug affecting thousands

Mozilla Rushes to Fix Critical Vulnerability in Firefox and Thunderbird

Netflix Taken Down by Hackers Over LGBTQ+ Content

New Age Phishing Threats and How to Plan Ahead

No evidence yet of personal data breach in Bermuda cyberattack

North Korean government hackers targeted aerospace company in Spain

North Korean hacker group Lazarus amasses $46m in digital assets

North Korean Hackers Posing As Facebook Recruiters Hit Job Hunters With Malware

Organizations Detecting Ransomware Decline as the Volume and Impact of Targeted Attacks Continue to Rise

"Phantom Hacker" Scams Target Senior Citizens and Result in Victims Losing their Life Savings

PhilHealth network breach bound to happen

Philippine State Insurer Experiences Ransomware Attack on IT System

Phishing, Smishing Surge Targets US Postal Service

Pinal County schools affected by ransomware attack

Plot twist? Younger generations actually ‘more likely’ to fall for scams than elders

Post-Quantum Cryptography: Finally Real in Consumer Apps?

Privacy Regulator Orders End to Spreadsheet FOI Responses

Progress Software Releases Urgent Hotfixes for Multiple Security Flaws in WS_FTP Server

Ransomware gangs destroying data, using multiple strains during attacks

Rugby World Cup highlights needs for cybersecurity

Russian Company Offers $20m For Non-NATO Mobile Exploits

School admits serious data breach after details of pupil's suspension are emailed to parents

Security leaders discuss implications as Sony investigates recent cyber attack

Seven scams to watch out for as criminals find new ways to trick you out of your cash

ShinyHunters member pleads guilty to $6 million in data theft damages

Should your business worry about North Korean cyber attacks?

Sophisticated Ransomware Calls for Sophisticated Protection and Recovery

Tahoe Forest Hospital District notifies patients of data breach

The changing face of cybersecurity threats in 2023

The Disturbing Trend of Cloud-Based DDoS Attacks: Steps for Protection

The Role of DNS in Email Security

The Search for Certainty When Spotting Cyberattacks

Top 4 threats targeting small and medium business in Southeast Asia (SEA)

Top 5 Actionable Cybersecurity Tips for Financial Institutions

UK SMEs Report Rise of Cyberattacks, with Staff Being Significant Risk to Company’s Online Security Framework

United States and Japan Warn about Chinese Hackers Infiltrating Cisco Routers

Unraveling the Johnson Controls Ransomware attack: Dark Angels wants $51 million

US Healthcare Industry Top Target of Cyber Attacks

USA: Shutdown is a hacker’s delight

USAA, Adobe, Walmart and MORE: Top Scams of the Week

Video Encoding Library Leaves Chrome, Firefox and More Open to Zero-Day Attack

VMware users anxious about costs and ransomware threats

Vulnerabilities Found In Another Progress Software File Transfer App

What Is A Crypto Phishing Scam and How Can You Spot One?

ZenRAT Malware Targets Windows Users Via Fake Bitwarden Password Manager Installation Package

28th September

4 Legal Surprises You May Encounter After a Cybersecurity Incident

2022 US Cyber insurance premium surge, but CL0P/MOVEit attack threat looms in 2023

A Guide to Zero-Day Vulnerabilities and Exploits for the Uninitiated

Aeroflot, other airlines’ flights delayed over DDoS attack

Alleged Sony Cyberattack by New Ransomware Group Sparks Controversy

Android Banking Trojan Zanubis Evolves to Target Peruvian Users

Asian banks are a favorite target of cybercooks, and malicious bots their preferred tool

Bermuda public officers to receive salaries despite cyber attack

Billions of passwords and email addresses have been leaked online - so change your logins now

Bing Chat responses infiltrated by ads pushing malware

Booking.com Customers Targeted in Major Phishing Campaign

Budworm APT Evolves Toolset, Targets Telecoms and Government

Budworm hackers target telcos and government orgs with custom malware

Businesses disconnected from realities of API security

China-Linked Budworm Targeting Middle Eastern Telco and Asian Government Agencies

China's BlackTech Hacking Group Exploited Routers to Target U.S. and Japanese Companies

Chinese Hackers Steal 6,000 Sensitive Emails From 10 Employees Of US State Department

Chrome Patches 0-Day Exploited by Commercial Spyware Vendor

Chrome users need to watch out for fake update prompts

Cisco Catalyst SD-WAN Manager flaw allows remote server access

Cisco urges admins to fix IOS software zero-day exploited in attacks

Community First Medical Center Suffers 216K-Record Data Breach

Consultancy Issues Alert About QR Code Phishing

Critical Chrome Update Counters Spyware Vendor’s Exploits

Critical Cisco WAN Manager Vulnerabilities Let Attacker Conduct DoS Attack

Cyberattacks hit military, Parliament websites as India hacker group targets Canada

Cyberattacks on health care industry growing

Dark Angels Team ransomware group hit Johnson Controls

Department of Defense overhauls cyber strategy: Experts weigh in

Department of Homeland Security (DHS) investigating whether floor plans and other security information were exposed in ransomware attack on contractor

Department of Information and Communications Technology (DICT) restoring PhilHealth systems affected by ransomware

Domestic abuse victims at risk over data breaches

Edinburgh trams targeted by ‘cyber attack’ as fears grow over Russian hackers

Edinburgh Trams website offline following 'cyber-attack'

Exiled Russian Meduza Journalist Claims Being Hacked by European State with Pegasus Spyware

Expert advice to protect schools and students from ransomware attacks

FBI: Dual ransomware attack victims now get hit within 48 hours

Francesca’s Acquisition, LLC Provides Notice of Data Breach to 58k Individuals

Francesca's says January data breach impacted over 58,000 customers

Game Over for Cyber Fraudsters: GV Football Scam Busted, China Link Exposed

GitHub Repositories Hit by Password-Stealing Commits Disguised as Dependabot Contributions

Google Catches Surveillance Company Exploiting Serious Flaw in Chrome

Google Patches Chrome Zero-Day Used in Spyware Attacks

GPS Spoofing Raises Alarms

Guide to ransomware and how to detect it

Halifax customers being targeted by new email scam that could drain your bank account

Healthcare industry ranks in top 10 for client data leaks

Honeywell facing multiple lawsuits over data breach

How Can Energy & Utility Companies Detect Hardware and Software Vulnerabilities in Their Networks?

How to avoid the 4 main pitfalls of cloud identity management

How To Implement Zero Trust: Best Practices and Guidelines

In just 3 months, this data breach has compromised nearly 900 institutions

Infusion Firm Faces Lawsuit After Hackers Hit Parent Company

KnowBe4 Finds U.S. Healthcare a Top Target For Cyber Attacks

Making cybersecurity part of the Middle East’s DNA

Marsh McLennan Asks Court to Revisit Data Breach Ruling to Avoid Flood of Litigation

MFA Bombing: Everything You Need to Know

MGM class action claims data breach exposed sensitive customer information

Microsoft breach led to theft of 60,000 US State Dept emails

Microsoft Data Leak - Are You at Risk?

Misconfigured World Baseball Softball Confederation (WBSC) server leaks thousands of passports

Mobile cyber threats rising in Nigeria, others

Mobile threats in the Middle East, TĂ¼rkiye, Africa region rise in Q2 2023

MOVEit maker announces new critical vulnerability affecting a different file transfer tool

Navigating Data Breach Claims

Need To Mitigate Rising Cyber Incidents In Africa

New GPU Side Channel Vulnerability Impacts GPUs from Intel, AMD, Apple & Nvidia

NordLocker survey reveals: 50% of respondents face cyberattacks yearly - employers blame employees

OpenSea User Data Breach Alert: Essential Steps To Take

Passkeys Explained: How They Work, And Why You Should Use Them

PHH Mortgage Notifies Consumers of a Recent Data Breach That Leaked Their Social Security Numbers

PhilHealth website services 'likely' back to normal soon

Phishing bank scams in Australia: How to protect your business

Pro-India Hacker Group Claims Responsibility for Cyberattack on Canadian Forces Website

Progress warns of maximum severity WS_FTP Server vulnerability

Ransomware group demands $51 million from Johnson Controls after cyber attack

Ransomware groups are shifting their focus away from larger targets

Ransomware Insurance Claims From Businesses Hit Historic High

Recent Hack Sees HTX Lose $8 Million, Binance's CEO Offers Expertise

Reporting Cryptocurrency Scams: Your Guide to Taking Action

Rhysida ransomware group claims major cyber attack on Kuwait's Ministry of Finance

Risk-Based Vulnerability Management for Efficient Security

Royal HZPC Group takes steps forward after cyber attack

Russian flight booking system suffers ‘massive’ cyberattack

Russian state hackers attempted to block Ukrainians from opening US bank accounts

Security researcher stopped at US border for investigating crypto scam

Senior managers are more likely to click on phishing emails

South Yorkshire residents warned to be alert of telephone fraudsters

Study Reveals Conti Affiliates Money Laundering Practices

Supply Chain Attackers Escalate With GitHub Dependabot Impersonation

Suspected China-based hackers target Middle Eastern telecom, Asian government

Tesla class action claims data breach exposed employee info

The anatomy of a Facebook account heist

The Disturbing Trend of Cloud-Based DDoS Attacks: Steps for Protection

The hidden costs of neglecting cybersecurity for small businesses

This devious phishing scam makes it look like dodgy emails are actually safe

Tips for Small Businesses to Stay Cyber-Safe

Types of Adversarial Machine Learning Attacks and How To Overcome Them

U.S. Businesses See Cyberattacks Tick Down–But They’re Still At Unsustainably High Level

UK data regulator warns that data breaches put abuse victims’ lives at risk

UK Logistics Firm Forced to Close After Ransomware Breach

University of Illinois provides update on earlier ransomware attack

Unpatched Cisco Catalyst SD-WAN Manager Systems Exposed to DoS Attacks

Update Chrome Now: Google Releases Patch for Actively Exploited Zero-Day Vulnerability

US: China’s BlackTech Group Hacks Cisco Firmware in Cyberattacks

US and Japan Warn of Chinese Router Attacks

US businesses see cyberattacks decrease; Still too high to sustain

US Lawmaker: Government Shutdown Will Leave Americans Exposed to Cyber-Attacks

US State Department emails stolen by Chinese hackers in Microsoft leak, staffer says

US, Japan Warn of New China Hacker After ‘60,000 Emails Stolen’

Wakefield Council data breach put mum and children at risk

Web application & API attacks surge in Asia Pacific and Japan (APJ) financial sector

Why cyber risk policies don’t deserve their sticky reputation

Why Trust Is Key In Cybersecurity: Analyzing The MOVEit Ransomware Attacks

Yet another Chrome zero-day exploited in the wild! (CVE-2023-5217)

27th September

40% of U.S. security leaders cite malware as threat focus

Ahmedabad: Cop held for leaking data to help unethical hacker extort money

Are you one cyber breach away from insolvency?

Attacks on European Financial Services Double in a Year

Baruch College: ‘No evidence’ of personal data compromised in malware attack

BEC Attacks Increase By 279% in Healthcare

Behind the Screens: Are Your Text Messages Safe from Hackers?

Bermuda government departments and services paralysed by a significant cyber attack

Browser-in-the-Browser (BitB) Attack Takes Advantage of Single-Sign-On Trust

Building automation giant Johnson Controls hit by ransomware attack

CareSource Facing Multiple Class Action Lawsuits Over MOVEit Data Breach

ChildFund NZ discloses third-party breach

Clorox Cyber Attack to Cause Product Shortages, Impact First Quarter Results

Cost of a data breach 2023: Geographical breakdowns

Critical infrastructure: Beyond just cyber security

Critical libwebp Vulnerability Under Active Exploitation - Gets Maximum CVSS Score

Cyber threats remain top concern for businesses in 2023: Travelers Risk Index

Cyber-Attacks on Ukraine Surge 123%, But Success Rates Plummet

Cyber-risk at live sporting events is growing

Cybersecurity Mistakes That Have Nothing To Do With Technology - And How Companies Can Fix Them

Dallas: Royal ransomware gang infiltrated networks weeks before striking

DarkBeam leaks billions of email and password combinations

David Walliams Sues Britain's Got Talent Producers Over Data Breach

Debt Collection Company LCS Financial Services Files Notice of Data Breach

Endpoint detection and response (EDR) saves the day for faster response to cyber attacks

Fake Bitwarden installation packages delivered RAT to Windows users

Fake Bitwarden Password Manager Website Drops Windows ZenRAT

Fake Bitwarden sites push new ZenRAT password-stealing malware

Florida city duped out of $1.2M in simple BEC scam

GitHub repos bombarded by info-stealing commits masked as Dependabot

Google “confirms” that exploited Chrome zero-day is actually in libwebp (CVE-2023-5129)

Google Indexed Trove of Bard AI User Chats in Search Results

Hacker Stole $200 Million in Cryptocurrency from Mixin Network

High number of security flaws found in EMEA-developed apps

How do you know if your business is protected enough against the rising tide of cybercrime?

How do you spook cyber criminals?

How to prevent pesky compromised endpoints

How to Store Employee Information Safely

Huron Perth Healthcare Alliance (HPHA) patients may be affected by provincial data breach

IBM and Johnson & Johnson Health Care Systems Sued Over August 2023 Data Breach

Improving Communication Could Strengthen Federal Efforts to Prevent the Next Major Cyberattack

Is your home office cyber safe?

JetBrains Patches Severe TeamCity Flaw Allowing RCE and Server Hijacking

Justin Sun Offers 5% Reward for Hackers That Stole $8,000,000 From Crypto Exchange HTX

Kannact says March data breach impacted more than 117,000 individuals

Kenya: Three Entities Fined over Sh9 Million for Data Breach

Kingston Police warn of top-level domain phishing attacks

Kuwait: Cyber attack involved unauthorized duplication of records

Lack of cyber education leaves SMEs vulnerable to cyberattacks

Lateral Movement: What Every Business Should Know

Leading CISO Creates Model for Ransomware Payment Decisions

Lindale ISD warns of student email hack, says police are investigating source

Major charities reassure supporters as regulators assess data breach

Malicious Actors Exploiting AI Chatbot Jailbreaking Tips

Malware Concealed as Dependabot Contributions Strikes GitHub Projects

MEDUSA Ransomware Group Strikes Again: Italian Company and Canadian Firm Latest Victims

Modern GPUs vulnerable to new GPU.zip side-channel attack

Most contractors unprepared for cyberattacks

MOVEit cyberattacks: keeping tabs on the biggest data theft of 2023

Multiple hackers claim responsibility for Sony data breach

Mysterious crypto vendor hacked, OpenSea, Nansen warn users

Nation-state Level Cyberattacks

New Survey Uncovers How Companies Are Confronting Data Security Challenges Head-On

New twist on ZeroFont phishing technique spotted in the wild

New ZenRAT Malware Targeting Windows Users via Fake Password Manager Software

NSA releases guide to spot China-linked router hackers

Ontario’s birth registry says MOVEit Transfer hack impacted over 3.4m residents

Preventing employees from becoming the gateway for cyberattacks

Preventing Ransomware and Malware Starts with Good Cyber Hygiene

Racketeer Influenced and Corrupt Organizations Act (RICO) class-action data privacy lawsuit filed against H&R Block, Google, Meta

Ransomed.vc Group Hits NTT Docomo After Sony Breach Claims

Ransomware Attack Blamed As Logistics Firm Collapses

Ransomware soars as enterprises struggle to respond

RATs, rootkits, and ransomware (oh my!)

Red Cross-Themed Phishing Attacks Distributing DangerAds and AtlasAgent Backdoors

Regulator Warns Breaches Can Cost Lives

Researchers Uncover New GPU Side-Channel Vulnerability Leaking Sensitive Data

Rug Pulls, Hacking Attacks, Phishing Scams; Crypto Loses $890 Million In Q3

Russian zero-day seller offers $20M for hacking Android and iPhones

Security researcher hit with a Grand Jury subpoena after feds confuse crypto crook investigation with crime

ShadowSyndicate: A New Player in the RaaS Landscape

Simple Membership Plugin Flaws Expose WordPress Sites

Skidmore College may face potential lawsuits over data breach

‘Snatch’ Ransom Group Exposes Visitor IP Addresses

Sony devices hacked? Hacker 'threatens' to release 'stolen' data by 28 September

Sony investigates the alleged data breach that has led to hacker infighting

Sony’s Systems Might Have Been Hacked by a New Ransomware Group

SSH keys stolen by stream of malicious PyPI and npm packages

T-Mobile blames reseller for April data breach that compromised employee records

The Cost of Cybercrime in the US: Facts and Figures

The cyber scam that’s trending more than ransomware

These are the IoT-related threats to be aware of

This dangerous Android malware is stealing from 100 banking apps - protect yourself now

Tribal Gaming Regulator Chides Caesars, MGM on Ransomware Attacks

US and Japan warn of Chinese hackers backdooring Cisco routers

US, Japan say ‘BlackTech’ Chinese government hackers exploiting routers during attacks

Vulnerability in popular ‘libwebp’ code more widespread than expected

Wakefield Council reprimanded over domestic abuse data breach which put the safety of family at risk

Web app, API attacks surge as cybercriminals target financial services

Why root causes matter in cybersecurity

Why The New U.S. National Cybersecurity Strategy Is At Risk

Why You Should Be Concerned About the MGM ‘Vishing’ Attack

WVU Medicine Provides Notice of Third-Party Data Breach

Your Bard conversations are someone else's Google results

ZenRAT Targets Windows Users with Fake Bitwarden Site

26th September

15 Virtual Private Server (VPS) Security Tips to Prevent Attacks on Your Server

75% who didn't report cyber attack to leadership, felt guilty about it

85% of IT anticipate leaving their role due to burnout

A Primer On Artificial Intelligence And Cybersecurity

Accountability sought for PhilHealth cyberattack

Alberta Dental Service Corporation says no fallout from ransomware attack so far

‘All Of Sony Systems’ Allegedly Hacked By New Ransomware Group

All Sony systems including PlayStations have been hacked, new ransomware gang claims and threatens to sell stolen data

Are developers giving enough thought to prompt injection threats when building code?

Auckland Transport (AT) ransomware attack: Customers urged to reset top-ups on Hop cards

August data breach roundup

Australian Government’s ‘Six Cyber Shields’ Is Potentially a Well-Meaning Skills Crisis

Aware but unprepared: Canadians know fraud is on the rise, but don't know what to do if their data is compromised

Bermuda Public Services Remain Disrupted After Cyber Attack

Beware, Scammers are now attacking people through calls and fake OTPs

BORN Ontario data breach left health data of millions exposed. What went wrong?

Broomfield Skilled Nursing and Rehabilitation Center settles breach-related charges with Colorado Attorney General

Canadian Flair Airlines left user data leaking for months

China’s hackers target Tibetans, Uyghur, and Taiwanese

Chinese Hackers TAG-74 Targets South Korean Organizations in a Multi-Year Campaign

CISA Publishes Hardware Bill of Materials Framework

Cl0p’s MOVEit attack tally surpasses 2,000 victim organizations

College kids should review passwords and credit amid massive Progress software data breach

CommonSpirit Health Increases Ransomware Attack Cost Estimate to $160 Million

Critical JetBrains TeamCity Flaw Could Expose Source Code and Build Pipelines to Attackers

Critical JetBrains TeamCity vulnerability could be exploited to launch supply chain attacks (CVE-2023-42793)

Cyberattacks on local governments are on the rise, highlighting a need for enhanced security

Cybercriminals Steal $200 Million From Crypto Firm Mixin In Data Breach

DJI Mavic 3 drone manuals abused to deliver malware

Emerging cybersecurity threats in healthcare

Essential Guide to Cybersecurity Compliance

Fake Red Cross blood drive info lures phishing victims

FBI, CISA Warn of ‘Snatch’ Ransomware Threat to Defense Industrial Base (DIB), Other Sectors

Francesca’s nightmare: women’s boutique hacked

Generative AI Security Challenges – Fighting fire with fire

Google assigns new maximum rated CVE to libwebp bug exploited in attacks

Hackers actively exploiting Openfire flaw to encrypt servers

Hackers Exploit Openfire Vulnerability to Deploy Ransomware and Cryptominers

Hackers Lures Drone Manual to Deliver Notorious MerlinAgent malware

Half of Cyber-Attacks Go Unreported

Has Sony been hacked again?

Honeywell class action claims data breach exposed personal information of 100,000+

Hong Kong: Consumer council in fight mode on hack

How to keep the latest cyber-attack dog on the leash

HTX Hacker Makes Off With $8 Million

Image Extortion: A Sinister new Tactic for Ransomware

Iran-Linked OilRig Group Launches New Cyber Attack on Israel

IT workers see generative AI as a serious threat to their profession

Johnson & Johnson, IBM face class-action lawsuit over patient data breach

Kaspersky discovers harmful phishing scam targeting employee self-evaluation requests

Kenya: Microlender fined Sh3m for data breach

Kettering logistics firm enters administration with 730 jobs lost

Kuwait isolates some government systems following attack on its Finance Ministry

Lawsuit: Honeywell cyberattack exposes personal information of thousands

LockBit 3.0 tops hacking list in August amid decrease in ransomware attacks

Maries County Courthouse under cyber attack for past few days

Maries County Emergency Managements says it was hit with cyber attack, says one 911 call affected

MassMutual Annuity Unit Faces Federal MOVEit Data Breach Suit

Metromile data breach $775K class action settlement

MGM and Caesars-like phishing campaign continues targeting luxury hotels

Microsoft AI Researchers Exposed 38TB Private Info

More technical woes hit Auckland Transport, commuters

More than 30 US Banks Targeted in New Xenomorph Malware Campaign

MOVEit cyberattack is pause for concern

MSP shares details of Kaseya VSA ransomware attack, recovery

New AtlasCross hackers use American Red Cross as phishing lure

New ZeroFont phishing tricks Outlook into showing fake AV-scans

NFT marketplace OpenSea has been hacked, again

Online Banking Security: Best Practices for Your Protection

Pay Attention: Hackers Are Targeting LastPass Users With Phishing Emails

Pension Firms Report 4000% Surge in Breaches

Philippines state health org struggling to recover from ransomware attack

Pizza Hut Australia’s Data Breach Impacts over 190K Customers

Product leasing giant Progressive Leasing warns sensitive information stolen in cyberattack

Progress Software stock struggles as data breach updates sour promising results

Ransomware and Social Engineering Threats Are Real

Ransomware Group Claims 'All of Sony Systems' Hacked

Ransomware group offering Sony data for sale

Report shows cybersecurity budgets increased 6% for 2022-2023 cycle

Researchers Uncover RaaS Affiliate Distributing Multiple Ransomware Strains

Rising cyberattacks on schools put students at risk

Russian hackers target Ukrainian government systems involved in war crimes investigations

Security leaders weigh in on latest MOVEit data breach

Settlement reached with Broomfield nursing facility over 2021 data breach

Seven notorious cloud security breaches uncovered

ShadowSyndicate: A New Cybercrime Group Linked to 7 Ransomware Families

ShadowSyndicate hackers linked to multiple ransomware ops, 85 servers

ShadowSyndicate Investigation Reveals Ransomware-as-a-Service (RaaS) Ties

ShadowSyndicate linked to 7 ransomware attacks in the past year

SickKids impacted by Better Outcomes Registry & Network (BORN) Ontario data breach that hit 3.4 million

Smishing Triad Stretches Its Tentacles into the United Arab Emirates

Sony breach: company investigating ransomware claims

Sony Confirms They Are Investigating Potential Ransomware Attack

Sony investigates cyberattack as hackers fight over who's responsible

Sony Investigating Alleged Hack of 'All Systems' by Ransomware Group

Sony investigating alleged ransomware attack, group threatens to sell data

Sony Investigating Potential Data Breach

Sony Launches Investigation After Ransomware Group Claims to Have Breached Company’s Systems

Sony Under Siege: Company Allegedly Hacked By New Ransomware Group

South Africa faces a rising tide of ransomware

Strategies for Merchant Ransomware Protection

Swan Retail cyber attack woes continue

Telcos targeted with novel kit – mysterious adversary behind the attacks

Temu class action alleges company failed to protect customer data, resulting in breach

Threat Report: The High Tech Industry Targeted the Most with 46% of NLX-Tagged Attack Traffic

Top Five Things You Need to Know to Protect Against Insider Threats

Travelers’ latest Risk Index finds cyber threats still a major concern

Travelers Risk Index: Amid Fluctuating and Emerging Business Risks, Cyber Threats Remain a Leading Concern

Two Concordia Parish banks affected by data breach

UK logistics firm blames ransomware attack for insolvency, 730 redundancies

Ultimate Guide to IoT Security Testing

Wawa’s $10.7M data breach lawsuit against Mastercard thrown out

Welsh furniture store chain Leekes ‘suffers ransomware attack’ by NoEscape

What to do after falling to a phishing scam - 10 urgent steps

Why the public sector is an easy target for ransomware

WormGPT, WolfGPT and FraudGPT – how to spot scams created by ChatGPT's 'evil cousins'

Xenomorph Android Banking Trojan Makes Landfall in US

Xenomorph Android Malware Campaign Targets US Banks

Xenomorph Banking Trojan: A New Variant Targeting 35+ U.S. Financial Institutions

ZenRAT Malware Uncovered in Bitwarden Impersonation

25th September

$70 Million Loss After Data Breach of CoinEx Crypto Exchange, Services Temporarily Suspended

79% of organizations confident in ransomware defenses

$200 million stolen in Hong Kong crypto heist

900 U.S. Schools Hit by MOVEit Hack, Exposing Student Data

A ransomware group claims to have breached ‘all Sony systems’

Air Canada reports data breach, employee data affected

‘All Sony Systems’ Reportedly Breached by Ransomware Group

Almost 900 US Schools Breached Via MOVEit

Apple issues security fixes for iPhone, iPad, Apple Watch to fight Predator spyware

Are you ready to build your organization’s digital trust?

Are You Willing to Pay the High Cost of Compromised Credentials?

As ransomware threats climb again, businesses need peace of mind

Australia: Government assists law firm for 16 weeks after cyber attack

Australian Federal Police claw back $45m lost to BEC scammers

Balancing cybersecurity with convenience and progress

Better Outcomes Registry & Network (BORN) Ontario child registry data breach affects 3.4 million people

Business Email Compromise (BEC) Scammer Pleads Guilty to Part in $6m Scheme

Canada: Perinatal and child registry data breach affects health info of 3 million Ontarians

Carding: what is this popular cyber scam and how to avoid it

China-Linked EvilBamboo Targets Mobiles

Clearinghouse Gets An F-Grade For Data Breach Affecting Nearly 900 US Schools

Crypto Exchange HTX Lost $8M of Ether Due to a Hack

Crypto firm Nansen issues data breach alert, asks users to reset password

Crypto Heist: North Korean Lazarus Group Holds $47M In Bitcoin & More

Current ransomware defensive efforts are not working

Cyber attack pushes KNP Logistics into administration with loss of 730 jobs

Cyber Security in Banking: Top Threats and Best Ways to Prevent Them

Data Breach Toll Tied to Clop Group's MOVEit Attacks Surges

Data Breaches from MOVEit Zero-Day Still Piling Up

Data Security Posture Management: What’s Fact and What’s Fiction?

Deadglyph: A New Backdoor Linked to Stealth Falcon APT in the Middle East

Defending Against Generative AI

Despite rising insider risk costs, budgets are being wasted in the wrong places

Facebook live streaming fakes used as lure by phishers

FBI director urges private sector to work with the agency on cyber threats

Five key threats facing cyber teams and how to navigate them

Five years on: the legacy of GDPR

Florida city duped out of $1.2 million in phishing scam, police say

Four Data Security Challenges Set to Impact Organizations in the Coming Years

From Watering Hole to Spyware: EvilBamboo Targets Tibetans, Uyghurs, and Taiwanese

GenZ Falls For More Online Scams Than Their Grandparents, Report Says

Gold Melody cyber crime group selling access to breached networks to other cyber criminals

Grand Valley State University warns about potential direct deposit scams

Hackers damage Bulgarian fact-checking site fighting Russian disinformation

Hackers target Pakistan military's media site, claim Pakistan army 'best' in world, warn politicians

Hands-on threat simulations: Empower cybersecurity teams to confidently combat threats

Harnessing GenAI: Building Cyber Resilience Against Offensive AI

Hong Kong: Consumer Council says over 20,000 alerted of data breach

Hong Kong crypto business Mixin says hackers stole $200 million in assets

How can businesses learn to live with ransomware?

How global enterprises navigate the complex world of data privacy

Human misconceptions of risk: The blocker to password evolution

Hundreds of US schools compromised following ransomware hack

Mixin Network hack drains $200M from mainnet assets

Mixin Network suspends operations following $200 million hack

Mount Desert Island Hospital data breach compromised the data of over 32k patients

MOVEit fallout continues as National Student Clearinghouse says nearly 900 schools affected

National Student Clearinghouse discloses data breach affecting 900 US schools

National Student Clearinghouse MOVEit breach impacts nearly 900 schools

New data from Netskope reveals growing malware threat in the financial services industry

New Report Uncovers 3 Distinct Clusters of China-Nexus Attacks on Southeast Asian Government

New variant of BBTok Trojan targets users of +40 banks in LATAM

North Korean Lazarus Group amasses over $40M in Bitcoin, data reveals

Northern Ireland: Protecting people’s data is paramount

Personal data of 25,000 Hongkongers at risk after cyberattack against consumer watchdog, up from earlier estimate of 8,000

Personalized Customer Experiences Are Important - But Not At The Cost Of Data Privacy

Philippines leads ASEAN in disruptive cyberattacks

'Power, influence, notoriety': The Gen-Z hackers who struck MGM and Caesars

Prime Big Deal Days: How to avoid scams and shop safely during Amazon’s next big sale

Product leasing giant warns that sensitive information was stolen during cyberattack

Protecting your business: Data breach cost averages £3.4M for UK companies

Qakbot Takedown Resembles Hack Back, Will Botnet, Malware Be Resurrected?

Ransomed.vc group claims hack on ‘all of Sony systems’

Ransomware a threat to the trucking industry

Ransomware group claims to have breached "all of Sony's networks" and is selling the data

Ransomware Group Claims to Have Compromised Sony’s Systems

Ransomware group reportedly selling stolen Sony data

Ransomware group threatened to sell Sonys data on dark web

Ransomware groups are once again targeting smaller businesses for more lucrative payouts

Researchers Spot Novel “Deadglyph” Backdoor

Rise in cybercriminals leveraging voice phishing and OTP theft for data breaches

Royal lurked in Dallas’ systems weeks before ransomware attack

Russia’s APT29 intensifies espionage operations

Scattered Spider “bites” in Las Vegas

Six Additional Companies Impacted by Sovos Compliance Data Breach Related to MOVEit Vulnerability

Sony Faces Another Ransomware Attack with Potential Impact on PlayStation Network

Sony Falls Victim to Major Ransomware Attack

Sony Has Allegedly Suffered a Huge Hack by Ransomware Group

Sony reportedly facing another ransomware attack, PlayStation Network may get affected

Sophisticated APT Clusters Target Southeast Asia

T-Mobile data breach exposes personal customer information

T-Mobile data leak exposed customers' personal and card details online

The importance of DNS Filtering in Cybersecurity

The Philippines: Department of Information and Communications Technology (DICT) issues warning, guidelines to government agencies vs. Medusa ransomware

There is A New Scam Targeting Spectrum Internet Customers – Here is What You Need To Know To Avoid It

Three US firms add over a million MOVEit victims

TikTok Scandal Unveiled: Temu Referral Scams Exploit Fake Celebrity Leaks for Rewards

UAE: Cybersecurity Council exposes phishing methods

Ukrainian Military Targeted in Phishing Campaign Leveraging Drone Manuals

Unmasking cyber criminals: The power of privileged identities

Web3 Platform Mixin Network Hit by $200m Crypto Hack

What businesses can do to promote a security culture

Why Modern, Phishing-resistant Authentication Is The Key To Securing Digital Identities

Xenomorph Android malware now targets U.S. banks and crypto wallets

Zero Trust Architecture: Strengthening User Authentication and Access Management

Zero Trust Authentication: 7 key principles of the new security concept