Editor's Message

Welcome to DBD. On March 8th we celebrated our 4th Anniversary and the 1st Anniversary of our PRiSM application, officially endorsed by the SANS Institute. Despite recent personal issues that have impacted the amount of time I have been able to dedicate to both projects, I have been doing my best to keep everything as up-to-date as possible, and I would like to take this opportunity to thank everyone for their patience and support whilst I navigate through this very difficult time. Stay safe. :)

Monday 30 October 2023

Dallas County: Texas County Government's "PLAY" Ransomware Attack Results In IT Systems Disruption And Stolen Data Leak Threat

Data Breaches Digest - Week 44 2023

Welcome to this week's Data Breaches Digest, a catalogue of links concerning Data Breaches and Cyber Security that were published on the Internet during the period between 30th October and 5th November 2023.

5th November

A Bold New Plan for Preserving Online Privacy and Security

Action Fraud warn over emails offering free spins at online casinos

All You Need to Know About Wiper Attacks

An efficient cyber market is “critical” for tackling emerging threats

Bitfinex users fall for ‘minor’ phishing attack after employee gets hacked

Blockchain engineers’ Macs are targets of North Korea-linked malware

Cyber group that breached Iran's electricity grid targets Hadid family

Cybercrimes: 75% Health Organisations Lose Data To Ransomware Attacks

Cybersecurity Threats in VoIP: How to Safeguard Your Business

DDoS attack revealed as cause of online service outage at public healthcare institutions

From phishing to deepfakes: Navigating modern cyber fraud techniques

How to avoid scams and frauds while sending and receiving cryptocurrencies

Mitigating Cyber Risks at Sea

Mobile phone security needs public-private collaboration

Mr. Cooper Locked Down By Cyber Attack

Pakistan: Hackers playing with poor banking system

Phishing with QR codes: watch out for ‘quishing’

Phone scams to data leaks: securing Pakistan’s digital frontier

Record 35-year sentence sought for voice phishing mastermind

‘Scam-in-a-box’: MyGov suspends thousands of accounts linked to dark web kits

Second batch of data stolen in hospital ransomware attack appears to have been leaked

Securing India’s Digital Future: The Role of Electronic Security in the Age of Cyber Threats

Socks5Systemz proxy service infects 10,000 systems worldwide

The Importance of Cybersecurity in Safeguarding Critical Infrastructure

The Rising Global Concern of Spear Phishing: A Comprehensive Business Report

Trinidad and Tobago: Minister orders independent investigation into TSTT data breach

Virgin Media issues urgent email alert to customers - check your inbox today

What is SIM Swap Scam and What You Can Do to Prevent it?

WormGPT: Dark web’s new AI weapon for cyberattacks

4th November

After major data breach, personal information of 1.2 million Cook County Health patients at risk

Amateur Cybercriminals Targeted by Fake Malware

Apple 'Find My' network can be abused to steal keylogged passwords

Common Cyber Mistakes That Businesses Need To Avoid

Crystal Run Healthcare fighting against cyber attack

Cyber Fraud Victims Look to Cover Losses; Insurance Policies Gain More Preference

Discord will switch to temporary file links to block malware delivery

EleKtra-Leak Campaign Uses AWS Cloud Keys Found on Public GitHub Repositories to Run Cryptomining Operation

Facebook accounts hit with malicious ad attack with dangerous malware

Federal Trade Commission Expands Rule Regarding Reporting of Data Security Breaches

Hacker Attempts to Sell 23andMe’s Stolen Data on Ashkenazi Jews

Here’s how people with disabilities can stay safe online

How Does AI Help in Strengthening the Security Spine of Enterprises?

How E-commerce Businesses Are Using AI and ML to Stop Fraudsters in 2023

How Effective Are Government Sanctions at Tackling Ransomware Groups?

Keeping Your Debit Card Secured From Fraudsters

LEGO Marketplace BrickLink Hacked? Website Down Amid Unusual Activity

New Data Breach Exposes Former Staff of Tele-Fundraiser Pareto Phone

Okta's Recent Customer Support Data Breach Impacted 134 Customers

Password Reuse is Still a Major Threat

Provocative Facebook Ads Leveraged to Deliver NodeStealer Malware

Russia’s 2nd-Largest Insurer Rosgosstrakh Hacked; 400GB of Data Sold Online

Singapore Public Healthcare Web Services Outages Were Caused by a DDoS Attack

Stay Ahead of the Scammers and Keep Your Accounts Safe

Stay Safe Online: Don’t Fall for Fake Browser Update Traps

StripedFly Malware Operated Unnoticed for 5 Years, Infecting 1 Million Devices

Telecommunications Services of Trinidad and Tobago (TSTT) apologises to customers, says no passwords, credentials accessed

Telecommunications Services of Trinidad and Tobago (TSTT) data breach ‘troubles’ Telecommunications Authority of Trinidad and Tobago (TATT)

The Big Challenge Of Cybersecurity: How Indian Companies Are Facing Rising Threat Amid Relentless Attacks

The Netherlands: Russian hackers attack public transport chip card website, temporarily inaccessible

This top torrent service suffered a major data breach

Trinidad and Tobago: Ransomware group ‘can come back’

Watch out for quishing – or phishing with QR codes

3rd November

5 Best Practices to Improve Data Security

8 in 10 Singaporeans approve of proposed phishing scam accountability framework

48 Malicious npm Packages Found Deploying Reverse Shells on Developer Systems

2023 Mobile Threats Unravelled: A Year of Vigilance

Ace Hardware Still Reeling From Weeklong Cyberattack

Ace Hardware struggles to restore systems after ‘malicious’ cyberattack

AI is transforming financial crime compliance

AI-Generated Phishing Emails Almost as Effective as Humans

Almost 70% of children & adolescents have been exposed to cyber risks

Amended New York cyber regulations up pressure on financial firms to combat risks

American Airlines pilot union hit by ransomware attack

American Airlines pilot union hit with ransomware

American Airlines Pilots Union Hit By Major Ransomware Attack That Took Down Website And Could Have Resulted in Sensitive Data Being Stolen

Amid a New Middle East Conflict, it’s Time to Reassess Supply Chain Risk

Apple warns Armenians of state-sponsored hacking attempts

Atlanta healthcare software company NASCO says MOVEit Transfer breach impacted 800k patients

Atlassian Finds Public Exploit for Critical Bug

Australia: Senator Says Cyber Standards for Entities Working with Government Likely to Increase

Australians' growing anxiety over data security highlighted by Norton

Black Friday, Walmart, AUPost, and Google: Top Scams of the Week

BlackCat strikes again - and this time it's breached a healthcare giant

Bloemfontein metro shaken by cyber attack

Blue Cross Blue Shield of Illinois Provides Notice of Data Breach to TTEC Healthcare Employees

Boeing back on LockBit ransom list after confirming cyber incident

Boeing confirms ransomware attack, here's what hackers are claiming

Boeing investigating LockBit ransomware group's claim of a major cyber attack on its network

Bureaucracy is complicating health care's hacking problem

Business credentials are under constant threat from automated attacks, so make sure you protect them

Businesses are finding AI a challenge for data privacy

CanesSpy Spyware Discovered in Modified WhatsApp Versions

City of St. John’s Reports Privacy Breach With RECconnect System

Consumer Alert: A huge data breach is affecting patients across the Rochester area — here’s what you need to do

Corrupt police intel analyst jailed for tipping off criminal about EncroChat hack

Cyber experts and officials raise alarms about exploits against Citrix and Apache products

Cyber security talent gap amid AI boom could be perfect storm

Cyberattack takes down one of the largest mortgage lenders in the US

Cybersecurity in Healthcare: The Methods & Importance of Medical Data Protection

Cybersecurity is pivotal to a sustainable future for life insurers

Cybersecurity must be a priority in the event of a government shutdown

DarkGate, Which Abused Microsoft Teams, Now Leverages MSI Files

Data breach at MGM Resorts, parent company of Borgata, expected to cost casino giant $100 million

Data breach exposes personal information of Piscataqua Savings Bank account holders

Data Breaches and Cyber Attacks in October 2023 – 867,072,315 Records Breached

Do more to protect patient data from cybercriminals: IT experts

Domain protection protocols: How to intercept a cyber attack

Don’t Get Caught in ‘Phishing’ Season

Dutch hacker jailed for extortion, selling stolen data on RaidForums

Facebook accounts hit with malicious ad attack with dangerous malware

Financial organizations embrace automation for enhanced security

Hacker Stole Almost A Million Lines Of DNA Info From 23AndMe From And Tried To Sell It

Half of UK businesses hit by cyber attack in 2023

Headhunt for 4 million cybersecurity pros: current shortage is largest ever

Healthcare Data Breaches Impact 88 Million Americans

Healthcare’s road to redefining cybersecurity with modern solutions

Henry Schein ransom negotiations fail, say attackers ALPHV/BlackCat

HHS alerts health care sector to ransomware, data extortion gang

How AI-Based Cybersecurity Strengthens Business Resilience

How Sophisticated Social Engineering Attacks Are Targeting IT Service Desks

How the US aims to tackle the ‘collective action problem’ of ransomware

In today’s data-driven world, compromising on cybersecurity is not an option

Incident of the Week: US federal agencies hit with MOVEit cyber attack

Incident response planning requires constant testing

India: Concerns over Aadhaar Data Breach and Frauds Prompt Civil Society Forum to Call for Banking Safeguards

Infosys US unit hit by cyber event

Insurance broker falls for phishing attack, leaves 80K people affected

IoT zombie botnet suddenly goes dark: who killed it remains a mystery

KandyKorn macOS malware lobbed at blockchain engineers

Kinsing Actors Exploiting Recent Linux Flaw to Breach Cloud Environments

Lazarus Group uses KandyKorn macOS malware for crypto theft

Managing Insider Threats With Advanced Tech And Simple Precautions

Mental healthcare provider Deer Oaks says cyber attack impacted the data of 172k patients

Most bank phishing scam victims are young people from Gen Z

MuddyWater has been spotted targeting two Israeli entities

‘Multi-stage social engineering’ campaign against Israel tied to Iran-based group

National meal-delivery company Mom's Meals faces lawsuit over alleged data breach

Navigating daily cyber threats: A CEO’s perspective on real-world challenges

New Microsoft Exchange zero-days allow RCE, data theft attacks

NodeStealer Malware Hijacking Facebook Business Accounts for Malicious Ads

Office of the Australian Information Commissioner (OAIC) takes pathology company to court over data breach

Okta breach: 134 customers exposed in October support system hack

Okta defends 2-week gap in response to identity token theft, says 134 customers affected

Okta employees impacted by Rightway third-party breach

Play ransomware group claims major cyber attack on Dallas County's systems

Predictive AI in Cybersecurity: Outcomes Demonstrate All AI is Not Created Equally

Privacy breach at City of St. John's affects 219 residents

Prolific Mozi Botnet Deliberately Shut Down with Kill Switch

Ransom DDoS Attacks Might Increase In November & December

Ransomware Is the Main Threat

Researchers discover malicious WhatsApp modification

Russian FSB arrested Russian hackers who supported Ukrainian cyber operations

Security leaders fear liability risks as regulators target cyber defense failures

Singapore public health services hit by DDoS attacks

Smart Cities and Cybersecurity: Protecting Citizens from Malicious Attacks

Southend-on-Sea City Council: Over 2,000 staff details revealed in data breach

Southend-on-Sea City Council self-refers to Information Commissioner’s Office (ICO) after Freedom of Information data breach

Tellor (TRB) Falls Victim Of A Twitter Phishing Scam, Price Drops

The top three cybersecurity threats you didn’t know to look out for

The True Cost of a Data Breach

To Improve Cyber Defenses, Practice for Disaster

Trinidad and Tobago: Yes TSTT customers, your personal information is on the dark web

UAE has thwarted 71 million cyber attacks this year, authorities say

UK: Government claims it has never paid a ransomware demand – and never will

Unveiling the Mr. Cooper data breach: What happened?

US sanctions Russian accused of laundering virtual currency for ransomware affiliate

Ventura Orthopedics notifies patients of data breach – 3 years later

Vulnerability In Fluent Forms Contact Form WordPress Plugin

What Can Someone Do With Your IP Address?

What Is Quishing? Everything You Need to Know

2nd November

6 steps to accelerate cybersecurity incident response

$10 Million in BTC Stolen From FTX on Move

10 must-know PC security tips that keep you safe online

Ace Hardware Hit By Cybersecurity Breach. Everything We Know So Far!

Ace Hardware says 1,202 devices were hit during cyberattack

Advocate Aurora patients whose health info was exposed have until mid-January to join $12.2M settlement

AI a Game-Changer in Social Engineering Attacks

Arabic-speaking WhatsApp users targeted with spyware

Atlassian warns of exploit for Confluence data wiping bug, get patching

Attackers exploiting Apache ActiveMQ flaw to deliver ransomware (CVE-2023-46604)

BlackCat ransomware claims breach of healthcare giant Henry Schein

Blockchain engineers’ Macs are targets of North Korea-linked malware

Boeing confirms ‘cyber incident’ after ransomware gang claims data theft

Boeing confirms cyberattack amid LockBit ransomware claims

Boeing Confirms Cyberattack Amid Lockbit Ransomware Gang Claims

Boeing confirms impact from 'cyber incident,' vanishes from LockBit ransom list

Boeing says cyber incident affects parts and distribution business

Bringing Kansas courts back online after security incident could be ‘a long process’

ChatGPT Led to a 1,265% Jump in Phishing Attacks

CISO faces fraud charges over massive breach

City of St. John's warns of phishing scam following privacy breach

Connecticut Attorney General demands answers from 23andMe after data breach

Construction among industries most at risk from cyber attacks, insurer warns

Cost of a data breach hits an all-time high

Critical Apache ActiveMQ flaw under attack by 'clumsy' ransomware crims

CVSS v4.0 Released with New Supplemental Metrics, and OT (Operational Technology)/ICS (Industrial Control Systems)/IoT (Internet of Things) Support

Cyber Attack Causing Major Outage at British Library

Cyber security risk highlighted as almost half of UK businesses experience a cyber-attack

Cyber Threats: Who Is Most Affected and Its Implications?

Cyber-attacks target 309,000 small businesses with a third facing losses

Cybersecurity habits and behaviors executives need to be aware of

Cybersecurity workforce shortages: 67% report people deficits

DC Board of Election Data Breach Leaked the Entire Voter Roll, Including PII

Defense in depth: Layering your security coverage

Do government sanctions against ransomware groups work?

Employee's guide to battling phishing attacks

Enhancing Business Security: The Role of Two-Factor Authentication and Two-Step Verification

F5 BIG-IP vulnerabilities leveraged by attackers: What to do?

Forum of Incident Response and Security Teams (FIRST) Announces CVSS 4.0 - New Vulnerability Scoring System

GenAI Will Lead to Breaches and Fines in 2024

Generative AI is double-edged sword, say Southern Africa CEOs

German firms, local governments must invest more against ransomware

Hacker group Lazarus’ new campaign exploits legitimate software

HelloKitty ransomware deployed via critical Apache ActiveMQ flaw

HelloKitty Ransomware Group Exploiting Apache ActiveMQ Vulnerability

HelloKitty ransomware now exploiting Apache ActiveMQ flaw in attacks

HHS: Large healthcare data breaches up 60% over last year

HHS settles $100K ransomware investigation

How cars have become the biggest threat to privacy

How human behavior research informs security strategies

Huge data breach at Southend-on-Sea City Council

Iran’s MuddyWater Group Targets Israelis with Fake Memo Spear-Phishing

Iran's MuddyWater Targets Israel in New Spear-Phishing Cyber Campaign

Israeli Entities Under Attack By MuddyWater’s Advanced Tactics

JeffCo Schools report possible cyber attack

Massive Surge in Security Breaches of Pensions Prompt Questions

MasTec employees potentially impacted by MOVEit data breach at Delta Dental

More than 88 million people have been affected by health data breaches this year

Mortgage giant Mr. Cooper hit by cyberattack impacting IT systems

MPs to probe cyber defences of critical infrastructure

Mysterious Kill Switch Disrupts Mozi IoT Botnet Operations

National Cyber Security Centre (NCSC) report reveals heightened financially motivated cybercrime in New Zealand

Nearly 5,000 Okta employees affected by third-party data breach

New macOS 'KandyKorn' malware targets cryptocurrency engineers

New Zealand: Small Kiwi businesses cut cybersecurity spend despite rising threats

Okta hit by third-party data breach exposing employee information

Ontario hospital group confirms attack was ransomware

Phishing scams on the rise in Luxembourg

Ransomware-as-a-Service is Now Primary Malware Business Model

Researchers Discover Prolific Puma’s Hidden Link Shortening Operations

Researchers Find 34 Windows Drivers Vulnerable to Full Device Takeover

Russian Security Services Arrest Suspected Ukrainian Hackers

SafeMoon hacker’s use of centralized exchanges could help law enforcement

Securities and Exchange Commission (SEC) Sues SolarWinds and its CISO for Fraud Over Botched Data Breach Response, Marking New Era in Cyber Enforcement

Security and privacy ranked second among AI concerns

SolarWinds CISO faces fraud charges for misleading investors

Spy Module Discovered in WhatsApp Mods

Stolen Identities Remains Top Security Threat in Financial Crime

Thailand: Hacker of 100 government sites nabbed in Chiang Rai

The Cloud has a serious and fragile vulnerability: Access Tokens

The evil twin sister: Gen AI’s use in fraud

The Philippines: Receiving alerts of undelivered packages due to incomplete address details? PHLPost, DHL issue warning against them

The Role of AI in Business Email Security

The SEC and SolarWinds’ CISO: A Wake-Up Call

The State of Ransomware in Healthcare 2023

UK among countries to sign ransomware payments agreement

UK and Singapore secure agreement against ransomware payments

UK Banks Warn Quantum Will Imperil Entire Payment System

UK workers exhibit poor security behaviours, report reveals

Unveil the Secrets: Advanced Persistent Threat and Social Engineering Explained

Voice traffic interception a serious threat

What Is Home Title Theft?

What ransomware hackers do with data they extort — and why it can be lucrative

What to know about cybercrime group Daixin Team

Why scanning QR codes shared on emails and messages may not be a good idea

Your end-users are reusing passwords – that’s a big problem

1st November

40 Countries Pledge to Never Pay Ransomware Gangs

40 Countries Vow Not to Pay Ransomware Hackers

3,000 Apache ActiveMQ servers vulnerable to RCE attacks exposed online

A ‘kill switch’ deliberately shut down notorious Mozi botnet, researchers say

AI is making cyberattacks even smarter and more dangerous

Alert: F5 Warns of Active Attacks Exploiting BIG-IP Vulnerability

An info-stealer campaign is now targeting Facebook users with revealing photos

Apple’s cyber-attack alerts vague, says Indian minister, as opposition blames government for snooping

Are startups underestimating their cyber vulnerability?

Artificial Intelligence (AI) Powered Cybersecurity: The Next Big Thing in Business Security

Atlassian Releases Urgent Confluence Patches Amid State-Backed Threats

Attack Surface Management: What is it and How Has it Changed?

Australian CEOs Struggling to Face Cyber Risk Realities

Average Data Breach Cost Has Jumped by Nearly $600,000 Since 2020

Barrick Gold Confirms Data Breach Related to Vulnerability in MOVEit Program

British Library Still Reeling After Major Cyber Incident

Business Beware: How to Spot and Stop the Top 5 Frauds Targeting Companies

Cadence announces third-party data breach that could affect North Mississippi Health Services (NMHS) patients

California community college Río Hondo dealing with cybersecurity incident

Chatham-Kent Health Alliance (CKHA) staff offered protective measures after ransomware attack

Connecticut Attorney General seeking answers on 23andMe data breach targeting customers of Jewish and Chinese heritage

Crypto Projects Lose $51.6 Million in Attacks, Phishing Scams, and Rug Pulls in October 2023

Cyber security in modern construction: Preparing for the inevitable

Cyberattack on Gondomar town hall “largest on public institution in Portugal”

Cyberattack on Porto municipality of Gondomar was ‘biggest-ever on a public institution’ in Portugal

Cybersecurity Breaches Continue to Plague Healthcare Providers

Cybersecurity in Online Betting and Cryptocurrency: A 10-Step Guide for Ensuring Your Safety

Dallas County ‘interrupted’ data exfiltration, prevented encryption after attack

Dallas County Officials Say They Thwarted Recent Cyber Attack

Data Encrypted in 75% of Ransomware Attacks on Healthcare Organizations

Effectively Securing Operational Technology

Enhancing Data Privacy and Security Through Improved Visibility

Enterprise-Scale Defense: Crafting Robust Cybersecurity Protocols

Federal Security Service (FSB) arrests Russian hackers working for Ukrainian cyber forces

Fishing for QR Code Phishing Traces in the DNS

Forcing Security Expertise on Boards is Not the Answer, Here's What Is

Forty Countries Agree Not to Pay Cybercrime Ransoms

Guardians of the Digital Realm: CISOs Leading the Charge

Hackers exploit recent F5 BIG-IP flaws in stealthy attacks

Hackers use Citrix Bleed flaw in attacks on government networks worldwide

HHS Reaches Settlement With Healthcare Business Associate Following Ransomware Attack

HHS settles data breach investigation

Highs and Lows of the Microsoft Digital Defense Report

How AI And Machine Learning Help Detect And Prevent Fraud

How Crypto Became the Latest Frontier in Cyber Crimefighting

Incident response planning is vulnerable to legacy thinking

Inquiry launched into cyber security of UK’s Critical National Infrastructure

International alliance aims to curb the growth of ransomware

Iran’s Scarred Manticore Targets Middle East with LIONTAIL Malware

Iranian Cyber Espionage Group Targets Financial and Government Sectors in Middle East

Law firm Latham says scammers are impersonating Paris partner in email scheme

Mainframes are around to stay, it’s time to protect them

Major Mexican airport confirms experts are working to address cyberattack

Mandiant Tracks Four Uncategorized Groups Exploiting Citrix Vulnerability

Massive ransomware attack hinders services in 70 German municipalities

Medical firm reaches $100,000 settlement with HHS over 2017 ransomware attack

Mozi Botnet Takedown: Who Killed the IoT Zombie Botnet?

Mozi malware botnet goes dark after mysterious use of kill-switch

Multi-User Authentication: Taking Cyber Defense To The Next Level

Mysterious Kill Switch Shuts Down Mozi IoT Botnet

National Security Agency (NSA) releases guidelines to mitigate phishing

Nearly 4,000 Social Security numbers of dead Peachtree City residents impacted by data breach

New CVSS 4.0 vulnerability severity rating standard released

NHS Trust Reprimanded After Delays to Thousands of Referrals

North Korean Hackers Target macOS Crypto Engineers With Kandykorn

North Korean Hackers Targeting Crypto Experts with KANDYKORN macOS Malware

Observability Vs. Monitoring: A Security Perspective

’Only 10% of data has Aadhaar details’: Dark web seller reveals information about data stolen from over 80 crore Indians

Ontario hospitals warn stolen patient, employee data may be published after ransomware attack

Onyx Protocol exploiter begins siphoning $2.1M loot on Tornado Cash

Outsmart the Scammers: How Startups Can Avoid Phishing Attacks

Over 170,000 patients affected in Deer Oaks breach

Palo Alto Reveals New Features in Russian APT Turla's Kazuar Backdoor

Piscataqua Savings Bank customer information snared in worldwide MOVEit data breach

Police issue warning to anyone with NatWest bank account

Portugal: TAP blackmail hack revealed

Postmeds Announces Data Breach Impacting Hundreds of Thousands of Consumers Nationwide

Preventing the risks of cloud exploitation at the edge

Pro-Hamas hacktivist group targets Israel with BiBi-Linux wiper

Public exposure of data breaches is becoming inevitable

Ransomware attacks set to break records in 2023

Ransomware crooks SIM swap medical research biz exec, threaten to leak stolen data

Researchers Expose Prolific Puma's Underground Link Shortening Service

Retail industry sees rise in suspected digital fraud attempts in the UK, data shows

Rise in cybercrime putting Mersey businesses at risk

Russian Pair Charged with JFK Airport Taxi System Hack for Over 2 Years

Russian security service detains two hackers allegedly working for Ukraine

Russian Security Service detains two suspected cyberattack operatives with alleged Ukrainian connections

Singapore: At least 25 people lost $38,000 in October due to parcel delivery scams

Smoothie King Files Notice of Data Breach Affecting Thousands of SSNs

Spear Wilderman data breach $800K class action settlement

Stanford University Investigating Hacker Group’s Threat to Release Data

Steel River Systems data breach $200K class action settlement

Strike accused of alleged data breach

Summit Health network hit by possible ransom attack

The Alfred CEO ‘can’t guarantee’ alarming data breach is an isolated incident

Three steps to optimal cybersecurity

Toronto Public Library outages caused by Black Basta ransomware attack

Trinidad and Tobago under increasing cyber attack

Turla Updates Kazuar Backdoor with Advanced Anti-Analysis to Evade Detection

US: Department of Justice (DOJ) and Pentagon Email Breach Impacted Around 632,000 Federal Employees

US: New data breach reporting rules start in December

US-Led Alliance of 40 Countries Unites to Combat Ransomware Threat

Virginia’s Fairfax Schools Expose Thousands of Sensitive Student Records

Watch out for ransomware pretending to be a Windows update

Western Washington Medical Group Reports 350,000-Record Data Breach

What Are One-Time Password (OTP) Bots?

What is data security posture management?

31st October

$10 Million in BTC Stolen From FTX on Move

800m Indians reportedly exposed in massive data breach

A closer look at healthcare’s battle with AI-driven attacks

Accommodation payment phishing scam targets Booking.com customers

After a major hack in 2020, SolarWinds is now charged with fraud

Akira ransomware group claims it stole 430 GB of data from Stanford University's systems

Alliance of 40 countries pledges never to pay ransomware demands

Alliance of 40 countries to vow not to pay ransom to cybercriminals, US says

API open authentication vulnerabilities discovered by researchers

Are your company’s cybersecurity trainings a waste of your time?

Arid Viper Campaign Targets Arabic-Speaking Users

Arid Viper Targeting Arabic Android Users with Spyware Disguised as Dating App

Atlassian CISO warns that new vulnerability can cause ‘significant data loss’

Atlassian patches critical Confluence bug, urges for immediate action (CVE-2023-22518)

Atlassian Warns of New Critical Confluence Vulnerability Threatening Data Loss

Best practices for CIOs after a ransomware attack

BiBi-Linux wiper targets Israeli companies

British Library falls victim to cyber attack

British Library suffering major technology outage after cyber-attack

Class-action suits over national data breach at Ankeny company mount with filing of another

Colorado Calls for Inquiry Into Delayed Data Breach Reporting

Colorado GOP Wants Inquiry into Delayed Notification of Data Breach

Connecticut attorney general presses 23andMe for data breach answers

Cyber Skills Gap Reaches 4 Million, Layoffs Hit Security Teams

Cybersecurity in Australia: a mindset change

Dallas County officials reported Tuesday on their defense against a cyber attack

Data breach lawsuit against State Farm moved to federal court

Dozens of countries will pledge to stop paying ransomware gangs

Drug Free Workplaces USA Notifies Over 37,000 Individuals of Data Breach That Leaked Their SSNs

Dual ransomware attacks on the rise, but causes are unclear

Enter the Puma: phishing link-shortening gang caught in the wild

Fake malware targets cybercriminal wannabes

FBI ‘keeping a close eye’ on Iranian hackers as Israel-Hamas war intensifies

Federal Trade Commission (FTC) Approves New Data Breach Notification Requirement for Non-Banking Financial Institutions

Feds Levy First-Ever HIPAA Fine for Ransomware Data Breach

Five Guys Announces Data Breach After Unauthorized Party Accesses Two Employee Email Accounts

Flipper Zero Bluetooth spam attacks ported to new Android app

Forty countries to pledge: no ransoms for cybercriminals

Further major charity reveals its data might have been affected by last month’s cyber attack

Gen Digital Confirms CCleaner Experienced MOVEit Related Data Breach

Generative AI: A disruptive force at the hands of cyber attackers

Hacker collective claims to have knocked 10 Israeli water treatment facilities offline

Hacker Jailed for Stealing $1 Million Via SIM Swapping Attacks

Hacker Ransacks $600,000 From Popular Telegram Trading Bot, Unibot

Hackers stole R83 million in crypto from LastPass data breach victims

Half of Execs Request Security Bypass Over Past Year

HHS’ Office for Civil Rights Settles Ransomware Cyber-Attack Investigation

How captive insurance safeguards patient privacy in medical practices

How to Protect Yourself from Evolving Phishing Scams

India: Phishing scamster held in Jharkhand

Iranian hackers caught spying on governments and military in Middle East

ITW Food Equipment Group Announces Data Breach Impacting an Unknown Number of Consumers

JFK taxi hacking case continues as two more suspects named

Know When and How to Stop Ransomware Attacks

LiveAction, Inc. Files Notice of Data Breach Affecting Consumers’ Social Security Numbers

Malicious NuGet packages abuse MSBuild to install malware

Malicious NuGet Packages Caught Distributing SeroXen RAT Malware

'Mass exploitation' of Citrix Bleed underway as ransomware crews pile in

Massive cybercrime URL shortening service uncovered via DNS data

Massive MOVEit Hack: 630K+ US Defense Officials’ Emails Breached

Microsoft Data Leaks and the Importance of Open Source Intelligence

Milford Management Corp. Notifies an Unknown Number of Consumers of Recent SSN Data Breach

Morphing scams targeting women: What are they and how to stay safe

NoEscape ransomware group claims major cyber attack on California's City of Victorville

One in five executives have shared work passwords outside the company

Patient and staff data stolen during cyberattack

Patient, employee data taken in ransomware attack of 5 Ontario hospitals could be exposed

Preparing for the evolving malware threat landscape

Preventing Phishing Attacks in Academic Institutions

Pro-Ukraine group says it breached Russian card payment system

Prolific Puma protects pernicious phishing plotters

Protecting Against FraudGPT

Protecting the keys to your kingdom with credential security and user behavior analytics

Protecting yourself from cyber scams at any age

Ransomware attacks have cost more than $77 billion since 2016

RansomedVC: The rise and sale of a ransomware gang

Regulator Reveals Large Disparity in APP Fraud Reimbursement

Resort Data Processing Announces Data Breach Affecting Customers of a Dozen Resorts Nationwide

Russian hackers penetrate Pentagon, Department of Justice, breach 632,000 email accounts

SBM Management Services Files Notice of Data Breach Impacting Consumers’ Sensitive Information

Scarred Manticore Targets Middle East With Advanced Malware

SEC Charges SolarWinds and CISO With Misleading Investors

Seiko Confirms Data Breach Resulted From a Ransomware Attack

Should financial institutions reimburse scam victims? It depends which country they’re in

SIM swapper jailed over $1M theft

Singapore police: Beware of phishing scam involving fake ‘WhatsApp Web’ pages

SolarWinds and CISO accused of fraud, control failures

SonicWall Data Confirms That Ransomware Is Still The Enterprise's Biggest Fear

Step-by-step through the Money Message ransomware

Strengthening Cybersecurity Resilience by Going Beyond Blame

TA571 Hacker Group Deliver IcedID Malware Via Password-protected Zip Archive

Telecommunications Service of Trinidad and Tobago (TSTT) on ransomware attack: Hackers tried but failed

The Anatomy Of A Phishing Attack: How Cybercriminals Trick You

The hidden costs of data breaches for small businesses

Trojanized PyCharm Software Version Delivered via Google Search Ads

UK: MPs launch inquiry into critical national infrastructure cyber resilience

Unibot Cyber Attack Results in $560,000 Loss for Users

United Medical Centers Posts Notice of Data Breach Affecting Patients’ SSNs and Protected Health Information

US leads 40 country alliance against paying ransomware

US, dozens of allies pledge not to pay ransomware hackers

“We are at cyberwar!” Really?

What does the Telecommunications Services of Trinidad and Tobago (TSTT) breach mean for customers?

What we know about Lockbit ransomware

Why ransomware victims can’t stop paying off hackers

Why You Should Report Cyber Incidents And What To Do Next

World-in-HD (WiHD) leak exposes details of all torrent users

30th October

6 Common Phishing Attacks and How to Protect Against Them

45% of Americans avoid accessing sensitive information on public Wi-Fi

AI’s importance for security companies and consumers

Beware of this fake Chrome update, it is installing malware that can take over your computer

BlackCat ransomware group claims major cyber attack on LBA Hospitality

Boeing assessing ransomware group’s claim of ‘sensitive’ data theft

Boeing Investigates LockBit Ransomware Breach Claims

CCleaner hit by data breach that saw customer data stolen, blames MOVEit hack

Citrix Bleed: Mass exploitation in progress (CVE-2023-4966)

Colorado Higher Education Leaders Delayed Disclosure of Data Breach

Companies scramble to integrate immediate recovery into ransomware plans

Crypto Phishing Scams: How Scammers Lure Binance Smart Chain (BSC) Users with False Promises

Cyber attack: Preparation is the key

Cyber attacks cause revenue losses in 42% of small businesses

Cyber insurance: why it pays to be responsible

Dallas County confirms cybersecurity 'incident' after ransomware gang claims attack

Data Breaches Reported by Peerstar, La Red Health Center, Fredericksburg Foot & Ankle Center

Defend Against APT Attacks: Proven Strategies You Can’t Ignore

Digital hygiene key to cyber security

EleKtra-Leak Cryptojacking Attacks Exploit AWS IAM Credentials Exposed on GitHub

Even As Ransomware Attacks Rise, Studies Reveal Insiders Remain The Biggest Threat To Your Company

Exploit released for critical Cisco IOS XE flaw, many hosts still hacked

F5 fixes critical BIG-IP vulnerability, PoC is public (CVE-2023-46747)

Fake Blockworks Site Illustrates the Need for Authenticated Media

Fantom Drainer Profits $200k Within Days By Trading Stolen ETH

Federal Trade Commission (FTC) orders non-bank financial firms to report breaches in 30 days

Four phishing scams you need to avoid

Four Under-The-Radar Security Risks That Can Endanger Your Business

Gen Digital confirms data breach; personal data of CCleaner users stolen

Google expands bug bounty program to cover AI-related threats

Hackers claim ransomware attack on Telecommunication Services of Trinidad and Tobago (TSTT)

Hackers Using MSIX App Packages to Infect Windows PCs with GHOSTPULSE Malware

Hacking and your business: not if, but when

Hamas Hackers Targeting Israelis with New BiBi-Linux Wiper Malware

Highly motivated financial cybercriminal group Octo Tempest crosses boundaries

India faces its largest data breach as 815 million personal records leaked

Is Singapore prepared for increasing online scams?

Israel's Check Point data shows October cyber attack rise

Kansas Courts grapple with prolonged computer outage amid suspected ransomware attack

Keeper Security issues holiday warning against phishing scams

LastPass breach linked to theft of $4.4 million in crypto

LastPass Hacker Steals $4.4 Million From Crypto Wallets

Lazarus Group Hacked Software Vendor to Steal Source Code, Attack Supply Chain

Lazarus Group Malware Targets Legitimate Software

Lockbit Ransomware Claims U.S. Department of Defense (DoD) Contractor Boeing as its Latest Victim

MemeChat data breach: What happened?

Microsoft Exposes Octo Tempest, One of the Most Dangerous Financial Threat Actors to Date

NASCO exposes data of 800K people in MOVEit breach

NASCO notifies individuals of a data breach through MOVEit

New BiBi-Linux wiper malware targets Israeli orgs in destructive attacks

North Korea’s state hacking program is varied, fluid, and nimble

North Korean hackers stole $1.7 billion in 2022

OCBC shifts from SMS to push notifications and emails for customer alerts on banking activities

One of the most dangerous ransomware kits around might have just gotten a rebrand

Paysafe data breach $20M class action settlement

Police warn WhatsApp users to check their accounts now to block worrying new threat

Police warning to anyone with a NatWest bank account

Pro-Hamas Hacktivists Targeting Israeli Entities with Wiper Malware

Pro-Palestinian Threat Groups Expand Cyberwar Beyond Israel

Protecting online retailers from holiday season cyber-threats

RansomedVC Ransomware Group Quitting and Selling its Entire Infrastructure

Ransomware gang for sale? RansomedVC ‘looks for buyer’ for its infrastructure

Ransomware Groups Exploiting Unpatched NetScaler Devices

Ransomware Never Sleeps - But It Strikes Whilst You Do

RCE exploit for Wyze Cam v3 publicly released, patch now

Report Links ChatGPT to 1265% Rise in Phishing Emails

Report shows 1265% increase in phishing emails since ChatGPT launched

Reported major cyberattacks are falling – but watch out for the massive threats posed by gen AI

Rise in MFA Bypass Leads to Account Compromise

Russia training new generation of patriotically motivated hackers

Russian hacking tool floods social networks with bots, researchers say

Scammers con Booking.com users by sending messages through its in-app chat function

SEC charges SolarWinds CISO with fraud for misleading investors before major cyberattack

SEC Regulations, Government Overreach and Access to Cybersecurity Information

SEC sues SolarWinds for misleading investors before 2020 hack

Security Measures for Safeguarding Your Crypto Assets: Best Practices

ServiceNow Data Exposure: A Wake-Up Call for Companies

Shore up your shop cybersecurity in 10 steps

SIM Swapping Scams – How Hackers Are Stealing Money Through Missed Calls

Spookiest Hacks, Cybercriminals and Tactics Lurking in 2023

Stanford university confirms breach, Akira threatens to publish data

Stanford University Investigating Cyber Incident, Ransomware Threat

Stanford University investigating data breach in Department of Public Safety

StripedFly, a complex malware that infected one million devices without being noticed

Surveillance Commissioner Blasts Cops for Data Retention

The 3 most common cybersecurity challenges faced by companies in Asia

The dangers of dual ransomware attacks

The data breach at DNA biotech 23andMe reveal the risks of interconnected data

Things you should not do when using public WiFi

Tips for safeguarding the security devices in your IoT environment against cyber attacks

Toronto hospital confirms data security incident

Toronto Public Library facing disruptions due to cyberattack

Toronto Public Library services down following weekend cyberattack

UK National Cyber Security Centre (NCSC) begins rollout of free DNS security service for schools

Urgent: New Security Flaws Discovered in NGINX Ingress Controller for Kubernetes

US freight transporter Estes Express Lines restores IT systems following a major cyber attack

Voice scammers are getting smarter: how to set up your phone’s defenses

Western Washington Medical Group breach exposes 350K+ individuals

Western Washington Medical Group Files Notice of Data Breach Affecting the Personal Information of More than 350k People

What is smishing and how can you protect yourself against it?

What Is The Electronic Defacing Of An Existing Website?