Editor's Message

Welcome to DBD. On March 8th we celebrated our 4th Anniversary and the 1st Anniversary of our PRiSM application, officially endorsed by the SANS Institute. Despite recent personal issues that have impacted the amount of time I have been able to dedicate to both projects, I have been doing my best to keep everything as up-to-date as possible, and I would like to take this opportunity to thank everyone for their patience and support whilst I navigate through this very difficult time. Stay safe. :)

Monday 9 October 2023

Data Breaches Digest - Week 41 2023

Welcome to this week's Data Breaches Digest, a catalogue of links concerning Data Breaches and Cyber Security that were published on the Internet during the period between 9th October and 15th October 2023.

15th October

5 Red Flags to Identify a Phishing Website

10 Cybersecurity Threats That Will Shape the World in 2023

Avoid Sketchy Websites By Checking The URL Of A Link

Colonial Pipeline attributes ransomware claims to ‘unrelated’ third-party data breach

Cybercrime in New York Rises 53%

Cybersecurity attack rocks the Columbian government

Generative AI: A Catalyst for Cyberattacks

Hackers Claim To Have Stolen Millions Of Users' DNA Data, Sell It Online

Hackers leveraging AI: vulnerability for law firms

Hackers Supporting Hamas and Iran Claim to Have Increased Cyber Attacks Against Israel

How Much Time Does A Hacker Take To Crack Passwords?

Kwik Trip says ‘network incident’ causing disruptions at stores

Steam enforces SMS verification to curb malware-ridden updates

Top 4 Words to Avoid Clicking on, As Revealed by a Cybersecurity Expert

What is a Multi-Vector Attack?

Women Political Leaders Summit targeted in RomCom malware phishing

Yet another data breach in the Philippines - Hackers deface website of House of Representatives

14th October

Bitcoin, Ethereum worth $1.8 million stolen in a phishing incident on a fake search website

CISA warns of vulnerabilities and misconfigurations exploited in ransomware attacks

Connected vehicles can be at risk of hacking, consumer awareness paramount

Cyber attack on Royal Family's website earned Russia 'bragging rights' in calculated move

Cyber Crooks Launder $470 Million from FTX Heist as Sam Bankman-Fried Trial Kicks Off

DarkGate Malware Sees a Resurgence in Attacks Through Instant Messaging Platforms

DarkGate malware spreads through compromised Skype accounts

Deepfakes warning as incredibly realistic voices and messages target the vulnerable

FTX Data Breach: Potential Russian Cybercrime Involvement Investigated

Hackers and Crypto: A Deep Dive into the World of Cryptocurrency Security

How Do You Know You’re About To Be Hacked?

How Secure Is Airplane Wi-Fi?

How to Identify and Prevent Small Business Scams

Intrusion Detection Systems: The Silent Guardians

Ireland: Data Protection Commission (DPC) inquiry into Central Bank data breach compounds regulator’s embarrassment

Is It Possible to Delete Yourself From the Internet Altogether?

Jamaica: National Commercial Bank (NCB) temporarily suspends SMS transaction alerts amid increased phishing attacks

Lockbit ransomware gang demanded an 80 million ransom to CDW

Microsoft to Phase Out NTLM in Favor of Kerberos for Stronger Authentication

Multi-Factor Authentication: Enhancing Security in a Digital World

Philippine Statistics Authority (PSA) data breach probed

Phishing Emails Are More Believable Than Ever. Here’s What to Do About It

Private data breach: Who's to blame?

Ransomsed.vc Ransomware Group Alleges False Attack

Stay Safe: 8 Ways to Protect Your Smart Home From Hackers

Surge in cyber crimes against vulnerable senior citizens raises alarm in Goa

The Growing Threat of Cyber Attacks on Physical Security Systems

The Importance of Cybersecurity Consulting in Safeguarding Your Digital Assets

The Philippines: National Privacy Commission (NPC) launches online tool for PhilHealth data breach detection

Uncovering the Complex Landscape of Cybersecurity Threats in South Africa

Understanding Quishing: What It Is and How to Protect Yourself

What Is A Malicious Hotspot

Zero-Transfer Phishing Losses Surge to 451M USDT on Tron Network

Zombie APIs: Risks and Remedies for Modern Businesses

13th October

18 Factors And Metrics To Show The Value Of Cybersecurity Initiatives

18% of African banking apps have vulnerable high severity secrets

23andMe hit with lawsuits after hacker leaks stolen genetics data

51% of Financial Services Firms Reporting Breaches are From US

2023 is already the worst year for hacks - and we’re not out yet

2023 toll of data breaches and leaks already tops 2022

AI Means Those Phishing Emails Are Harder To Spot

AI-enabled bots can solve CAPTCHAs faster than humans

Are creepy routers spying on you?

Beware of smishing scams

BianLian ransomware group claims it stole 210GB of data from Air Canada's systems

CDW investigating ransomware gang claims of data theft

CISA plans to share more information on ransomware actors in its exploited vulnerability alerts

CISA publishes fact sheet for organizations using open source software

CISA shares vulnerabilities, misconfigs used by ransomware gangs

Cyber attack targets Medical Aid for Palestinians' website amid Israel-Hamas conflict

Cyberattacks on Gaming: Why the Risks Are Increasing for Gamers

Cyber security practices can protect users from scams

DarkGate Malware Spreading via Messaging Services Posing as PDF Files

Does your business have any cybersecurity skeletons in the closet?

Dominican Republic receives fewer cyber attacks this year compared to 2022

Don’t call it quishing: QR code phishing on the rise

Dukascopy warns of phishing website operating at www.dukascopys.top

Encore Pharmacy Files Notice of Data Breach Impacting the Personal Information of Over 30k People

Equifax fined £11 million by financial watchdog over 2017 cyber attack

Equifax Fined By UK Watchdog Over 2017 Data Breach

Equifax fined over £11m for mass cybersecurity failures

Facebook copyright scam intensifies, users left stranded

Fairfax data breach exposes medical records

FBI, CISA Warn of Rising AvosLocker Ransomware Attacks Against Critical Infrastructure

Feds Warn Healthcare Sector of 'NoEscape' RaaS Gang Threats

Financial Conduct Authority (FCA) fines Equifax £11m for major consumer data breach

Financial Conduct Authority (FCA) fines Equifax’s U.K. unit $13.3M over 2017 data breach

Five threats security pros everywhere need to focus on as the Middle East war escalates

Frax Outsourcing Announces Data Breach Stemming from Unauthorized Access to Email Accounts

Frazier & Deeter Announces Data Breach Leaking as Many as 19k Consumers’ SSNs

Friend.tech targeted by scammers in phishing ad campaign

Geographic Safe Havens Could Lower Your Customers’ Risk of Ecommerce Fraud

Hack Reversal: Stars Arena Recovers 90% of Stolen Crypto via Novel Hacker Deal

Hacker Claims to Have Published St. Louis Transit Data

Hackers hit aid groups responding to Israel and Gaza crisis

Hackers say they’ve published data stolen from St. Louis’ Metro Transit

Hackers use Binance Smart Chain contracts to store malicious scripts

How MOVEit Is Likely to Shift Cyber Insurance Calculus

How the Rise of Deepfakes Will Impact the 2024 Presidential Elections

How to arm your inbox

How to protect your feedlot operation from cyber threats

INC Ransom gang posts huge dump of data from Aussie builder online

Ireland: Central Bank data breach may have hit up to 50 loan applications

Kaspersky identifies phishing websites offering fake WormGPT tool

Kwik Trip IT systems outage caused by mysterious ‘network incident’

LinkedIn smart links leveraged in credential phishing campaign

Lyca Mobile Customers Experience Service Disruption After a Cyber Attack

Maharashtra-based health company on investor hunt loses Rs 2.5cr to cyber fraud

Mercenary hackers stole data that Exxon later cited in climate lawsuits

MOVEit data breach exposed personal data of 64M people; Securities & Exchanges Commission (SEC) investigating

Multichain AMM Beluga’s hack on Arbitrum leads to $238k loss

Navigating The Ransomware Maze: When Should A Data Breach Be Reported?

Nearly half of India’s top 100 companies don’t undertake regular cybersecurity audits

New PEAPOD Cyberattack Campaign Targeting Women Political Leaders

New Phishing Campaign Uses LinkedIn Smart Links in Blanket Attack

New privacy bill gives Californians ability to “delete” their online data

Newest Ransomware Trend: Attackers Move Faster with Partial Encryption

NuGet manager flooded with malicious Kraken, Solana packages

Passkeys Are Cool, But They Aren't Enterprise-Ready

Patient information appears safe following recent Mount Graham Regional Medical Center (MGRMC) system hack

Phishing-as-a-Service Strox Lets Hackers Phish any Brand by Submitting its Logo

Putting the Port of Nagoya Cyberattack in Context

Quantum risk is real now: How to navigate the evolving data harvesting threat

Queensland government introduces data breach notification legislation

Ransomware attacks doubled year on year. Are organizations equipped to handle the evolution of Ransomware in 2023?

Ransomware operators try to exploit the WS_FTP bug

Report uncovers critical cyber threats facing financial industry

Reports of second cyberattack on Colonial Pipeline false, company says

Researchers Unveil ToddyCat's New Set of Tools for Data Exfiltration

Revolutionizing Cybersecurity Training: The Power of Gamification and Adaptive Learning

Shadow PC warns of data breach affecting over 500,000 customers

SMBs grapple with staying ahead of cybersecurity challenges, new research reveals

Southwest Airlines, Coinbase, and USPS: Top Scams of the Week

Stronger ransomware protection finally pays off

Suspected phishing that mimicks WormGPT surfaces on the Darknet

The key role authentication plays in securing digital identities

The Rising Threat of Account Takeover – How Account Takeover Software Can Savvy Businesses

Toxic Trust: Navigating Cyber Threats on Familiar Websites

UK Financial Conduct Authority (FCA) Fines Equifax 11 Million Pounds for 2017 Data Breach

UK fines Equifax $13.6 million for 2017 data breach

UK Regulator Fines Equifax £11m for 2017 Data Breach

US genomics company 23andMe suffers a major data breach to a credential stuffing attack

US healthcare company Fairfax reveals data breach affecting nearly 208,000 patients

Victim's new address sent to abuser in Dorset NHS data breach

West Texas Gas data breach compromised the data of 56k Texas residents

What Websites Should A User Avoid When Connecting To A Free And Open Wireless Hotspot

Why A One-Size-Fits-All 'Compliance' Plan Can Be Dangerous

12th October

5 Predictions for Generative AI Attacks and 5 Defense Strategies

6 simple cybersecurity rules you can apply now

66% of Healthcare Organizations Say Patient Care was Disrupted by a Cyberattack

79% of organizations say bots are more difficult to detect

Air Canada responds to BianLian ransom attack claims

Alameda Trader Phished for $100 Million After Clicking Malicious Google Link, Says Ex-Engineer

Americans have been scammed out of $2.7 billion in 2.5 years on social media - 7 red flags to look out for

Antivirus Security: Unveiling The Defensive Arsenal

Apple fixes iOS Kernel zero-day vulnerability on older iPhones

Arkas Logistics Company Domain Breach

As biohacking evolves, how vulnerable are we to cyber threats?

ASVEL experienced a data breach, losing sensitive players’ information

Australia: National cyber security coordinator warns schools becoming targets

Average data breach 'costs financial services firms $6m

Billboards in Israel were briefly hacked to display pro-Hamas messages as cyberwar ramps up

Blackbaud to Pay $49.5 Million in Data Breach Settlement

Brand Impersonation Attacks: Which Industries are Most at Risk?

Brands Beware: X's New Badge System Is a Ripe Cyber-Target

California Enacts “Delete Act” For Data Privacy

Casino giant Caesars tells thousands: Yup, ransomware crooks stole your data

Chinese APT ToddyCat Targets Asian Telecoms, Governments

Cloud gaming firm Shadow says hackers stole customers’ personal data

Critical Security Vulnerabilities in Curl Patched, Users Advised to Upgrade

Cybersecurity should be a business priority for CEOs

DarkGate Opens Organizations for Attack via Skype, Teams

DarkGate Operator Uses Skype, Teams Messages to Distribute Malware

District of Columbia Board of Elections says RansomVC hacker group stole voters' data

Email – the open door to your network for hackers

Emerging cyber security threats in 2023: ChatGPT and beyond

Encrypted pager use on the rise in healthcare since 2022

Everest cybercriminals offer corporate insiders cold, hard cash for remote access

Facebook copyright scam intensifies, users left stranded

FBI shares AvosLocker ransomware technical details, defense tips

Fifth of UK Cybersecurity Pros Work Excessive Hours

Finnish intelligence agency warns Russia treating Finland as a ‘hostile country’

Four steps organisations can take to improve cybersecurity awareness

FTX hacker moves $120M amid Sam Bankman-Fried trial

Google Passkeys: what is a passkey, setup explained, are they safe - what's happening to password logins?

Google, Microsoft, Amazon and Cloudflare mitigated ‘largest attack in internet history’

Hackers steal data and demand ransom from Metro Transit in St. Louis

Hackers Still Abusing LinkedIn Smart Links in Phishing Attacks

Half of Small Businesses Hit by Cyber-Attack Over the Past Year

Here's how to recognize the dangers and explore the digital world safely

How a cyber attack impacts your school district

How to Guard Your Data from Exposure in ChatGPT

How Vermont’s largest hospital now protects patient info 3 years after ransomware attack

Hyped up curl vulnerability falls short of expectations

IBM: Treat generative AI like a burning platform and secure it now

India Faces Soaring Ransomware and Malware Threats

'It could drain your bank account' warning issued to NatWest customers

IT decision-makers concerned by AI advances

Keeping up with the demands of the cyber insurance market

Latest evolution of ‘pig butchering’ scam lures victim into fake mining scheme

Learn to recognize and beware of smishing scams

Legal and Ethical Considerations of Bitcoin Ransom Payments

Lessons Learned from a Hospital’s Closure Due to Ransomware Attack

LinkedIn Phishing Scam Exploits Smart Links to Steal Microsoft Accounts

LinkedIn Smart Links Abused in Phishing Campaign Targeting Microsoft Accounts

Linux might be your best bet for heightening your desktop computer security

Major mobile network admits private user data WAS stolen in recent hack – what it means for millions of customers

Malicious NuGet Package Targeting .NET Developers with SeroXen RAT

Malicious Solana, Kucoin packages infect NuGet devs with SeroXen RAT

Manufacturing giant dealing with ‘disruptive’ cyberattack

Microsoft Defender Brings Automated Attack Disruption to Endpoints

Microsoft Defender can automatically contain compromised user accounts

Microsoft Defender Thwarts Large-Scale Akira Ransomware Attack

New CISA Advisories Highlight Vulnerabilities in Top ICS Products

New Zealand police are using AI to catch criminals – but the law urgently needs to catch up too

No more passwords? Google looks to make passwords obsolete with passkeys

North American building materials producer Simpson Manufacturing hacked

Organisations fail to see benefit of ethical hacking

Overseas ransomware gangs continue to prey on Jamaican entities

Philippine Statistics Authority (PSA) experiences data breach following PhilHealth cyber attack

Phishers Spoof USPS, and at least 12 other National Postal Services

Phishing, the campaigns that are targeting Italy

Platypus Finance suffers its third hack in 2023, losses $2m

Power transmission equipment maker Volex investigating major cyber attack on its network

Progress Software facing dozens of class action lawsuits, SEC investigation following MOVEit incident

QR codes: Beware of scanning yourself into trouble

Radius Financial Group data breach $375K class action settlement

Ransomware attacks now target unpatched WS_FTP servers

Ransomware victims continue to pay up, while also bracing for AI-enhanced attacks

Researchers Uncover Malware Posing as WordPress Caching Plugin

Researchers Uncover Ongoing Attacks Targeting Asian Governments and Telecom Giants

Rutter's agrees to pay $1 million in settlement stemming from data breach

Rutter’s convenience store chain settles cybersecurity breach case with $1M in restitution

Security and Exchange Commission (SEC) to investigate Progress Software over mass MOVEit hack

Shadow PC warns of data breach as hacker tries to sell gamers' info

ShellBot Uses Hex IPs to Evade Detection in Attacks on Linux SSH Servers

Simpson Manufacturing Launches Investigation After Cyberattack

Singapore and US pledge to combat online scams in cross-border cooperation

Singapore banks’ latest anti-scam measures may be inconvenient, but would you rather lose your life savings?

Small-Business Cybersecurity: 20 Effective Tips From Tech Experts

Smishing Scams

Social security numbers, MSU IDs accessed during third-party Michigan State University data breach

Sony Confirms MOVEit Data Breach Leaking Personal Information for Thousands

South Africa: Department of Justice (DOJ) finally breaks silence on R5 million infringement order, hauls Information Regulator to court

Stars Arena Recovers 90% Of Stolen Funds After $257k Bounty

Steam Store Spreaded Malware After Hacker Hijacked Developer Accounts

Stop that hack: Cybersecurity tips for individuals and small businesses

Taiwan: Lawmakers adopt new confidentiality rules amid submarine program leak claims

Telegram, AWS users targeted by hidden malware code

The Advancement of Non-Custodial Wallets and its Implications on Asset Security

The Hidden Secret About Your DNS Zones and Combatting Phishing Campaigns

The Mind of the Inside Attacker

The Philippines: Government has leads on local hacker who may be behind PSA data breach

The Rise of GDPR Compensation Claims in the United Kingdom

ToddyCat hackers use 'disposable' malware to target Asian telecoms

Tony Parker’s ASVEL allegedly breached, player data stolen

Too Good to Be True? How to Spot a Fraudulent Job Posting or Recruitment Effort

Two High-Risk Security Flaws Discovered in Curl Library - New Patches Released

Uber's Ex-CISO Appeals Conviction Over 2016 Data Breach

Unmasking the limitations of yearly penetration tests

US: Increase in cyberattacks to our power grid seen nationwide, including Orange County

US Smashes Annual Data Breach Record With Three Months Left

Vulnerability Exposed in WordPress Plugin User Submitted Posts

What are the risks of ChatGPT?

What is the dark web? Here's everything to know before you access it

What IT Orgs Need to Know About the Growth of AI

Why AI Will Increase Healthcare Data Breaches

Why Some Organizations Become Victims of Repeat Ransomware Attacks

11th October

1/3 employees believe their actions don’t impact security

$1.89 Billion stolen from crypto investors in 2023

10 years in review: Cost of a Data Breach

23andMe Faces Class Action Lawsuit Following Data Breach

35 DDoS Attack Statistics that Explain Its Rise in 2023

A Deep Dive into the Stars Arena Hack

Absa fights Sh1.5 billion data breach suit

AI-Generated Phishing Emails: How to Spot and Prevent Them

Air Europa Asks Customers to Cancel Cards After Breach

Air Europa cyberattack leaks credit card data

Air Europa data breach exposed customers’ credit cards

Android financial apps too greedy for permissions

Beyond The PAM Basics: A Structured And Focused Maturity Model

BianLian claims Air Canada ransomware attack

BianLian extortion group claims recent Air Canada breach

Bitdefender shines light on YouTube channel hijacking

Building materials provider Simpson Manufacturing struck by cyberattack

CERT-In issues alert for NoEscape ransomware

Chinese APT Behind Atlassian Confluence Attacks; PoCs Appear

Chinese government hackers exploiting new Atlassian vulnerability, Microsoft says

Chinese 'Stayin' Alive' Attacks Dance Onto Targets With Dumb Malware

Critical Atlassian Confluence vulnerability exploited by state-backed threat actor

Curl Bug Hype Fizzles After Patching Reveal

Curl project squashes high-severity bug in omnipresent libcurl library (CVE-2023-38545)

Curl Releases Fixes For High-Severity Vulnerability

Cyber Professionals Alarmed by Growing Attacker Use of AI

Cyber-attack insurance is a complicated necessity

Cybersecurity and Open Source Experts Up In Arms About the Cyber Resilience Act (CRA)

D.C. election board says records breached, voter data purportedly found on dark web

Dark Side of Altcoins: Avoiding Scams and Shady Projects

Data Thieves Test-Drive Unique Certificate Abuse Tactic

Deep Instinct Threat Report Finds Ransomware, State-Sponsored Attacks, and AI-Powered Cyber Threats Surged in H1 2023

Does Resetting a Hacked Router Make It Secure Again?

Endpoint malware attacks decline as campaigns spread wider

EU, US, and Now NATO: Big Changes in IoT Cybersecurity

Exploitation Accounts For 29% of Education Sector Attacks

Finnish websites hit by more cyberattacks

First half of 2023 sees more ransomware victims than all of 2022

Froedtert, Planned Parenthood, University School, Marquette among impacted in Blackbaud Data Breach

Galxe Announces $396,000 Refund After DNS Attack

Gaza Conflict: How Israeli Cybersecurity Will Respond

Gen Z hackers created a sophisticated new playbook for cyberattacks

GNOME Libcue Flaw is a Risk to Linux Systems

Google deals a deadly blow to passwords, switches to passkey

Google, Cloudflare, and AWS Disclose Largest DDoS Attack in History

Hacker Leaks Data of 8,000 Decathlon Employees and Customers; Previous Breach Confirmed

Healthcare sector prioritising industrial cybersecurity

Hornetsecurity says 60% of businesses concerned about ransomware

How Australia’s Banking Sector Can Embrace Cross-Collaboration to Combat the Scam Epidemic

How Booking.com customers were scammed while making hotel reservations and how to guard against it

How to Avoid a Website Security Breach

How to Combat ‘Pig Butchering’ Scams with Decision Intelligence

India in the Crosshairs: Ransomware and Malware Threats Skyrocket, Demanding Urgent Cyber Vigilance

'It's corporate terrorism at its finest": MGM releases more details about cyber attack

LinkedIn Smart Links attacks return to target Microsoft accounts

Lyca Mobile reveals data breach resulting from cyberattack

Magecart Campaign Hijacks 404 Pages to Steal Data

MGM Resorts International CEO Bill Hornbuckle slams $100 million hack that crippled its operations for more than a week and says it's 'corporate terrorism at its finest' - as he insists company did NOT pay hackers' ransom

Microsoft Defender now auto-isolates compromised accounts

Microsoft Releases October 2023 Patches for 103 Flaws, Including 2 Active Exploits

Microsoft Warns of Nation-State Hackers Exploiting Critical Atlassian Confluence Vulnerability

Microsoft, American Express most spoofed brands in financial services phishing emails

Mirai-based botnet updates ‘arsenal of exploits’ on routers, IoT devices

More than 50 vulnerabilities detected in Android phones, warns CERT-in

Most CISOs confront ransomware - and pay ransoms

Namibia susceptible to cyberattacks...country experienced 40% increase in 2022

Nasty bug discovered in widely used Linux utility curl, and patches already rolled out

Nearly 100 hacker groups take Israel-Hamas conflict into cyberspace by waging online proxy war

New DDoS Attack is Record Breaking: HTTP/2 Rapid Reset Zero-Day Reported by Google, AWS & Cloudflare

New WordPress backdoor creates rogue admin to hijack websites

October Patch Tuesday Addresses Three Zero-Days

Online phishing scams and what to look out for

Over 17,000 WordPress Sites Compromised by Balada Injector in September 2023

Palestinian militants didn’t need to smuggle cash – they used crypto

Phishing and what to do about it

Pro-Palestinian hackers leak file with information on 6.5 million Israelis

Rapid increase in YouTube stream-jacking attacks

Resurgence of LinkedIn Smart Links Identified in Sizable Credential Phishing Campaign

Rhysida ransomware group claims major attacks on European local governments

Should businesses follow Google’s footsteps in cybersecurity?

Simpson Manufacturing shuts down IT systems after cyberattack

South Africa: Justice department wants to fight R5 million fine over ransomware attack in court

State hackers exploiting Confluence zero-day since September

Stop Ransomware: AvosLocker Ransomware

Student and alumni data subject to information security breach

Survey reveals critical security issues lead to DevOps delays

Survey Sees Cyberattacks Impacting Primary Health Care Services

Suspected phishing that mimicks WormGPT surfaces on the Darknet

Take an Offensive Approach to Password Security by Continuously Monitoring for Breached Passwords

Tech Giants Reveal Record-Breaking “Rapid Reset” DDoS Bug

Temple University Health System, Inc. Notifies More than 430k Victims of Recent Data Breach

Tennessee healthcare practice says data breach compromised over 410k patients' data

The 10 Biggest Cyber Security Trends In 2024 Everyone Must Be Ready For Now

Threat Actors Abusing 404 Pages to Hide Credit Card Stealing Malware

Trend Micro’s Latest Cyber Threat Report Spotlights Sophisticated new Criminal Tactics in 2023

U.S. Cybersecurity Agency Warns of Actively Exploited Adobe Acrobat Reader Vulnerability

Unraveling The Infostealer Threat

US Government Issues Open-Source Security Guidance for Critical Infrastructure

US Navy officer guilty of transmitting military docs in Chinese bribery scheme

West Texas Gas Files Notice of Data Breach Affecting Over 56,000 People

Why 80% of CISOs see AI as the biggest threat to their business

10th October

3 steps for small businesses to bolster cybersecurity

5 things you need to follow if you fall victim to a cybercrime

21 Startling Credit Card Data Breach Statistics

54% of IT leaders believe advances AI systems pose incoming risks

90% of CISOs faced at least one cyberattack in 2022

97% face challenges securing IoT & connected devices

Air Europa customers urged to cancel cards following hack on payment system

Air Europa data breach: Customers warned to cancel credit cards

ALPHV ransomware gang strikes Florida's First Judicial Circuit

Assessed Cyber Structure and Alignments of North Korea in 2023

Attackers find new ways to zombify your router: D-Link, TP-link devices affected

Auto Club Trust, FSB Announces MOVEit Data Breach at Third-Party Service Provider Affecting Over 46k

Be prepared to patch high-severity vulnerability in curl and libcurl

Bermuda: Government Update On Services Following Cyber-Attack

Beyond ransomware – why comprehensive cloud security is crucial

Binance accounts lose almost $450,000 to scammers following phishing attacks

Bitcoin Ordinals Marketplace Ordswap Hit With Phishing Attack

Bitcoin Ordinals Marketplace Ordswap Loses Control of Domain, Users Warned of Phishing Attacks

Caesars casino chain starts contacting victims of data breach, tens of millions could be affected

Child Sexual Abuse Content and Online Risks to Children on the Rise

Citrix Devices Under Attack: NetScaler Flaw Exploited to Capture User Credentials

Cloud Misconfigurations Expose Over 400K Buckets and 10.4B Files to Public Access!

Cloudflare, Google, AWS Battle Record-Setting ‘Rapid Reset’ DDoS Attacks

Cumbria Police staff data breach a 'one-off'

Cyber Attack Stalls United Hatzalah Website and Donations of EMS Equipment

Cyber Security Awareness Month: Recognize, Avoid, and Report Phishing

Cybercriminals can go from click to compromise in less than a day

Cybersecurity pros predict rise of malicious AI

Dangerous vulnerability can be exploited to carry out massive DDoS attacks (CVE-2023-44487)

Delete these Android apps immediately to avoid ‘jack attack’ that steals money in seconds

Dictionary Attacks: How They Decode Passwords

Edmonds School District Notifies Over 91,000 of January 2023 Data Breach

Evolution of stronger cyber threat actors: The flip side of Gen AI story

Evolving role of AI in cybersecurity: What’s next?

Exposed security cameras in Israel and Palestine posing significant risks

Flagstar Bank MOVEit Breach Affects 800K Customer Records

FTX hacker could be using Sam Bankman-Fried (SBF) trial as a smokescreen

Georgia Department of Community Health services possibly hacked by Russian cybercriminals

GNOME users at risk of RCE attack (CVE-2023-43641)

Google Adopts Passkeys as Default Sign-in Method for All Users

Google Introduces Passkeys as Default Sign-In Method, Eliminates Passwords

Google Makes Passkeys Default for All Users

Google Makes Passkeys Default Sign-In Option

Google makes passkeys the default sign-in for personal accounts

Google makes passkeys the default sign-in method for all users

Google mitigates largest DDoS attack to date

Google Steps Up Its Push to Kill the Password

Hackers on WordPress Websites Hacking Spree with Balada Malware

Hacktivists take sides in Israel-Palestinian war

Hacktivists Targeting Critical ICS Infrastructure in Israel and Palestine

Half of CISOs Now Report to CEO as Influence Grows

Heads Up: Patch for ‘Worst Curl Security Flaw’ Coming This Week

How to Enhance Ransomware Resilience: A Complete Playbook

How to Identify and Avoid Online Trading Scams

HTTP/2 Rapid Reset Zero-Day Vulnerability Exploited to Launch Record DDoS Attacks

HTX Recovers $8 Million Post Exploit, 250 $ETH Bounty Awarded

India's security landscape under siege as ransomware, malware threats spike

Internet-Wide Zero-Day Bug Fuels Largest-Ever DDoS Event

IZ1H9 Botnet Targets IoT Devices With New Exploits

Killnet’s attacks on Israel: an invitation to open fire

libcue Library Flaw Opens GNOME Linux Systems Vulnerable to RCE Attacks

Magecart Hackers Hide in 404 Error Pages

Manufacturing services tech giant hit with cyberattack

MGM faces £100m loss from cyber attack on its casinos

MGM Resorts Details Financial Losses, Data Breached From Cyber Attack

Microsoft fixes exploited WordPad, Skype for Business zero-days (CVE-2023-36563, CVE-2023-41763)

Microsoft Patch Tuesday Haunted by Zero-Days, Wormable Bug

Microsoft warns: the era of AI-driven cyberattacks has already begun

More than 50% of German companies are victims of cyber attacks

MOVEit saga drags on as credit union discloses 100K victims

Nation-State Cyber Threat Landscape: Understanding Its Implications and Safeguarding the Financial Services Industry

Nation-state hacker group targeting Taiwan, US, Vietnam and Pacific Islands

National Telecommunication and Information Security Board (NTISB) issues warning on password-protected WinRAR files

New 'HTTP/2 Rapid Reset' zero-day attack breaks DDoS records

New Magecart Campaign Alters 404 Error Pages to Steal Shoppers' Credit Cards

New technique leads to largest DDoS attacks ever, Google and Amazon say

New Threat Actor “Grayling” Blamed For Espionage Campaign

North Korea's State-Sponsored APTs Organize & Align

One Solution to Rule Them All: Browser Security Redefined

One-Click 'Gnome' Exploit Is a Supply Chain Risk for Linux OSes

Over 800k Flagstar Bank Customers Impacted by Third Data Breach Since 2021

Philhealth data breach largest since ‘Comeleak’

Phishing Scams: Binance’s Hong Kong Clients Have Reportedly Lost $450K+ via Series of Fraudulent Texts

Quest Diagnostics Facing Lawsuit for Disclosing Medical Information to Third Party Debt Collectors

Ransomware: Lessons Learned from One Food Company’s Experience

Ransomware attacks register record speeds thanks to success of infosec industry

Ransomware gang threatens to release stolen CDW Corp. data

Ransomware groups club together

'Really frightening': IT leaders on cybersecurity in the age of AI

Researchers Uncover Grayling APT's Ongoing Attack Campaign Across Industries

Russian hacktivists now targeting Israeli global satellite and Industrial Control Systems

Sabre investigation finds no security concerns from alleged ransomware attack

Safeguarding Your Brand: 5 Cybersecurity Tips

Securing the food pipeline from cyberattacks

Smile Brands data breach class action settlement

South Africa: Justice department takes on Information Regulator over R5m POPIA fine

The AI arms race: How attackers and defenders are tooling up

"The Phantom Hacker" targeting senior citizens in Pennsylvania, Treasurer warns

The surprising threat is lurking even in your ‘secure’ work environment

Threat actors exploit HTTP/2 vulnerability

UK SME cyber threat concerns on the rise in last 12 months

Understanding Cyber Resilience

University Federal Credit Union Confirms Over 100k Customers Affected by MOVEit Data Breach

Unpatched Critical Zero-Day Bug Puts Exim Servers at Risk

Unveiling Vulnerabilities: Penetration Testing Services

Walmart, Inc. Files Notice of Data Breach with the HHS-OCR, Indicating Over 85k Victims

What are Businesses Doing About Ransomware Attacks?

What to Do if a Data Breach Exposes Your Passwords, Bank Account, Credit Cards and More

Why Are APIs so Easy for Threat Actors to Exploit?

Why zero trust delivers even more resilience than you think

Will Quantum Computers Become the Next Cyber-Attack Platform?

9th October

$2.7 billion lost to social media scams since 2021

23andMe data breach affects a million users with Jewish heritage

23andMe says hacker appears to have stolen people’s genetic information

23andMe suffers credential stuffing cyber attack

23andMe suffers data breach, genetic data and other user information for sale online

176,200 Ortho Alaska Patients Affected by Data Breach

A Growing Cyberwar in the Widening Israeli-Hamas Conflict

AI More Helpful Than Harmful in Cybersecurity

AI's role in future advanced social engineering attacks

ALPHV ransomware gang claims attack on Florida circuit court

Autonomous Fleets Are Almost Here. Are They Safe From Cyberattacks?

Binance Impersonators Swindle Hong Kong Residents via Phishing Scams

Biotech firm 23andMe confirms user data leak in credential-stuffing attack

Blackbaud Settles Ransomware Breach Case For $49.5m

Blackbaud settles ransomware data breach investigations for $49.5M

Caesars class action alleges casino failed to properly protect customer information prior to data breach

Clorox shares touch more than 5-year low on financial hit from cyber attack

Colorado health department adds 95k individuals to its list of MOVEit hack victims

Companies rethinking degree requirements for entry-level cybersecurity jobs

Congress examining ways to try to prevent ransomware attacks and protect your information

Crooks trying to blackmail worried Israelis on WhatsApp

Crypto Exchange HTX Recovers $8 Million Lost to Hacker in Recent Security Breach

Cumbria police data breach was ‘one-off’ says crime commissioner

Cyber attack hits electronics firm Volex

Cyberattacks, identity theft and ransomware are on the rise. You can protect yourself

Cybercriminals Using EvilProxy Phishing Kit to Target Senior Executives in U.S. Firms

Cybersecurity Awareness Dos and Donts Refresher

D-Link WiFi range extender vulnerable to command injection attacks

DC Board of Elections Discloses Data Breach

Delete Android apps to avoid horrifying ‘jack attack’ that steals money in seconds, security expert urges

DNA Tester 23andMe Hit By Credential Stuffing Campaign

Dymocks breach happened while changing providers

Enhanced cybersecurity urged amid PhilHealth data breach

Federal Trade Commission (FTC) finds that social media scams lead to more losses than other scams

Flagstar Bank suffered a data breach once again

Formbook Takes the Throne as Most Prevalent Malware

FTX Hacker Converts 75,600 of Stolen ETH, Here's Which Network They're Using

Gaza-Linked Cyber Threat Actor Targets Israeli Energy and Defense Sectors

GNOME Linux systems exposed to RCE attacks via file downloads

Hacker Steals Then Returns Funds For Reward To Huobi's HTX: 'You Made The Right Choice'

Hackers advertise sale of 23andMe data on leaked data forum

Hackers hijack Citrix NetScaler login pages to steal credentials

Hackers Join In on Israel-Hamas War With Disruptive Cyberattacks

Hackers modify online stores’ 404 pages to steal credit cards

Hackers Send Fake Rocket Alerts to Israelis via Hacked Red Alert App

Hacktivists Enter Fray Following Hamas Strikes Against Israel

Hacktivists in Palestine and Israel after SCADA and other industrial control systems

HelloKitty ransomware source code leaked on hacking forum

High-Severity Flaws in ConnectedIO's 3G/4G Routers Raise Concerns for IoT Security

Hot on the DNS Trail of the 16shop Phishing Kit Operators

How much 3 health systems are paying to settle data breach lawsuits

How Process Automation Can Help Streamline Security

Incentivizing secure online behavior across generations

Israel’s government, media websites hit with cyberattacks

Israel's tech sector could face disruptions after attacks

Kremlin-Linked Hacker Group Launches Cyber-Attack Against Israel

'Looney Tunables' Linux Flaw Sees Snowballing Proof-of-Concept Exploits

Malta: Commissioner to probe alleged data breach in driving licence racket

MGM Resorts cyberattack cost could exceed $100M

MGM Resorts Reveals Over $100M in Costs After Ransomware Attack

Microsoft 365 email senders urged to implement SPF, DKIM and DMARC

Microsoft names Hamas-linked group targeting Israel

Microsoft Teams Used as Initial Access for DARKGATE Malware

Microsoft, Paypal among most impersonated brands in phishing attacks in 2023

MOVEit Transfer breach suffered by Fiserv impacted 837k Flagstar Bank customers

Navigating the patchwork of U.S. privacy and cybersecurity laws: key regulatory updates from summer 2023

Newly discovered Android malware has infected thousands of devices

Operation Behind Predator Mobile Spyware Is 'Industrial Scale'

Over 6,000 individuals hit in Sony data breach

Over 17,000 WordPress sites hacked in Balada Injector attacks last month

Palestine Hacker Groups Target Several Indian Websites As India Extends Support To Israel

PEACHPIT: Massive Ad Fraud Botnet Powered by Millions of Hacked Android and iOS

Phishers Spoof U.S. Postal Service (USPS), 12 Other National Postal Services

Phishers, scalpers, and porch pirates ready to ruin your Amazon Prime Day

Qakbot Threat Actors Deliver Knight Ransomware & Remcos Via LNK Files

QR Code Phishing ‘Quishing’

Ransomware attack puts McLaren patient data at risk

Ransomware strains are getting quicker and sharper than ever before

RedAlert, Israel's rocket alert app, breached by hacktivists

Security Patch for Two New Flaws in Curl Library Arriving on October 11

Social Dominates as Victims Take $2.7bn Fraud Hit

Sony confirms massive data breach; personal information of thousands of employees compromised

St. Louis, Missouri, Transit Disrupted by Weekend Cyber Attack

Survey Sees Many Cybersecurity Professionals Willing to Jump Ship

Ten most common cyber security misconfigurations, as revealed by the NSA and CISA

The 3 biggest social media scams Americans are falling for

The source code of the 2020 variant of HelloKitty ransomware was leaked on a cybercrime forum

The true cost of a data breach

Threat Actors Employ Remote Admin Tools to Gain Access over Corporate Networks

Two or More Ransomware Variants Impacting the Same Victims and Data Destruction Trends

UK Power and Data Manufacturer Volex Hit by Cyberattack

Volex hit by cyber attack, no material financial impact expected

Volex sees no material financial hit from cyber attack

Webwyrm Malware Affects More Than 100,000 Users in 50 Countries

What Is Phishing?