Editor's Message

Welcome to DBD. On March 8th we celebrated our 4th Anniversary and the 1st Anniversary of our PRiSM application, officially endorsed by the SANS Institute. Despite recent personal issues that have impacted the amount of time I have been able to dedicate to both projects, I have been doing my best to keep everything as up-to-date as possible, and I would like to take this opportunity to thank everyone for their patience and support whilst I navigate through this very difficult time. Stay safe. :)

Monday 13 November 2023

Data Breaches Digest - Week 46 2023

Welcome to this week's Data Breaches Digest, a catalogue of links concerning Data Breaches and Cyber Security that were published on the Internet during the period between 13th November and 19th November 2023.

19th November

8Base ransomware operators use a new variant of the Phobos ransomware

Canada: Current and former public service, RCMP, military members affected by data breach, federal government warns

Crypto Scammers Exploit Gaza Crisis, Deceiving Users in Donation Scam

Cyberattacks on Nigerian government agencies rise

FBI Issues Warning About Dangerous 'Scattered Spiders' Hackers: Here's How To Be Safe

From email phishing to smishing - here are the prominent types of phishing attacks you should know about

How to Protect Your Online Account from Suspicious Activity

Indian cyberspace seeing incidents at higher rate than global average

Inside the Dark Web: Unveiling cyber threats to business

K-12 schools improve protection against online attacks; many vulnerable to ransomware gangs

Researchers extract RSA keys from SSH server signing errors

Russian hackers use Ngrok feature and WinRAR exploit to attack embassies

Nigeria’s financial sector under siege: The alarming rise of cyber fraud and inadequate defenses

Postmeds Data Breach and Class Action Lawsuit: Latest Updates

The common passwords that could be putting your computer and identity at risk

The importance of data protection in Zimbabwe

To keep our trust, officials must be forthcoming about ‘incident’ that paralyzed Kansas courts

Top 5 types of cyber financial frauds that you should be wary of

Toyota Confirms Breach After Medusa Ransomware Threatens to Leak Data

Trinidad and Tobago: Cyber security’s place on government agenda

University of Minnesota (UMN) data breach sparks concerns for those affected

Warning for UK Samsung users - check if your phone has been targeted by hackers

What Is Small Business Endpoint Security: Meeting your Business Needs

Which Type Of Malware Resides Only In RAM

18th November

8Base Group Deploying New Phobos Ransomware Variant via SmokeLoader

CEOs of Ontario hospitals hit by ransomware attack provide updates on impact and look for no ransom payment legislation

Deepfake Technology: From Social Media Guidelines to Recognizing Red Flags; Things Students Must Know

Digital risks: Protecting yourself online

Does claiming you were hacked when you had really just screwed up violate the Federal Trade Commission (FTC) Act?

'Don't click' warning issued to bank account holders who could see accounts emptied

Everything About ‘Deepfake Technology’: Social Media Guidelines And Red Flags

Exploit for CrushFTP RCE chain released, patch now

Federal Communications Commission (FCC) adopts new rules to protect against SIM-swapping attacks

Former Jaguars Employee Found Guilty of Hacking Jumbotron After Team Let Him Go for Being a Convicted Sex Offender

Hackers explained: an evolution of curiosity and chaos

Hackers Infiltrate BriansClub: A Look at the Latest Data Breach

Healthcare startups scramble to assess fallout after Postmeds data breach hits millions of patients

Hotel Hacker Faked His Own Death by Hacking Into State Death Record Systems

How North Korea makes a fortune stealing crypto

Justin Sun gives new ultimatum to Poloniex hackers, offers $10m bounty

Long Beach, California is facing major cybersecurity incidents

Multimillion-Dollar Vishing Scam Busted: Czech-Ukrainian Gang Arrested

Nearly 4,000 cyber attacks against Ukraine recorded over 20 months, says US Treasury

Nearly 4,000 cyberattacks reported in Ukraine since start of war

Network Segmentation Guide: Essential Security Best Practices Revealed

North Korea’s Cryptocurrency Heist Bonanza: From Sanctions Struggle to Billions in Ill-Gotten Gains

Orion Library Tackles Malware Attack

Poloniex Hacker Might Be Identified, $10M Bounty Offered

Researchers uncover alarming password habits in new study

Russian Cyber Espionage Group Deploys LitterDrifter USB Worm in Targeted Attacks

Samsung Acknowledges Data Breach Impacting UK Customers, Third Incident in Two Years

Scams targeting seniors are climbing. AI will only make it worse

Singapore: Developer of Starbucks’ e-commerce platform fined S$10K over data breach

State reports 1.3 million affected by massive data breach

T-Mobile Under Scrutiny Again Over Alleged Data Breach and Privacy Violation

The Importance of Strong Passwords and Tips for Creating Hack-Resistant Passwords

The real elf on the shelf may be the tech under your tree - Mozilla releases its list of 2023's creepiest gadgets

Trouble in Toyland: Smart toys reveal alarming security risks

Understanding the Key Elements of Effective Enterprise Security Architecture

Web3 Security Essentials: A Guide to Web3 Security

What is Costco Data Breach and Card Skimming Attack?

What is LockBit, the cybercrime gang hacking some of the world's largest organizations?

When ransomware hits hospitals, how do you protect patients?

Why Is Mobile Banking Considered Riskier Than Online Banking?

World Health Organization (WHO) denies involvement in alleged Covid-19 vaccination data breach in the Philippines

17th November

5 Of The Most Common Ways Malware Is Spread (And How To Stay Protected)

20+ Companies Hacked in Massive Cyber Attack on Critical Infrastructure

27 Malicious PyPI Packages with Thousands of Downloads Found Targeting IT Experts

A Hacker Faked His Own Death - Then Claimed To Have Sold Marriott Customer Data To Russians, FBI Says

AI Adds to the Cyberthreats Holiday Shoppers Will Face

AI Vs AI: Amid Growing Numbers Of Scams, Here's How We Can Use AI To Defend Against AI

Beware: Malicious Google Ads Trick WinSCP Users into Installing Malware

Beware of 48 Malicious npm Packages Deploying Reverse Shells

Black Friday: Scammers Exploit Luxury Brands to Lure Victims

Bloomberg Crypto X account snafu leads to Discord phishing attack

Bots and fraud make up 73% of website and app traffic

British Library: Ongoing outage caused by ransomware attack

British Library: Ransomware Recovery Could Take Months

Building cyber resilience to recover quickly, at scale

Businesses that eliminate passwords report better security outcomes

Change of tactics: ALPHV reports target to SEC for failing to disclose breach

CISA Adds Three Security Flaws with Active Exploitation to Known Exploited Vulnerabilities (KEV) Catalog

CISA warns of actively exploited Windows, Sophos, and Oracle bugs

CISA, FBI warn of Scattered Spider expertise with social engineering, SIM swapping

City of Long Beach declares local emergency after cyberattack

Clark County Schools Implement Security Updates After Cyber Attack

Courts: Steps taken to better protect customers after data breach

Cyber attack forces Toyota Financial Services systems offline

Cyber Incident at DP World Australia Shut Down Port Operations, Backed Up 30,000 Shipping Containers

Cybercriminal for hire: The rise of Ransomware-as-a-Service

Cybersecurity: It’s Not A Job - It’s A Mission

Cyprus Post warns of surge in phishing scams

Data breaches decrease by 76% globally in Q3 2023

Ddostf Botnet Resurfaces in DDoS Attacks Against MySQL and Docker Hosts

Don't Be a Cyber Victim: Elevate Your Online Security with Cyber Hygiene

Escape NFT Phishing Scams: Your Ultimate Guide to Safeguarding Assets and Navigating the Digital Landscape

FBI Lifts the Lid on Notorious Scattered Spider Group

FBI warning on MGM hacker group Scattered Spider, urges victims to come forward

Federal Communications Commission (FCC) Enforces Stronger Rules to Protect Customers Against SIM Swapping Attacks

Feds Issue Warning on Ransomware Group Targeting Public Sector

Google: Hackers exploited Zimbra zero-day in attacks on government organizations

Google Reveals ‘Reptar’ Vulnerability Threatening Intel Processors

Hacker Accused of Stealing from DraftKings Customers Pleads Guilty

Hacker Receives 18-Month Prison for Running Dark Web Forum

Healix Infusion Therapy Files Notice of Data Breach with HHS-OCR

Henry Schein says October data breach compromised customers' financial information

How to Scam-Proof Your Credit Card: Essential Tips and Tricks

Incident of the Week: McLaren Health Care data breach impacts 2.2 million people

Indonesia: BSSN Records 361 Million Cyber Attacks in Indonesia

LockBit redraws negotiation tactics after affiliates fail to squeeze victims

More than 330,000 Medicare recipients affected by MOVEit breach

Morgan Stanley fined $6.5M over client data breach

Mt. Graham Regional Medical Center Recovers from Ransomware Attack but Confirms Data Breach

Multiple colleges, K-12 schools facing outages after cyberattacks

MyHost customers caught up in new phishing attack

New Ransomware Gangs Driving Attack Surge

New Report Examines Pressing K-12 Cybersecurity Concerns

New York's hospital cybersecurity rules could spur similar mandates

October 2023 Healthcare Data Breach Report

Over 100,000 state residents’ data stolen in Prospect hospitals breach

Patient Care Continues to be Affected Following Hospital Cyber Attack

Perry Johnson & Associates says data breach compromised health records of almost 9 million people

Personal data of Bangladeshi citizens stolen online

Philippines: Philippine Center for Investigative Journalism (PCIJ) website targeted by cyber attack

Prison phone company blamed for data breach affecting thousands of users

Ransomware gang files Securities and Exchange Commission (SEC) complaint against company that refused to negotiate

Ransomware gang files Securities and Exchange Commission (SEC) complaint over undisclosed breach

Ransomware targets will pay one way or another

Remcos, again: Ukrainian agencies targeted in a new spying campaign

Rightway Healthcare Announces Data Breach Affecting Davis Polk and Okta Employees

Rise in automated attacks troubles ecommerce industry

Royal Mail to Spend £10m on Ransomware Remediation

Russian analysts point finger at China, North Korea over cyber activity

Samsung data breach affects UK customers

‘Sex life data’ stolen from UK government among record number of ransomware attacks

Shielding your digital assets: How cyber insurance can provide a safety net in the face of growing cyber threats

Software Supply Chain Security For The C-Suite

Starbucks Singapore rewards vendor fined SG$10,000 for customer data breach

Systems East attackers steal 209K encrypted payment cards

The retail sector is under threat from...Gmail, WhatsApp and Google Drive?

The top 10 financial internet scams to avoid becoming a victim

Threat actors behind Las Vegas casino attacks are social-engineering mavens

Threat Actors Target Academic Researchers in Phishing Schemes

Top 7 cyber security measures that enterprises shouldn’t neglect

Traditional cloud security isn’t up to the task

Truepill Data Breach Exposes Personal Information of 2.3 Million Patients

U.S. Cybersecurity Agencies Warn of Scattered Spider's Gen Z Cybercrime Ecosystem

UK privacy authority to appeal decision overturning $10 million fine on Clearview AI

Understanding the Ransomware Attack Fallout on China’s ICBC

US prison allegedly hit by ransomware attack

We tried to quantify how harmful hospital ransomware attacks are for patients. Here’s what we found

What Holiday Season Tactics Can We Expect From Cyber-criminals?

Yamaha and WellLife Network confirm cyber incidents after ransomware gang claims attacks

Yamaha Motor confirms ransomware attack on Philippines subsidiary

16th November

3 Ways Behavioral Economics Obstructs Cybersecurity

5 common ChatGPT scams you should be aware of

8 Phishing Techniques

9 Million health records spilled by transcription firm

29% of organizations cite data loss as top security breach result

46% of SMBs and enterprises have experienced a ransomware attack

A Deep Dive Into Deception Technology

Adams Bank & Trust Notifies 23k+ Clients of Data Breach Affecting Their SSN and Other Personal Information

ALPHV (BlackCat) Ransomware Using Google Ads to Target Victims

ALPHV claims Henry Schein hack, credit card info potentially compromised

Apple's iPhone App Sideloading May Increase Crypto Phishing Risks

Australia: Aussie spies lament ongoing WannaCry attacks

Barclays, Lloyds, Santander, HSBC and NatWest customers issued 'don't click' warning

Black Friday: Malwarebytes Warns of Credit Card Skimming Surge

Black Friday sales on the dark web: Hackers are looking for deals too

BlackCat Gang Tattles to SEC About Victim Not Disclosing Breach

BlackCat plays with malvertising traps to lure corporate victims

BlackCat Ransomware Group Reports Victim to Securities and Exchange Commission (SEC)

BlackCat/ALPHV ransomware gang files SEC complaint over victim’s “undisclosed” data breach

BlackSuit Ransomware Is Credible Threat to Healthcare Cybersecurity, HC3 Says

British Library’s Halloween cyber scare was ransomware

Center for Medicare & Medicaid Services (CMS) Notifies Additional Individuals Potentially Impacted by MOVEit Data Breach

Children’s tablet has malware and exposes kids’ data, researcher finds

CISA and FBI Issue Warning About Rhysida Ransomware Double Extortion Attacks

CISA, FBI warn of social engineering-based ransomware

Cloud Security Alliance (CSA) Launches First Zero Trust Certification

Criminals are making thousands every day by spoofing crypto researchers on X

Cyber criminals say they stole 20GB of sensitive data from SaaS company Plume's network

Cyber security advisory warns of emerging ransomware variant Rhysida

Cyber-Criminals Exploit Gaza Crisis With Fake Charity

Cyberattack on ICBC's US unit to not have material impact on parent bank

Cybercriminal for hire: The rise of Ransomware-as-a-Service

Dangerous Apache ActiveMQ Exploit Allows Stealthy EDR Bypass

‘Data Breach Is A Fact Of Life In An Increasingly Digital World. You Can't Eliminate It, You Can Only Mitigate It’

Data Breach Preparedness and Recovery: Building a Robust Incident Response Plan

Eight tips to guard against text message cyberattacks

Essential Cybersecurity Practices for Remote Work

European Police Take Down $9m Vishing Gang

Europol and Eurojust support Czech and Ukrainian police in taking down multi-million euro voice phishing gang

Experts Uncover DarkCasino: New Emerging APT Threat Exploiting WinRAR Flaw

Fake crypto apps bring real losses to leading app marketplace users

FBI shares tactics of notorious Scattered Spider hacker collective

FBI Shuts Down IPStorm Botnet as Its Operator Pleads Guilty

Federal Trade Commission (FTC) targets telecom provider for inmates after massive data breach

Fortinet warns of critical command injection bug in FortiSIEM

From Heartbleed to Now: Evolving Threats in OpenSSL and How to Guard Against Them

Google Says 4 Attack Campaigns Exploited Zimbra Zero-Day

Google Workspace Vulnerabilities Lead to Network-Wide Breaches

GRIT Ransomware Report: October 2023

Guarding against human error: The unseen weakness in cyber security

Hackers claim multiple attacks on Israel and leak confidential files

Hackers Could Exploit Google Workspace and Cloud Platform for Ransomware Attacks

Hackers target Greece, Tunisia, Moldova, Vietnam and Pakistan with Zimbra zero-day

Half of Ransomware Groups Operating in 2023 Are New

Hive reborn: new ransomware group emerges from the ashes

How DDoS attacks are taking down even the largest tech companies

How much to clean up a ransomware infection? For Rackspace, about $11M

Illinois casino customers, employees targeted by data breach

India: Has Your Data Been Compromised?

Industrial and Commercial Bank of China (ICBC) hacker says ransom was paid following major breach

Insider Threat: Hunting and Detecting

Israeli private eye gets 80-month sentence for global hack-for-hire scheme

Long Beach is latest California city facing cybersecurity incident

Long Beach, California turns off IT systems after cyberattack

Loyalty marketing agency gets S$10,000 fine over data leak of Starbucks Singapore customers

Magic Circle Law Firm Allen & Overy Suffers a LockBit Cyber Attack After Shearman & Sterling Merger

Maine State Government’s MOVEit Data Breach Basically Impacted All 1.3 Million Residents

Major cyberattack on Australian ports suggests sabotage by a ‘foreign state actor’

MeridianLink confirms cyberattack after ransomware gang claims to report company to SEC

MESVision attack exposes nearly 350K individuals

Morgan Stanley to Pay Another $6.5 Million Tied to Client Data Breach

MOVEit Hack: What went wrong, and how to course correct

Mr. Cooper class action claims mortgage provider’s negligence resulting in data breach

Mt. Graham Regional Medical Center (MGRMC) reports patient data leaked during its previous cyberattack

Multi-million dollar voice phishing fraudsters busted in Europe

MySQL servers targeted by 'Ddostf' DDoS-as-a-Service botnet

Nearly half of Indian IT leaders feel security is missing component in their data policy

New Protestware Uses npm Packages to Call for Peace in Gaza and Ukraine

North Carolina's Bladen County announces a major cyber attack targeting its internal systems

North Mississippi Health Services Affected by MOVEit-Related Data Breach at Cadence Bank

Palestine-aligned cyberespionage actor shifts infection chain tactics

Password hygiene: The weak passwords you shouldn't use

Pathology Resource Network Provides Notice of Third-Party Data Breach at Cadence Bank

PeakMed Colorado Posts Notice of Data Breach Impacting More than 27k Patients

Perry Johnson & Associates (PJ&A) Announces Data Breach Affecting the Information of 8,952,212 Consumers

Philippine Center for Investigative Journalism (PCIJ) website goes offline after cyber attack

Phishing Attacks Become A Serious Threat To Businesses

Polish court discovers secret cryptomining rigs hidden throughout building

Prevent and treat ransomware attacks

Ransomware Attack Paralyzes Huber Heights, Ohio: Local Services Down for a Week

Ransomware Attack Severely Impacts City in Ohio

Ransomware Gang LockBit Revises Its Tactics to Get More Blackmail Money

Recology Confirms Cybersecurity Incident and Investigates Possible Data Breach

‘Retail Organisations Increasingly Unable to Halt Ransomware Attack’

Rivers Casino Des Plaines warns of data breach affecting customer, staffer information

Royal Mail’s recovery from ransomware attack will cost business at least $12M

Russian Cozy Bear Strikes European Embassies With WinRAR Bug

Russian Hackers Linked to 'Largest Ever Cyber Attack' on Danish Critical Infrastructure

Russian Hacking Group Sandworm Linked to Unprecedented Attack on Danish Critical Infrastructure

Russian-Moldovan National Admits to Infecting 23,000 Devices with Botnet Malware

Samsung confirms data breach affecting some UK customers

Samsung Data Breach: Hackers Steal Data of UK Customers

Samsung discloses massive year-long data breach that affected UK store customers

Samsung notifies UK store customers of data breach

Scams warning for millions of workers submitting online tax returns

Scattered Spider

Securing Human Identities in the Digital Age

Skidmore College Hit with Class Action Over February 2023 Data Breach

South-West Regional Health Authority (SWRHA) denies paying US$7m to hackers

St. Lucie County Tax Collector Hacked by Ransomware Attacker 'Dark Cat'

Stanley Steemer Provides Notice of Data Breach to 66,978 Individuals

Stop using weak passwords for streaming services - it's riskier than you think

Teen Pleads Guilty in DraftKings Data Breach Case

Telemetry gaps leave networks vulnerable as attackers move faster

The Move Away From Passwords Will Be Gradual, Delinea Survey Finds

The new imperative in API security strategy

The Persistent Menace: Understanding And Combating Ransomware

Toyota confirms breach after Medusa ransomware threatens to leak data

Toyota Financial Services attack claimed by Medusa ransomware

Toyota recovering from cyberattack on its financial services division

Trellix Detects Collaboration by Cybercriminals and Nation-States

Two decades of digital defence: Why cybersecurity must remain a top concern for everyone

Ukraine Tracks a Record Number of Cyber Incidents During War

Ukrainian and Czech police bust $9 million bank fraud gang

Vietnam Post exposes 1.2TB of data, including email addresses

Westat, Inc. reports data breach due to MOVEit software vulnerability

What Is a Digital Footprint?

Zero-Day Flaw in Zimbra Email Software Exploited by Four Hacker Groups

15th November

6 steps for protecting small businesses from cyberattacks

8 things every physician must know to stop cyberattacks

9 million patients had data stolen after US medical transcription firm hacked

Acrisure Files Notice of Data Breach Following Period of Unauthorized Access to the Company’s Computer Network

Alert: Microsoft Releases Patch Updates for 5 New Zero-Day Vulnerabilities

Aligning cybersecurity & business objectives leads to security success

Anger as Fife GP patients’ private details leaked in ‘deeply concerning’ data breach

Apple iPhone App Sideloading Could Increase Risk of Crypto Phishing Attacks

As data grows, two-third of IT leaders unable to secure it

Basic Cybersecurity Skills All Employees Should Have

Beaverton School District warns parents of student data breach

BlackCat ransomware gang attacks corporations, public entities in malvertising campaign

BlackCat Ransomware Gang Targets Businesses Via Google Ads

Booking.com’s confirmation of phishing attack sparks data breach concerns

Canadian payment processor Moneris thwarts ransomware assault

Change your password right now as list of 200 most dangerous logins revealed – and 70% have devastating secret

ChatGPT's new code interpreting tool could become a hacker's paradise. Here's how

Chinese Scammers Exploit Cloned Websites in Vast Gambling Network

CISA adds three Microsoft Patch Tuesday bugs to vulnerability list

Citrix Hypervisor gets hotfix for new Reptar Intel CPU flaw

Credit card skimming in fashion as we dive into holiday shopping

Crippling cyber-attack halts Australian ports activity

Critical systems restored at English council following ransomware attack

Cybersecurity in Online Trading: Safeguarding the Future of Investments

Data on current, former Toronto library staff stolen in ransomware attack

Digital pharmacy startup Truepill says hackers accessed sensitive data of 2.3 million patients

Domain Squatting and Brand Hijacking: A Silent Threat to Digital Enterprises

Elevating Your Defense Strategy with Cloud Security Posture Management

Fake WhatsApp Web phishing scam: 237 victims, $606K losses

FAMS Recovery Solutions Notifies 164,796 People of Recent Data Breach

FBI and CISA Say the Royal Ransomware Group May Rebrand

FBI and CISA warn of opportunistic Rhysida ransomware attacks

FBI Says Enhanced Partnerships Help Combat Ransomware Surge

Federal Trade Commission (FTC) Approves New Data Breach Notification Requirement for Nonbanking Financial Institutions

Financial Institutions in New York Face Stricter Cybersecurity Rules

‘Fraud is fun’ DraftKings teen hacker pleads guilty in fantasy sports betting theft

Fraud researchers impersonated on X to push crypto-stealing sites

Genealogy platforms roll out two-factor authentication following 23andMe data breach

Generative AI is shaping future incident management processes

Google search ads abused to spread ransomware by ALPHV/BlackCat gang

GPT vs Malware Analysis: Challenges and Mitigations

Greece: Hackers hit ETAD with ransomware

Hacker Group Publishes 43GB Of Boeing Data After Failing To Receive Ransom

Hackers Claim Major Data Breach at Smart WiFi Provider Plume

Henry Schein data breach: banking details exposed

Higher education data breach threatens how well policymakers can track student progress

India: 1.39 million cyberattacks handled in 2022, phishing attacks rise

Insurance Company Hilb Failed to Protect Private Data from Cyberattack, Class Action Claims

Intel patches high-severity vulnerability affecting central processing units

Intel Patches Widespread Processor Vulnerability

Is a new ransomware group’s listing for Decatur Independent School District linked to an attack in September?

Is the Fear of Cyberwar Worse Than Cyberwar Itself?

Is Your WiFi Secure? Here’s Why it Needs To Be

Johnson Controls warns delay in earnings report due to cyberattack

Legal protections in the age of data breaches: Lessons from the Optus Class Action

Lesson from Casio’s Data Breach: Why Database Security Still a Major Challenge for Businesses?

LockBit group releases 50 GB of stolen Boeing data following ransom rebuff

LockBit ransom gang behind mass exploitation of Citrix bug, researchers say

Malicious CPU-Z Copy Is Spread In Google Search Ads

Man arrested over suspected 'web skimming' credit card info theft in Japan first

Managing Ransomware Threats in Kubernetes-Based Applications

MESVision Experiences Data Breach Stemming from MOVEit Software Vulnerability

Microsoft Fixes Five Zero-Day Vulnerabilities

Mitigating Ransomware Risks: Six Best Practices For MSPs

Nearly two dozen Danish energy companies hacked through firewall bug in May

New PoC Exploit for Apache ActiveMQ Flaw Could Let Attackers Fly Under the Radar

New Samsung data breach impacts UK store customers

Ohio city severely disrupted by ransomware attack

Online Shopping Tips to Protect Yourself During Black Friday 2023

OpenAI Attributes ChatGPT Outages to a DDoS Attack Claimed by a Russian Hacktivist Group

OpenSea NFT users report massive email phishing campaign

Organizations should prepare for the inevitability of cyberattacks on their infrastructure

Otsego Memorial Hospital Experiences Cyber Incident, Raising Data Breach Concerns Among Patients

Over two million users hit by top US pharmacy provider data breach

Perry Johnson & Associates (PJ&A) Data Breach: Almost 9 Million Patients Affected

Perry Johnson & Associates (PJ&A) says cyberattack exposed data of nearly 9 million patients

Phishing Scheme Involving Fake Journalists Exposed in Friend.tech Attack

Q3 2023 sees a rise in botnet activity

Rackspace Ransomware Costs Soar to Nearly $12M

Ransomware Attack on World’s Largest Bank Suspected to Be the Work of LockBit

Ransomware gang files Securities and Exchange Commission (SEC) complaint over victim’s undisclosed breach

Ransomware more efficient than ever, and baddies are still after your logs

Reptar: New Intel CPU Vulnerability Impacts Multi-Tenant Virtualized Environments

Q3 2023 sees a rise in botnet activity

Securing Sensitive Data: Cybersecurity in Asset Management

Some Caesars Windsor guests warned of potential info leak in hack

State-backed Hackers A Threat To Australia, Agency Warns

Stay ahead of the scammers and keep your accounts safe

Stop Ransomware: Rhysida Ransomware

Sutter Health Confirms 84K Individuals Affected by Cyberattack on Business Associate

SysAid Zero-Day Vulnerability Exploited in CL0P Ransomware Attacks

The 5 cyber threats that could take down your business

The Bank of Canton Provides Notice of Third-Party MOVEit-Related Data Breach

The holiday season sees a rise in credit card skimming

The persistent threat of phishing in the digital age

Top 10 African countries most vulnerable to cyber threats

Top Security & Risk Management Trends in 2024

Toronto Public Library confirms data stolen in ransomware attack

Traditional MFA isn't enough, phishing-resistant MFA is key

Trustwave SpiderLabs Exposes Critical Cybersecurity Threats Targeting Retailers

Tyson Foods claimed by Snatch ransomware gang

U.S. Takes Down IPStorm Botnet, Russian-Moldovan Mastermind Pleads Guilty

UK Privacy Regulator Issues Black Friday Smart Device Warning

Urgent: VMware Warns of Unpatched Critical Cloud Director Vulnerability

US Dismantles IPStorm Botnet Proxy Service

US Government Unveils First AI Roadmap For Cybersecurity

US says Royal ransomware gang plans ‘Blacksuit’ rebrand

Watch out for RATs targeting your computers – Not a rodent, but a security vulnerability

Welltok Files Notice of MOVEit-Related Data Breach on Behalf of St. Bernards Healthcare

Were You a Victim of the MOVEit Breach? Here's What You Need to Know

What Is Clone Phishing?

What is Security Posture?

Why Marketers Need to Pay More Attention to Customer Data Privacy

14th November

61% of organizations store sensitive data in multiple locations

75% of security leaders say security automation is important

82% of Attacks Show Cyber-Criminals Targeting Telemetry Data

A major data breach bites into a big dental distributor's ecommerce systems

Alert: OracleIV DDoS Botnet Targets Public Docker Engine APIs to Hijack Containers

BlackCat group claims it stole the data of 2.5m patients from McLaren Health Care's network

CacheWarp Attack: New Vulnerability in AMD SEV Exposes Encrypted VMs

CISA, FBI warn that Royal ransomware gang may rebrand as ‘BlackSuit’

CISA Sets a Deadline - Patch Juniper Junos OS Flaws Before November 17th

Cyber incident reports hit ‘all-time high,’ warns UK National Cyber Security Centre (NCSC)

Cyber-espionage operation on embassies linked to Russia’s Cozy Bear hackers

Cyberattack cancels online classes at North Carolina Central University (NCCU), disrupts other services

Cyberattack on North Carolina county allowed hackers to access data

Cybercriminals Disabled or Wiped Out Logs in 82% of Attacks

Cybersecurity threats: What to worry about, or ignore

Dakota Eye Institute data breach compromised the personal data of 107k patients

Danish critical infrastructure hit by the largest cyber attack in Denmark’s history

Deepfakes could supercharge health care's misinformation problem

Denmark hit with largest cyberattack on record

Department of Health (DOH) looking into possible COVID-19 vaccination data breach after World Health Organization (WHO) cyberattack

Dollar Bank class action claims data breach affected 13K+ current, former customers

Evolving Your Cybersecurity Approach: 4 Questions Answered

FBI struggled to disrupt dangerous casino hacking gang, cyber responders say

FBI takes down IPStorm malware botnet as hacker behind it pleads guilty

FBI takes heat from industry for not making arrests in MGM-Caesars cases

Federal Trade Commission (FTC) Adopts Data Breach Notification Obligations for Non-Banking Financial Institutions

File Transfer Data Breach Affected 1.3 Million People, Maine Reports

Friend.tech phishing scheme involved fake journalists

Gamblers’ data compromised after casino giant fails to set password

Hacker gang claims St. Lucie County breach, tax collector says sensitive info not at risk

Hackers are exploiting ‘CitrixBleed’ bug in the latest wave of mass cyberattacks

HanesBrands receives $20.5 million reimbursement from ransomware attack

How ChatGPT poses privacy risks for businesses

How Financial Institutions Can Address Their Top Cybersecurity Challenges

Huber Heights, Ohio, Suffers Ransomware Attack on Systems

ICBC allegedly paid ransom after hack

Increasing ransomware attacks call for contractor cyber resilience

IPStorm botnet with 23,000 proxies for malicious traffic dismantled

Jamaica reports more cases of cyber attack

Juniper networking devices under attack

LockBit ransomware exploits Citrix Bleed in attacks, 10K servers exposed

Maine says MOVEit data breach compromised the data of 1.3m individuals

Majority of Aussie businesses ready to pay cyber ransom, survey shows

Malwarebytes Labs Reveals 50% Uptick in Credit Card Skimming in Advance of the Holiday Shopping Season

McLaren Health Care data breach affects 2.2 million individuals

Medical Transcription Service Data Breach Impacts Multiple Health Systems

Meet the Unique New "Hacking" Group: AlphaLock

Microsoft fixes critical Azure CLI flaw that leaked credentials in logs

National Cyber Security Centre (NCSC): UK Facing “Enduring and Significant” Cyber-Threat

National Cyber Security Centre (NCSC) warns of enduring and significant threat to UK's critical infrastructure

New CacheWarp AMD CPU attack lets hackers gain root in Linux VMs

New Campaign Targets Middle East Governments with IronWind Malware

New Reptar CPU flaw impacts Intel desktop and server systems

New York governor wants new cybersecurity rules for hospitals after multiple attacks

Open-source software more resilient, study finds

OpenAI’s ChatGPT Targeted in Cyber Attack

OpenSea users targeted in phishing scam disguised as official NFT offers

Operator of Major Proxy Botnet ‘IPStorm’ Arrested, Pleads Guilty in US

Pharmacy provider Truepill data breach hits 2.3 million customers

PhilHealth web-based system now restored after ransomware attack

Pro-Hamas cybergang develops complex infection tactics with new downloader

Pro-Palestine APT Group Uses Novel Downloader in New Campaign

Pro-Palestinian TA402 APT Using IronWind Malware in New Attack

Python Package Index Faces Security Crisis With Validated Leaks

RansomedVC Ransomware Group is Shutting Down and Selling Assets

Ransomware attack responsible for shuttering St. Lucie County Tax Collector's computer system

Ransomware attack strikes Scottish council, disrupts public services

Ransomware Gangs Hit Debt Collection Firm and Mental Healthcare Provider

Ransomware reported as a top concern for 64% of consumers

Ransomware royale: US confirms Royal, BlackSuit are linked

Report alleges 90,875 McGraw Hill users exposed by hacker

Royal Ransomware Gang Demands $275m in a Year

Royal Ransomware has a new name after demanding $275M from 350 victims

Russia fines Google $164K for not keeping user data inside the country

Security Audits Miss Vulnerabilities As Raft Hacked For $6.7 Million

Singapore: WhatsApp Web phishing scam swindles 237 victims, resulting in $606,000 in losses

SlowMist Uncovers New Phishing Attack Using Fake Skype App to Steal Crypto

Teens with “digital bazookas” are winning the ransomware war

The evolution of ransomware: Lessons for the future

The future of banking security: how AI is transforming fraud detection in banking

The Importance of Continuous Security Monitoring for a Robust Cybersecurity Strategy

Tri-City Medical Center still recovering 5 days after cyber attack shut down emergency services

Truepill Mail-Order Pharmacy Hack Affects Nearly 2.4 Million

Vietnamese Hackers Using New Delphi-Powered Malware to Target Indian Marketers

VMware discloses critical VCD Appliance auth bypass with no patch

We’ve Come a Long Way in Cybersecurity...But There is a Long Way to Go

West Central District Health Department investigating data breach

What is a Whaling Attack in Cybersecurity?

WP Fastest Cache plugin bug exposes 600K WordPress sites to attacks

13th November

6 Ways Colleges and Universities Can Limit Cyber Risk

$27 Million in Crypto Swiped From Binance-Linked Wallet

Allen & Overy Hit By Ransomware Cyber Attack

Attackers claim Plume data breach

Australia: Cyber-Attack Could Have “Devastating” Impact on Aussie Exports

Australia: Federal Court rejects Optus' claim of privilege over Deloitte report on cyber-attack

Australia: Federal government launches Mandatory Notification of Data Breach Scheme

Australia Mandates Reporting of Ransomware Attacks by Firms

Australia ports operator back online after cyber incident

Australian ports operator recovering after major cyber incident

Boeing investigating leaked data after LockBit allegedly publishes stolen info

Booking.com Confirms Phishing Attack, Raising Concerns Over Possible Data Breach

Canadian banking tech giant Moneris says it prevented ransomware attack

Chess.com faces second data leak as threat actors target over 476,000 users

China’s biggest bank hit by LockBit ransomware; US Treasury markets impacted

Chinese cybersecurity tightening in wake of recent attacks

Chinese Hackers Launch Covert Espionage Attacks on 24 Cambodian Organizations

Chinese hackers use fake Skype app to target crypto users in new phishing scam

CISA warns of actively exploited Juniper pre-auth RCE exploit chain

CISOs vs. developers: A battle over security priorities

Coin Cloud Data Breach Exposes 300k Users: Stolen Selfies and Source Code Reportedly Compromised

Courts confirms data breach on its website

Crooks leverage Google quiz messages as part of bitcoin scam

Crypto exchange Poloniex hacked, offers 5% bounty on $114M stolen

Cyber Attack Against Australia Port Operator Causes Massive Container Backlog

Cyber crime scourge is Asia’s opportunity

Cyber insurance market attractive despite ransomware uptick

Cybergang RansomedVC shutters and sells stolen assets

Cybersecurity threatscape: Q3 2023

DeFi Platform Raft Exploited, But Hackers Likely Lost ETH

Digital landmines: Why Australia isn’t looking where it’s going

DP World: Australia sites back online after cyber-attack

DP World Australia Back Online After Cyber Attack

DP World cyberattack blocks thousands of containers in ports

DP World hack: port operator gradually restarting operations around Australia after cyber-attack

Dragos again targeted by ransomware group, this time from AlphV

Dragos cybersecurity claimed by ransomware cartel

Empowering cybersecurity leadership: Strategies for effective Board engagement

Ethereum feature abused to steal $60 million from 99K victims

EU Formalizes Cybersecurity Support For Ukraine

Five Issues Keeping CIOs Up At Night

Four days in, cyber attack continues to impact Tri-City Medical Center in Oceanside

Freight giant DP World recovers from cyber attack, but warns investigation and remediation is 'ongoing'

Gone phishing: Hackers leverage automation to launch MFA attacks and SEO poisoning

Hacker Steals $27M in Tether From Wallet Linked to Binance Deployer

Hacking the sky: planes need patching, too

Hackers Claim Industrial and Commercial Bank of China (ICBC) Paid to End Ransomware Attack

Healthcare giant McLaren reveals data on 2.2 million patients stolen during ransomware attack

Henry Schein confirms data breach, details financial impact of cyberattack

Henry Schein cuts annual profit forecast as cyber attack takes a toll

Higher education data breach threatens how well policymakers can track student progress

How can your business prepare for a cyber-attack and improve recovery times?

How IT And Security Leaders Can Strike The Right Budget Balance

How Much Your Social Media Profile Data Is Worth on the Dark Web

How Security Awareness Training Is Evolving

'Hunters International' Cyberattackers Take Over Hive Ransomware

ICBC paid ransom after hack that disrupted markets, cybercriminals say

Imperial Kitten Attacking Tech Firms with SQLi & Scanning Tools

Information-Stealing Malware Escalates in Online Gaming

Infostealers and the high value of stolen data

International Association of Sheet Metal Air Rail Transportation Workers Confirms Recent Data Breach Affecting Member SSNs

Israel warns of BiBi wiper attacks targeting Linux and Windows

Johnson Controls warns of earnings report delay due to cyberattack

Kansas Judicial Branch Slowly Restoring Court Information Amid Ongoing Ransomware Investigation

Kubernetes adoption creates new cybersecurity challenges

Lansing Community College (LCC) IT director: No ransom demands or signs of ill-gotten gains from major data breach

Law Firm Security: Why IT Must Take Control Over User Risk

Lockbit Ransomware Leaks Boeing Data Trove

Major Canadian fintech Moneris claimed by Medusa ransomware

Major Phishing-as-a-Service Syndicate 'BulletProofLink' Dismantled by Malaysian Authorities

Major ports around Australia back in action after cyberattack

Malaysian Police Dismantle “BulletProftLink” Phishing Operation

Malicious Abrax666 AI Chatbot Exposed as Potential Scam

Malicious Python packages targets developers

McLaren Health Care Hack Affected Millions; Lawsuits Pile Up

Microsoft warns LinkedIn users of fake skills assessment portals

Mr Cooper says user data was exposed in data breach

New BiBi-Windows Wiper Targets Windows Systems in Pro-Hamas Attacks

New Ransomware Group Emerges with Hive's Source Code and Infrastructure

New York’s Largest Health System Affected by Perry Johnson & Associates (PJ&A) Data Breach

OracleIV DDoS Botnet Malware Targets Docker Engine API Instances

Over a million affected by the Maine data breach

Pacific Union College discloses ransomware attack leading to massive data breach

Police Dismantle Phishing-as-a-Service Platform BulletProftLink

Ports cyber attack 'shows Australia's vulnerability'

Protection from Chip to Cloud: Tackling Emerging Security Risks in the Age of AI

Python Malware Poses DDoS Threat Via Docker API Misconfiguration

QR Code-Based Phishing Attacks are on the Rise

Ransomware attack on Ohio city impacts multiple services

Ransomware Group Leaks Files Allegedly Stolen From Boeing

Republic Bank of Chicago Notifies Thousands of Recent Data Breach Affecting Their Financial Account Information

Retail Struggling to Quash Ransomware Attacks

Retailers are struggling to combat growing ransomware attacks

Royal ransomware asked 350 victims to pay $275 million

Sandworm, a Russian Threat Actor, Disrupted Power in Ukraine Via Cyberattack

Scam or Mega Chatbot? Investigating the New AI Chatbot Called Abrax666

Success eludes the International Counter Ransomware Initiative

Sutter Health Confirms Patient Data Leaked After Vendor Reports MOVEit Vulnerability Lead to Data Breach

SysAid Zero-Day Vulnerability Exploited to Deploy Clop Ransomware

The Digital Vaccine: Empowering Users to Fight Cyber Threats

The Growing Cyber Threat To Global Shipping

The increasing impact of Artificial Intelligence on cybersecurity

The privacy pitfalls of EU's eIDAS framework

The real cost of healthcare cybersecurity breaches

The world’s biggest bank had to trade via USB stick after hack

Tips to protect yourself from text message cyberattacks

Top Cybersecurity Threats for Employee Data

US: Several services impacted after ransomware attack hits local city

Victims’ legal action over 2015 Carphone Warehouse breach moves forward

Wall Street works to recover from cyber attack that hit China’s largest bank

Weeks after Boeing attack, ransomware group leaks allegedly stolen files

West Central Health District addressing data breach

What Is Lateral Movement? Detection & Prevention Tips

World’s Biggest Bank Had to Trade Via USB Stick After Cyber Attack