Editor's Message

Welcome to DBD. 2023 has been the worst year on record for Data-Leaking Ransomware Attacks, and despite Law Enforcement gains, show no signs of slowing down. On a more positive note, our PRiSM platform continues to gain recognition and is now officially endorsed as a Ransomware Intelligence Resource by the SANS Institute. With that in mind, we would like to take this opportunity to thank you for all your very much appreciated and continued support. Stay safe. :)



Monday 27 November 2023

Data Breaches Digest - Week 48 2023

Welcome to this week's Data Breaches Digest, a catalogue of links concerning Data Breaches and Cyber Security that were published on the Internet during the period between 27th November and 3rd December 2023.


3rd December

2023’s Dark Horse Cyber Story: Critical Infrastructure Attacks

A data breach at Taj Hotels exposes the personal data of 1.5 million customers

Africa: 2023 cyberthreats landscape, next year predictions

Bangladesh: Protect Cyberspace from attacks

Breaches happen: It’s time to stop playing the blame game and start learning together

Corewell Health data breach exposes info of 1M Michigan patients

Don’t forget trust of the customer in the chaotic wake of a cyber attack

Experiencing the Digital Age: The Changes in Identity Theft Protection Services

Generative AI helping hackers mount more sophisticated attacks

How to Not Get Hacked by a QR Code

If your password features on this list you must make a simple change immediately

Linux version of Qilin ransomware focuses on VMware ESXi

Man arrested over Te Whatu Ora vaccine data breach

New proxy malware targets Mac users through pirated software

North Korea's state hackers stole $3 billion in crypto since 2017

Roblox, Twitch allegedly targeted by ransomware cartel

US Man Jailed 8 Years for SIM Swapping and Apple Support Impersonation

US-Based Discount Store Dollar Tree Suffers a Cyberattack

What Are The Benefits Of Internet Security In The Healthcare Workplace?

Which is better cybersecurity or computer forensics?

Why Are There So Many Updates To Internet Security

2nd December

23andMe Hackers Accessed Over 14,000 Customer Accounts

Agent Racoon Backdoor Targets Organizations in Middle East, Africa, and U.S.

Blue Shield of California Members’ Personal Information Stolen by Hackers

China continues Pig-Butchering Crack-down

Crypto Market Experiences Record Losses in November Due to Rising Cyberattacks: A Detailed Analysis

CTS Cyber Attack: 'What lessons need to be learned?'

Cybercriminals conduct ransomware attack, causing outages at 60 credit unions, federal agency says

Ghost-hacking: How to protect yourself from scams from beyond the grave of those you knew

Hendersonville cyberattack follows trend of hacker targets, security officials say

Iranian cyber attack targets Israeli tech used by several US bodies

Latest cyberattack on health care system has Illinois hospitals on edge

North Korean hackers have pilfered $3B of crypto over past six years

Over 20,000 vulnerable Microsoft Exchange servers exposed to attacks

Russian Hacker Vladimir Dunaev Convicted for Creating TrickBot Malware

Scores of US credit unions offline after ransomware infects backend cloud outfit

‘Shock and dismay’ after Clare College data leak

Spanish authorities detain alleged crypto fugitive

The Philippines: Cybercrime Cases Up 400% In 2023

This type of crime is growing in South Africa

Urgent warning over deepfakes that can manipulate people and three ways you can stay safe

US Health Dept urges hospitals to patch critical Citrix Bleed bug

You should probably update your Google Chrome browser this weekend

1st December

60 credit unions facing outages due to ransomware attack on popular tech provider

A Lucrative Scam: Black Basta Ransomware Gang Rakes in $107 Million

Affinity Legacy, Inc. Confirms Data Breach Affected Former Medicare Customers

Allen & Overy (A&O) remains tight-lipped over hacker ransom

Apple Issues Urgent Security Patches for Zero-Day Vulnerabilities

Apple Patches Actively Exploited iOS Zero-Days

Apple patches MacOS, Safari, and iOS products

Apple patches two zero-days used to target iOS users (CVE-2023-42916, CVE-2023-42917)

Apple secures WebKit as global ransomware attacks surge

Apple Security Update Fixes Zero-Day Webkit Exploits

As complex cyberattacks continue to rise, what should be the world's immediate focus?

BlackBerry AI detects 70% surge in new malware attacks in Q3

Blue Shield of California members’ data stolen - ‘a gold mine for thieves’

Bluetooth connections no longer private with new BLUFFS attacks

Booking.com clients prone to cyber fraud, warns analyst

Capital Health Experiencing Network Outages Amid Potential Cyberattack

Capital Health says cyber attack caused network outages at multiple hospitals in New Jersey

China: 2,430 hacking crimes investigated; 7,092 suspects arrested since 2022, effectively safeguarding cybersecurity

Chinese Hackers Using SugarGh0st RAT to Target South Korea and Uzbekistan

Coldwater Board of Public Utilities reports data breach for Plume App Users

Corewell Health Data Breach Exposes Info of One Million Michigan Patients

Critical Zyxel NAS vulnerabilities patched, update quickly

Crypto Industry Plagued by $363 Million Losses in November 2023 - Is Your Crypto Safe?

Customers of Sydney radiology clinic left uninformed following cyber attack

Cyber attack targets Israeli-made tech used by Estonian boiler houses

Cyber security analysts call the flood of cyber attacks ‘the worst in U.S. history’

Cyber security experts warn Booking.com users of ‘scam’

Cyber-attack hits conveyancing firms – what lessons need to be learned?

Cyberattack Defaces Israeli-Made Equipment at US Water Agency, Brewing Firm

Cyberattackers hit Capital Health hospitals in New Jersey

Cybercriminals are exploiting AI tools like ChatGPT to craft more convincing phishing attacks, alarming cybersecurity experts

Cybersecurity: A necessity for the sustainability of society

Cybersecurity imperative: Safeguarding medical services to prevent costly hospital disruptions

Cybersecurity Tips for Beginners to Stay Safe Online

Cybersecurity Trends Point to More Sophisticated Attacks Ahead

Daixin ransomware group claims major cyber attack on North Texas water facility

Data Breach at McCord LLC Leaks Social Security Numbers of Securities America Customers

Decoding The Taj Hotels’ Data Breach And India’s Growing Cybersecurity Battle

Delving into CEO Scams or Whaling Attacks: How to Identify and Avoid These Targeted Phishing Scams

Disruptive new wave of ransomware hits critical infrastructure

Doing More With Less: Cybersecurity Tools And Budget Efficiency

Dollar Tree Data Breach Impacting 2 Million People

Dollar Tree employees affected by third-party data breach impacting 2 Million

EU agrees on cybersecurity safeguarding regulations

Fidelity National Financial back to ‘normal business operations’ after cyberattack

Five tips to protect your private online data this festive period

Gmail fraud: How 'hackers/cybercriminals' steal your money/data; and tips to stay safe

Google Workspace Security: DeleFriend Vulnerability Could Allow Unwanted Access to APIs

Hacker behind $100M in hospital losses pleads guilty

Hackers use new Agent Raccoon malware to backdoor US targets

Here’s Why You Need Identity, Privacy, and Device Protection

HHS warns of ‘Citrix Bleed’ attacks after hospital outages

HHS-HC3 calls for immediate hospital action to protect against ‘Citrix Bleed’ vulnerability and ransomware threat

How to solve 2 MFA challenges: SIM swapping and MFA fatigue

Incident of the Week: Okta data breach affects all customer support users

IoT vulnerability reporting obligations set to apply in EU from 2027

iPhones and Macs get patches for two vulnerabilities

Lawsuit seeks payout for guests, gamblers after hack at Caesars Entertainment

Microsoft warns of new ransomware campaign by Twisted Spider group

National Cyber Security Centre (NCSC) Urges UK Water Companies to Secure Control Systems

Nearly All Maine Residents Victims of State Data Breach

New FjordPhantom Android Malware Targets Banking Apps in Southeast Asia

New malware attacks have seen a huge rise in recent months

New ‘Turtle’ macOS Ransomware Analyzed

North Korea's Supercharged State-Backed Cryptocurrency Theft

November Crypto Hack, Phishing, & Rug Pull Surge Cost Users $356 Million

Oakland-based Blue Shield cyber attack puts millions' of people's data at risk

Office of the Anglican Church of Canada’s General Synod falls victim to cyber-attack

Online shopping scams to avoid this holiday season

Orange says 2023 has been a record year for cyber extortion

Oregon Cluster Hit By Ransomware Attacks

Pennsylvania water supply hacked: How utility companies are responding in Philadelphia region

Potential 9 Million patients affected by medical transcription vendor data breach

Protecting brands from cyber threats this holiday season

Qakbot Takedown Aftermath: Mitigations and Protecting Against Future Threats

Qlik Sense flaws exploited in Cactus ransomware campaign

Ransomware Attack on Ardent Health Services Causes Disruption at Hospitals

Ransomware attacks skyrocket 81%, a look at the daily life of a threat actor

Recent Peoria-area cybersecurity headlines highlight the importance of being prepared

Report reveals sorry state of cyber security at UK football clubs

Rivers Casino Hit with Class Action in Illinois Over Data Breach Announced in November 2023

Royal Mail’s LockBit Ransomware Recovery Will Cost the Company More Than £10 Million

Russian developer of Trickbot malware pleads guilty, faces 35-year sentence

Scammers Have Just Stolen A Lil Pudgy NFT On Blur In A Phishing Attack

Smart devices to be better protected from cyber attacks after EU strikes deal

South Korea and Uzbekistan hit by new malware

Sporting-related businesses suffer from immature cybersecurity practice, according to a new report

Staples confirms cyberattack disrupting deliveries

Staples Confirms System Outage Was Due to Cyber Attack, Raising the Possibility of a Data Breach

Staples responds to cybersecurity risk, disrupting operations

Stressed Employees and Insider Threats Put Data in Danger

Suffolk Computer Security Vendor Reports Data Breach

Surgical Practice Notifying 437,400 Patients of Data Theft

Target, T-Mobile, Airbnb, United Airlines, Walmart, and Costco – Holiday Free Gift Card Scams of the Week

Temu Takes Bold Legal Action Against Phishing Sites to Protect Consumers

Thanksgiving week cyberattack detected at Fred Hutch Cancer Center

The Glaring Gap in Your Cybersecurity Posture: Domain Security

TrickBot Developer Pleads Guilty in US Court

TrickBot malware developer pleads guilty, faces 35 years in prison

U.S. Treasury Sanctions North Korean Kimsuky Hackers and 8 Foreign-Based Agents

Unhappy network professionals juggling more with less

US sanctions North Korean ‘Kimsuky’ hackers after surveillance satellite launch

VMware fixes critical Cloud Director auth bypass unpatched for 2 weeks

Whaling attacks: How CEOs are being targeted by hackers, what it is and tips to stay safe

XDSpy hackers attack military-industrial companies in Russia

Zero-Day Alert: Apple Rolls Out iOS, macOS, and Safari Patches for 2 Actively Exploited Flaws

Zyxel Releases Patches to Fix 15 Flaws in NAS, Firewall, and AP Devices

30th November

7 Uses for Generative AI to Enhance Security Operations

37% of adults change passwords following a scam

68% of US Websites Exposed to Bot Attacks

88% of IT leaders have met compliance requirements

$480M proposed class action lawsuit filed against 5 Ontario hospitals hit by ransomware attack

After a week-long outage, Fidelity National Financial confirms cyberattack is now ‘contained’

After data breach, Idaho National Laboratory publishes information about who is impacted

Airdrop Alert: Protecting Yourself from Rise of Phishing Scams

Android Banking Malware FjordPhantom Steals Funds Via Virtualization

Apple fixes two new iOS zero-days in emergency updates

Ardent Health Services says ransomware attack disrupted clinical and financial operations

Attackers could abuse Google’s SSO integration with Windows for lateral movement

Bahraini Hackers Target Bahrain Government Servers, Claim Cyber Attack In Support Of Palestinians, Response To Crown Prince's 'Unorthodox' Remarks Denouncing Hamas

Berglund Management Group Files Notice of Data Breach Affecting the SSNs of as Many as 51,514 People

Black Basta Extortion Group Racks Up $107 Million in Ransom Payments

Black Basta Ransomware Group Makes $100m Since 2022

Black Basta ransomware operation nets over $100M from victims in less than two years

BlackCat hits Henry Schein with another cyber attack

Booking.com Customers Scammed in Novel Social Engineering Campaign

British-Nigerian Hacker Pleads Guilty To $6m Fraud In US Court

Cactus ransomware exploiting Qlik Sense flaws to breach networks

CACTUS Ransomware Exploits Qlik Sense Vulnerabilities in Targeted Attacks

Canada: Government impersonation, phishing are top financial scams

Capital Health Experiences Network Outages Likely Related to Cyberattack, Raising Concerns of Possible Data Breach

Capital Health Hospitals hit by cyberattack causing IT outages

Capital Health in New Jersey Is Responding to a Cyberattack

Certis Security Australia suffers email breach

Chinese police step up fight against hackers, with thousands captured

CISA: Threat Groups are Targeting Unitronics PLCs in Water Systems

CISA urges water facilities to secure their Unitronics PLCs

Combating cybercrimes

Conti-linked ransomware takes in $107 million in ransoms

Crypto Mixer Sinbad hit with OFAC sanctions for helping North Korean hackers

Customers at risk of phishing attacks after hack, Okta warns

Cyber attack on legal services provider CTS impacted close to 200 UK law firms

Cyber attack probability

DarkCasino WinRAR Exploit: A New APT Threat Emerges

Data Breach at Tri Counties Bank Affects 74,385 Customers and Employees

Data breach report at Lakeview medical facilities asks patients to 'stay vigilant'

Defending Financial Institutions Against Mobile Threats

Dollar Tree data breach could affect millions of customers

Dollar Tree data breach exposes names, birthdates and SSNs of almost 2 million people - how to know if you’re affected

Dollar Tree grapples with third-party data breach affecting 2 million individuals

DP World Australia hit by cyber attack

Egyptian e-payment giant Fawry responds to LockBit ransomware breach

Executives behaving badly: 5 ways to manage the executive cyberthreat

Failure of technology to detect attacks is a prime cause of breaches

Fixing the cyber world’s weakest links

FjordPhantom Android Malware Targets Banks With Virtualization

FjordPhantom Android malware uses virtualization to evade detection

Fortune-telling website exposes 13M+ user records

Forward Bank Notifies 46,019 Customers of Recent Data Breach

Fraudsters have a new use for generative AI: Phishing

Google issues an emergency update to fix yet another zero-day exploit for Chrome. Here's what to know

Half of Australians hit by data breach in past 12 months

Heart Internet: Concerns as people get wrong emails

Hendersonville City System Targeted In Cyber Attack Employee Data Potentially Compromised

Henry Schein restores US e-commerce platform following a BlackCat ransomware attack

How does IOT tunnelling relate to zero trust networking?

How to safeguard your private equity investments in the ransomware age

HR data analytics firm Zeroed-In says data breach impacted close to two million people

Hundreds of medical records 'inappropriately accessed' by Somerset hospital worker

India Fifth Most Attacked Country By Cyber Criminals

Japan’s JAXA space agency admits cyberattack

KyberSwap hacker demands complete control over Kyber company

Latest severe Chrome bug prompts CISA warning

Leading imaging and diagnostics provider crippled by cyber attack

LogoFAIL bugs in UEFI code allow planting bootkits via images

Long Beach: Some City Data Accessed During Cyber Attack

Lucy’s Toys Back On-Line After Hacker Attack

Man and machine: Teaming up to fend off cyber threats

Manufacturing Top Targeted Industry in Record-Breaking Cyber Extortion Surge

Miami mobster jailed over $4 Million crypto theft

More cyber-attacks coming warns Gloucester City Council leader

More than $100 million in ransom paid to Black Basta gang over nearly 2 years

New Jersey health system says outages are likely result of cyber attack

New Securities and Exchange Commission (SEC) Rules Allow Ransomware Crews to be Cop and Robber

New York Attorney General Issues Consumer Alert Regarding Perry Johnson & Associates (PJ&A) Healthcare Data Breach

North Korea's Lazarus Group Rakes in $3 Billion from Cryptocurrency Hacks

North Korean Hackers Amass $3bn in Cryptocurrency Heists

North Texas water utility the latest suspected industrial ransomware target

Okta Admits All Customer Support Users Impacted by Breach

Okta admits data breach impacts all customer support users

Okta alerts customer support system users to data breach

Organizations can’t ignore the surge in malicious web links

Prepare for your worst day: How to create a cyber incident response plan

Proactive Meets Reactive: Cyber Insurance And Warranties For SMBs

Protecting From The Core: The Power Of Agentless OS Security

Psychiatry Associates of Kansas City Files Notice of Data Breach with Federal Government

Ransomware Attacks up 81% Year-on-year in October

Ransomware group 'Black Basta' has raked in more than $100 million

Real-World Lending Project Florence Finance Suffers $1.45 Million Phishing Attack

RedLine Stealer Malware Deployed Via ScrubCrypt Evasion Tool

Rhysida ransomware group hacked King Edward VII’s Hospital in London

Russia-linked Black Basta ransomware has extorted at least $100 million

Scottish council pleads for emergency cash after catastrophic cyber attack by hackers

Securing the Future

Sensitive data stolen from Aegean University leaked to dark web

Sexual health and fertility details leaked in Australian Clinical Labs (ACL) data breach

Singapore: Scammers exploit fake Ninja Van delivery notices in email phishing scam

South Africa: Information Regulator demands answers from TransUnion, Experian on alleged hack

Southwestern Ontario hospitals facing $480M class action after patient data breached, sold on dark web

Staples confirms cyberattack behind service outages, delivery issues

Survey shows AI-powered cybersecurity tools adoption uncertainty

Suspected China-based hackers target Uzbekistan government, South Koreans

Thales Data Threat Report: Financial Organizations 13% More Likely to Suffer a Ransomware Attack than Other Sectors

Thanksgiving hack on North Carolina city caused leak of employee data

The British Library Confirms Cyber Attack; Leaked Personal Data Now Trading on the Dark Web

Thousands of Dollar Tree Staff Hit by Supplier Breach

Threat Actor Claims to Have Stolen DARPA Files From General Electric (GE), Data Theft Remains Unconfirmed

U.S. Treasury Sanctions Sinbad Cryptocurrency Mixer Used by North Korean Hackers

Understanding DNS-Based Threats and How They Impact Your Business

“Unhinged” Kyber Hacker Demands Complete Control Over the DEX

US: Nationwide data breach leaves 1 million Corewell Health patients' information vulnerable

US car dealer admits data breach

US government sanctions North Korea’s Kimsuky hacking group

US Sanctions North Korean Cyber Unit After Satellite Launch

Venafi forecasts rise of '1000x developer' & hacker threats

What is spear phishing? Don’t fall prey to this type of cyber fraud

When ransomware hits hospitals, how can they protect patients?

Why are Organizations Failing to Detect Cybersecurity Threats?

Why businesses should be extra wary of cybercriminals this festive shopping season

Why the cyber attack arsenal is growing and becoming harder to predict

‘You don’t hack systems. You hack people’: A look at cybersecurity in the Philippine landscape

Zyxel warns of multiple critical vulnerabilities in NAS devices

29th November

5 resolutions to prepare for Securities and Exchange Commission’s new cyber disclosure rules

5 Security Risks of Responsive Web Design

200+ Malicious Android Apps Targeting Iranian Banks

A Fifth of UK SMBs Can’t Spot Scams

AI Boosts Malware Detection Rates by 70%

Allianz cyber head warns ransomware is "back with a vengeance"

Alps Alpine North America Confirms July 2023 Ransomware Attack Resulted in Data Breach Involving Employee SSNs

Arrests Made in Phishing Campaign Targeting myGov Accounts

Australia: Criminals target government with record cyber attacks

Black Basta ransomware made over $100 million from extortion

British Afrobeat singer pleads guilty to stealing $6 million in hacks on financial accounts

British Library confirms customer data was stolen by hackers, with outage expected to last ‘months’

British-Nigerian hacker pleads guilty to $6m fraud in US court

CISA warns of attacks on Unitronics tool used by water utilities, wastewater systems

Cloud storage vulnerable to ransomware attacks

Companies Lose $2.1M on Average to Each Online Attack

Cyber attacks trigger job creation in 60% of Australian businesses

Cybercops bust ransomware gang that made "hundreds of millions"

Cybercriminals expand targeting of Iranian bank customers with known mobile malware

Cybercriminals Exploit ActiveMQ Flaw to Spread GoTitan Botnet, PrCtrl Rat

Cybercriminals will prey on unwary consumers this festive season

Decentralized exchanges Velodrome and Aerodrome warn users of DNS attack

DeleFriend Weakness Puts Google Workspace Security at Risk

Digital wallets and the rise of the identity trojan

District reprimanded over ‘potentially dangerous’ data breach

DJVU Ransomware's Latest Variant 'Xaro' Disguised as Cracked Software

Dollar Tree Data Breach Impacts Millions

Dollar Tree hit by third-party data breach impacting 2 million people

Festive season alert: Rising cybercrime threatens businesses

GenAI and its impact on payment fraud

General Electric (GE) leaked data has been sold, hacker claims

Germany: Far-Left Activists Target Alternative für Deutschland (AfD) Members in Phishing Scam

Gone phishing: be aware of business email compromise

Google fixes Chrome zero day exploited in the wild (CVE-2023-6345)

Google Fixes Sixth Chrome Zero-Day Bug of the Year

GoTitan Botnet and PrCtrl RAT Exploit Apache Vulnerability

GoTitan Botnet Spotted Exploiting Recent Apache ActiveMQ Vulnerability

Hacker claims theft of Shadowfax users’ information

Hackers breach Israel intelligence group's website

Hackers breach US water facility via exposed Unitronics PLCs

Hackers Exploit Critical Vulnerability in ownCloud

Hamas-Linked Group Revives SysJoker Malware, Leverages OneDrive

Holiday Shopping: Tips and Best Practices to Help you Stay Secure

How do trusted compute units address new era of data center ransomware?

Industrial and Commercial Bank of China (ICBC) attack yet another wake-up call for MENA financial institutions

Intel Reptar Flaw Patch For CPU Vulnerability Released

Iranian Hackers Exploit PLCs in Attack on Water Authority in U.S.

Japan's space agency hit by cyberattack

Japan's space agency suffers cyber attack, points finger at Active Directory

Japanese Space Agency JAXA hacked in summer cyberattack

Kansas Judicial Branch says October data breach impacted all district and appellate courts

Keep data safe or pay the price

KidSecurity’s user data compromised after app failed to set password

KyberSwap DEX hacker sends an on-chain message: Be nice, or else

Law enforcement dismembers major ransomware operation in Ukraine

Medical test company’s ‘serious and systemic failures’ led to cyber-attack, watchdog says

NDIA (National Defense Industrial Association) staffer charged after data breach

New Jersey, Pennsylvania hospitals affected by cyberattacks

North Korean Threat Groups Mixing Tactics to Evade Detection

Okta: October data breach affects all customer support system users

Okta breach: Hackers stole info on ALL customer support users

Okta breach impacts all of its customers

Okta Discloses Broader Impact Linked to October 2023 Support System Breach

Okta security breach affected all customer support system users

OwnCloud “graphapi” App Vulnerability Exposes Sensitive Data

Pakistan Telecommunication Authority (PTA) Issues Cyber Security Advisory On D-Link Data Breach

Password authenticator Okta says hackers stole names and email addresses of all its customer support users

Patching: A Necessity in a World of Ransomware

Pennsylvania water facility hit by Iranian hackers

PoCs for critical Arcserve UDP vulnerabilities released

Queensland passes mandatory data breach notice laws

Rackspace Ransomware Attack Losses Could Surpass $11 Million

Ransomware attack disrupts multiple US hospital ERs

Ransomware attack disrupts operations at Ardent Health Services

Researchers say Russia-linked ransomware group has raked in more than $100 million

Scammers impersonating Wisconsin Department of Transportation (WisDOT) and DMV in new phishing attack

Scammers scammed by scam GPTs: AI has not revolutionized cybercrime

SIM swapper gets 8 years in prison for account hacks, crypto theft

South Korean Authorities Bust Elaborate Voice Phishing Syndicate

Stanley Steemer class action alleges data breach affects current, former customers

Strategies for cultivating a supportive culture in zero-trust adoption

Temu Wins Preliminary Court Injunctions Against Phishing Sites in Major Effort to Protect Consumers from E-Commerce Scams

Texas water utility claimed by ransom gang

Texas Wesleyan University faces data breach, exposing student information

The biggest cyber security attacks in November

The challenges of securing the healthcare sector

The Essential Cyber Security Overview: Safeguarding Your Digital Life

Ukraine hacks into Russian media database

Ukrainian gets 8-year sentence for running marketplace for Americans' data

US Seizes Bitcoin Mixer Sinbad.io Used by Lazarus Group

US seizes Sinbad crypto mixer used by North Korean Lazarus hackers

US Treasury sanctions Sinbad cryptocurrency mixer used by North Korean hackers

Voice Phishing: How to Protect Yourself from Phone-Based Scams

Weald of Kent Grammar School in Tonbridge issues warning to parents after cyber attack which sees ‘indecent image’ shared

Why Ransomware Could Surge in the Middle East & Africa

Zero-Day Alert: Google Chrome Under Active Attack, Exploiting New Vulnerability

Zoom Vulnerability Allowed Hackers to Take Over Meetings, Steal Data

28th November

5 Tips to Defend Against Access Brokers This Holiday Season

97% of CIOs Troubled by Cybersecurity Threat

About 4 million New Yorkers impacted by medical company's data breach, New York Attorney General Letitia James says

About 77% Of Organisations Fall Victim To Repeated Cyberattacks

AI tools such as ChatGPT are generating a mammoth increase in malicious phishing emails

Almost two million affected by data company Zeroed-In Technologies breach

AlphV/BlackCat gang allegedly behind Fidelity ransomware attack

Americans Receive Two Billion Spam Calls Per Month

Ardent confirms hospitals disrupted over ransomware attack

Ardent Health Services Grapples With Ransomware Disruption

Are you reducing your exposure to cyber attacks?

AT&T Gets Largest Ever Federal Communications Commission (FCC) Fine Over Data Breach

Attorney General James Warns New Yorkers Impacted by Medical Company’s Data Breach of Potential Identity Theft

Australian SMBs Feel the Cyber Security Heat: Here’s What IT Pros Can Do to Help

Big Brothers Big Sisters of America (BBBSA) reports data breach impacting sensitive consumer information

BlackBerry report reveals 70% surge in cyberattacks, financial sector most affected

Bots make up 30% of internet traffic

CKF Addiction Treatment Files Notice of Data Breach with Federal Government

Code4arena X account compromised, used for Paradigm endorsed phishing scam

Critical ownCloud flaw under attack (CVE-2023-49103)

Crypto Trading Firm Kronos Research Offers 10% Bounty to Hacker

Culbertson Memorial Hospital Files Notice of Data Breach Following May 2023 Cyberattack

Cyber attack hits North Texas Municipal Water District

Cybercriminals Hesitant About Using Generative AI

Cyber-attack closes hospital emergency rooms in three US states

Cyber-attack has left employees vulnerable, admits DP World Australia

Data hack problems continue to plague a major distributor of dental products

Deepfake Digital Identity Fraud Surges Tenfold, Sumsub Report Finds

Defend Against Cyber Threats: Understanding Each Ransomware Type

Design Flaw in Google Workspace Could Let Attackers Gain Unauthorized Access

Design flaw leaves Google Workspace vulnerable for takeover

Digital fatigue is increasing cyber risks in modern workplaces

Dozens of conveyancing firms paralysed by cyber attack

DP World confirms data stolen in cyberattack, no ransomware used

DP World Says Australian Employee Data Stolen in Attack

Emergency room patients forced to seek life-saving care elsewhere after ransomware attack

English council spent £1.1 million recovering from ransomware attack

Ethyrial: Echoes of Yore Hit by Ransomware, Player Accounts Deleted

Europol shutters ransomware operation with kingpin arrests

Europol, Ukraine police arrest alleged ransomware ringleader

Experts warn of critical ownCloud vulnerability being exploited

FBI and CISA Issue Advisory on Scattered Spider Ransomware Attacks

General Electric faces alleged breach with DARPA-linked data compromise

General Electric Investigates Claims of Cyber Attack, Data Theft

Google Chrome emergency update fixes 6th zero-day exploited in 2023

Google Workspace Vulnerable to Takeover Due to Domain-Wide Delegation Flaw

Government impersonation, phishing are top financial scams

Granger Medical Clinic Targeted in Alleged Ransomware Attack

Hackers Can Exploit 'Forced Authentication' to Steal Windows NTLM Tokens

Hackers On Telegram Using THIS Trick For Phishing Scams

Hackers start exploiting critical ownCloud flaw, patch now

Hackers Target K&K Glass (Auto Glass Now)

Healthcare manufacturer Henry Schein expects platform restored this week after cyberattack

High-profile ransomware gang suspects arrested in Ukraine

Holiday Season Increases Cybersecurity Risks

Hospital system that operates in 6 states is victim of cyberattack

How Hackers Phish for Your Users' Credentials and Sell Them

How to use intelligence on failed ColdFusion attack to bolster your ransomware defenses

Huber Heights ransomware update: income tax online; water billing system repairs almost completed

Identifying and combating sophisticated phishing emails

Instagram trickster jailed after stealing $740K

International collaboration leads to dismantlement of ransomware group in Ukraine amidst ongoing war

International Phishing Net Targets Australian Government's Web

Ireland: Department of Health welcomed level of data breach fine

Ireland: Law Society issues phishing warning over fake emails

Key Cybercriminals Behind Notorious Ransomware Families Arrested in Ukraine

'Key' Ransomware Suspect Arrested In Ukraine

Lawsuit accuses University of Iowa Health System of negligence for data breach

LockBit claims cyberattack on India’s national aerospace lab

LY (Line) Confirms Massive Data Breach Exposing 440,000 User Records

Minimizing Risk Between a Zero-Day Attack and the OS Patch

Montclair Hospital Targeted in Thanksgiving Day Cyber Attack

National Disability Insurance Agency (NDIA) data breach claimed to impact 11,000 "records"

New BLUFFS attack lets attackers hijack Bluetooth connections

North American auto supplier Yanfeng claimed by Qilin ransom group

North Korean Hackers 'Mixing' macOS Malware Tactics to Evade Detection

North Texas Municipal Water District reports cyber attack

North Texas water utility serving 2 million hit with cyberattack

NXP was hacked by China for years

Organizations Must Embrace Dynamic Honeypots to Outpace Attackers

Pennsylvania hospital hit by data breach affecting 169K

Phishing makes up 43% of email attacks

Police bust ransomware ring behind attacks in 71 countries

Police Bust Suspected Ransomware Group Ringleader in Ukraine

Police dismantle ransomware group behind attacks in 71 countries

Premiere Health data breach may expose SSN, Medicare and Medicaid information

Proliance Surgeons Announces Cyber Attack Resulting in Data Breach

Puget Sound-area surgical group says security breach might have exposed patient data

Qilin ransomware claims attack on automotive giant Yanfeng

QR Code Phishing – What Is It?

Ransomware attack prompts multistate hospital chain to divert some emergency room patients elsewhere

Ransomware gang broken up in Ukraine as a result of international operation

Ransomware group dismantled in Ukraine in a major international operation supported by Eurojust and Europol

Ransomware hackers 'wreaking havoc' arrested in Ukraine

Real Estate Deals Impacted by Cyberattack on Fidelity National Financial

Ringleader of Ransomware Group in Ukraine Arrested

Rising cybersecurity threats push shift from passwords to passkeys

Safeguarding Against Security Misconfigurations with the Power of Machine Learning

Scope of British Library data breach widens

Scots NHS Board Receives Reprimand from ICO for Data Breach

SEO Poisoning Brings Users to Attackers’ Doors

Shimano Was the Victim of a Ransomware Attack and Didn’t Pay the Ransom. Hackers Then Published a LOT of Data

Slovenian Electrical Utility HSE Suffers Ransomware Attack

Slovenian power company hit by ransomware

SMBs face surge in “malware free” attacks

Stop panic buying your security products and start prioritizing

Texas Wesleyan University Hit by Data Breach

Thanksgiving Day Healthcare Cyberattack Impacts Hospitals Across Multiple States

The Necessity of Security Best Practices When Implementing Generative AI

Thousands of secrets lurk in app images on Docker Hub

Title Insurer to Pay New York $1 Million Penalty Over 2019 Data Breach

UK local councils struggle with handling cybersecurity ― but they can overcome challenges

Ukraine Hacks Russia’s Aviation Agency, Claims “Aviation Cannibalism”

Ukraine Police Dismantle Major Ransomware Group

Ukrainian ransomware gang behind high-profile attacks dismantled

Undetected Android Trojan Expands Attack on Iranian Banks

Using Credit Cards for making payments? Follow these steps to protect your data online

WalkMe files patent for the method and system which detects phishing attacks

Why our digital data is at risk

Why Your Organization Needs Comprehensive Cybersecurity Awareness

ZeroedIn Technologies Notifies 1.9 Million Consumers of Data Breach Affecting Their SSNs

27th November

2 New Jersey hospital emergency rooms diverting ambulances after ransomware attack

5 Non-Technical Tips to Protect Employees from Cyberattacks

A reality check on email security threats in healthcare

Advanced Persistent Threat (APT) groups and how they can ruin your business

AI systems ‘subject to new types of vulnerabilities,’ British and US cyber agencies warn

Ardent hospital ERs disrupted in 6 states after ransomware attack

Australia: Government to issue ‘ransomware playbook’

Australia directs businesses to apply critical security patches faster

Australian Federal Police (AFP) intelligence leads to eight arrests over phishing kits

Averting cybersecurity risks by protecting company data

Beware: Phishing Scam Targets Crypto Investors Posing as Nansen Platform

Bitcoin holder claims hacker stole 139 BTC, paid record $3m in fees

BlackCat Ransomware Group: A History of High-Profile Attacks

Boeing confirms LockBit ransomware attack

Business email financial fraud, what is it, tips to stay safe and what to do if you've paid

Busting 6 Myths About Mobile Device Security

Cactus: Defending against a ransomware newcomer

Chinese-linked hackers breach NXP, Europe’s largest chipmaker

Clear Spring Life and Annuity Company Announces Data Breach Following Ransomware Attack

Clicker Beware: New Study Reveals the Crypto Search Terms and URLs Most Likely to Contain Malware

Crypto phishing kit Inferno Drainer shuts down after enabling over $80M in scams

Cyber attack on managed service provider potentially affects hundreds of law firms

Cyberattack hits Slovenia’s largest power utility

Cyberattack on legal tech provider causing widespread disruption to UK law firms

Cyberattack on US hospital owner diverts ambulances from emergency rooms in multiple states

Cybercriminals Disable Logs in 82% of Attacks

Cybersecurity Incident Hits Fidelity National Financial

DarkGate and Pikabot Copy the QakBot Malware

Data De-Identification: Balancing Privacy, Efficacy & Cybersecurity

Data professionals divided on ransomware response

Don’t scan the scam: Staying protected against quishing emails

E-commerce is used a lure for 43% of phishing attacks

Experts Uncover Passive Method to Extract Private RSA Keys from SSH Connections

FBI And CISA Warn Of Rhysida Ransomware Threat

Fidelity National Financial faces operations disruption post cybersecurity incident

GCHQ investivgates attack on royal hospital

General Electric Investigates Alleged DARPA Breach

General Electric investigates alleged data breach into confidential projects

General Electric Probes Security Breach as Hackers Sell DARPA-Related Access

Gloucester City Council reprimanded over cyber attack

Golfzon hit by ransomware attack

Guarding the Grid: Navigating the Current and Future Landscape of Utility Cybersecurity

Guarding Your Business: Ransomware Security and Data Recovery

Gulf Air confirms data breach without impact on critical systems

Gulf Air hit with data breach, customer data possibly affected

Hackers compromised sensitive data of Rivers Casino employees and customers

Hackers target Europe’s grid, Ukraine to use new Cisco device for protection

HC3 Warns Healthcare Sector of Persisting Emotet Malware Threats

Healthcare giant Henry Schein hit twice by BlackCat ransomware

Henry County Schools working to restore systems following cyber attack

Henry Schein Again Restoring Systems After Ransomware Group Causes More Disruption

How businesses can combat rising fraud and cybercrime

How to Fortify Email Security in 2023 and Beyond

How to Protect Your and Your Customers’ Communications from the Threat of Cyber Crime

HTX Restores Services after $30M Hack but Justin Sun’s Platform November Security Breaches Raise More Concerns

Huber Heights provides update on cyber attack, says some services restored

India ranked 10th globally in data breach rankings in Q3 2023

Insider Attack: 5 Techies Held for Stealing Client Data from Chennai Firm

International Paper Company Group Health and Welfare Plan Announces Data Breach Affecting 78,692 Plan Members

Iranian hacker group Cyber Av3ngers hacked the Municipal Water Authority of Aliquippa in Pennsylvania

Is cyber insurance worth the effort?

Japan's top messaging app gets hacked

K&K Glass (Auto Glass Now) Reports Leaked Social Security Numbers Following Data Breach

KyberSwap says $54.7 million of user cryptocurrency stolen during attack

KyberSwap Says Hackers Stole $55m in Crypto

Line app owner flags data breach that may involve 440,000 items of personal information

Long recovery times after cyberattacks could annihilate your organization

Meta Platforms Encounters Another Data Breach Claim From Users

Mission Community Hospital Notifies Patients of Recent Data Breach Involving Their Social Security Numbers

More than half admit to ignoring cybersecurity alerts due to information overload at work

Multiple hospitals divert ambulances after ransomware attack on parent company

New Armenian phishing attacks on Azerbaijani citizens revealed

North Korean Hackers Disguise as South Korean Government Agencies to Steal Cryptos

North Korean supply chain attacks ‘growing in sophistication and volume’

Northwell Health class action alleges data breach affected almost 4M individuals

Notorious ransomware gang takes credit for cyberattack on Fidelity National Financial

Officials Beware: Cyber Perpetrators Target High-Ranking Government Authorities

Only 4% of UK housing associations feel sector is fully prepared for ransomware attack

Open University of Cyprus fined €45,000 for data breach

Over 25k People Affected by Data Breach at Big Brothers Big Sisters of America

ownCloud file sharing app faces admin passwords breach due to critical bug

Pennsylvania water authority hit with cyberattack allegedly tied to pro-Iran group

Potential data breach at Taj Hotels exposing personal info of 1.5 million customers

Proof-of-Concept (PoC) for Splunk Enterprise RCE flaw released (CVE-2023-46214)

Protect your devices from cyberattacks

Ransomware attack affecting Hillcrest hospitals

Ransomware attack on indie game maker wiped all player accounts

Ransomware Hits About 73% of India’s Mid, Large Companies In 2023

Ransomware Impacts Health-Care Systems in Six States

Ransomware-hit British Library: Too open for business, or not open enough?

Recent Ransomware Against Delaware Life Insurance Company Results in Data Breach Affecting Consumers’ SSNs

Recognising and resisting social engineering attacks

Robeson Health Care admits data breach

Scattered Spider hops nimbly from cloud to on-prem in complex attack

Simulated phishing: Uncovering vulnerabilities for better cyber security

Slovenia's largest power provider HSE hit by ransomware attack

Small Business Cybersecurity Hampered by Fear of Change, Judgement

Somerset NHS Foundation Trust contacts patients about data breach

Suspected Hamas-linked hackers target Israel with new version of SysJoker malware

SysJoker Malware: Hamas-Related Threat Expands With Rust Variant

Texas Wesleyan University Confirms Data Breach Following Unauthorized Access to Computer Network

The Impact of a Ransomware Attack on a Kansas Hospital

The quest for email privacy in a world full of trackers

The rise of Ransomware attacks within the Legal industry

The Role of Stronger Authentication in Protecting Rewards Programs

The Synergy Of SASE And Zero-Trust For Critical Infrastructure

The US Government’s Crypto Seizures

Third-Party Cyber Incident Response: Four Best Practices From A Former CISO

Tips to avoid online shopping scams on Cyber Monday and beyond

Toyota Financial Services confirms data breach

Two New Jersey hospitals shut down emergency rooms, divert ambulances due to cyber attack

U.S., U.K., and Global Partners Release Secure AI System Development Guidelines

UK insurer targeted by cyber attack

UK Publishes First Guidelines on Safe AI Development

Ukraine claims cyber operation against Russian aviation agency

Ukraine intelligence takes credit for Russia’s aviation agency hack

Ukraine says it hacked Russian aviation agency, leaks data

Ukraine’s Volunteer IT Army Confronts Tech, Legal Challenges

Vulnerability disclosure: Legal risks and ethical considerations for researchers

West Suffolk Council: Fears that £52k phishing scam could force council tax up

What a failed attack against ColdFusion revealed about ransomware tools and tactics

What Financial Services Organizations Need to Know About Zero Trust Maturity

What part of ‘get rid of my data’ don’t companies get?

Why it’s the perfect time to reflect on your software update policy