Editor's Message

Welcome to DBD. On March 8th we celebrated our 4th Anniversary and the 1st Anniversary of our PRiSM application, officially endorsed by the SANS Institute. Despite recent personal issues that have impacted the amount of time I have been able to dedicate to both projects, I have been doing my best to keep everything as up-to-date as possible, and I would like to take this opportunity to thank everyone for their patience and support whilst I navigate through this very difficult time. Stay safe. :)

Monday 4 December 2023

Data Breaches Digest - Week 49 2023

Welcome to this week's Data Breaches Digest, a catalogue of links concerning Data Breaches and Cyber Security that were published on the Internet during the period between 4th December and 10th December 2023.

10th December

18-year-old hacker who caused £7m damage to Grand Theft Auto 6 when he stole a code vows to return to crime when he is released from jail

Ahead of the Curve: Reinventing Policing Strategies for the Cybercrime Era

Apple study shows 2.6bn personal records compromised by data breaches in past two years

Beyond phishing: The top employee security risks you're probably not measuring

Blue Waters hit by cyber attack

Calls for Australians to report ransomware attacks

Companies, individuals must protect themselves from cyberattacks

Confidential Material Disposal: How To Ensure Data Security

Cybersecurity: Building ransomware resilience

Cybersecurity in India: Analysing data breaches as a reflection of mismanagement

Electronic Weapons: Iranian Perpetual Cyber War

Fake hotel reservation phishing scam uses PDF links to spread MrAnon Stealer

Hackers allegedly attacking Lotto website to expose jackpot winners

How to protect yourself from Amazon fraud

How To Tell If Your Smartphone Has Been Hacked

HP Reveals Cybercriminals’ New Tactic: Malware ‘Meal Kits’ Threatening Business Security

Malaysia: Forensic investigation into Socso data breach ongoing

Not so clear but present danger: First responders express cybersecurity concerns in new survey

Over 30% of Log4J apps use a vulnerable version of the library

QR Reader Apps With Embedded Malware Discovered On Google Play

Russian cyber actor Star Blizzard continues to refine tradecraft to evade detection

Scammers start using deepfake videos to extort money from the gullible

Social Engineering Attacks and Prevention

Top White House cyber aide says recent Iran hack on water system is call to tighten cybersecurity

Warning issued to all Royal Mail customers as Christmas approaches

What Is A Malware Protection?

What Is Malware Protection Client?

White House aide says Iranian hack of US waterworks is call to action

Why the 23andMe Data Breach Is Such a Disaster

9th December

6 Predictions About Cybersecurity Challenges In 2024

After Being Released from Jail, A Hacker for Grand Theft Auto 6 has Vowed to Continue Committing Crimes

All digital services of the Yucatan government are restored after cyber attack

Assess your SMB cybersecurity defences at warp speed

AutoSpill attack steals credentials from Android password managers

BlueWaters breach and data dump announced by LockBit3

British warning of Russian email attacks

Calls for Australians to report ransomware attacks

Data Breach at Hershey Company Affects Thousands of Customers

Data Breaches and Cybersecurity: What Businesses Need to Know

DDoS Attacks on Rappler Linked to Proxy Service Providers in US and Russia

Educating Users: Promoting Awareness and Best Practices for Facebook Security

Endpoint Security: Protecting Your Digital Doors, What it is? Why it is Important

Esterhazy community pulls together from preschool cyber attack

Following cyberattack, Ardent Health Services works toward recovery

Hacker Allegedly Steals $25 Million Worth Of Crypto, Spends Most Of It On Magic: The Gathering (MTG) Cards

Hacktivists hacked an Irish water utility and interrupted the water supply

How can cyber threats affect Kiwi businesses?

How to Navigate the Threats to India's Critical Digital Infrastructure

Kyberswap comes to the rescue of hack victims, Platypus hacker walks free

Latest Ransomware Attack Targets Sabre UK, Restar, and Citizens Bank of West Virginia

‘LogoFAIL’ vulnerabilities may affect 95% of computers, researchers say

New ‘Hello Mom” scam hitting Ontario

Norton Healthcare says summer cyber security breach was a ransomware attack

Protecting Your Identity: How to Safeguard Yourself Against Identity Theft

Researchers Unveil GuLoader Malware's Latest Anti-Analysis Techniques

Seattle cancer center confirms data breach, cyber criminals threatening patients

SLAM Attack: New Spectre-based Vulnerability Impacts Intel, AMD, and Arm CPUs

The Escalating Need for Cybersecurity in Healthcare: A Look into the Future

The Importance of Data Privacy and Consent in the Digital Health Era: A Case Study on Kroger’s Alleged Health Data Breach

The Jameliz Leak: Unveiling the Controversial Data Breach

The new iPhone security threat that allows hackers to spy on your phone

The Urgent Need for Enhanced Cybersecurity in Healthcare: An Insight into the Exposure of Millions of Patient Records Online

Tri-City Hospital hit by ransomware

Understanding the Implications of Privacy Breaches in the Digital Age

8th December

9 Prime Healthcare Hospitals Affected by MOVEit Data Breach

23andMe scrambles to update user terms of use to avoid lawsuits

90% of Energy Companies Experienced Third-Party Breach

600K People Impacted by 2023 East River Medical Imaging Data Breach, Lawsuit Says

Adobe products continuously targeted for phishing attacks

AeroBlade Threat Actor Spies On U.S. Aerospace Industry

AI drives holiday phishing scams, as well as email defenses

Aim for a modern data security approach

Akira Ransomware Strikes Again: Compass Group Italia and Aqualectra Utility Hit by Data Breach

‘Alarming’: North Korea’s hackers target South’s defence technology to fund weapons programme

Alert fatigue puts pressure on security and development teams

ALPHV Ransomware Site Outage: What We Know So Far

ALPHV ransomware site outage rumored to be caused by law enforcement

Amazon sues REKK fraud gang that stole millions in illicit refunds

Android Device Owners Warned of Password Manager Data Leak

Apple: 2.6 billion user records exposed, end‑to‑end encryption wins

Bluetooth Vulnerability Enables Keystroke Injection on Android, Linux, macOS, iOS

Bringing Resilience to the Cloud With Zero Trust

Business Credibility: The True Cost of a Data Breach

Cambridge University Hospitals CEO apologises following patient data breaches

Canada: Saskatchewan Lifelabs patients could be eligible for up to $150 in compensation for cyber attack

Canadian mid-sized firms pay an average $1.13 million to ransomware gangs

Carpet cleaning giant admits data breach

Carpet cleaning giant Stanley Steemer reports data breach affecting 68,000 individuals

Central Virginia transit system affected by cyber incident

CISA adds Qlik bugs to exploited vulnerabilities catalog

Citizens Bank of West Virginia Hit by LockBit Cyberattack, Deadline Looms

Community Healthcare Network Notifies Patients of Data Breach Following “Major Network Disruption”

Could the British Library cyber-attack bridge a social divide?

Cracked macOS Software Laced with New Trojan Proxy Malware

Cyber hit on California hospital involves ransomware, says gang

Cyber-attack puts more than one million Michigan residents at risk

Cybersecurity downsizing: 47% of organizations planning to reduce teams

Data breach at WellTok potentially impacts Guthrie Clinic patients in Southern Tier

Data breaches fallout reach new heights as the number of exposed records soars

Dollar Tree Third-Party Data Breach Exposes Sensitive Data of Nearly 2 Million Employees

Educational Institutions at Risk Due to Improper Authorization Vulnerability in Confluence Data Center and Server

Extent of Damage in Huber Heights Cyber Attack Unknown

FBI explains how companies can delay Securities and Exchange Commission (SEC) cyber incident disclosures

Federal Trade Commission (FTC) Announces Enforcement Action Against Global Tel*Link Corporation for Unfair Data Security Practices and Inadequate Data Breach Notifications

Founder of Bitzlato Cryptocurrency Exchange Pleads Guilty in Money-Laundering Scheme

Fred Hutch confirms data breach, cyber criminals threatening patients

Geopolitics to Blame For DoS Surge in Europe, Says ENISA

Glendale School District Recovering from Cyber Attack

Grand Theft Auto 6 (GTA 6) leak hacker in court with new details revealed

Group-IB uncovers new Linux RAT targeting Thai company networks

Hacker claims to leak customer inquiries from Granvue Homes

Hacker selling fake CBI documents on Dark Web for $1300

Healthcare entities ‘must overcome cybercrime’ as data breach costs exceed $9.1 million

Hellenic Post Data Breach: Anonymous Collection Claims Cyberattack on Greece’s National Postal

Henry Schein says 29K people affected in September cyber incident

HHS Settles First Phishing Attack Investigation With Louisiana Medical Group

Holiday scams: How thieves can steal your money and identity through fake websites and phishing

How Seven Billion Smartphones Could Impact Data Center Sustainability

Identity Fraud Rises as E-Commerce, Payment Firms Targeted

Incident of the Week: HTC confirms cyber attack as BlackCat ransomware gang teases stolen data

India: ‘Hacker selling fake Central Bureau of Investigation documents on Dark Web for $1300’

India: Nationwide alert sounded as hacker group plans ‘cyber party’ to attack India’s critical digital infrastructure

Information Commissioner’s Office (ICO) Warns of Fines for “Nefarious” AI Use

Interpol uncovers cyber scams backed by global human trafficking

Ireland Christmas scams: Expert guide to outsmart cybercriminals as festive shoppers targeted

Lafourche Medical Group to pay $480K in landmark HHS phishing action

Lazarus Group Attacking Crypto Users Via Telegram to Deploy Malware

Leader of Russian hacktivist group Killnet ‘retires,' appoints new head

LockBit remains most dangerous ransomware despite fall in attacks

Love for sports could lead to poor password practices

Luxtrust warns of new phishing attempts

Mac Users Beware: New Trojan-Proxy Malware Spreading via Pirated Software

“Magic: The Gathering” Cards Used in Possible Cashout by Uranium Finance Hacker

Malaysia: SOCSO suffers data breach, personal data including phone number and salary shared online

Managing cybersecurity should be a top priority for 2024

Meta introduces default end-to-end encryption for Messenger and Facebook

Mitigating data breaches with live patch management

More evidence of Russian intelligence exploiting old Outlook flaw

Multistate Coalition of State Attorneys General Secures $49.5 Million from Cloud Company Blackbaud for 2020 Data Breach

Municipalities Face a Constant Battle as Ransomware Snowballs

Naval shipbuilder Austal USA investigating a cyber attack on its internal systems

Netherlands conducts large-scale cyber attack drill involving key infrastructure sectors

New 5G Modems Flaws Affect iOS Devices and Android Models from Major Brands

New 5Ghoul attack impacts 5G phones with Qualcomm, MediaTek chips

New RCE vulnerability in Apache Struts 2 fixed, upgrade ASAP (CVE-2023-50164)

NGS Super rapped by Australian Prudential Regulation Authority (APRA) over cyber deficiencies

Nissan Oceania reports a major cyber attack targeting internal systems

North Korean Kimsuky Targeting South Korean Research Institutes with Backdoor Attacks

Norton Healthcare discloses data breach after May ransomware attack

Norton Healthcare, Inc. Experiences Ransomware Attack

Office for Civil Rights (OCR) Resolves First HIPAA Phishing Case: Lafourche Medical Group Settles for US$480000

Office for Civil Rights (OCR) settles first-ever phishing cyberattack investigation

Office for Civil Rights (OCR) settles phishing attack investigation, with provider paying $480,000

OpenText Cybersecurity 2023 Global Ransomware Survey

Perception gap exists in what causes cyber incidents & data breaches

Privilege elevation exploits used in over 50% of insider attacks

Pro-Democracy Forces in Serbia Targeted with Spyware

QR-Code Phishing has multiplied: How detection helps security teams win

Ransomware attack still impacting Lovelace services

Ransomware Attacks Reported by Foursquare Healthcare and Hi-School Pharmacy

Ransomware group posts stolen Tri-City Medical Center documents to dark web

Ransomware group takes credit for California hospital attack and data leak

Ransomware Surge is Driving UK Inflation, Says Veeam

Ransomware, data breaches inundate Operational Technology (OT) & industrial sector

Ransomware-as-a-Service: The Growing Threat You Can't Ignore

Report accuses Chinese hackers of attacking Uzbek Foreign Ministry’s servers

Russia Backed Star Blizzard’s Infiltration Attempts in UK Elections Laid Bare

Russian FSB accused of spear-phishing campaign against UK, US and allies

The 23andMe data breach just keeps getting scarier

The Ransomware Dilemma: Why Not Paying is the Best Policy

Travian games claimed by ransomware cartel

Trojan Malware Hidden in Cracked macOS Software, Kaspersky Says

UK sanctions nine linked to cyber trafficking in Southeast Asia

UK’s crime agency: Meta’s end-to-end encryption step back for child safety

Ukrainian, Polish Authorities Latest Phishing Wave Targets

Unprecedented data breaches of the last ten years – and their aftermath

US adds voice to UK Russian spy allegations

Was Amazon hacked? Here’s why users are panicking about Amazon Lockers

Welltok Data Breach: 8.5M US Patients’ Information Exposed

Why the 23andMe data breach is such a disaster

Why Your CRM May Cause Your Next Data Breach

WordPress Releases Update 6.4.2 to Address Critical Remote Attack Vulnerability

Your employees may be risking a data breach with Google Drive

7th December

5 Steps to Ensure You Don't Acquire Your Next Data Breach

10 Of The Most Advanced Cyber Warfare Tools

23andMe updates Terms of Use to prevent data breach lawsuits

47% of organizations monitored supply chain risks monthly or more

74% of ransomware revenue goes to Russia-linked hackers

2023 may have seen highest ransomware ‘body count’ yet

A deep dive into Browser Security

Android barcode scanner app exposes user passwords

Apple-backed data breach report says 2.6 billion records leaked in 2 years

BlackSuit ransomware - what you need to know

Cambridge Hospitals Admit Two Excel-Based Data Breaches

Canadian firms paying ‘significantly’ more in ransomware attacks

Cardiovascular Consultants Confirms Data Breach in SEC Filing

“Clear gods” defraud thousands in cell upgrade scheme, causing $28M in losses

Costs of Small Business Cyberattacks Are Down But Frequency Is Up

Cyber criminals attack businesses in Adobe-themed phishing surge

Cyber Insurance Exclusions: Are You Covered?

Cyber-Attacks More Likely Than Fire or Theft, Aviva Research Finds

Cybersecurity: How to Demonstrate Resilience and Hygiene

Cybersecurity Firm Hacks Itself, Finds DNS Flaw Leak AWS Credentials

Do you have coverage for a cyber attack?

Don’t fall for these 7 fake phishing emails

East River Medical Imaging says September data breach impacted over 600,000 patients

Electronic records access restored to UT Health parent company in wake of cyber attack

Feds Levy First-Ever HIPAA Fine for a Phishing Breach

Fidelity National Financial hack highlights why many are increasingly concerned about cybersecurity

Flashpoint Uncovers 100,000+ Hidden Vulnerabilities, Including Zero-Days

From dating sites to phishing emails: How AI is creating more realistic scams

German Energy Agency latest claimed by ALPHV/BlackCat ransom gang

Gernesia Team Claims Cyberattack on Nuclear Power Corporation of India

Governments May Spy on You by Requesting Push Notifications from Apple and Google

Governments spying on Apple, Google users through push notifications

Governments Spying on Apple and Google Users, Says Senator

Hacker IntelBroker Leaks Alleged Sensitive US DoD Documents

Hackers breach US Government agencies running end-of-life software

Hacking the Human Mind: Exploiting Vulnerabilities in the 'First Line of Cyber Defense'

Henry Schein reveals scope of data stolen by attackers

HHS proposes new cybersecurity requirements for hospitals through HIPAA, Medicaid and Medicare

HHS’ Office for Civil Rights Settles First Ever Phishing Cyber-Attack Investigation

Indian Aerospace Targeted: Suspected Cyberattack, Data Sale Claims Surface on the Dark Web

Ireland: Anti-Israeli hackers leave 180 Mayo homes without water in cyberattack

Israel: Indonesian cyber attack on government ministers' phones - 'We will kill you'

Krasue RAT malware hides on Linux servers using embedded rootkits

Leaked nudes emerging as top cyber risk of 2024

Lessons in Threat Detection for Insider Threats

LogoFAIL vulnerabilities impact vast majority of devices

Major Data Breach at Fresenius Medical Care Impacts Half a Million Patients

Meta Launches Default End-to-End Encryption for Chats and Calls on Messenger

Meta rolls out default end-to-end encryption on Messenger, Facebook

Microsoft Warns of COLDRIVER's Evolving Evading and Credential-Stealing Tactics

Millions affected by breaches affecting 23andMe, medical transcription service

New Bluetooth Flaw Let Hackers Take Over Android, Linux, macOS, and iOS Devices

New Report: Over 40% of Google Drive Files Contain Sensitive Info

New Stealthy 'Krasue' Linux Trojan Targeting Telecom Firms in Thailand

New XorDdos-Linked Linux RAT Krasue Targeting Telecom Firms

Nine in ten energy firms suffered supplier data breach

Ninety Percent of Energy Companies Suffer Supplier Data Breach

Nissan Corporation Hit by Cybersecurity Breach: Investigations Underway

North Carolina Central University: November cyberintrusion was caused by Rhysida ransomware

North Korean hackers steal secret laser weapon tech and pocket ransom payments

One in five businesses have been victims of cyber attack in the last year, new research shows

Nova Scotia privacy commissioner investigating provincial MOVEit hack

Nova Scotia privacy commissioner to probe data breach that affected at least 100,000

Pan-American Life Insurance Company says MOVEit Transfer breach affected over 105,000 customers

Progress Software discloses 2 new CVEs in MOVEit

Ransomware in 2024: Anticipated impact, targets, and landscape shift

Ransomware, Data Breaches Inundate OT & Industrial Sector

Records reveal new information about Sweetwater Union High School District data breach

Report shows rise in threat actors exploiting remote access software

Researchers automated jailbreaking of LLMs with other LLMs

Retail Organizations Attacked by Ransomware Increasingly Unable to Halt an Attack in Progress

Rising ransomware attacks exploit remote access software

Russian citizen pleads guilty to operating Bitzlato crypto exchange used by cybercriminals

Russian FSB cyber actor Star Blizzard continues worldwide spear-phishing campaigns

Russian military hackers target NATO fast reaction corps

Russian pleads guilty to running crypto-exchange used by ransomware gangs

Seattle cancer patients face blackmail threats after recent Fred Hutch data breach

Securities and Exchange Commission Cyber Disclosure Rules: How to Prepare for December Deadlines

Shoe retailer Aldo says LockBit posting is related to system at franchise partner

Short-term AWS access tokens allow attackers to linger for a longer while

Small Canadian energy producer reports cybersecurity incident

SonicWall WXA – Authentication Bypass and Remote Code Execution Vulnerability

Stanley Steemer says nearly 68,000 people affected by data breach in March

Staples, 23andMe respond to holiday data breaches

Thai threat actor named after folklore spirit

The UK government blames Russian intelligence for prolonged efforts to meddle in British politics

Third-party breaches shake the foundations of the energy sector

Tips for parents, students in the wake of cyberattack on Glendale Unified schools

U.K. Government Accuses Russia Of Election Interference Through Long-Lasting Cyber Attack

UK: Russia has been spying on us since 2015

UK and allies expose Russian FSB hacking group, sanction members

UK Government Warns of Russian Cyber Campaigns Against Democracy

UK names FSB unit behind hack-and-leak campaigns, summons Russian ambassador

UK, US Accuse Russia Of Cyber Campaign Against Politicians

Uncovering AutoSpill: A New Android Vulnerability in Mobile Password Manager

Understanding Types of Endpoint Security: A Comprehensive Guide

US charges two Russians in hacks of government accounts

US, Allies Highlight Russian-State Cyber Actor “Star Blizzard” Spear-phishing Campaigns

West Virginia University (WVU) notifies some employees about recent data breach

What the 23andMe Data Breach Reveals About Credential Stuffing

Widespread Windows and Linux Vulnerabilities Could Let Attackers Sneak in Malicious Code Before Boot

WordPress fixes POP chain exposing websites to RCE attacks

Yet another UK public sector data blab, this time info of pregnant women, cancer patients

6th December

1.3 Million Maine Residents Affected by MOVEit Breach

9 Prime Healthcare hospitals caught in MOVEit data breach

21 high-risk vulnerabilities in OT/IoT routers found

23andMe data leak reveals dangers of DNA testing kits

40% of Google Drive files contain sensitive information

42% of flagged messages are impersonation warnings

69% of organizations facing ransomware attacks paid the ransom

75% of the Industrial Sector Experienced a Ransomware Attack in the Past Year

78% of CISOs Concerned About AppSec Manageability

90% of global energy companies experienced a third-party data breach

Aboriginal child protection service contracted by South Australian government hit by data breach

Adobe ColdFusion flaw leveraged to access government servers (CVE-2023-26360)

Adobe ColdFusion Flaw Used by Hackers to Access US Government Servers

Alert: Threat Actors Can Leverage Amazon Web Services Security Token Service (AWS STS) to Infiltrate Cloud Accounts

ALPHV/BlackCat Claims Cyberattack on TraCS Florida, Website Outage Raises Doubts

Atlassian fixes four critical RCE vulnerabilities, patch quickly!

Atlassian patches critical RCE flaws across multiple products

Atlassian Releases Critical Software Fixes to Prevent Remote Code Execution

Aussie firms must contextualize rising cyber incident data

Back to Basics: Malware Maketh the Machine

Business Associate Victim of Ransomware Attack Pays $100,000 to HHS OCR

CarePointe ENT Settles HIPAA Lawsuit with Indiana Attorney General

CISA Warns of ColdFusion Vulnerability: Immediate Security Patching Required

Cisco Talos Report: New Trends in Ransomware, Network Infrastructure Attacks, Commodity Loader Malware

Citrix Bleed Vulnerability Requires Urgent Action as Ransomware Groups Scale Up Attacks

Council apologises for 'human error' in publishing personal email addresses of residents

Critical Infrastructure Hit with Cyber Attack in Western Pennsylvania

Cryptocurrency losses reach $1.75 Billion in 2023; Centralized Finance (CeFi) and Hacks Blamed

Cyber attack on Toronto Public Library leaves patrons reeling over loss of ‘social service network’

Cyber security risks lurk in popular messaging apps

Cyber Toufan Team Strikes Again: Israeli Organizations Allegedly Hit by Cyberattacks

‘Data Breach Affects Women More, Has Chilling Effect On Their Online Participation’

Data breach by Addenbrooke's Hospital reveals patient information

Data breach hits Blue Shield of California vendor

Deutsche Wohnen Ruling Set to Drive Up GDPR Fines

Fallout For Patients Continues After Lovelace Cyber-Attack

Fancy Bear goes phishing in US, European high-value networks

Financial Conduct Authority (FCA) fines Equifax £11m following a major cyber security breach

Google fixes three Chromecast device vulnerabilities

Green Card Lottery agency exposes applicants’ data

Groveport Madison district servers hacked by ransomware group

Hackers Exploited ColdFusion Vulnerability to Breach Federal Agency Servers

Hebridean council works on data recovery following cyberattack

Henry Schein ransom saga now in third month, hackers show no mercy

Holiday shoppers face increased risk of cyberattacks

Kubernetes Security: Sensitive Secrets Exposed

Kyberswap Hacker Launders $4.5 Million Through Tornado Cash; Now What?

LockBit adds ALDO Shoes to its victim list

LockBit Claims Cyberattack on Metropolitan Area Planning Council, Sets December 8 Deadline

LockBit Remains Top Global Ransomware Threat

Metomic Finds 40% of Google Drive Files Contain Sensitive Information, Putting Organizations at Risk of a Data Breach

Navy contractor Austal USA confirms cyberattack after data leak

New SLAM attack steals sensitive data from AMD, future Intel CPUs

Nget Stealer Targets Cryptocurrency Wallets, Poses New Surface-Level Menace

Nissan investigates cyberattack in Australia and New Zealand

Nissan investigating suspected disruptive cyberattack

Nissan is investigating cyberattack and potential data breach

North Korea hackers may have stolen data on laser weapon

North Korea’s Lazarus Group escalates crypto attacks via Telegram phishing

North Korean hackers stole anti-aircraft system data from South Korean firm

One in five businesses have been victims of cyber attack in the last year

Phishing emails using Adobe InDesign on the rise

Qualcomm Releases Details on Chip Vulnerabilities Exploited in Targeted Attacks

Radiology provider hit by cyber attack hopes to re-open next week

Radiology provider hit by cyber attack hopes to re-open next week

Ransom Paid, Yet Struck Again: Henry Schein Hit by Third Cyberattack

Ransomware Dwell Time Hits Low of 24 Hours

Researchers discover dozens of new bugs affecting Sierra Wireless routers

Russian-Backed Hackers Target High-Value US, European Entities

Schools in Maine, Indiana and Georgia contend with ransomware attacks

Sierra:21 - Flaws in Sierra Wireless Routers Expose Critical Sectors to Cyber Attacks

"Sierra:21" vulnerabilities impact critical infrastructure routers

Taking a Proactive Approach to Mitigating Ransomware: You Can’t Neglect the Application Layer

The largest data breaches by number of compromised records

Thousands of Go module repositories on GitHub are vulnerable to attack

Today’s Most Common Phishing Scams

Top 6 Security Challenges of SMEs (Small to Medium Enterprises)

Tracking the Rise of SMS Phishing

Trojan-Proxy Threat Expands Across macOS, Android and Windows

Trustwave SpiderLabs Uncovers Critical Cybersecurity Vulnerabilities Exposing Manufacturers to Costly Attacks

U.S. Navy shipbuilder Austal says cyber incident had ‘no impact on operations’

UK Financial Conduct Authority (FCA) Warns of Christmas Loan Fee Fraud Surge

Understanding Each Link of the Cyberattack Impact Chain

University Hospital Southampton: Personal patient information published online

US health officials call for surge in funding and support for hospitals in wake of cyberattacks that diverted ambulances

Welltok Announces Data Breach Affecting Patients of Elixir RX Solutions, OrthoNebraska, and OSF HealthCare System

5th December

$5 Million Lost to Address Poisoning: Safe Wallet Users Targeted by Crypto Hacker

23andMe: Hacker Accessed Data for 6.9 Million Accounts

23andMe Data Breach Impacts 6.9M Users

75% of sports-related passwords are reused across accounts

2024 brings changes in data security strategies

15,000 Go Module Repositories on GitHub Vulnerable to Repojacking Attack

Advanced ransomware campaigns expose need for AI-powered cyber defense

Australia: Poor security led to pathology hack

Beware: predatory Android loan apps spy, harass, and blackmail users

Booking.com under fire for troubling privacy and security concerns

Britain says no evidence of Sellafield nuclear site hacking

China’s Largest Bank Is Latest Victim Of Ransomware

CISA reaching out directly to water utilities about exposed Unitronics devices

Criminals to increase use of cryptocurrency

Cyberattack on SPARRSO Raises Concerns Over Security in Bangladesh

Cybersecurity at work: 5 tips to avoid risks and attacks

Data Breaches and Cyber Attacks in November 2023 – 519,111,354 Records Breached

Demystifying Cyber Resilience: From Best Practice to Execution

Disney+ Cyber Scheme Exposes New Impersonation Attack Tactics

Don’t click December: feds warn of three most common scams

Dozens of credit unions confront outages linked to third-party ransomware attack

East River Medical Notifies Over 605k Patients of Data Breach Affecting Their SSNs

Fake Lockdown Mode Exposes iOS Users to Malware Attacks

Federal agency breached through Adobe ColdFusion vulnerability

Five Things You Need to Know About Security Misconfigurations

From 1% to 100%: Tallying the impact from Okta data breach

Georgia county school district claimed by BlackSuit ransom gang

GST Invoice Billing Inventory exposes sensitive data to threat actors

Hackers breach US govt agencies using Adobe ColdFusion exploit

Hermon School Department hit with ransomware attack

Hershey warns of data breach following phishing attack

HTC Global Services confirms cyberattack after data leaked online

India’s Income Tax Department Data Breach: Threat Actor Sets Price for Access

Investigation continues after Hendersonville city employees' cybersecurity breach

Konni Malware Alert: Uncovering The Russian-Language Threat

KyberSwap hacker moves $338k into Tornado Cash

Life insurance company announces data breach through MOVEit

Lower Bucks Hospital Notifies Patients Of Vendor Data Breach

Microsoft targeted 10K times over the summer

Microsoft warns of Cactus ransomware actors using malvertising to infect victims

Microsoft Warns of Kremlin-Backed APT28 Exploiting Critical Outlook Vulnerability

Ministers pressed by Labour over cyber-attack at Sellafield by foreign groups

Multiple NFT collections at risk by flaw in open-source library

Net tightens around Iranian water hackers

New Threat Actor 'AeroBlade' Emerges in Espionage Attack on U.S. Aerospace

Pan-American Life Insurance Company (PALIC) customers’ credit card data exposed via MOVEit attacks

Payments Giant Tipalti: No Ransomware Breach, No Threat to Roblox

Pegasus spyware trial implicating former president kicks off in Mexico

Phishing, other cyber attacks increase in Nigeria, others

Porn Age Checks Threaten Security and Privacy, Report Warns

Proliance Surgeons Sued Over Ransomware Attack and Data Breach

Qilin Ransomware Focuses on VMware ESXi Servers

Ransomware attack compromises US subsidiary of Australian shipbuilder Austal

Russian APT28 Exploits Outlook Bug to Access Exchange

Russian hackers use old Outlook vulnerability to target Polish orgs (CVE-2023-23397)

Russian state-sponsored hackers exploiting Outlook vulnerability, Microsoft warns

Sellafield Accused of Covering Up Major Cyber Breaches

Sellafield cyber attack: Government refutes breach claims

Sellafield Nuclear Plant Hacked by Russia and China, Data Breach Concealed for Years

SpyLoan Android malware on Google Play downloaded 12 million times

SpyLoan Scams Target Android Users With Deceptive Apps

Targeted Ads are a Cybersecurity Risk

Thousands of sales in limbo after conveyancing cyberattack

Threat actors impersonate Disney+ with considerable guile

Threat actors target Austal USA in ransomware attack, US Navy data at risk

Tipalti Data Breach Remains Unconfirmed, Hacker Claims Prompts Immediate Investigation

Tipalti investigating ransomware attack claims

Trellix detects collaboration by cyber criminals, nation-states

TrickMo Banking Trojan Resurfaces with New Features, Targeting Android Devices this Time Around

Turning Cyber Offense Into Defense For Successful Cybersecurity Investing

UK regulator lists age verification requirements for adult websites

US Federal Agencies Miss Deadline for Incident Response Requirements

USPS Delivery Phishing Scam Exploits SaaS Providers to Steal Data

Warning for iPhone Users: Experts Warn of Sneaky Fake Lockdown Mode Attack

What is voice phishing? Why you should be alert about vishing

4th December

5 network security predictions for 2024

23andMe admits hackers accessed 6.9 million users’ DNA Relatives data

23andMe hack explained: 0.1% of accounts unlocked the data of millions

2024 cybersecurity outlook: The rise of AI voice chatbots and prompt engineering innovations

Accounting software provider Tipalti investigating alleged ransomware attack

AI: Cybersecurity threat or opportunity?

AI models wide open to cyberattacks, analyst warns

Anonymous Arabia Targets UAE’s Largest Bank FAB in Cyberattack

Anonymous Collective Targets Greece’s Largest Mobile Operator Cosmote; Website Currently Down

"Assume compromise" as industries face compliance challenges

Austal USA suffers ransomware attack

Australia: Clinic’s data breach a reminder to bolster security

Barking up the wrong data tree: even pets aren’t safe from a data breach

Beyond phishing: The top employee security risks you're probably not measuring

BlackCat Ransomware Strikes Ho Chi Minh City Power Corporation

Blue Shield of California discloses data breach, number of members impacted unclear

Booking.com customers targeted in hotel booking scam

Building a Collaborative Approach to Secure the Connected World

ChatGPT may reveal private training data

Chicago housing market disrupted by hackers

Chocolate maker Hershey breached in phishing attack

Colonial Pipeline Hit by ‘CyberNiggers’ Hacker Group, Sensitive Data for Sale on Dark Web

Columbia University class action claims school failed to safeguard sensitive info, resulting in data breach

Crude Anglo American email highlights cyber-hack threat

Cyber insurance may have benefits, but it won’t get your stolen data back

Cyber-criminals Unleash 411,000 Malicious Files Daily in 2023

CyberAv3ngers hit Unitronics PLCs at multiple US-based water facilities

Cybercriminals Escalate Microsoft Office Attacks By 53% in 2023

Cybersecurity Concerns Rise Amidst Tipalti Data Breach, X Might be Next!

Cybersecurity in Food and Beverage Manufacturing: Protecting the Heart of Operations

Cybersecurity in Startups: Evolving Threats in Digital Age

Dallas County turns over $2.4 million 'potential fraudulent payment' to the FBI

Data breach affects Michigan healthcare companies

DDoS attack-for-hire services thriving on Dark Web and cyber criminal forums

December Android updates fix critical zero-click RCE flaw

DePauw University warns of data breach as ransomware attacks on colleges surge

Digital trust: Why SEO poisoning is on the rise

EU Council and Parliament Reach Agreement on Cyber Resilience Act

Fake WordPress security advisory pushes backdoor plugin

Federal Trade Commission (FTC) orders prison contractor to fix security exposures after data breach

Florida water agency latest to confirm cyber incident as feds warn of nation-state attacks

Hackers are getting smarter; you should too

Hackers are using these pirated softwares to spread malware on Mac

Hackers deliver malware with downloads on fake sites

Hackers steal ancestry, health-related data from 23andMe

Healthcare’s Holistic Approach Needs to Apply to Security, Too

HHS delivers urgent message for healthcare operators to nix cybersecurity threat

How hackers linked to Iran, Hezbollah and Hamas are increasing their efforts to attack Israeli targets

How To Overcome The Most Common Cybersecurity Challenges In The M&A Process

International Dog Breeding Org WALA Exposes 25GB of Pet Owners Data

Iran-linked hackers claim to leak troves of documents from Israeli hospital

Islands council 'counting cost' of cyber attack

IT Professionals in ASEAN Confronting Rising Cyber Security Risks

Key Strategies To Prevent And Detect Cybersecurity Blind Spots

Kremlin-backed hackers attacking unpatched Outlook systems, Microsoft says

Limiting Remote Access Exposure in Hybrid Work Environments

LockBit on a Roll – ICBC Ransomware Attack Strikes at the Heart of the Global Financial Order

LogoFAIL: UEFI Vulnerabilities Expose Devices to Stealth Malware Attacks

Long Beach says City data was compromised in cyber attack

Lovelace Health System Continues to Grapple with Recent Ransomware Attack, Raising Data Breach Concerns

Majority of UK CIOs cite cybersecurity as ‘current major threat’

Medical company's data breach affects millions in New York. How you can prevent identity theft

Mercy Health patients among giant data breach affecting 8.9 million people, company says

Microsoft Outlook Vulnerability Exploited by Russian Forest Blizzard Group

Microsoft Warns of Malvertising Scheme Spreading CACTUS Ransomware

MIRLE Group Targeted by Notorious LockBit Ransomware Group

Mobile payment fraud increased in 2023

New AeroBlade hackers target aerospace sector in the U.S.

New BLUFFS Bluetooth Attack Expose Devices to Adversary-in-the-Middle Attacks

New Mac ransomware doesn't pose much of a threat yet

New P2PInfect Botnet MIPS Variant Targeting Routers and IoT Devices

North Carolina's City of Hendersonville says cyber attack compromised employee data

North Korean hacker group steals key South Korean defense technologies

North Korean hackers stole $3 billion in crypto in six years

On September 2nd, the U.S. branch of Great Star Industrial Co. disbursed a ransom of 1 million dollars to a ransomware group

One Year of ChatGPT: The Impact of Generative AI on Cybersecurity

Ontario hospitals hit by class action following cyberattack

OpenText Cybersecurity 2023 Global Ransomware Survey: The Risk Perception Gap

P2PInfect Botnet Is Now Targeting MIPS-Based IoT Devices

Patients Informed About Potential Impact of DMS Health Technologies (DMS) Data Breach

Payments processor Tipalti investigating ransomware attack

Platypus exploiters walk free after claiming to be ‘ethical hackers’

Pretexting: A Growing Threat That Avoids Phishing’s Obvious Tells

Proactive, not reactive: the path to ensuring operational resilience in cybersecurity

Ransomware Attack Hits US Credit Unions, Prompting Federal Response

Ransomware Incident Affects Scores of Credit Unions

Regtech Uppsala Security Analyzes DeFi Hack: Raft Protocol Exploit – A Hacker’s “Miscalculation” Leads to Major Loss

Rhysida ransomware gang hits hospital holding royal family’s data

Rhysida ransomware gang threatens to leak royal family medical data

Russian Developer Pleads Guilty to Trickbot Conspiracy

Russian hackers exploiting Outlook bug to hijack Exchange accounts

Russian national pleads guilty to role in ransomware attacks

Rust-Based Botnet P2Pinfect Targets MIPS Architecture

Safe Wallet scammer steals $2M through 'address poisoning' in one week

Scammer on Stargate Snapshot Stole $43,000 via Phishing Link

Sophisticated Booking.com Scam Targeting Guests with Vidar Infostealer

Staples Hit With Disruption After Cyber-Attack

Stargate Snapshot Platform Hit by Phishing Scam

State of Maine Reports 450,000-Record Data Breach

Stealthier version of P2Pinfect malware targets MIPS devices

Supply-chain ransomware attack causes outages at over 60 credit unions

Suspected digital shopping fraud up 12% during Cyber Five holiday

Te Whatu Ora data breach accused appears in Wellington District Court

The Biggest Data Breaches of 2023

The future of phone scams: bots that sound like your loved ones

The Obvious, the Normal, and the Advanced: A Comprehensive Analysis of Outlook Attack Vectors

The risks and rewards of AI: A Year After ChatGPT's Rise

The US government has suffered a whole load of data breaches we never even knew about

These are the countries most at risk from cyberattacks

Thousands of Louisiana Teachers and Students Had Their Information Leaked After Cyberattack, But Were Never Notified

‘Thousands’ of sales still in limbo after cyber attack at CTS conveyancing platform

Tipalti investigates claims of data stolen in ransomware attack

Tri-Valley patients among more than 8 million impacted by data breach

Understanding Impersonation Scams In The Crypto Space

Understanding Mobile Payment Security

Unmasking Spyroid Rat: An In-Depth Look at the Menacing Android RAT

US: Iran behind attacks on our water sector

US Confirms Iranian Attacks on Water Companies

Washington-based Proliance Surgeons says ransomware attack impacted 437,000 patients

What Is Deception Technology?

What is phishing and smishing? IRS issues warning

Why small business owners should put fraud protection at the top of their holiday wish lists