Editor's Message

Welcome to DBD. On March 8th we celebrated our 4th Anniversary and the 1st Anniversary of our PRiSM application, officially endorsed by the SANS Institute. Despite recent personal issues that have impacted the amount of time I have been able to dedicate to both projects, I have been doing my best to keep everything as up-to-date as possible, and I would like to take this opportunity to thank everyone for their patience and support whilst I navigate through this very difficult time. Stay safe. :)



Monday, 11 December 2023

Data Breaches Digest - Week 50 2023

Welcome to this week's Data Breaches Digest, a catalogue of links concerning Data Breaches and Cyber Security that were published on the Internet during the period between 11th December and 17th December 2023.


17th December

Are AI Bots Susceptible to Social Engineering Just Like We Are?

Building cyber resilience: 3 imperatives for today’s organizations

China: Breached? You Must Report Within 10 Minutes

Credit Unions Nationwide Hit Ransomware Attack

Cyber attack on Kyivstar one of highest-impact disruptive cyber attacks since war started

Data Protection vs. Data Security in the Age of Cyber Threats

Emergency Rooms Begin to Restore Services After Cyberattack, but Lingering Issues Remain

Finland: Over 2 million scam calls blocked - Operators shift focus to text message scams

Hacking manual found for scam targeting hotels and consumers

Homebuyers' stress over impact of CTS cyber-attack

Ledger attacker drained at least $484K

MongoDB Suffers Security Breach, Exposing Customer Data

New NKAbuse Malware Exploits NKN Blockchain Tech for DDoS Attacks

New Rhadamanthys stealer version enhances features, evasion

Nigeria: AI Fuelling Phishing Attacks Globally

Otis Air Force Base data breach cries out for basic security fixes

Qbot malware returns after this summer's law enforcement disruption

Rhadamanthys Stealer malware evolves with more powerful features

Singapore: Police warn of new phishing scam using fake Domino's Pizza websites

Singapore was a clear target for digital attacks in the ‘global fraud pandemic’

The Rise of AI-Driven Scams: Protecting Against Cyber Threats

This is how to protect your credit and bank cards from getting hacked

‘Tis the season for phishing emails

What to do when receiving unprompted MFA OTP codes

WordPress hosting service Kinsta targeted by Google phishing ads

Work From Home job call will make you poor! Hackers discovered a new way of looting

Zimbabwe: Addressing concern over AI, data protection

16th December

A Year in Review – The Biggest Cybersecurity Fines in 2023

Alleged Russian-Canadian hacker with Simcoe County ties charged while out on bail

Best Practices of Utilizing Threat Intelligence to Prevent Ransomware

California dental insurer reveals hackers stole social security numbers, more for nearly 7M customers

Canada: Bradford house searched, man arrested in Ontario Provincial Police (OPP) ransomware probe

China's Ministry of Industry and Information Technology (MIIT) Introduces Color-Coded Action Plan for Data Security Incidents

Cyber attack on Kyivstar is likely one of highest-impact disruptive in Ukraine since Feb 2022

Cyber Chaos 2023: Decoding the Year’s Most Daring Hacks

Cyberattacks against U.S. water supply inspire policymakers, system operators

Cybercriminals likely to exectute AI-led cyberattacks, identity attacks in 2024

Hacker Who Stole Millions Worth of NFTs Demands a Ransom

Hackers Access Customer Info, Corporate Systems in MongoDB Data Breach

How online scammers trick people out of their money

How to avoid scams this Christmas

Man charged in ransomware investigation after Bradford search warrant executed

Microsoft Warns of Storm-0539: The Rising Threat Behind Holiday Gift Card Frauds

MongoDB says customer data was exposed in a cyberattack

National Information Technology Development Agency (NITDA) cautions Nigerians as phishing attacks spike globally with AI

New cross-platform threats uncovered by Kaspersky

New ‘NKAbuse’ Linux Malware Uses Blockchain Technology to Spread

NFT Trader Hit in Largest NFT Hack to Date?

QNAP VioStor NVR vulnerability actively exploited by malware botnet

Singapore: Police warn of new phishing scam using fake Domino's Pizza websites

This is how your email gets into the wrong hands

US: Maryland 3rd highest risk for cyber attack

What is Storm-1152, alleged top creator of fake Microsoft accounts?

15th December

3CX warns customers to disable SQL database integrations

5 cybersecurity predictions for 2024

30-Year DICOM Vulnerability Exposes Millions of Health Records to Access and Manipulation

45,000 Affected by Breach at Idaho National Laboratory

A study from IMDEA Software researchers reveals hidden fortunes and surprising overestimations in cybercrime revenue

ALPHV is back, but it had to start from scratch

Anatomy of a Phishing Attack: How Hackers Trick You

Anonymous Arabia Declares Cyber Assault on Abu Dhabi Airport, UAE’s Second Busiest

Anonymous Sudan Targets OpenAI Again, Demands Firing of Research Head

Are Crypto Cold Wallets Safe? Ledger Cites “Phishing Attack” behind the Hack

Australia's encrypted cyber attacks rise despite security efforts

Australians risk cybersecurity threats during summer holidays

BianLian, White Rabbit, and Mario Ransomware Gangs Spotted in a Joint Campaign

CareTree Confirms Data Breach Affected Sensitive Patient and Caretaker Information, Including SSNs

Central Bank of Lesotho facing outages after cyberattack

China issues draft contingency plan for data security incidents

China to enforce ten-minute response time for data breaches

Chrome Exploits Patched To Secure Your Browsing

CISA Urges Health Sector to Apply Critical Cyber Measures

CISA urges tech manufacturers to stop using default passwords

Cloud squatting: How attackers can use deleted cloud assets against you

CMS becomes the latest law firm to fall victim to LockBit cyber-attack

Crypto Hardware Wallet Ledger's Supply Chain Breach Results in $600,000 Theft

Cyber attacks: How hackers get in, and who they target (everyone)

Cybersecurity: Preparing for Paris 2024 Olympic Games

Cyberwarfare in Ukraine: Russia’s least worst option?

DashLane Introduces Passwordless Login, Pioneering a New Era of Credential Managers

Data breach affects CHI St. Alexius patients

Data Breaches Just Keep Piling Up

Data of over a million users of the crypto exchange GokuMarket exposed

Data Protection vs Data Security

Defense Contractor Austal USA Confirms a Cyber Attack by Hunters International Ransomware Group

Delta Dental Hit with 7 Million User Data Breach in MOVEit-Linked Attack

Delta Dental says data breach exposed info of 7 million people

Digital fraud attack rate in Singapore higher than APAC average

Do You Have Cyber Insurance?

Do you know these cybercriminal tactics used against Financial Institutions?

Ex-Amazon engineer pleads guilty to hacking crypto exchanges

Finding the Sweet Spot: How Donut Extortion Group Targets Achilles’ Heel in Cybersecurity

Fortifying cyber defenses: A proactive approach to ransomware resilience

Four charged for laundering funds in $80 million pig butchering scheme

Four Charged in Connection With $80m Pig Butchering Scheme

Four Charged With Pig Butchering Scheme, Nirvana Hacker Pleads Guilty: Is This a Crackdown?

Hackers abusing OAuth to automate cyber attacks, says Microsoft

Harrisburg Medical Centre data breach impacted close to 150,000 patients

Healix Infusion Therapy Files Official Notice of Data Breach That Leaked Patient SSNs

Holiday cybersecurity: Safeguarding businesses amidst increased cyber threats

How Organizations And Financial Professionals Can Address Their Cyber Risk

Idaho National Laboratory data breach impacted 45,047 individuals

Incident of the Week: Russia-linked cyber attack targets Ukraine’s biggest phone operator

Is it safe to have your ancestry data online? Here's what experts say

Is Your Kettle Spying on You? The Reality of IoT Device Security

Kansas Court Cyberattack Update: Restoration of Case Management System Begins

Keenan & Associates Experiences Data Breach Following Ransomware Attack

Kenya: Cybercrime cases up by 3pc in 2023

Kraft Heinz probes ransomware attack claim

Kyivstar Cyberattack Update: CEO Foresees Weeks for Full Service Recovery Post Security Incident

Kyivstar may need weeks to restore all services after cyber attack

Kyivstar starts restoring voice services following cyber-attack

Largest US dental insurer breached in MOVEit attack, 7M exposed

Ledger attack shows company ‘learned nothing’ after multiple breaches

Ledger Cyberattack: Company Confirms Deactivation of Malicious Code in Ledger Connect Kit

LifeLabs customers can now apply for up to $150 in compensation for data breach

LockBit Ransomware Strikes Four New Victims; Websites of Some Entities Face Disruptions

Looking at Data Breach and Class Action Exposure Through a Single Lens

Malaysia faces cyberthreat surge: phishing dominates, ransomware doubles

Microsoft disrupts credentials marketplace, warns of gift card fraud, OAuth abuse

Multiple flaws in pfSense firewall can lead to arbitrary code execution

Navigating the Landscape of Supplier Cyber Risk

New Class Action Lawsuit Filed Against Norton Healthcare Over Ransomware Attack

New Hacker Group Uses SQL Injection to Hack Companies in APAC Region

New KV-Botnet Targeting Cisco, DrayTek, and Fortinet Devices for Stealthy Attacks

New NKAbuse Malware Exploits NKN Blockchain Tech for DDoS Attacks

New SEC rules around data breach disclosures arrive on Monday – here's what you need to know

New Security Vulnerabilities Uncovered in pfSense Firewall Software - Patch Now

New York engineer pleads guilty to stealing millions from two crypto exchanges

Nirvana Finance Hacker Pleads Guilty, Will Forfeit Over $12 Million in Stolen Funds

Northern Ireland police data breach ‘caused by many factors’

OilRig targets Israel organizations with new lightweight downloaders

Ontario public library shuts down most services due to cyberattack

Operationalizing zero trust: Three immediate opportunities for federal agencies

Over 45,000 Employees Hit By Nuclear Research Lab Breach

Penetration Testing for Sensitive Data Exposure in Enterprise Networks: Everything You Need to Know

'Phantom Hacker' scams target New Hampshire older adult population: Here's how to avoid it

Putative class actions filed against Acrisure over data breach

Ransomware gang behind threats to Fred Hutch cancer patients

Ransomware surges, despite aggressive defenses

Red Roof reports cyber incident: Guest data uncompromised

Retailers Are Being Barraged By Cyberattacks This Holiday Season

Rising Cyber Frauds Pose Growing Threats to India’s Financial Landscape

Rivers Casino Des Plaines Faces Legal Action Following Data Breach Revelation

Romance Scammers are Adopting Approval Phishing Tactics

Russian APT29 Hacked US Biomedical Giant in TeamCity-Linked Breach

Russian cybergroup Star Blizzard unleashes global spear-phishing attack

Safeguarding Your Online Presence: The Role of Website Localization in Cybersecurity

Santa's spyware: Hackers use Google results to push malware when deal-hunters search for these tech products

Seattle cancer center confirms cyberattack after ransomware gang threats

Securities and Exchange Commission (SEC) disclosure deadline is here: Are you ready? (And what to do if you’re not)

Singapore: Beware of parcel delivery phishing scams this festive shopping season, say police

Sony investigates alleged ransomware attack on Insomniac Games

Southern Ontario school board acknowledges 'cyber incident'

Swiss district court shuts down its IT systems to deal with a major cyber attack

Talus Pay Confirms Data Breach Following Unauthorized Access to Employee Email Account

The Benefits of Using a Random Password Generator for Safer Online Access

To BCC or not to BCC – that is the question data watchdog wants answered

Traveling Securely: A Comprehensive Guide to Protecting Your Digital Footprint While on the Move

TRISTAR Insurance Confirms Data Breach Related to November 2022 Cyberattack

UK Defence fined for leaking details of Afghan nationals

UK Plans Tough New Security Rules For Datacenters

UK unprepared for ransomware attack amid lack of Government investment

What Is Storm-1152, Alleged Top Creator Of Fake Microsoft Accounts?

What You Need to Know About Attack Trees

Why federal efforts to protect schools from cybersecurity threats fall short

Wonka scams: The golden ticket you don’t want to open

14th December

7 months later, software firm Welltok informs OSF patients of data breach

23andMe users may have had personal information stolen in massive data breach

29 malware families targeted 1800 banking apps in 61 countries

66% of employees prioritize daily tasks over cybersecurity

116 Malware Packages Found on PyPI Repository Infecting Windows and Linux Systems

Adversary-in-the-Middle Defense: Strategies for Security

Alamance-Burlington School System (ABSS) falls for phishing scam, which costs $300K; insurance to cover loss

Approval Phishing Scams Drain $1bn of Cryptocurrency from Victims

Attackers are trying to exploit Apache Struts vulnerability (CVE-2023-50164)

Beware of Malicious 7ZIP on the Microsoft App Store that Delivers Malware

Burlington recovers a big chunk of money lost in phishing scam

Businesses among targets of ‘dangerous and unique’ GOV.UK phishing scam

Campbell County Schools: Some employees' personal information may have been taken in a ransomware incident

Canada: Hospital systems slowly coming back online after October cyberattack

CardioComm Solutions Resumes Full Operations Following Cyber Attack

Chinese internet authorities call for reporting of major security incidents within the hour

CISA Cites Modest Progress in Reducing CVEs

CitrixBleed isn’t going away: Security experts struggle to control critical vulnerability

Corringham Ortu Gable Hall School apologises after data breach

Cozy Bear Hackers Target JetBrains TeamCity Servers in Global Campaign

Cybercrime operation that sold millions of fraudulent Microsoft accounts disrupted

Cybercriminals selling fraudulent Outlook accounts taken down by Microsoft

Cyberthreats to the financial industry: interim results for 2023

Data of over a million crypto exchange users exposed

Defiance City Hit by Cyber Extortion: Knight Ransomware Group Strikes

Dental Plan Administrator Fined $400K for Phishing Breach

Digital ops and ops management security predictions for 2024

Discord adds Security Key support for all users to enhance security

East Point city manager fired amid phishing scam controversy

Emerging Technologies, Evolving Threats: Strategies for Future-Proofing Data Security

Fake shipping notification emails and text messages: What you need to know this holiday season

Federal Communications Commission (FCC) adopts updated data breach notification rules to protect consumers

Federal Communications Commission (FCC) updates data breach notification rules

Federal Communications Commission (FCC) updates data breach rules, with consumers in mind

Five top tips for sourcing port cyber-attack insurance cover

Fraud and Security Team Silos are Undermining Cybersecurity

GambleForce Group Targets Websites With SQL Injection

GambleForce threat group targets Asia-Pacific

Hacker Steals $430,000 from Decentralized Exchange OKX

Hackers Keep Winning by Gambling on SQL Injection Exploits

Harrisburg Medical Center Data Breach: PHI of 148,000 Individuals Compromised in 2022

Holiday heads-up: police warn of increased phishing scams

How cybercriminals are using Wyoming shell companies for global hacks

How to Comply with Ever-Changing Data Protection Regulations

In a world of targeted attacks database security is more crucial than ever

Iran-linked hackers develop new malware downloaders to infect victims in Israel

Iranian State-Sponsored OilRig Group Deploys 3 New Malware Downloaders

Kansas courts' computer systems are starting to come back online, 2 months after cyberattack

Kraft Heinz investigates hack claims, says systems ‘operating normally’

Kraft Heinz reviewing claims of cyberattack but internal systems ‘operating normally’

Kraft Heinz targeted in ransomware attack

Kyivstar telecom slowly back up after massive cyberattack, two Russian groups take claim

Ledger dApp supply chain attack steals $600K from crypto wallets

Lesotho central bank ‘targeted’ in cyber-attack attempt

LockBit Expands its Roster of Victims: Dawsongroup Allegedly Targeted

Mastercard survey reveals cybersecurity gaps among Canadian small businesses

Microsoft: Storm-1283 Sent 927,000 Phishing Emails with Malicious OAuth Apps

Microsoft Busts Black Market for 100s of Millions of Fraudulent Accounts

Microsoft just disrupted a cyber crime group behind 750 million fraudulent accounts

Microsoft seizes domains used to sell fraudulent Outlook accounts

Microsoft Takes Legal Action to Crack Down on Storm-1152's Cybercrime Network

Microsoft Targets Prolific Outlook Fraudster Storm-1152

Microsoft Targets Threat Group Behind Fake Accounts

Millennials, Gen-Z worry more about fraud than social media hacking, says American Express

Ministry of Defence (MoD) fined over data breach that 'could have cost lives'

More than 45,000 affected by cyberattack on Idaho nuclear research lab

Multiple email address for different functions beefs up security

Navigating a data leakage: a six-step incident response guide

New Hacker Group GambleForce Hacks Targets with Open Source Tools

New Hacker Group 'GambleForce' Tageting APAC Firms Using SQL Injection Attacks

New hacker group uses old attack methods to breach Asian gambling companies

New NKAbuse malware abuses NKN blockchain for stealthy comms

New Pierogi++ Malware by Gaza Cyber Gang Targeting Palestinian Entities

Newsquest Facing a DDoS Attack

Nirvana Finance hacker pleads guilty, forfeits $12.3M

Nissan Australia still reeling from cyber attack

Office for Civil Rights (OCR) Settles First Phishing Cyber-Attack Investigation with a Louisiana Medical Group

Organizations prefer a combination of AI and human analysts to monitor their digital supply chain

Pan-American Life Insurance Group Data Breach Affects 200,000 Individuals

Philippines faces surge in info stealer attacks

Phishing, Smishing and Vishing: How to Avoid These Top Fraud Schemes

Planning for Critical Vulnerabilities and Major Cyber Security Incidents – What Boards Need to Know

Pro-Ukraine Group Claims Successful Cyberattack on Russian Research Organization

Ransomware attacks increased twofold in Malaysia this year

Red Roof Hit by Data Incident

Report warns UK at risk of ‘catastrophic’ ransomware attack on critical national infrastructure

Rising threats: Cybercriminals unleash 411,000 malicious files daily in 2023

Rivers Casino Des Plaines Hit With Class-Action Lawsuit Over August Data Breach

Russian APT exploiting JetBrains TeamCity vulnerability

Russian hackers are launching potential SolarWinds-style operations

Russian hackers target unpatched JetBrains TeamCity servers

Russian SVR-Linked APT29 Targets JetBrains TeamCity Servers in Ongoing Attacks

Security leaders discuss new Securities and Exchange Commission (SEC) disclosure rule as deadline nears

Switzerland District Court Confirms Cyberattack, Investigation Underway

Tarrant Appraisal District responds to claims about data breach, says investigation ongoing

Ten new Android banking trojans targeted 985 bank apps in 2023

U.S. nuclear research lab data breach impacts 45,000 people

Ubiquiti users report having access to others’ UniFi routers, cameras

UK defense ministry fined for life-threatening breach

UK government woefully unprepared for 'catastrophic' ransomware attack

UK’s Newsquest media group disrupted by cyberattack

Ukrainian telecom giant Kyivstar says Russian cyber attack disrupted mobile and Internet services

UnitedHealthcare Announces Data Breach Involving Unauthorized Access to Vendor Email Account

Unreported Cyberattack on Kraft Foods Reveals Potential Link to Aetna Lawsuit

Urgent warning to anyone with a Gmail, Outlook, Hotmail and Yahoo account

US detains suspects behind $80 million 'pig butchering' scheme

US nuclear research lab says November data breach impacted 45k current and former employees

US postal service mimicked by phishing crooks

UT Health resumes certain surgeries as cyber attack recovery continues

Vulnerabilities Now Top Initial Access Route For Ransomware

Websites down as regional publisher hit by cyber attack

Zscaler ThreatLabz Finds Most Cyberattacks Hide In Encrypted Traffic

13th December

39% of security leaders cite phishing as most feared cyberattack

90% of energy companies experienced a third-party breach

A hostage to fortune: ransomware and UK national security

Attackers abuse OAuth apps to initiate large-scale cryptomining and spam campaigns

Australian patient data increasingly at risk due to cyber attacks

BazaCall Phishing Scammers Now Leveraging Google Forms for Deception

BazarCall attacks abuse Google Forms to legitimize phishing emails

Breach exposes thousands of Idaho National Laboratory employees

Campbell County Schools, Kentucky, Hit by Ransomware

Covenant Care patient and employee data being leaked by ransomware group

Dashlane eliminates master passwords

Dashlane launches passwordless login - for new users only so far

District court in Switzerland ‘victim of a cyber attack’

Dutch Watchdog Sues Adobe Over Mass Collection of Citizen Data

End-of-Life (EOL) Sophos firewalls get hotfix for old but still exploited vulnerability (CVE-2022-3236)

Feds brace for implementation of Securities and Exchange Commission (SEC) cyber disclosure rules

French police arrests Russian suspect linked to Hive ransomware

Google Using Clang Sanitizers to Protect Android Against Cellular Baseband Vulnerabilities

Hackers are exploiting critical Apache Struts flaw using public PoC

Hackers damaged some infrastructure of Ukraine’s Kyivstar telecom company

Illegal web market thrives ahead of festive season

Industry regulations and standards are driving Operational Technology (OT) security priorities

Largest cyber attack of war hits Ukraine phone operator

Latest UN Cybercrime Treaty draft a ‘significant step in the wrong direction’

Law behemoth CMS claimed by LockBit ransomware

LockBit ransomware now poaching BlackCat, NoEscape affiliates

Major Cyber Attack Paralyzes Kyivstar - Ukraine's Largest Telecom Operator

Major data breach leaks highly sensitive donor records of multiple charities

Major leak exposes users from Russian crypto exchanges

Man, 36, charged over alleged phishing scam after Aussies bombarded with 17 million fraudulent texts

Mercy Medical Center alerts 97K patients at risk in security breach

Microsoft Fixes 34 CVEs and One Zero-Day in December Patch Tuesday

Microsoft Warns of Hackers Exploiting OAuth for Cryptocurrency Mining and Phishing

Microsoft's Final 2023 Patch Tuesday: 33 Flaws Fixed, Including 4 Critical

New cybercrime market 'OLVX' gains popularity among hackers

Norton Healthcare says ransomware attack in May compromised the data of 2.5m patients

North Korean programmers getting jobs in US by showcasing blockchain skills

Pan-American Life Insurance Company says MOVEit Transfer breach impacted 200,000 individuals

Ransomware groups are using media coverage to coerce victims into paying

Regional Family Medicine Confirms Data Breach Resulting from Recent IT Outage

Report says hackers from China targeted Texas infrastructure this year

Russia Set to Ramp Up Attacks on Ukraine’s Allies This Winter

Russian foreign intelligence service spotted exploiting JetBrains vulnerability

Russian hackers target TeamCity servers since September

Russian national with alleged Hive ransomware ties arrested in Paris

Scammers Weaponize Google Forms in New BazarCall Attack

Shifting data protection regulations show why businesses must put privacy at their core

Sony investigating potential ransomware attack on Insomniac Games unit

Stealthy KV-botnet hijacks SOHO routers and VPN devices

Taking a Proactive Approach to Mitigating Ransomware: Avoiding Vulnerabilities in SAP Applications

This is how to protect your computers from LogoFAIL attacks

Transport app exposes K-12 student location data

UK at High Risk of Catastrophic Ransomware Attack, Government Ill-Prepared

UK at high risk of ‘catastrophic ransomware attack’, report says

UK government risking ‘catastrophic ransomware attack,' parliamentary report warns

UK Ministry of Defence fined $440K for Afghan evacuation data breach

UK Ministry of Defence Fined For Afghan Data Breach

UK politicians fear “catastrophic ransomware attack”

Ukraine Claims it “Paralyzed” Russia’s Tax System

Ukraine says it attacked Russia’s tax service

Ukraine’s Cyberattack Cripples Russia’s Tax System

Ukraine's top mobile operator hit by biggest cyberattack of war

Understanding the True Cost of a Data Breach in 2023

Which cybersecurity controls are organizations struggling with?

12th December

1 out of 3 top Australian hospitals prone to email fraud

81% of companies had malware, phishing and password attacks in 2023

Americold says April data breach impacted more than 120,000 customers

Apache Warns of Critical Vulnerability in Struts 2

Apple Releases Security Updates to Patch Critical iOS and macOS Security Flaws

Australia leads in global cybersecurity with phishing-resistant measures

Backup Migration WordPress Plugin Flaw Impacts 90,000 Sites

Balancing AI advantages and risks in cybersecurity strategies

Bally’s Evansville Scammed Out of $212K Through Vendor Phishing Scheme

Bathroom products manufacturer Decina caught out by alleged data breach

BlackCat ransomware site down amidst rumours of law enforcement action

Brazil's first lady X account hacked, authorities open investigation

Cloud engineer gets 2 years for wiping ex-employer’s code repositories

Congress finds pharmacies give patient records to law enforcement without warrants

Credit union operations restored after tech supplier ransomware attack

Cyber threats for law firms in 2024

Cybersecurity and technological advancements

Dubai’s largest taxi app exposes 220K+ users

eIDAS: EU’s internet reforms will undermine a decade of advances in online security

Exploitation of the internet and the mind: How cybercriminals operate

Fake Resumes, Real Malware: TA4557 Exploits Recruiters for Backdoor Access

Federal Communications Commission (FCC) reminds mobile phone carriers they must do more to prevent SIM swaps

Hackers are auctioning off Wolverine video game secrets for £1.6 million

Hackers Planting Credit Card Skimmers Inside Google Tag Manager Scripts

Hackers Threaten Cancer Center Patients in Washington Following Data Breach

Has your smartphone been hacked? Find out if a hacker is controlling the handset; here is how to do so

How AI is changing the cybersecurity landscape

How cybercriminals are using Wyoming shell companies for global hacks

India heightens vigilance as a hacker collective announces plans for a ‘Cyber Party’ aimed at compromising crucial digital infrastructure

Japan: Boosting regional cybersecurity is critical in a connected world

Kyivstar Network Targeted by Widespread Cyber Attack

Largest Ukrainian mobile operator suffers powerful hacker attack

Lazarus exploit Log4Shell vulnerability to deliver novel RAT malware

Lazarus Group Exploits Log4j Flaw in New Malware Campaign

Lobbying firm Senate affected after IT provider suffers cyber attack

Lobbying firm Senate was affected by a cyber attack on its IT provider

Many popular websites still cling to password creation policies from 1985

Marvel’s Wolverine Screenshot Leaks, as Insomniac Games Become Targets of Ransomware

Memorial Sloan Kettering Cancer Center claimed by rookie ransom group

New Critical RCE Vulnerability Discovered in Apache Struts 2 - Patch Now

New MrAnon Stealer Malware Targeting German Users via Booking-Themed Scam

New Windows/Linux Firmware Attack

New York attorney general secures $400K fine from Healthplex over data breach

Non-Human Access is the Path of Least Resistance

Northern Ireland cops count human cost of August data breach

Notorious hacker wipes clean video hosting site for balloon ‘enthusiasts’

OAuth apps used to automate Business Email Compromise (BEC) and cryptomining attacks

One in three people unaware of lost personal data in cyber attacks

Over 1,450 pfSense servers exposed to RCE attacks via bug chain

Pakistan Telecommunication Authority (PTA) Issues Cyber Security Advisory Against Ransomware Gang ‘Rhysida’

Play ransomware group claims a major cyber attack on Greater Richmond Transit Company

Police Service of Northern Ireland (PSNI) data breach: 'Almost 200 officers' seeking ill-health retirement

“Pool Party” process injection techniques evade EDRs

Proofpoint Exposes Sophisticated Social Engineering Attack on Recruiters That Infects Their Computers With Malware

QR code logos are not just convenient – they’re also a hacker’s gateway

Recruiters, beware of cybercrooks posing as job applicants!

Russian APT28 Hackers Targeting 13 Nations in Ongoing Cyber Espionage Campaign

Russian cyber gang mimics job candidates to steal data

Russian national pleads guilty to ransomware scheme that targeted Avon Schools, other victims

SJMC Patna and IMI Bhubaneswar websites hacked in international cyber attack campaign

Sophos backports RCE fix after attacks on unsupported firewalls

Spider-Man developer Insomniac Games suffers ransomware attack

Spider-Man game creator claimed by ransom gang

Threat Actor Targets Recruiters With Malware

Three states, three school districts, one Medusa ransom gang

Top 10 Cyber Threats Retailers are Facing

Top 10 Cyber-Attacks of 2023

Toyota Financial Services ransom attack exposes customer banking info

Toyota warns data breach may have exposed customer financial information

UK adult content age verification may have unwanted effects

Ukraine telecoms giant struck by threat actor

Ukraine's biggest mobile operator suffers huge hacker attack: What we know

Ukraine’s intelligence claims cyberattack on Russia’s state tax service

Ukraine's largest mobile carrier Kyivstar down following cyberattack

Ukraine's Largest Phone Operator Hack Tied to War With Russia

Ukraine's largest telecom operator shut down after cyberattack

Ukraine's top mobile operator hit by biggest cyber attack of war so far

Ukrainian military says it hacked Russia's federal tax agency

University of Wollongong confirms cyber incident, potential data breach

Unveiling the Cyber Threats to Healthcare: Beyond the Myths

Vietnam reports 13,900 cyberattacks in 2023

WhatsApp, Slack, Teams, and other messaging platforms face constant security risks

Why People-Centric Security and Privacy Programs are Vital

Widespread Security Flaws Blamed for Northern Ireland Police Data Breach

11th December

23andMe confirms October breach compromised data from 6.9M users

50K WordPress sites exposed to RCE attacks by critical bug in backup plugin

ACS, Merlin Hit With Serious Security Vulnerabilities

Aldo Shoes hacked by the LockBit group, asked to pay a ransom by Christmas

Alleged leader of Kelvin Security hacker gang arrested in Spain

ALPHV/BlackCat Site Downed After Suspected Police Action

Apple emergency updates fix recent zero-days on older iPhones

Attackers prey on leaked crypto leads

Canadian companies face soaring ransomware demands

CBI, FBI discuss greater collab in tackling cybercrime, sharing evidence

Central Virginia transit system grapples with ransomware cyberattack

China’s cyber army is invading critical U.S. services

CISA adds Qlik Sense flaws to its Known Exploited Vulnerabilities catalog

CloudSEK Unmasks Threat Actor Selling Bogus CBI Files For $1300 On Dark Web

Cold storage giant Americold discloses data breach after April malware attack

Costa Rica is the second country most affected by ransomware in Central America

Counter-Strike 2 HTML injection bug exposes players’ IP addresses

Cyber Attack Leads to Data Breach Affecting Havant Borough Community Lottery Direct Debit Customers

Cybercriminals continue targeting open remote access products

Data Breach: Finding a Fix for Indonesia's Data Protection Problems

Data Breach on the Largest Japanese Messaging App Line Leaks 440K Records

Days-long ALPHV outage sparks arrest speculations

Debunking the misconceptions of cyber insurance

Effective Strategies For Ransomware Removal: A Step-By-Step Guide

Elevate Your Security: Meet Modern Attacks With Advanced Cloud Security Posture Management (CSPM)

Europol eyes Bluetooth trackers as a popular tool for crime

Europol Raises Alarm on Criminal Misuse of Bluetooth Trackers

Gamers Warned of Potential Counter Strike 2 (CS2) Exploit That Can Reveal IP Addresses

Grand Theft Auto 6 (GTA 6) Hacker Reportedly Plans To Resume Criminal Activities After His Release From Jail

Greece Moves to Enhance Cyber Security Amid Frequent Attacks

Groveport Madison forced to teach with pen and paper after hack prompts internet outage

Have We Reached a Data Breach Respite at the End of 2023?

Healthcare and Public Health Sector Warned About Open Source Software Risks

Henry Schein says October data breach impacted almost 30,000 individuals

Hershey data breach affects thousands with company emails

HHS agrees to $480,000 settlement with Louisiana medical group over data breach

HHS settles first phishing cyberattack investigation with Louisiana medical group

How C-Level Executives Can Increase Cyber Resilience

How To Protect Yourself From Cyber-Scammers Over The Festive Period

HR company data breach affects Dollar Tree, Family Dollar employees, class action claims

India on high alert as hacker group plans ‘Cyber Party’ targeting critical digital infrastructure

Interpol Busts Human Traffickers Luring Victims with Fake Online Job Ads

IT-OT convergence poses unique cyber threats to industrial organisations

Kelvin Security hacking group leader arrested in Spain

Kentucky healthcare giant says 2.5 million people affected by May ransomware attack

Kentucky Hospital Chain Notifying 2.5 Million of Data Theft

Lack of encryption the primary reason for sensitive data loss

Lazarus Group Targets Log4Shell Flaw Via Telegram Bots

Lazarus Group Using Log4j Exploits to Deploy Remote Access Trojans

Lazarus hackers drop new RAT malware using 2-year-old Log4j bug

Leader of one of most active hacker groups has been arrested

Medical Group Settles With HHS Over Data Breach Affecting Nearly 35,000 Patients

Nearly 7 Million Consumers Impacted by 23andMe Data Breach

Nearly 130,000 affected by ransomware attack on cold storage company Americold

New PoolParty Process Injection Techniques Outsmart Top EDR Solutions

New York Fines Dental Insurer $400K Over Data Breach

Nordic governments join forces to protect data transfers

North Korean hackers using Log4J vulnerability in global campaign

Northern Ireland police data breach blamed on outdated practices

Norton Healthcare Announces Data Breach Affecting 2.5m Patients Following Ransomware Attack

Norton Healthcare ransomware attack exposes 2.5M people

Outdated approach to data contributed to major PSNI breach, report finds

Police Arrest Hundreds of Human Traffickers Linked to Cyber Fraud

Police Service of Northern Ireland (PSNI): Data breach 'wake-up call' for UK forces

Quishing is the new phishing: Why you need to think before you scan that QR code

Ransomware gang hits hospitals in Kentucky and Indiana, millions affected

Red Roof announces data breach

Report Sees Chinese Threat Actors Embracing Sandman APT

Researcher finds data harvesting inside Ledger Live app

Researchers Uncovered an Active Directory DNS spoofing exploit

Researchers Unmask Sandman APT's Hidden Link to China-Based KEYPLUG Backdoor

Russian Hacker Guilty Of TrickBot Malware Revealed

Scammers steal $100K from multiple Pudgy Penguin NFT holders in phishing attack

Seattle Cancer Center patients face threats after data breach

Security automation gains traction, prompting a “shift everywhere” philosophy

September 2023 saw more ransomware attacks than all of 2022

Silent but deadly: The rise of zero-click attacks

Spanish Police Nab Venezuelan Leader of Kelvin Security Hacker Group

Spectre-Based Attack Exploits Intel, Arm, and AMD CPUs

SpyLoan Scandal: 18 Malicious Loan Apps Defraud Millions of Android Users

Stanley Steemer, Mr. Cooper, other companies face data breach class action lawsuits

The end of ransomware payments: how businesses fit into the fight

The Pensions Regulator (TPR) urges trustees to report cyber-related incidents

Toyota warns customers of data breach exposing personal, financial info

TV service in UAE hacked to show alleged atrocities in Palestine

Two-day water outage in remote Irish region caused by pro-Iran hackers

Two-Fifths of Log4j Apps Use Vulnerable Versions

UAE: Cyberattack disrupts TV services, rattles some residents with graphic content from Gaza

UK police return £8 million in bitcoin stolen by chronically ill bed-bound thief

University of Wollongong discloses data breach

Unwrapping cyber risks – how to protect your investments during the holiday season

US aerospace targeted by spear-phishing campaign

US Campbell County Schools Targeted in Latest Ransomware Attack

US healthcare giant Norton says hackers stole millions of patients’ data during ransomware attack

Warning As 1Password, DashLane, LastPass And 3 Others Leak Passwords

What are various types of online shopping scam and tips to stay safe

What is the Bitcoin Overflow Bug?

White House wants to set minimum cyber standards for hospitals, healthcare

Why 2024 is set to be a pivotal year in cybersecurity

Why Cybersecurity Needs To Be an SMB Priority

With ransomware leak site offline, has BlackCat run out of lives?