Editor's Message

Welcome to DBD. On March 8th we celebrated our 4th Anniversary and the 1st Anniversary of our PRiSM application, officially endorsed by the SANS Institute. Despite recent personal issues that have impacted the amount of time I have been able to dedicate to both projects, I have been doing my best to keep everything as up-to-date as possible, and I would like to take this opportunity to thank everyone for their patience and support whilst I navigate through this very difficult time. Stay safe. :)

Monday 29 January 2024

Ransomware Payments Dropped To A Record Low Of 29% As Victims Refused To Pay Ransomware Operators' Demands In Q4 2023

Data Breaches Digest - Week 5 2024

Welcome to this week's Data Breaches Digest, a catalogue of links concerning Data Breaches and Cyber Security that were published on the Internet during the period between 29th January and 4th February 2024.

4th February

72% of Children Globally Encounter Cyber Threats: Call for Improved Cybersecurity Education

Binance Says There Was No Leak From Systems After Alleged Data Breach

Cyber pros think you should disconnect your TV from the internet

Leaky Vessels flaws allow hackers to escape Docker, runc containers

Record-breaking year for global ransomware incidents

Russian Hackers Believed to be Behind Cyber Attack on Icelandic University

The ‘Mother of all Breaches’: Navigating the Aftermath and Fortifying Your Data with Data Security Posture Management (DSPM)

These were the most common phishing emails of 2023 - make sure you don't get caught out as well

This ex-CIA computer Vault 7 hacker gave secrets to Wikileaks. He just was sentenced to 40 years in jail

3rd February

AnyDesk Urges Password Change Amid Security Breach

AnyDesk Hacked: Popular Remote Desktop Software Mandates Password Reset

Atlanta Women’s Health Group notifying patients of April 2023 data breach

Beware The Phishing Storm: Can Businesses Weather The Attack?

Canada’s most prolific hacker is expected to make full restitution

Clorox says cyberattack caused $49 million in expenses

Elite Supplements customers targeted in cyber attack

Former CIA Hacker Gets 40 Years In Prison For Leaking Documents To Wikileaks

Joshua Schulte: Why former CIA hacker is sentenced 40 years in jail?

Mastodon vulnerability allows attackers to take over accounts

Mastodon Vulnerability Allows Hackers to Hijack Any Decentralized Account

Ransomware Attacks Target These 5 Sectors Most

Reports of data breach on Class Charts platform

The Philippines: Cyber attack on Overseas Workers Welfare Administration (OWWA) website foiled

The Philippines: Department of Information and Communications Technology (DICT) blocks cyber attack, traces threat origin from China

Total Health overcomes cyber attack and ensures the continuity of services for more than 4.8 million members

U.S. Sanctions 6 Iranian Officials for Critical Infrastructure Cyber Attacks

2nd February

23andMe hackers sought Jewish, Chinese customers’ data, class action alleges

Akira Ransomware Cripples Emergency Dispatch System

Anonymous Sudan Claims Flydubai Attack, Accuses Airline of Funding Rebels

Another Chicago hospital announces cyberattack

AnyDesk confirms production systems were breached

AnyDesk says hackers breached its production servers, reset passwords

Australian cyber ambassador slammed by Chinese embassy official over Beijing cyber attack accusations

Belarusian charged with crypto laundering

Blackbaud Must Improve Poor Security, Data Retention Practices to Avoid Future Breaches, Says Federal Trade Commission (FTC)

Botnet Attack Targeted Routers: A Wake-Up Call for Securing Remote Employees’ Hardware

BTC-e server admin indicted for laundering ransom payments, stolen crypto

CasaSpeciale Hit by Data Breach, AlphaTeam Claims Responsibility

Chicago children’s hospital network down as experts warn of rising cyber threats

Cloudflare Breach: Nation-State Hackers Access Source Code and Internal Docs

Cloudflare Fends Off 'Nation-State Attacker'

Cloudflare Hacked After State Actor Leverages Okta Breach

Cloudflare reveals Thanksgiving breach by 'sophisticated actor'

Cloudflare Suffers Breach After Failing to Rotate Stolen Okta Credentials

Credential Harvesting Vs. Credential Stuffing Attacks: What’s the Difference?

Crowdsourced security is not just for tech companies anymore

Cyber Attack on Indian Air Force: Attempt to Steal Data via Email

Cyber Attack on Mississippi Hospitals Jeopardizes Patient Info

Cyber Attack Takes Groton Public Schools, Connecticut, Offline

DDoS attack power skyrockets to 1.6 Tbps

Decoding KillNet 2.0 and Sylhet Gang-SG Cyberattack Plans for 2024

DirtyMoe Malware Infects 2,000+ Ukrainian Computers for DDoS and Cryptojacking

DraftKings Hacker Sentenced to 18 Months in Prison

EU adopts first cybersecurity certification scheme for safer tech

Europcar denies data breach amid alleged sale of customer info

Ex-CIA hacker who leaked secrets to WikiLeaks gets 40 years in prison

Fans' and players' personal information reportedly exposed in Football Australia data leak

FBI investigating Germantown cyber attack

FBI Reveals Chinese State Hacker Group Targeted U.S. Infrastructure

Football Australia data breach: Personal details of fans and players allegedly leaked

Former CIA employee sentenced to 40 years in prison

Former CIA Engineer Sentenced to 40 Years for Leaking Classified Documents

Former CIA Hacker gets jailed for 40 years due to information leaks

Former CIA Hacker Joshua Schulte Sentenced to 40 Years for Massive WikiLeaks Data Breach

Former CIA hacker sentenced to 40 years in prison for leaking documents to Wikileaks

Former CIA hacker sentenced to 40 years in prison over largest data leak in agency's history

Former CIA officer who gave WikiLeaks state secrets gets 40-year sentence

Global Ransomware Attacks Reached Record High in Past Year

Grasping the estimated cost of cybercrime: how recovery can cost US$5 million

Groton schools' internet outage from 'cyber-attack' under investigation

Hacker gang led by 'ElSwapo' is charged with stealing a staggering $477 MILLION from FTX on the day the crypto exchange declared bankruptcy

Hackers deploy login credentials they stole at Okta to hack Cloudflare

Hewlett Packard Data Breach: IntelBroker Alleges Sale of Sensitive Information

How Does Cybersecurity Services Prevent Businesses From Cyber Attacks?

How Huber Heights is faring two months after a ransomware attack

How One Small Click Led To Big Headaches For A Tax And Accounting Firm

How to Protect Your Webmail Account From Cyberthreats and Phishing

Indian Bank Data Breach Sparks Concern: Database Allegedly on Sale

Industry giants Clorox and Johnson Controls report financial losses from cyberattacks

INTERPOL Arrests 31 in Global Operation, Identifies 1,900+ Ransomware-Linked IPs

Interpol operation Synergia takes down 1,300 servers used for cybercrime

Interpol's latest cybercrime intervention dismantles ransomware, banking malware servers

Iran-linked hackers claim attack on Albania's Institute of Statistics

IRS, Adobe, and IC3: Top Scams of the Week

Is critical infrastructure prepared for Operational Technology (OT) ransomware?

Johnson Controls says it spent $27 million to remediate September ransomware attack

Joshua Schulte: Former CIA hacker sentenced to 40 years in prison

Knight Barry Provides Notice of Data Breach to Consumers Following Cyberattack

LockBit 3.0 Ransomware Targets Manchester Fertility Clinic

LockBit group targets Chicago hospital, demands $900,000 as ransom

LockBit Ransomware Rampage: 2 More Victims Added, Deadline Looms

LockBit Reigns Supreme in Soaring Ransomware Landscape

Lurie Children's Hospital took systems offline after cyberattack

Malicious logins from suspicious infrastructure fuel identity-based incidents

Massive Trello User Data Leak: Hacker Lists 15 Million Records on a Dark Web Hacking Forum

Mispadu Stealer’s New Variant Targets Browser Data of Mexican Users

More Ransomware Victims Are Declining to Pay Extortionists

New Phantom Hacker Scam Is Fooling US Citizens Into Liquidating Their Assets

New Year, New Old Tricks: Phishing Scammers Lure Victims with Fake Giveaways

'No loss of your banking data' says Shropshire venue as it works to kill spam email invader

Oxford Academy refers itself to Information Commissioner's Office (ICO) over data breach

Pro-Russian hacker group claims responsibility for DoS attacks on Finnish city websites

Ransomware group threatens to leak sensitive data from Virginia IT services firm with U.S. military contracts

Record-breaking year for global ransomware incidents

Ripple Executive Chairman Chris Larsen Says Hacker Accessed His Personal XRP Accounts

Romance Scam Victims Surge in 2023

Russian APT28 Hackers Targeting High-Value Orgs with NTLM Relay Attacks

Scots care charity target of huge cyber attack

Secret Service recovers nearly $3 million stolen from North Carolina housing authority in BEC scam

Tax return scammers flood Google with fake ads

Teen Chatting App Wizz Removed from Apple and Google Stores for Sextortion Concerns

Telefónica Breached Again: Hackers Claim to Sell Unauthorized Access

Telegram is Home to Many Scammers and Cyber Criminals Who Sell Many Phishing Tools at Cheap Prices

The 'Big Three’ ransomware groups are losing their grip on the industry as gangs begin to fracture, study shows

The Misbourne Great Missenden thanks parents after cyber attack

TRISTAR Insurance Group Announces Data Breach Affecting Insurance Customers

Understanding the Connection Between IoT Vulnerabilities and Home Network Intrusions

US sanctions Iranian military hackers for attacks on water facilities

US sanctions Iranian officials over cyber-attacks on water plants

US says it has thwarted major cyber attack by China

Water Companies Veolia North America and UK’s Southern Water Ransomware Attack and Data Breach Leaked PII

Why you should always change your logins after a data breach

Windsor Regional Hospital: Most major clinical systems back online after cyber attack

1st February (Change Your Password Day)

71% of businesses haven’t incorporated AI into physical security

All federal civilian agencies ordered to disconnect at-risk Ivanti products by Friday

Anonymous Sudan Claims DDOS Attacks on UAE’s Flydubai Airline

Beaumont Independent School District (BISD) phone system now back online with new vendor following ransomware attack

Change Your Password Day: Five Reasons to (Finally) Do It

CIA WikiLeaks Hacker Sentenced To 40 Years For Espionage And Child Pornography

CISA orders federal agencies to disconnect Ivanti VPN appliances by Saturday

CISA Warns of Active Exploitation of Flaw in Apple iOS and macOS

Civil society in Jordan under assault by NSO’s Pegasus spyware

Cloudflare hacked using auth tokens stolen in Okta attack

Cyber attack forces New Jersey's Freehold Township School District to shut schools

Cybersecurity In Numbers: Unpacking The Cybernomics 101 Report

Delaware Life Insurance Company Notifies Thousands of Recent Data Breach

Don’t Break The Bank: Stopping Ransomware From Getting The Best Of Your Business

Encore Bank Notifies Customers of Data Breach After Hackers Access an Employee Email Account

Europcar faces down alleged data breach controversy

Ex-CIA hacker who leaked secrets to WikiLeaks sentenced to 40 years

Ex-CIA software engineer sentenced to 40 years for giving secrets to WikiLeaks

Exposed Docker APIs Under Attack in 'Commando Cat' Cryptojacking Campaign

FBI disrupts Chinese botnet used for targeting US critical infrastructure

FBI Disrupts Chinese State-Backed Volt Typhoon’s KV Botnet

FBI Finds Chinese State Hacker Malware on Hundreds of U.S. Infrastructure-Related Routers

FBI shuts down Chinese hacker group Volt Typhoon’s Botnet

Federal contractor suffers data breach

Federal Trade Commission (FTC) Blasts Blackbaud's 'Shoddy' Practices in Ransomware Hack

Federal Trade Commission (FTC) Order Will Require Blackbaud to Delete Unnecessary Data, Boost Safeguards to Settle Charges its Lax Security Practices Led to Data Breach

Federal Trade Commission (FTC) orders Blackbaud to boost security after massive data breach

Federal Trade Commission (FTC) says Blackbaud’s lax security allowed hacker to steal sensitive data - and that’s just the beginning of the story

Federal Trade Commission (FTC) settles with Blackbaud over poor data practices leading to massive hack

Federal Trade Commission’s Amended Safeguards Rule Creates Unique Dilemma for Certain Organizations Who Have Experienced a Data Breach

Football Australia Accidentally Leaks Player and Fan Data

Football Australia investigating 'possible data breach'

Former CIA employee sentenced to 40 years in prison for largest data breach in agency history, other charges

Former CIA officer gets 40 years over largest data breach in agency history, other charges

FritzFrog botnet exploits Log4Shell, PwnKit vulnerabilities

FritzFrog botnet is exploiting Log4Shell bug now, experts say

FritzFrog Returns with Log4Shell and PwnKit, Spreading Malware Inside Your Network

Genuine or Scam? AI Is Making Detection Of Email Fraud Challenging

Georgia Secretary of State restricts Fulton County voter system access, citing recent cyber attack

GitHub Vulnerability: Key Rotation Amid High-Severity Threat

Google’s Bazel Exposed to Command Injection Threat

Hackers likely used ChatGPT to create fake data breach

Hackers Uncover Airbus EFB App Vulnerability, Risking Aircraft Data

HeadCrab 2.0 Goes Fileless, Targeting Redis Servers for Crypto Mining

How FBI deleted China malware from US routers

In 2023, Cybercriminals Were Still Using Social Engineering to Steal Your Credentials

India: 3.5 Million exposed in COVID-19 e-passport leak

India: Data Breach Exposes Information of 3.5 million e-pass Holders in Tamil Nadu

India-linked hackers target Pakistan with spyware in new campaign

India warns Apple users of major cyber attack. Here’s the list of devices at highest risk

Interpol arrests more than 30 cybercriminals in global ‘Synergia’ operation

Interpol-Led Initiative Targets 1300 Suspicious IPs

INTERPOL-led operation targets growing cyber threats

Is Your Remote Workforce Truly Safe? Three Reasons Zero-Trust is the Answer

Ivanti Releases Zero-Day Patches and Reveals Two New Bugs

Joshua Schulte: Former CIA hacker sentenced to 40 years in prison

Lawsuit Alleges 23andMe’s Data Breach Targeted Jewish and Chinese Users

LockBit Ransomware Gang Targets Hospitals: A Deep Dive into the Threat and How to Protect Your Data

LockBit shows no remorse for ransomware attack on children's hospital

Medical device maker Exactech breached

More Android apps riddled with malware spotted on Google Play

Nation-state actor used stolen Okta credentials in Thanksgiving attack, Cloudflare says

New Windows Event Log zero-day flaw gets unofficial patches

OpenText Cybersecurity Global Ransomware Survey: The Risk Perception Gap

Out of time? Top watchmaker Timex hit in data breach - but it says customers shouldn't be worried

Payment fraud is hitting organizations harder than ever before

Professional internet hacker shares his five tips to keeping your online data safe

PurpleFox malware infects thousands of computers in Ukraine

Ransomware and Cyber-extortion Trends in Q4 2023

Ransomware attack affects 5,700 in Huber Heights, 2,000 need credit monitoring

Ransomware attacks target these 5 sectors most

Ransomware Report Identifies New, Ongoing Threats

Ripple Co-Founder’s Personal XRP Wallet Breached in $112 Million Hack

Ripple Executive Chairman Chris Larsen Says Hacker Accessed His Personal XRP Accounts

Russian ransomware gang claims it stole ‘classified and top secret documents’ from US intelligence

Russian spies impersonating Western researchers in ongoing hacking campaign

Saint Anthony Hospital Confirms Recent Cyberattack, Resulting Data Breach of Patient Information

Shocking alleged data breach sees names, addresses and phone numbers of serving police staff shared on email

Singapore issues warning on rising ‘crypto drainer’ phishing scams

Student breached Fulton County, Georgia, school IT systems

Telegram is a Wide-Open Marketplace for Phishing Tools

The 2023 Data Breach Report and the 2024 Data Breach Industry Forecast

The State of Ransomware 2024

Threat actor used Vimeo, Ars Technica to serve second-stage malware

Timex Group says cyber attack compromised the data of over 3,000 current and former employees

U.S. Feds Shut Down China-Linked "KV-Botnet" Targeting SOHO Routers

Uber fined $11M for violating privacy of EU drivers

Ukraine says 2,000 computers of state firm were impacted in cyber attack

US Agencies Failure to Oversee Ransomware Protections Threaten White House Goals

US Thwarts Volt Typhoon Cyber Espionage Campaign Through Router Disruption

Warning: New Malware Emerges in Attacks Exploiting Ivanti VPN Vulnerabilities

What trends are driving cyber risk for North American companies?

Zero trust implementation: Plan, then execute, one step at a time

31st January

23andMe data breach targeted Jews

23andMe faces lawsuit as hackers sell information on users with Jewish heritage

79% of organizations faced a ransomware attack in H2 2023

$112 million stolen from founder of Ripple cryptocurrency platform

A zero-day vulnerability (and PoC) to blind defenses relying on Windows event logs

AI And 5G are Defining a New Era of Cybersecurity: The Industry Must Collectively Adapt

Alert: Ivanti Discloses 2 New Zero-Day Flaws, One Under Active Exploitation

Annual recovery costs from cybercrime soar up to $5 million for businesses

Bankers Life and Casualty Company Files Notice of Data Breach Impacting Thousands

Bucks 911 Communications Center Back Online After Outage

Bucks County's 911 dispatch system up and running after 9-day outage from cyber attack

Canada: Global Affairs investigating month-long data breach

Canada’s foreign affairs department hit by data breach

Canada’s foreign affairs department investigates data breach

Canadian government probes cyberattack and data breach at Global Affairs Department

Centennial Bank Files Notice of Data Breach with Texas Attorney General

CISA: Vendors must secure SOHO routers against Volt Typhoon attacks

CISA warns of patched iPhone kernel bug now exploited in attacks

Citibank Sued For Failing to Protect Fraud Victims

Confronting the SaaS Data Protection and Security Crisis

Crime bosses behind Myanmar cyber ‘fraud dens’ handed over to Chinese government

Critical Flaws Found in GNU C Library, Major Linux Distros at Risk

Cyber crime damage costs firms up to $5m annually

CyberArk releases online ransomware decryptor

Cybercriminals replace familiar tactics to exfiltrate sensitive data

Data Breach Response: What Are The Needed Steps To Be Taken By Businesses?

December cyberattack on Chicago community hospital claimed by LockBit gang

Delinea report highlights switch in ransomware techniques

Delinea research reveals that ransomware is back on the rise as cybercriminals’ motivation shifts to data exfiltration

Department of Justice (DOJ) disrupts Chinese hacker effort to use malware to hijack US-based routers

Des Moines Orthopedic Surgeons (DMOS) warns of data breach, expert says “it’s everything you’d want as a thief”

Dogecoin Community Tracks Down Hacker As MyDogeWallet Is Compromised Again

Drop in Ransomware Payments Suggest Futility in Paying Attackers

EU Launches First Cybersecurity Certification for Digital Products

Europcar denies data breach of 50 million users, says data is fake

Europcar dismisses data leak claims as AI fake

Exploit released for Android local elevation flaw impacting 7 OEMs

FBI disrupts Chinese botnet by wiping malware from infected routers

Football Australia leak exposes players’ details

Free ransomware recovery tool White Phoenix now has a web version

Global Affairs Canada Investigating Cyberattack and Data Breach

Hackers Exploit Trusted Platform Redirect Flaws For Phishing Attacks

Hackers Exploiting Ivanti VPN Flaws to Deploy KrustyLoader Malware

Hackers Hijacking MS-SQL Servers to Install Mimic Ransomware

Hackers obtain confidential information on Romanian officials after cyber attack at Parliament

Hackers push USB malware payloads via news, media hosting sites

Have you seen an orthopedic surgeon lately? Your data may have been compromised

How ransomware has changed and the groups to watch out for in 2024

India: Government Mandates Security Audit As Telecom Operators Face Massive Data Breach Affecting 750 Million Users

Indian Telecom Users' Data on Sale on Dark Web

Insurance Broker Data Breach Impacts 1.5 Million Individuals

Italian Businesses Hit by Weaponized USBs Spreading Cryptojacking Malware

Ivanti VPN Flaws Exploited to Spread KrustyLoader Malware

Ivanti warns of new Connect Secure zero-day exploited in attacks

Johnson Controls Lost $27M and Corporate Data in September Ransomware Attack

Johnson Controls says ransomware attack cost $27 million, data stolen

Kent councils say cyber incident disrupted public services and online operations

Lafayette Life Announces Third-Party Data Breach at First Financial Security, Inc. Compromised Customer Info

Leading Mobile Banking App Hit by IntelBroker Hackers, Sensitive Data Up for Sale

LoanPro Confirms December 2023 Data Breach Affecting an Unknown Number of Consumers

Louisiana Medical Group to Pay $480K Over Phishing Attack

Malaysian Telecom Provider, Aminia Hit by Pro-Israeli Cyberattack, Website Inaccessible

Massive Data Breach: 750 Million Indian Consumers at Risk, Cyber Security Firm Warns

Mercedes source code exposed via GitHub token leak

Microsoft Teams became a phishing highway for DarkGate malware

Microsoft Teams Exploited to Spread DarkGate Malware in Phishing Campaign

“More Groups, More Problems”: Searchlight Cyber Report Reveals Ransomware Groups to Watch in 2024

Most UK firms pay ransomware demands, despite ‘do not pay’ policies

Nearly 4-year-old Cisco vuln linked to recent Akira ransomware attacks

New Glibc Flaw Grants Attackers Root Access on Major Linux Distros

NoName Cyberattack Strikes Prominent Organizations in Netherlands

Pawn Storm’s Stealthy Net-NTLMv2 Assault Revealed

Phishing campaign spreads malware via Microsoft Teams

Planet Home Lending Discloses Ransomware Attack

Proactive cybersecurity: A strategic approach to cost efficiency and crisis management

Ransomware Attacks Are So Severe, Some Security Pros Are Being Hospitalized

Ransomware payment rates drop to new low – only 29% of victims are forking over cash

R00TK1T Breaches Backend Systems Of Local Comms And Network Solutions Provider Aminia

RunC Flaws Enable Container Escapes, Granting Attackers Host Access

Schneider Electric Energy Giant Confirms Cactus Ransomware Attack

Schneider Electric hit by ransom gang

Schneider Electric's Sustainability Division hit by ransomware attack and data breach

Securing Your SaaS Landscape: Closer Look at Disaster Recovery, Posture Management

Security leaders share thoughts on Schneider Electric ransomware attack

Sysdig Report Exposes 91% Failure in Runtime Scans

Telegram Is a 'Scammer's Paradise' Thanks to Cheap Phishing Tools

Telegram Marketplaces Fuel Phishing Attacks with Easy-to-Use Kits and Malware

The SEC Won't Let CISOs Be: Understanding New SaaS Cybersecurity Rules

Threat actors target Microsoft Teams using group chat invites

Tietoevry advances restoration after ransomware

Top 10 Tips to Prevent Ransomware: Safeguarding Your Digital Fortress

Two new Ivanti bugs discovered as CISA warns of hackers bypassing mitigations

U.S. Officials Detained a 19-year-old SIM-Swap Hacker

U.S. Treasury Imposes Sanctions on Alleged ISIS Cybersecurity Experts

Ukraine boasts of cyber attack on Russian Defense Ministry

US brokerage giant Keenan & Associates says August cyber attack impacted over 1.5m people

US Sanctions Egyptian IT Experts Aiding ISIS in Cybersecurity

US Sanctions Three for Cyber Work for ISIS

US Senators Propose Cybersecurity Agriculture Bill

Valheim Discord servers locked after hacker releases virus

Visa sued over ‘Vanilla’ gift card draining scam

30th January

1.5 Million Affected by Data Breach at Insurance Broker Keenan & Associates

3 Best Practices to Improve Threat Hunting

71% of Ransomware Attack Victims Refuse to Pay the Ransom

80% of Comments on Tweets from Famous Projects are from Phishing Scam Accounts

2023 was a 'record-breaking' ransomware year

2023 witnessed 68% more ransomware attacks than 2022

A mishandled GitHub token exposed Mercedes-Benz source code

After Cyber Attack, Freehold Township Schools Are Back - With Limits

Akira claims major ransomware attack on British cosmetics retailer Lush

Alleged ISIS cyber work prompts US sanctions on two Egyptian nationals

Alpha Ransomware Group Launches Data Leak Site on the Dark Web

ALPHV/BlackCat Hackers Claim Attack on Technica, Documents at Risk of Exposure

Apparel Giant VF Corporation’s Ransomware Attack Leaked PII of over 35 Million Customers

Approaching Complex Data Security for Small Businesses

Aussie fintech start-up Cape denies hacker’s data breach claim

Balancing AI benefits with security and privacy risks in healthcare

Barnsley Council at ‘high risk’ of cyber attack

Beware of Phishing Scams Targeting Crypto Users on Patreon

Beware of Phobos Ransomware Delivered via Office Document

Brazilian Feds Dismantle Grandoreiro Banking Trojan, Arresting Top Operatives

Brazilian police make arrests in Grandoreiro banking malware case

Breach of watchmaker Timex exposes thousands

Bucks County emergency dispatch system working again after cyberattack

Bucks County’s 911 computer system partially restored after ransomware attack

'Cactus' Ransomware Strikes Schneider Electric

Cactus ransomware gang claims the Schneider Electric hack

Can Microsoft Outlook Calendar Leak Your Password?

Canadian government investigating another hack at Global Affairs

China-Linked Hackers Target Myanmar's Top Ministries with Backdoor Blitz

Citibank sued over failure to defend customers against hacks, fraud

Clay County continuing to alert residents to October 2023 data breach

Companies aren’t paying ransoms like they used to

Cyber Events the Top Risk for Organizations in 2024

Cyberattack disrupts IT systems in Fulton County, Georgia

Cybersecurity Survey: What Keeps Brits Awake at Night?

Data Highlights Substantial Decrease in Ransom Payments, with Only 29% Complying in Q4 2023

Data leak at fintech giant reveals staff calling clients ‘idiots’

Data of 750 Million Indian Mobile Subscribers Sold on Hacker Forums

Delinea Research Reveals that Ransomware is Back on the Rise as Cybercriminals' Motivation Shifts to Data Exfiltration

Email Authentication Protocols: Preventing Phishing and Spoofing Attacks

Energy giant Schneider Electric hit by huge ransomware attack

EquiLend cyber hack exposes trade reporting dependence

Excessive Expansion Vulnerabilities Leave Jenkins Servers Open to Attacks

FBI: Scammers Are Sending Couriers to Collect Cash From Victims

FBI warns of scammers sending live couriers to collect money

FBI Warns of Tech Support Courier Scam Aiming at Cash and Metals

Fulton County computer systems still down after cyber attack

Georgia’s largest county confirms cyberattack causing widespread issues

Global Affairs Canada investigating ‘malicious’ cyberattack and data breach

Global Affairs Canada Investigates Major Cyberattack and Data Breach

Global Affairs Data Breach: VPN Hacked for Over a Month

Global Affairs investigating 'malicious' hack after VPN compromised for over one month

Global Ransomware Attacks Reach Record High for 2023, According to Corvus Insurance Q4 Ransomware Report

Hacker group R00TK1T claims its first victim in Malaysia

Hampered cyber attack councils in Kent report ‘data breach’

Hong Kong: Data breach notifications rose by nearly 50% in 2023, privacy watchdog finds

How SMBs can lower their risk of cyberattacks and data breaches

Hundreds of network operators’ credentials found circulating in Dark Web

Indian telecom regulator orders security audit amid alleged data breach of 750 million subscribers

Insurance Broker Keenan Says 1.5 Million Affected by Data Breach

Investor’s Business Daily Faces Potential Data Breach as 35,000 Email Records Surface for Sale

Italian Data Protection Watchdog Accuses ChatGPT of Privacy Violations

Juniper Networks Releases Urgent Junos OS Updates for High-Severity Flaws

Keenan & Associates alerts 1.5 million customers of data breach

Keenan & Associates Alerts 1.5 Million People That Hackers Accessed Data in Recent Breach

Keenan & Associates Data Breach Affects More Than 1.5 Million Individuals

Keenan notifies clients of data breach possibly affecting 1.5 million

LoanDepot class action alleges company failed to prevent massive data breach

Malaysian telco provider has data breach – again

Medusa ransomware group claims cyber attack on Kansas City transportation agency, demands $2m in ransom

Microsoft Teams exposed a gateway to deliver DarkGate malware

Microsoft Teams External Access Abuses to Spread DarkGate Malware

Microsoft Teams phishing pushes DarkGate malware via group chats

New Linux glibc flaw lets attackers get root on major distros

New research reveals the physical and mental toll of ransomware

New ZLoader Malware Variant Surfaces with 64-bit Windows Compatibility

Online ransomware decryptor helps recover partially encrypted files

Orange España Breach: Dark Web Flooded With Operator Credentials

Phishing attacks on Microsoft 365 accounts are peaking right now; users advised to pay close attention to emails

Police disrupt Grandoreiro banking malware operation, make arrests

Q4 Ransomware Report: 2023 ends as a record-breaking year

Ransomware Attack Hits Schneider Electric Sustainability Unit

Ransomware Incidents Hit Record High, But Law Enforcement Takedowns Slow Growth

Ransomware on the rise with mid-size companies a prime target

Ransomware payments are falling fast as victims refuse to pay

Ransomware Research Reveals Millions Spent Despite Do Not Pay Policies

Research shows cybercriminals’ motivation shifts to data exfiltration

Residents in 18 Minnesota Counties May Have Had Data Exposed

Roseburg’s daily newspaper misses first print edition in years after ransomware attack

Russian APT28 phishing Ukraine's military to steal login info

Rust Payloads Exploiting Ivanti Zero-Days Linked to Sophisticated Sliver Toolkit

Salesforce-based phishing attacks surge 109% since the start of 2024

Salud Total cyber attack: EPS confirms impact on services

Schneider Electric Confirms Data Accessed in Ransomware Attack

Schneider Electric confirms it was hit by ransomware attack

Schneider Electric confirms ransomware attack on sustainability division

Schneider Electric hit by Cactus Ransomware cyber attack

Schneider Electric Responding to Ransomware Attack, Data Breach

Schneider Electric Sustainability Business division hit by ransomware attack, customer data accessed

Self-managed GitLab installations should be patched again (CVE-2024-0402)

SlowMist reports 80% of X comments related to phishing software

Smart Vendor Security Is Key To Avoiding A Data Breach In 2024

South Africa: More than R30m lost to Passenger Rail Agency of South Africa (PRASA) in cyber-attack, theft

Tapping into the Potential of Generative AI in Cybersecurity

The Latest Identity Theft Methods: Essential Protection Strategies Revealed

The Netherlands: Six arrested for phishing fraud, at least 30 victims so far

The Ransomware Threat in 2024 is Growing

There was a 39% surge in data exfiltration cyberattacks in 2023

Toronto Public Library website partially restored but personal accounts still down

U.S. Disabled 'Pervasive' Chinese Hacking Network Targeting Presidential Election, Military Infrastructure, Taiwan Response

U.S. Postal Service phishing scams rising after post-holiday lull

UK House of Lords Calls For Legislation on Facial Recognition Tech

Unlocking sustainable security practices with secure coding education

URGENT: Upgrade GitLab - Critical Workspace Creation Flaw Allows File Overwrite

US charges two more suspects with DraftKing account hacks

US disables hacking network targeting critical infrastructure

US Government Takes Strategic Measures Against Chinese Hacking Campaign

Vastaamo hacker traced via ‘untraceable’ Monero transactions, police says

When hospital ransomware attacks target patients: A new trend to follow

Why you need to think before you scan that QR code

Windsor Hospital’s Journey to Cyberattack Rehabilitation: New Recovery Phase Announced

29th January

1.5 Million affected in insurance broker breach

23andMe says hackers accessed raw genotypes and family tree information of users

45,000 Jenkins servers exposed to Remote Code Execution (RCE) attacks using public exploits

Accounting Firm Sigrist, Cheek, Potter & Huyser Provides Notice of June 2023 Data Breach

AI will increase global ransomware threat, UK cyber security chiefs warn

Albabat, Kasseika, Kuiper: New Ransomware Gangs Rise with Rust and Golang

Alleged NoName Ransomware Attack Targets Multiple Organizations in a Single Day

Annual cost of recovering from cybercrime can be as much as US$5 Million

BianLian Ransomware Group Strikes Again, Targeting Two US-Based Companies

Binance issues warning amidst surge in WhatsApp phishing scams

British lawmakers question legality of live facial recognition technology

Canadian malware spreader gets 2 years in prison

Caravan and Motorhome Club responding to a major systems outage following a LockBit ransomware attack

CarePro Health Services Notifies Consumers of Recent Data Breach

Columbus Life Insurance Company Files Notice of Third-Party Data Breach at First Financial Security

Complete Care Health Network Experiences Data Breach Affecting an Estimated 313,973 Individuals

Concentra Confirms Patient Information Leaked in Third-Party Data Breach at Perry Johnson & Associates (PJ&A)

Consumer Financial Protection Bureau (CFPB) Data Breach Shows Danger of its Attempted Power Grab Over Fintech

Continuous Integration/Continuous Deployment (CI/CD) at Risk as Exploits Released For Critical Jenkins Bug

Covenant Care California Notifies an Unknown Number of Consumers of Data Breach Affecting Their SSNs

Critical Jenkins RCE flaw exploited in the wild. Patch now! (CVE-2024-23897)

Crypto Users Alarmed by Phishing Emails Impersonating Patreon

Cyber Attack In Georgia County Where Trump Is Charged

Cybercriminals embrace smarter strategies, less effort

Datadog Report Surfaces Pair of Sophisticated AWS Attacks

‘Delete Immediately’: Trezor Warns Users of Elaborate Phishing Emails and Large Scale Attack

Department of Homeland Security (DHS) employees jailed for stealing data of 200K U.S. government workers

Difference in Traditional Vulnerability Management vs. Risk-based Vulnerability Management

Energy giant Schneider Electric hit by Cactus ransomware attack

FBI: Tech support scams now use couriers to collect victims' money

Finland Follows the Money: Tracing Monero to Catch Hacker

Fix Available for Critical Jenkins Flaw That Leads to RCE Attacks

Freehold Township schools closed after cyber attack; other schools are vulnerable

Freehold Township, New Jersey, Cancels Classes Due to Cyber Attack

Global critical infrastructure faces relentless cyber activity

GoGet takes action against phishing scam: Multiple fraudulent websites discovered

Growing Number of Ransomware Victims Are Refusing to Pay

Hacker group R00TK1T threatens to attack Malaysia’s digital infrastructure

Higher cyber defenses lead to higher ransoms, study finds

Impersonating authorities accounts for 9% of all phishing attacks in Vietnam

Information Commissioner's Office (ICO) confirms data breach reports from Kent councils

Keenan & Associates Confirms Over 1.5 Million Affected in August 2023 Data Breach

Keenan warns 1.5 million people of data breach after summer cyberattack

Killnet 2.0 Emerges as a Dark Web Force; New Features and Capabilities Discussed

Lush cyber attack claimed by Akira ransomware gang

Malicious PyPI Packages Slip WhiteSnake InfoStealer Malware onto Windows Machines

Mercedes-Benz accidentally exposed sensitive data, including source code

Microsoft 365 users need to be on their guard - new phishing campaign could cause some serious damage, and it's being offered for sale for barely nothing to lure new criminals in

Microsoft Provides Defense Guidance After Nation-State Compromise

More than 5,000 Huber Heights residents impacted in ransomware attack

Named and shamed: For the first time, Australia enforces cyber sanctions against Medibank hacker

National Security Agency (NSA) Admits Buying American Browsing Records From Shady Markets

National Security Agency (NSA) Admits Secretly Buying Your Internet Browsing Data without Warrants

Nigeria Data Protection Commission (NDPC) investigating 17 major cases of data breach in Nigeria, earns N400 million

Nigerian 'Yahoo Boys' Behind Social Media Sextortion Surge in the US

Number of breach victims dropped 16% in 2023, but now the bad news...

Ohio city reveals nearly 6,000 affected by recent ransomware attack

Phishing Emails Pose as Patreon, Promoting Fake Crypto Projects

Phobos Ransomware Family Expands With New FAUST Variant

Planet Home Lending Notifies Nearly 200k of November 2023 Data Breach

Prioritizing cybercrime intelligence for effective decision-making in cybersecurity

Ransomware payments drop to record low as victims refuse to pay

Ransomware remains the most pressing security issue worldwide - but even schools are being targeted now

Ransomware’s Impact Could Include Heart Attacks, Strokes & PTSD

Researchers Uncover How Outlook Vulnerability Could Leak Your NTLM Passwords

Riding the AI Waves: The Rise of Artificial Intelligence to Combat Cyber Threats

The Intricacies of Atomic Stealer (AMOS) and the Emergence of Xehook Stealer on Dark Web

There was a 151% increase in government vulnerability submissions

Third-party risk management best practices and why they matter

Threat Actors Selling 1.8TB Database of Indian Mobile Users

Toronto Public Library website back online after ransomware attack

Ukraine’s prisoners of war agency hit by cyberattack

Unwanted emails from Patreon? Crypto users say it might be a phishing scam

US Senator Exposes National Security Agency (NSA) Purchase of Americans’ Internet Records

What to do when deep fakes break our trust

You've been hit by a data breach in New York. What should you do next? Here are first steps