Editor's Message

Welcome to DBD. 2023 has been the worst year on record for Data-Leaking Ransomware Attacks, and despite Law Enforcement gains, show no signs of slowing down. On a more positive note, our PRiSM platform continues to gain recognition and is now officially endorsed as a Ransomware Intelligence Resource by the SANS Institute. With that in mind, we would like to take this opportunity to thank you for all your very much appreciated and continued support. Stay safe. :)



Monday 8 January 2024

Data Breaches Digest - Week 2 2024

Welcome to this week's Data Breaches Digest, a catalogue of links concerning Data Breaches and Cyber Security that were published on the Internet during the period between 8th January and 14th January 2024.


14th January

6 Common Casino Scams to Avoid Online

A Look at the World’s 10 Largest Crypto Thefts of 2023

Attackers Taking Notice as Generative AI App Usage Among Enterprise Employees Increases by 400%

Aussie Travel Agency Data Leak Puts Thousands of Tourists at Risk

Australia Grapples with $33 Billion Annual Loss to Increasingly Sophisticated Cyberattacks

Capita hits back as pension holders look to sue over Russian-linked cyber attack

Cyber security in modern world

Data privacy and security in AI-powered education systems

Email users warned over dangerous messages that can empty your bank account – checks to stay safe

Expert warns Australia 'always under attack' by cybercriminals, with economy losing $33 billion each year to attacks

Framework Computer Customer Information Phished From Third-Party Vendor

Framework Laptop hacked, customer names and emails stolen

Keeping Scams Out of Scans

Lazarus robbed crypto firms of $293m in 2023; North Korea-linked group becoming more dangerous

New Findings Challenge Attribution in Denmark's Energy Sector Cyberattacks

Over 4k Solana users lost more than $4 million to phishing attacks last month

Ransomware attack targets global Lutheran group

Sextortion, fake digital loan apps and 5 other biggest online scams that netizens in India may face in 2024

Singapore: 219 DBS customers lose about S$446,000 to scams in 2 weeks

Solana: Phishing attacks cost users $4 million last month

The top 3 ways to protect your new devices online

The Top 10 Ransomware Groups of 2023

Ukrainian Hacker Arrested for $2M Crypto-jacking Scheme

Zimbabwe: Cybersecurity, data protection in hyper-connected era

13th January

5 US States Most Susceptible to Scammers

29-Year-Old Ukrainian Cryptojacking Kingpin Arrested for Exploiting Cloud Services

AI-Driven Cybersecurity: Transforming Defense Strategies for the Digital Age

Akira ransomware targets Finnish organizations

Babuk Ransomware Decryptor Updated to Recover Files Infected by Latest Variant

Beyond Convenience: Can You Trust Your Smart Home?

Beyond the Firewall: Why Soft Skills Are Cybersecurity’s New Superpower

Critical RCE Vulnerability Uncovered in Juniper SRX Firewalls and EX Switches

Cybersecurity Under Siege: BMW Websites Targeted

Family Healthcare notifying patients of November 2022 breach at Brady Martz & Associates

Framework, a modular laptop maker on the market after having an internal spreadsheet packed with personal data inked by fraudsters

Hacker spins up 1 million virtual servers to illegally mine crypto

Laptop Warriors – Who Are Hamas’ ‘Green Hat Hackers’, and Why They Terrify Israel

Modular laptop maker Framework contacts customers after phishing scheme hooks internal spreadsheet packed with personal data

‘No evidence’ SEC X account hacker accessed other systems

Social Network Security: Enhancing Your Online Safety

Toronto Zoo is the latest public institution hit by cybersecurity attack. Here's what it means for you

Ukrainian hackers successfully attack payment website of one of Russia's regional energy companies

Unravelling Retirement Banking Scams and How To Protect Yourself

Your washing machine could be sending 3.7 GB of data a day — LG washing machine owner disconnected his device from Wi-Fi after noticing excessive outgoing daily data traffic

12th January

76% of organizations believe that existing data protection measures will be unable to cope with ransomware threats

Act Now: CISA Flags Active Exploitation of Microsoft SharePoint Vulnerability

Akira ransomware attackers are wiping NAS and tape backups

Alabama law firm issues data breach notification

Apple Magic Keyboards are at risk from security attacks – update now to protect your Mac or iPad

Battling the Exploitation of Cloud Services in Global Conflicts

British cosmetics firm Lush confirms cyberattack

British Library cyber attack is a wake up call to the cultural sector

Cambridge Labour breaches personal data of 2,000 members

Canada: Phishing scam involving Fido leads Canadian Radio-Television and Telecommunications Commission (CRTC) to post a warning

Celcom, Malaysia’s Oldest Telco, Faces Cyber Threat: Source Code Sale at US$4000

China suspected to be behind Ivanti zero-day exploits

CISA: Critical Microsoft SharePoint bug now actively exploited

CISA Urges Critical Infrastructure to Patch Urgent Industrial Control Systems (ICS) Vulnerabilities

Cloud Atlas Phishing Attacks: Russian Companies Beware

Cloud security predictions for 2024

Critical GitLab flaw allows account takeover without user interaction, patch quickly! (CVE-2023-7028)

Cryptojacker abused compromised cloud accounts to mine €1.8 million

Cryptominers Targeting Misconfigured Apache Hadoop and Flink with Rootkit in New Attacks

Cyberattacks against Ukraine surged in 2023

Cybersecurity Measures For Remote Hiring: Ensuring Confidentiality And Data Protection

Double Trouble for Banco Promerica: RansomHouse and Snatch Escalate Cybersecurity Concerns

Elevated ransomware activity hit nearly 5,200 organizations in 2023

End-of-life Cisco routers targeted by China’s Volt Typhoon group

Fake Apple and Capital One Notifications: Top Scams of the Week

Federal Communications Commission (FCC) Asks Carmakers, Carriers How They’re Protecting Abuse Survivors

Federal Trade Commission (FTC) blocks data broker from selling information

Fidelity National Financial says 2023 cyber attack impacted over 1.3 million individuals

Genesis Global Trading loses crypto license, fined millions

GitLab warns of critical zero-click account hijacking vulnerability

Global Nonprofit Water For People Targeted by Medusa Ransomware With 9-Day Payment Ultimatum

Hackers can hijack your Bosch Thermostat and Install Malware

Hackers Impersonating as Security Researcher to Aid Ransomware Victims

Hacktivist Groups Allegedly Target Indian Police and Government in Cyberattack

Hathway Hit by Massive Data Breach: 41.5 Million Customers Exposed

Healthcare software company NASCO adds 1.6 million people to its list of MOVEit breach victims

HMG Healthcare faces data breach affecting 40 nursing facilities

How to Conduct a Successful Cybersecurity Exercise

How to Recover After Failing a Cybersecurity Audit

Human Error and Insiders Expose Millions in UK Law Firm Data Breaches

Hyundai India Resolves Data Breach Exposing Customer Names, Addresses, and Vehicle Details

Importance Of Effective Cyber Security For Businesses

In a landmark first, the Federal Trade Commission (FTC) bans US data broker from selling location data

Inspiring Vacations completes probe into cyber breach; sets record straight

Ivanti Connect Secure zero-days exploited to deploy custom malware

Juniper warns of critical RCE bug in its firewalls and switches

Lulzsec Hacktivists Leak American Bank Logins in Protest Against Yemen Airstrikes

Medusa Ransomware on the Rise: From Data Leaks to Multi-Extortion

Microsoft the most imitated brand for phishing

More Victims of Dallas Ransomware Attack Revealed

Nation-State Actors Weaponize Ivanti VPN Zero-Days, Deploying 5 Malware Families

National Australia Bank (NAB) warns of AI voice scams and QR code phishing targeting Australians

Newly Discovered Ivanti Secure VPN Zero-Day Vulnerabilities Allow Chinese Threat Actor to Compromise Systems

Oregon Pacific Bank discloses data breach, notifies affected individuals

Phishing for Trouble? AI-Powered Attacks Demand AI-Savvy Employees

Potential Data Breach at Indian Railways Institute of Mechanical & Electrical Engineering (IRIMEE): Over 900,000 Records Allegedly Leaked

Prevention is better than cure when it comes to cybersecurity

Pro-India Groups Target Maldivian Institutions Amid Rising Tensions

Prominent Native Title body confirms 'malicious' cyber attack

Ransomware attack on US Navy shipbuilder leaked information of nearly 17,000 people

Ransomware gang targets nonprofit providing clean water to world’s poorest

Russian hacker group stirs up uncertainty in Switzerland

Securities and Exchange Commission (SEC) hack: fallout could last for months, say experts

Securities and Exchange Commission's bitcoin ETF tweet fiasco may end in fraud charges, lawyers say

Singapore: Banks and telcos to be held accountable for customer phishing protection under new framework

Substack Hacked? Scammers Use ‘MetaMask Account Access’ Emails to Scam Petition Newsletter Subscriber Crypto Holders

Texas School Safety Software Data Leak Endangers Student Safety

The Confidentiality (Or Not) Of Cyber-Forensics In A Data Breach

The State of Open Source Cloud-Native Security

'Totally and utterly bereft' - the devastating repercussions of the British Library cyber attack

Underwriters concerned about ransomware and supply-chain attacks

Urgent: GitLab Releases Patch for Critical Vulnerabilities - Update ASAP

Vulnerability affecting smart thermostats patched by Bosch

Vulnerability Puts Bosch Smart Thermostats at Risk of Compromise

11th January

1.3 Million Fidelity National Financial (FNF) Customers' Data Potentially Exposed in Ransomware Attack

4 Internet Habits To Adopt To Prevent Scams

71% of drivers consider buying older cars due to data privacy concerns

98% of basic cybersecurity hygiene could prevent a cyberattack for most Non-Governmental Organizations (NGOs)

AI’s Impact on Cybersecurity: A Costly Transformation

Akira, again: The ransomware that keeps on taking

APAC Should Brace For Increased Phishing, Scams And Data Breaches In 2024

APIs are increasingly becoming attractive targets

Atomic Stealer Gets an Upgrade - Targeting Mac Users with Encrypted Payload

Attackers impersonate security researchers in extortion attempts

Attackers Taking Notice as Generative AI App Usage Among Enterprise Employees Increases by 400%

Australian Taxi Service Hit by Cyberattack Attributed to Russian Group

Babuk Tortilla ransomware dealt major blow with release of new decryptor – here’s how victims can recover their data

BlackCat ransomware attackers steal data of 1.3 million Fidelity National Financial customers

Bolstering South Africa’s Cyber Defenses: Policy Lessons from the 2021 Transnet Breach

CellNetix Pathology and Laboratories Confirms Recent Data Breach

China: Banks, insurers told to review cyber security

Chinese Hackers Exploit Zero-Day Flaws in Ivanti Connect Secure and Policy Secure

Cisco Fixes High-Risk Vulnerability Impacting Unity Connection Software

Critical Cisco Unity Connection flaw gives attackers root privileges. Patch now! (CVE-2024-20272)

Cyber-threat Throwback: 2023 Eruptions Spelling New-Year Disruptions

Cyberattack Hobbles LoanDepot; What To Do If Your Mortgage Company Is Hacked

Cybercriminals target critical infrastructure in 2023 cyberattack

Cybersecurity Challenges in the Hospitality Industry: Protecting Guest Data

Dallas Cyber Attack More Extensive Than First Thought

December sees the resurgence of Qbot and FakeUpdates

Dutch Man Deployed Stuxnet via Water Pump to Disable Iran’s Nukes

Embracing offensive cybersecurity tactics for defense against dynamic threats

Fake Airdrop for Ethereum, Solana, Tron Users Carried out by Scammers

Fallon Ambulance announces data breach affecting over 900,000 patients

Fallon Ambulance Service Under Investigation for Data Breach of Over 900,000 Patient Records

Federal Communications Commission (FCC) presses carmakers, wireless providers to protect domestic abuse survivors from stalking tools

Federal Trade Commission (FTC) Issues Its First-Ever Order Against a Data Broker

Fidelity National Financial discloses cyberattack previously linked to ransomware gang

Finland warns of Akira ransomware wiping NAS and tape backup devices

Framework discloses data breach after accountant gets phished

Further analysis of Denmark attacks leads to warning about unpatched network gear

Future-Proofing Cybersecurity in Drug Discovery

Hackers Stole Data of 1.3 Million Financial National Fidelity Users

Hackers turn to extorting cancer victims following treatment centre data breach

Halara probes breach after hacker leaks data for 950,000 people

Healthcare Tech Firm HealthEC Data Breach Impacted Nearly 4.5 Million Patients

Hillside Dental Practice software provider hit by 'serious' cyber-attack

History shows data breach costs increase year-over-year

How governments can win the cyber war

How to Protect Your Business from the Next API Breach

Indigo Sky Casino and Resort Discloses Massive Data Breach, Investigation Underway

Indigo Sky Casino Notifies Guests and Employees of Recent Data Breach

Indigo Sky Casino reports data breach; No financial data compromised

Insider cyber threats hamper South African firms

Inspiring Vacations says number of victims in data breach "significantly smaller" than reported

Is Your Organization at Risk? 71% of Companies Have Experienced Ransomware Attacks

Ivanti Connect Secure zero-days exploited by attackers (CVE-2023-46805, CVE-2024-21887)

Kansas’ chief justice blames Russian ransomware hackers for disabling court’s electronic systems

Mandiant: X Account Hacked in Brute-Force Attack Linked to ClinkSink Campaign

Mandiant's X Account Was Hacked in Brute-Force Password Attack

Mandiant's X Account Was Hacked Using Brute-Force Attack

Microsoft returns to the top spot as the most imitated brand in phishing attacks for Q4 2023

Microsoft's GitHub is being abused by hackers and ransomware groups. But can it be fixed?

Mirai-based NoaBot Botnet Targeting Linux Systems with Cryptominer

National Cyber Security Centre (NCSC) Publishes Practical Security Guidance For SMBs

National Insurance Board of Trinidad and Tobago (NIBTT) restores full services after ransomware attack

Nationwide Healthcare data breach impacting Brazos Valley patients

Netskope Report Surfaces Raft of Cybersecurity Challenges

New Balada Injector campaign infects 6,700 WordPress sites

New form of phishing: What is qishing and why is it dangerous?

New guidance to help small organisations use online services more securely

New PoC Exploit for Apache OfBiz Vulnerability Poses Risk to ERP Systems

New Python-based FBot Hacking Toolkit Aims at Cloud and SaaS Platforms

Ohio Lottery Confirms Data Breach, Customer Information Accessed

Ohio Lottery discloses cybersecurity incident potentially affecting customers and retailer data

Over 150k WordPress sites at takeover risk via vulnerable plugin

Over half of data breaches at UK law firms caused by staff, says new research

Prolific ShinyHunters hacker jailed, ordered to repay $5 million

Python’s Poisoned Package: Another ‘Blank Grabber’ Malware in PyPI

Ransomware incidents reported to UK financial regulator doubled in 2023

Ransomware-as-a-Service (RaaS) kits will be a problem in 2024

RE&S latest Singapore-listed company to be hit by spate of ransomware attacks

Recovery from cyberattack ‘on the horizon,’ Kansas Supreme Court chief justice says

Rise in cyber attacks as AI apps gain popularity among businesses

Russian-Based Group Behind Cyber Attack on Kansas Courts

SANS Institute Survey Surfaces State of Cybersecurity Defenses

Saudi Foreign Affairs Ministry Allegedly Hit by Major Data Breach, Exposing Over 1 Million Employees

Scam alert: QR codes to spoof websites can steal payment information, personal data

Security researcher finds sensitive documents from Chicago area school districts exposed online

SentinelLabs Details Discovery of FBot Tool for Compromising Cloud Services

St Vincent’s Health releases update on December cyber attack

Staff at fault for more than half of data breaches in the UK legal sector last year

Tax season is on its way and so is cybercrime: Cybersecurity considerations for tax firms

Team Liquid’s wiki leak exposes 118K users

The cost of dealing with a cyberattack doubled last year

The Cyber-Risks of Malicious Copycat Apps

The Iconic Customers Hacked

The Iconic denies responsibility for data breach

The Value of Security Awareness Training & Simulated Phishing

There is a Ransomware Armageddon Coming for Us All

Threat Actors Increasingly Abusing GitHub for Malicious Purposes

Toronto Public Library book returns stored in 12 trailers since cyber attack

Toronto Zoo says ransomware attack did not impact animal care or online ticket sales

Turkish Hackers Exploit MS SQL Servers to Deliver Ransomware

Two Ivanti Zero-Days Actively Exploited in the Wild

UK CISO’s are cowing to ransomware demands more than you think, here’s why they shouldn’t pay up

University of Wollongong (UoW) implements new cloud controls following data breach

US payroll giant UKG says data of 45k employees of a client was shared with five other companies

Water Curupira Hackers Spread PikaBot in Email Spam

Why Bring-Your-Own-Device (BYOD) Is the Favored Ransomware Backdoor

10th January

4 million users' data leaked in alleged Hathway data breach

5 cybersecurity trends to watch in 2024

23andMe Responds to Data Breach Lawsuit by Blaming Customers for Re-Using Passwords

Attack of the copycats: How fake messaging apps and app mods could bite you

Banking Online? Safeguard Your Accounts Against These 4 Scams

Bluetooth Trackers Exposed: Your Trusted Companion or a Security Nightmare?

British Library Online Main Catalogue Announcement Following Cyber Attack

CISA Flags 6 Vulnerabilities - Apple, Apache, Adobe , D-Link, Joomla Under Attack

CoinGecko's X accounts compromised in phishing attack

ConsensioHealth Experiences Data Breach Affecting Patients of Four Healthcare Providers

Crooks pose as researchers to retarget ransomware victims

Cyber Insecurity and Misinformation Top World Economic Forum (WEF) Global Risk List

Cyber-security management landscape of the Indian automation industry: Overview, challenges, action points

Cybercrooks play dress-up as 'helpful' researchers in latest ransomware ruse

Cybersecurity Automation with AI

Dubai residents lose thousands of dirhams to fake RTA, Global Village websites

Entire Brazilian population potentially put at risk by major data leak

ESO Solutions Healthcare Data Breach Impacts 2.7 Million

Even wireless tools aren't safe from ransomware attacks

Fake 401K year-end statements used to steal corporate credentials

Federal Trade Commission (FTC) Bans Outlogic (X-Mode) From Selling Sensitive Location Data

Fidelity National Financial: Hackers stole data of 1.3 million people

Fidelity National Financial (FNF) data breach that affected 1.3 million customers confirmed

Fidelity National Financial Details LoanCare Breach

Fidelity National now says 1.3M customers had data stolen by cyber-crooks

First responders look to technology to prevent cyberattacks

Fortifying Your Defenses: A Guide to Ransomware Preparedness in 2024

Free Decryptor Released for Black Basta and Babuk's Tortilla Ransomware Victims

French hacker from ‘ShinyHunters’ group sentenced to three years in US prison

Generative AI to open new cyberattack avenues

Getting off the Attack Surface Hamster Wheel: Identity Can Help

Global Takedown of Dark Web Marketplace xDedic and 19 Individuals for Cybercrimes

Google Accounts Compromised Through Ingenious Malware Exploit

Hackers are targeting exposed MS SQL servers with Mimic ransomware

Hackers hit Moscow internet provider in response to Kyivstar cyber attack

Hackers Using Weaponized PDF Files to Deliver Qakbot Malware

HMG Healthcare Says Data Breach Impacts 40 Facilities

Hundreds of Thousands of Dollars Worth of Solana Cryptocurrency Assets Stolen in Recent CLINKSINK Drainer Campaigns

India: Government pension portal for defence personnel SPARSH suffers data breach

India’s Cherrinet ISP leaks user data, exposes accounts to abuse attempts

India’s Shopping Giant Infiniti Mall Hit by Cyberattack: 280,000 Records Potentially Exposed

Industrial control systems cyber threats and the Gulf region

Instances of data encryption during ransom attack on healthcare companies highest in 3 years

Israeli cyber frontlines: Inside the digital warfare of the war with Hamas

Ivanti customers urged to patch vulnerabilities allegedly exploited by Chinese state hackers

Ivanti warns of Connect Secure zero-days exploited in attacks

LoanDepot takes systems offline to deal with a serious ransomware incident

LockBit ransomware group stole 7TB of medical data from Capital Health's network

Maldives government website down after suspected cyber attack; hackers claim to be Indians

Maldivian Juvenile Court Website Hacked Amid India-Maldives Cyber Spat

Malware Takedowns Show Progress, But Fight Against Cybercrime Not Over

Mandiant's X account hacked by crypto Drainer-as-a-Service gang

Merck reaches settlement with insurers over $1.4bn NotPetya cyber attack

Microsoft Fixes 12 RCE Bugs in January Patch Tuesday

Microsoft Returns to the Top Spot as the Most Imitated Brand in Phishing Attacks for Q4 2023

Microsoft's January 2024 Windows Update Patches 48 New Vulnerabilities

Navigating cyber risk in the supply chain

New Android RAT with Line Crypter Up for Sale on Telegram: Privacy at Risk

New financial scams pose a growing threat in 2024

Nim-Based Malware Alert: Decoy Word Docs Unleashes Threats

NoaBot: Latest Mirai-Based Botnet Targeting SSH Servers for Crypto Mining

NoName Cyberattacks Escalate, Targeting Diverse Sectors in Finland

North Carolina County Still Guarding Cyber Attack Details

North Kansas City Hospital Confirms Patient Data Leaked in Perry Johnson & Associates Data Breach

One in four UAE companies suffered from malicious actions by staff

Only 4% of US States Fully Prepared for Cyber-Attacks Targeting Elections

PHI Exposure Reported by Lone Peak Physical Therapy and First Choice Dental

Pro-Ukraine hackers breach Russian ISP in revenge for KyivStar attack

Protecting Healthcare AI from Cyber Threats

Ransomware prevention a focus for storage stewards in 2024

Regulating Cybersecurity: Safeguarding the digital realm

Russian telecom targeted by Ukrainian hacktivists as payback for Kyivstar

Russian-based group behind cyber attack on Kansas courts, state chief justice says

Secure Your Investments: Cryptocurrency Safety Practices

Securities and Exchange Commission (SEC) account hack renews spotlight on X's security concerns

Securities and Exchange Commission (SEC) X Account Hacked, False Bitcoin ETF Tweet Causes Market Fluctuation

Securities and Exchange Commission (SEC) X (Twitter) Account Hacked, Spreads Fake News About Bitcoin ETFs

Securities and Exchange Commission’s X account hacked, leading to bitcoin market stir

Securities and Exchange Commission’s X account hacked to post fake news of Bitcoin ETF approval

Sensitive Data Discovery: The First Step in Data Breach Protection

Sensitive patient data exposed in Navvis & SSM Health data breach

ShinyHunters member gets 3 years in prison for breaching 60 firms

Sinister website clue reveals you’re about to have your bank emptied - 7 checks everyone must make

Staying Secure with IoT Live Patching: A Game-Changing Strategy

Texas-based care provider HMG Healthcare says hackers stole unencrypted patient data

The Evolution and Rise of Stealer Malware

Threat Actors Taking Advantage of Open Enrollment, 401K Updates, and other Timely HR Initiatives

Tiger Wheel & Tyre parent hit with ransomware attack

Tracing The Shadowy Services Of The Dark Web

Turkish ransomware campaign hacks into weak MSSQL servers

Twitter: Securities and Exchange Commission's Account Was Hijacked Through a SIM-Swap Attack

UK government accused of being misleading over new laws affecting encryption

UK is “hostage to fortune” from ransomware attacks

Ukrainian “Blackjack” Hackers Take Out Russian ISP

US Securities and Exchange Commission Probes X Account Hack

User IDs and passport data leaks for 230K crypto users in Iran

Wallet Drainers Stole Over $295 Million From Over 300K Victims in 2023

Water Curupira Hackers Launch Pikabot Malware Attack on Windows Machine

What is a ransomware decryptor?

What is a Secure Web Gateway? Uses, Features & Benefits of SWG

Who Hacked Securities and Exchange Commission (SEC) X (Twitter) Account? Rumors Swirl Around ID of Pranksters Who Had Crypto World Buzzing

X blames Securities and Exchange Commission (SEC) for account takeover as commission begins investigation

X says hacker used third party to gain access to US government account

‘Yet another Mirai-based botnet’ is spreading an illicit cryptominer

YouTube videos used to spread malware

9th January

62% of IT and security teams are remediating exposures

82% of Companies Struggle to Manage Security Exposure

Action Fraud warn people to be vigilant over Temu scam emails

African Bank Data Breach: Unverified Claims of Customer Data on Sale

AI marked as top cybersecurity challenge for next year

Akira Ransomware Allegedly Targets Van Buren Public School, Leaks Sensitive Data

Alert: Chinese Threat Actors Exploit Barracuda Zero-Day Flaw

Alert: New Vulnerabilities Discovered in QNAP and Kyocera Device Manager

Alert: Water Curupira Hackers Actively Distributing PikaBot Loader Malware

Attack on defense contractor Ultra Intelligence & Communications leaks military details

Attackers could use vulnerabilities in Bosch Rexroth nutrunners to disrupt automotive production

Australia: Unprecedented Data Breach Hits 413 Consulting Firms - Fallout and Reactions

Australian Travel Agency Inspiring Vacations Hit by Data Breach: Passport Details Exposed

Beware! YouTube Videos Promoting Cracked Software Distribute Lumma Stealer

British Library in peril: Cyber attack could cost up to £7m

Carrefour suffers a cyber attack in Financial Services that exposes users' personal data

China claims it cracked Apple's AirDrop to find numbers, email addresses

China claims to have cracked AirDrop encryption

CISA warns agencies of fourth flaw used in Triangulation spyware attacks

Clop ransomware gang takes out dubious top spot as most prolific operator of 2023

Cloudflare Report Surfaces Lots of API Insecurity

Crypto Payment Gateway CoinsPaid Hacked Yet Again

Cyber attack prompted closure of Jules B in Harrogate

Cyber Breach: Netgear and Hyundai MEA Twitter Accounts Hacked

Cybersecurity Deals Boom as Investment Dips, Pinpoint Reports

Cybersecurity trends: IBM’s predictions for 2024

December 2023’s Most Wanted Malware: The Resurgence of Qbot and FakeUpdates

Deciphering Cybersecurity Vulnerabilities Requires Context

Decryptor for Babuk ransomware variant released after hacker arrested

Dell reveals data protection risks amid the rise of genAI and multicloud

Discover the Consequences of a Data Breach

Edmonds School District says last year's cyber attack impacted about 238,000 individuals

EdTech Security Challenges to Overcome in 2024

Entire population of Brazil possibly exposed in massive data leak

Expanded Homeland Security report sheds more light on Arizona school voucher data breach

Extent of ransomware attack in Paraguay downplayed

Fallout Mounting From Recent Major Health Data Hacks

Federal Trade Commission (FTC) bans data broker from selling Americans’ location data

Federal Trade Commission (FTC) settles unprecedented case against geolocation data broker

Female cyber pros group targeted in phishing scam

Fidelity National Financial says hackers stole data on 1.3 million customers

Flaw in AI Plugin Exposes 50,000 WordPress Sites to Remote Attack

Gift or Grift? Beware of Phishing Scams Amid New Year Deals and Offers

Hacker Compromises Securities and Exchange Commission's Twitter Account to Promote Bitcoin ETFs

Hackers can infect network-connected wrenches to install ransomware

Hackers discover way to access Google accounts without a password

Hackers hit Moscow internet provider in response to Kyivstar cyber attack

Hackers target Microsoft SQL servers in Mimic ransomware attacks

Hal Leonard Australia Targeted in Alleged Qilin Cyber Assault

Halara in Crisis: Alleged Data Breach Exposes 1 Million Records

Huge data breach at Tameside Council

If you prepare, a data security incident will not cause an existential crisis

India: Mishandling of Praja Palana application forms raise concerns of data breach in Telangana

Indian ISP Hathway Data Breach: Hacker Leaks 4 Million Users, KYC Data

InHealth Technologies Responds to Data Breach Affecting Customer Health Information

Integris Health faces federal lawsuits amid data breach; dark web extortion alleged by victims

Jamaica: National Housing Trust (NHT) Warns Contributors of Phishing Attacks

Kenya Airways Hit by Significant Ransomware Attack: Confidential Data Leaked

Latest Phishing Scam Targets OpenSea NFT Security

LoanDepot Confirms Ransomware Attack in SEC Filing

LoanDepot customer portal down after weekend ransomware attack

LoanDepot Cyberattack: Critical Systems Offline as Rapid Response Unfolds

LoanDepot Takes Systems Offline Following Ransomware Attack

LockBit Ransomware Claims Capital Health Cyberattack

McAfee’s Mockingbird AI Tool Detects Deepfake Audio with 90% accuracy

Merck rakes in $1.4 billion insurance over NotPetya attacks

Microsoft fixes critical flaws in Windows Kerberos, Hyper-V (CVE-2024-20674, CVE-2024-20700)

Microsoft January 2024 Patch Tuesday fixes 49 flaws, 12 RCE bugs

National Security Agency (NSA) Official Sounds Alarm Over Hackers Using AI for Phishing Schemes

Network-Connected Torque Wrench Used in Factories Is Vulnerable to Ransomware

New cross-platform threats come to light

New Decryption Key Available for Babuk Tortilla Ransomware Victims

New York Attorney General forces healthcare firm to invest $1.2 million in cybersecurity after ransomware attack

New York Attorney General’s Verdict: Refuah Health Center to Invest $1.2M in Cybersecurity Overhaul

Nigerian gets 10 years for laundering millions stolen from elderly

Nigerian Gets 10 Years For Laundering Scam Funds

Nigerian national who laundered funds from romance and BEC scams gets 10-year sentence

NoName057 Ransomware Group Launches DDoS Attacks on German and Ukrainian Websites

Online services down for German craft associations following ‘security incident’

Organizations behind on cloud security, even as cloud investments surge

New York State Attorney General: Refuah must invest $1.2M to secure patient records after cyberattack

Paraguay military warns of ‘significant impact’ of ransomware after attack on internet provider

Paraguay warns of Black Hunt ransomware attacks after Tigo Business breach

Phishing, Disinformation Top 2024 Election Security Concerns

ProxyShell-targeting Babuk Tortilla ransomware decrypted after hacker’s arrest

Ransomware attacks nearly double in 2023

Ransomware victims targeted by fake hack-back offers

San Bernardino County's Housing Authority says June data breach impacted close to 20,000 residents

Saudi Ministry exposes sensitive data, risking government systems and citizen privacy

Securing AI systems against evasion, poisoning, and abuse

Securities and Exchange Commission (SEC) X account compromised, used to spread false bitcoin announcement

Security check: how insurers become auditors of your cyber-security

“Security researcher” offers to delete data stolen by ransomware attackers

Signal messages for Armed Forces of Ukraine (AFU) and Israel Defense Forces (IDF) recruiting contained malware

SQLi vulnerability in Cacti could lead to RCE (CVE-2023-51448)

St Vincent’s stays silent on cyber attack

Study reveals cyber risks to US elections

Syrian group Anonymous Arabic distributes stealthy malware Silver RAT

The critical importance of HR in cyber-security

The Iconic pledges to refund customers charged for bogus orders after hack

The Iconic promises to issue refunds to hacked customers

The Rise of Dual Ransomware Attacks

Threat Actors Target Microsoft SQL Servers in Mimic Ransomware Attacks

Toronto Zoo Defends Against Ransomware Attack, Investigation Underway

Toronto Zoo hit by ransomware attack

Toronto Zoo says it remains open after ransomware attack

Toronto Zoo says it's experiencing a cyberattack but operations, website not affected

Turkish Hackers Exploiting Poorly Secured MS SQL Servers Across the Globe

Turkish hackers targeting database servers with Mimic ransomware

UK: Ministry of Defence (MoD) reported to have weakest cybersecurity in Whitehall

Ukrainian military targeted in new phishing attacks in Signal messenger

Understanding zero-trust design philosophy and principles

US Securities and Exchange Commission’s X account hacked to announce fake Bitcoin ETF approval

Vulnerabilities found in high-power Bosch wrenches popular with carmakers

Web3 Lost $1.7 Billion to Hackers, Scammers in 2023 - How to Stay Safe

Why did cyber attackers go after the Toronto Zoo?

Why Public Links Expose Your SaaS Attack Surface

8th January

4 key takeaways from NIST’s new guide on AI cyber threats

68% of organizations face risks due to cybersecurity skills shortage

2023 was the worst year ever for online cyber attacks, report claims

A cyberattack has affected museums in the United States

Anti-Hezbollah Groups Hack Beirut Airport Screens

Are Hackers Gaining Access to Google Accounts Without Passwords? Here's What We Know

AsyncRAT Infiltrates Key US Infrastructure Through GIFs and SVGs

Awareness Of SIM Card Hacking: Risks And Prevention

Bangladesh election app faces cyber attack from Ukraine, Germany

Bangladesh official alleges cyberattack ‘from Ukraine and Germany’ targeted election

Beirut Airport Screens Hacked with Anti-Hezbollah Message

Bit24.cash Refutes Data Breach Allegations Amid Security Concerns

BlackCat Ransomware Gang Recovers From Early December Law Enforcement Operation, Restores Websites Seized by Department of Justice (DOJ)

British Library: Finances remain healthy as ransomware recovery continues

British Library cyber attack costs still unconfirmed

British Library ransomware attack could cost up to £7m

British Library says final cost of cyber attack is ‘not confirmed’

Bunker Hill Community College says May data breach impacted close to 200,000 individuals

Businesses can't survive without their IT systems - and they're under attack more than ever

Can hackers get into your Google account without a password?

Capital Health attack claimed by LockBit ransomware, risk of data leak

Capital Health Hit by Cyberattack: Traces of LockBit Foul Play Emerge

Carta faces allegations of unauthorized use of confidential information

CINQ CARE Notifies an Unknown Number of Patients of Recent Data Breach

Colorado wellness company suffers data breach

Crypto Gateway CoinsPaid Loses $7.5M in Hacker Attack

Crypto Gateway CoinsPaid Reports $7.5M Heist

Cyber financial crimes from Cambodian soil worries Indian agency

Cyberattack Hits Maldives Government: Websites Recover Amid Diplomatic Tensions

Data Breach Hits US Department of Transportation, Aviation Records Compromised

Department of Energy (DOE) Puts Up $70 Million to Secure US Energy Infrastructure

Department of Justice (DoJ) Charges 19 Worldwide in $68 Million xDedic Dark Web Marketplace Fraud

Ditching passwords in favor of passwordless, phishing-resistant authentication

Email Accounts Compromised at The Foleck Center, Mountain Dermatology Specialists

Federal Communications Commission (FCC) Adopts Data Breach Notification Rules for Telecommunications Providers

Flagstar Bank says MOVEit data breach impacted 25k more people than initially believed

Fleeting fake delivery phishing campaign targeted last-minute shoppers

Gold Rush on the Dark Web: Threat Actors Target Twitter Gold Accounts

Google Accounts Hacked Without Need for Passwords

Google can tell you if your password or personal information was leaked on dark web; here’s how

Hacker of Maharashtra Director General of Police's account held in Rajasthan

Hackers are targeting a WordPress security flaw that was supposed to have been fixed

Hackers disrupt Beirut airport with anti-Hezbollah message

Half a million users' data exposed in MyEstatePoint property search app leak

HHS Issues First Settlement for HIPAA Violations Related to a Ransomware Attack

How to Reduce Your Attack Surface

Hundreds of museums hit by cyber attack

Iranian cryptocurrency exchange denies massive data breach

It's Time to Take a Modern Approach to Password Management

Kenya Airways attack allegedly exposes passenger details

Kenya Airways suffers minor data breach but operations not impacted

LoanDepot mortgage lender hit with cyberattack

LoanDepot the latest in mortgage sector to grapple with cyber attack

LockBit claims November attack on New Jersey hospital that disrupted patient care

LockBit ransomware attack on US healthcare organisation avoids encrypting data to protect patients

Long-existing Bandook RAT targets Windows machines

Massive data breach hits India's SPARSH pension portal

Massive Data Leak at India’s SPARSH Pension Portal Puts Defense Personnel at Risk

Merck Settles With Insurers Over $700m NotPetya Claim

Michigan Hospital hacks prompt Attorney General to seek stronger state law to protect patients

Ministry of Defence (MoD) cybersecurity worst in Whitehall, figures reveal

National Automobile Dealers Association Cyberattack: Sensitive Data Allegedly Leaked

Navigating the cyber sea: How to surf safely without fear of being phished

Netgear, Hyundai latest X accounts hacked to push crypto drainers

Nineteen individuals charged for participating in illicit marketplace xDedic

NIST Warns of Security and Privacy Risks from Rapid AI System Deployment

NoName on Rampage! Claims DDoS Attacks on Ukrainian Government Sites

North Korea's Cyber Heist: DPRK Hackers Stole $600 Million in Cryptocurrency in 2023

North Korean Hackers Stole $600m in Crypto in 2023

North Korean hackers stole $600M in crypto in just one year

Optionis (now Caroola Group) hit with ICO reprimand over ransomware attack from 2022

Orrick, Herrington & Sutcliffe breach total jumps to over 600K impacted

Orrick, Herrington & Sutcliffe Data Breach Affected 637,000 Individuals

Payroll Services Provider UKG Inc. Announces Data Breach

Philippines turns to hackers for help as US warns of China cyber threat

Poisoned Data, Malicious Manipulation: National Institute of Standards and Technology (NIST) Study Reveals AI Vulnerabilities

Prolific ransomware groups intentionally switch on remote encryption for attacks, Sophos finds

Prospect Medical Holdings Confirms August 2023 Data Breach Affected Employees of BJs Wholesale Club

Ransomware attack hits Paraguayan Armed Forces?

Ransomware gang takes credit for Christmas attack on global Lutheran organization

Saudi Arabian Ministry exposed sensitive data for 15 months

Scammers impersonate crypto journalists with malicious Calendly links on X

Security and Exchange Commission (SEC) Cyber Incident Reporting Rules Pressure IT Security Leaders

Security Firm Certik’s Account Hijacked to Spread Crypto Drainer

Simple cyber security measures for SMBs to ensure a safer digital landscape

Social engineer reveals effective tricks for real-world intrusions

Southeastern Orthopaedic Specialists Notifies Patients of Recent Data Breach

Strengthening Cyber Defenses: The Dynamic Role of DNS in Phishing Prevention

Swiss Air Force sensitive files stolen in the hack of Ultra Intelligence & Communications

Syrian Hackers Distributing Stealthy C#-Based Silver RAT to Cybercriminals

Tech Intelligence: Promises in the dark

The Beirut International Airport Cyberattack: What Happened?

The cyber-attack that targeted Beirut Airport disrupted the baggage inspection system known as BHS, and police dogs were used to complete the operation

Time for Companies to Vanquish Ransomware Threat

Top 10 Cyberattacks of 2023

Toronto Zoo: Ransomware attack had no impact on animal wellbeing

Toronto Zoo hit by cyberattack

Toronto Zoo to remain open while investigating effects of cyberattack

Turkish APT Sea Turtle Resurfaces, Spies on Dutch IT Firms

Turkish ‘Sea Turtle’ hackers target Dutch companies in espionage campaign

Understanding the Risks: How Cybersecurity Threats Can Impact Your Business

Unifying Security Tech Beyond the Stack: Integrating SecOps with Managed Risk and Strategy

Unverified Claim of Major Data Breach at U.S. Department of Transportation

US retail mortgage lender LoanDepot struggles with cyberattack

What’s new for ransomware in 2024?

Wiper malware found in analysis of Iran-linked attacks on Albanian institutions

YouTube Channels Hacked to Spread Lumma Stealer via Cracked Software