Editor's Message

Welcome to DBD. 2023 has been the worst year on record for Data-Leaking Ransomware Attacks, and despite Law Enforcement gains, show no signs of slowing down. On a more positive note, our PRiSM platform continues to gain recognition and is now officially endorsed as a Ransomware Intelligence Resource by the SANS Institute. With that in mind, we would like to take this opportunity to thank you for all your very much appreciated and continued support. Stay safe. :)



Monday 15 January 2024

Data Breaches Digest - Week 3 2024

Welcome to this week's Data Breaches Digest, a catalogue of links concerning Data Breaches and Cyber Security that were published on the Internet during the period between 15th January and 21st January 2024.


21st January

Action Fraud warn people to remain vigilant over scam emails

API Security: The Sleeping Giant of Cybercrime – Wake Up Before It’s Too Late

Avoiding Risky Websites On Open Hotspots: A Safety Guide

Coventry school reprimanded for data breach after IT system 'hacked three times'

Cyber crooks as organised as IT companies they target

Cybercrime, the 10 most widespread malware in Italy

Cybersecurity Spending Takes a Sharp Turn In 2024

Fintech industry for kids faces cybersecurity risks

Hotspot Password Hacking: Myth Busting And Security Tips

Major US Sandwich Chain Falls Victim to Lockbit Ransomware Attack

Mitigating risks in digital transactions: Emphasising data privacy, security and cyber defence

Philippines ransomware attacks up by 100%

Ransomware attack affecting Tietoevry’s services for some customers in Sweden

Recognizing And Avoiding Malicious Hotspots

Senior Microsoft Employee’s Email Account Breached in Cyber Attack

Subway claimed by LockBit ransomware

Tietoevry ransomware attack causes outages for Swedish firms, cities

WARNING: ‘Password Mistake’ Hack Could Target Millions of Android and iPhone Users in Seconds!

Watch out for "I can't believe he is gone" Facebook phishing posts

What is credential stuffing and how can I protect myself?

20th January

BreachForums Admin Avoids Prison Term

Chainalysis Reveals Decline in Crypto Crime, Stablecoins Emerge as Preferred Choice

Chinese Hackers Silently Weaponized VMware Zero-Day Flaw for 2 Years

CISA Issues Emergency Directive to Federal Agencies on Ivanti Zero-Day Exploits

CISA, FBI, EPA Release Cyber Incident Response Guide for Water and Wastewater Systems Sector

Court charges developer with hacking after cybersecurity issue disclosure

Dark web market trends: last year in review and projections for 2024

Dark Web’s Layer7Booter IP Stresser Now Threatens Public Internet Security

Dozens of Argentine Payoneer users report hackings and emptied accounts

Entire city popular with Brit tourists shut down after hackers demand £10 million ransom

Former BreachForums Admin ‘Pompompurin’ Receives 20-Year Supervised Release

India: Big data breach threat from Chinese chips in government biometric attendance

Invoice Phishing Alert: TA866 Deploys WasabiSeed & Screenshotter Malware

Joint Advisory by FBI, CISA, Treasury, and FinCEN Sheds Light on Karakurt Data Extortion Group’s Evolving Tactics

Microsoft Executives’ Emails Breached by Russia Hackers

Microsoft suffers Russian fueled nation-state attack

Microsoft's 'Senior Leadership' Emails Compromised by Russian Hacker Group

Microsoft's Top Execs' Emails Breached in Sophisticated Russia-Linked APT Attack

Navigating Cybersecurity Challenges in Forex Trading Platforms: A Guide to Staying Protected

North Face, Vans maker VF Corp admits 35.5 million impacted in December breach

Ransomware attack spreads to Tilbury District Family Health Team

Researchers link 3AM ransomware to Conti, Royal cybercrime gangs

Stay Safe In The New Year With Enterprise Security Practices At Home

Strengthening cybersecurity for government agencies, water districts is vital

Think Twice Before You Take a Fun-Looking Online Quiz - A Hacker Might be Behind It

Trezor discloses 66K users affected by phishing attack

US9524901185421 scam explained

19th January

7 Crucial Online Safety Guidelines You Need to Know

71 Million Compromised Email Accounts Listed Online, How to Check Yours

71% of Australian small businesses view cyber attacks as major risk

81 percent of security pros say phishing is the top threat

82% of Indian Firms Increasing Cybersecurity Investments Amid Rising Cyber Threats in 2024

Apple, Qualcomm, and AMD GPUs flawed

Arrowhead Regional Computing Consortium (ARCC): Letters sent out to former students, employees of school districts about a data breach

Australian Companies Hit By Data Breaches in January 2024

Bosch fixes torque wrenches that could be hacked to display incorrect specs

BreachForums hacking forum admin sentenced to 20 years supervised release

Carnegie Mellon University hit by cyber attack last August

Chinese hackers exploit VMware bug as zero-day for two years

CISA emergency directive: Mitigate Ivanti zero-days immediately

CISA’s 1,200 pre-ransomware alerts saved organizations millions in damages

Citrix Patches 2 Actively Exploited NetScaler ADC and Gateway Zero Days

Critical “PixieFail” Flaws Expose Millions of Devices to Cyberattacks

Cyber attack in Merseyside as 'immediate steps taken'

Cyberattack hits three English councils at once, as outsourcer Civica denies blame

Cyberattacks Spike By 15% In India, 2138 Weekly Attacks Per Organisation

December 2023 data breach roundup

Digital nomads amplify identity fraud risks

Don’t Take The Bait: How To Prevent A Phishing Attack

ELO accounting data breach sparks tax fraud

Experts Urge Clearer Direction in South Africa's Cyber Strategy

Experts Warn of macOS Backdoor Hidden in Pirated Versions of Popular Software

Facebook users monitored by thousands of companies

Federal Trade Commission (FTC) bans one more data broker from selling your location info

Federal Trade Commission (FTC) bans Texas media company from sharing location data

Financial platform Payoneer blames account hacks on phishing campaign

Finnish Hacker Denies Role In Psychotherapy Clinic Attack

Four-in-ten employees sacked over email security breaches as firms tackle “truly staggering” increase in attacks

Gas South data breach class action settlement

Got a data breach? Blame the victims like 23andMe did!

Heightened threats due to rising use of generative AI apps

HMRC scam warning issued to Brits amid self-assessment tax deadline

Hospital IT Help Desks Targeted in Sophisticated Payment Fraud Scam

Hunters International Targets Gallup-McKinley County Schools as Their Latest Victim

Importance of integrating cybersecurity education in school curriculums

Iran’s Mint Sandstorm APT Hits Universities with Hamas-Israel Phishing Scam

Ivanti EPMM and MobileIron Core vulnerability is actively exploited, CISA confirms (CVE-2023-35082)

Ivanti vulnerabilities are being exploited widely, CISA says in emergency directive

Jordan: National Cyber Security Centre (NCSC) spotlights 453 cyber threats in 2023

Kansas Court System Seeks $2.6M to Recover from Cyberattack

Kansas State Cyberattack: VPN, Email, and Video Services Impacted

LoanDepot outage drags into second week after ransomware attack

LockBit Ransomware Uses Resume Word Files to Spread

Meridian Behavioral Healthcare Discloses 99,000-Record Data Breach

Millions of passwords leaked in enormous new data breach

Neighbouring Kent councils hit by simultaneous cyber attacks

Norwood Clinic data breach $2.3M class action settlement

Npm Trojan Bypasses UAC, Installs AnyDesk with "Oscompatible" Package

Oak View Group says November data breach compromised the data of 55,000 customers

Orange Spain Outage: BGP Traffic Hijacked by Threat Actor

Out with the old and in with the improved: MFA needs a revamp

Over a million exposed as Slovenian retailer leaks data

Payoneer accounts in Argentina hacked in 2FA bypass attacks

Phishing Scam Mastermind Sentenced: Snapchat Users’ Photos Stolen and Sold

Preventing Data Loss: Backup and Recovery Strategies for Exchange Server Administrators

Ransomware Activity Surged in 2023, Likely to Evolve in 2024

Ransomware Attacks Rose 128 Percent In 2023, Report Finds

Ransomware gang claims responsibility for Christmas attack on Massachusetts hospital

Ransomware Group Offers Hacked Serbian Electricity Provider's Data For Download

Ransomware Group Targets New Mexico School: An Emerging Threat to Education Sector

Remaining Viable: How, Insurers' Cybersecurity Is A Major Problem

ReproSource Fertility Diagnostics settles $1.25 million for 2021 data breach negligence

Rise in Drainer-as-a-Service attacks lead to high-profile breaches

Robert Half International Recruitment, iCloud, AT&T: Top Scams of the Week

Russian Coldriver Hackers Deploy Malware to Target Western Officials

Russian hacker Coldriver extends tactics to include custom malware

Russian hackers stole Microsoft corporate emails in month-long breach

Russian threat group delivering malware via campaigns using PDFs

Safeguarding Your Data: Essential Tips for Ensuring Security in Remote Team Environments

Solana grappling with phishing scams; Algorand and Rebel Satoshi may benefit

Southern Orthopedic Associates data breach $660K class action settlement

Space NK investigates cyber security incident

Swiss government victim of pro-Russian cyber attack

The Rise of FraudGPT: Phishing Scams to Social Engineering, how scammers are using new AI Chatbot

Think boomers are most vulnerable to cybersecurity attacks? Wrong. It's actually Gen Z

Toronto to integrate IT systems after ransomware attacks on zoo, public library

U.S. Cybersecurity Agency Warns of Actively Exploited Ivanti EPMM Vulnerability

UK Government Potentially Vulnerable to a Catastrophic Ransomware Attack on Critical Infrastructure

Ukraine hackers nick Russia's military secrets

Ukraine police to step up war on cyber fraud

Ukrainian hackers have seized technical documentation for 500 objects of the Russian Ministry of Defense

US government recommends a 15 years sentence for former BreachForums owner Conor Fitzpatrick

Vans, North Face owner says ransomware breach affects 35 million people

Vans, Supreme, North Face Parent Hacked: Data of 35 Million Customer Exposed

Veon Estimates Nearly $95 Million Revenue Loss Post Kyivstar Cyberattack

VF Corp Reports Significant Cyber Attack, 35.5 Million Customers’ Data Breached

VF Corp’s Cyber Incident Causes Data Breach of 35.5 Million Consumers

Virgin Islands Lottery Operations Suspended Over Data Breach

VMware confirms critical vCenter flaw now exploited in attacks

What is credential stuffing? How does it work? How can I protect myself from being scammed through my online accounts?

YouTube Crypto Con: Scammers Rake in $600K with Deepfakes and QR Codes

Zero trust and (why it isn’t always about) identity

18th January

49% of organizations cite poor training as cause for privacy concerns

$87 Million Lost to Crypto Drainer as Inferno Malware Fools Customers With Coinbase, Seaport Connection Protocols

167K people exposed in Sweden Coop data leak

Adversaries exploit trends, target popular GenAI apps

AI Could Make Cyber Threats Harder to Detect

Akira Ransomware Strikes DENHAM the Jeanmaker in Cyber Showdown

Alleged Trello Data Breach Raises Concerns: 15 Million User Records on Sale

Androxgh0st Malware Botnet Steals AWS, Microsoft Credentials and More

Androxgh0st Malware Building Mega-Botnet for Credential Theft

Angola's central bank tames latest data breach

Anonymous Sudan claims cyberattack on London Internet Exchange in response to UK's Yemen strikes

Anonymous Sudan’s DDoS Attacks Disrupt Network at Israeli BAZAN Group

Are You Vulnerable to Phishing?

Attackers Could Eavesdrop on AI Conversations on Apple, AMD, Imagination and Qualcomm GPUs

Attribute-based encryption could spell the end of data compromise

Canada: Local Family Health Team Becomes Latest Victim Of Cyberattack

Carriers must adapt to thwart cybersecurity threats

CISA: Critical Ivanti auth bypass bug now actively exploited

Credentials are Still King: Leaked Credentials, Data Breaches and Dark Web Markets

Crypto Phishing Scam: What is it and how to stay safe from it

Cyber spies launch PDF campaign

Cyber threats to worsen in 2024

Cyberattack on Ukraine’s largest telecom provider will cost it about $100 million

Cybercrooks Target Docker Containers With Novel Pageview Generator

Cybersecurity: The growing partnership between HR and risk management

Cybersecurity groups not to pay ransom demands

December 2023 Healthcare Data Breach Report

Do you love or fear your smart home devices? For most Americans, it's both

Docker hosts hacked in ongoing website traffic theft scheme

Drupal advisory warns users to update or risk DoS attack

Electrostim Medical Services confirms data breach affecting 543,000 patients

Emerging Threats and Opportunities in the AI Cybersecurity Revolution

Experts Warn of macOS Backdoor Hidden in Pirated Versions of Popular Software

Facebook Users Targeted by ‘Death News’ Phishing Scam

Federal agencies release cyber guidance for water sector after watchdog criticism

Federal Trade Commission (FTC) settles second case with geolocation data broker in two weeks

GitHub, PyTorch and More Organizations Found Vulnerable to Self-Hosted Runner Attacks

Hampton-Newport News Community Services Board Reports Recent Ransomware Attack, Leading to Data Breach

HealthEC Data Breach Impacts 4.5 Million Patients

Here’s three questions to ask for better data security posture management

Hospital systems see rise in cyber attacks; Here's what's being done to improve safety

How publishers should respond to a deluge of news industry cyberattacks

How to Protect Your Business Against a Data Breach in 2024

Illicit Cryptocurrency Flows Drop 39% in 2023

In alerting about two Citrix bugs, CISA recommends immediate attention for one

Iranian Hackers Masquerade as Journalists to Spy on Israel-Hamas War Experts

Iranian Phishing Campaign Targets Israel-Hamas War Experts

Israel’s Largest Oil Refinery, Bazan Group, Hit by Anonymous Sudan

JinxLoader Malware: Next-Stage Payload Threats Revealed

JPMorgan exec claims bank repels 45 billion cyberattack attempts per day

Kansas State University cyberattack disrupts IT network and services

LockBit group victimises Taiwan's Foxsemicon, pastes ransom note on the company's website

LockBit hits Taiwanese semiconductor firm Foxsemicon

'Look who died' Facebook scam preys on emotions. How to stay safe

Mallorca’s Calvià City struggles to recover after €10M ransom attack

Malware Exploits 9Hits, Turns Docker Servers into Traffic Boosted Crypto Miners

Maryland Federal Court Recertifies Class Action Against Hotel Franchisor for Claims Related to Data Breach

Massachusetts Fertility Test Center Reaches $1.25M Data Breach Settlement

Medical Healthcare Solutions data breach class action settlement

MFA Spamming and Fatigue: When Security Measures Go Wrong

Microsoft warns of new spearphishing attack targeting workers at top companies

New Docker Malware Steals CPU for Crypto & Drives Fake Website Traffic

New Malware Campaign Exploits 9hits in Docker Assault

Nissan Australia confirms customer data accessed in data breach, Akira takes credit

North Country Orthopaedic Group files lawsuit against unidentified cyberhackers, has stolen data returned

Outsmarting Ransomware’s New Playbook

PixieFail UEFI Flaws Expose Millions of Computers to RCE, DoS, and Data Theft

Poorly secured PostgreSQL, MySQL servers targeted by ransomware bot

'Punishing the victims': Would banning ransom payments stop hospital cyberattacks?

Ransomware: how financial institutions can prepare to react quickly through regulatory compliance

Ransomware attacks hospitalizing security pros, as one admits suicidal feelings

Ransomware Group Targets Foxconn Subsidiary Foxsemicon

Ransomware negotiation: When cybersecurity meets crisis management

Ransomware Up, but Crypto Crime Down Overall in 2023

Raptor Technologies Data Breach: Unsecured Database Leaks Student, Parent and Teacher Information

Rising Tide of Data Extortion: A New Wave of Cybercrime

Russian COLDRIVER Hackers Expand Beyond Phishing with Custom Malware

Russian FSB hackers deploy new Spica backdoor malware

Russian state hackers deploying malware in espionage attacks around Europe

Russian threat group spreading backdoor through phishing, says Google

SOC-as-a-Service: The Five Must-Have Features

Spanish city council says ransomware attack disrupted critical public services

Swiss Government Websites Hit by Cyberattack; ‘NoName’ Hackers Claim Responsibility

Swiss websites hit by DDoS attacks during World Economic Forum in Davos

TA866 Resurfaces in Targeted OneDrive Campaign

TeamViewer abused to breach networks in new ransomware attacks

TensorFlow CI/CD Flaw Exposed Supply Chain to Poisoning Attacks

The Biggest Security Threats Facing Contact Centers in 2024 And How to Deal With Them

The dangers of quadruple blow ransomware attacks

The Hidden Cyber Threat in Industrial Tools: Network-Connected Torque Wrench Vulnerability

The power of AI in cybersecurity

Threat Actors Team Up for Post-Holiday Phishing Email Surge

To Reverse Escalating Cyber Risk, Start Thinking Like A Cyber Insurer

Ulsan HD FC Data Breach Alert: Sensitive Data Allegedly on Sale for $6000

Unpatched Rapid SCADA Vulnerabilities Expose Industrial Organizations to Attacks

US government wants BreachForums admin sentenced to 15 years in prison

Victorian courts reveal cyber-attack targeted files dating back as far as 2016

VMware: Plug critical Aria Automation hole immediately! (CVE-2023-34063)

Why is data security important?

17th January

3 Malicious PyPI Packages Hide CoinMiner on Linux Devices

3 Phishing Strategies to Know So You Don’t Get Scammed

5 Steps To Easily Spot Phishing And Scam Work Emails

10 Ways to Prevent Computers from Virus

75% of Organizations Hit by Ransomware in 2023

AI in Cybersecurity: A Game of Cat and Mouse

AI, Gaming, FinTech Named Major Cybersecurity Threats For Kids

AI’s Role in Cybersecurity for Attackers and Defenders in 2024

Alpha Supported Living Services Announces Data Breach Following Phishing Attack

AMD, Apple, Qualcomm GPUs leak AI data in LeftoverLocals attacks

Ameriprise Financial Notifies Consumers of Recent Data Breach

APT Foundation Announces Data Breach Following Inadvertent Disclosure of Social Security Numbers

Australia: Prime Minister calls major scam a ‘scourge’ after Guzman Y Gomez targeted in coordinated cyber

Australia Reels from Widespread Cyberattacks, Prime Minister Anthony Albanese Terms it a ‘Scourge’

Bigpanzi botnet infects 170,000 Android TV boxes with malware

Bosnian Serb Entity Healthcare System Partly Back Online After Cyber Attack

British Library restores online catalogue three months after a Rhysida ransomware attack

British Library Struggles To Recover After Autumn Cyber Attack

CAMICO Notifies an Unknown Number of Consumers of Recent Data Breach Affecting Their SSNs

CISA pushes federal agencies to patch Citrix RCE within a week

Citrix, VMware, and Atlassian Hit with Critical Flaws - Patch ASAP!

Clearview Resources Ltd Hit by Cyberattack, Suffers $1.5 Million in Damages

Combating cybercrime in New Zealand with a robust cybersecurity strategy

Companies and regulators must do more on data breaches

ConsensioHealth Ransomware Attack Affects 61,000 Patients

Cooper Aerobics: Data Security Incident Raises Concerns of Personal Information Exposure

Cooper Aerobics discloses data breach, nearly 90,000 customer accounts potentially exposed

Cooper Aerobics Discloses Major Data Breach: A Wake-Up Call for Healthcare Cybersecurity

Credit card, romance fraud remain most prevalent cybercrime in Ghana

Cyber Attack on Calvia Council

Cyber attacks on the rise, Indian insurance companies see uptick in corporate cyber policy enrolments

Cyber Espionage Strikes Indian Air Force: Malware Disguised in ‘SU-30 Aircraft Procurement’ File

Cyber Security Is The Biggest Worry For Companies In 2024

Cybersecurity: Essential lessons for advisers to share with clients

Dark web listing reveals alleged GEICO database sale, exposing 552,900 records

Data breach leaked info on 40 nursing facilities, provider reports

Data breaches: everything you need to know and how to prevent them

Did Uber's Delivery Service Drizly Die Due to Data Breach?

Dollar Bank class action alleges bank failed to protect private info inherited in merger

Electrostim Medical Services Data Breach Impacts 543,000 Patients

Embracing identity-centric zero trust: A glimpse into the future of the modern cyber security perimeter

Facebook and Instagram “worst” apps for privacy

Feds Warn of AndroxGh0st Botnet Targeting AWS, Azure, and Office 365 Credentials

Five ways to protect yourself while online shopping

Foxsemicon hit by ransomware

GitHub Rotates Credentials and Patches New Bug

GitHub Rotates Keys After High-Severity Vulnerability Exposes Credentials

Google fixes actively exploited Chrome zero-day (CVE-2024-0519)

Google fixes an actively exploited Chrome zero-day

Google Incognito Mode: New Disclaimer Reveals Data Tracking

Hackers Building AndroxGh0st Botnet to Target AWS, O365, Feds Warn

Have I Been Pwned adds 71 million emails from Naz.API stolen account list

Hawaii Medical Service Association (HMSA) customer data compromised by targeted cyber attack

Holidays are over, but don’t let employees’ guard drop over fake shipping emails

Hospital and Ortho Group Fight Back Against Cybercriminals

Hospital worker allegedly 'suspended over breaching patient confidentiality'

How to Overcome Hyper-realistic Deepfakes in 2024

Indian Air Force potentially targeted with info-stealing malware

Indian trade association exposes sensitive data

Innefu Labs Data Breach: Indian Cybersecurity Firm Falls Victim to Cyberattack

Iranian APT Impersonating Prominent Journalist in Clever Spear-Phishing Attacks

Iranian hackers target researchers with new MediaPl malware

Iranian hackers targeting ‘high-profile’ experts on Middle East

iShutdown scripts can help detect iOS spyware on your iPhone

IT teams unable to deliver data fast enough to match the speed of business

Johnson Controls Ransomware Attack: A Critical Wake-Up Call For National Security

Kansas courts need at least $2.6 million to recover from cyberattack

Kaspersky Details Method for Detecting Spyware in iOS

Kaspersky releases utility to detect iOS spyware infections

Kaspersky’s iShutdown Tool Detects Pegasus Spyware on iOS Devices

Majorca Tourist Hotspot Hit With $11m Ransom Demand

Memorial University confirms cyberattack on Grenfell Campus involved ransomware

National Bank of Angola says it mitigated cyberattack

New iShutdown Method Exposes Hidden Spyware Like Pegasus on Your iPhone

New Phishing Scam Hooks META Businesses with Trademark Threats

One hell of a year: Inferno Drainer malware stole $80M

Over 90 percent of organizations set to increase data protection spending

Pastelería Mozart Data Breach – Over 10 Million Records Leaked on the Dark Web

PAX PoS Terminal Flaw Could Allow Attackers to Tamper with Transactions

Pirates beware: covert cyber gang hijacking brains of Android TVs

Practical cyber security tips for business leaders

Preventive security measures necessary for Indian manufacturers

Ransomware attack on Utah mortgage provider impacted almost 300,000 customers

Ransomware attacks leave small business owners feeling suicidal

Ransomware was behind cyberattack on Memorial University's Grenfell campus, confirms president

Russian-web provider Qwerty down, Ukraine’s IT Army takes credit

Scammers go old school with new phishing tactic

Singapore: 7 charged with money mule offences after DBS bank customers fall for recent SMS phishing scams

Software suppliers offer rich pickings for criminals

SoftwareProjects exposes substantial customer and affiliate data

Stormous Hackers Breach KAI's Network, Exposing Customers Data

SudaChad suffers major cyber attack

Surge in Telecommunications Cyberattacks: After Orange, and Kyivstar, Now Thuraya Targeted

Swiss government websites hit by pro-Russia hackers after Zelenskyy’s Davos visit

Taiwanese semiconductor company hit by ransomware attack

Texts pretending to be from Post Office are a scam

The right strategy for effective cybersecurity awareness

Tips for Ensuring HIPAA Compliance

Toronto Zoo employees’ personal information stolen in ransomware attack

US Government Urges Action to Mitigate Androxgh0st Malware Threat

Vendor Email Attacks Surged by 137% in Financial Sector in 2023

Victims of 2023 Capita data breaches head to High Court

Watch out for QR code scams called 'quishing' that could cost you money

Web3 And The Risks To Be Aware Of

When IAM security conflicts with user experience

Zero-Day Alert: Update Chrome Now to Fix New Actively Exploited Vulnerability

16th January

3 ways to combat rising OAuth SaaS attacks

68% of IT workers feel overwhelmed with data access restrictions

1,700 Ivanti VPN devices compromised. Are yours among them?

Academia Warned To Guard 'Crown Jewels' After British Library Hack

Academy Mortgage breach exposes 285K people

Alert: Over 178,000 SonicWall Firewalls Potentially Vulnerable to Exploits - Act Now

Androxgh0st malware botnet steals AWS, Microsoft credentials

Androxgh0st malware hackers creating large botnet, CISA and FBI warn

Anonymous Collective launches cyberattack on Bahrain Over alleged Yemen airstrike support

Atlassian reveals critical Confluence RCE flaw, urges “immediate action” (CVE-2023-22527)

Atlassian warns of critical RCE flaw in older Confluence versions

Australian cyber attack: Guzman y Gomez, Dan Murphy's, Binge and Event Cinemas customers targeted by hackers

AzorUlt Stealer Is Back In Action, Uses Email Phishing

BianLian Ransomware Hits Northeast Spine and Sports Medicine

British Library puts catalogue back online after 2023 cyber attack

Citrix warns of new Netscaler zero-days exploited in attacks

Crypto Hacker Steals $100K From Investors After Successful Scam

Crypto Heists Surge in 2023, $16.93m Already Stolen in 2024

Crypto trading firm closes shop after $8 million New York state fine over security issues

Cyber attacks are one of the biggest threats facing healthcare systems

Cyber attacks reveal fragility of financial markets

Cyber incidents ranked most important risk globally

Cyberattack: Clearview loses $1.1m

Cybercrime is the number one threat when it comes to financial crime in Ireland

DDoS Attackers Put Environmental Services Firms in Their Crosshairs

Election Security 2024: Biggest Cyber Threats and Practical Solutions

Email Nightmare: 94% of Firms Hit by Phishing Attacks in 2023

GitHub rotates keys to mitigate impact of credential-exposing flaw

GitLab Fixes Password Reset Bug That Allows Account Takeover

Glendale Unified School District Suffers Ransomware and Data Breach

Google fixes first actively exploited Chrome zero-day of 2024

Hacker swipes $3.3m from Bungee crypto bridge users by exploiting contract bug

Hackers Hit Moscow Internet Provider in Response to Kyivstar Cyber Attack

Hackers Weaponize Windows Flaw to Deploy Crypto-Siphoning Phemedrone Stealer

How a ‘crypto drainer’ tricked people into handing over $80 million in assets worldwide

How a school tech software company’s data breach could impact DC-area districts

How Comcast’s Xfinity Hack Of Nearly 36 Million Users Impacts The Black Community

How Recent Cyber Attack Took Down Entire Telecom Industry In Ukraine?

How to improve cyber resilience across your workforce

Indian Entities on Alert as Dawnofdevil Hacker Group Resurfaces

Industrial and energy groups warned of need for stronger cyber defence

Inferno Drainer crypto scam still a threat despite previous shut down

Inferno Drainer Phishing Nets Scammers $80M from Crypto Wallets

Inferno Drainer Spoofs Over 100 Crypto Brands to Steal $80m+

Inferno Malware Masqueraded as Coinbase, Drained $87 Million from 137,000 Victims

Internet of Things (IoT) Security: Avoid These 5 Mistakes

Israeli Ports Hit in Cyberattack: Anonymous Sudan Takes Credit

Ivanti spots ‘sharp increase’ in targeting of VPN as analysts find 1,700 devices exploited

Ivanti VPN Zero-Day Flaws Fuel Widespread Cyber Attacks

Ivanti Zero-Days Exploited By Multiple Actors Globally

KAI Ensures IT Security Amidst Rumours of Ransomware Attack

Kaspersky foresees rise in phishing, scams, data breaches, and APT attacks in APAC for 2024

Latest Cyber-Attacks in Serbia Raise Fresh Questions about Defence

Leaked COVID tests expose sensitive patient data

LockBit Ransomware Strikes Again: Two New Victims Added to Dark Web Portal

LulzSec France and Moroccan Black Cyber Army Unite Against Denmark

Lush confirms it was hit by a cyberattack - but it isn't saying much else

Luxembourg: Phishing attacks to trick victims out of valuables on the rise

MacOS info-stealers quickly evolve to evade XProtect detection

Majorca city Calvià extorted for $11M in ransomware attack

Melbourne travel agency faces security concerns as data leak exposes tourists' personal information

Mississippi healthcare provider says ransomware attack compromised over 250,000 patients

Mystery surrounds the LG washing machine hogging 3.6GB of data per day

Open-source code fuels rise in supply chain cyberattacks

Open-source tools fire up supply chain attacks

PBI data breach impacted over 1.3 million users of insurance services

Personal details of 6,000 people leaked in Greater Manchester council data breach

Phemedrone Stealer Targets Windows Defender Flaw Despite Patch

PixieFail flaws impact PXE network boot in enterprise systems

Planning a Cloud Migration Journey? How to Implement a Ransomware Strategy for the Edge

Ransomware attacks reach record high in 2023

Ransomware gang demands €10 million after attacking Spanish council

Remcos RAT Spreading Through Adult Games in New Attack Wave

Republic Shipping Targeted in BianLian Ransomware Cyberattack

Retail Mortgage Lender loanDepot Disrupted by Ransomware Attack

Russian Hackers Orchestrate Ukrainian Telecom Giant Attack

Singapore: 7 arrested for alleged involvement in SMS banking-related phishing cases

Sodexo Hit by Cyberattack: R00TK1T ISC Claims Responsibility

Southeast Asian casino industry supercharging cyber fraud, United Nations says

Surge in Social Media Account Hacks: A Cybersecurity Nightmare

The case for transparency after data breaches

The human toll of ransomware: how IT pros suffer during incidents

Top 9 Cyber Risk Scenarios That Can Lead to Financial Loss in 2024

Top official says Kansas courts need at least $2.6 million to recover from cyberattack

Top six recommendations for remaining robust and resilient in 2024

What are the top cyber exposures facing UK businesses?

What to Do If Your Organization is The Victim of Ransomware

15th January

3 Ransomware Group Newcomers to Watch in 2024

AI expected to drive up phishing attempts this year

Alkem Lab Reports Rs52 Crore Loss Due to Cyber Security Incident

Alleged data breach hits Saudi Foreign Affairs Ministry, exposing 1.4 million employees

Anonymous Collective Launches Cyberattack on Bahrain Over Yemen Airstrikes

Anonymous Sudan Claims London Internet Exchange Attack Over Yemen Strikes

Aon Corporation Faces Class Action Lawsuit Over Data Breach

Australia: Home Affairs unable to say who was responsible for October cyber attack

Australian breach victim's two-year road to recover from identity theft

Balada Injector Infects Over 7,100 WordPress Sites Using Plugin Vulnerability

Binance Customers in Poland Targeted by SMS Phishing Scam

Bitfinex Thwarts $15B Cybersecurity Attack Involving XRP

British cosmetics retailer Lush confirms cybersecurity incident

British Cosmetics Retailer Lush Investigating Cyber Attack

British Library begins restoring digital services after cyber-attack

British Library begins restoring main catalogue online after devastating cyber attack

British Library Catalogue Back Online After Ransomware Attack

British Library restores access to online collection following ransomware attack

British Library starts restoring services online after hack

Carnegie Mellon University suffers a cyberattack

Computer Security: Hits are coming closer

Critical flaw found in WordPress plugin used on over 300,000 websites

Cybercrooks targeting enterprise genAI use

Cybersecurity failures plague PhilHealth once more

Data breach: It’s not if but when

Data from University of Toronto students threatened by MOVEit ransomware attack

Database Sale on Dark Web Puts GEICO in the Attackers Crosshairs Again

DDoS Attacks on the Environmental Services Industry Surge by 61,839% in 2023

Environmental Websites Hit by DDoS Surge in COP28 Crossfire

ESO Solutions Notifies HHS-OCR of Data Breach Affecting 2.7 Million Consumers

Flipping the BEC funnel: Phishing in the age of GenAI

Forescout Report Uncovers New Details in Danish Energy Hack

Generative AI and the ever-changing tactics of fraudsters: what you need to know

Hacker stole the data of about 950k customers from Chinese sportswear company Halara's website

HealthAlliance Notifies 264k Patients of Data Breach Involving Their SSNs and PHI

HelloFresh Fined £140K After Sending 80 Million Spam Messages

HelloFresh Fined £140,000 for 80 Million Spam Messages

HelloFresh fined for millions of spam texts and emails

High-Severity Flaws Uncovered in Bosch Thermostats and Smart Nutrunners

If you work at a law firm, the most dangerous threat of all might actually be your employees

Information Stealer Exploits Windows SmartScreen Bypass

Isle of Man: Delay to Manx Care dental services after cyber attack

Ivanti Connect Secure zero-days now under mass exploitation

Juniper fixes critical RCE in its SRX firewalls and EX switches (CVE-2024-21591)

Kazakhstan Registers Significant Attempts of Cyber-Attacks in 2023

Living-off-Trusted-Sites (LOTS) – APT Hackers Abusing GitHub To Deliver Malware Payload

LockBit ransomware attack on ARCC compromised the data of 65,000 individuals

LockBit Ransomware Group Behind Capital Health Cyberattack

Lush launches investigation into cyber attack

McDonald’s Data Breach 2024, a Continuation of Cybersecurity Dilemmas

Mississippi Health System Ransomware Attack Affects 253,000

NoName Targets Multiple Websites in Lithuania, Blames it for Aiding Ukraine

Not All Multi-Factor Authentication Solutions Are Created Equal

Opera MyFlaw Bug Could Let Hackers Run ANY File on Your Mac or Windows

Over 178K SonicWall firewalls vulnerable to DoS, potential RCE attacks

Personal Data of Thousands Exposed in Inspiring Vacations Breach

Print music giant Hal Leonard Australia falls victim to Qilin ransomware

Python-Based Tool FBot Disrupts Cloud Security

Quantum Radiology cyber attack: Patients kept in the dark about nature of attack while employees are being harassed by attackers

Quite a lot of those human errors are malicious

Researchers Uncover Major Surge in Global Botnet Activity

Retirees in the Crosshairs: The Growing Threat of Information Abuse

Scotland: Woman ‘devastated’ after Ninewells worker twice snooped on her records

Securities and Exchange Commission (SEC) says systems were not breached in X account hack

Security Experts Urge IT to Lock Down GitHub Services

Senators Demand Probe into SEC Hack After Bitcoin Price Spike

Shifting cybersecurity trends demand embracing innovative thinking

Singapore: 'Banks do not send SMS with links' - $446k already lost to scams in 2024

Singing River breach exposes healthcare data of 250K+ individuals

There were over 4,000 ransomware victims in 2023

Top 10 Cybersecurity Tips to Protect Your Businesses in 2024

Tura Scandinavia AB Encounters Another Cyberattack Following intrusion in December

Ukrainian arrested for infecting US cloud provider with cryptomining malware

Unmasking the Resurgence of Azorult Malware: Cyble Detects A New Dark Web Campaign

US court docs expose fake antivirus renewal phishing tactics

Windows Defender SmartScreen Vulnerability Exploited with Phemedrone Stealer

Windows SmartScreen bug exploited to deliver powerful info-stealer (CVE-2023-36025)

Why enhanced cybersecurity funding must be addressed in 2024