Editor's Message

Welcome to DBD. On March 8th we celebrated our 4th Anniversary and the 1st Anniversary of our PRiSM application, officially endorsed by the SANS Institute. Despite recent personal issues that have impacted the amount of time I have been able to dedicate to both projects, I have been doing my best to keep everything as up-to-date as possible, and I would like to take this opportunity to thank everyone for their patience and support whilst I navigate through this very difficult time. Stay safe. :)

Monday 26 February 2024

LockBit: Ransomware Operator Resurfaces With New Dark Web Leak Site And New Claimed Victims Days After Law Enforcement Takedown

Data Breaches Digest - Week 9 2024

Welcome to this week's Data Breaches Digest, a catalogue of links concerning Data Breaches and Cyber Security that were published on the Internet during the period between 26th February and 3rd March 2024.

3rd March

BlackCat Ransomware Hit Healthcare Giant Optum, Stolen 6TB Sensitive Data

Coinsquare Data Breach Exposes User Info, Prompting Security Enhancements

EA Sports Investigates FIFA 22 Ultimate Team Account Thefts Linked to Phishing and Human Error

Epic games ‘hacker” Mogilevich admits it was a scam operation

Georgia’s Largest County Is Still Repairing Damage From January Cyberattack

Hamilton public health pausing vaccine-related school suspensions due to cyber attack

Human Error is Biggest Cybersecurity Threat, CTOs Say

Kaspersky reveals 30% rise in ransomware attacks

Main computer viruses and their differences: spyware, trojan, ransomware, malware and more

More residents affected by Stratford Council data breach

Stealthy GTPDOOR Linux malware targets mobile operator networks

2nd March

Cybersecurity Marketing Trends to Watch for in 2024

Hackers target Federal Communications Commission (FCC), crypto firms in advanced Okta phishing attacks

New Bifrost RAT Variant Targets Linux Devices, Mimics VMware Domain

U.S. Charges Iranian Hacker, Offers $10 Million Reward for Capture

U.S. Court Orders NSO Group to Hand Over Pegasus Spyware Code to WhatsApp

Why Companies Are Now Outsourcing IT and Cybersecurity Services

Windows Kernel bug fixed last month exploited as zero-day since August

1st March

92% of companies experienced an application-related breach last year

98% of businesses linked to breached third parties

AI behind surge in business email compromise attacks

AI service Cutout.Pro suffers data breach exposing 20 million users' personal information

Arizona casino severely disrupted after cyberattack

Audacious Attacks, Evading Answers: Why LockBit, BlackCat Targeting US Healthcare?

Average Initial Ransomware Demand in 2023 Reached $600K

Biden Warns Chinese Cars Could Steal US Citizens' Data

Black Basta Ransomware Group Adds 5 New Victims to Leak Site

BlackCat Ransomware Gang Behind Change Healthcare Cyberattack, Optum Confirms

Businesses foresee major impact from new SEC cybersecurity disclosure rules

Change Healthcare cyberattack: What's the status of ransomware attack impacting pharmacies, payments nationwide

CISA warns of Microsoft Streaming bug exploited in malware attacks

CISA, Mandiant Warn of a Worsening Situation for Ivanti Users

Critical Infrastructure Organizations Warned of Phobos Ransomware Attacks

CryptoChameleon Phishing Scam Targets Crypto Users and Federal Communications Commission (FCC) Employees

CutOut.Pro AI Tool Data Breach: Hacker Leak 20 Million User Info

CutOut.Pro denies hacker’s breach claim

Cybercriminals harness AI for new era of malware development

Details of 20 Million Cutout.pro users exposed on leak forum

Facebook accounts were vulnerable to zero-click takeovers

February 2024 Top CVEs and Vulnerabilities Report

Federal Communications Commission (FCC) staff targeted in phishing attack that cloned agency login site

Five Eyes Agencies Warn of Active Exploitation of Ivanti Gateway Vulnerabilities

Five Eyes Warn of Ivanti Vulnerabilities Exploitation, Detection Tools Insufficient

Forget ransomware and phishing attacks - CTOs rate human error as their number one security risk

Four Strategies To Protect Against Generative AI-Powered Attackers

France concerned by potential cyber attack on electricity grid

Fulton County stands firm against ransom demands amid cyberattack

German applied sciences university hit by criminal cyberattack

Germany takes down cybercrime market with over 180,000 users

GitHub Rolls Out Default Secret Scanning Push Protection for Public Repositories

Golden Corral Data Breach Impacts 180,000 Employees

Hacker Group Publicly Announced That They Are Recruiting Pentesters

How to secure your API secret keys from being exposed?

I-Soon suffers data breach revealing state hacking activities

IT Leaders Lack Confidence in Internet-of-Things (IoT) Security Plans

Large Pharmacy Claims Processor Hit with Ransomware Attack

Major ransomware attack knocks Romanian hospitals offline

Massive cyber attack creates crushing billing burdens for skilled nursing; sparks efforts for payment relief

Massive Data Breach at YX International Exposes 2FA Codes for Google, Facebook, TikTok Users

Mogilevich hacker group claims it breached Ireland’s Department of Foreign Affairs

New BIFROSE Linux Malware Variant Using Deceptive VMware Domain for Evasion

New Phishing Kit Leverages SMS, Voice Calls to Target Cryptocurrency Users

NIST Cybersecurity Framework: A Cheat Sheet for Professionals

Over 325,000 people impacted by data breach reported by Houser LLP

Ransomware attack on U.S. health care payment processor ‘most serious incident of its kind’

Ransomware attack wreaks havoc on prescription payments

Researchers spot new infrastructure likely used for Predator spyware

Richland Community College Struggling After Cyber Attack

Safeguard your data from email-based fraud and phishing scams

Spyware maker NSO Group ordered to turn over Pegasus code in WhatsApp case

Thales Defense Contractor in Hot Water: Alleged Data Breach Traced to US Department of Defense Hacker

Top AI service hit by massive data breach - 20 million Cutout.Pro users have personal info leaked, so change passwords now

Trio of former Mid Devon councillors criticise authority’s data breach allegations

U.S. charges Iranian for hacks on defense orgs, offers $10M for info

UK Home Office Breached Data Protection Law with Migrant Tracking Program, ICO Finds

UK program involving electronic monitoring of migrants could be unlawful, data regulator says

UK’s NCSC Issues Warning as SVR Hackers Target Cloud Services

Understanding Risks on the SaaS Attack Surface

UnitedHealth says 'Blackcat' ransomware group behind hack at tech unit

US indicts Iranian man in cyber-espionage campaign against defense contractors

US law firm Houser said May data breach impacted more than 326,000 individuals

Vishing, Smishing Thrive in Gap in Enterprise, CSP Security Views

29th February

20 million Cutout.Pro user records leaked on data breach forum

A countdown timer for the threatened release of Trump court documents disappeared from hacker website before it ticked down to zero

Airbnb scammers pose as hosts, redirect users to fake Tripadvisor site

ALPHV/BlackCat threatens to leak data stolen in Change Healthcare cyberattack

‘Amazon’s Choice’ doorbells are a security nightmare

American crypto fraud losses exceed $1.5 billion

Android Money Transfer XHelper App Exposed as Money Laundering Network

Biden administration issues executive order to secure U.S. ports

Biden administration takes steps to investigate and potentially block China-made car tech

Biden Bans Mass Sale of Data to Hostile Nations

Bring-Your-Own-Device (BYOD) Increases Mobile Phishing; Risks Have Never Been Higher

Change Healthcare Blames ‘Blackcat’ Group For Cyber Attack That Disrupted Pharmacies And Health Systems

Change Healthcare Confirms BlackCat Ransomware Attack

Change Healthcare confirms Blackcat/AlphV behind ransomware attack

Chinese Hackers Exploiting Ivanti VPN Flaws to Deploy New Malware

CISA cautions against using hacked Ivanti VPN gateways even after factory resets

Clock ticking for Fulton County government as hacker deadline looms

Cryptojacking is no longer the sole focus of cloud attackers

Cybercriminals Amplify Use of Infostealers in Ransomware Attacks, Heightening Data Breach Risks

Dark Web Market Revenues Rebound but Sector Fragments

Epic Games attacked by new ransomware group Mogilevich

Epic Games Responds to Ransomware Attack Claims

Europe’s Pepco loses $17M in phishing attack

FBI, CISA Release IoCs for Phobos Ransomware

Fraud Detection: Time is Not on Our Side

Fulton County, Georgia, refuses to pay ransom, again

German Steelmaker Thyssenkrupp Confirms Ransomware Attack

Ghosts of Palestine Launches Cyberattack on Israeli Universities in Protest

GitHub enables push protection by default to stop secrets leak

Golden Corral restaurant chain data breach impacts 183,000 people

GTPDOOR Linux Malware Targets Telecoms, Exploiting GPRS Roaming Networks

Healthcare providers hit by frozen payments in ransomware outage

Healthcare sector warned of ALPHV BlackCat ransomware after surge in targeted attacks

How organizations can navigate identity security risks in 2024

Kutchins, Robbins & Diamond Announces Data Breach After Unauthorized Party Accesses Employee Email Account

Law firm reports data breach affecting more than 325,000 people

Lazarus Exploits Typos to Sneak PyPI Malware into Dev Systems

Lazarus Hackers Exploited Windows Kernel Flaw as Zero-Day in Recent Attacks

LockBit ransomware group back online after international police disruption

More than 60% of consumers would avoid a retailer post-breach

New Backdoor Targeting European Officials Linked to Indian Diplomatic Events

New Bifrost malware for Linux mimics VMware domain for evasion

New Silver SAML Attack Evades Golden SAML Defenses in Identity Systems

North Korean hackers exploit Windows zero-day flaw

Pharma Giant Cencora Reports Cybersecurity Breach

President Biden Blocks Mass Transfer of Personal Data to High-Risk Nations

Prominent Sacramento law firm sues for $1 million after falling prey to ransomware attack

Ransomware attack on UnitedHealth hits provider payments

Ransomware claims to have stolen almost 200 GB of information from Epic Games Store

Ransomware gangs are paying attention to infostealers, so why aren't you?

Ransomware group Blackcat is behind cyberattack on UnitedHealth division, company says

Ransomware Hackers Fail To Produce ‘Stolen’ Donald Trump Court Files

Ransomware-as-a-Service Spawns Wave of Cyberattacks in Middle East & Africa

Rhysida group claims a major ransomware attack on Chicago pediatric hospital

Rio Hondo Community College Announces Data Breach in the Wake of Ransomware Attack

Rise in Cryptocurrency Cyberattacks: macOS Users Targeted via Calendly Meeting Invitations

Savvy Seahorse Targets Investment Platforms With DNS Scams

Security Vulnerabilities Popping Up on Hugging Face’s AI Platform

Seminole County Public Schools taken for $1.3 million in email phishing scheme

Stop Ransomware: Phobos Ransomware

Surge in ransomware, leaks and info stealers targeting Middle East and Africa

Taiwan’s military, Foreign Ministry hit by data breach

The Anatomy of an ALPHA SPIDER Ransomware Attack

Thyssenkrupp Cyberattack Disrupts Automotive Division, Recovery Efforts Underway

TimbreStealer Malware Targets Mexican Victims with Tax-Related Lures

U-Haul Data Breach Affects 67,000 Across US, Canada

UnitedHealth confirms ransomware gang behind Change Healthcare hack amid ongoing pharmacy outages

UnitedHealth cyberattack payment freeze sparks provider panic

UnitedHealth Group Confirms ALPHV Ransomware Gang Is Behind Attack

UnitedHealth Group’s Optum Subsidiary disrupted by Cyberattack putting critical patient needs at risk

US Government Warns Healthcare is Biggest Target for BlackCat Affiliates

US to probe if Chinese cars pose national data security risks

Veolia North America says January ransomware attack affected close to 9,000 customers

Vishing, smishing, and phishing attacks skyrocket 1,265% post-ChatGPT

28th February

34 Million Roblox Credentials Exposed on Dark Web in Three Years

68% surge in the number of ransomware attacks

A ransomware gang claims to have hacked nearly 200GB of Epic Games internal data

Ads for Zero-Day Exploit Sales Surge 70% Annually

AI in cybersecurity presents a complex duality

ALPHV Ransomware Claims Dual Victims, One Confirmed

Anycubic 3D printers hacked worldwide to expose security flaw

Australia biggest ransomware target across APAC in 2023

Biden bans brokers selling Americans' private data for espionage

Cencora Confirms Data Breach in SEC Filing; Sensitive Data Accessed by Hackers

Cencora Discloses Data Breach in SEC Filing

CISA, FBI, and HHS Update Joint Advisory on ALPHV Blackcat Ransomware

CISA warns that malicious actors are targeting cloud infrastructure

Cybersecurity Agencies Warn Ubiquiti EdgeRouter Users of APT28's MooBot Threat

Epic Games: "Zero evidence" we were hacked by Mogilevich gang

Epic Games claims alleged ransomware hack shows 'zero evidence' of legitimacy

Epic Games ransomware attack: Company responds to claims of breach

Epic Games ransomware attack is likely fake as studio says it's found 'zero evidence' so far

Epic Games reportedly hacked by ransomware group, Unreal Engine and Fortnite could be compromised

European retailer Pepco hit by costly phishing attack

European retailer Pepco loses €15.5 million in phishing (possibly BEC?) attack

Exam paper cyber attack investigation hits dead end

FBI Alert: Russian Hackers Target Ubiquiti Routers for Data, Botnet Creation

FBI Issues Alert on Russian Threats Targeting Ubiquiti Routers

FBI Warns U.S. Healthcare Sector of Targeted BlackCat Ransomware Attacks

FBI warns US hospitals they may be hit by BlackCat ransomware, so be on their guard

Fortnite game developer Epic Games allegedly hacked

German applied sciences university announces being hit by criminal cyberattack

How AI is reshaping the cybersecurity job landscape

How Security Leaders Can Break Down Barriers to Enable Digital Trust

Intel agencies issue guidance to protect against Russian botnet

Iran-Linked UNC1549 Hackers Target Middle East Aerospace & Defense Sectors

Iranian hackers impersonate Boeing and DJI, post fake job offers

Irish foreign affairs ministry says ‘no evidence’ of cyber breach following extortion claim

Is Now the Right Time for a Ransomware Payment Ban?

Japan warns of malicious PyPi packages created by North Korean hackers

Lazarus hackers exploited Windows zero-day to gain Kernel privileges

LockBit 4.0: Rebooting a Ransomware Empire – Can the FBI Contain the Resurgent Threat?

LockBit ransomware returns to attacks with new encryptors, servers

Malicious AI models on Hugging Face backdoor users’ machines

New executive order bans mass sale of personal data to China, Russia

New version of ALPHV/BlackCat ransomware hits victims

NIST Releases Cybersecurity Framework 2.0: Guide for All Organizations

Notorious ransomware group claims responsibility for attacks roiling US pharmacies

Over Half of UK Firms Concerned About Insider Threats

Pharmaceutical giant Cencora reports cyberattack

Ransomware attacks in APAC on the rise

Ransomware gang claims they stole 6TB of Change Healthcare data

Ransomware group claims Epic Games hack

Registrars can now block all domains that resemble brand names

Rhysida ransomware wants $3.6 million for children’s stolen data

Savvy Seahorse gang uses DNS CNAME records to power investor scams

State-sponsored hackers know enterprise VPN appliances inside out

Suspected Iranian cyber-espionage campaign targets Middle East aerospace, defense industries

The Silent Threat: Why Vishing is Causing Major Problems for Businesses

Third-party attack vectors are responsible for 29% of breaches

Threat actor uses Facebook to lure victims, sends cash to Russia

Three Ways Your Organization Could Be Susceptible To Ransomware Attacks

TimbreStealer Malware Spreading via Tax-themed Phishing Scam Targets IT Users

UK Information Commissioner's Office (ICO) Vows to Safeguard Privacy in AI Era, Rules Out Bespoke Regulation

UK Unveils Draft Cybersecurity Governance Code to Boost Business Resilience

Understanding employees’ motivations behind risky actions

US: Biden bans brokers selling Americans' private data for espionage

US: Biden order will limit how much data can be sold to Russia and China

US healthcare alerted against BlackCat amid targeted attacks

Who is Mogilevich, the newest ransomware gang on the darknet?

27th February

1 million books and 4 months later, Toronto's library recovers from a cyberattack

2 Contra Costa County cities still recovering after being hit by cyberattacks

69% of Organizations Infected by Ransomware in 2023

67,000 U-Haul Customers Impacted by Data Breach

Akira Ransomware Group Threatens to Leak Stolen Data from Swedish Municipality

An infamous hacking group is reportedly behind the cyberattack that has left US pharmacies reeling

APT29 revamps its techniques to breach cloud environments

Around 50% of IT leaders believe IoT security is their weakest point

As Data Breaches Proliferate, New NIST Playbook Offers Recovery Tactics

Attackers penetrate Walmart’s Spark Driver portal

Black Basta, Bl00dy Ransomware Exploiting Recent ScreenConnect Flaws

Black Basta, Bl00dy ransomware gangs join ScreenConnect attacks

Blackcat ransomware gang reportedly behind Change cyberattack

Blackcat Ransomware Linked With ScreenConnect, Recent Health Care Attacks

Business Logic Abuse Dominates as API Attacks Surge

Cencora discloses data breach in cybersecurity incident

Change Healthcare attack that disrupted prescriptions blamed on BlackCat ransomware

Change Healthcare incident drags on as report pins it on ransomware group

ConnectWise Phishing Scam Targets Healthcare and Crypto Sectors in US

Cybercriminals: When we hit IT, they sometimes pay, but when we hit OT...jackpot

Cybercriminals obtain data of 2M customers leaked by delivery company

Dark Web Actor Selling Source Code for Rust-Based Information Stealer

Dark Web User Selling Access to an Undisclosed Brazilian Currency Exchange for $15,000

DDoS attack led to a $104K bill from hosting provider: “I thought it was a joke”

Egyptian Health Department Reports Data Breach Following December 2023 Cyberattack

Enterprises’ progress in digital trust implementation is far from great

FBI, CISA warn US hospitals of targeted BlackCat ransomware attacks

Federal Trade Commission (FTC) bans Avast from selling browser data

Five Eyes Agencies Expose APT29's Evolving Cloud Attack Tactics

Four Million WordPress Sites Vulnerable to LiteSpeed Plugin Flaw

Gilroy Gardens hit by ransomware attack

Half of IT Leaders Identify Internet of Things (IoT) as Security Weak Point

Henry Schein forecasts 2024 profit below estimates as cyber attack impact weighs

Hessen Consumer Center says systems encrypted by ransomware

How can Indian SMEs combat ransomware attacks?

I-Soon GitHub Leak: What Cyber Experts Learned About Chinese Cyber Espionage

Industrial Cyber Espionage France's Top Threat Ahead of 2024 Paris Olympics

LabHost cybercrime service lets anyone phish Canadian bank users

Legal expert slams Southern Water's response to cyber attack

LockBit back online, already targeting hospitals with ransomware

LockBit hacker boasts reason why gang's site was shutdown is because he got 'very lazy after five years of swimming in money' - before new operation pops back up on the dark web

Malicious code in Tornado Cash governance proposal puts user funds at risk

Mogilevich Ransomware Group Claims Cyberattack on Bazaarvoice, Data on Sale

Most Commercial Code Contains High-Risk Open Source Bugs

National Institute of Standards and Technology (NIST) Releases Final Version of Cybersecurity Framework 2.0

New Hugging Face Vulnerability Exposes AI Models to Supply Chain Attacks

New Variant of AMOS Stealer Targets Safari Cookies and Crypto Wallets

New Vulnerabilities in ConnectWise ScreenConnect Massively Exploited by Attackers

Office of Civil Rights (OCR) settles its 2nd ransomware investigation, probably not the last

Open-Source Xeno RAT Trojan Emerges as a Potent Threat on GitHub

Pay by 8:39 a.m. ransomware group tells Fulton County, Georgia

Pharmaceutical giant Cencora says data was stolen in a cyberattack

RansomHouse Adds Webber International University, GCA Nederland to Victim List

Ransomware gang seeks $3.4 million after attacking children’s hospital

Ransomware gangs exploiting ConnectWise ScreenConnect flaws

ResurrecAds Attack Hijacks Brand Names, Spreads Spam Via ‘SubdoMailing’

Retailer Pepco loses about 15 million euros in Hungarian phishing attack

Russia and Belarus targeted by at least 14 nation-state hacker groups, researchers say

Russian cyber espionage gang adapts to target cloud systems

Russian hackers hijack Ubiquiti routers to launch stealthy attacks

Safe Data Sharing Practices: How to Avoid Data Leaks

St. Peter's Health prescriptions partially impacted by national cyber attack

SubdoMailing Exposé: Massive Domain Hijacking Campaign Used for Ad Fraud, Malvertising, Phishing Emails

Tactics and techniques in ransomware attacks

The average open source vulnerability is 2.5 years old

Threat Actor Groups, Including Black Basta, are Exploiting Recent ScreenConnect Vulnerabilities

UK email mistake put ‘lives at risk’ for Afghans who had worked with British military

UnitedHealth gives update on cyberattack and pharmacy backlog

Unmanaged third-party access threatens Operational Technology (OT) environments

Vendor Email Compromise (VEC) and Business Email Compromise (BEC) attacks rise in the energy and infrastructure industry

WordPress LiteSpeed Plugin Vulnerability Puts 5 Million Sites at Risk

WordPress Plugin Alert - Critical SQLi Vulnerability Threatens 200K+ Websites

26th February

8 Worrying Cybersecurity Statistics You Need to Know in 2024

35 Days to Publish: RansomHub Claims Cyberattack on Farmacia AL SHEFA

8,000+ Domains of Trusted Brands Hijacked for Massive Spam Operation

8220 Hacker Group Attacking Linux & Windows Users to Mine Crypto

‘Alarming’ cyberattack hits Canada’s federal police, criminal investigation launched

Anonymous Sudan Launches New DDoS-for-Hire Service, Filling Skynet Botnet Void

Anti-Israel Hacktivist Groups Unites to Launch Coordinated Cyberattacks on Israel

Authorities Dismantled SugarLocker Ransomware Group

Avast Faces $16.5m Fine for Unlawfully Selling User Browsing Data

Avast Fined Millions for Selling User Browsing Data

Banking Trojans Target Latin America and Europe Through Google Cloud Run

Bitcoin Giant MicroStrategy Hit by X Account Hack, Users Lose Funds in Phishing Scheme

Bitcoin Holder MicroStrategy X Account Hacked In Ethereum Phishing Scam: Over $440,000 Crypto Stolen

California city declares state of emergency after ransomware attack

Canada: Cross-border police operation stops $615K ‘Spear Phishing’ fraud against Canadian business

Canada: Cyber attack on Hamilton knocks out municipal phone, email

Change Healthcare provides update on cyberattack

Chicago's Lurie Children's Hospital Battles Cyberattack Amidst Global Crackdown on Ransomware Groups

China Plan to Train 45,000 Firms in Hacker Protection Measures

China to bolster cyber defenses against “major risks”

CISA Issues Alert on APT29’s Cloud Infiltration Tactics

Common Vulnerabilities and Exposures (CVE) count set to rise by 25% in 2024

Confidential documents from Chinese government hacker company I-Soon uploaded to GitHub, experts say "the most detailed and important leak ever"

Cross-Border Vigilance: How Ontario Provincial Police (OPP) and U.S. Secret Service Thwarted a $600K Spear Phishing Scam

CrowdStrike 2024 Global Threat Report: 6 Key Takeaways

Cyber Attack on Health Tech Firm Change Healthcare Disrupts Pharmacies Across the US

Cybersecurity crisis in schools

Do ransomware attackers keep their word?

'Everybody Is Just Scrambling': Nationwide Cyber Attack Delays Bay Area Pharmacy Orders

Expecting privacy from ChatGPT is like asking the NSA to stop spying on citizens

Expert Warns of Growing Android Malware Activity

Fairway Independent Mortgage Corporation Confirms Data Breach Following “Operational Incident” Involving Third-Party Vendor

Financial sector remains one of the top sectors targeted by ransomware groups

Florida man could face 62 years in prison for hacking and related charges

Hack me if you can: LockBit challenges authorities, promises to return

Hacker group hides malware in images to target Ukrainian organizations

Hackers Drain $400K+ in MicroStrategy X Phishing Attack

Hackers exploit 14-year-old CMS editor on government, education sites for SEO poisoning

Hackers exploit MicroStrategy social media to orchestrate $440,000 phishing heist

Hackers Gain Access to MicroStrategy’s X Account, Steal $440k With Phishing Scam

Hackers Hijack Websites to Inject Malware that Steals User Credentials

Hampton County School District victim of cyber attack; South Carolina Law Enforcement Division (SLED), law enforcement investigating

Hijacked subdomains of major brands used in massive spam campaign

How Can CISOs Reduce Downtime During a Ransomware Attack?

Hundreds of police officer data breach claims struck out

If you have a Madrid public transport card, your data may be leaked after a cyber attack in November

India: Bangalore One Website Suffers Data Breach? How Traffic Fines Scam Via WhatsApp Targeted Bengalurians

Intercept Pharmaceuticals Confirms Data Breach Resulting in Leaked SSNs, PHI and Financial Account Information

Investigators trace $100 million in crypto payments to Myanmar scam syndicate

It’s time for security operations to ditch Excel

KyberSwap hacker bridges $2.5M in stolen funds to Ethereum

KyberSwap Hacker Transfers $2.5M to Ethereum Blockchain

LoanDepot finally reveals what data was exposed in January hack

LoanDepot Ransomware Attack Exposed 16.9 Million Individuals

LoanDepot Ransomware Attack Leads to Data Breach; 17 Million Impacted

LoanDepot Says 16.9 Million Customers Impacted by January Data Breach

LoanDepot says about 17 million customers had personal data and Social Security numbers stolen during cyberattack

LockBit Back Online as Ransomware Gang Continues to Clash with Law Enforcement

Lockbit is already back: the hacker gang multiplies the attacks

Lockbit is not dead, the most famous hacker group is already preparing its return

LockBit leak site is back online

LockBit makes 5 new victims after disruption by police

LockBit ransomware gang attempts to relaunch its services following takedown

LockBit Ransomware Group Hit in Global Crackdown

LockBit Ransomware Gang Resurfaces With New Leak Site

LockBit ransomware gang returns a week after supposed takedown by law enforcement

LockBit ransomware gang returns after being temporarily disrupted by law enforcement

Lockbit Ransomware Gang Returns After International Takedown, Arrests

LockBit Ransomware Gang Returns, Taunts FBI and Vows Data Leaks

LockBit Ransomware Group Announces it’s Back in Business

LockBit Ransomware Group Reemerges Following International Law Enforcement Operation

LockBit Ransomware Group Restores Servers Following Law Enforcement Takedown

LockBit Ransomware Group Resurfaces After Law Enforcement Takedown

LockBit Ransomware Group Returns After Law Enforcement Operation

LockBit Ransomware is back, says ‘5 years of swimming in money I became very lazy’

LockBit returns after takedown with new extortion threats

LockBit rises from the ashes, but will it pack the same punch as before?

LockBit Takedown: What You Need to Know about Operation Cronos

medQ Confirms Data Breach After Software Encryption Incident

MGM Resorts says regulators probing September cyber attack

MicroStrategy Falls Victim to $440K Phishing Attack

MicroStrategy hacker nets $440K in fake MSTR giveaway

MicroStrategy’s Twitter Account Hacked for Phishing Scam

MicroStrategy's X account breached, hacker launches Ethereum token phishing scam

MicroStrategy’s X Account Compromised, $440,000 Lost to Phishing Scam

MicroStrategy’s X Account Compromised, Over $440k Stolen Via Phishing Attack

MicroStrategy’s X account hacked, $440K lost in ETH phishing scam

MicroStrategy’s X Account Hacker Posts Malicious Links, Investors Lose $440,000

MicroStrategy’s X Account Suffers Phishing Scam Cyberattack

MicroStrategy’s X Hack: $440K Stolen via Phishing

More businesses investing in cyber security as attacks reach record high

National Cyber Security Centre (NCSC) to Offer Cyber Governance Guidance to Boards

New IDAT Loader Attacks Using Steganography to Deploy Remcos RAT

New IDAT loader version uses steganography to push Remcos RAT

New research finds gaps in secure access to Operational Technology (OT) environments

New SEC Cybersecurity Disclosure Rule: Why Wall Street Will Take Cybersecurity Seriously In 2024

North Korean Hackers Targeting Developers with Malicious npm Packages

Oculus Meta hack leads to suspension of multiple Facebook accounts

Ontario Provincial Police (OPP), U.S. Secret Service probe 'Spear Phishing' fraud, prevent Canadian business from being scammed out of $600K

Paying for a ransomware attack has consequences: there are many chances that they will attack you again to get more money

Ransomware attack blamed for Change Healthcare outage stalling US prescriptions

Ransomware Gang Blackcat Behind Cyberattack on Change Healthcare

Ransomware is hitting the financial services industry harder than ever before

Researchers say easy-to-exploit security bugs in ConnectWise remote access software now under mass-attack

Rising Cloud Adoption in Finance Sector Fuels Ransomware Vulnerabilities, Netskope Report Finds

Royal Canadian Mounted Police (RCMP) initiates criminal probe amid cyber attack on network

Russia cyber spies behind SolarWinds breach adopting new tactics, warn Five Eyes agencies

Russia-based LockBit ransomware hackers attempt comeback

Russian hackers shift to cloud attacks, US and allies warn

Scattered Spider: Advanced Techniques for Launching High-Profile Attacks

ScreenConnect flaws exploited to deliver all kinds of malware (CVE-2024-1709, CVE-2024-1708)

Southern Water letter to cyber attack-hit customers

Steel giant ThyssenKrupp confirms cyberattack on automotive division

Taiwanese Authorities Crack Down on International Credit Card Phishing Ring

The true cost of ransomware: 78% saw attackers coming back for more

The UK has seen an increase in cyberattacks against higher education

Travelers targeted with Booking.com refund malware

U-Haul admits data breach

U-Haul Confirms Data Breach Affecting Thousands: A Call for Enhanced Digital Security

U-Haul Informs Customers of Major Data Breach

Understanding WhatsApp phishing and how to avoid it

UnitedHealth Optum Cyberattack Pinned On Ransomware, Not Nation-State

UnitedHealth subsidiary Optum hack linked to BlackCat ransomware

UnitedHealth's Change Healthcare hack blamed on ALPHV/BlackCat

Unsurprisingly, LockBit ransomware crew has returned

Updated NIST cybersecurity framework adds core function, focuses on supply chain risk management

US Government Announces Up to $15M Bounty for Information on LockBit Ransomware Affiliates

US pharmacy outage triggered by 'Blackcat' ransomware at UnitedHealth unit, sources say

What the war on terrorism teaches us about the war on ransomware

Wyze data breach allowed 13,000 customers to view other people’s homes

Ransomware Operator Claims - Week 8 2024

Welcome to last week's ROC Report, an exclusive summary of Ransomware Operator's global victims that were claimed during the period between 19th February and 25th February 2024, kindly assisted by our partners.

For further analysis on these (and any historic) Ransomware Operator Claims, including the Victim Names and Industry Sectors attacked, please use our PRiSM application.

Flag Icons created by Freepik and provided by Flaticon.

Monday 19 February 2024

Data Breaches Digest - Week 8 2024

Welcome to this week's Data Breaches Digest, a catalogue of links concerning Data Breaches and Cyber Security that were published on the Internet during the period between 19th February and 25th February 2024.

25th February

A cyber attack hit the Royal Canadian Mounted Police

Authorities Claim LockBit Admin "LockBitSupp" Has Engaged with Law Enforcement

Blockchain researcher recovers stolen funds from NFT heist

Cost of data breaches for companies in South Africa

Cyber attack on health insurance provider could prevent Arizonans from getting prescriptions

FBI’s LockBit Takedown Postponed a Ticking Time Bomb in Fulton County, Georgia

Leaked Files Reveal Foreign Hacker Threats

LockBit is Back With New Claims and Victims

LockBit ransomware returns, restores servers after police disruption

MicroStrategy’s X account appears hacked with phishing messages, at least $440,000 stolen

Office of Foreign Assets Control (OFAC) Flags 10 Wallet Addresses Linked to LockBit Affiliates in Ransomware Crackdown

Rajasthan Hacker Arrested for Massive International Data Breach Involving Millions

Royal Canadian Mounted Police (RCMP) investigating cyber attack as its website remains down

Targeted ransomware groups grow in numbers, sophistication

Top-Ranked DeGods NFT Recovered After Phishing Scam Loss

Ukraine: cyber attack against the "Priyamy" TV channel, a pro-Russian message broadcast

Underrated Incident Prevention Methods in Cyber Risk Management

24th February

3 trends that’ll influence cyberattacks & ransomware in 2024

AI’s Transformative Impact on Cybersecurity: A Double-Edged Sword

Australian data breach reports surge in second half of 2023

Beware of Shopping Rewards Phishing Scams, Warns Better Business Bureau

Breaking Silence: Helsinki Arrest Sheds Light on Vastaamo Data Breach Saga

Chinese Cybersecurity Firm’s Data Leak Targets India and Beyond

Cyberattack on Pharmacy Firm Affecting New Jersey Prescriptions

Data Breach: Large scale data leak from Chinese cyber security agency, how much will it affect India; Know how prevention can be done?

Data Breach Alert As Chinese Hackers Expose Massive Theft of Indian Immigration Records Equalling 100GB; How Chinese Government Utilize Companies Like iSoon For Espionage Purposes

Holiday Shopping Season Sees Surge in Ransomware Attacks, SonicWall Reports

How one of Toronto's busiest libraries is recovering after the cyber attack

Law Enforcement Deals Blow to LockBit Ransomware Group

Nearly 70% of Scalper BOTs Users Are Buying via Social Media

North Kansas City Hospital facing lawsuits over data breach

P2P lending platform LenDenClub allegedly suffers data breach

Ransomware Operation LockBit Reestablishes Dark Web Leak Site

Ransomware Resurgence: The Unseen Battle Against Cyber Extortion

Russian hacker is set to face trial for the hack of a local power grid

Russian Ministry Software Backdoored with North Korean KONNI Malware

Second California city in 24 hours says they've been targeted in malicious cyber attack

The Evolving Battlefield of Cybersecurity: SonicWall's Mid-Year Report Unveils a Mixed Bag of Threat Trends

UK business registry approves controversial ERC20 wallet drainer

Ukrainian TV channel reports Russian hacker attack, broadcasting propaganda

Virginia Healthcare Provider Faces Class Action Lawsuit Over Data Breach

Why academic institutions remain especially vulnerable to cyberattacks

'World's most harmful': What is the LockBit cybercrime gang?

23rd February

54% of Americans would disclose their email account for a discount

78% of Organizations Suffer Repeat Ransomware Attacks After Paying

81% of security leaders predict SEC rules will impact their businesses

230K individuals impacted by a data breach suffered by Telco provider Tangerine

230k Individuals Impacted by Data Breach at Australian Telco Tangerine

2024 will be a volatile year for cybersecurity as ransomware groups evolve

67,000 U-Haul customers affected by data breach: What we know

A school in Framwellgate, Durham, lost 40GB of data in a cyber attack

After LockBit takedown, police try to sow doubt in cybercrime community

Alert: Coyote Trojan Strike Compromises 61 Brazilian Banks

Annual photos may have been compromised by a cyber attack

Anonymous Sudan claims DDoS Attacks on major UK universities

Another California city, targeted by Ransomware hackers, cyber criminals disable city services

Aquent and CIGNA Affected by Third-Party Data Breach at Prospect Medical Holdings

Aspen Dental patients' personal information exposed in data breach

Avast Hit With $16.5 Million Fine for Selling Customer Data

Avast ordered to pay $16.5 million for misuse of user data

Avast to pay $16.5M over charges of unfair user data sales

Axie Infinity co-founder loses $9.7M in 3,248-ETH wallet hack

Biden-Harris Administration Takes Action to Enhance US Cybersecurity

Canada: Investigation into cause of January 11th cyber attack on Greater Napanee network remains ongoing

Change Healthcare Cyberattack Disrupts Services Nationwide - Here’s What To Know

Change Healthcare Experiences Cybersecurity Issue, Raising Data Breach Concerns

CISA: Update ConnectWise ScreenConnect Servers Or Take Offline As Ransomware Is Deployed

CISA And FBI Share Cyber Attack Defenses For Securing Water Systems

City of Oakley Hit With Ransomware Attack

City Of Pleasant Hill Says it Was Target In Cyber Attack

Cogdell Memorial Hospital Notifies Patients of October 2023 Data Breach

ConnectWise ScreenConnect attacks deliver malware

ConnectWise ScreenConnect Mass Exploitation Delivers Ransomware

ConnectWise users see cyber attacks surge, including ransomware

Cyber attack on Change Healthcare impacts pharmacy operations across the U.S.

Cyber attack wreaks havoc on US pharmacies, delays prescriptions across the country - Who's hurt the most?

Cyberattack on Change Healthcare was an exploit of the ConnectWise flaw

Cyberattack on Pharmacy Firm Affecting New Jersey Prescriptions

Cybercriminal groups actively exploiting ‘catastrophic’ ScreenConnect bug

Deepfake Threat: $2 Deceptive Content Undermines Election Integrity

Digital Battleground: Ministry of Planning Falls Prey to Cyber Attack

Dormant PyPI Package Compromised to Spread Nova Sentinel Malware

Email Threat Trends in 2024: Scams and Attacks to Watch Out For

Emerging Threat: Hackers Leverage ConnectWise Vulnerabilities to Implement LockBit Ransomware Attacks

FBinsure Files Official Notice of Data Breach Impacting an Unknown Number of People

Federal Trade Commission (FTC) Enters Consent Agreement With Blackbaud Following Major Data Breach

Federal Trade Commission (FTC) Slams Avast with $16.5 Million Fine for Selling Users' Browsing Data

Framwellgate School, Durham, lost 40GB data in cyber attack

Hack-Proof Your Workforce With Security Awareness Practices

Hackers are exploiting ConnectWise flaws to deploy LockBit ransomware, security experts warn

Hackers Exploit ConnectWise Bugs to Deploy LockBit Ransomware

Hackers Exploit ConnectWise Vulnerability to Spread LockBit Ransomware

Hackers Leak 2.5M Private Plane Owners’ Data Linked to Los Angeles International Airport Breach

Hackers steal nearly $10 million from Axie Infinity co-founder’s personal accounts

Here’s how the cyber attack on UnitedHealth is impacting Pittsburgh pharmacies, customers

HHS Settles Ransomware Investigation With Behavioral Health Provider

How to avoid scams, fraud, and online phishing

If you pay ransom, you may not get your data back and worse, you probably WILL get hit again

India most-hit country by Lockbit in South Asia: What makes this group so dangerous

Infiniti USA Cyberattack Reveals New Dark Web Threat: The Mogilevich Ransomware Group

Information Commissioner’s Office (ICO) Bans Serco Leisure's Use of Facial Recognition for Employee Attendance

Insomniac Games alerts employees hit by ransomware data breach

International Law Enforcement Efforts Hobble Cybercrime Operation

International Operation Hits Major Ransomware Player LockBit

Israel warns institutions face cyber attack risks

Latitude posts $158.5m loss for "most challenging year"

Law enforcement strikes back with rewards: the fall of a major cybercrime syndicate, LockBit

Leak exposes Chinese hacker

Learning from File Transfer Software Vendors’ Vulnerability Response

Learning from the LockBit takedown

Life after a cyber attack: How organisations can be supported to come back stronger

LinkedIn scams and how to avoid them

LockBit administrator ‘has engaged with law enforcement,’ police claim

LockBit Gang Money Flow Uncovered: New Strain Under Development

LockBit Is Down, But These Top 5 Other Ransomware Threats Will Take Its Place

LockBit is gone, but what does that actually mean?

LockBit Leaders Offer $20 Million Reward for Doxxing Them

LockBit ransomware gang dismantled by global task force

LockBit ransomware gang has over $110 million in unspent bitcoin

LockBit ransomware still poses a major threat - ScreenConnect under attack from new malware

LockBit Ransomware Threat Persists

LockBit still shows signs of life, new ransom attacks reported

Lockbit takedown accompanied by some arrests and indictments

LockBit's admin engaged authorities

LockBit’s earnings in the multi-billion-dollar territory

Mainers’ personal data may have been stolen in Aspen Dental data breach

Major Cyberattack Disrupts US Healthcare Giant Change Healthcare

Majority of Ransomware Victims That Pay a Ransom Suffer a Second Attack

Malawi’s passport system gets compromised by cyber-attack

Maryland behavioral healthcare provider settles HIPAA violations after ransomware breach

Maryland pharmacies delayed in filling prescriptions after cyber attack

MGM Resorts Cyberattack: State and Federal Regulators Launch Probe Into $100 Million Data Breach

Nationwide Cyber Attack Disrupts Pharmacy Operations, Delays Prescriptions Across the US

Nationwide Cyber Attack Slows Down Prescription Processing Across Pharmacies

Nearly 80% of firms hit by ransomware in the last two years were compromised a second time

New Data Reveals Rise in Threat Actors Exploiting Remote Access Software

New Phishing Strategy Targets ENS Domain Owners

New Zealand: Vaccinators fear for their lives after Health NZ data breach

Northwestern Mutual Life Insurance Customer Information Leaked Due to Vendor Data Breach

Office of Foreign Assets Control (OFAC) Sanctions Several Wallets Tied to Russia-Based Cybercriminal Group LockBit

One billion dollars in funding for even more ransomware

Operation Cronos: Who Are the LockBit Admins

Organizations Unprepared to Face Cloud Security Threats

Plant production still on hold for German battery manufacturer after cyberattack

Post-LockBit, How Will the Ransomware Ecosystem Evolve?

Privacy Beats Ransomware as Top Insurance Concern

Quik Pawn Shop Falls Victim to Alleged Cyberattack by Akira Ransomware Group

Ransomware associated with LockBit still spreading 2 days after server takedown

Recruitment Firm Das Team Ag Confirms Cyberattack by Black Basta Ransomware Group

Reproductive Biology Associates, MyEggBank data breach $1M class action settlement

Researchers Detail Apple's Recent Zero-Click Shortcuts Vulnerability

Reward Offer for Key Leaders of Hive Ransomware Crime Group

Rising Cyber Threat: Hackers Threaten to Expose Personal Data Unless Demands Met

Rotech Healthcare Scrambles to Address Patient Data Breach in Philips Respironics Cyberattack

Royal Canadian Mounted Police (RCMP) dealing with ‘alarming’ cyber attack on its networks

Royal Canadian Mounted Police (RCMP) facing ‘alarming’ cyber attack

Russian citizen faces trial for alleged hacking of local power grid

Scammers drain cryptocurrency wallets through Telegram phishing scam

Secure email gateways struggle to keep pace with sophisticated phishing campaigns

Securing Sensitive Information in Cloud Repositories

SMBs are being targeted by this new phishing scam - make sure you don't fall victim

Some United customers experiencing prescription delays after nation-wide cyber attack

T-Mobile, IRS, Apple, and USAA: Top Scams of the Week

The Anti-Climactic Unveiling of LockBitSupp: A Tale of Cybercrime, Misinformation, and Global Efforts to Combat Ransomware

The Cyber Battlefield in Manufacturing: Strategies for Resilience

The Evolution of Cybercrime: From Ransomware to Data Extortion

The old, not the new: Basic security issues still biggest threat to enterprises

ThreeAM Ransomware Hits Again: Claims Abcor, MTM Robotics as Latest Victims

U-Haul says 67,000 customers affected in records system breach

U-Haul says hacker accessed customer records using stolen credentials

Undercover Efforts Lead to Major Blow Against LockBit Ransomware Group

United States, U.K. take down international LockBit ransomware group

UnitedHealth confirms Optum hack behind US healthcare billing outage

UnitedHealth Unplugs Change Healthcare Information Systems To Contain Cyber Attack

'We will not pay hackers': Bill to end ransomware pay outs passes the full Tennessee House

White Hat Hacker Saves the Day Amid $1.3 Million DeFi Exploit

Why some cyber-attacks hit harder than others

Yearbook photos may have been compromised in a cyber attack

Your company had a ransomware attack: now what?

22nd February

A New Age of Hacktivism

Addiction recovery centers in New Jersey hit with data security breach

ALPHV/BlackCat Ransomware Group Claims KHS&S Contractors Cyberattack

Apple Approves Fake App Before Real Rabby Wallet, Users’ Funds Stolen

Apple Shortcuts Vulnerability Exposes Sensitive Data, Update Now!

Apple Unveils PQ3 Protocol - Post-Quantum Encryption for iMessage

Attack velocity surges with average breakout time down to only 62 minutes

Attackers exploiting ConnectWise ScreenConnect flaws, fixes available for all users (CVE-2024-1709, CVE-2024-1708)

Australian telecom Tangerine says credential breach exposed 232k customers' personal data

Authorities dismantled LockBit before it could unleash revamped variant

Beware of ENS Email Phishing: Crypto Scammers Target Ethereum Name Service Owners

Bring us the head of LockBit! $15 million bounty offered for information on leaders of notorious ransomware gang

Businesses Increase Cybersecurity as Budgets Surge in 2024

California Attorney General settles with DoorDash over selling consumer data without notice

Canadian Securities Watchdog Warns of Phishing Scams in Financial Sector

Change Healthcare Cyber-Attack Leads to Prescription Delays

Change Healthcare cyberattack causes nationwide pharmacy delays

Chinese Cyber Agency Linked to 2018 Data Breach of Millions in India, Says Probe

Chinese Duo Found Guilty of $3m Apple Fraud Plot

ConnectWise Says ScreenConnect Flaw Being Actively Exploited

ConnectWise Vulnerabilities Raise Ransomware Alarms

Cyber Attack Takes Francis Howell Schools, Missouri, Offline

Cyber Pros Embrace AI, Over 80% Believe It Will Enhance Jobs

Cyber Security Pros Should Worry About State-Sponsored Cyber Attacks

Cyber Threats Grow in Scale and Sophistication: SonicWall Report Highlights Key Security Trends

Cyber-attack hits Malawi's immigration service

Cyberattack hits UnitedHealth Group unit by actor with suspected 'nation-state' ties

Cybercriminals Weaponizing Open-Source SSH-Snake Tool for Network Attacks

Cybersecurity fears drive a return to on-premise infrastructure from cloud computing

Data breach at New Jersey rehab facilities - What you need to know

Don’t Brush Off the Toothbrush Story

Employees' Provident Fund Organisation (EPFO) data breach in 2018 linked to Chinese cyber agency, probe reveals

Even adult toys want your personal information: don’t plug them into a USB

Federal Trade Commission (FTC) Aims To Settle Charges With Blackbaud Over 2020 Data Breach

Federal Trade Commission (FTC) Enters Consent Agreement With Blackbaud Following Major Data Breach

Federal Trade Commission (FTC) hits Avast with $16.5 million fine over allegations of selling users’ browsing data

Federal Trade Commission (FTC) to ban Avast from selling browsing data for advertising purposes

Fulton County Ransomware Attack Prompts $10M IT Overhaul

Glitch in Wyze Home Security Cameras exposes users to strangers' homes

Global effort brings down ransomware site

Global Task Force Decodes LockBit: A United Front Against Ransomware

Government back in data breach 'top five' after near three-year absence

How conveyancers can protect themselves against a cyber attack

Hubris May Have Contributed to Downfall of Ransomware Kingpin LockBit

Indian authorities investigates data breach concerns involving PMO and EPFO

Inside LockBit: A ransomware gang in decline?

iPhone fraudsters facing jail after robbing Apple of $3M

Is the LockBit Crackdown a Real Victory? Ransomware Group Makes Bold Claims

January sees three-year high in ransomware attacks across the globe

Kenya Faced Alarming Rise in Ransomware Attacks, AI Threats in 2023

Leaked documents open the lid on China’s commercial hacking industry

LockBit Group Prepped New Crypto-Locker Before Takedown

LockBit ransomware secretly building next-gen encryptor before takedown

LockBit takedown: Police shut more than 14,000 accounts on Mega, Tutanota and Protonmail

Managed Service Providers (MSPs) undergo transformation in response to persistent cyber threats

Maryland Psychiatric Practice Settles HIPAA Violation: 14,000 Affected by Ransomware

Maryville Addiction Treatment Centers Victim Of Data Breach

Medibank hacker detained in Russia

More LockBit affiliates arrested, $10M bounty for info on others

Mr. Cooper leak exposes over two million customers

New ScreenConnect RCE flaw exploited in ransomware attacks

New WiFi vulnerabilities allow attackers to fake and overtake networks

New Zealand: Te Whatu Ora data breach has vaccinators fearing for their safety

Pharmacies across America are having trouble processing some prescriptions because of a cyberattack

Phishing in Plain Sight: The Dubious UK Registration of Crypto's 'Nova Drainer'

Prescriptions nationwide impacted by cyber incident at Change Healthcare

Public Extortion via Ransomware Spikes

Ransomware associated with LockBit still spreading 2 days after server takedown

Ransomware attack forces PSI Software to shut email and IT systems

Ransomware Attack on Maryland Psychotherapy Provider Results in HIPAA Penalty

Ransomware Costs Businesses Record-High $1 Billion in 2023: Your 5-Step Plan to Prevent Attacks in 2024

Ransomware Warning as CVSS 10.0 ScreenConnect Bug is Exploited

Report finds blocklists are still effective in mitigating attacks

Russia arrests three alleged SugarLocker ransomware members

Russian Government Software Backdoored to Deploy Konni RAT Malware

ScreenConnect servers hacked in LockBit ransomware attacks

SMBs at Risk From SendGrid-Focused Phishing Tactics

State Department Puts Up $10 Million for Info on LockBit Leaders

Tangerine Data Breach Exposes Personal Information of 230,000 Customers

Tehran’s Municipal Systems Still Struggling 8 Months After Cyber Attack

The LockBit Takedown: Why Ransom Payments Are a No-win Scenario

The United States government will pay you $15 million for information on LockBit ransomware gang

Trust in biometric data is declining among consumers

U.S. and U.K. Disrupt LockBit Ransomware Variant

U.S. Offers $15 Million Bounty to Hunt Down LockBit Ransomware Leaders

University of Cambridge apparently suffering DDoS attack - and it isn't the only one affected

US Offers $15 Million For Info On LockBit Ransomware Leaders

US Offering $10M for LockBit Leaders as Law Enforcement Taunts Cybercriminals

US to Pay $15M for Info About Lockbit Ransomware Operator Data

US Treasury Targets This Russian Ransomware Group in New Sanctions

Vulnerable to Vigilant: SMBs Ramp Up Cybersecurity Efforts

What CIOs Can Do To Prepare For Ransomware Attacks

When hackers strike: Exposing the painful truth about yielding to ransomware

Year-over-year, the median initial ransom has risen by 20%

21st February

9 in 10 data breaches due to phishing attacks aimed at employees

A ransomware reality check as US is a top target of attacks

Agencies claim big win in anti-cybercrime fight

Alarming Security Report Warns Of An Unprecedented Surge In Ransomware Attacks

Alleged Raccoon Infostealer operator extradited, verification site set up for victims

Attacker Breakout Time Falls to Just One Hour

Average breakout time for intrusive activity is 62 minutes

Biden executive order seeks to bolster port cybersecurity

Biden Executive Order to Bolster US Maritime Cybersecurity

Cactus ransomware group says it stole 1.5TB of data from Schneider Electric's systems

Cambridge University Faces Cyber Attack

Colorado health department says MOVEit data breach impacted more than 4.6m individuals

ConnectWise exploit could spur ‘ransomware free-for-all,’ expert warns

ConnectWise remote access software needs immediate patching, company says

Crypto Exchange FixedFloat Hacked: $26 Million in BTC, ETH Stolen

CVEs expected to increase 25% in 2024

Cyber Insights 2024: Ransomware

Deepfake Phishing Grew by 3,000% in 2023 - And It's Just Beginning

Digital Siege: Butler County's Battle Against Data Breach Reveals Vulnerabilities and Vigilance

eSentire Confirms Rhysida Ransomware Victims

European Parliament defense subcommittee phones show ‘traces’ of hacking

Fears post-LockBit ransomware void won’t last long

Fraudsters tried to scam Apple out of 5,000 iPhones worth over $3 million

Global Police Operation Dismantles Top Ransomware Criminals

Hackers abuse Google Cloud Run in massive banking trojan campaign

HHS’ Office for Civil Rights Settles Second Ever Ransomware Cyber-Attack

IBM sees global identity crisis emerging: every third attack abused valid accounts

Identity Compromises Surge as Top Initial Access Method for Cybercriminals

Identity-Based Attacks Grow While Ransomware Declines

International Law Enforcement Operation Arrests Members Of The Lockbit Ransomware Gang

International Law Enforcement’s “Operation Cronos” Snags LockBit Ransomware Group’s Leak Site, Crypto Wallets and Decryption Keys

International Operation Targets Notorious LockBit Ransomware Group

Investigation into full extent of ransomware attack on Toronto Public Library still underway

Joomla fixes XSS flaws that could expose sites to RCE attacks

Law Enforcement Locks Down LockBit Ransomware Group, Arrests 2

Life after LockBit: A fragmented landscape and wayward affiliates will still cause chaos for enterprises

LockBit: Lessons learned on winning the war on cybercrime

LockBit affiliates arrested in Ukraine, Poland

LockBit crackdown heats up as US offers reward for info on hackers

LockBit held victims’ data even after receiving ransom payments to delete it

Lockbit locked out: Russian ransomware gang shut down by US, allies

MrB Ransomware (.mrB Files) – Analysis & File Decryption

Multinational Cyber Effort Dismantles LockBit Ransomware Group

Mustang Panda Targets Asia with Advanced PlugX Variant DOPLUGS

National Cyber Security Centre (NCSC) Sounds Alarm Over Private Branch Exchange Attacks

Navigating the Maze: Tips to Consider When Choosing SOC as a Service

New Linux Malware “Migo” Exploits Redis for Cryptojacking, Disables Security

New SSH-Snake malware steals SSH keys to spread across the network

New 'VietCredCare' Stealer Targeting Facebook Advertisers in Vietnam

New Wi-Fi Vulnerabilities Expose Android and Linux Devices to Hackers

New Zealand: Police charge two teens for phishing, victims allegedly fleeced of up to $100k

Over 40% of Firms Struggle With Cybersecurity Talent Shortage

Phishing Attacks Continue to Beat Security Measures

Ransomware and Business Email Compromise (BEC) are seeing a huge rise - is your business ready?

Reward Offers for Information on LockBit Leaders and Designating Affiliates

Russia Announces Arrest of Medibank Hacker Tied to REvil

Russian Authorities Arrest SugarLocker Operator in Connection with Global Cyberattacks

Russian Hackers Launch Email Campaigns to Demoralize Ukrainians

Russian Hackers Target Ukraine with Disinformation and Credential-Harvesting Attacks

Russian Web hosting provider exposes data of more than 54 Million users

SBU detains LockBit ransomware hackers in Ternopil Oblast

ScreenConnect critical bug now under attack as exploit code emerges

Should IT and Security Teams Play a Role in Crisis Communications?

Students and staff personal data stolen in cyber attack

The importance of a good API security strategy

The sound of swiping reveals your fingerprints, researchers warn

U.S. and U.K. Disrupt Lockbit Ransomware Group and Indict Two Russian Nationals While OFAC Levies Sanctions

University of Wolverhampton Struggles with System Outages Due to Cyber Attack: Impact and Remedial Measures

Unsecured Database Leaks 153 GB of Filipino Student and Family Data

US government shares cyberattack defense tips for water utilities

US offering rewards for information on leaders of ransomware group

US offers $15 million bounty for info on LockBit ransomware gang

VMware Alert: Uninstall EAP Now - Critical Flaw Puts Active Directory at Risk

VMware Highlights Critical Flaws in Enhanced Authentication Plug-in (EAP)

VMware pushes admins to uninstall vulnerable, deprecated vSphere plugin (CVE-2024-22245, CVE-2024-22250)

White House Hardens Cybersecurity at U.S. Ports, with China a Focus

Wyze camera breach allowed 13,000 people to spy on strangers

20th February

36% of code generated by GitHub CoPilot contains security flaws

About 13,000 Wyze Customers Affected by Camera Glitch

Agencies seize LockBit ransomware servers, offer encryption keys

Alpha Ransomware Uses Living-Off-The-Land Tools To Attack Windows Computers

ALPHV claims major ransomware attacks on loanDepot and Prudential Financial

Authorities disrupt operations of notorious LockBit ransomware gang

Authorities Successfully Disrupt LockBit Ransomware Group

Authorities Take Down Hackers That Targeted Manufacturers with Ransomware Attacks

Beyond Cookies: How to Enable Secure Navigation of the Web

Britain, international allies seize operations of LockBit ransomware group

British, U.S. Law Enforcement Agencies Disrupt Ransomware Group Linked To Russia

Broken LockBit: Ransomware Group Takedown Will Have Impact

Cactus ransomware gang claims it stole 1.5TB of Schneider Electric data

Cactus ransom gang claims Schneider Electric

Cactus ransomware gang claims the theft of 1.5TB of data from Energy management and industrial automation firm Schneider Electric

Cambridge among universities hit by 'malicious' cyber attack

Cambridge University DDoS attack claimed by Anonymous Sudan

Cactus Ransomware Group Confirms Hacking Schneider Electric

Clean links and sophisticated scams mark new era in email attacks

Complexity Mounts in Schneider Electric Data Breach: Cactus Ransomware Claims Responsibility

ConnectWise urges ScreenConnect admins to patch critical RCE flaw

Critical ConnectWise ScreenConnect vulnerabilities fixed, patch ASAP!

Critical Flaws Found in ConnectWise ScreenConnect Software - Patch Now

Critical infrastructure software maker confirms ransomware attack

Cyber attack affecting multiple universities across UK hits Wolverhampton campuses

Cybercrime hunters disrupt ‘most active ransomware group ever’

DC-area school system says data of 100,000 people affected in ransomware attack

Decoding the Disruption: How the FBI Stopped Russian Cyberattacks

Dragos warns of rising ransomware, inaccurate vulnerability advisories

Europol, FBI Announce LockBit Ransomware Crackdown

Exploring Data Privacy and Security in B2B Gaming Data

FBI, British authorities seize infrastructure of LockBit ransomware group

FBI, other agencies disrupt ransomware syndicate behind attacks worldwide

FBI, police partners take down most prolific ransomware gang to date

Feds Seize LockBit Ransomware Websites, Offer Decryption Tools, Troll Affiliates

From ObserverStealer to AsukaStealer: A Deeper Dive into Malware Evolution

Global law enforcement effort cracks down on LockBit ransomware group

Global law enforcement takes down ransomware group that targeted U.S. hospitals and schools

Hacker website taken over by UK-led law enforcement operation

Hacker website that aids cyber attacks taken over by UK-led law enforcement operation

Harvard Pilgrim data breach impacted more than 5 million patients

How A Hacker Group Was Taken Down By An International Operation

How decentralized identity is shaping the future of data protection

How to make sense of the new SEC cyber risk disclosure rules

Industrial sector ransomware attacks increased by 50% in 2023

Initial Ransomware Demands Jump 20% to $600,000 in 2023

Insider steals 79,000 email addresses at work to promote own business

Insider Steals 80,000 Email Addresses From District Councils

International investigation disrupts infamous ransomware gang LockBit

International law enforcement agencies disrupt prolific ransomware group LockBit

International Law Enforcement Effort Disrupts LockBit Ransomware

International Law Enforcement Takes Down Notorious LockBit Ransomware Group

Iran and Hezbollah Hackers Launch Attacks to Influence Israel-Hamas Narrative

Knight ransomware source code for sale after leak site shuts down

Law enforcement agencies disrupt prolific ransomware group LockBit

Law enforcement disrupt world’s biggest ransomware operation

Law enforcement disrupts Lockbit ransomware group believed to be behind Fulton County attack

Law Enforcement Hacks LockBit Ransomware, Delivers Major Blow to Operation

Law Enforcement Strikes: LockBit Associated Leak Sites Disrupted in Coordinated Takedown

Law Enforcement Trolls World’s Biggest Ransomware Gang

Linux Malware Campaign “Migo” Targets Redis For Cryptomining

Lockbit: UK leads disruption of major cyber-criminal gang

LockBit cartel disrupted "at every level"

Lockbit cybercrime gang disrupted by Britain, US and EU

LockBit hacker gang compromised in FBI, international law enforcement sting

LockBit Infrastructure Disrupted by Global Law Enforcers

LockBit Ransomware Crackdown: US Sanctions Crypto Wallets

LockBit Ransomware Gang Broken Up After Taking $120 Million in Bitcoin

LockBit ransomware gang disrupted by global operation

LockBit ransomware gang disrupted by international law enforcement operation

LockBit ransomware gang shut down? Website for notorious criminal gang no longer operational

Lockbit ransomware gang's origins, tactics and past targets - and what next after policing breakthrough

LockBit Ransomware Gang’s Website Shut Down by FBI and International Law Enforcement

LockBit ransomware group taken down in multinational operation

LockBit Ransomware Operation Shut Down; Criminals Arrested; Decryption Keys Released

LockBit ransomware operations seized by law enforcement in ‘Operation Cronos’

LockBit Ransomware's Darknet Domains Seized in Global Law Enforcement Raid

LockBit takedown: Infrastructure disrupted, criminals arrested, decryption keys recovered

LockBit Takedown: What You Need to Know about Operation Cronos

Major ransomware site taken down in international law enforcement sting

Malicious emails bypassing secure email gateways rose by 105%

Manufacturing bears the brunt of industrial ransomware

Maryland's Prince George’s County Public Schools says data breach compromised staff and student records

Median Ransomware Demands Grow to $600K a Pop

Members of ransomware gang Lockbit arrested by law enforcement

‘Most active’ ransomware gang taken down by Britain’s National Crime Agency

National Crime Agency seizes website of notorious LockBit ransomware gang responsible for UK cyber attacks

National Crime Agency (NCA) sting takes down LockBit ransonware criminals that targeted KNP Logistics

National Crime Agency (NCA), FBI take down Russia-linked LockBit ransomware gang

National Crime Agency’s LockBit Takedown: Source Code, Arrests and Recovery Tool Revealed

National Cyber Security Centre (NCSC) Issues Guidance to Secure PBX Systems from Cyberattacks

National Cyber Security Centre (NCSC) statement on law enforcement's disruption of LockBit ransomware operation

New Malicious PyPI Packages Caught Using Covert Side-Loading Tactics

New Migo malware disables protection features on Redis servers

New Migo Malware Targeting Redis Servers for Cryptocurrency Mining

New Report Reveals North Korean Hackers Targeting Defense Firms Worldwide

New Typosquatting and Repojacking Tactics Uncovered on PyPI

Notorious cyber crime gang Lockbit disrupted by NCA, FBI and international coalition

Operation Cronos: International Crackdown Shatters LockBit Ransomware Network

Operation Cronos: The Elevation and Collapse of LockBit

'Operation Cronos' dismantles LockBit ransomware gang

Over a hundred Romanian hospitals affected by ransomware attack

Phishing Alert: Chinese Cybercriminals Target Indian Investors with Fake Brokerage Apps

Police arrest LockBit ransomware members, release decryptor in global crackdown

Police plan week of LockBit revelations after capturing ‘unprecedented’ intelligence from gang’s infrastructure

Preventing Ransomware in Stock Trading Firms

Prolific’ LockBit ransomware group loses its keys to a global takedown

Ransomware Attacks Get the Lion’s Share of Publicity, but Operational Technology (OT) Incursions Can Be More Pernicious

Ransomware group LockBit is disrupted by a global police operation that includes 2 arrests

Ransomware Groups, Targeting Preferences, and the Access Economy

Ransomware hackers focus on North America, Europe

Rising Ransomware, Supply Chain Disruptions & Geopolitical Issues Complicate Cybersecurity

Royal Mail hacker sees site shut down by UK crime agency

Russia detains hacker behind Australia’s Medibank attack

Russian-linked cyber criminals behind major attacks on Royal Mail and Porton Down are shut down in global sting: Seven are arrested and three more on the run after British-led clampdown on gang 'hiding in the shadows' in Putin's pariah state

Schneider Electric confirms data was stolen in Cactus ransomware attack

Seized ransomware network LockBit rewired to expose hackers to world

Senior executives affected in largest observed Microsoft Azure data breach

Several Ukrainian media outlets attacked by Russian hackers

Sophisticated phishing campaigns bypass enterprise secure email gateways

The phishing bait you're most likely to take

Top UK Universities Recovering Following Targeted DDoS Attack

Toronto Public Library uncertain whose data stolen in October cyber attack

Two Arrested In LockBit Ransomware Gang Takedown

University of Cambridge and University of Manchester Targeted by Anonymous Sudan

US adversaries employ generative AI in attempted cyberattack

US indicts two Russian nationals in LockBit ransomware case

US sanctions LockBit members after ransomware takedown

US, international partners disrupt LockBit ransomware operations

US, UK authorities claim seizure of LockBit ransomware gang’s dark web leak site

US, UK Team to Disrupt LockBit Ransomware Group

Virginia Farm Bureau says 2023 data breach impacted over 250,000 customers

VMware urges admins to remove deprecated, vulnerable auth plug-in

VoltSchemer attacks use wireless chargers to inject voice commands, fry phones

Website builder leaks data of 200K users

What is phishing? Examples, types, and techniques

Why API Security is Crucial in Defending Against Ransomware Attacks

Why LockBit Hacker Takedown Could Accelerate Shift To Low-Profile Attacks

WordPress Bricks Theme Under Active Attack: Critical Flaw Impacts 25,000+ Sites

World's most dangerous ransomware gang that carried out damaging cyber attacks on Royal Mail and Porton Down 'while hiding in the shadows' in Russia is taken down in joint sting by the National Crime Agency and FBI

Wyze Cameras Glitch: 13,000 Users Saw Footage from Others’ Homes

Wyze security incident allowed strangers to see into some users’ homes

19th February

1 in 5 Youth Engage in Cybercrime, National Crime Agency (NCA) Finds

8 LockBit Ransomware Gang Domains Seized in Global Operation

Akira Ransomware Actively Exploiting Cisco Anyconnect Vulnerability

ALPHV gang claims it's the attacker that broke into Prudential Financial, LoanDepot

ALPHV ransomware says it was behind attacks on loanDepot, Prudential Financial

ALPHV/Blackcat Ransomware Gang Targeted by US State Department with Big Rewards

Anatsa Android malware downloaded 150,000 times via Google Play

Anatsa Android Trojan Bypasses Google Play Security, Expands Reach to New Countries

Anatsa Banking Trojan Resurfaces, Targets European Banks

Bank of America data breach may have leaked SSN for thousands of North Carolina customers

Cactus ransomware claim to steal 1.5TB of Schneider Electric data

Cambridge University faces cyber attack

China's Cyber Warfare Landscape Shaken by Massive iSoon Data Breach and APT Attacks

Cops take down LockBit ransomware gang

Council worker took tens of thousands of email addresses in massive data breach

Crypto exchange FixedFloat reportedly suffers $26m hacker attack

Crypto Hacker Transfers Stolen Ethereum After $26 Million BTC & ETH Exploit

CUSO Financial Services Announces Data Breach Stemming from Barracuda Vulnerability

Cyber attack on Cosmos Bank that funnelled Rs 94 crore in just 3 days

Cyberattack on Italy: NoName Targets Multiple Italian Websites

Cyberattack on Westward360 and Compression Leasing Claimed by DragonForce Ransomware

Cybercriminals, ransomware attackers made a lot of money in 2023. Here's how

Data breach: No impact on biz ops, says Motilal Oswal Financial Services

Data breach may have leaked some Bank of America customers' information

Data Security: Beyond Threat Hunting to Monitoring Data Flow and User Behavior

DragonForce Ransomware Attacks Unleash Global Cybersecurity Crisis, Targeting Diverse Organizations

Fake Tokens Exploit BRICS Investment Hype

FBI and allies seize dark-web site of world’s most prolific ransomware gang

Fifth of British Kids Have Broken the Law Online

FortiGate Flaw: Threat Actors Breach Dutch Military Network

Fraudsters have found creative ways to scam some businesses

Geopolitical tension, extortion and attacks present biggest cybersecurity risks

GitHub leak exposes Chinese offensive cyber operations

Global Ransomware Attacks Reach Record High in 2023

Hackers exploit critical RCE flaw in Bricks WordPress site builder

Hackers Target Crypto Users and Steal $864,984 through Phishing

How Data Exfiltration is Changing the Ransomware Landscape

Iranian Hackers Target Middle East Policy Experts with New BASICSTAR Backdoor

Israeli Aircraft Survive “Cyber-Hijacking” Attempts

Israeli El Al Alleges Hackers Targeted Flights in Mid-Air Hijack Attempt

Jaypee University Cyberattack: Indian Institute Allegedly Compromised, Sensitive Data Leaked

JCT600 vowing resilience in face of cyber attack

Jeff Wyler Automotive Family Notifies Consumers of May 2023 Data Breach Affecting SSNs and Financial Account Information

LabHost Employs Phishing-as-a-Service to Steal Banking Credentials

LockBit gang's domains seized by law enforcement

LockBit ransomware disrupted by global police operation

Man pleads guilty to major cyber attack at Vermont hospital

Massive Data Leak Exposes Sensitive Conversation Logs from Chinese Ministry of Public Security

Meta Warns of 8 Spyware Firms Targeting iOS, Android, and Windows Devices

Microsoft Azure Hit With The Largest Data Breach In Its History; Hundreds Of Executive Accounts Compromised

New Russian cyber-espionage campaign targeting Europe’s webmail servers

North Korean hackers linked to defense sector supply-chain attack

NSO Group and Its ‘MMS Fingerprint’ Attack

OpenAI and Microsoft Remove State-backed Hacker Groups

Over 28,500 Exchange servers vulnerable to actively exploited bug

Pentagon Notifies Thousands of Individuals of Data Breach Impacting Sensitive Military Emails

Polish parliamentary commission convenes to probe use of Pegasus

Prolific cybercrime gang disrupted by joint UK, US and EU operation

Ransomware Attack Disrupts Over 100 Romanian Hospitals, Including Cancer and Pediatric Centers

Ransomware Gang Revenue Increases Sharply In 2023 Despite Rising Challenges

Ransomware Group Takes Credit for LoanDepot, Prudential Financial Attacks

RCE vulnerabilities fixed in SolarWinds enterprise solutions

R00TK1T Claims To Have Stolen 27GB Of Data From LPPKN and Unit Pengurusan dan Penyampaian Perkhidmatan “PADU”

Rural Business Incubator Targeted: Alleged RBI Data Breach Claims Emerge on Dark Web

Russian Hackers Hit Mail Servers in Europe for Political and Military Intel

Russian-Linked Hackers Target 80+ Organizations via Roundcube Flaws

Spain Trade Union Comisiones Obreras Hit by Data Breach, 21,988 Credentials Leaked

Spectrum Vision Files Notice of Data Breach Affecting Patients of Multiple Providers

Superior Communications Provides Notification of Recent Data Breach

The Attacker Behind Vermont Hospital’s Malware Ambush Pleads Guilty

The Department of State offers $10M for information on ALPHV/Blackcat

The five scams you've never heard of...but could get caught out by in 2024

The Rise of Ransomware and Its Impact on Global Cybersecurity

This Crypto Exchange Just Got Hacked for $26 Million

Top hacker arrested for selling bank details on thousands of accounts

UAE Telecom Giant ETISALAT Hit by LockBit, $100K Demanded for Data Release

UK leads takedown of LockBit ransomware gang’s website

Ukrainian Faces Decades in Prison for Leading Prolific Malware Campaigns

Ukrainian Hacker Extradited to the U.S., Faces 20 Years in Prison

University of Cambridge faces cyber attack

US Issues $15 Million Bounty on Iranian Hacker

Water group made loss in wake of cyber attack

Wyze camera glitch gave 13,000 users a peek into other homes

Zeus mastermind pleads guilty to cyber theft in US