Editor's Message

Welcome to DBD. On March 8th we celebrated our 4th Anniversary and the 1st Anniversary of our PRiSM application, officially endorsed by the SANS Institute. Despite recent personal issues that have impacted the amount of time I have been able to dedicate to both projects, I have been doing my best to keep everything as up-to-date as possible, and I would like to take this opportunity to thank everyone for their patience and support whilst I navigate through this very difficult time. Stay safe. :)

Monday 13 May 2024

Data Breaches Digest - Week 20 2024

Welcome to this week's Data Breaches Digest, a catalogue of links concerning Data Breaches and Cyber Security that were published on the Internet during the period between 13th May and 19th May 2024.

18th May

Rumors of BreachForums reboot 3.0 already brewing on socials

Threat Actor Allegedly Offers Access to Asian Telecom Giant with $5 Billion Annual Revenue

17th May

$25 Million in 12 seconds: Massachusetts Institute of Technology (MIT) hacker brothers arrested in the US

80% of Exposures from Misconfigurations, Less Than 1% from CVEs

$85 Million Stolen: Pink Drainer’s Impact on the Cryptocurrency Community

Advice for Santander bank customers after the cyber attack

Anonymous Arabia Allegedly Targets Queen Alia International Airport in DDoS Attack

Ascension Faces Multiple Lawsuits Following Ransomware Attack

Australia: Cyber security chief says MediSecure data breach is an 'isolated' attack but warns health data a prime target for cybercrime

Australian government warns of 'large-scale ransomware data breach'

Black Basta Ransomware Struck More Than 500 Organizations Worldwide

Breach Forums Admin ShinyHunters Claims Domain Reclaimed from FBI

Buckinghamshire healthcare supplier suffers cyber-attack

Business as Usual: Leicester council’s ‘streetlight’ cyber-attack

Chicago Fire Football Club Data Breach: Exposed Fan Info? Here’s What’s at Risk!

China-Linked Hackers Adopt Two-Stage Infection Tactic to Deploy Deuterbear RAT

Chinese nationals launder $73M crypto in pig butchering scam

CISA adds D-Link DIR router flaws to its Known Exploited Vulnerabilities catalog

CISA announces secure by design pledges from leading tech providers

CISA Warns of Actively Exploited D-Link Router Vulnerabilities - Patch Now

City of Wichita disclosed a data breach after the recent ransomware attack

City of Wichita says ransomware attack compromised residents' sensitive personal information

Company that assists health care insurers discloses 2023 data breach

Cyber Attack Targets MediSecure

Darkgate Malware Weaponizing XLSX, HTML, & PDF To Attack Windows Machines

E-scripts platform MediSecure hit by 'large-scale' ransomware

Electronic prescription provider MediSecure grapples with major data breach

FBI seizes infamous cybercrime site BreachForums

Feds Bust N. Korean Identity Theft Ring Targeting US Firms

Feds nab alleged money launderers for pig butchering scheme

FEI Systems reports a data breach affecting sensitive consumer information

Formosa Plastics Reportedly Impacted by Hunters International Ransomware

GE HealthCare issues guidance for mitigating 11 security bugs in ultrasound devices

Hackers are targeting Windows Quick Assist remote desktop features to deploy ransomware

Hackers exploit Chrome vulnerabilities, US cyber agency urging users to update

Healthcare company WebTPA discloses breach affecting 2.5 million people

How Financial Institutions Can Protect Against Phishing Attacks

Iress denies statements made by ‘threat actor’ following data breach

KillSec Allegedly Breaches Agrani Bank, Demands €5000 Ransom

KillSec Allegedly Breaches Laxmi Capital, Demands €10,000 Ransom

Kimsuky APT Deploying Linux Backdoor Gomir in South Korean Cyber Attacks

Kinsing Hacker Group Exploits More Flaws to Expand Botnet for Cryptojacking

LockBit leader revealed: What it means for ransomware

Major prescription vendor down over ransomware

MediSecure data breach

MediSecure data breach: cyber security chief says no current prescriptions affected

MediSecure data breach a reminder to review risk management

MediSecure data breach an ‘isolated’ attack as health officials briefed by cyber authorities

MediSecure Data Breach an ‘Isolated’ Attack; No Impact on Current e-Prescriptions

Microsoft Quick Assist Tool Abused for Ransomware Delivery

Microsoft to start enforcing Azure multi-factor authentication in July

New Android Banking Trojan Mimics Google Play Update App

Nissan Confirms 53,0000 Social Security Details Leaked in November Data Breach

Nissan North America says data breach compromised over 53,000 customers

No need to change Medicare cards after MediSecure data breach, government says

NoName057(16) and Cyber Army of Russia Allegedly Launch DDoS Attacks on Slovak Websites

North Korea-linked Kimsuky APT attack targets victims via Messenger

Norwegian National Cyber Security Centre Recommends Moving Away from SSLVPN and WebVPN

Not so secure: MediSecure targeted in large-scale ransomware data breach

Patch Now! CISA Adds Critical Flaws to Exploited Vulnerabilities Catalog

Patient Data at Risk in MediSecure Ransomware Attack

Pink Drainer Hacker Group Shuts Down After $75 Million Theft Spree

Ransomware: Italy is among the top three countries most affected by attacks

Ransomware attack leaves Jackson County with missing property records

Ransomware Attacks Evolve as Average Ransom Demand Tops $1.26 Million

Rockford Public Schools Restores Systems After Ransomware Attack

Securities and Exchange Commission (SEC): Financial orgs have 30 days to send data breach notifications

Securities and Exchange Commission (SEC) beefs up rules to protect consumers whose data is breached

Securities and Exchange Commission (SEC) Updates 24-Year-Old Rule to Scale Customers’ Financial Data Protection

Significant rise in mobile banking malware, cryptocurrency-related phishing

SugarGh0st RAT Campaign Targets U.S. AI Experts

SugarGh0st RAT Used in Phishing Cyber Attacks on U.S. AI Researchers

The importance of access controls in incident response

The IT skills shortage situation is not expected to get any better

Threat Actor Offers France Solar Database for Sale: 42,000 Lines of Users’ Data

Threat Actor USDoD Announces Creation of ‘Breach Nation’, Following BreachForums Take Down

Three Psychological Theories to Ensure Cybersecurity Training Sticks

To pay or not to pay? Negotiating in the age of ransomware

Too many ICS assets are exposed to the public internet

Two Santa Cruz students uncover security bug that could let millions do their laundry for free

UK Councils Warn of Data Breach After Attack on Medical Supplier

US arrests suspects behind $73M ‘pig butchering’ laundering scheme

US exposes scheme enabling North Korean IT workers to bypass sanctions

US State Department dangles $5M for information on North Korean scheme

WebTPA data breach impacts 2.4 million insurance policyholders

XLink Bitcoin Bridge Resumes After $10M Hack Recovery

16th May

59% of organizations faced a software supply chain attack

64% of Indian Enterprises Under Fire from Ransomware Assaults

2024 Verizon Data Breach Investigations Report (DBIR): Key Thoughts

53,000 affected in Nissan North America cyber attack

53,000 Employees' Social Security Numbers Exposed in Nissan Data Breach

A New WiFi Vulnerability in IEEE 802.11 Standard Protocol Leads to SSID Confusion Attack

Administrator of BreachForums arrested, cybercriminals claim

After ransomware attack: data leaked from police academy in Hesse

Andrew Tate’s The Real World exposes 22 Million user messages

Antigonish County District Royal Canadian Mounted Police (RCMP) Lay Charge In Connection with a Hospital Data Breach

Arcus Media Group Announces Two New Victims: The Egyptian-Sudanese Company and Rio Technology

Are all Linux vendor kernels insecure? A new study says yes, but there's a fix

Ascension hospitals struggle amid 'chaos' post-cyberattack

Attribution Matters!? Eight Names of Ransomware Actors Revealed, So What?

Auction house Christie's postpones spring auction following a major cyber security incident

Australia: Federal government reports 14 ransomware attacks last year

Australia: National Cyber Security Coordinator (NCSC) warns of ‘large-scale ransomware data breach incident’; MediSecure the victim

Australia: Police investigate large-scale healthcare data breach at MediSecure

Australia investigates major medical data breach involving country’s largest online prescription service

Australian government investigating 'large-scale ransomware' data breach of script provider MediSecure

Australian health business targeted in data breach

Australian healthcare company MediSecure is the target of a serious data breach

Australian healthcare provider in major data breach after ransomware attack

Beyond Borders: CISA Addresses the Global Influence on US Election Cybersecurity

Black Basta Ransomware Attack: Threat Actors Abuse Windows Quick Assist to Launch Phishing Scheme

BreachForums Hacking Marketplace Taken Down Again

BreachForums seized by law enforcement, admin Baphomet arrested

BreachForums seized! One of the world's largest hacking forums is taken down by the FBI...again

Brick Court Chambers investigating 'potential cyber incident'

Camden Council cyber attack warning after NRS Healthcare cyber attack

Canada: College Ahuntsic closed Thursday due to potential cyber attack

Chinese nationalist groups are launching cyber-attacks - often against the wishes of the government

Chinese retailer Temu accused of breaching EU’s Digital Services Act (DSA)

CISA Issues Advisory on Black Basta Ransomware

CISO Confidence in AI Security Grows as GenAI Adoption Rises

Cloud security incidents make organizations turn to AI-powered prevention

Criminals abusing Microsoft Quick Assist to deploy Black Basta ransomware

Critical Git vulnerability allows RCE when cloning repositories with submodules (CVE-2024-32002)

Crypto Wallet b3hodlr.eth Loses $1.26 Million in wstETH to Phishing Scam

Cyber Attack-Data Breach is Top Business Risk Facing Financial Institutions

Cybercriminals Exploiting Microsoft's Quick Assist Feature in Ransomware Attacks

Damaging hacks expose the weak underbelly of America's health care system

Data breach at Sysmex America exposes sensitive consumer information

Data breach hits digital prescription provider MediSecure

Dell Confirms Breach of Customer Info; Warns Against Phishing Attempts

E-script provider MediSecure is the victim of the 'large-scale' ransomware data breach that has sparked an urgent government probe

E-script provider MediSecure says ransomware attack could also involve third-party vendor

Earth Hundun Hacker Group Employs Advanced Tactics to Evade Detection

East Lothian social care service users warned after cyber attack

Ebury botnet compromises 400,000+ Linux servers

Electronic prescription provider MediSecure impacted by a ransomware attack

Electronic prescription provider MediSecure victim of 'large-scale' data breach, 'personal and health information' at risk

Ewing Marion Kauffman School reports ransomware incident in early May

FBI reportedly seized control of criminal hacker forum, BreachForums

FBI Seized BreachForums’ Web Domains and Telegram Accounts

Five charged for cyber schemes to benefit North Korea's weapons program

GE Ultrasound Gear Riddled With Bugs, Open to Ransomware & Data Theft

GhostSec Announces Shift in Operations from Ransomware to Hacktivism

GhostSec Shifts from Financial Motivation to Pure Hacktivism, Ceases Cybercrime Services

Google fixes third exploited Chrome zero-day in a week (CVE-2024-4947)

Google patches another zero-day exploit in Chrome - and this one affects Edge too

Google Patches Yet Another Actively Exploited Chrome Zero-Day Vulnerability

GRIT Ransomware Report: April 2024

Hacker claims theft of India’s Samco account data

Hackers Use Fake DocuSign Templates to Scam Organizations

HP Exposes Low-Effort, High-Impact Cat-Phishing Targeting Users

Indiana healthcare network continues to recover from ransomware attack

Information Commissioner’s Office (ICO) Reprimands Birmingham Children’s Trust for Data Breach

IoT Cameras Exposed by Chainable Exploits, Millions Affected

IoT Vulnerabilities and BotNet Infections: A Risk for Executives

iPhone bug making deleted pictures reappear, users claim

Ireland privacy watchdog confirms Dell data breach investigation

Is an open-source AI vulnerability next?

Kansas City, Missouri, Still Hampered After Cyber Attack

Kimsuky hackers deploy new Linux backdoor in attacks on South Korea

Lawsuits Follow Ransomware Attack on Ascension

Massachusetts Institute of Technology (MIT) brothers arrested for $25M crypto Ethereum blockchain heist

MediaWorks hack: BreachForums site seized by FBI, international partners including New Zealand Police

MediSecure cyber attack: Australian prescription company reveals ‘large-scale ransomware’ breach

MediSecure Data Breach Confirms Impact on Personal and Health Information of Individuals

MediSecure e-script firm hit by ‘large-scale’ ransomware data breach

MediSecure hit by cyber security breach

MediSecure hit by ‘large-scale ransomware data breach’

MediSecure Website Shuts Down After Ransomware Attack; Federal Police Probe Cybersecurity Breach

Microsoft’s Quick Assist used in scam to drop Black Basta ransomware

Myersville, Maryland, Struck by Cyber Attack Via Email Last Year

New UK system will see ISPs benefit from same protections as government networks

New Wi-Fi Vulnerability Enables Network Eavesdropping via Downgrade Attacks

Nine Mistakes Organizations Make With Security Awareness Training

Nissan Cybersecurity Incident Update: 53,000 Employees Affected

Nissan Data Breach – 53,000+ Employees Data Stolen

Nissan Data Breach Impacts 53,000 Employees

North Korean Hackers Exploit Facebook Messenger in Targeted Malware Campaign

Norway recommends replacing SSL VPN to prevent breaches

Novel backdoors seen in use against European government agencies

Open redirect vulnerabilities exploited in ‘cat-phishing’ attacks, HP warns

Panda Express parent faces class action over data breach

Pantana Accounting and Tax reports data breach exposing sensitive client information

Phishing campaign targets Meta business accounts

Police investigate large-scale healthcare data breach at MediSecure

Possible Europol Data Breach as Hackers Claim They Have Classified Information About Employees & Internal Procedures

Prescription provider named in major health data breach

Prescriptions provider MediSecure hacked in major data breach: What we know

Prescriptions provider MediSecure hit by ransomware attack

Providence Hospital caught in ransomware nightmare

Ransomware: The Relentless Threat

Ransomware attack impacts law enforcement data in Wichita

Ransomware attacks hijack Windows Quick Assist feature

Ransomware Frequency Up 64% on Remote Access Tools, Says At-Bay

Ransomware update: Ascension can’t fill prescriptions at its Michigan pharmacies

Rape Ransomware Team Seeks Partners for Enterprise Windows Network Access, Offering 80% Profit Share

Reactions to the Ascension Healthcare Ransomware Attack and Suggestions for Healthcare Organizations

Researchers Uncover 11 Security Flaws in GE HealthCare Ultrasound Machines

Russian hackers use new Lunar malware to breach a European government's agencies

Russian Hackers Used Two New Backdoors to Spy on European Foreign Ministry

Santander: a data breach at a third-party provider impacted customers and employees

Santander confirms data breach affecting customers across the world

Scammers use Microsoft's Quick Assist to take over your PC and steal your data

Securities and Exchange Commission (SEC) amends Reg S-P to require data breach notification within 30 days

Securities and Exchange Commission (SEC) tightens rules around data breach disclosures

Securities and Exchange Commission (SEC) to require financial firms to have data breach incident plans

Shadow IT: Personal GitHub Repos Expose Employee Cloud Secrets

Singing River Health System says 2023 cyber attack impacted close to 900,000 patients

Singing River ransomware impact larger than initially thought

Snatch Ransomware Group: Data Breach Exposes French Neovia Company

Solana Meme Coin Factory Pump.Fun Compromised by 'Bonding Curve' Exploit

Sonne Finance developers offer bounty to hacker behind $20 million crypto theft

Storm-1811 Abuses Windows Quick Assist in Sophisticated Ransomware Attacks

SugarGh0st RAT Variant Used in Targeted AI Industry Attacks

Tether Cracks Down on Phishing: $5.2 Million in USDT Frozen

Texas attorney general probes connected-car companies’ data privacy practices

The Hungarian authorities knew about a large-scale Russian cyber attack on the Ministry of Foreign Affairs, but publicly called it a fabrication

This ransomware variant has now been used against 500 targets - here's what you need to know

Thousands of Nissan North America workers hit in data breach

Threat Actor Offers Database of Especialistas Contacto Directo for Sale at $5000

UK insurance industry begins to acknowledge role in tackling ransomware

UK Lags Europe on Exploited Vulnerability Remediation

UK National Cyber Security Centre (NCSC) to Defend ‘High-Risk’ Political Candidates from Cyberattacks

Unnamed Australian Healthcare Provider Hacked: National Cyber Security Coordinator Confirms

'Up and running': Rockford schools technology mostly restored following ransomware attack

US healthcare provider Ascension hit by ransomware attack

US offers $5 million for info on North Korean IT workers involved in job fraud

US woman allegedly aided North Korean IT workers infiltrate 300 firms

What organizations can learn from the 2024 Verizon Data Breach Investigations Report (DBIR)

Wigan hospitals pay out more compensation for data breaches than any other

Windows Quick Assist Anchors Black Basta Ransomware Gambit

Windows Quick Assist Exploited in Ransomware Attacks

15th May

15-Year-Old Ebury Botnet Compromised 400,000 Linux Servers

$20 Million exploit cripples Sonne Finance, hacker in no mood for negotiation

49 Million Customers Data Affected After Dell Technologies Data Breach

64% of Indian organisations hit by ransomware attacks in last year

900k Impacted by Data Breach at Mississippi Healthcare Provider

About 900K patients are victims in Mississippi hospital data breach. What did hackers take?

Affiliated Dermatologists Notifies 380k Patients and Employees of March 2024 Data Breach

Alleged Meesho data breach under scrutiny amid claims of recycled data

Apple blocked $7 billion in fraudulent App Store purchases in 4 years

Apple blocks users and apps to fight fraud, saving billions of dollars

Apple Thwarts $7 Billion in Fraudulent Transactions Over Four Years

Ascension cyber attack update: Hospital chain making progress amid ransomware breach

Ascension Health Cyber Attack Impact In Michigan

Ascension reverts to pen-and-paper operations after ransomware attack

AT&T Data Breach: What Is AT&T Doing for the 73 Million Accounts Breached?

At-Bay Research Reveals Remote Access Behind 58% of Ransomware Attacks in 2023

Australia’s Iress says OneVue platform exposed to data breach

Australian energy and internet provider Sumo confirms customer data breach

Australian firms under-reporting ransomware attacks

Australian lender Firstmac says data breach impacted customers' personal information

Banco Santander confirms data breach at third-party provider, impacting Spain, Chile, and Uruguay

Banco Santander warns of a data breach exposing customer info

BlockTower Capital hit by cyber attack, faces financial losses

BlockTower Capital Suffers Losses in a Recent Hack, Hacker Unidentified

BreachForums seized by the FBI, again

Brothers arrested for $25 million theft in Ethereum blockchain attack

Central Texas Woman Files Lawsuit Against Ascension Seton After Data Breach During Ransomware Attack

China-Linked Hackers Targeted Commercial Shipping Companies

Christie's £670m art auctions hit by cyber attack

Christie's response to cyber attack underscores the fine art of resilience

Chrome Vulnerability Alert: Google’s Rapid Response to 6th Zero-Day Exploit

CISA Alert: GitLab Password Exploit - Act Now For Protection

City of Helsinki data breach compromised the data of over 80,000 students and guardians

Cofense warns that sophisticated phishing campaign is targeting Meta business accounts

Core security measures to strengthen privacy and data protection programs

Creator of Tornado Cash mixer sentenced to jail

Cyber trust label could be in place by end of the year, White House says

Cybersecurity analysis exposes high-risk assets in power and healthcare sectors

Cyber-Attack Disrupts Christie’s $840M Art Auctions

Dell Data Breach Impacts 49 Million Customers

Dell Data Breach Raises Urgency for Improved Security Measures

Dell Data Breach Sells Customer Data On Dark Web

DragonForce Cyberattack Strikes Again: Malone & Co and Watt Carmicheal Added as Victims

Dutch Court Sentences Tornado Cash Co-Founder to 5 Years in Prison for Money Laundering

Ebury Botnet Malware Compromises 400,000 Linux Servers Over Past 14 Years

EMX Reports Potential $2.3 Million Loss Due to Cyber Attack in Turkey Subsidiary

EU failure to rein in spyware reflects lack of political will, parliamentarian says

Europol manages to control cyber attack

Experts say cybercriminals made strange move after Wichita ransomware deadline passed

Famous Christie’s auction house hit by possible cyber attack

FBI investigating ransomware attack at Rockford Public Schools

FBI seize BreachForums hacking forum used to leak stolen data

FBI Seizes BreachForums Again, Urges Users to Report Criminal Activity

FBI Seizes BreachForums, Yet Again!

FBI seizes hacking forum BreachForums - again

FBI takes down BreachForums ransomware website and Telegram channel

Feds seize BreachForums platform, Telegram page

FEI Systems Files Official Notice of Data Breach Affecting Consumers’ SSNs

Fiskars confirms cyber security incident, says operations unaffected

“Flawed” Foxit PDF Reader design leaves users vulnerable to exploit

Frotcom International Faces Alleged Data Breach

Frequency of ransomware claims jumps 64% year over year

GCHQ to protect UK election candidates’ phones from cyberattacks

Georgia University System Acknowledges MOVEit Breach From 1 Year Ago, 800K Impacted

GlorySec Announced to Expose Indonesian Hackers and Collaborate with Indian Hacktivists

Google fixes third actively exploited Chrome zero-day in a week

Green Diamond Sued Over Data Breach Linked to Hacking Group Akira Known for Demanding Bitcoin Ransoms

Hacker claims another breach into Dell systems

Hacker claims to have stolen Dell customer data, twice. Here's how to protect yourself

Hacker disappears after exploiting Sonne Finance for $20 million

Hackers used the Phorpiex botnet to spread the LockBit Black ransomware

How attackers deliver malware to Foxit PDF Reader users

How to Identify and Protect Yourself from Online Scams

Indian-origin man in Singapore sentenced to jail for phishing intimate images of women

Indian-Origin Singapore Air Force Employee Sentenced to Jail For Phishing Women's Intimate Images

IntelBroker Allegedly Breaches United States Army Aviation and Missile Command, Exposing Maintenance Tasks

IntelBroker Claims to Sell Access to American Aerospace & Defense Company with Revenue of $75 Billion

Internal Revenue Service (IRS) Provides Latest Information on Contractor Data Breach, Highlights Enhanced Taxpayer Safeguards

Iress data breach extends to OneVue, firm says

Iress says GitHub data breach extends to OneVue

Jail for Republic of Singapore Air Force (RSAF) regular who targeted victims in phishing attacks to access their intimate images

Law enforcement data stolen in Wichita ransomware attack

LockBit ransomware group claims cyber attacks on two Kerala-based companies

Malware was almost 50% of threat detections in Q1 2024

Man-in-the-Middle (MITM) Attacks Can Still Bypass FIDO2 Security, Researchers Warn

Meta business accounts increasingly being hit by cyberattacks

Meta is the second most spoofed brand for credential phishing

Microsoft Addresses Zero-Day Vulnerability Exploited by QakBot Malware

Microsoft Fixes Three Zero-Days in May Patch Tuesday

Microsoft Patches 61 Flaws, Including Two Actively Exploited Zero-Days

Most ransomware-hit enterprises report to authorities, but level of support varies

National Cyber Security Centre (NCSC) and insurers unite to fight ransomware threat

National Cyber Security Centre (NCSC) Expands Election Cybersecurity to Safeguard Candidates and Officials

National Cyber Security Centre (NCSC) ramps up support for those at high risk of cyber attacks ahead of election

National Cyber Security Centre (NCSC) releases ransomware guidance

New backdoors on a European government's network appear to be Russian

New Ransomware Group “Arcus” Attacks: Targeted South American Companies

Nissan attack exposes sensitive data of thousands

Nissan Confirms Data Breach on North America Subsidiary, Employee Social Security Numbers Exposed

Nissan data breach exposed Social Security numbers of thousands of employees

Nissan North America data breach impacts over 53,000 employees

North Korea launders $148 million stolen crypto using Tornado Cash

Officials defend election security efforts as senators call on them to improve their game

Ohio Lottery Cyberattack Compromised 538K Customers

Optus denies claims of ‘cloaking’ Deloitte cyber attack report findings

Patriot Mobile Database Allegedly Breached and up for Sale by Intelbroker on Behalf of Centre

PDF Exploitation Targets Foxit Reader Users

Poloniex hacker laundered over 60% of stolen funds in just one week

Popular Cyber Crime Forum Breach Forums Seized by Police

Proposed settlement reached in class action lawsuit over Nissan data breach incident

Ransomware attack on Singing River Health System impacted 895,000 people

Ransomware attacks on US infrastructure

Ransomware payments increase 500% in last year

Ransomware statistics that reveal alarming rate of cyber extortion

Red Cross in Berlin leaks passwords and private messages

Santander Confirms Data Breach, Assures Customers’ Transactions Remain Secure

Santander Customer Data Compromised Following Third-Party Breach

Santander’s customer and employee data exposed

SideCopy APT Campaign Found Targeting Indian Universities

Singing River ransomware attack now thought to have affected over 895,000

Sonne Finance developers offer bounty to hacker behind $20 million crypto theft

Sonne Finance exploited for $20m, offers hacker reward for returning funds

Sonne Finance Exploited of $20M, Hacker Initiates Stolen Funds Transfer

Sonne Finance loses $20 million in crypto heist

Sonne Finance Suffers $20M Exploit, Hacker Flees

South Tees Hospitals NHS Foundation Trust reprimanded for “serious, harmful” data breach

Southeast Asian scammers steal $62 billion yearly, says US report

Strategic Cyber Defense: Balancing Threat-Centric and Risk-Centric Approaches

Sumo slammed by data breach, as energy and internet customers have details leaked

Temu accused of breaching EU’s Digital Services Act (DSA) in bundle of consumer complaints

Tether continues its crusade against crypto fraud: another 5.2 million USDT from fake phishing blocked

The Ashley Madison Data Breach List Included A Real Housewives Husband & A President’s Son

The ransomware attack on Ascension Hospital system continues to hold some services hostage

The Zero Trust Security Gap No One Talks About and How to Fill It

Tories self-refer to Information Commissioner's Office (ICO) over data breach

Tornado Cash Co-Founder Gets Over 5 Years for Laundering $1.2 Billion

Tornado Cash cryptomixer developer gets 64 months for laundering $2 billion

Turla Group Deploys LunarWeb and LunarMail Backdoors in Diplomatic Missions

Unmasking a Cyber Attack that Targets Meta Business Accounts

Unveiling common ransomware attack methods to secure your organization

US agencies issue warning about Black Basta ransomware gang

Victims of ransomware attack on Mississippi health system rise to nearly 900K

What steps is AT&T taking to address the recent data breach affecting 73 million accounts?

What you need to know about the new National Cyber Security Centre (NCSC) ransomware guidance

Windows Quick Assist abused in Black Basta ransomware attacks

'Your data is stolen': Rockford schools hit by ransomware attack

14th May

6 Mistakes Organizations Make When Deploying Advanced Authentication

44% of Cybersecurity Professionals Struggle with Regulatory Compliance

64% of Indian Organizations Hit by Ransomware in the last year

72% of consumers worry daily about being fooled by a deepfake

A Threat Actor Claims Sale of Outlook RCE Exploit 0-Day for $1,700,000

Alleged Cyber Breach: Hatari Electric Co., Thailand’s Largest Appliances Firm, Targeted by GHOSTR, Exposing 617.3GB Data

Android Malware Poses as WhatsApp, Instagram, Snapchat to Steal Data

Apple backports iOS zero-day patch, adds Bluetooth tracker alert

Apple fixes Safari WebKit zero-day flaw exploited at Pwn2Own

Apple warns about iOS zero-day exploit

Ascension Adds State-By-State Information On Recovery From Ransomware Attack

Ascension begins cyber attack recovery as American Hospital Association (AHA) and FBI warn of Black Basta

Ascension confirms cyberattack is ransomware

Ascension confirms that the cyberattack is ransomware

Ascension Emergency Rooms Divert Patients Following Ransomware Attack

Ascension Florida hospitals are open for business amid ransomware disruption

Ascension gives updates on what Florida patients can do following ransomware attack on its systems

Ascension Healthcare Network Cyber Attack Disrupts Operations Across Numerous Hospitals Across the US

Ascension hospitals continue ransomware attack recovery

Ascension hospitals in Michigan stay open despite cyber attack disruptions

Ascension 'making progress' amid ransomware attack, reminds patients 'it will take time'

Ascension now says it was victim of ransomware attack, but Joliet hospital is OK

Ascension offers update on recovery progress after ransomware attack

Ascension provides update on ransomware attack

Ascension St John investigates ransomware attack, implements temporary paper-based system

Ascension St. Vincent affected by cyber attack to its network

Ascension, owner of 15 Michigan hospitals, confirms cyberattack was ransomware

Banco Santander suffers a cyber attack that affects clients, employees and former employees

Beware of Possible Phishing Emails Involving Bittrex

Birmingham council-owned company reprimanded for data breach

Black Basta Ransomware Operation Hits Over 500 Entities in Europe, North America, and Australia

China Presents Defining Challenge to Global Cybersecurity, Says GCHQ

Christie's £670m art auctions hit by cyber attack

Christie’s auction house suffers cyber attack, disrupting art auction schedule

CISA and Partners Unveil Cybersecurity Guide For Civil Society Groups

CISA, HHS warn healthcare of Black Basta ransomware attacks

Civil society under increasing threats from ‘malicious’ state cyber actors, US warns

Claimants in LifeLabs data-breach class action to get $7.86 each

Class-action lawsuit filed over St. Martha’s data breach

Companies facing slow road out of the ransomware ward

Credibility in Question: Meesho Data Breach Claims Echo 2020 Leak

Critical Flaws in Cacti Framework Could Let Attackers Execute Malicious Code

Cyber Attack Still Causing Problems For Ascension Health Systems

Cyber threat analyst says ransomware gang named Jackson County hack in dark web post

Cyber-Attack Disrupts £670 Million Christie’s Art Auction

Cybercriminal puts INC Ransom source code up for sale

Cybersec chiefs team up with insurers to say 'no' to ransomware bullies

Cybersecurity Concerns Surround ChatGPT 4o’s Launch; Open AI Assures Beefed up Safety Measure

Dark Web Hacker Claims to Expose 70K National Parent Teacher Association Records

Data Breach Update: Singing River Health System Increases Number of Estimated Victims to 895k

Data Breaches in US Schools Exposed 37.6M Records

Debt collection agency FBCS says data breach impacted close to 2.7 million individuals

Dell data breach investigation remains ongoing, company says

DNS Tunneling Used for Stealthy Scans and Email Tracking

Dropbox Sign Breach: Threat Actors Access User Information

Easily Guessed Passwords for New Accounts Include “User”, “Temp”, “Welcome”

Ebury botnet malware infected 400,000 Linux servers since 2009

Ebury Botnet Operators Diversify with Financial and Crypto Theft

Equalizer DEX hacker drains funds: Users warned, investigation underway

FBI warns Black Basta ransomware impacted over 500 organizations worldwide

Federal Communications Commission (FCC) issues first-of-its-kind C-CIST classification to Royal Tiger

Federal Communications Commission (FCC) Names and Shames First Robocall Threat Actor

Federal Trade Commission (FTC) fires 'shot across the bow' at automakers over connected-car data privacy

Google Chrome emergency update fixes 6th zero-day exploited in 2024

Guidance for organisations considering payment in ransomware incidents

Hacker under investigation by Europol after classified data offered for sale

Hackers Exploit Unpatched Bug in Helsinki Education Division Data Breach

Hackers steal millions of files of customer and employee data in Santander bank cyber attack

Hackers Use DNS Tunneling to Scan and Track Victims

Hamilton library computers, other services remain down, 3 months after ransomware attack

How Ascension ransomware attack is affecting Michigan patients, appointments

Indian organisations see rising ransomware attacks

Ireland: Health Service Executive (HSE) facing 473 lawsuits after Russian cyber attack

Iress experiences data breach, clients concerned

Iress uncovers software breach, assures client data uncompromised

Kaiser Permanente Data Breach Exemplifies a Global Data Challenge for Software Developers

Kaspersky report reveals ransomware accounts for a third of attacks

Kaspersky Reveals Global Rise in APTs, Hacktivism and Targeted Attacks

LockBit ransomware spread in millions of emails via Phorpiex botnet

LockBit strikes back with ransomware spree

Log4Shell shows no sign of fading, spotted in 30% of CVE exploits

Lukfook Holdings investigates potential data breach amid dark web sale

Massive COMB data breach reveals info on over a billion people - here's what we know about "compilation of many breaches"

Massive LockBit Black campaign underway using Phorpiex botnet

May 2024 Patch Tuesday: Microsoft fixes exploited zero-days (CVE-2024-30051, CVE-2024-30040)

Microsoft fixes Windows zero-day exploited in QakBot malware attacks

Microsoft May 2024 Patch Tuesday fixes 3 zero-days, 61 flaws

Millions of IoT Devices at Risk from Cinterion Modem Vulnerabilities

Millions of phishing emails sent through botnet to push LockBit ransomware

Mortgage lender Firstmac suffers cyberattack, customer data including driver's license numbers and banking details leaked

National Cyber Security Centre (NCSC) and Insurance Associations Join Forces to Battle Ransomware Payments

New Chrome Zero-Day Vulnerability CVE-2024-4761 Under Active Exploitation

NIST Confusion Continues as Cyber Pros Complain CVE Uploads Stalled

Ohio Lottery Announces Data Breach Affecting SSNs of Up to 538,959 People

Ongoing Campaign Bombards Enterprises with Spam Emails and Phone Calls

Pantana CPA Experiences Cyberattack Leading to Data Breach Involving Consumer SSNs

Parity Hacker Returns, Laundering $9M in Ethereum After 7 Years of Inactivity

Phishing Links Cause $5.2M in USDT to Be Frozen

Phorpiex botnet sent millions of phishing emails to deliver LockBit Black ransomware

Poloniex Hacker Transfers $53.5 Million Worth of ETH Through Tornado Cash

Proof-of-Concept (PoC) exploit released for RCE zero-day in D-Link EXO AX4800 routers

RansomHub Ransomware Group Announced 4 Victims

RansomHub Ransomware Group Targeted LPDB KUMKM, Compromising Private Documents

Ransomware attack forces Ascension hospitals to turn away some ambulances

Ransomware attack on Ohio Lottery compromised the data of 539,000 individuals

Ransomware Attacks Decline In India, But Ransom Demands Grow To $4.8 Million

Ransomware attacks strike 64% of Indian organisations last year

Ransomware guidance for victims

Ransomware Hits Ascension St. Joe's Hospital: Where Do Things Stand?

Ransomware isn’t as big a threat as these scams

Ransomware menace plagues Bangladeshi businesses

Ransomware's Sneaky New Trick: Intermittent Encryption Is Here

R00TK1T Group Intensifies Cyberattacks on Egyptian Firms After Clash with Anonymous Egypt

Russian Actors Weaponize Legitimate Services in Multi-Malware Attack

Santander Flags Data Breach Hitting Some Clients, All Staff

Santander hit by data breach affecting customers and staff

Santander reports customer, employee data breach in Spain, Chile, Uruguay

Scattered Spider, the ransomware group behind the MGM cyber attack, is still on a rampage - and authorities are ramping up efforts to catch them

Security Experts Issue Jenny Green Email Warning For Millions

Singing River Health System: Data of 895,000 stolen in ransomware attack

Sysmex America Data Breach Results in an Unknown Number of Leaked Social Security Numbers

Tennessee Ascension locations using paper systems following ransomware attack

Tether freezes $5 million in USDT amid phishing concerns

Tether Freezes $5.2 Million in USDT Linked to Phishing Scams

Tether Freezes $5.2M in USDT Linked to Phishing Scams as CEO Defends USDT

Tether Freezes 5.2M USDT Linked to Phishing Groups

Tether Takes Action: $5.2M in USDT Frozen Due to Phishing Links

Tether’s Latest Crackdown: $5.2 Million Frozen To Stop Phishing Scandals In Their Tracks

Thailand tops region for ransomware attacks

The HSE cyber attack was a "landmark event" in Ireland - has it learned from the experience?

The legal sector's data breach conundrum: insights from Information Commissioner’s Office (ICO) latest report

The role of law enforcement in remediating ransomware attacks

Threat Actor Allegedly Leaked Database of Department of International Trade Promotion

Threat actor scraped Dell support tickets, including customer phone numbers

Threat actors expanding malicious use of DNS tunneling

Tories referred to watchdog following alleged data breach

Tornado Cash co-founder convicted of laundering $1.2 billion by Dutch court

Tory party refers itself to watchdog over alleged data breach

UK: Prime Minister Sunak Vowed To Keep Brits Safe - But His Party Had An Accidental Data Breach Hours Before

UK 'increasingly concerned' about Russian intelligence links to hacktivists

UK Insurance and NCSC Join Forces to Fight Ransomware Payments

UK Insurance Giants Join With NCSC to Stop Ransomware Payments

UnitedHealth, Ascension Attacks Feed Debate Over Health Care Security

Up to 120,000 affected by data breach at City of Helsinki

VMware fixes three zero-day bugs exploited at Pwn2Own 2024

VMware Patches Severe Security Flaws in Workstation and Fusion Products

What we know about the cyberattack on Ascension hospitals and clinics in Wisconsin, across the U.S.

13th May

AI’s rapid growth puts pressure on CISOs to adapt to new security risks

Alleged Data Breach Exposes User Records of Patricia AI, a Leading 3D-Commerce Platform

Alleged Hosocongty Data Breach Exposes Vietnamese Job Seekers

Apple backports fix for RTKit iOS zero-day to older iPhones

Ascension confirms ransomware caused service shutdowns, ambulance diversions

Ascension ‘making progress’ to restore systems after ransomware attack

Ascension providing update on system restoration after ransomware attack

Ascension Ransomware Attack Diverts Ambulances, Delays Appointments

Ascension reports cyberattack involved ransomware

Australia Faces Unprecedented Cyber Threats Amid Support for Ukraine

Australian Firstmac Limited disclosed a data breach after cyber attack

Australian lender Firstmac hacked by ransomware gang

Australian software firm Iress flags data breach at third-party platform

Black Basta ransomware group is imperiling critical infrastructure, groups warn

Black Basta ransomware has become one of the biggest threats worldwide, CISA and FBI say

Black Basta Ransomware Strikes 500+ Entities Across North America, Europe, and Australia

Black Basta Ransomware Victim Count Tops 500

Black Basta target orgs with new social engineering campaign

Botnet sent millions of emails in LockBit Black ransomware campaign

Central Board of Secondary Education (CBSE) Results 2024 Under Threat: Database Vulnerability Could Compromise Student Scores

Christie’s Auction Website Hacked Just Before Major Sales

Christie's takes website offline after cyberattack, delays live auction

Christie’s website breached right before huge sales day

Cinterion Modem Vulnerabilities Leave IoT and Industrial Networks Exposed

CISA Releases Cyber Advisory on Ransomware-as-a-Service Threat Used Against Over 500 Organizations

City of Helsinki suffered a data breach

Collaboration tools are now at the frontline in the battle against phishing

Conservatives investigated over possible mass email data breach

Critical Vulnerabilities in Cinterion Modems Exposed

Critical vulnerabilities take 4.5 months on average to remediate

Data breach at Bridgeway Center exposes sensitive information

Data breach exposes patient information at Dental Group of Amarillo

Dell confirms data breach affecting customer personal details

Dell confirms investigation into data breach

Dell data breach may affect up to 49 million customers

Dell data breach possibly impacted over 49 million customers globally

Dell hacker claims they had access to systems for nearly three weeks

Dell hacker says they were able to to directly attack company servers to scrape data

DuckyMummy Allegedly Breaches FrotCom, Offers Company Data for Sale

Embattled lender Firstmac releases new statement on cyber attack

Europol confirms web platform breach

Europol Investigating Breach After Hacker Offers to Sell Classified Data

Executives Thought They Found the Ashley Madison Hacker, but They Were Wrong

Federal Communications Commission (FCC) designates first robocall threat actor under new classification system

Federal Communications Commission (FCC) reveals Royal Tiger, its first tagged robocall threat actor

Federal Trade Commission (FTC) orders Cerebral to restrict how consumer data can be shared

Following Ascension hospitals breach, FBI raises Black Basta alert

From AI scams to phishing emails - how secure is your IT system?

‘Got that boomer!’: How cybercriminals steal one-time passcodes for SIM swap attacks and raiding bank accounts

Hack of provincial Canadian government suspected to be ‘state-sponsored’

Hacker Offers Data Allegedly Stolen from the City of New York

Hackers use DNS tunneling for network scanning, tracking victims

HackNeT and Cyber Army of Russia Allegedly Initiate DDoS Attacks on Australian Entities

Hacktivist Group R00TK1T ISC Claims Breach of Egyptian Ministry’s Systems

Hardware Level Vulnerabilities, Revisited

Healthcare provider Ascension says ransomware attack disrupted access to internal systems

Helsinki suffers data breach after hackers exploit unpatched flaw

HPE Aruba Vulnerabilities: Prevent Systems From RCE Attacks

INC ransomware source code selling on hacking forums for $300,000

Info on The Post Millennial data breach added to HaveIBeenPwned

IntelBroker Allegedly Leaks Parent Teacher Association Database

Luk Fook warns of potential customer data breach

Malicious Python Package Hides Sliver C2 Framework in Fake Requests Library Logo

Mallox Ransomware Deployed Via MS-SQL Honeypot Attack

Ministry of Defence (MoD) hack: IT contractor concealed major hack for months

Mysterious actor spills over 1.2 Billion records on Chinese users

North Korean Hacker Group Targets South Korean Crypto Firms With New 'Durian' Malware

Notorious Hacker IntelBroker Claims that Europol has Suffered a Data Breach

Novel LLMjacking Attacks Target Cloud-Based AI Models

Organisations Have Endpoint Security Tools But Are Still Falling Short on the Basics

Parity wallet hacker begins laundering 150k in Ethereum after 7 years of inactivity

Police Accessed Proton Mail User Data in Terrorism Probe

PyPi package backdoors Macs using the Sliver pen-testing suite

Ransomware attacks are a prominent threat for maritime

Researchers Observe Potential Ties between Trinity and Venus Ransomware Strains

'Russian' hackers deface potentially hundreds of local British news sites

Severe Vulnerabilities in Cinterion Cellular Modems Pose Risks to Various Industries

Southeast Asian scam syndicates stealing $64 billion annually, researchers find

The 2024 Browser Security Report Uncovers How Every Web Session Could be a Security Minefield

The UK may not have a choice on a ransomware payment ban

The zero-day market explained

Threat Actor Claims Leak of LocalPlace JP’s Database, Including Sensitive Client Information

Threat Actor Claims Major Europol Data Breach

Top conservative news website hit in data breach - around 26 million Post Millennial users affected

Vermont passes data privacy law allowing consumers to sue companies

What is phishing-as-a-service (PhaaS) and how to defend against it?