Welcome to this week's Data Breaches Digest, a catalogue of links concerning Data Breaches and Cyber Security that were published on the Internet during the period between 20th May and 26th May 2024.
26th May
Belgium: Ransomware attack hits Cambio supplier
Beware! New York State Police Warn Residents of This Latest Scam! Here’s What You Need to Know
Decoding the Primary Devils Behind Data Breaches
Following a cyber attack, Normie meme coin crashed 99.99%
Hacker honeypots for the everyday person
Hackers phish finance organizations using trojanized Minesweeper clone
How Iranian hacker groups are combining psychological warfare with data destruction to target Israel and Albania
How to Identify Phishing Emails: 7 Easy Ways to Spot a Scam
Islamabad Safe City’s online system shut down after hacking attempt
Massive cyber attack against Eritrea’s Internet System
Ransomhub’s Latest Attack Raises Alarms for Industrial Control Systems (ICS) Security
Ransomware Attacks: Trends, Tactics, and Mitigation Strategies
ShrinkLocker Ransomware Exploits BitLocker to Target Companies
Threat Actor Claims to Sell WordPress Admin Authentication Bypass Exploit for $50,000
25th May
10 Cybersecurity Tips for Safe Online Shopping
Arc browser’s Windows launch targeted by Google ads malvertising
Data Leak Exposes 500GB of Indian Police, Military Biometric Data
Experts Find Flaw in Replicate AI Service Exposing Customers' Models and Data
Indian man stole $37 million in crypto using fake Coinbase Pro site
LockBit Black ransomware is at the heart of new phishing emails
New ATM Malware Threatens European Banking Security
Singapore-based firm fined S$74K for data breach due to weak password affecting over 500K users
Spyware app pcTattletale was hacked and its website defaced
24th May
70 million-record-strong US criminal database allegedly posted online by infamous hacker
$1,800,000,000,000 Bank Says Customer and Employee Data Has Been Exposed and Accessed in Mysterious Breach
Affiliated Dermatologists struck by ransomware attack, 370K impacted
Alphv and LockBit lose top spot to a smaller ransomware group
Amid funding cuts, backlog of unanalyzed vulnerabilities in government database is growing
An ‘Unwelcome Development’ in MediSecure Data Breach Incident
Ascension Cyber Attack Leaves Healthcare Sector Reeling
Ascension slowly restoring network as nurses, doctors cite real-world dangers of attack
Association of California School Administrators Reports Ransomware Attack
Australia Communications and Media Authority (ACMA) Launches Legal Action Against Optus Over 2022 Data Breach: Latest Setback for Telecom Giant
Australia Communications and Media Authority (ACMA) Takes Legal Action Against Optus Over 2022 Data Breach
Australia Communications and Media Authority (ACMA) to Prosecute Optus over 2022 Data Breach
Beware: These Fake Antivirus Sites Spreading Android and Windows Malware
BlackMaskers Team Issues Warning to Jordan, Israel, and the Emirates
California school association hack hits nearly 55K
California school leaders' association says ransomware attack impacted over 50,000 members
Cencora data breach exposes US patient info from 8 drug companies
Cencora notifies individuals about data stolen earlier this year
Change Healthcare discloses $22M ransomware payment
Chrome Fixes Fourth Zero-Day in Two Weeks, Eighth in 2024
CISA Says 4-Year-Old Apache Flink Vulnerability Still Under Active Exploitation
CISOs in Australia Urged to Take a Closer Look at Data Breach Risks
Courtroom Recording Platform Abused to Deliver Backdoor Implant
Courtroom Recording Software Compromised in Supply Chain Attack
Customs and Border Protection (CBP), Immigration and Customs Enforcement (ICE) sued for information about sharing of noncitizens' biometrics
Cyberespionage schemes leveraged in escalating Moroccan gift card theft campaign
Dangerous New Browser Malware Detected on Forums: GhostHook v1.0
Data Breach at Merrill Exposes Personal Information of Walmart 401(k) Participants
Dell class action claims data breach affected 49M customers
Despite increased budgets, organizations struggle with compliance
Eight drug companies information stolen due to Cencora data breach
Emerging ransomware groups on the rise: Who they are, how they operate
EU wants universities to work with intelligence agencies to protect their research
Fake Pegasus Spyware Strains Populate Clear and Dark Web
FIRST Heritage Co-operative Credit Union Issues Alert Following Cyberattack
GLORIAMIST Group Targeted Science Po Paris, Claims to Breached Several of Their Database
Google fixes eighth actively exploited Chrome zero-day this year
Google fixes yet another Chrome zero-day exploited in the wild (CVE-2024-5274)
Hackers Created Rogue VMs to Evade Detection in Recent MITRE Cyber Attack
Hacker defaces spyware app’s site, dumps database and source code
HackNeT and People’s Cyber Army Allegedly Launch DDoS Attacks on Canadian Airport Systems
Health Information Published Online After MediSecure Ransomware Attack
Hong Kong Monetary Authority (HKMA) Issues Alert Over Fraudulent Website and Phishing Emails Tied to Tai Sang Bank Limited
How Banks Can Safeguard Customers From Romance Fraud
How Can Small Businesses Alleviate Cyber Risks?
How Hoteliers Can Navigate Data Breach Insurance Claims
Information Commissioner’s Office (ICO) Issues Reduced Fine to PSNI Over Data Breach
Inside Team R70: An Interview with a Notorious Hacker Collective
JAVS Courtroom Recording Software Backdoored - Deploys RustDoor Malware
Legal action looming for Optus following data breach
Lewisham residents' contact details published in data breach
London Drugs Data Breach: Ransom Refusal Leads to Release of Employee Files
London Drugs’ response to cyberattack a case study in crisis management
Malicious actors are cat-phishing targets in order to spread malware
MediSecure asks for government bailout after cyberhack, data advertised on dark web
Merrill employee exposes Walmart pension plan members
Microsoft: Gift Card Fraud Rising, Costing Businesses up to $100,000 a Day
New KnowBe4 phishing report reveals top choices for phishing scams
New ShrinkLocker ransomware uses BitLocker to encrypt your files
New York's Albany County investigating 'cybersecurity breach' ahead of holiday weekend
Novartis Patient Information Leaked in Third-Party Data Breach at Lash Group
Novel ShrinkLocker ransomware exploits Microsoft BitLocker
Optus Faces Legal Action Over 2022 Data Breach: Australian Communications and Media Authority (ACMA) Alleges Failure to Protect Customer Data
Optus sued by watchdog over 2022 data breach
Optus to defend itself against claims it failed its customers in 2022 cyber attack
Philippine National Police (PNP) suspends online services amid data breach probe
Phishing kit trends and the top 10 spoofed brands of 2023
Police service faces £750k fine for data breach
Police Service of Northern Ireland (PSNI) faces £750,000 fine for data breach impacting entire workforce
Ransomhub Attacking Industrial Control Systems To Encrypt And Exfiltrate Data
Ransomware & Extortion Trends Create Massive Shift in Cyber Threat Landscape
Ransomware attack on Victoria Eye Centre impacted over 80,000 patients
Ransomware Attacks Targeting VMware ESXi Infrastructure Adopt New Pattern
Researcher Indicates PCTattletale Stalkerware Found on US Hotels, Corporate and Law Firm Computers Leaks Recordings
Russian Hackers Shift Tactics, Target More Victims with Paid Malware
Self-managed VPNs targeted in 58% of ransomware attacks
Shein customers issued urgent 'do not open' warning over new phishing scam
Shein shoppers issued urgent 'be aware' warning over latest scam
ShrinkLocker Ransomware Exploits Microsoft's BitLocker
Singapore: Software firm fined $74k for data breach caused by weak password; half a million users affected
South Africa: Justice department suffers another cyber attack
Staff documents stolen in EU Parliament data breach
Stealthy BLOODALCHEMY Malware Targeting ASEAN Government Networks
Stolen London Drugs data posted online in ransomware attack
The Philippines: Department of Information and Communications Technology (DICT) working on Philippine National Police (PNP) data breach
Thousands of rugby fans' data leaked in breach
Top Cloud Services Used for Malicious Website Redirects in SMS Scams
Update Chrome Browser Now: 4th Zero-Day Exploit Discovered in May 2024
US Drug Distributor Cencora Reports Massive Cyberattack, Highly Sensitive Medical Data Compromised
US pharma giant Cencora says Americans’ health information stolen in data breach
US retailers under attack by gift card-thieving cyber gang
Vulnerable to ransomware? It’s not your servers - it’s your people
Walmart 401(k) data breach leaks names, Social Security numbers of plan participants
What is Black Basta, thought to be behind the Ascension ransomware attack?
What the FA Cup can teach businesses about ransomware
Worried about job security, cyber teams hide security incidents
23rd May
70% of CISOs worry their organization is at risk of a material cyber attack
300% Surge in Cyber Attacks - Here Is How Hacktivist Groups Are Targeting India’s General Election
400,000 Impacted by CentroMed Data Breach
Are Your SaaS Backups as Secure as Your Production Data?
Australia takes Singtel-owned Optus to court over 2022 cyber attack
Australia to sue Singtel-owned Optus in court over 2022 cyber attack
Australian Communications and Media Authority (ACMA) sues Optus for 2022 cyber attack
Australian Communications and Media Authority (ACMA) takes Optus to court over data breach that impacted 10m Aussies
Australian printing company suffers alleged 300Gb data breach
Bank of Guam alerts customers to recent vishing and phishing scheme
BianLian Ransomware Group Adds 3 American Companies to Victim List
Breach of staff data sees Northern Ireland police service hit with £750k fine
Canadian pharmacy London Drugs responding to a LockBit ransomware attack
CentroMed suffers data security incident, 400K patients exposed
Chinese Threat Actors Employ Operational Relay Box (ORB) Networks to Evade IOCs
CISA Warns of Actively Exploited Apache Flink Security Vulnerability
CISOs pursuing AI readiness should start by updating the organization’s email security policy
City of Clarksville announces major breach of residents' personal data
Communications watchdog suing Optus over data breach
Compromised recording software was served from vendor’s official site, threat researchers say
Courtroom recording software compromised with backdoor installer
Cyberattacks on health authority, province, London Drugs not related
Cybercriminals Exploit Cloud Storage For SMS Phishing Scams
Data Breach At Mustafa Group In Singapore Prompts Police Probe
Data breach at Western Sydney University (WSU) exposes thousands to cyber threats
EU Parliament staff in uproar over breach of ID cards, personal records
European Parliament breached, IDs leaked
Facial recognition technology widely used at sporting events, privacy watchdog says
First Nations Health Authority in Crisis: Cyberattack Shakes British Columbia’s Healthcare Sector
GitHub fixes maximum severity Enterprise Server auth bypass bug (CVE-2024-4985)
GitHub Fixes Maximum Severity Flaw in Enterprise Server
GitHub Issues Patch for Critical Exploit in Enterprise Server
Grandoreiro Malware Targets More Than 1,500 Banks in 60 Countries
Here's yet more ransomware using BitLocker against Microsoft's own users
HHS pledges $50M for autonomous vulnerability management solution for hospitals
High-severity GitLab flaw lets attackers take over accounts
How the Ascension cyberattack is disrupting care at hospitals
HR-related email subjects still top for phishing attempts
'I’ve been here too long’: Patients feel ransomware attack effects at Ascension
Indian Election Faces Cyber-Attacks, Data Leaks on Dark Web
Information Commissioner’s Office (ICO) plans to fine Police Service of Northern Ireland for data breach
Information Commissioner’s Office (ICO) Warns Police Service of Northern Ireland (PSNI) It Faces £750k Fine Over Data Breach
Inside Operation Diplomatic Specter: Chinese APT Group's Stealthy Tactics Exposed
Ireland: a prime target for Cybercriminals with Phishing leading the charge
Irish European Parliament staff among those with passports leaked in major data breach
Ivanti Patches Critical Remote Code Execution Flaws in Endpoint Manager
Jumbo Group suffers ransomware attack
Jumbo Group, Mustafa hit by cyber attacks
Justice AV Solutions (JAVS) courtroom recording software backdoored in supply chain attack
Kakao fined $11.1 million for 2023 data breach
LockBit says that it’s behind the London Drugs attack
London Drugs confirms stolen employee data leaked online by hackers
Machine identities lack essential security controls, pose major threat
Malicious actors leak 70 million records from US Criminal database
MediSecure data breach: why is health data so lucrative for hackers?
Microsoft spots gift card thieves using cyber-espionage tactics
Morocco-based cybercriminals cashing in on bold gift card scams, Microsoft says
National Records of Scotland Data Breached in NHS Cyber-Attack
National Vulnerability Database (NVD) Leaves Exploited Vulnerabilities Unchecked
Naya Daur YouTube Channel Restored Following Cyber Attack
Nearly 90% of organizations suffer damage after a security incident
New Bitcoin Token Protocol “Runes” Carries Potential Phishing Risk
New Frontiers, Old Tactics: Chinese Cyber Espionage Group Targets Africa & Caribbean Governments
NHS Dumfries and Galloway cyber attack records published
Nissan North America targeted in data breach impacting more than 53,000 staff members
Northern Ireland: Police facing £750k fine over data breach
Nissan data breach impacts 50K+ employees
Nissan Oceania call centre impacted by OracleCMS data breach
Northern Ireland police faces £750k fine after exposing staff info
Northern Ireland Police Service Could Face £750K Fine Over Data Breach
OmniVision says Cactus ransomware attack in 2023 compromised client data
Online video downloader exposes user data, including explicit content
Optus says it will defend allegations it failed to protect confidential details of 9 million customers in cyber attack
Optus sued by regulator over 2022 cyber-attack
Optus to face Australian Communications and Media Authority (ACMA)-filed court case over data breach
Passports, criminal records leaked in EU Parliament data breach
Patriot Mobile data breach exposes subscribers’ personal details
Pharmaceuticals firm Cencora says data breach impacted Bristol Myers Squibb customers
Phishing attack spike fueled by generative AI
Police Service of Northern Ireland (PSNI): Federation welcomes initial findings into data breach
Police Service of Northern Ireland (PSNI) could be fined £750,000 for major workforce data breach last year
Police Service of Northern Ireland (PSNI) could be fined £750k over data breach
Police Service of Northern Ireland (PSNI) Faces £750,000 Data Breach Fine After Spreadsheet Leak
Police Service of Northern Ireland (PSNI) faces £750k fine for data breach which exposed personal information of entire workforce
Police Service of Northern Ireland (PSNI) faces £750,000 fine for massive data breach last year
Police Service of Northern Ireland (PSNI) faces trust rebuild after ‘avoidable’ data breach
Police Service of Northern Ireland (PSNI) Facing £750,000 Fine After Data Breach Exposes Officers’ Details
Police Service of Northern Ireland (PSNI) facing £750,000 fine as ‘tangible threat to life’ identified following data breach
Police Service of Northern Ireland (PSNI) facing €750,000 fine over data breach involving more than 9,000 serving officers and staff
Police Service of Northern Ireland (PSNI) facing £750,000 fine over major data breach
Police Service of Northern Ireland (PSNI) fined £750,000 over severe data breach that saw staff personal details published online
Police Service of Northern Ireland (PSNI) to face £750,000 fine as a result of data breach that could have been easily avoided
Police Service of Northern Ireland's Failure to Prevent Data Breach Could Bring Nearly $1 Million in Fines
Protect Your Multi-Factor Authentication Codes from Phishing Scams
QR Code-Based Attacks Are Growing in Popularity; Now Comprise 11% of All Malicious Emails
Ransomware Attack on Texas Ophthalmology Practice Exposes Data of 80,000 Patients
Ransomware Attacks Exploit VMware ESXi Vulnerabilities in Alarming Pattern
Ransomware fallout: 94% experience downtime, 40% face work stoppage
Report Reveals 341% Surge in AI-Driven Phishing and BEC Attacks
Richland, Washington issues data breach notification
Rise in ransomware accelerates cyber insurance adoption
Scottish national records data breached in NHS ransomware attack
Securities and Exchange Commission (SEC) Amends Reg S-P To Strengthen Data Breach Response Requirements and Protect Investor Information
ShrinkLocker: Turning BitLocker into ransomware
State and Local Governments Make Progress Against Ransomware
Stock exchanges fined for failing to report cyber intrusion
Tesla’s Ultra-Wideband Still Vulnerable to Relay Attacks Despite Upgrades
The Securities and Exchange Commission (SEC) slaps New York Stock Exchange's parent company with a $10M fine for not immediately reporting a hack
Threat Actor Allegedly Offers Unauthorized RDP Access to one of Congo’s Largest Mining Companies
Threat Actor Claims to Have Breached Catch News, 2 Million Users Data at Risk
Threat Actor Offers Baloo Stealer Source Code for Sale for $1500
Threat Actor Offers Database of MedSecure for Sale at $50000
Threat Actor “Unfading Sea Haze” Targeting South China Sea Nations
Trionfo Solutions Announces Data Breach Affecting Social Security Numbers of 65,787 Individuals
UK considering mandatory reporting for ransomware attacks
WhatsApp Engineers Fear Encryption Flaw Exposes User Data
22nd May
70% of CISOs Believe Their Company Is at Risk of a Cyber-attack
87% of medical practice data is digital
A hacker has created over $200 million worth of GALA tokens after a security breach
America's "only conservative cell carrier" hit by data breach
Ascension transitions to manual systems amid last week's ransomware attack
Atlas hack admitted by Black Basta ransomware group
Australia takes Singtel-owned Optus to court over 2022 cyber attack
Authorized Push Payment Fraud Cases Surge 12% Annually
Barings signs up 1,000+ claimants over recent Ministry of Defence (MoD) data breach
Blackbaud hit with new federal mandates following 2020 data breach
Breach Forums Plans Dark Web Return This Week Despite FBI Crackdown
Business Email Compromise (BEC) and Healthcare Benefits Scammer Sentenced to 10 Years Over $4.5M Fraud
Business Email Compromise (BEC) Phishing Attacks Are Gaining Momentum
Canada's London Drugs confirms ransomware attack after LockBit demands $25M
CentroMed Data Breach Exposed 400,000 Patient Records
Chinese hackers compromising military and government entities around South China Sea
Chinese hackers hide on military and government networks for 6 years
Chinese Hackers Rely on Covert Proxy Networks to Evade Detection
Chucky Allegedly Leaks Gestion Kronos Database Containing 1.6 Million Records
Consumers file multiple Financial Business and Consumer Solutions data breach lawsuits
Critical Veeam Backup Enterprise Manager Flaw Allows Authentication Bypass
Cyber attack on healthcare provider CentroMed exposes patient data
Cyberattack against London Drugs claimed by LockBit ransomware group
Cyberattackers using ‘cat-phishing’ techniques, says report
CyberNiggers Group Announces New Web Domain Following BreachForums Downfall
Cybersecurity Incidents and Ransomware Attacks: Cybersecurity and Infrastructure Security Agency (CISA) Proposes Reporting Rule
Data Breach Alert: Allegedly Saudi Shopping Platform Reefi.me Customer Data for Sale
Data breach impacts wireless provider Patriot Mobile
Detecting A Phishing Attack With Help Of Artificial Intelligence
Dissecting the latest DNS-based attack trends - What we're seeing and how to get ahead
Dohman, Akerlund & Eddy Notifies Consumers of February 2024 Data Breach
Don’t ignore data protection when developing AI, Information Commissioner’s Office (ICO) warns
Embracing collective defence against cyber-threats
Exploiter Returns Stolen Funds After Gala Games Froze $180 Million
Federal Trade Commission (FTC) orders Blackbaud to report on data practices
Feds continue to rack up convictions in BEC cases as Georgia man gets 10-year sentence
Gala Games recovers $22M of stolen crypto
Generative AI services have driven a huge surge in phishing attacks
German police warn of cyberattacks via Office 365
GHOSTENGINE Exploits Vulnerable Drivers to Disable EDRs in Cryptojacking Attack
GitHub Enterprise Server Vulnerability Circumvents Authentication Protections
Hacker breaches 2 Philippine National Police online systems in series of attacks
Hacker from Gala Games returned USD 22 million! The team would effectively freeze most of the GALA tokens
Hacker Returns $22M to Gala Games Post GALA Token Exploit
Hackers Sell Fake Pegasus Spyware on Clearnet and Dark Web
Healthcare’s Trillion-Dollar Data Breach Crisis: Cybersecurity is a Matter of Life and Death
HR and IT Related Emails are the Top Choices for Phishing Scams
HR and IT Related Phishing Emails Most Popular Subjects in Q1
In the last year, 70% of organizations were targeted with Business Email Compromise (BEC) attacks
Information Commissioner’s Office (ICO) Looks Into Microsoft’s New Recall Feature
Interactive Brokers Notifies 600 Clients of Data Breach
Intercontinental Exchange to pay $10M Securities and Exchange Commission (SEC) penalty over VPN breach
Is ChatGPT Driving the Rise in Malicious Emails?
Is Southeast Asia becoming the Silicon Valley of fraud?
IT Leaders Agree: Single Sign-On (SSO) Isn’t Enough
Lane Gorman Trubitt Notifies Consumers of January 2024 Data Breach
Latvia could criminalize deepfakes that target politicians
LockBit 3.0 Dethroned and New Players are Emerging
LockBit dethroned as leading ransomware gang for first time post-takedown
London council warns residents’ data may have been compromised by cyber attack on healthcare provider
London Drugs faces Thursday deadline if it doesn’t pay $25 million after ransomware hack
London Drugs ransom demand vanishes hours before looming deadline
Los Angeles Department of Mental Health (LACDMH) reports data breach
Mastercard Deploys AI to Preemptively Thwart Card Fraud
Mastercard Doubles Speed of Fraud Detection with Generative AI
Microsoft Exchange Server Flaws Exploited to Deploy Keylogger in Targeted Attacks
Microsoft's new Windows 11 Recall is a privacy nightmare
Microsoft’s Quick Assist tool used to deploy ransomware
National Records of Scotland data leaked as part of NHS cyber-attack
National Records of Scotland data published in NHS cyber attack
National Records of Scotland reveals its data stolen in 'distressing' NHS health board cyber attack
Neighbourhood Watch data breach update as police confirm 'individuals are being investigated'
New APT Group “Unfading Sea Haze” Hits Military Targets in South China Sea
New Caledonia: Russian cyber attack just hours before French President Macron's arrival
New Cryptojacking Campaign Exploits Vulnerable Drivers to Evade Security and Gain Privileges
NoName057 Group Launches DDoS Attacks on Major German Websites
OmniVision disclosed a data breach after the 2023 Cactus ransomware attack
Over 200K likely vulnerable Confluence Data Center instances exposed
Proposals to Ban Ransomware Payments Rumoured
Q1 2024 Cyber Threat Landscape Report: Insider Threat & Phishing Evolve Under AI Auspices
QNAP Patches New Flaws in QTS and QuTS hero Impacting NAS Appliances
Ransomware group says it will release stolen London Drugs data if it doesn't get $25M in 48 hours
Ransomware, Business Email Compromise (BEC), GenAI Raise Security Challenges
Reject all cookies but get them anyway? Websites abusing “legitimate interest”
Report Reveals 341% Rise in Advanced Phishing Attacks
Researchers Warn of Chinese-Aligned Hackers Targeting South China Sea Countries
Rockwell Advises Disconnecting Internet-Facing ICS Devices Amid Cyber Threats
Rockwell Automation Urged Customers to Keep ICS Away from the Internet
Securities and Exchange Commission (SEC) slaps $10 million penalty on owner of New York Stock Exchange over 2021 cyber intrusion
Sensitive records office data accessed in cyber attack on health board
Sidewinder APT Group on the Prowl: National Computer Emergency Team (NCERT) Warns of Phishing Campaign Targeting High-Profile Offices
SlashNext Mid-Year State of Phishing Report Shows 341% Increase in BEC and Advanced Phishing Attacks
Spyware found on US hotel check-in computers
State hackers turn to massive Operational Relay Box (ORB) proxy networks to evade detection
Strengthening Your Multi-Factor Authentication: Tips to Thwart Phishing Attempts
Super Massive Data Breach Reveals 26 Billion Records & 12 Terabytes Of Information
Technological complexity drives new wave of identity risks
The last six months shows a 341% increase in malicious emails
The Under-Appreciated Threat of Authentication-in-the-Middle Attacks
Thousands at Risk in the U.S. from Critical GitHub Enterprise Server Flaw
Threat Actor Allegedly Offers Screen Connect Access to 3,256 Computers in 10 Companies
Threat Actor Claims to Have Breached Al-Rajhi Bank, Sensitive Data at Risk
Threat Actors Exploited Bitbucket Artifacts to Expose AWS Secrets in Plaintext
U.S. nonprofit BAMSI says data breach impacted over 20,000 individuals
UK Bank Fraud Losses Exceed £1 Billion in 2023 Despite Slight Decline
UK Government in £8.5m Bid to Tackle AI Cyber-Threats
US infrastructure crisis: a third illegally pay ransoms
US Unveils $50M Program to Help Hospitals Patch Cybersecurity Gaps
UserPro Plugin Vulnerability Allows Account Takeover
Veeam Addresses Authentication Bypass in Backup Enterprise Manager
Veeam fixes auth bypass flaw in Backup Enterprise Manager (CVE-2024-29849)
Vishing Meets AI: The Changing Nature of Phishing Threats
WebTPA data breach compromised the data of close to 2.5 million individuals
Welsh Rugby Union member addresses, names exposed
Windows’ new Recall feature: A privacy and security nightmare?
21st May
10 E-commerce Security Threats to Save Your Business From
15 QNAP NAS bugs and one Proof-of-Concept (PoC) disclosed, update ASAP! (CVE-2024-27130)
$22 million in crypto swiped from Gala Games blockchain platform
49 Million Customers Impacted by API Security Flaw
70% of CISOs Expect Cyber-Attacks in Next Year
Anonymous Hacker Steals $200M Worth of GALA Tokens - Will Gala Games Recover?
Army personnel fear for their jobs after huge MoD cyber attack
Ascension nurse: Ransomware attack makes caring for hospital patients 'so, so dangerous'
Ascension patients: cyber-attack causing delays for medical results
Aston Villa’s gates have security gaps: fans exposed
Australian e-prescription provider MediSecure announces a significant data breach
Bitbucket artifact files can leak plaintext authentication secrets
Black Basta Ransomware Group Announced 7 New Victims
BreachForums Fallout: Secretforums Announces BF Ranks, USDoD Shares Update
CentroMed discloses a second data breach within one year
Comwave Networks Faces Alleged Cyberattack from Medusa Ransomware Group
Conservative cell carrier Patriot Mobile hit by data breach
Critical Fluent Bit Bug Impacts All Major Cloud Platforms
Critical Fluent Bit flaw affects major cloud platforms, tech companies’ offerings (CVE-2024-4323)
Critical GitHub Enterprise Server Flaw Allows Authentication Bypass
Cyber Attack Forces Michigan Hospitals to Use Paperwork
Cyberattacks Over Work Email Most Used; Ransomware Hits Victims Hard
Data protection top motivator for cloud-based backup
Dropbox faces new class action lawsuit over data breach
Emerging trends in ransomware: What to expect in 2024?
Environmental Protection Agency (EPA) Cyber Attack Still Hitting Water Utilities
Environmental Protection Agency (EPA) Steps Up Enforcement to Protect US Drinking Water from Cyber Attacks
Family offices become prime targets for cyber hacks and ransomware
Gala Games Recovers $23M Stolen By Hacker, Plans Token Buyback Program
Generative AI bots are susceptible to user manipulation
GIT (Version Control System) Vulnerability to Remote Access: CVE-2024-32002 RCE Exploit Disclosed
GitHub warns of SAML auth bypass flaw in Enterprise Server
Hacker could have personal information of every schoolkid in Helsinki
Hacktivists turn to ransomware in attacks on Philippines government
Homeland Security has collected DNA data from 1.5 million immigrants in four years, researchers find
How to protect your team against AI phishing emails
HR and IT related phishing scams still most popular according to KnowBe4’s latest Phishing Report
Ikaruz Red Team: Hacktivist Group Leverages Ransomware for Attention Not Profit
Iranian State Hackers Partner Up for Large-Scale Attacks
Just 6% of Brands Guard Against Digital Impersonation Fraud
Kansas City Cyberattack Disrupts KC Scout Cameras, Impacts Crash Investigations and Services
Kyivstar Cyberattack: Company Allocates $90 Million for Recovery Efforts
Lewisham admits data breach - but downplays impact of exposing contact details of residents
‘Linguistic Lumberjack’ Vulnerability Affects Major Cloud Services
"Linguistic Lumberjack" Vulnerability Discovered in Popular Logging Utility Fluent Bit
LockBit admits University of Siena cyberattack
LockBit says they stole data in London Drugs ransomware attack
London Drugs confirms employee data held for ransom
London Drugs confirms it was victim of ransomware attack
London Drugs hackers seek millions in ransom on claims of stolen employee data
Majority of Singaporean firms hit by ransomware sought law enforcement for help
Malware Delivery via Cloud Services Exploits Unicode Trick to Deceive Users
Many-faced Iranian hackers stir destruction in Albania and Israel
Massive $200M Theft In Popular Web3 Game Drives Crypto Hack Losses Beyond $1B This Year
MediSecure data breach: Why hackers target health data
Monmouth County high school students may have had personal info stolen in data breach
More Than One in Four Ransomware Attacks on Healthcare Providers Impact Patient Care
NEC XON shares lessons learnt from ransomware attacks
New Jersey School Data Breach May Have Exposed Student Names, SSNs
New Jersey school reveals shocking data breach: Kept secret for a year
New KnowBe4 Phishing Report Reveals HR and IT Related Emails Are the Top Choices for Phishing Scams
NextGen Healthcare Mirth Connect Under Attack - CISA Issues Urgent Warning
Nissan North America Data Breach Leaked the Personal Information of Over 53,000 Employees
Office of the Australian Information Commissioner (OAIC) releases statement on MediSecure data breach
Over 60% of Network Security Appliance Flaws Exploited as Zero Days
Phishing statistics that will make you think twice before clicking
Phishing-as-a-Service (PhaaS): An Intriguing Threat On The Rise In 2024 And Beyond
Ransomware: What is it? How to protect yourself?
Ransomware and AI-Powered Hacks Drive Cyber Investment
Recent Healthcare Ransomware Attacks
Reddish Eagle Announces Formation of Black Hat Hackers Colony
Researchers Uncover Flaws in Python Package for AI Models and PDF.js Used by Firefox
Rockwell Automation warns admins to take ICS devices offline
Santander bank says data breach compromised European employees and customers
Security Breach at Gala Games: Hacker Mints $214 Million Worth of GALA Tokens
SolarMarker Malware Evolves to Resist Takedown Attempts with Multi-Tiered Infrastructure
Strategies for combating AI-enhanced Business Email Compromise (BEC) attacks
The role of a lawyer when a cyber-attack strikes
Threat Actor Allegedly Leaked Database of Vasitam.com
Threat Actor Allegedly Offers Access to an American Business Service Company
UK data protection watchdog ends privacy probe of Snap’s GenAI chatbot, but warns industry
UK to propose mandatory reporting for ransomware attacks and licensing regime for all payments
UK’s ICO Warns Not to Ignore Data Privacy as ‘My AI’ Bot Investigation Concludes
Walmart, Amazon-used utility bug permitting Remote Code Execution (RCE) attacks
WebTPA data breach compromises information of over 2.4 million individuals
Western Sydney University cyber attack: Emails and files hacked
Western Sydney University Data Breach: Impact on 7,500 Individuals
Western Sydney University data breach exposed student data
Western Sydney University discloses data breach, 7,500 ‘impacted individuals’ notified
Western Sydney University staff, students caught in cyber attack
What to do in the event of a data breach
With ransomware whales becoming so dominant, would-be challengers ask 'what's the point?'
YouTube Becomes Latest Battlefront for Phishing, Deepfakes
YouTube has become a significant channel for cybercrime
20th May
15 companies account for 62% of global attack surface
AI Chatbots Highly Vulnerable to Jailbreaks, UK Researchers Find
AI Python Package Flaw ‘Llama Drama’ Threatens Software Supply Chain
Amateur Radio Group Hit by Cyberattack, Key Database Offline
April 2024 Healthcare Data Breach Report
Bermuda tightens penalties for cyber-related crimes following major cyber attack last year
Birmingham Council-owned children’s services unit reprimanded over data breach of ‘criminal allegations’
Business email compromise: new guidance to protect your organisation
Cencora Provides Notice of Data Breach Affecting Bristol Myers Squibb Customers’ Information
Challenging Times Remain Among the Ever-Evolving Email Landscape
Chinese Duo Indicted For Laundering $73m in Pig Butchering Case
Christie's cyberattack forces shift to traditional bidding methods
Companies wary of AI-fuelled malware, phishing
Consumers continue to overestimate their ability to spot deepfakes
Critical Fluent Bit flaw impacts all major cloud providers
Cyber attack on Ausgrid could lead to costs of $2.9bn per day
Cyber Criminals Exploit GitHub and FileZilla to Deliver Malware Cocktail
Cybercriminals shift tactics to pressure more victims into paying ransoms
Damage to reputation prevents victims from reporting ransomware attacks
Dell Data Breach: Personal Information of 49 Million Customers Compromised due to latest API Abuse
Employees’ ‘mental wellbeing’ impacted by phishing threats
Environmental Protection Agency (EPA) says it will step up enforcement to address ‘critical’ vulnerabilities within water sector
Federal Trade Commission (FTC) Finalizes Order with Blackbaud Related to Allegations the Firm’s Security Failures Led to Data Breach
Fluent Bit Tool Vulnerability Threatens Billions of Cloud Deployments
Foxit PDF Reader Flaw Exploited by Hackers to Deliver Diverse Malware Arsenal
Grandoreiro Banking Trojan is back and targets banks worldwide
Grandoreiro Banking Trojan is Back With Major Updates
Growing number of ransomware attacks on hospitals could mean life or death for patients
Hacker Who Exploited Solana Meme Coin Factory Pump.fun Says He Faces Theft, Conspiracy Charges
HackNeT and NoName057 Allegedly Continue DDoS Attacks on Slovak Websites
Hacktivist Groups Target Indian Elections, Leak Personal Data, Says Report
Hacktivist Indonesia Group Allegedly Leaks Full Database of Centurion University
Hong Kong: Secondary school says it may have been hit by data breach
How a Doxxed Hacker Live-Tweeted Stealing $2 Million From pump.fun
Interactive Brokers Announces Data Breach Due to Compromised Employee Email Account
Iran-Linked Void Manticore Intensifies Cyber-Attacks on Israel
Iranian Ministry of Intelligence and Security (MOIS)-Linked Hackers Behind Destructive Attacks on Albania and Israel
Kaiser Permanente announces data breach, patient information compromised
Kyrgyzstan Unrest Escalates: Hackers Target Nation Amidst Mob Violence
Latrodectus Malware Loader Emerges as IcedID's Successor in Phishing Campaigns
LiteSpeed Cache Bug Exploit For Control Of WordPress Sites
Los Angeles Department of Mental Health Confirms Data Breach of Sensitive Patient Information
Malware that steals bank data is back despite arrests
MediSecure confirms data breach accessed personal patient and prescription details
MediSecure data breach: why is health data so lucrative for hackers?
Millions of customers affected by WebTPA data breach
New Antidot Android Malware Poses as Google Update to Steal Funds
New BiBi Wiper version also destroys the disk partition table
New Jersey high school students’ names, social security numbers may have been exposed in data breach
New 'Siren' mailing list aims to share threat intelligence for open source projects
Northeast Rehabilitation Hospital Network Announces Data Breach
OmniVision discloses data breach after 2023 ransomware attack
Patient information possibly accessed during data breach at LA County Department of Mental Health
Phishing, Business Email Compromise (BEC), and Beyond: Tackling the Top Cyber Threats to UK Banks
Phone-Based Phishing Grows Explosively, Shifting the Cybercrime Threatscape
Proof-of-Concept (PoC) exploit for Ivanti EPMM privilege escalation flaw released (CVE 2024-22026)
Pump Fun Implodes: Ex-Employee Turned Hacker Exposes Alleged Shady Practices
QNAP QTS zero-day in Share feature gets public RCE exploit
Ransomware attacks up more than 20% year on year
Russian Hacker Indicted for Cybercrime Activities in New Jersey
Securities and Exchange Commission (SEC) requires financial institutions to notify customers of breaches within 30 days
Shifting the Security Mindset: From Network to Application Defense
Sydney investment firm suffers alleged data breach affecting more than 400k customers
The 8Base Ransomware Group Has Announced Three New Victims: LEMKEN, Embellir, and Crooker
Threat Actor Chucky, Owner of LeakBase Claims Knowmad Mood Data Breach
Threat Actor Claims to Sell OpenSea Database for $30,000
Threat Actors USDoD and SXUL Claim 70 Million Rows of Sensitive Data in Alleged Prison Data Breach
Turla APT Group Suspected of Utilizing Tiny BackDoor Exploiting MSBuild for Stealthy Attacks
U.S. Department of Health and Human Services (HHS) launches $50M security initiative to thwart ransomware attacks at hospitals
U.S. Department of Health and Human Services (HHS) offering $50 million for proposals to improve hospital cybersecurity
U.S. Department of Health and Human Services (HHS) offers $50M to help providers patch ransomware vulnerabilities
University of Siena Cyberattack: LockBit Claims Responsibility, Sets Deadline
Unpatched vulnerabilities making bad ransomware outcomes worse: What you need to know
Unverified Claims of Cyberattack on Hamburg Airport Surface Amid Cybersecurity Concerns
USDoD Allegedly Leaks USA Criminal Database With 70 Million Rows
Void Manticore: Iranian Threat Actor Targeting Israel and Beyond with Data Wipers
Why Culture is the Bedrock of Cybersecurity
Workers are still overconfident in their ability to spot ransomware