Editor's Message

Welcome to DBD. On March 8th we celebrated our 4th Anniversary and the 1st Anniversary of our PRiSM application, officially endorsed by the SANS Institute. Despite recent personal issues that have impacted the amount of time I have been able to dedicate to both projects, I have been doing my best to keep everything as up-to-date as possible, and I would like to take this opportunity to thank everyone for their patience and support whilst I navigate through this very difficult time. Stay safe. :)



Wednesday 31 July 2024

Ransomware Operator Claims - Week 30 2024

Welcome to last week's ROC Report, an exclusive summary of Ransomware Operator's global victims that were claimed during the period between 22nd July and 28th July 2024, kindly assisted by our partners.

For further analysis on these (and any historic) Ransomware Operator Claims, including the Victim Names and Industry Sectors attacked, please use our PRiSM application.

Download PDF



Data Source: Data Breaches Digest. Flag Icons created by Freepik and provided by Flaticon.


Monday 29 July 2024

Data Breaches Digest - Week 31 2024

Welcome to this week's Data Breaches Digest, a catalogue of links concerning Data Breaches and Cyber Security that were published on the Internet during the period between 29th July and 4th August 2024.


4th August

Chinese hacker group StormBamboo successfully hijacked an ISP's automatic software updates with backdoor malware and bad Chrome extensions to breach a downstream target

Convergence Hack: $210 Million Worth of Tokens Stolen Through Smart Contract Exploit

Creepy warning signs you're being targeted in a cyber attack - and what to do

Delta airlines takes legal action against tech giants for massive data breach

Google Ads Suffered Major Reporting Glitch, Exposing Competitor Data and Causing Unavailability of Services

Hackers attempt to sell the personal data of 3 billion people resulting from an April data breach

Halifax phishing scam alarm as bank points to telltale sign a phone call is not from them

Is Off-The-Shelf Code Fuelling the Surge in Ransomware?

Panamorfi Campaign Leverages Minecraft DDoS Package Deployed Via Jupyter Notebook and Discord

StormBamboo’s DNS Poisoning Attack Targets Software Updates

Surge in Magniber ransomware attacks impact home users worldwide

The Alarming Surge Of Lateral Phishing – Are We All Just Sitting Ducks?

Threat Actor Claims to Sell “.url” Exploit Source Code for $10k

Unveiling the SLUBStick Cross-Cache Attack on the Linux Kernel

3rd August

4.3 million Americans exposed in massive health savings account data breach

23andMe Faces Delisting Amid Data Breach Fallout And Cash Crisis

42% of targeted email attacks against larger companies involve lateral phishing

Approval phishing scams ‘a much bigger problem’ than first thought

City of Columbus Offers Credit Monitoring to Employees After Massive Cyberattack Hits Government Facilities

Department of Justice (DOJ) and Federal Trade Commission (FTC) Sue TikTok for Violating Children's Privacy Laws

DIY Ransomware: novice cybercriminals bigger threat thanks to off-the-shelf code

Environmental Protection Agency (EPA) Urged to Enhance Water Sector Cybersecurity in New Government Accountability Office (GAO) Report

Hackers breach ISP to poison software updates with malware

Hackers Exploit Misconfigured Jupyter Notebooks with Repurposed Minecraft DDoS Tool

Hong Kong’s Cybersecurity Bill: Aimed at Critical Infrastructure Protection, Not Personal Privacy

Income Tax Refund scam is doing the rounds! Don’t fall for it by clicking link in phishing messages

Israeli Hackers Claim Responsibility for Internet Disruption in Iran

Linux kernel impacted by new SLUBStick cross-cache attack

Malaysia: Tawau man behind global phishing business, says Aussie report

Malware Attacks In India Up By 11%, Ransomware Rises 22%

Massive Health Savings Account Data Breach Exposes 4.3 Million Americans

Minister apologises for Northern Ireland special education needs data breach

Newly Discovered BITSLOTH Backdoor Abuses Microsoft BITS for Command and Control

North Korean hacker accidentally hired by American cybersecurity company

Ransomware in the global healthcare industry

Russia-linked APT used a car for sale as a phishing lure to target diplomats with HeadLace malware

Russian hacker arrested in Maldives released by US under prisoner exchange program

Security Bypass Vulnerability Exposed in Rockwell Automation Logix Controllers

This phishing scam claims a process server is looking for you

Thousands of cameras and routers from this company at risk of hacker attacks, warn researchers

Threat Actor Alleges Breach of FBI Officers’ Database, Releases 22,175 Records

UK Shuts Down ‘Russian Coms’ Fraud Platform Defrauding Millions

ZB Financial Holdings Hacked For Ransom. Customer & Operations Data Leaked To The Internet

2nd August

Acadian Ambulance Services investigates major cyber attack affecting millions

Acronis reports 293% increase in email cyberattacks in H1 2024

APT28 Targets Diplomats with HeadLace Malware via Car Sale Phishing Lure

APT41 Hackers Use ShadowPad, Cobalt Strike in Taiwanese Institute Cyber Attack

Artificial Intelligence: The new face of cyber scams in Singapore

'ATM, UPI service affected': Ransomware attack on service provider hits 300 small banks across India

Australian engineering firm confirms RansomHub ransomware attack

Average cost of an Australian data breach hits AUD $4.26 million

Canadian Government Opens Investigation of Ticketmaster Breach

China-based Evasive Panda hackers compromised an ISP to spread malware, report says

Cloudflare’s free tunnels plagued by RATs and other malware, researchers warn

‘Comrades in Crime’ - New Research Shows Russian-Speaking Actors Account for Most Ransomware Crypto Attacks

Cryptonator founder indicted after platform found handling $235 million in illicit funds

Cryptonator seized for laundering ransom payments, stolen crypto

Cybercriminals Abusing Cloudflare Tunnels to Evade Detection and Spread Malware

Dark Web Actor Claims ADT Data Breach; Company Aware and Investigating Incident

Deepfakes, crypto hoax, phishing and love scams: how Hongkongers paid HK$9.18 billion to fraud

DeFi protocol removed an important line of code that led to a $212K hack

Environmental Protection Agency (EPA) Told to Address Cyber Risks to Water Systems

Exodus Marketplace Returns: A New Power Player in the Illicit Online Economy

Fake AI editor ads on Facebook push password-stealing malware

Federal Trade Commission (FTC) and Justice Department sue TikTok over alleged child privacy violations

Five Chinese nationals arrested by feds for 'massive' elder fraud scheme

Google explains how Android fights back against SMS phishing and data theft

Hacker Steals $210,000 in CVG Tokens from Convergence

Hackers Allegedly Targeted Czech Organizations After Defense Minister Statement

Hackers directly email customers of immigration firm after damaging cyberattack

Hackers stole personal data of over 100,000 United of Omaha's insurance customers

Healthcare Sector Preparedness: The Critical Role of CTOs in Cyber Defense

How the theft of 40 Million UK voter register records was entirely preventable

How to Stay Secure Amid the Rise of Ransomware

India: Bengaluru man loses Rs 95,000 to phishing scam while applying for car number plate; police investigate

India: Co-op Banks Digital Services Restored After Cyber Attack

India: National Payments Corporation of India (NPCI) re-establishes connectivity with C-Edge after ransomware attack

India: National Payments Corporation of India (NPCI) Restores UPI, ATM Services After Ransomware Attack On Banks - What Happened

India: UPI, ATM services resume for 300 small banks as National Payments Corporation of India (NPCI) restores network after ransomware attack

Iranian Internet Attacked by Israeli Hacktivist Group

Israeli hacker group takes responsibility for reported collapse of Wi-Fi in Iran

Justice Department sues TikTok for alleged violations of children’s privacy

KozSec Allegedly Targeting Ukraine and Supporting Russia

Law firms facing “astronomical ransom demands” from cyber-attackers

Malaysia introduces data breach notification system to combat scams

Malaysia launches data breach alert system in fight back against scammers, hackers

McDowall Affleck Confirms ‘Cyber Incident’ After RansomHub Claims Access to 470GB Data

Millions of US Voter Data Exposed in 13 Misconfigured Databases

Mirai Botnet targeting OFBiz Servers Vulnerable to Directory Traversal

Mississippi Blood Services seeks new donations after partner organization suffers ransomware attack

National Cyber Security Centre (NCSC) Unveils Advanced Cyber Defence 2.0 to Combat Evolving Threats

Navigating Indispensable Cybersecurity Practices for Hybrid Working Professionals

New CRYPTOKAT Ransomware Released

New Panamorfi DDoS Attack Exploits Misconfigured Jupyter Notebooks

New Windows Backdoor BITSLOTH Exploits BITS for Stealthy Communication

Northern Ireland: Department of Education probes data breach over Northern Ireland special education spreadsheet

OneBlood investigates cyber attack, Southeastern locations affected

OneBlood says ransomware attack impacted online operations and blood collection

Optus and Medibank Data Breach Cases Allege Cyber Security Failures

Organisations urged to take a proactive approach to ransomware threats

Organizations fail to log 44% of cyber attacks, major exposure gaps remain

Pharma giant Cencora is alerting millions about its data breach

Ransomware attacks on many banks in India are now causing issues

Ransomware campaign encrypts OneBlood virtual machines

Ransomware Group Attempts To Auction Stolen Columbus Data

Ransomware seizes hospitals' blood supply

Record-breaking $75 million ransom paid to cybercrime group

Scammers now impersonating crypto exchanges to get access to your accounts, FBI warns

Security leaders respond to HealthEquity data breach

Singapore cyber-crime trend: Fewer phishing e-mails but more AI-sharpened language

SN_BLACKMETA Group Claims DDoS Attack on Europol’s Website

Social Media Firms Fail to Protect Children’s Privacy, Says Information Commissioner’s Office (ICO)

South Korea: Shoppers, beware - New phishing scam targets victims of Qoo10 refund disaster

Superior Court of Justice of Mexico City Allegedly Breached

Thousands of Ubiquiti cameras and routers vulnerable, despite patches available

U.S. Releases High-Profile Russian Hackers in Diplomatic Prisoner Exchange

UK Data Breach Costs Soar To £3.58M: Financial Services Hit Hardest

US City of Columbus, Ohio claimed in Rhysida ransomware attack

US sues TikTok for collecting mass data on kids 13 and under

US sues TikTok for violating children privacy protection laws

What is a ransomware attack and how can you avoid it?

What Went Wrong with WazirX? Unraveling India’s biggest crypto hack

White House officials meet with allies, industry on connected car risks

1st August

5 Essential Steps to Secure Biometric Systems Against Emerging Cyber Threats

$75 Million Record-Breaking Ransom Paid To Cybercriminals, Say Researchers

300 Small Indian Banks Hit By Ransomware Attack, Payment Systems Temporarily Shutdown

A ransomware attack at OneBlood is delaying blood distribution to hospitals

A ransomware attack is impacting Florida's OneBlood

Acadian Ambulance Services Leaks Protected Health Information After Cyber Attack

AI-generated emails make up 40% of BEC lures, security firm says

Airlines are flying blind on third-party risks

Average cost of healthcare data breach nearly $10M in 2024

Black Basta Develops Custom Malware in Wake of Qakbot Takedown

Blood Donation Nonprofit OneBlood Hit With Ransomware Attack

Business Email Compromise (BEC) Attacks Surge 20% Annually Thanks to AI Tooling

C-Edge Ransomware Attack: National Payments Corporation of India (NPCI) Restores UPI Services For Impacted Banks

Cencora Confirms Patient Data Stolen in Cyber-Attack

Cencora confirms patient health info stolen in February attack

Cencora drug company admits more health data stolen in February hack

China dismisses Germany’s accusations over cyberattack as ‘targeted defamation’

Chinese Hackers Targeted Taiwanese Research Institute with ShadowPad and Cobalt Strike

City of Columbus confirms a major ransomware attack on internal systems

Clearwater cybersecurity firm accidentally hires North Korean hacker, issues warning

Columbus cyberattack potentially hits police officers' personal bank accounts, credit cards

Columbus investigating potential data leak after ransomware attack

Columbus offers credit monitoring services after employee data exposed in cyberattack

Columbus thwarts ransomware attack on IT infrastructure

Convergence Protocol Collapse: CVG Token Plummets 99% After Hacker Attack

Cyber attack on technology provider to nearly 300 small banks in India

Cyber attack on Zeroed-In Technologies compromised business clients' data

Cybersecurity: How to avoid getting hacked

Cybersecurity experts reveal what exactly happened in the ransomware attacks that took down 300 banks

DarkMeta Allegedly Targeted Israeli Organizations

Data breach costs in India at all-time high in 2024

DDoS attacks may target election infrastructure, FBI warns

Digital payment services restored of around 300 small banks affected due to ransomware attack; check details here

Disruptive Ransomware Attack Impacts OneBlood

E-Commerce Fraud Campaign Uses 600+ Fake Sites

Ekatena Mexico Allegedly Breached 375k Files For Sale

Employees at Dell, AT&T, Verizon, Capital One, and other companies exposed via popular office app

Ever More Toxic Ransomware Brands Breed Lone Wolf Operators

Facebook Ads Lead to Fake Websites Stealing Credit Card Information

FBI and CISA Issue Urgent Warning: DDoS Attacks Could Disrupt 2024 US Election Infrastructure

FBI warns of scammers posing as crypto exchange employees

Federal Agencies Say Cyber Attack Could Hinder Public Access to Election Info, Not Election Itself

From data theft to ransomware: threats and protection in the financial sector

Gaming Industry Faces 94% Surge in DDoS Attacks

Germany Attributes 2021 Attack On Federal Cartography Agency To China

Germany blames China for major 2021 cyber attack on cartography agency

Global data breach costs ‘rise by 10%’, finds IBM study

Google being impersonated on Google Ads by scammers peddling fake Authenticator

Google explains how Android protects you against phishing attacks

Google Chrome Adds App-Bound Encryption to Protect Cookies from Malware

Grandoreiro Malware: Spear Phishing, Outlook Exploits, and More

Hackers abuse free TryCloudflare to deliver remote access malware

Hackers Distributing Malicious Python Packages via Popular Developer Q&A Platform

Hackers take credit for Columbus ransomware attack, request $1.9 million in Bitcoin

HealthEquity Data Breach Affects 4.3M Customers

Human error and Business Email Compromise (BEC) are a prominent sources of payment fraud

India: Biggest cyber attack on bank payment system, work halted in 300 banks of the country

India: National Payments Corporation of India (NPCI) Connectivity With C-Edge Technologies Restored After Ransomware Attack

India: National Payments Corporation of India (NPCI) Isolates C-Edge Technologies Following Ransomware Attack on Payment Systems

India: National Payments Corporation of India (NPCI) re-establishes connectivity with C-Edge after ransomware attack

India: National Payments Corporation of India (NPCI) reestablishes connectivity with C-Edge following ransomware attack

India: Restoration of Banking Services After National Payments Corporation of India (NPCI) Ransomware Attack Resolution

India: UPI Operations Affected As a Local Bank Tech Service Provider Faces Ransomware Attack

Jailed cybercriminals returned to Russia in historic prisoner swap

Kim Jong Un Now has a Cyber Army of 8,400 Hackers, South Korean Intelligence Reportedly Said

Law firm investigates class action lawsuit regarding Intel's CPU issues

LockBit Ransomware: Two Russians Plead Guilty For Attacks

Meta settles Texas facial recognition suit with $1.4 billion deal

Miami hospital sets up blood drive day after OneBlood ransomware attack

Microsoft confirms Azure, 365 outage linked to DDoS attack

Microsoft Confirms Global Azure Outage Caused by DDoS Attack

Microsoft OneDrive Phishing Scam: How to Protect Yourself?

Mining Giant Fresnillo Confirms Cyber Security Incident: Operations Continue Normally

National Football League (NFL) to roll out facial authentication software league-wide

Nearly Every Large Healthcare Organization Uses Microsoft Active Directory: Here’s How to Secure It to Safeguard Against Escalating Ransomware Attacks

New Android Banking Trojan BingoMod Steals Money, Wipes Devices

New Android RAT BingoMod Exploits Accessibility Services To Steal Money and Wipe Data

New BingoMod Android Malware Posing as Security Apps, Wipes Data

New Hampshire, Texas, and Oregon Healthcare Providers Fall Victim to Ransomware Attacks

New “Sitting Ducks” DNS Attack Lets Hackers Easy Domain Takeover

North Korean hacker tries to access KnowBe4, security leaders react

OneBlood continues investigation into ransomware event, local hospitals monitoring blood supply

OneBlood hit with ransomware attack, state of donors' data unknown

OneBlood Target of Ransomware Event; Blood Community Rallies to Help as Urgent Call for Donors is Issued

Ongoing DEV#POPPER malware campaign expands targeting

Over 1 Million Domains at Risk of 'Sitting Ducks' Domain Hijacking Technique

Over 300 Indian banks suffer payment disruption from ransomware attack

Pharma Giant Cencora confirmed the theft of personal and health information

Pharma giant Cencora says personal health data leaked during February cyber incident

RansomEXX Group Targets Indian Banking With New Tactics

Ransomware Attack Disables Computers at Blood Center Serving 250 Hospitals

Ransomware Attack Disrupts ATM and UPI Services for 300 Small Banks Across India

Ransomware Attack Disrupts Services Of 300 Small Indian Banks

Ransomware attack forces hundreds of small Indian banks offline, sources say

Ransomware group auctioning stolen Columbus government data on dark web for $1.9 million

Ransomware group claims Columbus attack, selling 6 terabytes of passwords and more

Ransomware Hits Blood Center Serving 250+ Hospitals In Southeast U.S.

Resolian Notifies Consumers of Data Breach Following Compromised Email Accounts

Rhysida ransomware group takes credit for Columbus cyberattack, auctions stolen data

Russian hacker convicted in Seattle was part of historic prisoner swap

Scam Platform Shut Down by UK Authorities After 1.8 Million Fraudulent Calls

Security leaders respond to a sophisticated SMS stealing campaign

Shield Your Bank: A Comprehensive Guide to Attack Surface Management

Sitting Ducks DNS attacks let hackers hijack over 35,000 domains

Small Indian banks back online after ransomware attack, payments authority says

StackExchange abused to spread malicious PyPi packages as answers

Suspects in 'Russian Coms' spoofing service arrested in London, as National Crime Agency (NCA) announces takedown

Taiwan government-backed research organization targeted by APT41 hackers

Tech support scam ring leader gets 7 years in prison, $6 Million fine

The real cost of a cyber-attack: Looking beyond the figures

This Android SMS phishing campaign steals your money AND wipes your data

Threat Actor Claims to Leak ADT Data Containing Over 30,000 Records

Threat Actor Claims to Sell VPN Access to $20 Billion Taiwanese Electronics Company

Threat intelligence: A blessing and a curse?

Top blood donation service hit by ransomware attack, tells hospitals to activate critical shortage alerts

UK takes down major 'Russian Coms' caller ID spoofing platform

Understanding and Preventing Phishing Attacks

US: Cyberattack delays blood deliveries to hospitals in Southeast

US releases Russian hackers and spies as part of prisoner swap

Venezuelan Military Allegedly Breached

White House Confirms Russia-U.S. Prisoner Swap that Likely Included Hackers and Spies

Who is Dmitry Khoroshev, the most wanted hacker in the world who attacked Spain?

Why CISOs face greater personal liability

Widespread OTP-Stealing Campaign Targets Android Users

Will the public nature of ransom payments change CISO strategy over whether to pay?

31st July

AI-powered 'narrative attacks' a growing threat: 3 defense strategies for business leaders

AirsoftC3 Allegedly Suffered Data Breach

Analysis of Top Infostealers: Redline, Vidar and Formbook

Argentina Citizen Data Allegedly Leaked

Arrests Spark Surge in Cyber Attacks on Spanish Organizations

Australian Organisations Experiencing Highest Rate of Data Breaches

BangBros unzipped: 12 million records laid bare, users exposed

Bumble and Hinge allowed stalkers to pinpoint users’ locations down to 2 meters, researchers say

Chinese Hackers Target Japanese Firms with LODEINFO and NOOPDOOR Malware

CISA and FBI: DDoS attacks won’t impact US election integrity

CISA, FBI warn of potential DDoS attacks on 2024 elections

Cost of a Data Breach Surges 10% on Shadow Data Challenge

Cost of Data Breach on Average Reaches $4.9 Million

Cyber Espionage Group XDSpy Targets Companies in Russia and Moldova

Cyber exploit activity increased 21% in Q2 2024

Cybercriminals Deploy 100K+ Malware Android Apps to Steal OTP Codes

DDoS Attack Triggers New Microsoft Global Outage

Email Attacks Surge, Ransomware Threat Remains Elevated

Fraud ring pushes 600+ fake web shops via Facebook ads

Germany summons Chinese ambassador over cyberattack on cartography agency

Global SMS Stealer Targeting Android Users via Malicious Apps and Ads

Google ads push fake Google Authenticator site installing malware

Greek prosecutor says government played no role in civil society spyware infections

Meta Settles for $1.4 Billion with Texas Over Illegal Biometric Data Collection

Meta to Pay Texas $1.4bn for Unlawful Biometric Data Capture

Microsoft: DDoS Attack on Azure Services Exacerbated by Defense Error

Microsoft: DDoS defense error amplified attack on Azure, leading to outage

Microsoft says massive Azure outage was caused by DDoS attack

Microsoft Says Ransomware Groups Are Exploiting the Newly-Patched VMware ESXi Flaw

Microsoft Services Hit by Cyberattack, Amplifying Outage Impact Across Multiple Platforms

Millions of websites are sitting ducks for hijackers using unresolved method

New Android malware wipes your device after draining bank accounts

New PyPI Package Zlibxjson Steals Discord, Browser Data

New SMS Stealer Malware Targets Over 600 Global Brands

North Korea-Linked Malware Targets Developers on Windows, Linux, and macOS

OneBlood's virtual machines encrypted in ransomware attack

OneDrive Phishing Campaign Attempts To Tricks Users To Execute PowerShell Script

Phishing Attack Steals Donations from Trump Voters Using Fake Websites

Ransomware attack on major US blood center prompts hundreds of hospitals to implement shortage protocols

Ransomware Payments Hit New High as Threats Escalate: $75 Million Paid by Single Company

Ransomware Strikes U.S. Non-profit Blood Center ‘OneBlood’

Researchers Uncover Largest Ever Ransomware Payment of $75m

Reserve Bank of India (RBI) Tightens Noose on Digital Payments: New Rules for Non-Bank Payment System Operators

Rhysida Ransomware Group Allegedly Breached Sensitive Data of City of Columbus, Ohio

SMS Stealer malware targeting Android users: Over 105,000 samples identified

Suspect identified in Sydney Sweeney's SIM swap-enabled hack

Third-party ransomware attack forces 300 Indian banks offline

Threat Actor Claims to Sell Users Data of EgBill India

Urgent Blood Appeal Issued in US After Ransomware Attack

Virtual machines at risk as ransomware gangs exploit dangerous VMware vulnerability

Western Sydney University (WSU) Data Breach Impact Grows, Sensitive Information Exposed

World leading silver producer Fresnillo discloses cyberattack

30th July

$75 Million Ransom Paid to Dark Angels Ransomware Group

An 18% Increase in Ransomware Attacks Includes $75M Payment

Analyzing ‘EchoSpoofing’: How Cybercriminals Exploited Proofpoint to Send Millions of Phishing Emails

Average data breach cost jumps to $4.88 million, collateral damage increased

Black Basta ransomware switches to more evasive custom malware

CISA warns of VMware ESXi bug exploited in ransomware attacks

Columbus investigates whether data was stolen in ransomware attack

Cost of a breach reaches nearly $5 million, with healthcare being hit the hardest

Critical Sectors at Risk: India Reports 593 Attacks in the First Half of 2024

Critical ServiceNow vulnerabilities being targeted by hackers, cyber agency warns

CrowdStrike: Lessons on the Importance of Contracts, Insurance and Business Continuity

Cybercriminals Target Polish Businesses with Agent Tesla and Formbook Malware

Cyepro Solutions Allegedly Breached

Dark Angels ransomware receives record-breaking $75 million ransom

Data Breach Cost Nears $5 Million, But AI and Automation Help

ESXi environments targeted with new Linux variant ransomware strain

Financial Stability: CFOs Leveraging Threat Intelligence

Gold rush for data: Paris 2024 Olympic apps are eavesdropping on users

Google Chrome adds app-bound encryption to block infostealer malware

Google Workspace Authentication Vulnerability Allowed Thousands of Emails to be Compromised

Google Workspace Vulnerability Allowed Hackers to Access 3rd-Party Services

Hacker Scrapes and Publishes 100,000-Line CrowdStrike IoC List

HealthEquity Breach Hits 4.3 Million Customers

HealthEquity data breach affects 4.3M people

How PHP Vulnerability Leads to DDoS and Malware Attack?

Information Commissioner’s Office (ICO) Slams Electoral Commission for Basic Security Failings

Insecure file-sharing practices in healthcare put patient privacy at risk

Just One in 10 Attacks Flagged By Security Tools

Massive Data Leak from Mykukun Allegedly Breached by IntelBroker and EnergyWeaponUser

Massive SMS stealer campaign infects Android devices in 113 countries

Meta to pay Texas $1.4 billion to settle lawsuit alleging it illegally captured users’ faces

Meta Will Pay Record $1.4 Billion to Settle Texas Facial Recognition Lawsuit

Meta will pay Texas $1.4B in settlement over facial recognition software

Millions of Spoofed Emails Bypass Proofpoint Security in Phishing Campaign

New Mandrake Spyware Found in Google Play Store Apps After Two Years

New SideWinder Cyber Attacks Target Maritime Facilities in Multiple Countries

New Variant of Mandrake Spyware Found in Google Play Apps

New version of sophisticated spyware remained undetected on Google app store for two years

OneDrive Phishing Scam Tricks Users into Running Malicious PowerShell Script

Ransomware Attacks Are Attracting Record Payouts in Australia. Should You Pay the Ransom?

Record-breaking $75M ransom paid to Dark Angels gang

Researchers find new way to steal tokens using cross-site scripting and OAuth

Russia, Moldova targeted by obscure hacking group in new cyberespionage campaign

Saudi FarmGo App Allegedly Breached

Securing remote access to mission-critical OT assets

Security flaws at UK elections agency left door open for Chinese hackers, watchdog finds

Security oversight exposes 40 Million UK voters’ records

Sophisticated Phishing Campaign Targets Microsoft OneDrive Users

Stolen GenAI Accounts Flood Dark Web With 400 Daily Listings

Superior Court of Los Angeles County closes after ransomware attack

Telegram-Controlled TgRat Trojan Targets Linux Servers

The Power and Peril of Remote Monitoring and Management (RMM) Tools

Threat Actor Claims to Sell Bausch Health Data, Including 1.6 Million DEA Numbers

Threat Intelligence Visibility for CEOs: A Roadmap to Strategic Defense

U.S. Court Slashes $78M Lawyers’ Fee in T-Mobile Data Breach Settlement

UK government links 2021 Electoral Commission breach to Exchange server

Unidentified Group Claims Access to Spain’s Pipeline Systems, Warns of Potential Destruction

VMware ESXi auth bypass zero-day exploited by ransomware operators (CVE-2024-37085)

VMware ESXi Flaw Exploited by Ransomware Groups for Admin Access

29th July

4.3 Million Individuals Affected by HealthEquity Data Breach

24-Year-Old UK Hacker Sentenced to 3.5 Years in Prison For $900K Coinbase Scam

After global Windows outage, Crowdstrike users now face phishing attacks

Android spyware 'Mandrake' hidden in apps on Google Play since 2022

Australian Financial Complaints Authority (AFCA) updates on Latitude Financial Group cyber-attack

Casper Network Pauses Operations After Cyberattack: What You Need to Know

Catholic priest sues Grindr after data sale outed him

CERT-In says global outage being leveraged to launch phishing attacks against CrowdStrike users

CERT-In warns of phishing campaign targeting CrowdStrike users after Microsoft outage: How to stay safe online

Chrome now asking for ZIP archive passwords to help detect malicious files

CISO’s Guide to Telecom Security: Combatting Cyber Threats with Modern Intelligence

City Of Cold Lake Starts Recovery Process After Cyber Attack

Coinbase hacker jailed 3.5 years for stealing from over 500 users

Coinbase Phishing Scammer Faces Jail Term In UK

Critical Acronis Cyber Infrastructure vulnerability exploited in the wild (CVE-2023-45249)

Critical Flaw in Acronis Cyber Infrastructure Exploited in the Wild

Data Breach: US Banker Drains $2.3 Million From Customers Accounts

Data breach at Singaporean software firm impacted over 128,000 individuals

Dispossessor Ransomware Group Claims to Hack of Education and HealthCare Organizations

Enhancing threat detection for GenAI workloads with cloud attack emulation

ESXi environments targeted with new Linux variant ransomware strain

European Parliament member claims he was targeted by dangerous spyware

Fighting Fire with Fire: Using AI to Thwart Cybercriminals

French E-Commerce Website Allegedly Breached

Gh0st RAT Trojan Targets Chinese Windows Users via Fake Chrome Site

Hacker gets 3.5 years prison for $900K Coinbase login scam

Hallucination Control: Benefits and Risks of Deploying LLMs as Part of Security Processes

HealthEquity: 4.3 Million People Affected by Data Breach

HealthEquity reveals breach affected over four million people

HealthEquity says data breach impacts 4.3 million people

Hotjar, Business Insider Vulnerabilities Expose OAuth Data Risks

How France is Protecting the 2024 Olympics from Unprecedented Cyber-Attacks

Hundreds of PC models vulnerable to boot-level attacks after vendors copypaste “secret” keys

India: Government Warns Of Phishing Attack Targeting CrowdStrike Users

India’s Average Data Breach Cost $2.18 Million in 2023

India's average data breach cost topped $2 million in 2023

India's average data breach costs hit $2.18 million in 2023, up 28% since 2020

India's data breach costs surge to $2.18 million in 2023

Less Than Half of European Firms Have AI Controls in Place

Malaysian Digital Ministry To Bolster National Cybersecurity Frameworks with Data Commission

Mandrake Spyware Infects 32,000 Devices Via Google Play Apps

Microsoft 365 users targeted by phishers abusing Microsoft Forms

Microsoft outage aftermath: Block these websites now to avoid phishing attacks

New Jersey dental care practice says data breach impacted close to 75,000 patients

New Phishing Campaign Targets iPhone Users in India with India Post Lures

New Specula tool uses Outlook for remote code execution in Windows

North Korean Hacker Charged for 2022 Ransomware Attacks on US Hospitals, Data Theft From US Military

North Korean Hackers Target USA Critical Infrastructure and Military Bases

Northern Ireland: Man arrested in connection with PSNI data breach

Northern Ireland: Man in Derry arrested over probe into PSNI data breach

Pro-Ukrainian hackers claim attack on Russian cyber company

Proofpoint Email Routing Flaw Exploited to Send Millions of Spoofed Phishing Emails

Proofpoint settings exploited to send millions of phishing emails daily

Quad Talks Forge New Frontiers in Maritime Security and Cyber Defense

Ransomware Actors Exploit VMware ESXi Hypervisor Bug

Ransomware and email attacks are hitting businesses more than ever before

Ransomware attacks at all-time high, hackers have businesses, tech giants in crosshairs

Ransomware attacks directed at the Olympic ‘inevitable’

Ransomware gangs exploit VMware ESXi auth bypass in attacks

Ransomware group Cicada3301 claims responsibility for Tri-Star Display data breach

Researchers Study Evolution of Ransomware Gang UNC4393’s Campaigns After QAKBOT Takedown

Russia-Backed Brute-Force Campaign Targets Microsoft Infrastructure in EU

Scammers Exploit CrowdStrike Users Post-Outage; Indian Government Issues Phishing Alert

Security flaws discovered in a popular web analytics provider

Security vendor alarmed at Australian SMBs' willingness to pay ransomware criminals

South Korea Confronts Major Data Breach from Military Intelligence Command

'Stargazer Goblin' Creates 3,000 Fake GitHub Accounts for Malware Spread

Tenable warns of cyber-attack risks for Paris Olympics 2024 sponsors

The cost of cybersecurity burnout: Impact on performance and well-being

The Impact of Cyber Attacks on Reputation

U.S. State Department: UN cybercrime treaty must include human rights protections

uBook Database Allegedly Leaked

UK-Based Coinbase Hacker Sentenced to 42 Months in Jail

Ukraine Claims Cyber Attack Disrupted Russian ATMs and Banking System

Unveiling the Stargazer Goblin: A Closer Look at the Stargazers Ghost Network’s $100,000 Malware Operation

US Crypto Exchange Gemini Reveals Breach

UsDoD Allegedly Published CrowdStrike IoC List

USDoD Offers Over 330 Million Emails Allegedly Scraped from Socradar.io for Sale

Walmart Discovers New PowerShell Backdoor Linked to Zloader Malware

What Every Business Needs to Know About Ransomware

Why a strong patch management strategy is essential for reducing business risk

Why Biometrics are Key to a Safe Paris Olympics

XSS and OAuth Combo Threatens Millions of Users Due to Hotjar Flaw

Tuesday 23 July 2024

Ransomware Operator Claims - Week 29 2024

Welcome to last week's ROC Report, an exclusive summary of Ransomware Operator's global victims that were claimed during the period between 15th July and 21st July 2024, kindly assisted by our partners.

For further analysis on these (and any historic) Ransomware Operator Claims, including the Victim Names and Industry Sectors attacked, please use our PRiSM application.

Download PDF



Data Source: Data Breaches Digest. Flag Icons created by Freepik and provided by Flaticon.


Monday 22 July 2024

Data Breaches Digest - Week 30 2024

Welcome to this week's Data Breaches Digest, a catalogue of links concerning Data Breaches and Cyber Security that were published on the Internet during the period between 22nd July and 28th July 2024.


28th July

Crypto Exchange WazirX Outlines Path to Recovery Post-Hack, Users to Bear Part of Loss

ESET report exposes high ransomware payment inclination among Singapore SMBs

FBI Seizes Cryptocurrency Linked to North Korea Group

French Media Brand Allegedly Breached

Global outage leading to phishing attacks against CrowdStrike users

Hacker group leaks database of over 3,200 Western mercenaries fighting in Ukraine

In crypto world, the hacker is God

India: Government Agency Warns Of Phishing Attack Campaign Targeting CrowdStrike Users, Know How You Can Protect Yourself

Large-Scale Cyberattack Targets Russian Banks, Disrupts Services

Misconfigured Selenium Grid servers abused for Monero mining

North Korean indicted in US ransomware attack; $10m reward offered

Over 95GB Allegedly Stolen: Cicada3301 Targets Singapore’s Tri-Star Display

Pakistan: Cabinet Division Warns Against Hackers Using WhatsApp, Phishing Emails to Target Government Officials

Phishing Alert: Cyber Attack on Post-Outage CrowdStrike Users

Russian-Speaking Actors Account for $500M Crypto Ransomware in 2023

Russian-Speaking Hackers Dominate Ransomware Market, Report Shows

Secretive network exploits GitHub to spread malware and phishing links - nefarious actors attack from 3,000 shadow accounts

Securing the Smart Home: 7 Essential Cybersecurity Tips for Your Connected Devices

27th July

3,000 Fake GitHub Accounts Used to Spread Malware in Stargazers Ghost Scheme

Alert for Shiba Inu Holders: Key Warnings Issued, Protect Your Investments

China-Backed Phishing Attack Targets India Postal System Users

City of Columbus: Investigation continues into data breach

CrowdStrike Outage Exploited: CERT-In Warns of Phishing Attacks

Crypto Exchange Gemini Suffers Data Breach Through Third-Party Vendor

Don't Open Any CrowdStrike Repair Emails; They're All Fakes

Effective global cooperation must to track and prosecute hackers and cybercriminals

European banks gain insight from first-ever cyber stress test

FBI Seizes Cryptocurrency Linked to North Korean Ransomware

Financial Business and Consumer Solutions (FBCS) Data Breach: Number of Affected Individuals Surges to 4.2 Million

French Authorities Launch Operation to Remove PlugX Malware from Infected Systems

Generative AI: CISO’s Worst Nightmare or a Dream Come True?

Hackers Abuse Microsoft Office Forms to Launch Two-Step Phishing Attacks

Malicious PyPI Package Targets macOS to Steal Google Cloud Credentials

Russian-speaking hackers dominate ransomware attacks

Second-hand Security Risks: 7 Things to Consider When Buying Used Tech

Security Firm Alarmed to Discover Their Remote Employee Is a North Korean Hacker

South Carolina's Summerville Police claimed by rumored ALPHV/BlackCat ransomware reboot

Spytech Exposes Thousands Of Devices In Data Breach

Threat Actor Claims to Sell Data of Berkshire Hathaway Home Services

Vivamax Has Been Breached, Your Data Might Be Sold

WazirX phishing attack: lessons in crypto vigilance and security measures

WazirX to ‘socialize’ $230 million security breach loss among customers

WhatsApp for Windows lets Python, PHP scripts execute with no warning

26th July

6.8 Million Vivamax Subscribers’ Data Allegedly For Sale

Acronis warns of Cyber Infrastructure default password abused in attacks

AI-generated deepfake attacks force companies to reassess cybersecurity

Allcare Medical Management Announces Data Breach Affecting Patients of FPA Women’s Health

Alleged Sale of Lebanon Ministry of Health Data

Another European Parliament member says he's been targeted with commercial spyware

Avant Mutual outlines key steps to prevent human data breach in health sector

BMW Data Breach Exposes 14,000 Hong Kong Customers’ Personal Information

Coinbase’s UK Arm Fined £3.5 Million for Lax Anti-Money Laundering Controls

Compex Legal Services Experiences Data Breach, Leaking Consumer SSNs and Health Info

Critical Flaw in Telerik Report Server Poses Remote Code Execution Risk

Crooks exploit the CrowdStrike outage that crashed Windows systems

CrowdStrike Warns of New Phishing Scam Targeting German Customers

Crypto exchange Gemini discloses third-party data breach

Data Breach at Rhode Island Wyatt Detention Facility Estimated to Affect 20,000

Deepfake Attacks Prompt Change in Security Strategy

Despite Bans, AI Code Tools Widespread in Organizations

Fake postal messages targeting Indian users is linked to China, researchers say

Feds warn of North Korean Andariel cyber group, offer $10 million reward

Financial Business and Consumer Solutions (FBCS) data breach impact now reaches 4.2 million people

France initiates international “disinfection” to exterminate RAT prior to the Olympics

France launches large-scale operation to fight cyber spying ahead of Olympics

Gemini Cryptocurrency Exchange Files Official Notice of Third-Party Data Breach

Google Cloud targeted by PINEAPPLE and FLUXROOT for phishing attacks

Hacktivists Claim Leak of CrowdStrike Threat Intelligence

Handala Allegedly Breached Israeli Bio-Medical Firm

How Cyber Attackers Are Exploiting AI

India Confirms State-Owned Telecom Giant BSNL’s Data Breach, Millions of User Records Compromised

India Highlights Key Government’s Initiatives to Boost Cybersecurity

Infosys McCamish facing fourth class action suit over 2023 data breach

IntelBroker Offers Unauthorized Access to Popular Programming Language’s Repositories

Is your firm under attack?

Most CISOs feel unprepared for new compliance regulations

Networking Equipment Riddled With Software Supply Chain Risks

North Korean charged in cyberattacks on US hospitals, NASA and military bases

North Korean hacker indicted for allegedly extorting U.S. hospitals; agencies issue cyberthreat advisory

North Korean Hackers Target Critical Infrastructure for Military Gain

Offensive AI: The Sine Qua Non of Cybersecurity

Ongoing Cyberattack Targets Exposed Selenium Grid Services for Crypto Mining

Oxfam Hong Kong investigates potential data breach following cyberattack

Peco Foods, Inc. Notifies 48k Consumers of Recent Data Breach

Pinnacle Bank Provides Notice of Data Breach Following Compromised Employee Email Account

Progress fixes critical RCE flaw in Telerik Report Server, upgrade ASAP! (CVE-2024-6327)

Renewed call for blood donors as cyber attack effects continue to be felt

Researchers Warn of Increased Cyberterrorism Activity Targeting Paris Olympics

Rite Aid Data Breach Lawsuit Says 2.2 Million People Impacted by 2024 Cyberattack

Russian ransomware gangs account for 69% of all ransom proceeds

Saving Lives and Data: How Healthcare CTOs Can Combat Rising Cyber Threats

Secure Boot ‘PKfail’ Vulnerability Exposes Widespread Supply Chain Weakness

SeleniumGreed: The Growing Threat of Cryptomining via Exposed Selenium Grid Services

Senators to Federal Trade Commission (FTC): Car companies’ data privacy practices must be investigated

SideWinder APT Group Targets Maritime Facilities in Possible Espionage Campaign

Smishing vs. Phishing vs. Vishing: What's the Difference?

Spain Remains a Target of Alleged Cyber Attacks

Suspect Indicted in North Korea Group’s Expansive Spying Operation

Synnovis Restores Systems After Cyber-Attack, But Blood Shortages Remain

Taiwanese electronics giant allegedly suffered a ransomware attack

This AI-Powered Cybercrime Service Bundles Phishing Kits with Malicious Android Apps

Thousands of surveilled devices exposed in spyware vendor hack

U.S. Department of Justice (DoJ) Indicts North Korean Hacker for Ransomware Attacks on Hospitals

U.S. indicts, offers $10 million reward for North Korean hacker

UK hospitals' SOS amid cyber attack: 'Unprecedented' blood shortage, please help

US Charges North Korean Hacker for Ransomware Attacks on Hospitals

US grand jury indicts North Korean hacker for role in Andariel cyberattacks

US Offers $10 Million Reward for Information on North Korean Hacker

25th July

12.9 million individuals affected by MediSecure cyber breach

A Prescription for Disaster: Cyberwarfare’s Threat to Healthcare

A Threat Actor Claims to Have RCE Exploit in Albatross Protocol, Selling for $10k

Alleged data breach denied by Bullhorn

Belarus-linked hackers target Ukrainian orgs with PicassoLoader malware

Beware! Deceptive LNK Files Used in Indian Political Espionage Campaign

Chinese SMS Phishing Group Hits iPhone Users in India Post Scam

CISA Warns of Exploitable Vulnerabilities in Popular BIND 9 DNS Software

Cloud security threats CISOs need to know about

Columbus reports cyber incident as multiple cities recover from ransomware attacks

Compex Data Breach: Legal Firm Notifies Clients of Unauthorized Access to Client Data

ConfusedFunction Vulnerability Found in Google Cloud Platform - Protect Your Accounts

Critical Docker Engine Flaw Allows Attackers to Bypass Authorization Plugins

Critical ServiceNow RCE flaws actively exploited to steal credentials

CrowdStrike says hackers are threatening to leak sensitive information about adversaries

Cyber Insurance Won’t Cover Billions in CrowdStrike Losses

Cybersecurity Firm KnowBe4 Tricked into Hiring North Korean Hacker as IT Pro

Data breach exposes US spyware maker behind Windows, Mac, Android and Chromebook malware

Deleted GitHub data is forever accessible to anyone, researchers claim

Docker fixes critical auth bypass flaw, again (CVE-2024-41110)

Escalating ransomware and phishing threatening UK’s most critical industries

French police push PlugX malware self-destruct payload to clean PCs

Hacked, leaked, exposed: Why you should never use stalkerware apps

Harnessing Threat Intelligence for Competitive Advantage: Blueprint for Business Success

Hong Kong Moves Toward First Cybersecurity Legislation

How CISOs enable Identity Threat Detection and Response (ITDR) approach through the principle of least privilege

Indian Ministry of Defence (MoD) Allegedly Breached 1.8 Million Rows Exposed

Israel tried to influence WhatsApp case against Pegasus spyware maker, rights group says

Justice Department indicts North Korean military hacker for extorting hospitals, health care providers

Malware Attacks Surge 30% in First Half of 2024

Meta nukes massive Instagram sextortion network of 63,000 accounts

Meta Removes 63,000 Instagram Accounts Linked to Nigerian Sextortion Scams

Most IT Leaders Say Severity of Cyber-Attacks has Increased

National Cyber Security Centre (NCSC) and partners issue warning over North Korean state-sponsored cyber campaign to steal military and nuclear secrets

New Alleged Cyber Attacks Targeting Spanish Organizations

New Chrome Feature Scans Password-Protected Files for Malicious Content

Norfolk and Norwich University Hospitals investigating cyber attack

North Korea hackers trying to steal nuclear secrets, US and UK warn

North Korean charged in ransomware attacks on NASA, U.S. hospitals; $10 million reward offered

North Korean Hackers Shift from Cyber Espionage to Ransomware Attacks

North Korean hacking group targeted weapons blueprints, nuclear facilities in cyber campaigns

OpenAI’s SearchGPT: A Game Changer or Pandora’s Box for Cybersecurity Pros?

Phishing Attacks Hit Guernsey: Office of the Data Protection Authority (ODPA) Calls for Enhanced Cybersecurity Measures

PKfail Secure Boot bypass lets attackers install UEFI malware

Play Ransomware and LockBit Allegedly Created an Alliance

Progress warns of critical RCE bug in Telerik Report Server

RA World Ransomware Group Announced Three New Victims

Ransomware and Business Email Compromise (BEC) Make Up 60% of Cyber Incidents

Researchers Claim Anyone Can Access Deleted, Private GitHub Repository Data

Researchers Reveal ConfusedFunction Vulnerability in Google Cloud Platform

Scattered Spider Using RansomHub and Qilin Ransomware Against Victims

Security Firm Accidentally Hires North Korean Hacker, Did Not KnowBe4

Security firm experiencing nightmare after learning remote employee is North Korean hacker

SEXi/APT Inc Ransomware - What You Need To Know

The most urgent security risks for GenAI users are all data-related

Threat Actor Claims to Have Leaked Student Database of La Salle University

Two Mexican Political Parties Allegedly Breached

UK hospitals face 'unprecedented' blood shortage after cyber attack

US indicts alleged North Korean state hacker for ransomware attacks on hospitals

US offers $10M for tips on Democratic People's Republic of Korea (DPRK) hacker linked to Maui ransomware attacks

Venture Capital: The New National Security Risk

What Brands Were the Most Imitated by Cyber-criminals in Q2?

24th July

7 password rules to live by in 2024, according to security experts

140,000 US Credit Card Information is Allegedly For Sale

A secretive phishing network on GitHub is distributing malware

Activists accuse proposed UN Cybercrime Treaty of empowering surveillance, repression

AI accelerates code development faster than security teams can keep up

Alleged Access Sale for an Indian Investment Company

Biggest-ever leak of digital pirates: 10 million exposed by Z-Library copycat

BreachForums Database Allegedly Leaked

BreachForums leak lets hackers attack each other

BreachForums v1 database leak is an OPSEC test for hackers

Bullhorn Refutes Data Breach Claims, Confirms Partner Company Was Impacted

CISA Adds Twilio Authy and IE Flaws to Exploited Vulnerabilities List

CISOs, CIOs Struggle with Data Protection Challenges in AI, Cloud Era

Critical Exim Vulnerability Threatens Millions of Email Servers

CrowdStrike outage fuels rise in phishing scams

Cyber Insurance Market Evolves as Threat Landscape Changes

Cyberattacks on the Paris Olympics are inevitable, says French Prime Minister

Data breach victims increased by 490% since the first half of 2023

Docker fixes critical 5-year old authentication bypass flaw

Dorset Council put at risk of cyber attack by untrained staff

Federal Trade Commission (FTC) Fires Warning Shot at Surveillance Pricing

Global Cyber Agencies Warn of Phishing Threat Following Worldwide It Outage

Google Chrome’s New Defenses Against Malicious Downloads

Google Criticized for Abandoning Cookie Phase-Out

Google Says It Will No Longer Block Third-Party Cookies in Chrome

Hacker claims theft of Piramal Group’s employee data

Hackers Targeting Spain After the Arrest of Cybercriminals

India: CERT-In Reports Data Breach at Bharat Sanchar Nigam Ltd (BSNL)

KnowBe4 mistakenly hires North Korean hacker, faces infostealer attack

KnowBe4 Uncovers Fake Employee: How a North Korean Hacker Was Hired into the Team

Major Russian banks hit with DDoS attacks as Ukraine claims responsibility

Meow Ransomware Group Claims to Hack and Sell Data from Three Firms

Meta bans 63,000 accounts belonging to Nigeria’s sextortionist Yahoo Boys

Meta deletes 63K sextortion scam accounts from Instagram, Facebook

Microsoft Defender Flaw Exploited to Deliver ACR, Lumma, and Meduza Stealers

Middle East financial institution hit with six-day DDoS attack

Network of ghost GitHub accounts successfully distributes malware

New Phishing Scheme Combining Spear Phishing Tactics in Mass Phishing Campaigns

North Korean Hacker Attack: Disguising Work Finders To Target Mac Users With Malware

North Korean hacker masquerades as IT worker in elaborate infiltration attempt

North Korean Hackers Targeted Cybersecurity Firm KnowBe4 with Fake IT Worker

Over 3,000 GitHub accounts used by malware distribution service

Patchwork Hackers Target Bhutan with Advanced Brute Ratel C4 Tool

Philippines Shuts Down Online Gambling In Effort to Curb Financial Scamming

Popular Hamster Kombat game has become ‘ripe for abuse’ by cybercriminals, researchers warn

Red Art Games Faces Cyberattack, Customer Data Compromised

Stolen Documents From Pentagon IT Provider Leidos Leaked By Hackers

Stop following the herd to start fighting ransomware

Stormous Announced the Release of Ransomware Program Version 3

Telegram App Flaw Exploited to Spread Malware Hidden in Videos

The Importance of Dark Web Monitoring for CEOs

The Philippines: Teen hacker nabbed in General Santos City

The Russian banking system is under a cyber attack by the Ukrainian Defense Ministry's Main Intelligence Directorate

The Value in Root Cause Analysis for Vulnerability Management

WazirX Confirms INR Funds Secure Despite $230 Million Cyberattack

What Triggers a Rise in Targeted Ransomware Attacks?

Windows SmartScreen Flaw Enabling Data Theft in Major Stealer Attack

23rd July

8 Ways to Protect Your Company Against Ransomware Right Now

2024 Cyber Attacks Report Reveals Africa Was the Hardest Hit Region

Airlines forced to cancel flights after airport hacker attack

Alleged Maybank2u Database Published on a Dark Web Forum

Android Telegram users hit by zero-day exploit masquerading as “xHamster”

Anonymous hacks Israeli Security Ministry, gives it 48 hours to end war

Arisa Health Issues Notice of Data Breach Affecting an Unknown Number of Patients

BioMatrix Specialty Pharmacy Notifies Consumers of December 2023 Data Breach

BreachForums v1 hacking forum data leak exposes members’ info

Care Vision UK Database was Allegedly Leaked

China-linked Daggerfly hackers update their toolset, likely after exposure

Chinese Espionage Group Upgrades Malware Arsenal to Target All Major OS

Chinese hackers deploy new Macma macOS backdoor version

Chinese Hackers Target Taiwan and U.S. NGO with MgBot and MACMA Malware

CISA Issues Warning: CrowdStrike Outage May Lead to Phishing and Malware Attacks

CISA Warns of Phishing Scams Exploiting CrowdStrike Outage Chaos

City of Cold Lake phones, facilities down following possible cyber attack

City of Cold Lake shuts down servers following cyber attack

Class Action Lawsuit Filed Over Latest AT&T Data Breach Releasing Customers’ Phone Records

Cloud Security: How to Keep Your Data Safe in the Digital Sky

Crowdstrike outage becomes an opportunity for hackers globally

Cyber Pros Spot Spike in Malicious Activity Over CrowdStrike Outage

Cyber Security Public-Private Partnerships Are Taking Off in APAC

Cyberattack Hits Croatia's Split Airport

Data Breach at Jim Ellis Automotive Group Results in Leaked Financial Info and Consumer SSNs

DeFi exchange dYdX v3 website hacked in DNS hijack attack

Devastating ransomware attack shuts down Los Angeles County courts

Don't Panic! Phishing Scam Targets Internet Users with Fake Court Orders

Early Detection, Fewer Headaches: The Benefits of Dark Web Monitoring for CFOs

Employer Flexible Confirms Data Breach Related to myHR Platform

Enterprise software provider exposed nearly a billion records in data breach

Fake CrowdStrike repair manual pushes new infostealer malware

Federal Trade Commission (FTC) launches probe into how companies use data to tailor what each customer pays

FrostyGoop malware attack cut off heat in Ukraine during winter

FrostyGoop malware left 600 Ukrainian households without heat this winter

Google Cloud projects are being hijacked for phishing campaigns

Hackers Abusing Google Cloud For Phishing

Hackers cut heat to 600 buildings in the peak of winter

Hackers shut down heating in Ukrainian city with malware, researchers say

Hamster Kombat’s 250 million players targeted in malware attacks

Ireland: Court to get final report into alleged Independent News and Media data breach on Thursday

Largest US trial court forced to shut down following ransomware attack

Magento Sites Targeted with Sneaky Credit Card Skimmer via Swap Files

Major Tunisian internet provider leaks data of nearly half a million customers

MediSecure Data Breach Update Confirms 12.9 Million Records Stolen; Identification of Affected Individuals Difficult

Meta Given Deadline to Address E.U. Concerns Over 'Pay or Consent' Model

Meta given weeks to tell EU consumer protection authorities how it’ll fix ‘pay or consent’

Mexico’s Largest ERP Provider ClickBalance Exposes 769 Million Records

MFA Failures and Surging Ransomware Losses: What’s Going On?

National Public Database Allegedly Partially Leaked

Navigating the Rise in Cybersecurity Threats in Wake of the CrowdStrike Outage

Nearly 57,000 Michigan Medicine Patients Notified of Data Breach Following Cyberattack

New DDoS Panel “Cliver” Announced by Threat Actor

New Industrial Control Systems (ICS) Malware 'FrostyGoop' Targeting Critical Infrastructure

New phishing report names and shames Top Level Domains (TLDs), registrars

NoName pro-Russian hackers arrested in Spain, group vows retaliation

Over 750 million records exposed by ERP firm data breach - find out if you're safe

Philips Vue PACS Vulnerabilities Put Patient Data at Risk: Healthcare Sector on High Alert

Phish-Friendly Domain Registry “.top” Put on Notice

Phishers Exploit the Cybercrime Supply Chain Despite the Availability of Effective Countermeasures

Phishing, vishing, and smishing? Understanding the latest phone scams, including AI-generated voices

Play Ransomware Variant Targeting Linux ESXi Environments

Possible APT28-linked hackers target Ukraine’s scientific institutions

Privilege escalation: unravelling a novel cyber-attack technique

Prolific DDoS Marketplace Shut Down by UK Law Enforcement

Ransomware crackdown increases cyber threat fragmentation

Ransomware ecosystem fragmenting under law enforcement pressure and distrust

Real Estate Scam: Nigerian Pleads Guilty To Defrauding Prospective Homeowners, Others In US Court

Red Art Games Hit With Major Cyber Attack

Red Art Games suffers cyber-attack and personal customer information stolen

Researchers Observe Persistent Olympic Scams Ahead of Start

Russia Shifts Cyber Focus to Battlefield Intelligence in Ukraine

Russia-Linked FrostyGoop Malware Threatens Industrial Control Systems Worldwide

Security Firm Discovers Remote Worker Is Really a North Korean Hacker

Shorenstein Realty Services Notifies Consumers of Recent Data Breach

Snowflake Responds to Major Data Breach with Multifactor Authentication (MFA) Option

Split Airport after the hacker attack: We will not negotiate

Supply Chain Cyberattacks are on the Rise - Here’s How U.S. Businesses can Fortify Their Defenses

Tech giants say foreign spyware victims should be able to sue NSO Group in US

The ‘2024 Fraudlympics’ highlight rising trends in global fraud

The biggest hacker alliance so far is determined to target NATO

The changes in the cyber threat landscape in the last 12 months

The Unseen Consequences Of AT&T's Data Breach On Minority Communities

Threat Actor Claims to Have Leaked Data of Chilean People, Including 14 Million Citizens Records

Threat Actor Claims to Sell Data of India’s Largest Automobile Dealer

Top Phishing Campaigns in July 2024: SharePoint Abuse, DeerStealer, and More

TracFone to pay $16 million to settle Federal Communications Commission (FCC) cyber and privacy investigation

Trello data breach affects 15 Million users’ email addresses

U.S. Government IT services provider Leidos faces cyber attack

UK Authorities Arrest Suspected Hacker in the Scattered Spider Group Linked to MGM Attack

UK school reprimanded for unlawful use of facial recognition technology

Ukrainian Institutions Targeted Using HATVIBE and CHERRYSPY Malware

Understanding the rising threat - and cost - of ransomware

Verizon to pay $16 million in TracFone data breach settlement

Vulnerability in Telegram app for Android allows sending malicious files disguised as videos

Windows users targeted with zero-day attacks via Internet Explorer

Your Biggest Security Risk: The Insider Threat

22nd July

17-year-old arrested for role in MGM Resorts cyberattack

A majority of the Securities and Exchange Commission (SEC) lawsuit against SolarWinds has been dismissed

Ad-injecting malware posing as DwAdsafe ad blocker uses Microsoft-signed driver

Alleged Cyber Attack by Handala Group Targets Israeli Organizations After CrowdStrike BSoD’ing Incident

Australian police seize devices used to send over 318 million phishing texts

Bullhorn Database was Allegedly Breached

California officials say largest trial court in US is the victim of a ransomware attack

CISA Alert Calls Out Operating System Vulnerabilities

Critical Bazaar Vulnerability CVE-2024-40348: Directory Traversal Flaw Threatens System Integrity

CrowdStrike Incident Leveraged for Malware Delivery, Phishing, Scams

‘CrowdStrike Phishing Emails To Get Worse Before Better’
CrowdStrike warns about these phishing and fraud attempts following global outage

Crypto community alert: Turbo Toad phishing attacks and Evolve Markets security breach

Customers of PHL Variable Insurance Company Affected by Infosys McCamish Systems Announces Data Breach

Cyber-attacks Soar 30% Globally in Q2 2024

Cyberattack shuts down Los Angeles County courts for another day. Here's where things stand

Cybercriminals Exploit CrowdStrike Outage Chaos

Cybercriminals Launched Phishing Attacks After Microsoft’s Global Outage

Cybercrooks crafting solo careers in wake of ransomware takedowns

CyberSecurity Malaysia (CSM) Warns Of Imminent Phishing Threats Following CrowdStrike Disruption

Dark web shows cybercriminals ready for the Olympic Games. Are you?

Data Breach Defense Guide: Steps to Protect Yourself After a Security Incident

Data of 13 million MediSecure customers compromised in ransomware attack

Devastating ransomware attack shuts down Los Angeles County courts

Disney Slack message data breach allegedly contains 1.1TB of data

End-user cybersecurity errors that can cost you millions

Experts Expect Ransomware Surge After Police Disruption

Fake CrowdStrike Fixes Are Spreading Malware, Data Wipers

Faulty CrowdStrike Update: Hackers Exploit Situation with Phishing And Malicious Software, How To Stay Safe

Fractal ID Data Breach: 6,300 Users’ Data Leaked

Fractal ID Data Breach Caused by Vulnerability Leading Back to 2022

Good Smile Company was Allegedly Breached

Google Researchers Detailed Tools Used by APT41 Hacker Group

Greece’s Land Registry agency breached in wave of 400 cyberattacks

Greece's land registry targeted in cyberattack

Guilty plea entered by LockBit ransomware affiliates

Hacker groups found abusing Google Cloud for credential phishing

Hacker thought to be behind to MGM attack arrested by UK police

Hackers are already targeting users with fake CrowdStrike fixes - here's what we've seen so far

Hamster Kombat Players Face Phishing Attacks Through Fake Airdrop Scams

Hamster Kombat Players Targeted in Phishing Attacks: What You Need to Know

How to Prepare Your Workforce for the Deepfake Era

India’s Largest Cryptocurrency Exchange WazirX Hacked: $234.9 Million Stolen

Internet Organised Crime Threat Assessment (IOCTA) 2024 report: Law enforcement deals major blows against EU cybercrime, disrupt ransomware networks

Keystone State Tweaks its Data Breach Notification Law Again

Largest trial court in the US closes after ransomware attack, California officials say

Life360 Users Suffer Data Breach, Leak on Dark Web

Los Angeles County court system slated to reopen Tuesday after ransomware attack

Los Angeles County courts hit by ransomware attack

Los Angeles County Courts Shut Down After Ransomware Attack

Los Angeles County Superior Court closed following ransomware attack

Los Angeles County Superior Court Closed Monday Due To Ransomware Incident

Los Angeles County Superior Court closes doors to reboot justice after ransomware attack

Los Angeles County Superior Courts closed Monday due to ransomware attack

Los Angeles Courthouses Close for Ransomware Recovery

Los Angeles Superior Court shuts down after ransomware attack

Los Angeles Superior Courts closed today following ransomware attack

Malaysia: Agency warns of phishing threats after global disruption

Malicious payloads distributed via fraudulent CrowdStrike fixes

MediSecure data breach following ransomware attack affects millions of patients

Microsoft CrowdStrike outage: Malicious actors trying to exploit tech outage for their own gain

Microsoft-Crowdstrike IT outage triggers wave of phishing attacks

National Crime Agency (NCA) infiltrates DDoS-for-hire site as suspected controller arrested in Northern Ireland

New Linux Variant of Play Ransomware Targeting VMware ESXi Systems

New Play ransomware Linux version targets VMware ESXi VMs

Peruvian Taxpayers’ Data Allegedly Leaked

PINEAPPLE and FLUXROOT Hacker Groups Abuse Google Cloud for Credential Phishing

Play: Notorious Ransomware Now Has a Variant That Runs on Linux

Play Ransomware Expands to Target VMWare ESXi Environments

Police infiltrates, takes down DigitalStress DDoS-for-hire service

Popular Ukrainian Telegram channels hacked to spread Russian propaganda

Protecting Telecom Networks: CTO Strategies for Dark Web Threats

Ransomware attack keeps Los Angeles Superior Courts shuttered

Ransomware Attack On Los Angeles County Superior Court

Ransomware Attack Shuts Down Los Angeles County Courts, Halts Inmate Transfers, Evictions

Ransomware Attack Shuts Down Los Angeles Courthouses

Ransomware attack shuts down three dozen Los Angeles courts

Ransomware Attack Shutters Los Angeles County Courts

Ransomware Costs Surge: Local Governments Pay Most, IT Firms Pay Least

Ransomware Groups Fragment Amid Rising Cybercrime Threats

Ransomware Recovery Effort Cost Suffolk County $25.7 Million, Prompting Investigation

Recovery Costs for Energy, Water Infrastructure Sectors Reach $3m Yearly

Researchers discovered a new phishing kit on the dark web

Rising ransomware costs hit energy and water sectors

Russia dismisses US sanctions against members of 'Cyber Army' hacktivist group

Scammers Rush In to Exploit CrowdStrike Chaos

Second Special Educational Needs and Disabilities (SEND) data breach at Central Bedfordshire Council

ShadowRoot ransomware group targets Turkish entities

SocGholish Malware Exploits BOINC Project for Covert Cyberattacks

Spain arrests three for using DDoSia hacktivist platform

Spanish police arrest three suspects linked to pro-Moscow NoName057(16) hackers

Surge in Phishing Post-Outage: CrowdStrike Issues Warning

Teenager Connected to the Scattered Spider Cybercrime Group Arrested in the UK

Telegram Android Vulnerability “EvilVideo” Sends Malware as Videos

Telegram zero-day allowed sending malicious Android APKs as videos

Telegram zero-day for Android allowed malicious files to masquerade as videos

The cost of dealing with a ransomware attack is skyrocketing for some industries

The grim impact of ransomware attacks

The world wakes up to Crowdstrike-Windows IT outage, triggering spate of phishing attacks

Two LockBit Ransomware Affiliates Plead Guity and Face Up to 70 Years in Prison

Two Russian Men Plead Guilty in LockBit Ransomware Attacks

Two Russians Convicted for Role in LockBit Attacks

UK arrests MGM Resorts hack-linked 17-year-old

UK police arrested a 17-year-old linked to the Scattered Spider gang

UK teen arrested in connection with MGM Resorts ransomware attack

UK Teen Arrested in MGM Resorts Las Vegas Ransomware Case

US Sanctions Russian Hackers Over Infrastructure Attacks

US sanctions Russian hacktivists who breached water facilities

Uzbekistan: Court convicts 20-year-old hacker from Samarkand for defrauding businessmen via Telegram

VMware ESXi servers targeted by new Linux ransomware variant

VMware ESXi subjected to attacks with novel Play ransomware for Linux

Warning issued about phishing attacks post global tech outage

WazirX Cyberattack: $230 Million Stolen, Bounty Program Launched Amid Security Crisis

WazirX Doubles Bounty as Hacker Moves $57M in Stolen Ether; Will It Work?

WazirX hacker consolidates $57 Million ETH into new wallets

WazirX Hacker Has $5 Million Left After Dumping Uniswap, Chainlink, and Other Alts

WazirX hacker moves $2.4M more, only $5M left now

WazirX Hacker Moves $57M ETH to New Wallets as Exchange Boosts Bug Bounty Efforts

WazirX hacker moves $57M in ETH, exchange increases bounty to $23M

WazirX halts trading, announces $23 million bounty after hackers steal $234 million

WazirX Offers $23 Million to Hacker to Return Stolen Funds, Users Remain Concerned

WazirX Offers $24-Million Bounty To Recover The $230 Million Stolen In Cyber Attack

WazirX pauses trading after $230m cyber-attack loss

WazirX, Li.Fi hacks show continuing hacker threat for crypto

Whale phishing: Real estate firm loses Rs 40 lakh as cyber fraudsters pose as company director

What Goes Around Comes Around: The Resurgence of Data Breach Class Actions

What If Airtel’s Data Was Breached?: A Deep Dive into Possible Outcomes