Editor's Message

Welcome to DBD. On March 8th we celebrated our 4th Anniversary and the 1st Anniversary of our PRiSM application, officially endorsed by the SANS Institute. Despite recent personal issues that have impacted the amount of time I have been able to dedicate to both projects, I have been doing my best to keep everything as up-to-date as possible, and I would like to take this opportunity to thank everyone for their patience and support whilst I navigate through this very difficult time. Stay safe. :)

Monday 8 July 2024

Data Breaches Digest - Week 28 2024

Welcome to this week's Data Breaches Digest, a catalogue of links concerning Data Breaches and Cyber Security that were published on the Internet during the period between 8th July and 14th July 2024.

14th July

AT&T data breach exposes call records of 'nearly all' wireless customers

AT&T Paid a Hacker $370,000 to Delete Stolen Phone Records

AT&T paid big bucks to a hacker to delete stolen customer data, report claims

AT&T reportedly gave $370,000 to a hacker to delete its stolen customer data

AT&T Reportedly Pays Hacker About $400K To Wipe Stolen Data, Security Expert Says It Was 'Drop In The Ocean' For The Company: Here's Why

AT&T Reportedly Settled $370,000 Payment to Hackers to Delete Stolen Data

AT&T Shells Out $370K to Hacker to Delete Stolen Phone Records

Banks in Singapore to phase out one-time passwords in 3 months

CDK $25 million Bitcoin ransom linked to BlackSuit’s attack

CDK Global Reportedly Pays $25 Million in Bitcoin to Resolve Ransomware Attack

Data breach letter after cyber attack leaves Leicester resident 'extremely concerned'

Hacker 'subscription service' lets them steal 600,000 people's bank card details

Homoglyphs and IL Weaving Used To Evade Detection in Malicious NuGet Campaign

How to tell if your online accounts have been hacked

Indian Authorities Allege Massive Trafficking Scheme in Chinese Controlled Scam Centers

Indonesia: 86 Public Cyber Services Recover After Ransomware Hacked

Indonesia Restores 86 Public Services Post Cyberattack on Temporary National Data Center

Israeli Army Faces Unprecedented Cyberattacks During Conflict

Most Wanted Malware: How RansomHub targets Indian organizations

Rite Aid Discloses Major Data Breach After Cyberattack by RansomHub

The Evolution of Cybercrime Investigation

The Walt Disney Company Suffers 1.1TB Data Breach

Threat Actor Claims to Leak Database of 1Tx.io

Use any tools offered to monitor credit following Ticketmaster data breach, says expert

Vietnam takes measures to prevent ransomware, AI-powered attacks

13th July

AT&T and T-Mobile customers can band together to hate on the same man as hacker identity is revealed

AT&T Confirms Data Breach Affecting Nearly All Wireless Customers

AT&T customers and some non-AT&T customers text and call records were exposed in a data breach

AT&T Data Breach: How To Check If You’re Affected

AT&T data breach compromised phone records of nearly all its customers

AT&T Data Breach Hits Nearly All 127 Million Customers

AT&T Discloses Major Data Breach Affecting Millions of Cellular Customers

AT&T Discloses Massive Data Breach Affecting All Customers’ Call And Text Records

AT&T reveals data breach affecting 109 million customer accounts

AT&T’s massive data breach deepens crisis for Snowflake seven weeks after hack was disclosed

Biggest theft in history: Hacker publishes list of 10 billion passwords

Calls, texts information leaked in the AT&T data breach can be used by scammers

Consumer Alert: Another massive AT&T data breach - here’s how to protect yourself

Critical Exim Vulnerability (CVE-2024-39929) Exposes 1.5 Million Mail Servers

Cyber Security In Healthcare: How Does It Protect You And What Are The Types Of Cyber Attacks?

Data breach exposes call logs of nearly 110 million AT&T users

Disney’s Internal Slack Breached? NullBulge Leaks 1.1 TiB (1.2 TB) of Data

Financial Services Company Prudential Financial Says the February Data Breach Impacted 2.5 Million People

Florida Health Department Hit by Ransomware Attack, Sensitive Data Released on Dark Web

Hackers use Proof-of-Concept (PoC) exploits in attacks 22 minutes after release

If you’re an AT&T customer, your data has likely been stolen

Indonesia says it has begun recovering data after major ransomware attack

Indonesia tightens cybersecurity after ransomware attack

Jersey: 'Error' behind data breach at financial regulator

Major US Telecommunications Company Experiences Massive Data Breach: Call and Text Records of Almost Every Customer Exposed

Malvertising Campaign Lures Mac Users with Fake Microsoft Teams Ad

Nearly All AT&T Customers Hit with Data Breach

New Phishing Kit ‘FishXProxy’ Aims To Be ‘Ultimate Powerful Phishing Kit’

Operation BURGAZADA: Russian-Born Couple Charged with Espionage in Australia

Philadelphia data breach impacted 35,000 people - What you should know

Post-Breach Services: Protecting Your Business After a Cyber Attack

South Africa: Concern over health laboratory cyber attack

This US telecom giant sees one of biggest hacking attacks: Call, text records of “nearly all” customers exposed

Threat Actor Claims to Sell Database of SFR, France’s Third Largest Telecom

Threat Actor Offers Unauthorized Korean National Police Agency (KNPA) Access for $4000

US mobile giant AT&T suffers fresh massive data theft

12th July

5 Million Romanians’ Data is Allegedly Leaked

11 Million Dresslily User Details Allegedly for Sale on Dark Web

2022 AT&T data breach exposed most its customers to cyberattacks, company says

A Threat Actor Claims to Release More Ticketmaster Tickets, Comprising 10 Million Mail and E-ticket

Addressing Financial Organizations’ Digital Demands While Avoiding Cyberthreats

Advance Auto Parts: Data of 2.3 Million People Stolen in Breach

After AT&T data breach, expert explains what bad actors can do with your call and text history

Alabamians voice privacy concerns after AT&T data breach

Almost All of AT&T’s Wireless Customers Hacked as Snowflake Breach Snowballs

American Golf Corporation Hit by MEDUSA Ransomware, 155GB of Data Claimed Stolen

American Radio Relay League (ARRL) Confirms Data Breach: 150 Employees Affected, Offers 24 Months of Free Identity Monitoring

AT&T: ‘nearly all’ of your phone records were leaked in data breach

AT&T addressing customer data breach

AT&T Admits Data Breach Impacted “Nearly All” Customers

AT&T announces significant data breach

AT&T Breach Exposes Millions of Call and Text Records, Customers’ Data at Risk

AT&T Cell Phone Data Breach Released Nearly All Customers’ Call Records

AT&T confirms arrest in data breach of more than 110 million customers

AT&T Customers Impacted By Massive Data Breach

AT&T customers in South Florida call data breach "invasion of privacy"

AT&T Data Breach: Hackers Steal Call and Text Records for “Nearly All” Customers

AT&T Data Breach: ‘Nearly All’ Wireless Customers Exposed in Massive Hack

AT&T data breach: What users should know

AT&T data breach: Who’s at risk and what to do now

AT&T Data Breach Exposes Records of Millions: A Comprehensive Analysis

AT&T Data Breach Fallout: Watch Out for Targeted Texts, Spoofed Calls

AT&T data breach hits millions of customers. What did hackers get?

AT&T data breach hits nearly all wireless customers

AT&T data breach includes records of ‘nearly all’ cell customers

AT&T data breach leaked “nearly all” of its customers mobile numbers

AT&T Data Breach Leaks Over 109 Million Customer Accounts to Third-Party Platform

AT&T data breach update: Call and text records compromised in massive hack impacting nearly all wireless customers

AT&T discloses another massive data breach containing phone records of "nearly all" its customers

AT&T discloses data breach affecting ‘nearly all’ cellular customers

AT&T faces scrutiny over cybersecurity spending following data breach impacting 109 million

AT&T hack: ‘Nearly all' customers' call, text records exposed in data breach

AT&T Had a Big Data Breach for “Nearly All” Customers

AT&T says criminals stole phone records of ‘nearly all’ customers in new data breach

AT&T Says Data Breach Affected ‘Nearly All’ Cellular Customers

AT&T Says Hacker Stole Call, Text Records Of ‘Nearly All’ Customers

AT&T says hacker stole some data from 'nearly all' wireless customers

AT&T says hackers accessed records of calls and texts for nearly all its cellular customers

AT&T says hackers stole records of nearly all cellular customers' calls and texts

AT&T says hackers stole call records of ‘nearly all’ wireless customers

AT&T says hacker stole some data from 'nearly all' wireless customers

AT&T Says 'Nearly All' Cellular Customers Were Affected by April Data Breach

AT&T suffers another major data breach, this one affecting 'nearly all' wireless customers

AT&T's massive data breach deepens crisis for Snowflake seven weeks after hack was disclosed

Australian Defence Force Private and Husband Charged with Espionage for Russia

Car dealer software slinger CDK Global said to have paid $25M ransom after cyberattack

CDK reportedly paid $25 million to end US car dealership cyberattack: 3 things you should know

CDK says financial relief coming for ransomware outage

Clay County, Indiana, Declares Local Disaster After Cyber Attack

Clay County issues disaster declaration after ransomware attack

Clay County website provides updates on ransomware recovery efforts

ClickFix Malware Delivery Method Used in Social Engineering Campaigns

Cloud Software Firm Snowflake Linked To AT&T Customer Data Breach

Critical Exim bug bypasses security filters on 1.5 million mail servers

Critical Exim Mail Server Vulnerability Exposes Millions to Malicious Attachments

Crooks Steal Phone, SMS Records for Nearly All AT&T Customers

Crypto Investigator Warns of Hijacked Compound Finance Website and Phishing Threat

CRYSTALRAY Group Scaled Attacks To Target Over 1500 Victims Worldwide

DarkGate Malware Exploits Samba File Shares in Short-Lived Campaign

Data Belonging to XXIV Constitutional Government of Portugal is Allegedly Leaked

Data breach exposes call and text records of almost all AT&T customers

DeFi Hack Alert: Squarespace Domains Vulnerable to DNS Hijacking

DNS hijacks target crypto platforms registered with Squarespace

AT&T data breach exposes cell customers’ call and text records

Data breach exposes data of ‘nearly all’ AT&T customers

Data breach impacts most AT&T customers

Data of nearly all AT&T customers downloaded to a third-party platform in security breach

Decoding NIS2 to Secure Your Supply Chain

Details of 34 children with special needs emailed to parent in Central Bedfordshire Council data breach

Dough Finance Issues Ultimatum to Hacker After $1.8M Exploit

Five things to know about the AT&T data breach

Florida eyes prosecution after health data breach, reassures impacted Floridians

Hackers Downloaded Call Logs from Cloud Platform in AT&T Breach

Hackers leak millions of Taylor Swift, Foo Fighters, Hozier, and other e-tickets

Hackers stole call, text records of “nearly all” of AT&T’s cellular customers

Hackers stole ‘nearly all’ call logs over six months from AT&T

Here’s What AT&T Customers Impacted By the Major Data Security Breach Should Do Now

Hold the phone: AT&T reveals hack stole data of ‘nearly all’ customers in 2022

Hospitals tremble! Ransomcortex arrives. ransomware gang targeting healthcare facilities

How AT&T customers can protect themselves in the latest data breach

How to design a third-party risk management framework

How to know if you were affected by the AT&T data breach and what to do next

How to protect yourself after a data breach

Immediate Actions for AT&T Customers Following Data Breach

Indiana County Files Disaster Declaration Following Ransomware Attack

Info of 2.3+ million individuals stolen in Advance Auto Parts data breach

Internal Revenue Service (IRS) Warns Car Dealers and Sellers About Phishing Scams

iRacing hit by cyber attack as DDoS brings the game to a halt

Latest AT&T Data Breach Hits 'Nearly All' Cellular Customers: What to Know

Local sports non-profit scammed out of $27K

Lurie Children’s Hospital Sued Over January 2024 Ransomware Attack

‘Magic soap’ producer discloses data breach, but details are scarce

Man arrested for T-Mobile hack is suspected in newly-revealed AT&T data breach

Managing cyberattack fallout: Financial and operational damage

Massive AT&T Cell Phone and Text Data Breach: Should You Be Worried?

Massive AT&T Data Breach: Call and Text Records of ‘Nearly All’ Customers Compromised

Massive AT&T data breach exposes call logs of 109 million customers

Massive AT&T data breach hits 109 million customers - call logs and text messages stolen by hackers

Massive AT&T data breach impacted nearly every single customer

Massive AT&T Data Breach Impacts Nearly All Customers

Massive AT&T Hack Exposed ‘Nearly All’ Customer Phone Numbers

Massive data breach reported following Iseto malware attack

Millions of spyware customers exposed in mega data breach

Mobile surveillance software firm mSpy suffers data breach

More information regarding recent ransomware attacks

Most AT&T customers exposed in cyberattack: What you need to know

Multiple DeFi protocols targeted by wallet drainers

NATO Set to Build New Cyber Defense Center

Nearly all AT&T cell customers’ call and text records exposed in a massive breach

Nearly all customers affected by new AT&T data breach

Netgear warns users to patch auth bypass, XSS router flaws

New AT&T data breach exposed call logs of almost all customers

Patch Now! Critical Flaw Found in Palo Alto Networks Expedition Migration Tool

Personal info on the dark web: Lawsuits claim Advance Auto Parts failed to protect data for millions of customers

Philadelphia data breach may have exposed Social Security numbers: what you should know

Phone, text records from ‘nearly all' AT&T customers were hacked. Here's what to know

PruittHealth class action alleges company responsible for 2023 data breach

Ransomware-related data compromise disclosed by American Radio Relay League

Rite Aid breached (again) according to new ransomware claim

Rite Aid confirms a ‘limited cybersecurity incident’ after ransomware group claims attack

Rite Aid confirms data breach after June ransomware attack

Russia-born couple arrested in Australia on espionage charges

Snowflake Breach at Advance Auto Parts Hits 2.3 Million People

Snowflake Implements Mandatory MFA Following Major Data Breach

Squarespace crypto domains under DNS attack, lack of MFA to blame

The Sweeping Danger of the AT&T Phone Records Breach

Threat Actor Claims to Leak 1.1TB of Data on Disney’s Internal Slack

Ticketmaster Breach: Hackers Leak 10 Million ‘Unrefreshable’ Ticket Barcodes

U.S. Counties Reeling Through the Aftermath of Ransomware Attacks

Ukrainian Cybercrime Kingpin ‘Tank’ Sentenced to Two Concurrent 9-Year Prison Terms

US Health Insurance Website HealthCare.gov Hacked Again? 7,500 Users Potentially Affected

US telecom AT&T reveals large data breach from 2022

Wallets tied to CDK ransom group received $25 million two days after attack

Were your AT&T calls and texts leaked? Everything you need to know about massive data breach

What AT&T customers are advised to do following news of data breach

What AT&T customers should know about the massive call, text record hack

What the AT&T phone records data breach means for you

Zero-Trust Strategies: Paving the Way for a Secure Future & Sustainable Enterprise Growth

11th July

60 New Malicious Packages Uncovered in NuGet Supply Chain Attack

Advance Auto Parts data breach impacts 2.3 million people

Advance Auto Parts says more than 2 million impacted by data breach

AI-Driven Scam Ads: Deepfake Tech Used to Peddle Bogus Health Products

Akira Ransomware Targets the LATAM Airline Industry

Alleged Vietnam Posts and Telecommunications Group Data is For Sale

American Radio Relay League (ARRL) finally confirms ransomware gang stole data in cyberattack

Apple sends new warning about mercenary spyware attacks to iPhone users. Should you worry now?

Apple warns Indian iPhone users of possible ‘mercenary spyware’ attack

Australian Communications and Media Authority (ACMA) Investigation Uncovers Telstra's Privacy Violations Affecting Thousands

Billions of passwords leaked; Twilio experiences data breach through Authy

BlastRADIUS Vulnerability Discovered in RADIUS Protocol Used in Corporate Networks and Cloud

Change Healthcare Data Breach: Over 110 Million Potentially Affected, Free Credit Monitoring Offered

Chinese APT41 Upgrades Malware Arsenal with DodgeBox and MoonWalk

Chinese cyber agency accused of 'false and baseless' claims about US interfering in Volt Typhoon research

CISA Urges Software Makers to Eliminate OS Command Injection Vulnerabilities

Citrix, CISA and NCSC Warn of a Critical-Severity Bug in NetScaler Console

Crooks orchestrate multibillion crypto fraud schemes, torture 'dogs' with electric batons

CRYSTALRAY hacker expands to 1,500 breached systems using SSH-Snake tool

Dallas County: Data of 200,000 exposed in 2023 ransomware attack

Dallas County says 200,000 people affected in data breach

Data breach exposes millions of mSpy spyware customers

Fraud Campaign Targets Russians with Fake Olympics Tickets

‘Gay Furry Hackers’ Claim Responsibility for Heritage Foundation Data Leak, Then Disband

GitLab Patches Critical Flaw Allowing Unauthorized Pipeline Jobs

Global Crypto Exchange BitMEX Pleads Guilty to Money Laundering Violations

Hacker ‘Tank’ gets prison sentence for connections to Zeus and IcedID malware

Hacktivist Groups Target NATO Summit Amid Rising Tensions

Heritage Foundation denies hack, calls it a troll-led attention-seeking campaign

How AI helps decode cybercriminal strategies

Huione Guarantee Marketplace Exposed as Front for Cybercrime

Indiana county files disaster declaration following ransomware attack

LuLu Hypermarket Data Breach Reportedly Affects 196,000 Customers in IntelBroker-Led Cyberattack

LuluMarket Database is Allegedly Compromised

Macau government websites hit with cyberattack by suspected foreign hackers

Millions of Advance Auto Parts job applicants had their details exposed

Mining Giant Sibanye-Stillwater Confirms Cyber Attack; Swift Action Limits Operational Impact

Most Websites and Apps Use Dark Patterns to Cheat Consumers

NATO members commit to creating new cyber center in Belgium

NATO to create its own cyber defense center

New FishXProxy Phishing Kit Lowers Barriers for Cybercriminals

New FishXProxy Phishing Kit Making Phishing Accessible to Script Kiddies

New Poco RAT Targets Spanish-Speaking Victims in Phishing Campaign

Online PDF maker leaks user-uploaded documents

Palo Alto Networks Patches Critical Flaw in Expedition Migration Tool

PHP Vulnerability Exploited to Spread Malware and Launch DDoS Attacks

Ransomware Surges Annually Despite Law Enforcement Takedowns

Researchers Observe Improvements in ViperSoftX Info-Stealing Malware Distributed Through eBooks

SiegedSec Disbanded

SiegedSec Hacks Heritage Foundation; Leaks Data Over “Project 2025”

Signal downplays encryption key flaw, fixes it after X drama

Strengthening cybersecurity preparedness with defense in depth

Survey Sees Modern CISOs Becoming More Comfortable With Risk

The Global Epidemic of Crypto Scams: A Deep Dive into Pig Butchering and Huione Guarantee’s Role

The Heritage Foundation Hacked, Users Should Reset Passwords

The Team Sport of Cloud Security: Breaking Down the Rules of the Game

Threat Actor Claims to Sell 0day (Preauth RCE) for Netgear Orbi

Threat Actor Claims to Sell 1.6 Million Users Data of Sede Electrónica de la DGT

Threat Actor Claims to Sell SQL Injection Vulnerability for phpBB

Using Authy? Beware of impending phishing attempts

Valuable insights for making the right cybersecurity decisions

10th July

3 Ways to Achieve Zero-Trust With Your Privileged Access Management (PAM) Strategy

7.64 Million Individuals Impacted in Evolve Bank Ransomware Attack

10 Billion Passwords Leaked on a Hacker Forum

33 million Authy users exposed in authentication app's own security nightmare

73% of security pros use unauthorized SaaS applications

A hacker posted nearly 10 billion passwords online - likely the biggest leak ever

A vulnerability was discovered in an NSA SkillTree training platform

Affected by Change Healthcare/United Health data breach? You’re eligible for free credit monitoring

Alert: New Phishing Scam Targets iPhone Apple IDs – Steps to Secure Your Data

Alleged Data Leak from Football Federations of Tenerife and Las Palmas

Alleged Leak of Indonesian Government Employee Data

Alleged Microsoft Data Breach Published on a Dark Web Forum

Angel One Data Breach: Investors' data leaked?

Angel One data breach affects 7.9 million customers

Angel One denies claims of a recent new data breach

Angel One takes steps to handle data breach

Angel One's data breach dates back to April 2023, company clarifies

Apple Issues Urgent Warning to iPhone Users Amid Rising Phishing Attacks

Apple Provides Tips on Protecting Your Apple ID and Avoiding Phishing Scams

Apple Users Targeted in Massive Cyber-Attack Scam

Apple warns against phishing scams; Here’s how you can safeguard yourself

Apple warns iPhone users in 98 countries of spyware attacks

Apple warns users to take these steps amid alarming uptick in phishing cyberattacks

Australia accuses China-backed hacker group of breaching government networks

Australia Accuses China-Backed Hacker Group Of Stealing User Data

Australian government accuses China-backed hacker group of stealing passwords, usernames from unnamed networks

Beijing accused of misusing Western research to claim Volt Typhoon is a ransomware group

Blast-RADIUS Vulnerability Affects Widely-Used RADIUS Authentication Protocol

Breaking Down Microsoft’s July 2024 Patch Tuesday: Zero-Days and New Features

Cancelled appointments top 6,000 but NHS claims most services now ‘near normal’ after cyberattack

China disputes ‘smear and frame’ cyber attack report

CISA Adds Critical Zero-Day Vulnerabilities from July 2024 Patch Tuesday to Exploited List

CISA urges devs to weed out OS command injection vulnerabilities

Cisco Talos details latest tactics employed by prolific ransomware groups

City of Philadelphia Data Breach: 35,881 Affected, Including Maine Residents

Clay County Court shutdown extended due to cyber attack

Debt collection agency Financial Business and Consumer Solutions (FBCS) says February data breach impacted over 4m customers

Debt collection agency says data breach affected more than 4 million people

Deepfake Threats and Biometric Security Vulnerabilities

Details of REvil ransomware gang’s attempt to bribe Tesla employee revealed in trial

Did you get a text about an unpaid parking ticket? Philadelphia Parking Authority (PPA) warns of phishing scam

Diversifying cyber teams to tackle complex threats

Evolve Bank Data Breach: 7.6 Million Individuals’ Data Exposed

Evolve Bank says May data breach compromised the data of over 7.6m customers

Evolve Bank suffer major data breach, security flaws exposed

Evolve Bank’s Investigation Finds LockBit’s Attack Impacted Over 7.6 Million Americans

Evolving ransomware attack techniques examined

Expensive aftermath - $6.75 million fine after a successful ransomware attack

Federal Trade Commission (FTC) audit of websites and apps finds three-fourths use dark patterns to trick consumers

Federal Trade Commission (FTC) study finds ‘dark patterns’ used by a majority of subscription apps and websites

Finland: Police detain suspect in Traficom data breach case

Five Eyes Alliance Accuses Chinese APT40 for Hacking Government Networks

Florida continues grappling with cyber attack impacting birth, death certificates

Florida Department of Health grapples with fallout from 'potential cyber incident'

Florida’s Health Department hit by ‘temporary outage’ following cyberattack

Free Credit Monitoring Offered to Pennsylvanians After Data Breach

Free credit-monitoring, ID-protection services offered in wake of health-data breach

Fresh Neiman Marcus Data Breach Claims: Threat Actor Targets Celebrities, Demands $1M Ransom

Fujitsu Announces Data Breach May Have Leaked Customer Details

Fujitsu Cyber Attack: Customers’ Personal Information Exposed

Fujitsu Data Breach: No Ransomware, But Advanced Attack Evades Detection

‘Gay furry hackers’ steal data from right-wing think tank in massive anti-Project 2025 cyber attack

Gay furry hackers strike massive cyber attack against US far-right Project 2025

GitLab: Critical bug lets attackers run pipelines as other users

Google and Apple Move to Strengthen User Protections

Hacker Leaks Thousands of Microsoft and Nokia Employee Details

Hackers impersonate live chat support agents in new phishing scam

'Happened in 2023': Angel One responds to report of data leak of 8 million users

Heritage Foundation leak threatens members’ passwords

Houthi-Deployed Android Surveillance Tool ‘GuardZoo’ Targeted Middle Eastern Militaries

How companies increase risk exposure with rushed LLM deployments

How credit monitoring can protect consumers in the wake of a data breach

HuiOne Guarantee: The $11 Billion Cybercrime Hub of Southeast Asia

Huione Guarantee exposed as a $11 billion marketplace for cybercrime

Inside the crypto war room: How a whitehat hacker helped recover $450 million

iPhone, iPad, Mac, Macbook Users Alert: Apple Shares Crucial Tips To Avoid Phishing Scams

Japan warns of attacks linked to North Korean Kimsuky hackers

Kaspersky exposes advanced phishing techniques to bypass two-factor authentication

Malware campaign targets Spanish-speaking individuals

Malware that is 'not ransomware' wormed its way through Fujitsu Japan's systems

Massive Data Breach Could Affect One-Third of U.S. Residents

Microsoft China Bans Employees from Using Android Phones; Shift to iPhones Over Security Concerns

Microsoft emails that warned customers of Russian hacks criticized for looking like spam and phishing

Microsoft Employee Information Leaked After Third-Party Data Breach

Microsoft Fixes Four Zero-Days in July Patch Tuesday

Microsoft Outlook Faced Critical Zero-Click RCE Vulnerability

Microsoft Patch Tuesday: Microsoft Patches 142 Critical Vulnerabilities

Microsoft's July Update Patches 143 Flaws, Including Two Actively Exploited

Most Security Pros Admit Shadow SaaS and AI Use

NetOne Employees Share Sensitive Information With Hacker

New Jersey Consumers Who May Have Been Affected by Change Healthcare Data Breach Should Act Now to Protect Their Information

New OpenSSH Flaw (CVE-2024-6409) Hits Red Hat Enterprise Linux 9

New OpenSSH Vulnerability Discovered: Potential Remote Code Execution Risk

New Phishing Scheme in Philadelphia, Fake Philadelphia Parking Authority (PPA) Parking Ticket Notices Alert

New Ransomware Group Exploiting Veeam Backup Software Vulnerability

Nigeria’s IT, Telecom Services at High Risk Amid Surge in Ransomware Attacks, Warns ngCERT

Nigerian agency says it’s working to protect cloud providers from ransomware attacks

Nigerian cloud provider hit with ransomware attack as government agency works to “swiftly resolve incident”

Nigerian Computer Emergency Response Team (ngCERT) Tackles Ransomware Outbreak Targeting Nigerian Cloud Services

Nigerian Government Raises Alarm Over Surge in Ransomware Attacks

Nokia Faces Data Breach Allegations: 7,622 Employee Records Reportedly Compromised

'Personal assistant and a watchdog': How credit monitoring works after a data breach

Personal data of nearly 8 million Angel One customers leaked online

Philadelphia Parking Authority says scammers are sending texts about fake unpaid tickets

Ransomware Attack Strikes Nigerian Cloud Service as ngCERT Intervenes to Resolve Crisis

Ransomware attacks: warning over 'Volcano Demon' scam where victims are harassed with 'threatening' calls

Ransomware crews investing in custom data stealing malware

Ransomware Groups Prioritize Defense Evasion for Data Exfiltration

Ransomware threat: Phobos Group targets Nigeria’s critical cloud providers

Resources for Arkansans affected by data breach

Roblox developer conference attendees impacted by a data breach

‘RockYou2024’: Nearly 10 BILLION Unique Plaintext Passwords Leaked

Russian researchers identify alleged Ukrainian developer of malicious remote access tool

SaaS Security in Europe: A Report Card

Scammers harness AI and deepfakes to sell bogus ‘miracle cures’ on Meta platforms

Securing Kubernetes: The Risks Of Unmanaged Machine Identities

Smishing Triad Targets India with Fraud Surge

Speculation Surrounds Arabian Travel Agency Hack: Threat Actor Claims Air India Data Breach

Strengthening business defenses: A guide to cybersecurity awareness training

Tackling the human element in modern authentication: the phishing-resistant user

These banks to retire one-time passwords for customers with digital tokens

Threat Actor Claims Data Breach at Microsoft Exposing Records of 2,073 Employees

Threat Actor Claims to Sell Customer Database of Neiman Marcus

Threat Hunting in Smart Security Orchestration, Automation, and Response (SOAR)

Ticket Heist network of 700 domains sells fake Olympic Games tickets

Ticketmaster alerts Canadian customers of data breach

Ticketmaster Data Breach Exposes Millions, Underscores the Critical Need for Cybersecurity

Ticketmaster data breach uncertainty

Ticketmaster tickets leaked for Taylor Swift concerts and more

Top 9 phishing scams to watch out for in 2024

Top Ransomware Tactics, Techniques and Protocols (TTPs) Exposed

U.S. Healthcare Organisation Fined Nearly US$1bn Over 2017 Ransomware Incident

UAE’s Lulu Hypermarket Data Breach: Hackers Claim Millions of Customer Records

UK privacy watchdog grapples with backlog of fines, reprimands following election

Unsecured Database Exposed 39 Million Sensitive Legal Records Online

ViperSoftX malware covertly runs PowerShell using AutoIT scripting

ViperSoftX Malware Disguises as eBooks on Torrents to Spread Stealthy Attacks

Windows MSHTML zero-day used in malware attacks for over a year

Zero-day patched by Microsoft has been exploited by attackers for over a year (CVE-2024-38112)

Zimbabwe: Netone Employees in court for sharing company’s sensitive information with a hacker

9th July

65% of organizations cite data loss as top risk of unauthorized tools

A decade of global cyberattacks, and where they left us

Alabama education leaders give update on data breach

Alabama State Department of Education getting ‘more reports’ on data breach

Analyzing Ticketmaster Sample Data Breach: Key Insights and Implications

Apple Gives Tips on Avoiding Phishing Scams Amid Warnings of New SMS Threat

Apple IDs Targeted Through SMS Phishing Cyberattacks

Australia Launches Cybersecurity Initiative Across Commonwealth Agencies

Australia warns Chinese state security hackers are exploiting end-of-life home routers

Avast Provides DoNex Ransomware Decryptor to Victims

Avast released a decryptor for DoNex Ransomware and its predecessors

Banks in Singapore to Strengthen Resilience Against Phishing Scams

Change your password now as hacker leaks nearly 10 billion passwords

China-Backed Threat Group Rapidly Exploits New Flaws: Agencies

Chinese APT40 group swifly leverages public Proof-of-Concept (PoC) exploits

Chinese APT40 hackers hijack SOHO routers to launch attacks

Chinese State Actor APT40 Exploits N-Day Vulnerabilities “Within Hours”

Chinese threat group APT40 targeting end-of-life devices, agencies warn

City of Philadelphia says over 35,000 hit in May 2023 breach

Concern for Alabama teachers grows as data breach investigation continues

Conditioned Air Informs Consumers of Data Breach That Leaked Their SSNs

Critical vulnerability in the RADIUS protocol leaves networking equipment open to attack

Cyber Crime Group Provides Ransomware Decryptor to Indonesian National Data Center for Free, Asks for Donations

Cyber-Attack on Evolve Bank Exposed Data of 7.6 Million Customers

Cybersecurity Agencies Warn of China-linked APT40's Rapid Exploit Adaptation

Data Breach: US Bank Executive Steals $250,000 Directly From Customers

Data Breach at SouthCoast Medical Group Leaks Patient Information

Data breach at Ticketmaster may have resulted in personal information stolen

Data Breach-Borne Identity: The Misdirection Of Cyber Espionage - And What CIOs Can Do About It

DaVita Issues “Notice of Data Breach” After Confirming Pixels Relayed Sensitive Consumer Information to Third Parties

Debt collection agency says data breach affected more than 4 million people

Eldorado ransomware-as-a-service gang targets Linux, Windows systems

Eldorado ransomware campaign found targeting Windows and Linux systems alike

Eldorado Ransomware Cruises Onto the Scene to Target VMware ESXi

Eldorado Ransomware Strikes Windows and Linux Networks

Eldorado Ransomware Targeting Windows and Linux with New Malware

Elite Fitness hit by ransomware attack

Europol Expert Platform Data Breach Claimed by Hacker IntelBroker

Evolve Bank: Ransomware Hackers Stole Data From 7.6 Million Users

Evolve Bank Data Breach Impacts 7.6 Million People

Evolve Bank says data breach impacts 7.6 million Americans

Evolve Bank says ransomware gang stole personal data on millions of customers

Evolve hack impacts 7.6 Million people, including Wise customers

Florida Governor Vetoes Cybersecurity Data Breach Immunity Bill: 4 Things Businesses Can Do to Prevent Data Breach Claims

Formula One governing body FIA reveals customer data breach

Frankfurt University Faces Major Cyberattack, IT Systems Disabled

Frankfurt University shuts down IT systems, elevators following “serious hacker attack”

Fraud alert: Philadelphia Parking Authority (PPA) issues phishing scam alert regarding supposed unpaid tickets

Fujitsu confirms customer data exposed in March cyberattack

General Motors reports “suspicious activity” within certain GM accounts

GuardZoo Malware Targets Over 450 Middle Eastern Military Personnel

GuardZoo spyware used by Houthis to target military personnel

Hackers Exploiting Jenkins Script Console for Cryptocurrency Mining Attacks

Hackers target WordPress calendar plugin used by 150,000 sites

Health Savings Account (HSA) administrator discloses healthcare data breach

Health tech company HealthEquity says vendor data breach compromised customer records

HealthEquity data breach exposes protected health information

Human Intelligence (HUMINT): Diving Deep into the Dark Web

Indian telecom giant Airtel rubbishes data breach allegations

Just a Fifth of Manufacturers Have Strongest Anti-Phishing Protection

Liberia’s leading environmental news platform under cyber-attack

LockBit 3.0: The Rising Costs of Ransomware Attacks

Microsoft could be forced to pay huge fine for breaches by its subsidiary

Microsoft fixes two zero-days exploited by attackers (CVE-2024-38080, CVE-2024-38112)

Microsoft fumbles data breach notification

Minimize Data Breaches with Planning, Transparency and Technology

MONTI Ransomware Targets New York Orthopaedic Center Excelsior Orthopaedics

NATO Faces Escalating Cyberthreats: From Espionage to Disinformation

Nearly 10 Billion Passwords Leaked in Biggest Compilation of All Time

Nearly 10 billion stolen passwords were leaked on a hacker forum

Neiman Marcus Notifies Consumers of Data Breach

New Blast-RADIUS attack bypasses widely-used RADIUS authentication

New Golang Botnet “Zergeca” Discovered, Delivers Brutal DDoS Attacks

New group exploits public cloud services to spy on Russian agencies

New Techniques, Same Threat: APT40 Adapts Tactics for Broader Attacks

NHS cybersecurity still lacking, expert warns

0ktapus Phishing Campaign Targets Multi-Factor Authentication Systems

Patelco Credit Union banking services outage grinds on after last week's ransomware attack

Pinnacle Orthopaedics Provides Official Notice of April 2024 Data Breach

Principal Life Insurance Customers Affected by Massive Data Breach at Infosys McCamish

RADIUS Protocol Vulnerability Exposes Networks to MitM Attacks

Ransomware Gang Leaks Data Allegedly Stolen from Florida Department of Health

Researchers Crack DoNex Ransomware Encryption with Flaw in Cryptographic Schema

Researchers Decrypted DoNex Ransomware And It’s Rebranded Versions

REvil Ransomware Trial: Tesla Bribe Attempt Detailed, Russia Reduces Charges

Rhysida Ransomware Group Claims Attack on MYC Media, Demands Bitcoins

Roblox reveals data breach that may have affected some of its biggest fans

Roblox third party suffers data breach, conference attendees affected

RockYou2024: Hacker Releases Nearly 10 Billion Passwords in Massive Leak

Russia-linked cybercrime syndicate shuts down Indiana county for a week

Shady Chinese government-backed hacker group is unmasked - as authorities issue dire warning: 'Ongoing threat'

Shopify says customer data breach occurred via a hacked third party application

SiegedSec Claims to Major Cyberattack on Amplify AI, Revealing High-Profile Clients

Spyware attributed to pro-Houthi hackers used against militaries across Middle East

The Evolving Threat Landscape – From Ransomware to State-Sponsored Espionage

The Washington Times Allegedly Targeted in Cyberattack by SN Blackmeta

Threat Actor Claims Massive Data Breach at Angel One, Exposing Millions of User Records

Threat Actor Claims to Leak Database of PT Tekno Mandiri Abadi

Threat Actor Claims to Leak Nokia Employee Data from Third Party Breach

Threat Actor Claims to Sell Credit Suite Database with Comprehensive Company and Financial Information

Ticketmaster: Data breach has affected at least 500 Rhode Islanders

Ticketmaster Claims Taylor Swift Eras Tour Tickets Are Safe Following Data Breach - But the Hackers Say Otherwise

Ticketmaster Extortion Continues, Threat Actor Claims New Ticket Leak

Ticketmaster finally notifies customers, omits important details

Ticketmaster notifies Canadian customers of May data breach

Ticketmaster tickets for 154 major concerts leaked

Ticketmaster warns customers of credit card data breach

Trojanized jQuery Infiltrates npm, GitHub, and CDNs: Thousands of Packages at Risk

Trojanized jQuery Packages Found on npm, GitHub, and jsDelivr Code Repositories

WhatsApp Android Users in India Targeted by Regional Transport Office Phishing Scam

8th July

5 Key Questions CISOs Must Ask Themselves About Their Cybersecurity Strategy

10 Billion Passwords Leaked on Hacking Forum

995 crore passwords leaked in ‘world’s largest’ data breach

A hacker posted 10 billion passwords - probably the biggest leak ever

A Threat Actor Claims to Release More Ticketmaster Tickets, Posted New Ransom Demand

Alabama education department still impacted by thwarted ransomware intrusion

Alleged NATO Data Breach: 643 CSV Files with User Data and Server Details Leaked

Attacks with new Mallox ransomware version aimed at Linux

Attention iPhone users: A new SMS attack could steal your Apple ID credentials

Avast releases free decryptor for DoNex ransomware and past variants

Avast secretly gave DoNex ransomware decryptors to victims before criminals vanished

CISA director says banning ransomware payments is off the table

Cisco Warns regreSSHion Vulnerability Impacts Multiple Products

Close to 10 Billion Passwords Exposed in Possibly the Biggest Leak Ever

CloudSorcerer APT Targets Russian Government for Stealthy Espionage

CloudSorcerer hackers abuse cloud services to steal Russian government data

Computer maker Zotac exposed customers' RMA info on Google Search

Critical Unpatched Flaws Disclosed in Popular Gogs Open-Source Git Service

Crypto Hack Uno Reverse as Notorious Phishing Group Loses $30K

Crypto Thefts Double to $1.4 Billion

Cyber budgets year-over-year have increased by 59%

Dark Web Malware Logs Expose 3,300 Users Linked to Child Abuse Sites

Data breach claims rejected by Shopify

Data Breach Exposes Roblox Creators' Personal Info

Decryptor for DoNex, Muse, DarkRace, (fake) LockBit 3.0 ransomware released

Did Russia Cyber Army Team Target Liechtenstein Telecom? Website Down, Cause Unclear

DoNex ransomware decoded: How to use Avast decryptor

Eldorado Ransomware Affects VMware ESXi, Windows VMs

Elite Fitness hit by DragonForce cyber attack, customer data stolen

Experts Warn of Mekotio Banking Trojan Targeting Latin American Countries

Formula 1 (F1), World Rally Championship (WRC) governing body discloses data breach

Hacker stole internal details from OpenAI in 2023 breach

Hacker stole OpenAI secrets, sparking internal feuds

Hackers leak 39,000 print-at-home Ticketmaster tickets for 154 events

HC3 warns sector of critical MOVEit cybersecurity vulnerabilities

Hong Kong Monetary Authority (HKMA) Warns Public About Fraudulent Website and Phishing Emails Linked to China CITIC Bank International

How and why LockBit hacker group that was brought down by agencies of 10 countries may be back in more ‘dangerous’ form

How nation-state cyber attacks disrupt public services and undermine citizen trust

Human Vigilance is Required Amid AI-Generated Cybersecurity Threats

IoT Vulnerabilities and BotNet Infections: What Executives Need to Know

jQuery Attack Hits NPM and GitHub; Can Extract Web Form Data

London NHS battles cyber attack fallout

LulzSec Black and Moroccan Soldiers Launch Major Attacks on Turkish Infrastructure

Major ISP Accused of Mass Malware Attack on Customers

Mekotio Trojan Targets Latin American Banking Credentials

Microsoft-owned adtech Xandr accused of EU privacy breaches

Microsoft’s breach notification emails end up in spam folder

Monroe County government experiences temporary cyber attack, officials say

NATO summit highlights constant cyber threat facing alliance

Nearly 800,000 affected by children’s hospital ransomware attack

Neiman Marcus data breach: 31 million email addresses found exposed

New ‘Act 33’ Pennsylvania Law Mandates Stricter Protection for Victims Of Data Breaches

New APT CloudSorcerer Malware Hits Russian Targets

New APT Group "CloudSorcerer" Targets Russian Government Entities

New cyberattack targets iPhone Apple IDs. Here's how to protect your data

New Ransomware-as-a-Service 'Eldorado' Targets Windows and Linux Systems

New ransomware group Eldorado targets mainly US organizations

NHS England shares impact on appointments and procedures for South East London cyber attack

NHS ‘Highly Vulnerable’ to Cyberattacks After Major Ransomware Hit

OpenAI failed to report a major data breach in 2023

OpenAI Secrets Stolen in 2023 After Internal Forum Was Hacked

OpenAI suffered External Attack and Data Breach Last Year

Organisations grapple with ransomware threats as cyber attacks increase

'Out-of-date IT system leaves NHS open to cyber attacks'

Over 6,000 operations and appointments delayed by London cyber attack

Pancake Bunny hacker siphons $2.9M of Ether through Tornado Cash

Patelco announces ransomware attack

Patelco stabilizes network, ‘marching' toward recovery from cyberattack

PayPal ‘Phishing’ Scam Alert

Philippine lawmakers grill health agency executive over breach affecting 42 million people

Ransomware Attack Hits Florida Department of Health

Ransomware Attacks on Manufacturers Increasing

Ransomware hits CDK Global, public sector targets in June

RCE bug in widely used Ghostscript library now exploited in attacks

Roblox vendor data breach exposes developer conference attendee info

‘Serious hacker attack’ forces Frankfurt university to shut down IT systems

Shopify Denies Data Breach, Points Finger at Third-Party App

Shopify points to third-party app for data breach

Social engineering attacks take center stage on Amazon Prime Day 2024

South Africa national lab says ransomware recovery to last until mid-July

STORMOUS Ransomware Group Claiming Breach of HITC Telecom

Symantec Discovers New SMS Phishing Campaign Targeting Apple IDs: How to Protect Yourself From It

Synnovis Ransomware Cyber Attack Caused by Trilogy of Issues

TeamViewer: Network segmentation hobbled Midnight Blizzard’s attack

Ten billion passwords dumped on hacker forum BreachForums

Threat Actor Claims to Sell Access and Database for EmploiPartner.com

Threat Actor Claims to Sell Database of SpiderOak

Ticketmaster denies data breach could result in replicated tickets for Taylor Swift shows

Ticketmaster downplays alleged ShinyHunters hack of Taylor Swift tickets

Ticketmaster Hackers Leak 30K Ticket Barcodes, Share Counterfeit Tutorial

Ticketmaster says customers' credit card information affected by data breach

Trust in telecoms providers crucial amid cyber security threat

Twilio Data Breach That Exposed 33 Million Authy Phone Numbers Caused by Unsecured API Endpoint

Unconfirmed: NoName Targets Denmark & Finland in Retaliation for NATO Support

Understanding an 0ktapus Phishing Campaign

Victims of cyber extortion and ransomware increase in 2024

What's the Best Strategy for Exploiting Flaws in Ransomware?

Why the Zotac data breach is such a huge concern