Editor's Message

Welcome to DBD. On March 8th we celebrated our 4th Anniversary and the 1st Anniversary of our PRiSM application, officially endorsed by the SANS Institute. Despite recent personal issues that have impacted the amount of time I have been able to dedicate to both projects, I have been doing my best to keep everything as up-to-date as possible, and I would like to take this opportunity to thank everyone for their patience and support whilst I navigate through this very difficult time. Stay safe. :)



Monday, 15 July 2024

Data Breaches Digest - Week 29 2024

Welcome to this week's Data Breaches Digest, a catalogue of links concerning Data Breaches and Cyber Security that were published on the Internet during the period between 15th July and 21st July 2024.


21st July

Beware Grand Theft Auto Fans! Fake GTA VI Beta Download Spreads Malware

Beware of phishing threats following CrowdStrike global disruption

Canadian Oil and Gas Sector Under Threat: Government Calls for Urgent Action on Cybersecurity

CrowdStrike glitch: New Zealand cyber experts warn of scams and phishing

CrowdStrike users should be vigilant about phishing scams after global tech outage

CyberSecurity Malaysia (CSM) Warns Of Phishing Scams Masquerading As CrowdStrike

Fake CrowdStrike fixes target companies with malware, data wipers

Fake Hot Fix for CrowdStrike ”crowdstrike-hotfix.zip” Spreads Remcos RAT

Global Tech Outage Sees Rise in Phishing Schemes, Officials Warn

How to Protect Yourself From Scams Following the CrowdStrike Microsoft IT Outage

Increase in phishing possible amid global outage recovery with scammers posing as tech specialists

Japan police step up vigilance after 'BlackSuit' hackers target media giant Kadokawa

Joint Research by FCRF and mFilterit Reveals Phishing Attacks Targeting CrowdStrike Customers

Los Angeles County Courthouse Closed Monday to Recover from Ransomware Attack

Los Angeles County Superior Court closed on Monday to recover from ransomware attack

Los Angeles Superior Court’s Computer Systems Still Offline After Ransomware Attack

Phishing scams follow cyber outage

Ransomware attack shuts down Los Angeles Superior Court systems

Scammers target Paris Olympics fans amid surge in phishing attacks

Service disruptions of the Los Angeles County Superior Court

Spanish Police Arrests Three Suspects Linked to NoName057(16) Attacks

Threat Actor Claims to Have Leaked Data of L’OrĂ©al, Including 5,110 Employees Data

Ukraine: cyber attack on over 270 Telegram channels, the posts called for people to "lay down their weapons"

Uzbekistan: Hacker deceives prominent businessmen in Samarkand

WazirX halts trading after $230 million ‘force majeure’ loss

WazirX Offers $23 Million Bounty to Hacker After $235 Million Breach

20th July

2 Foreign Nationals Plead Guilty in Lockbit Ransomware Case

17-Year-Old Linked to Scattered Spider Cybercrime Syndicate Arrested in U.K.

Arrest made in MGM Resorts $100 Million Hacking Attack

Beware: Cybercriminals Cash in on Blue Screen of Death (BSOD) Outage with Phony Crowdstrike Fixes

California officials say largest trial court in US victim of ransomware attack

Chinese-Linked Threat Actor ‘Ghost Emperor’ Returns With Demodex Rootkit

Could Blockchain Have Prevented AT&T Data Breach?

CrowdStrike IT outage: Scam warning after phishing increases as ‘malicious cyber actors’ take advantage

Cyber Security Agency of Singapore (CSA) warns CrowdStrike users of phishing scams after global tech outage

Cybercriminals Exploit CrowdStrike Update Mishap to Distribute Remcos RAT Malware

Cybercriminals target Hamster Kombat gamers with phishing scams

Disney probes data breach by Russian hacktivist group Nullbulge

Fake Websites, Phishing Surface in Wake CrowdStrike Outage

Fractal ID data breach traced to 2022 hack of employee who reused password

Hackers exploit CrowdStrike outage as passengers and patients urged to be wary

Increased ransomware threat for hospitals and healthcare providers prompt promises of EU action

India's biggest crypto exchange WazirX loses nearly half its reserves

Los Angeles County Superior Court hit by ransomware attack

Los Angeles County Superior Court System Reveals Ransomware Attack

Los Angeles Superior Court victim of ransomware attack, not thought related to CrowdStrike outage

Malaysia: Be alert for phishing and malware, warns MyCERT after IT outage

Malaysia: MyCERT Issues Alert On Increased Phishing Attacks Exploiting CrowdStrike Incident

Malaysia: MyCERT issues alert on phishing, malware exploiting CrowdStrike incident

Malaysia: MyCERT warns of phishing attacks milking CrowdStrike chaos

Malaysia: MyCERT warns of phishing attacks taking advantage of CrowdStrike chaos

Nigeria: Data Breach - Meta Set To Appeal $220m Fine By Federal Competition and Consumer Protection Commission (FCCPC)

Nigeria Imposes US$220 Million Fine on Meta for Data Breach

Ongoing Phishing Campaign Targeting CrowdStrike Users

Ongoing phishing scam reportedly targeting affected CrowdStrike users, SingCert urges vigilance

Pennsylvania Turnpike Officials Warn Of Another Phishing Scam

Phishing Attacks Take Lead Amid WazirX Hack, CoinDCX CEO Issues Dire Warning

Phishing attempts rise as scam artists try to exploit the CrowdStrike global tech outage

Ransomware assaults are becoming increasingly expensive, with government entities bearing the brunt of this cost

Russian nationals plead guilty to participating in the LockBit ransomware group

Safety Gear Giant Cadre Holdings Reports Cybersecurity Breach

Scam warning as fake emails and websites target users after outage

Singapore Cyber Emergency Response Team (SingCERT) warns of ‘ongoing phishing campaign’ targeting those hit by global IT outage by offering help

Singapore Cyber Emergency Response Team (SingCERT) warns users against phishing attacks exploiting global CrowdStrike outage

South Korea: Top Entertainment Agency Issues Notice Warning Fans Of Phishing Scammers

Spain arrested three people after the cyber attack on countries supporting Ukraine

Suspicious Domains Emerged After Faulty CrowdStrike Update

Teenager nabbed in the UK in connection with ransomware attacks against US firms

The price of ransomware attacks is skyrocketing and government agencies are paying the most

Threat Actor Claims to Sell Data of Active Duty Personnel from Three US Military Branches

Three 'pro-Russian' hackers arrested in Spain over cyberattacks

UK arrests suspected Scattered Spider hacker linked to MGM attack

US Cyberattacks on the Rise; Businesses in Colorado, California Face Greater Threat

Warning!! Fake WazirX Compensation Email Targeting Users

Warnings mount that cybercriminals may be exploiting global tech outage

Why Microsoft IT Outage Skyrocketing the Concern Over Increased Risk of Data Breach, Cyber Threat in Airline Industry in Future

XRP Community on High Alert Following Surge in Phishing Airdrop Scams

19th July

17-Year-Old Arrested for Last Year's Ransomware Attack on MGM Resorts

Alleged Access for a South American Company Operating in 3 Sectors

APT41 Infiltrates Networks in Italy, Spain, Taiwan, Turkey, and the U.K.

AT&T data breach leads to class action lawsuit filed in Texas

Australians advised to be cautious of scams following major health info data breach

Bassett Furniture Discloses Cyberattack Amidst Financial Slump

Chinese APT41 back in action compromising companies in Italy, Spain, Taiwan, Turkey, UK

CISOs must shift from tactical defense to strategic leadership

Court Sentences Cybersecurity Student to 21 Months for Malware and DDoS Attacks

Co-op websites are online after cyber-attack

CrowdStrike outage turns playground for threat actors

Cybercriminals taking advantage of CrowdStrike-linked global computer outage

Data Breach at Infosys McCamish Systems Leaks Information of Nassau Life & Annuity Company Customers

Department of Homeland Security (DHS) watchdog rebukes CISA and law enforcement training center for failing to protect data

Don't Fall for It: Hackers Pounce on CrowdStrike Outage With Phishing Emails

Federal Judge Dismisses Major Claims in SEC’s Lawsuit Against SolarWinds

Hackers are using fake drone contracts to infect Ukrainian defense enterprises

Hajj and Pilgrimage Organization of Iran was Allegedly Breached

How Was $230 Million Stolen in the WazirX Hack?

In reversal, AT&T says most FirstNet customers impacted in data breach disclosed last week

‘It’s not worth it,’ MGM warns after 17-year-old arrested in alleged cyber attack

Kofile Technologies Data Breach Results in an Unknown Number of Leaked SSNs

Los Angeles County Superior Court hit by ransomware attack

Los Angeles County Superior Court hit by ransomware attack, believed to be unrelated to CrowdStrike outage

Los Angeles County Superior Court targeted in ransomware attack

Loumar Notifies Consumers of Data Breach Affecting Their Social Security Numbers

MediSecure: Ransomware gang stole data of 12.9 million people

MediSecure cyber security incident

MediSecure data breach affects about 12.9 million Australians

MediSecure data breach impacted 12.9 million individuals

One-third of development professionals unfamiliar with secure coding practices

Police arrest a teenage boy in connection with the MGM Resorts ransomware attack

Pro-Houthi Group Targets Yemen Aid Organizations with Android Spyware

Proactive Cyber Defense: The Role of Dark Web Monitoring for CEOs in Banking

R.R. Donnelley Settles $2.1 Million Securities and Exchange Commission (SEC) Charges Over 2021 Cyberattack

Russians plead guilty to involvement in LockBit ransomware attacks

Securing Healthcare Data: Dark Web Monitoring Insights for CISOs

Security leaders respond to the AT&T data breach

Shoppers won’t receive furniture orders after ransomware attack

SolarWinds Patches 8 Critical Flaws in Access Rights Manager Software

Sunburst: US Judge Dismisses Most SEC Charges Against SolarWinds

Teenage suspect in MGM Resorts hack arrested in Britain

The Changing Face of Corporate Governance in Cybersecurity

Threat Actor Claims to Have Leaked Database of Rencontre-Ados

Threat Actor Claims to Have Leaked Know Your Customer (KYC) Data of Embily Crypto and Fractal ID

Two Lockbit affiliates from Russia plead guilty in US court

Two LockBit Ransomware Affiliates Plead Guilty in U.S. Federal Court

Two Russian Nationals Plead Guilty in LockBit Ransomware Attacks

U.K. police arrest 17-year-old in connection with last year's MGM cyberattack

U.S. Imposes Sanctions On Russian Hacker Group

UK cops arrest teen suspect in MGM Resorts cyberattack probe

UK Police: 17-year-old connected to cyberattack of MGM Resorts

UK Teen Arrested for Alleged Role in Scattered Spider Gang that Targeted MGM Resorts

Unidentified Attacker “Revolver Rabbit” Uses Registered Domain Generation Algorithm (RDGA) to Register 500,000 Domains

US cyber agency CISA says malicious hackers are ‘taking advantage’ of CrowdStrike outage

US sanctions two members of Russian ‘Cyber Army’ hacktivist group

WazirX Cryptocurrency Exchange Loses $230 Million in Major Security Breach

18th July

7.6 Million Reasons: The Evolve Bank Breach and the Rising Ransomware Tide

12.9 Million Australians Impacted in MediSecure Data Breach

23andMe to settle class-action suit around 2023 data breach

95% percent of organizations had at least one high or critical risk

Africa sees 37% surge in cyber attacks

After Advance Auto Parts Data Breach, Claims of Modern Automotive Network Cyberattack Surface

Alert: HotPage Adware Disguised as Ad Blocker Installs Malicious Kernel Driver

American Aviation Company was Allegedly Breached

Another AT&T Data Breach

Another Know-Your-Customer (KYC) data breach hits the crypto world, affecting thousands of users

Attackers abuse URL protection services to hide phishing links in emails

Auto Parts giant exposed: 2.3 million customers at risk in massive data breach

Automated Threats Pose Increasing Risk to the Travel Industry

Bassett Furniture says ransomware attack disrupted manufacturing facilities

CapraRAT Spyware Masks As Popular Android Apps

CDK Global cyber attack: What businesses can learn & implement

Chainalysis Launches Anti-Phishing Initiative in Crypto Sector

Chainalysis Launches Public-Private Plans to Crack Down on Crypto Scams

Chainalysis unveils Operation Spincaster, combatting $2.7B in crypto scams

Change Healthcare Ransomware Attack Cost Predicted to Rise to at Least $2.3B in 2024

Chinese Adware Opens Windows Systems to More Threats

Cisco fixes critical flaws in Secure Email Gateway and SSM On-Prem (CVE-2024-20401, CVE-2024-20419)

Cisco SSM On-Prem Addresses Critical Vulnerability That Allowed Attackers to Change User Passwords

Cisco warns about critical vulnerability that allows user passwords to be changed

Cisco Warns of Critical Flaw Affecting On-Prem Smart Software Manager

Combatting cyber-alert fatigue

Costs associated with ransomware attacks are skyrocketing

Critical Cisco bug lets hackers add root users on SEG devices

Critical infrastructure ransomware payments, recovery costs spike

Critical Splunk flaw can be exploited to grab passwords (CVE-2024-36991)

Crypto experts, law enforcement shut down network stealing billions through ‘approval phishing’

Cyber attack targets trust that runs schools across Cambridgeshire

Cybercrime: arrest after 'relentless' cyber attack on health charity in the UK

Cybercriminals Heavily Preparing For 2024 Paris Olympic Games Based Attacks

CyberMaxx Q2 2024 Ransomware Research Report Shows 37% Increase in Attacks Compared to Q1

Data breach raises questions about Fractal ID’s decentralized identity architecture

Data Breaches Impact Growing Number of Victims, Identity Theft Resource Center (ITRC) Finds

Dental care provider First Choice Dental says ransomware attack compromised over 200k patients

Department of Health and Human Services (HHS) and Federal Bureau of Investigation (FBI) Release Joint Cybersecurity Advisory Statement for Healthcare Providers

Don’t Be Fooled: URL Protection Services Can Be a Phishing Trap

Drugstore chain Rite Aid says data breach impacted over 2.2 million patients

Energy and Water sector ransomware recovery costs hit $3 Million

Energy Hit Harder by Ransomware Attacks Than Other Sectors

Fact vs. Fiction: Dispelling Zero Trust Misconceptions

Fighting AI-powered synthetic ID fraud with AI

FIN7 Cybercrime Gang Evolves with Ransomware and Hacking Tools

FIN7 sells improved EDR killer tool

Fractal ID Confirms Data Breach, Impacting User Security in Web3 Platforms

Fractal ID Data Breach Affects Gnosis Pay, Polygon, Ripple, and NEAR Users

Fractal ID Reports Data Breach Impacting 0.5% of User Base

France Says Olympic Ransomware Attacks 'Inevitable'

Future of Hybrid Cloud Security: New Approaches and Innovations

Hacker jailed after Jobcentre suffers cyber attacks

Hacker Leaks Data of More Than 15 Million Trello Users

Hackers could create traffic jams thanks to flaw in traffic light controller, researcher says

Hackney clashes with regulator over cyber attack

Hackney Council hit by ‘avoidable’ cyber attack

Harry Perkins Institute of Medical Research targeted in major cyberattack

Healthcare is an ‘easy victim’ for ransomware attacks. How hospitals can mitigate the damage

Hijacked YouTube channels pushing crypto scams using Trump assassination narrative

HotPage Malware Hijacks Browsers With Signed Microsoft Driver

How a hacker just stole $235m from Indian crypto exchange WazirX

How IT leaders can respond to the evolution of ransomware

HS2 investigating possible misconduct tied to ‘serious’ data breach

Indian Conglomerate Piramal Group was Allegedly Breached

Indian crypto platform WazirX confirms $230 million stolen during cyberattack

Indonesian ransomware debacle shows that you need backup – and a lot more

Information Commissioner’s Office (ICO) reprimands Hackney Council over cyber attack

Jail time for operators of DDoS service used to crash thousands of devices

Japanese Real Estate Firm SUUMO Confirms Data Breach Incident

Judge tosses out most of SEC cybersecurity case against SolarWinds

Laurentian University confirms February ‘cyber incident’ was a ransomware attack

Laying the groundwork for zero trust in the military

Liverpool fans left fuming as Premier League club investigate cyber attack

Liverpool Football Club suspends ticket sales after CYBER ATTACK...with officials unsure when sale will reopen as this 'sophisticated bot attack' is 'different to anything they have experienced before'

Liverpool Football Club’s ticket sale was hit with another cyber attack – vow made to fans

Liverpool hit by cyber attack as club puts Premier League ticket sales on hold and launches investigation

Liverpool hit by cyber attack as ticket sales suspended and investigation launched

Liverpool suspend ticket sales after cyber attack

Macao’s public broadcaster TDM was hit by a cyber attack

Man arrested after ‘relentless’ four-month cyber attack against health charity

Mandatory ransomware reporting hinted in King’s Speech

MarineMax Notifying 123,000 of Data Breach Following Ransomware Attack

MarineMax says March ransomware attack impacted over 120,000 customers

Massive Data Breach Compromises Health Information Of 12.9 Million Australians

MediSecure Data Breach: 12.9 Million Australian Users’ Sensitive Data Hacked

Meta Halts AI Use in Brazil Following Data Protection Authority's Ban

Meta puts a halt to training its generative AI tools in Brazil

Minneapolis healthcare provider data breach impacted over 760k patients

More than 123K hit by MarineMax hack

NATO to Bolster Cybersecurity Measures to Combat Threats for Alliance Countries

Nearly 13 Million Australians Affected by MediSecure Attack

Nearly 13 million Australians impacted by MediSecure data breach

Nearly Half of SMEs Fell Victim to Cyberattack in Last Six Months

New EDR Bypass Tool Touted by FIN7 Hacking Group

New hacker group uses open-source tools to spy on entities in Asia-Pacific region

New Malware Campaign Exploiting RDPWrapper and Tailscale Targets Cryptocurrency Users

Nigerian Man Pleads Guilty in Texas to Real Estate Phishing Scheme From Leicester Base

Number of data breach victims up 490% compared to first six months of last year

Over 765K compromised in MNGI Digestive Health breach

Paychex sued for negligence after data breach exposes workers’ names and Social Security numbers

Phishing Threat Actor Leverages AI to Target Multiple Crypto Brands

Phishing-as-a-Service: What IT Teams Need to Know

Play Ransomware Claims Attack on MIPS Technologies

Pueblo County School District 70 Confirms Data Breach; CIA Involved in Investigation

Q2 Sees More Organisations Listed on Ransomware Leak Sites

Quantum Radiology recovers majority of data encrypted in the 2023 cyber attack

Ransomware Groups’ Data Leak Site Listings Increased by 20% in Q2, 2024

Ransomware Recovery Costs Soar to $3M for Critical Infrastructure

ReliaQuest report notes 20% spike in ransomware Q2 2024

Researchers Discover Intrusive ‘HotPage’ Malware with Microsoft-Signed Driver

Revolver Rabbit gang registers 500,000 domains for malware campaigns

Russia’s FIN7 is peddling its EDR-nerfing malware to ransomware gangs

SAP AI Core Flaws Expose Sensitive Customer Data and Keys

SAP AI Core Vulnerabilities Expose Customer Data to Cyber Attacks

Shiba Inu (SHIB) Price Surges as WarizX Hacker Sells All Tokens

Single ransomware attack has $2.45 billion impact - with "direct response" costs hitting $776 million

Social Security numbers stolen from Dallas County employees, their dependents in data breach

SolarWinds fixes 8 critical bugs in access rights audit software

Staggering Rise in Ransomware Payments: Critical Infrastructure Sectors Under Siege

Strengthening Security Posture in the World of Outsourced Ransomware-as-a-Service (RaaS)

TAG-100: New Threat Actor Uses Open-Source Tools for Widespread Attacks

The number of data breach victims is up 490% in the first half of 2024

Threat Actor Claims to Have Leaked Database of Pick n Pay Group

Threat Actor Claims to Have Leaked Database of Universitas Indonesia

Two-factor authentication could have prevented AT&T data breach affecting 110 million customers

U.S. medical billing provider Designed Receivable Solutions (DRS) says cyber attack impacted over 585,000 patients

U.S. Postal Service (USPS) shared customer postal addresses with Meta, LinkedIn and Snap

UK Government Set to Introduce New Cyber Security and Resilience Bill

UK national blood stocks in 'very fragile' state following ransomware attack

US Data Breach Victim Numbers Surge 1170% Annually

US Data Breach Victims Surge by 1,170% in Q2 2024

Vulnerability for a Phone Stalkerware is for Sale on a Dark Web Forum

WazirX cyber attack update: Company discloses initial findings

WazirX Hacked: $230 Million Lost as Indian Crypto Exchange Suspends Withdrawals

WazirX Hacker Sends ‘I hacked WazirX’ Token to Vitalik

WazirX halts withdrawals after losing $230 million, nearly half its reserves

Web3 KYC vendor Fractal ID loses over 50k users’ passport info in data breach

What you need to know about AT&T data breach that affected ‘nearly all wireless customers’

17th July

15 million Trello users have been exposed in a data breach – here’s what you need to know

23andMe Reaches Settlement in Data Breach Class Actions Lawsuit

Act Now: Critical Apache HugeGraph Vulnerability Under Attack

Anime figurine maker exposes North American customer names, home addresses

API Security: A Priority in Today’s Interconnected Tech World

Auto parts giant exposed: 2.3 million customers at risk in massive data breach

Blockchain identity platform Fractal ID suffers data breach

Attacks on Israeli organizations 'more than doubled' since October 7, cyber researcher says

BMW Hong Kong data breach exposes sensitive information of 14,000 customers

Brazilian Logistics Company Grupo Jal was Allegedly Breached

CDK Global Outage Ended After Reportedly Paying $25 Million Ransom

CERT-In Highlights Critical Vulnerabilities in Adobe, IBM WebSphere, and Joomla

China-linked APT17 Targets Italian Companies with 9002 RAT Malware

CISA: Patch Critical GeoServer GeoTools Bug Now

Cisco SSM On-Prem bug lets hackers change any user's password

Coinbase third-party breach reveals bank account numbers

Costs for Ransomware Attacks on Critical Infrastructure Are Soaring

Critical Apache HugeGraph Vulnerability Under Attack - Patch ASAP

Data Breach at New Jersey Oral & Maxillofacial Surgery Associates Leaks Patient SSNs

Data watchdog reprimands Hackney council over cyber attack

Dual Ransomware Attacks Present a Big Threat to State and Local Governments

Family Location Tracker App Life360 Breach: 443,000 Users’ Data Leaked

FIN7 Cybercriminal Gang Adopts Techniques to Elude EDR and Automate Attacks

FIN7 deploys custom EDR tool on numerous dark web forums

FIN7 Group Advertises Security-Bypassing Tool on Dark Web Forums

FIN7 Reboot - Cybercrime Gang Enhances Ops with New EDR Bypasses and Automated Attacks

Freudenberg Medical Provides Notice of November 2023 Data Breach

Furniture giant shuts down manufacturing facilities after ransomware attack

‘GhostEmperor’ returns: Mysterious Chinese hacking group spotted for first time in two years

Global Police Swoop on Black Axe Cybercrime Syndicate

Gnosis Pay and other crypto projects impacted in Fractal ID data breach

Hacked YouTube Channels Use Trump Assassination News to Push Crypto Scam

Hacker claims Trello, leaks millions of emails

Hacker Group Leaks Disney Data To Protest A.I.-Generated Artwork

Hacker Says They First Didn’t See Any Value in Stolen AT&T Data

Hackers stole over six months worth of AT&T call and SMS logs

Hackney accuses Information Commissioner’s Office (ICO) of ‘exaggerating’ cyber attack risk

Hackney Council blasted over cyber attack that saw 'deeply personal information' stolen by hackers

Hackney Council criticised by regulator over cyber attack

Hackney Council in London reprimanded for failing to prevent ransomware attack

Hackney Council Reprimanded for Catastrophic ‘Avoidable’ Data Breach

Hackney Council reprimanded over 2020 ransomware attack

HardBit Ransomware - What You Need to Know

Information Commissioner’s Office (ICO) Reprimands London Borough of Hackney following cyber-attack

Information Commissioner’s Office (ICO) Reprimands London Council for Mass Data Breach

Inside Q2 2024’s Ransomware Surge: Strategies and Geopolitical Impact

Interpol operation nabs 300 with links to West African cyber fraud

Investigators force crypto wallet drainer to shut down

Iraq-based cybercriminals deploy malicious Python packages to steal data

Is Your Device Spying on You? 10 Warning Signs of Spyware

Italy targeted by Chinese APT attacks

Jersey Financial Services Commission (JFSC) apologizes for data breach impacting 261 individuals

King’s Speech: New laws propose Information Commissioner’s Office (ICO) reform and mandatory ransomware reporting

Li.Fi Hacked Again: DeFi Protocol Loses $10 Million in Second Exploit

Locking out ransomware: A new way to look at security strategy

London Borough of Hackney reprimanded over cyberattack

London council slammed for ‘severe’ data breach in ‘avoidable’ cyber attack

Malaysian Telecom Company U Mobile was Allegedly Breached

Man arrested over 'relentless' cyber attack on health charity

MarineMax Notifies 123,494 Consumers of Recent Data Breach Exposing Their Personal Information

Massive AT&T Data Breach Compromises “Nearly All” Customer Records From May to October 2022

MFA, Backups & More: Build Your Phishing Defense With These 7 Tips

Most GitHub Actions workflows are insecure in some way

Navigating Insider Risks: Are your Employees Enabling External Threats?

North Korean Hackers Update BeaverTail Malware to Target MacOS Users

Notorious FIN7 hackers sell EDR killer to other threat actors

Over 400,000 Life360 user phone numbers leaked via unsecured API

Overlooked essentials: API security best practices

Paris 2024 Olympics Face Escalating Cyber-Threats

Pueblo County District 70 reports a data breach and ransomware incident

Pueblo County school district potentially compromised by data breach and ransomware incident

Q2 2024 ransomware stats reflect shifting RaaS landscape

Qilin Ransomware’s Sophisticated Tactics Unveiled By Experts

Qilin, RansomHub ransomware added to Scattered Spider arsenal

Ransomware attack forces Indiana's Clay County to declare a local disaster emergency

Ransomware attacks are hitting energy, oil and gas sectors especially hard, report finds

Ransomware continues to pile on costs for critical infrastructure victims

Ransomware disrupts Bassett Furniture Industries

Ransomware recovery in energy, water sectors hits $3M, quadrupling in one year

'Relentless' cyber attack on Runcorn charity leads to Carron house raid and arrest of suspected hacker

Rite Aid Data Breach Impacts 2.2M Customers, Personal Data Exposed

Rite Aid reveals data breach impacted 2.2 million customers

Rite Aid says data breach exposed sensitive customer information

Rite Aid Says Hack Impacts 2.2M People as Ransomware Gang Threatens to Leak Data

Russia-linked FIN7 hackers sell their security evasion tool to other groups on darknet

Russian Petrochemical Company was Allegedly Breached

Scattered Spider Adopts RansomHub and Qilin Ransomware for Cyber Attacks

Scottish hacker student who sold malicious software to sabotage Government websites jailed

Securing APIs from cyber-criminals

Sensitive Data Sharing Risks Heightened as GenAI Surges

Student made nearly £45,000 from cyber-attack software

Student who made tens of thousands through cyber attack software jailed

“The internet has become a massive web of surveillance:” Firefox defends its decision

The State of Ransomware in Critical Infrastructure 2024

Threat Actor Claims to Sell Confidential Data from Energo, Kyrgyzstan’s Main Energy Producer

Threat Actor Claims to Sell Customer Data of Netshoes

Threat Actor Claims to Sell Database of Celcom Axiata Berhad

Threat group FIN7 adapts with new tactics and tools

Trello Data Breach: Hacker Dumps Personal Info of Millions of Users

Trello leak: Over 15 million email addresses exposed. How did this happen?

UK to introduce watered-down version of mandatory reporting for ransomware attacks

Ukraine police arrest suspected cybercriminals accused of theft from industrial companies

Understanding NullBulge, the New AI-Fighting 'Hacktivist' Group

Unseen levels of cyberattacks: organizations targeted ten times an hour

US jails Ukrainian hacker for roles in IcedID, Zeus malware operations

Void Banshee Group Used ‘Windows Relic’ Internet Explorer (IE) in Phishing Campaign

Void Banshee Targets Victims Through Use of ‘Zombie’ Internet Explorer Zero-Day

What business leaders need to know about the Cyber Security and Resilience Bill

Yacht giant MarineMax data breach impacts over 123,000 people

Zero-Day Vulnerability Found in VirtualBox: Host Systems at Risk

16th July

83% of cybersecurity managers are looking into AI

911 services in parts of California come under cyber attack

AI-Driven Incident Response: Automating Cybersecurity with GenAI

Amazon Prime Day is a big event for scammers, experts warn

Analysing Data Breaches Caused by Human Error

API Transformation Cyber Risks and Survival Tactics

AT&T customers' call and text records exposed in data breach

AT&T data breach affects 109 million US customers

AT&T data breach impacts over 100 million telco customers

AT&T fallout ensues after massive data heist

AT&T ‘Paid Hacker $300,000’ To Delete Stolen Data

AT&T Paid To Remove Customers’ Data After A Data Breach Exposed Call Logs from 2022

AT&T ransom laundered through mixers, gambling services

AT&T’s Data Breach Could Have Been Avoided with Blockchain Technology

AT&T's data breach nightmare gets worse as lawsuits begin to pile in

AutoNation Says CDK Global Ransomware Attack Impacted Earnings

BMW Hong Kong Data is Allegedly Leaked

BMW Hong Kong Faces Major Data Breach: 14,000 Customer Records Exposed

Check Point Reports Shift in Ransomware Landscape; Introduces BadSpace Windows Backdoor Threat

CISA warns critical Geoserver GeoTools RCE flaw is exploited in attacks

CISA Warns of Actively Exploited RCE Flaw in GeoServer GeoTools Software

Cloudflare reports almost 7% of internet traffic is malicious

Criminals misuse URL protection to mask phishing attacks

Cyber criminals target Apple users with smishing attacks

Cyber security fatigue piles on pressure

Cyberattack disrupts 911 emergency services in California

Data Breach Class Action Lawsuit Filed Against Cloud-Based Storage Company Blamed For Ticketmaster Leak

Data breach exposes pitfalls of customer identification regulations

Data breach hits keep on coming this year

Disney in Chaos After Massive Cyber Attack Puts Thousands at Risk, Investigation Leads To Shocking Discovery

Disney Investigating Hacker Group’s Data Theft Claims

Disney investigating major data breach after hacktivists reveal 'inside man', post unreleased projects online

Disney Probing Cyber Assault by Anti-AI Group Who Says It Took ‘Anything We Could Get Our Hands On’

Disney Says It's Investigating Reported 1.2TB Hack of Its Internal Documents

Disney suffers massive internal communications data leak after cyberattack

Email addresses of 15 million Trello users leaked on hacking forum

Firefox’s new data collection feature sparks user backlash: here’s how to disable it

Firmware update hides Bluetooth fingerprints

Hacked, leaked, exposed: Why you should never use stalkerware apps

Hacker group claims it leaked Disney’s internal info

Hacker group claims to have stolen over 1TB of Disney’s internal data

Hacker Group Exposes Disney’s Internal Slack Messages Highlighting AI Issues

Hacker group says it leaked Disney data over the company’s ‘approach to AI’

Hacker makes fresh AT&T data claims

Hacker steals Noida bank manager's login details, transfers Rs 16.5 Cr to 89 different accounts

Hackers found abusing URL protection tools to hide phishing links

Hacking group Nullbulge claims to have carried out major cyber attack on Disney

Hacktivist Groups Target Romania Amid Geopolitical Tensions

Hacktivists Claim Leak of Over 1 Terabyte of Disney Data

Half of SMEs Unprepared for Cyber-Threats

Healthed data breach exposes participant information

Healthed data breach exposes personal details

How AI is shaping the ransomware threat landscape

How to Prevent Fraud in Banking: Foundational Strategies

How U.S. Businesses can Fight the Deepfake Threat

Improved detection evasion added to updated HardBit ransomware

Internal Revenue Service (IRS) Warns Car Dealers of Rising Phishing and Smishing Scams

Iran’s MuddyWater APT targets Saudis and Israelis with BugSleep Backdoor

Iranian Group MuddyWater Deploys MuddyRot Malware in New Campaign

Iranian Hackers Deploy New BugSleep Backdoor in Middle East Cyber Attacks

Iranian MuddyWater Upgrades Arsenal With New Custom Backdoor

Iraqi Hackers Exploit PyPI to Infiltrate Systems Through Python Packages

Israeli Organizations Allegedly Targeted by Cyber Attack

It is said that private information from thousands of Disney Slack groups was compromised by a hacker organization

Jersey regulator apologies for data breach on 261 people with trusts, companies

'Konfety' Ad Fraud Uses 250+ Google Play Decoy Apps to Hide Malicious Twins

Latest AT&T data breach risks customer defections

Lazarus caught laundering millions from DMM bitcoin hack, some funds frozen

LiFi Protocol Hack: Over $8 Million Stolen in Targeted Cyber Attack

Major data breaches that have rocked organizations in 2024

Malicious npm Packages Found Using Image Files to Hide Backdoor Code

Massive data breach hits Ukrainian surveillance software company mSpy

MHTML Exploited By APT Group Void Banshee

Microsoft links Scattered Spider hackers to Qilin ransomware attacks

Millions of Rite Aid Customers' Information Stolen in Hack: What We Know

Millions of Rite Aid customers’ names, IDs exposed

MNGI Digestive Health Notifies 765k Patients of Recent Data Breach

Multiple Cryptocurrency Firms Fall Victim to Squarespace Domain Hijacking

New Jellyfish Loader Threat Discovered: Advanced Techniques for System Infiltration

New laws to protect the NHS and Ministry of Defence (MoD) from cyber attacks to be in King’s Speech

New Snowflake Data Breach Exposes Millions of Customers

Noida bank branch falls victim to cyber attack: How hackers stole Rs 16.50 crore

Paris 2024 Olympics to face complex cyber threats

Patagonia Sued for Using AI-Based Software to Analyze Customer Calls

Perth’s Harry Perkins medical research institute under cyber-attack

Philippine Department of Migrant Workers Switches to Manual Systems After Cyber Attack

Qilin ransomware attack disrupts London NHS Services; 6,000 appointments canceled

Rabbit R1 hacked using old vulnerability: avoid second-hand devices

Ransomware leak site posts jumped 20% in Q2

Ransomware reality: 96% of attacks target backup repositories

Report suggests TVs are more vulnerable to cyber-attack than other smart devices

Rite Aid: Breach Affects 2.2 Million Users

Rite Aid Announces Data Breach Affecting the Personal Information of 2.2 Million Consumers

Rite Aid Data Breach - 2.2 Million Customer Personal Data Exposed

Rite Aid says June data breach impacts 2.2 million people

Rite Aid says 'limited' cyber incident affected data of 2.2 million people

Rite Aid Says Ransomware Group Stole 2.2M Customers' Data

Scattered Spider's fave new ransomware tools are RansomHub and Qilin

Senators press AT&T, Snowflake for answers on wide-ranging data breach

Shadowroot Ransomware Lures Turkish Victims via Phishing Attacks

South Africa: Cyber attack on national health lab delays rollout of new test for children with TB

South Africa: National Health Laboratory Service (NHLS) partially back online after cyberattack

Strengthening Australia’s Digital Backbone: Critical Infrastructure Report Filing Begins

Study Proves It: Security Awareness Training Reduces Phishing Attacks

Suspected Iranian state hackers use new malware to target Israeli organizations

SYS01 info-stealer pushed via Facebook ads, LinkedIn and YouTube posts

Talk Security, Not Tech: Ivanti Study Urges CISOs to Educate Leaders on AI Risks

The biggest data breaches in 2024: 1 billion stolen records and rising

The Philippines: Department of Migrant Workers (DMW) hit by ransomware attack; online systems down

The Philippines: Department of Migrant Workers (DMW) online systems down after ransomware attack

The Philippines: Department of Migrant Workers (DMW) online systems hit by ransomware attack; alternate measures up

The Philippines: Department of Migrant Workers (DMW) shuts down online systems after ransomware attack, says OFW data is safe

The Philippines: Department of Migrant Workers (DMW) suffers cyber attack; online OFW services put on hold

The Philippines: Department of Migrant Workers (DMW) system goes offline after ransomware attack

The Philippines: Department of Migrant Workers (DMW) takes pre-emptive measures after ransomware attack

Threat Actor Claims to Have Leaked Database of French Telecom Giant SFR

Threat Prevention & Detection in SaaS Environments

Trello Database is Allegedly Leaked

Two-Fifths of Senior Citizens Suffer Frequent Fraud Attempts

Ukraine's Defence Intelligence and hacker volunteers attack nearly 100 Russian websites

Ukraine's volunteer hacker army is pioneering a new era of cyber warfare

US’ American Radio Relay League (ARRL) admits facing a ransomware attack on its systems

Victoria’s Royal Brighton Yacht Club confirms Medusa ransomware attack

VMware ESXi targeting by SEXi ransomware continues under new name

Void Banshee APT exploited “lingering Windows relic” in zero-day attacks

Void Banshee APT Exploits Microsoft MHTML Flaw to Spread Atlantida Stealer

Vulnerability Management Lifecycle: The Ultimate Guide to Business Security

Wise addresses potential data breach at partner bank

15th July

2 weeks after ransomware attack, Patelco restores most banking functions

10 Billion Passwords were Leaked on a Hacker Site. What You Need to Know

10,000 Victims a Day: Infostealer Garden of Low-Hanging Fruit

A Threat Actor Selling OpenSSH Command Injection Exploit for Version 9.6

A Threat Actor Selling PHPBB SQL Injection Exploit for $40 Monero

Advance Auto Parts says Snowflake security incident impacted over 2.3m customers

Akira Ransomware Attacking Airline Industry With Legitimate Tools

Alleged Disney breach admitted by suspected LockBit-linked hacktivist group

AT&T allegedly pays $370k in ransom following April cyber attack

AT&T apparently paid a hacker big bucks to delete stolen phone record data

AT&T Breach Linked to American Hacker, Telecom Giant Paid $370k Ransom

AT&T Compensates Hacker $370,000 to Secure Sensitive Customer Data

AT&T Data Breach: Nearly ALL Customers Have Phone Records Stolen

AT&T Data Breach: What Happened and How to Prevent It from Happening to Your Enterprise

AT&T data breach exposes call and text logs: What you need to know

AT&T Data Breach Exposes Millions: Call Logs Compromised

AT&T data breach leaked “nearly all” of its customers mobile numbers

AT&T data breach reveals cell record data for nearly all its customers

AT&T discloses customer data breach

AT&T hack: Carrier paid ransom for data; delayed public disclosure at request of FBI

AT&T hacker says firm paid nearly $400,000 to have stolen data deleted

AT&T leaks data of nearly all customers, pays hackers $370,000 for removal

AT&T Paid $370K To A Hacker Responsible For The Massive Data Breach In Exchange For Deleting Stolen Consumer Record

AT&T paid a hacker to erase data from a massive leak

AT&T paid a king's ransom to a hacker with everyone's call logs, records indicate

AT&T paid big bucks to a hacker to delete stolen customer data, report claims

AT&T paid hacker 6 bitcoins to film deletion of stolen data

AT&T Paid Hackers $370k to Delete Stolen Call Records

AT&T paid hackers to delete info stolen in last week's data breach

AT&T Paid Ransomware Group to Delete Stolen Records

AT&T Pays $400,000 BTC Ransom to Hackers in 2022 Data Breach

AT&T pays threat actor $370,000 to delete stolen data

AT&T reportedly paid hacker $370K after massive data breach exposes customer records

AT&T reportedly paid hacker $370,000 to delete stolen customer data

AT&T reportedly paid ransom for deletion of stolen call logs after culprit allegedly detained

AT&T Reportedly Paid Small Fortune for Hacker to Delete Stolen Data

AT&T reveals massive data breach that exposed call and text records for almost all of its customer base

AT&T's Major Data Breach Sparks Another Class-Action Lawsuit

AT&T’s massive breach of metadata is a criminal treasure trove - as spy agencies know

Attackers Exploit URL Protections to Disguise Phishing Links

Beware of the Latest Phishing Tactic Targeting Employees

BianLian Ransomware Leveraging RDP Credentials To Gain Initial Access

Car dealership company AutoNation says CDK ransomware incident cut into quarterly earnings

Cisco Talos Report Reveals Critical Insights in Ransomware Trends

Clay County, Indiana, website, services remain offline after ransomware attack

Critical Dallas County data exposed in 2023 ransomware incident

Critical Exim vulnerability facilitates malware delivery (CVE-2024-39929)

Crypto Scammer Returns $9.27 Million Out of $24M Crypto Theft

CRYSTALRAY Cyber-Attacks Grow Tenfold Using OSS Tools

CRYSTALRAY Hackers Infect Over 1,500 Victims Using Network Mapping Tool

Customers of AT&T MVNOs such as Boost, Cricket, and Straight Talk also impacted by data breach

Cyber Insurance for Supply Chains: Is It Worth the Investment?

Cybercriminals exploit ChatGPT for near-perfect phishing emails

Data breach confirmed by Rite Aid following RansomHub claims

Did you get a fake McAfee invoice? How the scam works and 2 things you should never do

Discover the growing threats to data security

Disney allegedly hacked by “Nullbulge,” 1.1TB of data compromised

Disney Allegedly Hacked For Tons Of Future Project Data

Disney Contends with Potential Data Breach from Hacktivist Group

Disney Data Breach Fears: Hackers Threaten Leak of Unreleased Projects

Disney Investigating Data Leak After Hackers Post Alleged Internal Communications Online

Disney reportedly victim to a 1TB data breach

Disney‘s internal Slack containing unreleased projects leaked

EE launches Scam Guard against nuisance calls, dark web hackers and phishing scams

Egypt: Hacker displays protest video on screen at Cairo mall

Evolve Bank suffers ransomware attack

Facebook ads for Windows desktop themes push info-stealing malware

Five things to know about the AT&T data breach

French Telecom Giant SFR’s Data Breached? Hacker Claims 1.4 Million Users Affected

GitHub Token Leak Exposes Python's Core Repositories to Potential Attacks

Guarding Finance: Ransomware Insights and Analysis from 2023

Hacker attack captures unannounced information from Disney projects

Hacker claims $400k Bitcoin ransom paid by AT&T to erase stolen data

Hacker group claims it leaked internal Disney Slack messages over AI concerns

Hacker Paid by AT&T to Erase Customer Records

Hacker Says AT&T Paid About $400,000 to Erase Sensitive Data

Hacker was allegedly paid $370,000 ransom to delete stolen AT&T data

Hackers and law enforcement: to be or not to be?

Hackers Behind AT&T Breach Received Nearly $400,000 to Delete Trove of Stolen Data

Hackers Claim to Have Leaked 1.1 TB of Disney Slack Messages

Hackers now target Disney: Data breaches hit major companies

HardBit: Malware Version 4.0 Evades Detection

HardBit 4.0 ransomware launches with advanced passphrase protection

HardBit 4.0 ransomware offers another level of criminal service

HardBit ransomware version 4.0 supports new obfuscation techniques

How to protect your personal info after AT&T's data breach

IntelBroker hackers claim major data theft from Retail giant Lulu Hypermarket

Internal Revenue Service (IRS) Warns Car Dealers of Rising Phishing and Smishing Scams

Loretto makes formal notification of cyberattack data breach

Manufacturers Urge Feds to Revise Draft Cyber Attack Reporting Rule

Medusa ransomware claims American Golf Corporation hack

Microsoft’s DMARC Fail: Data Breach Notifications Flagged as Spam

Nearly $25M added to BlackSuit wallet after CDK Global hack

New BugSleep malware implant deployed in MuddyWater attacks

New Data-Stealing Poco RAT Campaign Targeting Spanish Speakers

New HardBit Ransomware 4.0 Uses Passphrase Protection to Evade Detection

New phishing scheme is built around legitimate-looking chatbots

New phishing tactic hijacks email protections to mask links

NHS Trusts cancelled over 6,000 appointments after Qilin cyber attack

"No new data leak has happened": Angel One Says Reported Data Breach Dates Back to April 2023

NuGet Packages Exploited to Target Developers with Malware

OilAlpha Hacker Group Attacking Humanitarian & Human Rights Organizations

Olympic Gold at Risk: AI Cybercriminals Target 2024 Games

Olympics face serious risk of malicious cyber activity

Patagonia invaded privacy by using AI to analyze customer service interactions, lawsuit alleges

Patelco Credit Union systems to be restored following ransomware attack

Patelco Restores Most Banking Services Weeks After Massive Ransomware Attack

Pharmacy Giant Rite Aid Hit By Ransomware

Phishing Scammer Returns $9.3M DAI After 10 Months

Phishing Scammer Returns $9.3M to Victim 10 Months After $24M Heist

Phishing victim reclaims $9.3m in DAI as scammer returns stolen funds

Pinterest Data Leak: Hackers Claiming Access to 60 Million Rows of Data

Rabbit r1 secretly kept user data that could not be deleted

RansomHub Claims Responsibility for Rite Aid Ransomware Attack

Ransomware groups target Veeam Backup & Replication bug

Recent Advanced Auto Parts data breach affects 2.3M individuals

Risk related to non-human identities: Believe the hype, reject the FUD

Rite Aid announces data breach

Rite Aid confirms data breach following ransomware attack

Rite Aid Confirms Millions of Customer Info Leaked in June Data Breach

Rite Aid Hacked, Ransomware Gang Says It Has Data on Millions of Customers

Rite Aid hit by major data breach, customer information compromised

Rite Aid Reports Data Breach

Rite Aid reveals customer info data breach

Rs 16 Crore Stolen from Nainital Bank’s Noida Branch; CERT-In and Police Investigate Major Cyber Attack on Core Banking Server

Scammer returns $9.3M in DAI to victim 10 months after phishing them

Scammer Returns $9.3M to Victim 10 Months after $24M Phishing Heist

SEXi Ransomware Rebrands as 'APT Inc.,' Keeps Old Methods

SEXi ransomware rebrands to APT INC, continues VMware ESXi attacks

Singapore banks enhance security to fend off phishing threats

Singapore Banks to Phase Out OTPs for Online Logins Within 3 Months

Singaporean banks to safeguard against phishing

Snowflake-linked attack on Advance Auto Parts exposes 2.3 million people

Steps to take if you are hit by a ransomware attack

Sweeping AT&T Data Breach of Customer Records Prompts Lawsuit

Telecom Giant AT&T Faces Data Breach

Tether freezes $29 million of cryptocurrency connected to Cambodian marketplace accused of fueling scams

This is how much the US' biggest telecom company paid a hacker to delete stolen data of all its customers

This new ransomware tries to stop victims recovery by using passphrases

Threat Actor Claims to Sell Full Access to Internal Network of Major Polish Company

UAE E-commerce Ghayar Hit by Potential Data Breach: 7,100 Users at Risk

URL protection services used to mask phishing attacks

US telco giant AT&T confirms data breach affecting more than 100m people

Virginia Elections Department Dismisses Data Breach Claims

Warning signs that your information was stolen in healthcare data breach early this year

WP Time Capsule Plugin Update Urged After Critical Security Flaw