Editor's Message

Welcome to DBD. 2024 was a tough year for me personally, and I'd like to thank every one of you who has supported me - you have been my light in times of darkness. 2024 saw the highest number of ransomware attacks on record, and there's no sign of these attacks slowing down as we head into the new year. Ransomware is a BIG problem that is NOT going away anytime soon, and this year could be just as catastrophic, if not worse, as cyber criminals continue to extort their victims with very little chance of being brought to justice. Wishing you all the very best for 2025. Stay safe. :)


“Data Breaches Digest and its PRiSM portal provide Dentons Global Security Team with valuable insights into the ransomware landscape, from the latest incidents to trends over time, as well as the ability to customize visual analytics. Timely reports and tracking by Data Breaches Digest help inform cyber intelligence for the world’s largest law firm and thus our cybersecurity posture across more than 80 countries worldwide.”
Dentons Senior Analyst, Washington DC



Monday, 29 July 2024

Data Breaches Digest - Week 31 2024

Welcome to this week's Data Breaches Digest, a catalogue of links concerning Data Breaches and Cyber Security that were published on the Internet during the period between 29th July and 4th August 2024.


4th August

Chinese hacker group StormBamboo successfully hijacked an ISP's automatic software updates with backdoor malware and bad Chrome extensions to breach a downstream target

Convergence Hack: $210 Million Worth of Tokens Stolen Through Smart Contract Exploit

Creepy warning signs you're being targeted in a cyber attack - and what to do

Delta airlines takes legal action against tech giants for massive data breach

Google Ads Suffered Major Reporting Glitch, Exposing Competitor Data and Causing Unavailability of Services

Hackers attempt to sell the personal data of 3 billion people resulting from an April data breach

Halifax phishing scam alarm as bank points to telltale sign a phone call is not from them

Is Off-The-Shelf Code Fuelling the Surge in Ransomware?

Panamorfi Campaign Leverages Minecraft DDoS Package Deployed Via Jupyter Notebook and Discord

StormBamboo’s DNS Poisoning Attack Targets Software Updates

Surge in Magniber ransomware attacks impact home users worldwide

The Alarming Surge Of Lateral Phishing – Are We All Just Sitting Ducks?

Threat Actor Claims to Sell “.url” Exploit Source Code for $10k

Unveiling the SLUBStick Cross-Cache Attack on the Linux Kernel

3rd August

4.3 million Americans exposed in massive health savings account data breach

23andMe Faces Delisting Amid Data Breach Fallout And Cash Crisis

42% of targeted email attacks against larger companies involve lateral phishing

Approval phishing scams ‘a much bigger problem’ than first thought

City of Columbus Offers Credit Monitoring to Employees After Massive Cyberattack Hits Government Facilities

Department of Justice (DOJ) and Federal Trade Commission (FTC) Sue TikTok for Violating Children's Privacy Laws

DIY Ransomware: novice cybercriminals bigger threat thanks to off-the-shelf code

Environmental Protection Agency (EPA) Urged to Enhance Water Sector Cybersecurity in New Government Accountability Office (GAO) Report

Hackers breach ISP to poison software updates with malware

Hackers Exploit Misconfigured Jupyter Notebooks with Repurposed Minecraft DDoS Tool

Hong Kong’s Cybersecurity Bill: Aimed at Critical Infrastructure Protection, Not Personal Privacy

Income Tax Refund scam is doing the rounds! Don’t fall for it by clicking link in phishing messages

Israeli Hackers Claim Responsibility for Internet Disruption in Iran

Linux kernel impacted by new SLUBStick cross-cache attack

Malaysia: Tawau man behind global phishing business, says Aussie report

Malware Attacks In India Up By 11%, Ransomware Rises 22%

Massive Health Savings Account Data Breach Exposes 4.3 Million Americans

Minister apologises for Northern Ireland special education needs data breach

Newly Discovered BITSLOTH Backdoor Abuses Microsoft BITS for Command and Control

North Korean hacker accidentally hired by American cybersecurity company

Ransomware in the global healthcare industry

Russia-linked APT used a car for sale as a phishing lure to target diplomats with HeadLace malware

Russian hacker arrested in Maldives released by US under prisoner exchange program

Security Bypass Vulnerability Exposed in Rockwell Automation Logix Controllers

This phishing scam claims a process server is looking for you

Thousands of cameras and routers from this company at risk of hacker attacks, warn researchers

Threat Actor Alleges Breach of FBI Officers’ Database, Releases 22,175 Records

UK Shuts Down ‘Russian Coms’ Fraud Platform Defrauding Millions

ZB Financial Holdings Hacked For Ransom. Customer & Operations Data Leaked To The Internet

2nd August

Acadian Ambulance Services investigates major cyber attack affecting millions

Acronis reports 293% increase in email cyberattacks in H1 2024

APT28 Targets Diplomats with HeadLace Malware via Car Sale Phishing Lure

APT41 Hackers Use ShadowPad, Cobalt Strike in Taiwanese Institute Cyber Attack

Artificial Intelligence: The new face of cyber scams in Singapore

'ATM, UPI service affected': Ransomware attack on service provider hits 300 small banks across India

Australian engineering firm confirms RansomHub ransomware attack

Average cost of an Australian data breach hits AUD $4.26 million

Canadian Government Opens Investigation of Ticketmaster Breach

China-based Evasive Panda hackers compromised an ISP to spread malware, report says

Cloudflare’s free tunnels plagued by RATs and other malware, researchers warn

‘Comrades in Crime’ - New Research Shows Russian-Speaking Actors Account for Most Ransomware Crypto Attacks

Cryptonator founder indicted after platform found handling $235 million in illicit funds

Cryptonator seized for laundering ransom payments, stolen crypto

Cybercriminals Abusing Cloudflare Tunnels to Evade Detection and Spread Malware

Dark Web Actor Claims ADT Data Breach; Company Aware and Investigating Incident

Deepfakes, crypto hoax, phishing and love scams: how Hongkongers paid HK$9.18 billion to fraud

DeFi protocol removed an important line of code that led to a $212K hack

Environmental Protection Agency (EPA) Told to Address Cyber Risks to Water Systems

Exodus Marketplace Returns: A New Power Player in the Illicit Online Economy

Fake AI editor ads on Facebook push password-stealing malware

Federal Trade Commission (FTC) and Justice Department sue TikTok over alleged child privacy violations

Five Chinese nationals arrested by feds for 'massive' elder fraud scheme

Google explains how Android fights back against SMS phishing and data theft

Hacker Steals $210,000 in CVG Tokens from Convergence

Hackers Allegedly Targeted Czech Organizations After Defense Minister Statement

Hackers directly email customers of immigration firm after damaging cyberattack

Hackers stole personal data of over 100,000 United of Omaha's insurance customers

Healthcare Sector Preparedness: The Critical Role of CTOs in Cyber Defense

How the theft of 40 Million UK voter register records was entirely preventable

How to Stay Secure Amid the Rise of Ransomware

India: Bengaluru man loses Rs 95,000 to phishing scam while applying for car number plate; police investigate

India: Co-op Banks Digital Services Restored After Cyber Attack

India: National Payments Corporation of India (NPCI) re-establishes connectivity with C-Edge after ransomware attack

India: National Payments Corporation of India (NPCI) Restores UPI, ATM Services After Ransomware Attack On Banks - What Happened

India: UPI, ATM services resume for 300 small banks as National Payments Corporation of India (NPCI) restores network after ransomware attack

Iranian Internet Attacked by Israeli Hacktivist Group

Israeli hacker group takes responsibility for reported collapse of Wi-Fi in Iran

Justice Department sues TikTok for alleged violations of children’s privacy

KozSec Allegedly Targeting Ukraine and Supporting Russia

Law firms facing “astronomical ransom demands” from cyber-attackers

Malaysia introduces data breach notification system to combat scams

Malaysia launches data breach alert system in fight back against scammers, hackers

McDowall Affleck Confirms ‘Cyber Incident’ After RansomHub Claims Access to 470GB Data

Millions of US Voter Data Exposed in 13 Misconfigured Databases

Mirai Botnet targeting OFBiz Servers Vulnerable to Directory Traversal

Mississippi Blood Services seeks new donations after partner organization suffers ransomware attack

National Cyber Security Centre (NCSC) Unveils Advanced Cyber Defence 2.0 to Combat Evolving Threats

Navigating Indispensable Cybersecurity Practices for Hybrid Working Professionals

New CRYPTOKAT Ransomware Released

New Panamorfi DDoS Attack Exploits Misconfigured Jupyter Notebooks

New Windows Backdoor BITSLOTH Exploits BITS for Stealthy Communication

Northern Ireland: Department of Education probes data breach over Northern Ireland special education spreadsheet

OneBlood investigates cyber attack, Southeastern locations affected

OneBlood says ransomware attack impacted online operations and blood collection

Optus and Medibank Data Breach Cases Allege Cyber Security Failures

Organisations urged to take a proactive approach to ransomware threats

Organizations fail to log 44% of cyber attacks, major exposure gaps remain

Pharma giant Cencora is alerting millions about its data breach

Ransomware attacks on many banks in India are now causing issues

Ransomware campaign encrypts OneBlood virtual machines

Ransomware Group Attempts To Auction Stolen Columbus Data

Ransomware seizes hospitals' blood supply

Record-breaking $75 million ransom paid to cybercrime group

Scammers now impersonating crypto exchanges to get access to your accounts, FBI warns

Security leaders respond to HealthEquity data breach

Singapore cyber-crime trend: Fewer phishing e-mails but more AI-sharpened language

SN_BLACKMETA Group Claims DDoS Attack on Europol’s Website

Social Media Firms Fail to Protect Children’s Privacy, Says Information Commissioner’s Office (ICO)

South Korea: Shoppers, beware - New phishing scam targets victims of Qoo10 refund disaster

Superior Court of Justice of Mexico City Allegedly Breached

Thousands of Ubiquiti cameras and routers vulnerable, despite patches available

U.S. Releases High-Profile Russian Hackers in Diplomatic Prisoner Exchange

UK Data Breach Costs Soar To £3.58M: Financial Services Hit Hardest

US City of Columbus, Ohio claimed in Rhysida ransomware attack

US sues TikTok for collecting mass data on kids 13 and under

US sues TikTok for violating children privacy protection laws

What is a ransomware attack and how can you avoid it?

What Went Wrong with WazirX? Unraveling India’s biggest crypto hack

White House officials meet with allies, industry on connected car risks

1st August

5 Essential Steps to Secure Biometric Systems Against Emerging Cyber Threats

$75 Million Record-Breaking Ransom Paid To Cybercriminals, Say Researchers

300 Small Indian Banks Hit By Ransomware Attack, Payment Systems Temporarily Shutdown

A ransomware attack at OneBlood is delaying blood distribution to hospitals

A ransomware attack is impacting Florida's OneBlood

Acadian Ambulance Services Leaks Protected Health Information After Cyber Attack

AI-generated emails make up 40% of BEC lures, security firm says

Airlines are flying blind on third-party risks

Average cost of healthcare data breach nearly $10M in 2024

Black Basta Develops Custom Malware in Wake of Qakbot Takedown

Blood Donation Nonprofit OneBlood Hit With Ransomware Attack

Business Email Compromise (BEC) Attacks Surge 20% Annually Thanks to AI Tooling

C-Edge Ransomware Attack: National Payments Corporation of India (NPCI) Restores UPI Services For Impacted Banks

Cencora Confirms Patient Data Stolen in Cyber-Attack

Cencora confirms patient health info stolen in February attack

Cencora drug company admits more health data stolen in February hack

China dismisses Germany’s accusations over cyberattack as ‘targeted defamation’

Chinese Hackers Targeted Taiwanese Research Institute with ShadowPad and Cobalt Strike

City of Columbus confirms a major ransomware attack on internal systems

Clearwater cybersecurity firm accidentally hires North Korean hacker, issues warning

Columbus cyberattack potentially hits police officers' personal bank accounts, credit cards

Columbus investigating potential data leak after ransomware attack

Columbus offers credit monitoring services after employee data exposed in cyberattack

Columbus thwarts ransomware attack on IT infrastructure

Convergence Protocol Collapse: CVG Token Plummets 99% After Hacker Attack

Cyber attack on technology provider to nearly 300 small banks in India

Cyber attack on Zeroed-In Technologies compromised business clients' data

Cybersecurity: How to avoid getting hacked

Cybersecurity experts reveal what exactly happened in the ransomware attacks that took down 300 banks

DarkMeta Allegedly Targeted Israeli Organizations

Data breach costs in India at all-time high in 2024

DDoS attacks may target election infrastructure, FBI warns

Digital payment services restored of around 300 small banks affected due to ransomware attack; check details here

Disruptive Ransomware Attack Impacts OneBlood

E-Commerce Fraud Campaign Uses 600+ Fake Sites

Ekatena Mexico Allegedly Breached 375k Files For Sale

Employees at Dell, AT&T, Verizon, Capital One, and other companies exposed via popular office app

Ever More Toxic Ransomware Brands Breed Lone Wolf Operators

Facebook Ads Lead to Fake Websites Stealing Credit Card Information

FBI and CISA Issue Urgent Warning: DDoS Attacks Could Disrupt 2024 US Election Infrastructure

FBI warns of scammers posing as crypto exchange employees

Federal Agencies Say Cyber Attack Could Hinder Public Access to Election Info, Not Election Itself

From data theft to ransomware: threats and protection in the financial sector

Gaming Industry Faces 94% Surge in DDoS Attacks

Germany Attributes 2021 Attack On Federal Cartography Agency To China

Germany blames China for major 2021 cyber attack on cartography agency

Global data breach costs ‘rise by 10%’, finds IBM study

Google being impersonated on Google Ads by scammers peddling fake Authenticator

Google explains how Android protects you against phishing attacks

Google Chrome Adds App-Bound Encryption to Protect Cookies from Malware

Grandoreiro Malware: Spear Phishing, Outlook Exploits, and More

Hackers abuse free TryCloudflare to deliver remote access malware

Hackers Distributing Malicious Python Packages via Popular Developer Q&A Platform

Hackers take credit for Columbus ransomware attack, request $1.9 million in Bitcoin

HealthEquity Data Breach Affects 4.3M Customers

Human error and Business Email Compromise (BEC) are a prominent sources of payment fraud

India: Biggest cyber attack on bank payment system, work halted in 300 banks of the country

India: National Payments Corporation of India (NPCI) Connectivity With C-Edge Technologies Restored After Ransomware Attack

India: National Payments Corporation of India (NPCI) Isolates C-Edge Technologies Following Ransomware Attack on Payment Systems

India: National Payments Corporation of India (NPCI) re-establishes connectivity with C-Edge after ransomware attack

India: National Payments Corporation of India (NPCI) reestablishes connectivity with C-Edge following ransomware attack

India: Restoration of Banking Services After National Payments Corporation of India (NPCI) Ransomware Attack Resolution

India: UPI Operations Affected As a Local Bank Tech Service Provider Faces Ransomware Attack

Jailed cybercriminals returned to Russia in historic prisoner swap

Kim Jong Un Now has a Cyber Army of 8,400 Hackers, South Korean Intelligence Reportedly Said

Law firm investigates class action lawsuit regarding Intel's CPU issues

LockBit Ransomware: Two Russians Plead Guilty For Attacks

Meta settles Texas facial recognition suit with $1.4 billion deal

Miami hospital sets up blood drive day after OneBlood ransomware attack

Microsoft confirms Azure, 365 outage linked to DDoS attack

Microsoft Confirms Global Azure Outage Caused by DDoS Attack

Microsoft OneDrive Phishing Scam: How to Protect Yourself?

Mining Giant Fresnillo Confirms Cyber Security Incident: Operations Continue Normally

National Football League (NFL) to roll out facial authentication software league-wide

Nearly Every Large Healthcare Organization Uses Microsoft Active Directory: Here’s How to Secure It to Safeguard Against Escalating Ransomware Attacks

New Android Banking Trojan BingoMod Steals Money, Wipes Devices

New Android RAT BingoMod Exploits Accessibility Services To Steal Money and Wipe Data

New BingoMod Android Malware Posing as Security Apps, Wipes Data

New Hampshire, Texas, and Oregon Healthcare Providers Fall Victim to Ransomware Attacks

New “Sitting Ducks” DNS Attack Lets Hackers Easy Domain Takeover

North Korean hacker tries to access KnowBe4, security leaders react

OneBlood continues investigation into ransomware event, local hospitals monitoring blood supply

OneBlood hit with ransomware attack, state of donors' data unknown

OneBlood Target of Ransomware Event; Blood Community Rallies to Help as Urgent Call for Donors is Issued

Ongoing DEV#POPPER malware campaign expands targeting

Over 1 Million Domains at Risk of 'Sitting Ducks' Domain Hijacking Technique

Over 300 Indian banks suffer payment disruption from ransomware attack

Pharma Giant Cencora confirmed the theft of personal and health information

Pharma giant Cencora says personal health data leaked during February cyber incident

RansomEXX Group Targets Indian Banking With New Tactics

Ransomware Attack Disables Computers at Blood Center Serving 250 Hospitals

Ransomware Attack Disrupts ATM and UPI Services for 300 Small Banks Across India

Ransomware Attack Disrupts Services Of 300 Small Indian Banks

Ransomware attack forces hundreds of small Indian banks offline, sources say

Ransomware group auctioning stolen Columbus government data on dark web for $1.9 million

Ransomware group claims Columbus attack, selling 6 terabytes of passwords and more

Ransomware Hits Blood Center Serving 250+ Hospitals In Southeast U.S.

Resolian Notifies Consumers of Data Breach Following Compromised Email Accounts

Rhysida ransomware group takes credit for Columbus cyberattack, auctions stolen data

Russian hacker convicted in Seattle was part of historic prisoner swap

Scam Platform Shut Down by UK Authorities After 1.8 Million Fraudulent Calls

Security leaders respond to a sophisticated SMS stealing campaign

Shield Your Bank: A Comprehensive Guide to Attack Surface Management

Sitting Ducks DNS attacks let hackers hijack over 35,000 domains

Small Indian banks back online after ransomware attack, payments authority says

StackExchange abused to spread malicious PyPi packages as answers

Suspects in 'Russian Coms' spoofing service arrested in London, as National Crime Agency (NCA) announces takedown

Taiwan government-backed research organization targeted by APT41 hackers

Tech support scam ring leader gets 7 years in prison, $6 Million fine

The real cost of a cyber-attack: Looking beyond the figures

This Android SMS phishing campaign steals your money AND wipes your data

Threat Actor Claims to Leak ADT Data Containing Over 30,000 Records

Threat Actor Claims to Sell VPN Access to $20 Billion Taiwanese Electronics Company

Threat intelligence: A blessing and a curse?

Top blood donation service hit by ransomware attack, tells hospitals to activate critical shortage alerts

UK takes down major 'Russian Coms' caller ID spoofing platform

Understanding and Preventing Phishing Attacks

US: Cyberattack delays blood deliveries to hospitals in Southeast

US releases Russian hackers and spies as part of prisoner swap

Venezuelan Military Allegedly Breached

White House Confirms Russia-U.S. Prisoner Swap that Likely Included Hackers and Spies

Who is Dmitry Khoroshev, the most wanted hacker in the world who attacked Spain?

Why CISOs face greater personal liability

Widespread OTP-Stealing Campaign Targets Android Users

Will the public nature of ransom payments change CISO strategy over whether to pay?

31st July

AI-powered 'narrative attacks' a growing threat: 3 defense strategies for business leaders

AirsoftC3 Allegedly Suffered Data Breach

Analysis of Top Infostealers: Redline, Vidar and Formbook

Argentina Citizen Data Allegedly Leaked

Arrests Spark Surge in Cyber Attacks on Spanish Organizations

Australian Organisations Experiencing Highest Rate of Data Breaches

BangBros unzipped: 12 million records laid bare, users exposed

Bumble and Hinge allowed stalkers to pinpoint users’ locations down to 2 meters, researchers say

Chinese Hackers Target Japanese Firms with LODEINFO and NOOPDOOR Malware

CISA and FBI: DDoS attacks won’t impact US election integrity

CISA, FBI warn of potential DDoS attacks on 2024 elections

Cost of a Data Breach Surges 10% on Shadow Data Challenge

Cost of Data Breach on Average Reaches $4.9 Million

Cyber Espionage Group XDSpy Targets Companies in Russia and Moldova

Cyber exploit activity increased 21% in Q2 2024

Cybercriminals Deploy 100K+ Malware Android Apps to Steal OTP Codes

DDoS Attack Triggers New Microsoft Global Outage

Email Attacks Surge, Ransomware Threat Remains Elevated

Fraud ring pushes 600+ fake web shops via Facebook ads

Germany summons Chinese ambassador over cyberattack on cartography agency

Global SMS Stealer Targeting Android Users via Malicious Apps and Ads

Google ads push fake Google Authenticator site installing malware

Greek prosecutor says government played no role in civil society spyware infections

Meta Settles for $1.4 Billion with Texas Over Illegal Biometric Data Collection

Meta to Pay Texas $1.4bn for Unlawful Biometric Data Capture

Microsoft: DDoS Attack on Azure Services Exacerbated by Defense Error

Microsoft: DDoS defense error amplified attack on Azure, leading to outage

Microsoft says massive Azure outage was caused by DDoS attack

Microsoft Says Ransomware Groups Are Exploiting the Newly-Patched VMware ESXi Flaw

Microsoft Services Hit by Cyberattack, Amplifying Outage Impact Across Multiple Platforms

Millions of websites are sitting ducks for hijackers using unresolved method

New Android malware wipes your device after draining bank accounts

New PyPI Package Zlibxjson Steals Discord, Browser Data

New SMS Stealer Malware Targets Over 600 Global Brands

North Korea-Linked Malware Targets Developers on Windows, Linux, and macOS

OneBlood's virtual machines encrypted in ransomware attack

OneDrive Phishing Campaign Attempts To Tricks Users To Execute PowerShell Script

Phishing Attack Steals Donations from Trump Voters Using Fake Websites

Ransomware attack on major US blood center prompts hundreds of hospitals to implement shortage protocols

Ransomware Payments Hit New High as Threats Escalate: $75 Million Paid by Single Company

Ransomware Strikes U.S. Non-profit Blood Center ‘OneBlood’

Researchers Uncover Largest Ever Ransomware Payment of $75m

Reserve Bank of India (RBI) Tightens Noose on Digital Payments: New Rules for Non-Bank Payment System Operators

Rhysida Ransomware Group Allegedly Breached Sensitive Data of City of Columbus, Ohio

SMS Stealer malware targeting Android users: Over 105,000 samples identified

Suspect identified in Sydney Sweeney's SIM swap-enabled hack

Third-party ransomware attack forces 300 Indian banks offline

Threat Actor Claims to Sell Users Data of EgBill India

Urgent Blood Appeal Issued in US After Ransomware Attack

Virtual machines at risk as ransomware gangs exploit dangerous VMware vulnerability

Western Sydney University (WSU) Data Breach Impact Grows, Sensitive Information Exposed

World leading silver producer Fresnillo discloses cyberattack

30th July

$75 Million Ransom Paid to Dark Angels Ransomware Group

An 18% Increase in Ransomware Attacks Includes $75M Payment

Analyzing ‘EchoSpoofing’: How Cybercriminals Exploited Proofpoint to Send Millions of Phishing Emails

Average data breach cost jumps to $4.88 million, collateral damage increased

Black Basta ransomware switches to more evasive custom malware

CISA warns of VMware ESXi bug exploited in ransomware attacks

Columbus investigates whether data was stolen in ransomware attack

Cost of a breach reaches nearly $5 million, with healthcare being hit the hardest

Critical Sectors at Risk: India Reports 593 Attacks in the First Half of 2024

Critical ServiceNow vulnerabilities being targeted by hackers, cyber agency warns

CrowdStrike: Lessons on the Importance of Contracts, Insurance and Business Continuity

Cybercriminals Target Polish Businesses with Agent Tesla and Formbook Malware

Cyepro Solutions Allegedly Breached

Dark Angels ransomware receives record-breaking $75 million ransom

Data Breach Cost Nears $5 Million, But AI and Automation Help

ESXi environments targeted with new Linux variant ransomware strain

Financial Stability: CFOs Leveraging Threat Intelligence

Gold rush for data: Paris 2024 Olympic apps are eavesdropping on users

Google Chrome adds app-bound encryption to block infostealer malware

Google Workspace Authentication Vulnerability Allowed Thousands of Emails to be Compromised

Google Workspace Vulnerability Allowed Hackers to Access 3rd-Party Services

Hacker Scrapes and Publishes 100,000-Line CrowdStrike IoC List

HealthEquity Breach Hits 4.3 Million Customers

HealthEquity data breach affects 4.3M people

How PHP Vulnerability Leads to DDoS and Malware Attack?

Information Commissioner’s Office (ICO) Slams Electoral Commission for Basic Security Failings

Insecure file-sharing practices in healthcare put patient privacy at risk

Just One in 10 Attacks Flagged By Security Tools

Massive Data Leak from Mykukun Allegedly Breached by IntelBroker and EnergyWeaponUser

Massive SMS stealer campaign infects Android devices in 113 countries

Meta to pay Texas $1.4 billion to settle lawsuit alleging it illegally captured users’ faces

Meta Will Pay Record $1.4 Billion to Settle Texas Facial Recognition Lawsuit

Meta will pay Texas $1.4B in settlement over facial recognition software

Millions of Spoofed Emails Bypass Proofpoint Security in Phishing Campaign

New Mandrake Spyware Found in Google Play Store Apps After Two Years

New SideWinder Cyber Attacks Target Maritime Facilities in Multiple Countries

New Variant of Mandrake Spyware Found in Google Play Apps

New version of sophisticated spyware remained undetected on Google app store for two years

OneDrive Phishing Scam Tricks Users into Running Malicious PowerShell Script

Ransomware Attacks Are Attracting Record Payouts in Australia. Should You Pay the Ransom?

Record-breaking $75M ransom paid to Dark Angels gang

Researchers find new way to steal tokens using cross-site scripting and OAuth

Russia, Moldova targeted by obscure hacking group in new cyberespionage campaign

Saudi FarmGo App Allegedly Breached

Securing remote access to mission-critical OT assets

Security flaws at UK elections agency left door open for Chinese hackers, watchdog finds

Security oversight exposes 40 Million UK voters’ records

Sophisticated Phishing Campaign Targets Microsoft OneDrive Users

Stolen GenAI Accounts Flood Dark Web With 400 Daily Listings

Superior Court of Los Angeles County closes after ransomware attack

Telegram-Controlled TgRat Trojan Targets Linux Servers

The Power and Peril of Remote Monitoring and Management (RMM) Tools

Threat Actor Claims to Sell Bausch Health Data, Including 1.6 Million DEA Numbers

Threat Intelligence Visibility for CEOs: A Roadmap to Strategic Defense

U.S. Court Slashes $78M Lawyers’ Fee in T-Mobile Data Breach Settlement

UK government links 2021 Electoral Commission breach to Exchange server

Unidentified Group Claims Access to Spain’s Pipeline Systems, Warns of Potential Destruction

VMware ESXi auth bypass zero-day exploited by ransomware operators (CVE-2024-37085)

VMware ESXi Flaw Exploited by Ransomware Groups for Admin Access

29th July

4.3 Million Individuals Affected by HealthEquity Data Breach

24-Year-Old UK Hacker Sentenced to 3.5 Years in Prison For $900K Coinbase Scam

After global Windows outage, Crowdstrike users now face phishing attacks

Android spyware 'Mandrake' hidden in apps on Google Play since 2022

Australian Financial Complaints Authority (AFCA) updates on Latitude Financial Group cyber-attack

Casper Network Pauses Operations After Cyberattack: What You Need to Know

Catholic priest sues Grindr after data sale outed him

CERT-In says global outage being leveraged to launch phishing attacks against CrowdStrike users

CERT-In warns of phishing campaign targeting CrowdStrike users after Microsoft outage: How to stay safe online

Chrome now asking for ZIP archive passwords to help detect malicious files

CISO’s Guide to Telecom Security: Combatting Cyber Threats with Modern Intelligence

City Of Cold Lake Starts Recovery Process After Cyber Attack

Coinbase hacker jailed 3.5 years for stealing from over 500 users

Coinbase Phishing Scammer Faces Jail Term In UK

Critical Acronis Cyber Infrastructure vulnerability exploited in the wild (CVE-2023-45249)

Critical Flaw in Acronis Cyber Infrastructure Exploited in the Wild

Data Breach: US Banker Drains $2.3 Million From Customers Accounts

Data breach at Singaporean software firm impacted over 128,000 individuals

Dispossessor Ransomware Group Claims to Hack of Education and HealthCare Organizations

Enhancing threat detection for GenAI workloads with cloud attack emulation

ESXi environments targeted with new Linux variant ransomware strain

European Parliament member claims he was targeted by dangerous spyware

Fighting Fire with Fire: Using AI to Thwart Cybercriminals

French E-Commerce Website Allegedly Breached

Gh0st RAT Trojan Targets Chinese Windows Users via Fake Chrome Site

Hacker gets 3.5 years prison for $900K Coinbase login scam

Hallucination Control: Benefits and Risks of Deploying LLMs as Part of Security Processes

HealthEquity: 4.3 Million People Affected by Data Breach

HealthEquity reveals breach affected over four million people

HealthEquity says data breach impacts 4.3 million people

Hotjar, Business Insider Vulnerabilities Expose OAuth Data Risks

How France is Protecting the 2024 Olympics from Unprecedented Cyber-Attacks

Hundreds of PC models vulnerable to boot-level attacks after vendors copypaste “secret” keys

India: Government Warns Of Phishing Attack Targeting CrowdStrike Users

India’s Average Data Breach Cost $2.18 Million in 2023

India's average data breach cost topped $2 million in 2023

India's average data breach costs hit $2.18 million in 2023, up 28% since 2020

India's data breach costs surge to $2.18 million in 2023

Less Than Half of European Firms Have AI Controls in Place

Malaysian Digital Ministry To Bolster National Cybersecurity Frameworks with Data Commission

Mandrake Spyware Infects 32,000 Devices Via Google Play Apps

Microsoft 365 users targeted by phishers abusing Microsoft Forms

Microsoft outage aftermath: Block these websites now to avoid phishing attacks

New Jersey dental care practice says data breach impacted close to 75,000 patients

New Phishing Campaign Targets iPhone Users in India with India Post Lures

New Specula tool uses Outlook for remote code execution in Windows

North Korean Hacker Charged for 2022 Ransomware Attacks on US Hospitals, Data Theft From US Military

North Korean Hackers Target USA Critical Infrastructure and Military Bases

Northern Ireland: Man arrested in connection with PSNI data breach

Northern Ireland: Man in Derry arrested over probe into PSNI data breach

Pro-Ukrainian hackers claim attack on Russian cyber company

Proofpoint Email Routing Flaw Exploited to Send Millions of Spoofed Phishing Emails

Proofpoint settings exploited to send millions of phishing emails daily

Quad Talks Forge New Frontiers in Maritime Security and Cyber Defense

Ransomware Actors Exploit VMware ESXi Hypervisor Bug

Ransomware and email attacks are hitting businesses more than ever before

Ransomware attacks at all-time high, hackers have businesses, tech giants in crosshairs

Ransomware attacks directed at the Olympic ‘inevitable’

Ransomware gangs exploit VMware ESXi auth bypass in attacks

Ransomware group Cicada3301 claims responsibility for Tri-Star Display data breach

Researchers Study Evolution of Ransomware Gang UNC4393’s Campaigns After QAKBOT Takedown

Russia-Backed Brute-Force Campaign Targets Microsoft Infrastructure in EU

Scammers Exploit CrowdStrike Users Post-Outage; Indian Government Issues Phishing Alert

Security flaws discovered in a popular web analytics provider

Security vendor alarmed at Australian SMBs' willingness to pay ransomware criminals

South Korea Confronts Major Data Breach from Military Intelligence Command

'Stargazer Goblin' Creates 3,000 Fake GitHub Accounts for Malware Spread

Tenable warns of cyber-attack risks for Paris Olympics 2024 sponsors

The cost of cybersecurity burnout: Impact on performance and well-being

The Impact of Cyber Attacks on Reputation

U.S. State Department: UN cybercrime treaty must include human rights protections

uBook Database Allegedly Leaked

UK-Based Coinbase Hacker Sentenced to 42 Months in Jail

Ukraine Claims Cyber Attack Disrupted Russian ATMs and Banking System

Unveiling the Stargazer Goblin: A Closer Look at the Stargazers Ghost Network’s $100,000 Malware Operation

US Crypto Exchange Gemini Reveals Breach

UsDoD Allegedly Published CrowdStrike IoC List

USDoD Offers Over 330 Million Emails Allegedly Scraped from Socradar.io for Sale

Walmart Discovers New PowerShell Backdoor Linked to Zloader Malware

What Every Business Needs to Know About Ransomware

Why a strong patch management strategy is essential for reducing business risk

Why Biometrics are Key to a Safe Paris Olympics

XSS and OAuth Combo Threatens Millions of Users Due to Hotjar Flaw