Editor's Message

Welcome to DBD. On March 8th we celebrated our 4th Anniversary and the 1st Anniversary of our PRiSM application, officially endorsed by the SANS Institute. Despite recent personal issues that have impacted the amount of time I have been able to dedicate to both projects, I have been doing my best to keep everything as up-to-date as possible, and I would like to take this opportunity to thank everyone for their patience and support whilst I navigate through this very difficult time. Stay safe. :)



Wednesday 28 August 2024

Ransomware Operator Claims - Week 34 2024

Welcome to last week's ROC Report, an exclusive summary of Ransomware Operator's global victims that were claimed during the period between 19th August and 25th August 2024, kindly assisted by our partners.

For further analysis on these (and any historic) Ransomware Operator Claims, including the Victim Names and Industry Sectors attacked, please use our PRiSM application.

Download PDF



Data Source: Data Breaches Digest. Flag Icons created by Freepik and provided by Flaticon.


Monday 26 August 2024

Data Breaches Digest - Week 35 2024

Welcome to this week's Data Breaches Digest, a catalogue of links concerning Data Breaches and Cyber Security that were published on the Internet during the period between 26th August and 1st September 2024.


1st September

7 password rules to live by in 2024, according to security experts

A Threat Actor Alleged 0-Day Vulnerability in Popular WordPress Plugin

Cicada3301 ransomware’s Linux encryptor targets VMware ESXi systems

Class action filed after Kootenai Health data breach

Crypto losses to hacks exceed $313M in August

Hackers Steal $313.86M in Cryptos Across Over 10 Incidents in August

Names, payment and other customer details of this condom maker may have leaked

Phishing campaign delivers Android banking malware for fraudulent transactions

31st August

Authority of Information Security (AIS) warns of rise in the number of ransomware attacks

Columbus Judge Issues Restraining Order Against Cybersecurity Expert

Columbus judge sues researcher for disclosing true impact of ransomware attack

Delhi Police busts inter-State phishing racket after Army man defrauded of ₹3 lakh

FBI Issues Urgent Ransomware Attack Warning - Do These 3 Things Now

GitHub comments abused to push password stealing malware masked as fixes

Iranian State-Actors Aid Ransomware Gangs in campaigns Against Israel

Massive Data Breach Raises Questions About Data Brokers' Security Practices and Responsibility

Microsoft Flags North Korean Hacker Targeting Crypto Users on Chromium

Missing Guardrails, a Troubling Trend in Data Protection

Modern Strategies for IoT Device Fingerprinting

New Voldemort Malware Uses Google Sheets to Target Key Sectors Globally

North Korean Hackers Deploy FudModule Rootkit via Chrome Zero-Day Exploit

Northern Ireland: Police Ombudsman statement after staff members details released in data breach

Northern Ireland: Staff anger as details of 160 current and former Police Ombudsman workers released in data breach

Northern Ireland's Police Ombudsman apologises over data leak

Patients Sue Upper West Side Senior Center After Cyber Attack Exposes 100,000+ Records

Researchers Track ManticoraLoader Malware to Ares Malware Developer

Unauthorized Access to Global Educational Services Leader Allegedly Offered for Sale by IntelBroker

30th August

8 Things To Do When You Get a Notice About a Data Breach

42% of Large-Scale Email Attacks Involve Lateral Phishing

A macro look at the most pressing cybersecurity risks

Agencies alert health sector of Iranian and Russian cyber threats

As Data Breach Costs Soar, Healthcare Organizations Must Double Down on these Security Non-Negotiables

Atlassian Confluence Vulnerability Exploited in Crypto Mining Campaigns

Barrie health team patient information compromised in data breach, email states

BlackByte ransomware returns with new tactics, targets VMware ESXi

Brain Cipher claims responsibility for cyberattack on French National Museums

Breaking Down Active Directory Certificate Services (AD CS) Vulnerabilities: Insights for InfoSec Professionals

Chevrolet dealership duped by hacker into selling $70K car at criminally low price

CISA Launches New Cyber Incident Reporting Portal for Easier Incident Reporting

CISA, FBI, partners issue joint advisory on RansomHub ransomware threat to critical infrastructure sectors

City of Columbus sues man after he discloses severity of ransomware attack

Columbus Secures Restraining Order Against Suspect in Ransomware Data Leak

Communication Federal Credit Union Notifies Customers of Recent Data Breach

Construction is third most targeted sector by ransomware

Consumers Association of Singapore (CASE) 'committed' to safeguarding consumers' data, after S$20,000 fine over breaches

Consumers Association of Singapore (CASE) fined SG$20,000 for personal data breach

Critical Vulnerabilities in Progress Software’s WhatsUp Gold Expose Systems to Severe Risks

Cyber threats that shaped the first half of 2024

Cyberattackers Exploit Google Sheets for Malware Control in Likely Espionage Campaign

Cyberespionage Threat: APT-C-60 Targets East Asia with SpyGlace

Cyber-attack targets Keene School District, $2.1 million stolen

Data Breach at Public Agency Retirement Services (PARS) Impacts an Unknown Number of Consumers

Data breach hit pharmacy in Dubuque

DICK’S Sporting Goods Confirms Reports of Cyberattack, Raising Concerns of Possible Data Breach

Don’t Wait for the Next Big Data Breach to Freeze Your Credit

Durex India Data Breach Exposes Thousands of Customers’ Intimate Details

Durex India’s Security Lapse Reveals Personal Data of Customers

Email Scams Continue to Trick Taxpayers

Emulating the Extortionist Mallox Ransomware

Experts urge caution after data breach reveals sensitive information

FBI Issues Urgent Ransomware Attack Warning - Do These 3 Things Now

FBI reports RansomHub ransomware compromises 210 victims since February

FBI Warns of RansomHub: Over 200 Victims Targeted

Forescout publishes 2024H1 Threat Review Report

Former Polish Deputy Minister Charged with Misuse of Funds to Buy Pegasus Spyware

Fota Wildlife Park Confirms Cyberattack, Investigates Data Exposure

Fota Wildlife Park cyberattack triggers urgent warning for visitors

Fota Wildlife Park hit by cyberattack; customers urged to cancel credit cards

Governments need to beef up cyberdefense for the AI era - and get back to the basics

Growing backlash from law enforcement as National Football League (NFL) asks officers to submit to face scans

Help Secret Service Find This Hacker And You Could Score A $2.5M Bounty

Here’s the most profitable crypto scam, according to new report

How RansomHub went from zero to 210 victims in six months

Iranian Hackers Attacking US Organizations To Deploy Ransomware

Iranian Hackers Set Up New Network to Target U.S. Political Campaigns

Iranian hackers work with ransomware gangs to break into companies via VPN and firewall tools

Ireland: National Cyber Emergency Plan draws on lessons learned from HSE ransomware attack

Labor Day travelers urged to take precautions as Seattle airport struggles with cyberattack effects

Lakeland’s Watson Clinic notifies patients about January data breach

Malicious North Korean packages appear again in open source code repository

Massive Mirai Botnet Exploited Zero-Day Vulnerability in AVTECH Cameras

National Public Data (NPD) Data Breach Victims Speak Out: ‘AI Scammers Attacked Us’

New Cyberattack Targets Chinese-Speaking Businesses with Cobalt Strike Payloads

New Malware Masquerades as Palo Alto VPN Targeting Middle East Users

New Phishing Method Target iCloud Accounts of Crypto Investors

New Voldemort malware abuses Google Sheets to store stolen data

Norfolk farm hit by cyber attack

North Korean hackers exploit Chrome zero-day to deploy rootkit

North Korean hackers exploited Chrome zero-day to steal crypto

North Korean Hackers Exploited Chromium Zero-Day to Deploy Rootkit

North Korean Hackers Target Developers with Malicious npm Packages

Oil Giant Halliburton Hit by Cyber Attack Disrupting Operations Across Numerous Locations

Partly Dutch hacker group earns well from deepfake scams

Pavel Durov’s arrest may prompt other tech CEOs to ask: am I next?

Published Vulnerabilities Surge by 43%

Radiological Society of North America Data Breach Impacts an Unknown Number of Members

Radware Report Surfaces Increasing Waves of DDoS Attacks

RansomHub hits 210 victims in just 6 months

Ransomware attacks in the education sector above average

Ransomware feared in the cyberattack on US oil services giant

Ransomware gangs of 2024: The rise of the affiliates

Ransomware group Brain Cipher take responsibility for French National Museum cyberattack

Ransomware newcomer RansomHub claiming one victim per day

Ransomware Reckoning – The New Bill Changes the Game

Researcher sued for sharing data stolen by ransomware with media

Researchers find SQL injection to bypass airport Transportation Security Administration (TSA) security checks

Researchers uncover ‘SlowTempest’ espionage campaign within China

Rural Hospitals Especially Vulnerable to Ransomware Attacks

Russian APT29 Using NSO Group-Style Exploits in Attacks

Russian Hackers Use Commercial Spyware Exploits to Target Victims

Russian state hackers using cyberweapons developed by Western spyware firms

Schools, colleges faced record-breaking year of ransomware attacks in 2023

Secret Service Puts $2.5 Million Bounty On Most Wanted Hacker’s Head

Specialty Networks Data Breach Affects 411,000 Patients

Strive Medical Files Notice of Data Breach Leaking Consumers Protected Health Information

Suspected North Korean hackers targeted crypto industry with Chromium zero-day

Telegram Founder’s Arrest Sparks Debate: Social Media, Freedom, and Russian Ties

The top 10 most-searched data security terms in the US: Can you define them?

Threat Actor Allegedly Selling Access for One of the Largest Holding Companies in Brazil

Ticketmaster Data Breach Notices Provide Customers Only Limited Fraud Protections

Toronto school board confirms students’ info stolen as LockBit claims breach

Trainee surgeon jailed for rape pleads guilty to data breach charges

Twitch’s Drop Ins Feature Turned On VTubers’ Cameras Without Consent

U.S. Agencies Sound Alarm on Rising Ransomware Attacks by Iranian Fox Kitten Group

UK law firms are facing a torrent of cyber threats – here’s why

US CERT Alert AA24-242A (RansomHub Ransomware)

US Government Issues Advisory on Ransomware Group Blamed for Halliburton Cyberattack

Warning to millions of Chrome, Safari users after Russian cyber attack

WellLife Network Provides Notice of Data Breach

Western Electrical Contractors Association Data Breach Leaks the Personal Information of 35,290

Year-Long Malware Campaign Exploits NPM to Attack Roblox Developers

Young Consulting discloses massive data breach

29th August

2.5 Million Reward Offered For Cyber Criminal Linked To Notorious Angler Exploit Kit

42% of targeted email attacks against larger companies involve lateral phishing

76% of MSPs faced an infrastructure cyberattack in last 12 months

A third of companies hit by data breach amid rising concerns

A Threat Actor Alleged Data Breach of Federación Española de Balonmano

Alleged Access For Sale to 4 Healthcare Facilities

AMD hit by second cyberattack in six months

Attackers exploiting trust in VPNs for phishing attacks

Auxilion survey reveals data loss and ransomware attacks among top cloud cybersecurity risks

BlackByte Adopts New Tactics, Targets ESXi Hypervisors

BlackByte Ransomware Exploits New VMware Flaw in VPN-Based Attacks

BlackByte ransomware still capitalizing on known VMware ESXi flaw

Breach exposed information of more than 500,000 credit union members

California passes landmark bill requiring easier data sharing opt outs for consumers

City asks for temporary restraining order against cyber expert amid ransomware hack

Cop jailed for selling crash victim data to ambulance-chasing attorneys

Cyber attack at Fota Wildlife Park as customers urged to check bank accounts and cancel cards

Cybersecurity Spending to Surge by 15% to $212 Billion in 2025

Data Firm Faces a Dozen Suits Over Social Security Number Leak

Data loss and ransomware attacks among top cloud cybersecurity risks

Data of 950,000 Users Compromised in BlackSuit Ransomware Attack

Deepfakes: Seeing is no longer believing

Dick’s Sporting Goods Confirms Data Breach: What We Know So Far

DICK'S Sporting Goods Locks Employee Accounts Following Data Breach

Dick's Sporting Goods reveals cyberattack, shuts down employee emails

EDR-killing capabilities added to PoorTry Windows driver

Essex school delays first day of term after cyber attack

Fake Palo Alto GlobalProtect used as lure to backdoor enterprises

Flying through Seattle’s hacked airport

Fota Wildlife Park in major cyber attack as customers who bought tickets urged to cancel bank cards

Fota Wildlife Park in process of contacting customers following cyber attack

Fota Wildlife Park Issues Update on Recent Cyber Attack: Online Transactions Compromised

Fota Wildlife Park issues warning to customers after being hit by cyber attack

Fota Wildlife Park warns visitors to cancel bank cards following cyber attack

France formally charges Telegram founder, Pavel Durov, over organized crime on messaging app

French Authorities Charge Telegram CEO with Facilitating Criminal Activities on Platform

Ghana: ECG lost nearly GH₵500 million due to ransomware attack

Google says Russian group targeted Mongolian government with exploits used by NSO Group

Hackers Calling Employees to Steal VPN Credentials from US Firms

Hackers Linked To Iran’s Republican Guards Ran Fake HR Firm To Trap Spies

Halliburton cyberattack linked to RansomHub ransomware gang

Helotes Authorities Alert Community to Rise in Social Media Phishing Scams Targeting Local Events

How Adversary-in-the-Middle (AitM) Phishing Attacks Bypass MFA and EDR - and How to Fight Back

Iran cyber operations exposed in reports from Google, Microsoft

Iranian APT caught acting as access broker for ransomware crews

Iranian APT Peach Sandstorm Deploys Custom Tickler Malware

Iranian State Hackers Team Up with Ransomware Gangs in Attacks on US

Iranian threat actors targeting businesses and governments, CISA, Microsoft warn

Irish wildlife park warns visitors to cancel bank cards after discovering cyberattack

IT Engineer Charged For Attempting to Extort Former Employer

Japan: Biggest non-life insurers hit by data breach involving up to 3 million customers

Kentucky inmates hack prison-issued devices in $1M digital heist

Kids Locked Out of School After Cyber-Attack

Labour has been reprimanded for a 2021 data breach. What about all the others?

Large or Small, Ransomware Attacks Impact Us All

Malware exploits 5-year-old zero-day to infect end-of-life IP cameras

McLaren Health Care restores network weeks after ransomware attack

MedicaMall Allegedly Breached by CyberNiggers, Customer Data Exposed

Microchip Technology attack admitted by Play ransomware gang

Microsoft Sway Abused By Threat Actors To Steal Login Credentials

Mid and South Essex selects SYNLAB for £900m pathology contract

Midnight Blizzard delivered iOS, Chrome exploits via compromised government websites

More than 650,000 education records exposed in the past 60 days

New Password Hacking Warning For Gmail, Facebook And Amazon Users

NHS staff mobile numbers revealed in data breach

North Korean Hackers Launch New Wave of npm Package Attacks

Old CCTV cameras provide a fresh opportunity for a Mirai botnet variant

Penalizing Hospitals Won’t Stop Ransomware: Why Collaboration, Not Fines, is Key to Healthcare Cybersecurity

Philippine National Police (PNP) anti-cybercrime agents nab 19 scammers, vloggers in Cavite

Phishing scam targets Hong Kong insurer

'Play' Ransomware Group Claims It Breached Microchip, Stole Secret Data

Popular South African online store hit by data breach

Port of Seattle Still Disrupted After Suspected Cyberattack

Quishing Campaign Abuses Microsoft Sway to Host Phishing Pages

RansomHub Exploiting RDP Services To Exfiltrate Large Volumes Of Data

RansomHub ransomware breached 210 victims since February

Ransomware attacks increasingly target ERP systems

Ransomware Gang Leaks Data Allegedly Stolen From Microchip Technology

Ransomware Reckoning - The New Bill Changes the Game

Researchers trace massive data leak to US data broker: why should you care

Russian APT29 hackers use iOS, Chrome exploits created by spyware vendors

Russian government hackers found using exploits made by spyware companies NSO and Intellexa

Russian Hackers Exploit Safari and Chrome Flaws in High-Profile Cyberattack

Russian State Hackers Using Exploits ‘Strikingly Similar’ to Spyware Vendors NSO and Intellexa

Scottish health boards hit by cyber-attack

Secret Service Puts $2.5 Million Bounty On Most Wanted Hacker’s Head

See If Your Social Security Number Is in the National Public Data Breach

Spain's Alcampo Acts Quickly To Mitigate Impact Of Cyber Attack

Summer visitors to Fota urged to cancel bank cards following cyber attack

Surge in New Scams as Pig Butchering Dominates

Tehran’s state-sponsored hackers helping cybergangs deploy ransomware

Texas credit union discovers year-old data breach

Text phishing scams are targeting Pennsylvania voters

The Iranian Regime Collaborates with Ransomware Criminals

The NIS2 Directive: How far does it reach?

The Philippines: Supreme Court (SC) validating report of data breach

The United States believes the Iranian government is now coordinating and partnering with ransomware criminals for international attacks

The unmasking of threat actor USDoD

Third-party risk management is under the spotlight

Threat actor lures victims to malware-laden VPN page via call, text

Threat Actor Offers Alleged Access to Large Israeli IT Company

Threat Actors Exploit Microsoft Sway to Host QR Code Phishing Campaigns

Town of Plymouth falls victim to cyber attack

U.S. Agencies Warn of Iranian Hacking Group's Ongoing Ransomware Attacks

Unpatched AVTECH IP Camera Flaw Exploited by Hackers for Botnet Attacks

Unpatched CCTV Cameras Exploited to Spread Mirai Variant

US agencies warn against ransomware group behind hundreds of attacks in recent months

US Marshals Service hit by second ransomware attack in two years

US Offers $2.5M Bounty to Nab Belarusian Hacker

US Sees Iranian Hackers Working Closely With Ransomware Groups

Vietnamese Human Rights Group Targeted in Multi-Year Cyberattack by APT32

Volt Typhoon Hackers Exploit Zero-Day Vulnerability in Versa Director Servers Used by MSPs, ISPs

Voting-Related Phishing Scam Strikes Montco Weeks Before Election

Vulnerable VMware ESXi Instances Subjected to BlackByte Ransomware Intrusions

Where to Start With Cyber Security Risk Management

28th August

1 million files breached in Park’N Fly cyber attack

950,000 Impacted by Young Consulting Data Breach

A million airport parking customers affected in huge data breach

A phishing scam is targeting some Pennsylvania voters. Here’s what to know

A Third of Firms Are Paying Their Ransomware Attackers

Almost a million affected by Young Consulting breach, BlackSuit ransomware claims responsibility

Another critical WordPress plugin vulnerability found, over a million websites affected

Apple, TikTok, Google, and Facebook give your data to law enforcement up to 80% of the time

APT group exploits WPS Office for Windows RCE vulnerability (CVE-2024-7262)

APT-C-60 Group Exploit WPS Office Flaw to Deploy SpyGlace Backdoor

BlackByte affiliates use new encryptor and new TTPs

BlackByte Hackers Exploiting VMware ESXi Auth Bypass Flaw to Deploy Ransomware

BlackByte Ransomware Exploits VMware ESXi Flaw in Latest Attack Wave

BlackByte ransomware gang exploits more orgs than previously known

BlackByte ransomware gang only posting 20% to 30% of successful attacks

BlackByte Ransomware group targets recently patched VMware ESXi flaw CVE-2024-37085

Canada: Ucluelet district staffer hit with phishing attack

Chinese Hacker Group Compromises Several Internet Companies

Chinese hacker group exploits startup bug to target US, Indian companies

Chinese hackers attack Indian, American companies using a software flaw

Chinese hackers breach India, US internet firms

Chinese hackers exploit flaw in software used by telecoms

Chip Giant AMD Hit by Second Alleged Cyberattack in 2024

CISA & FBI Details Phishing Techniques Used by Malicious Hackers

CISA Flags Critical Apache OFBiz Flaw Amid Active Exploitation Reports

Cloud telephony service Exotel confirms major cyber attack on cloud servers

Continuum Health Alliance data breach impacted over 375,000 patients

Co-op cyber attack still under investigation

Critical Apache OFBiz Vulnerability CVE-2024-38856 Identified and Actively Exploited

Critical Fortra FileCatalyst Workflow vulnerability patched (CVE-2024-6633)

Critical WPML Plugin Flaw Exposes Millions of WordPress Sites to Remote Code Execution

Critical WPML Plugin Flaw Exposes WordPress Sites to Remote Code Execution

Cyber attack on Medical Center Barbour compromised the data of over 60,000 patients

Cyberattacks on UK Law Firms Surge by 77% Amid Rising Ransomware Threat

Cybercrime and sabotage cost German firms $300 billion in past year

Cybercriminals capitalize on travel industry’s peak season

Data breach at Young Consulting exposes sensitive data of Blue Shield of California members

DICK'S shuts down email, locks employee accounts after cyberattack

DICK'S Sporting Goods third-party hack exposes ‘confidential’ info

DMARC is a Start, But Email Security Needs Layers of Protection

Dragos industrial ransomware analysis: Q2 2024

Durex India spilled customers’ private order data

Employee arrested for locking Windows admins out of 254 servers in extortion plot

Endless AI-enabled threats: “Imagine hackers taking over your whole HR department”

Facial Pain Center reports data breach, impacting sensitive consumer information

Florida Department of Health offering credit monitoring after data breach

Fortra fixes critical FileCatalyst Workflow hardcoded password issue

Fortra Issues Patch for High-Risk FileCatalyst Workflow Security Vulnerability

From Protests to Profit: Why Hacktivists Are Joining the Ransomware Ranks

Ghana: ECG lost up to GH₵500m due to ransomware attack

Hackers Exploit Microsoft Sway in New QR Code Phishing Campaign

How ransomware for rent rules the threat landscape

How to Address Healthcare’s Cybercrime Problem

How to protect yourself after massive theft of social security data

Insurance software giant reveals nearly a million customers hit by ransomware risk

Intel officials say they anticipate more hacking attempts as US election nears

Iran working with ransomware gangs for attacks in US, Azerbaijan, UAE and Israel

Iran-Backed Peach Sandstorm Hackers Deploy New Tickler Backdoor

Iranian Hackers Target US in Ransomware and Espionage Attacks

Iranian hackers work with ransomware gangs to extort breached orgs

Iranian State Hackers Act as Access Brokers for Ransomware Gangs, Target U.S. and Allies’ Critical Infrastructure

Karakurt ransomware negotiator indicted

LummaC2 Infostealer Resurfaces With Obfuscated PowerShell Tactics

Luxembourg learning app hit by data breach

Major Israeli Health Fund Allegedly Breached 1.3 Million Records Exposed

Malicious actors are leveraging peak travel and vacation times

McLaren Health Care restores network weeks after ransomware attack

McLaren recovering from ransomware attack, unclear about data security

Medical insurance info of 954K affected by vendor data breach

Microsoft Sway Users Targeted in QR Code Phishing Surge

Money Laundering Dominates UK Fraud Cases

Muted Applause: leading software testing firm leaves credentials vulnerable

Names of undercover police, crime victims found on dark web from Columbus data breach

Netherlands Slaps Uber With $324 Million Fine For Data Breach

New LummaC2 Malware Variant Uses PowerShell, Obfuscation to Steal Data

New Password Hacking Warning For Gmail, Facebook And Amazon Users

New QR Code Phishing Campaign Exploits Microsoft Sway to Steal Credentials

New Tickler malware used to backdoor US government, defense orgs

Nigeria ranks 19th in global cyber-attack index

Norfolk Poultry Farm Hit by Cyber-Attack

Novel Razr ransomware distributed via PythonAnywhere exploitation

Old methods, new technologies drive fraud losses

Oregon Zoo Data Breach Exposes Payment Card Information

Over 950K compromised in BlackSuit ransomware attack against Connexure

Patients sent spam emails in practice software breach

Persistent GreasyOpal CAPTCHA solver detailed

Phishing Attacks on Rise: Google, Facebook, and Amazon Users Again at Risk!

Pioneer Kitten: Iranian hackers partnering with ransomware affiliates

Play ransomware hackers claim attack on US manufacturer Microchip Technology

PoorTry Windows driver evolves into a full-featured EDR wiper

Port of Seattle Reeling After ‘Possible Cyberattack’ Disrupts Operations

QR Code Phishing Targets Microsoft 365 Credentials

Ransomware Attacks Exposed 6.7 Million Records in US Schools

Ransomware groups weaponise stolen data to increase pressure on targets who refuse to pay

Ransomware-as-a-Service Is Changing Extortion Efforts

Russian hacker attacks target former US ambassadors, reveal prior penetration

Russian hacker group RaHDit leaks data on 7,700 Azov soldiers

Salford housing register still down weeks after cyber attack

Seattle-Tacoma International Airport cyberattack triggers handwritten boarding passes

Shield Your Home from Cyberattacks: A Step-by-Step Guide

South Korea unveils new credit blocking program against phishing scams

South Korean hackers exploited WPS Office zero-day to deploy malware

South Korean Spies Exploit WPS Office Zero-Day

Spanish Athletics Federation Allegedly Breached

Staff details stolen in Banham Poultry ransom cyber attack

Staff details stolen in poultry factory cyber attack

Telegram’s Durov released on €5M bail, must stay in France after arrest

The health info of about a third of Americans has been leaked. Wisconsinites could be affected

The Philippines: Supreme Court (SC) validating report of data breach

The Supreme Court of Philippines Allegedly Breached 13K Rows Published

Threat Actor Claims to Sell Unauthorized VPN Access to Isuzu Motors International Operations (Thailand)

Toyota Confirms Third-Party Data Breach After Sensitive Info Leaks on the Dark Web

Toyota data breach exposes customer, employee info

Travelers warned about ‘smishing’ scam that could put your personal information at risk

U.S. credit union says MOVEit data breach impacted more than 500,000 customers

U.S. oil giant Halliburton says cyber attack disrupted IT operations

UK Labour Party reprimanded over cyberattack backlog by privacy regulator

US offers $2.5 million reward for hacker linked to Angler Exploit Kit

US puts up $2.5M bounty for Belarusian hacker’s arrest, conviction

Versa Director Zero-Day Attack: A Non-Critical Vulnerability with Low Exposure Can Still Be Trouble

Vietnam Central Bank Warns of Phishing Emails Requesting Biometric Data

Watchdog reprimands Labour following data breach

Young Consulting says cyber attack impacted close to a million individuals

Zimperium Warns Organizations of Increase in Mobile Phishing Attacks

27th August

4 ways to deal with phishing messages

5 Key Takeaways: Ransomware Attacks on Healthcare, Education, and Public Sector

44% of foiled ransomware attacks are caught during lateral movement

46% of Enterprises Experience Four or More Ransomware Attacks in a Single Year, Affecting ERP Applications and Systems 89% of the Time

$55M DAI Stolen in DeFi Saver Phishing Attack

$460 Million Paid to Ransomware Groups in H1, 2024

A text messaging scam is targeting Pennsylvania voters. Here’s what officials want you to know

A Third of Organizations Suffer SaaS Data Breaches

About 1 Million Customers Affected Due to Park’N Fly Data Breach

Access to a Billboard Company’s Network and Cloud is For Sale

AMD reportedly hacked again - criminals offer data for sale online

American Radio Relay League pays $1M to threat actors after ransomware attack

Atlantic General reaches $2.25M data breach settlement

Australian specialist underwriting agency hit by alleged ransomware attack

Biotech Company Settles with Three State Attorney Generals Over Security Practices

BlackSuit ransomware stole data of 950,000 from software vendor

British Library Puts £400,000 Into Cyber-Attack Rebuild

Canvey Infant School hit by cyber-attack delays opening

Canvey Island: Infant school hit by cyber attack

CDK Global confirms no data breach in June cyberattacks

China’s Volt Typhoon reportedly targets US internet providers using Versa zero-day

Chinese government hackers targeted US internet providers with zero-day exploit, researchers say

Chinese Volt Typhoon Exploits Versa Director Flaw, Targets U.S. and Global IT Sectors

Chinese Volt Typhoon hackers exploited Versa zero-day to breach ISPs, MSPs

Class-action lawsuit targets long-term care management company after data breach hits 80,000 people

Companies that use Security AI and Automation reported USD 1.8 million lower Average Data Breach Cost in 2024

Critical Chrome Zero-Day Vulnerability (CVE-2024-7965) Requires Immediate User Action

CrowdStrike unmasks notorious hacker USDoD

Crypto scams, phishing, identity theft worry Cameroon

Cyberattacks on critical infrastructure increased by 30% in one year

Data breach to cost Medibank more than $125m

Dutch Data Protection Authority (DPA) slaps Uber with record €290 million fine for GDPR violations over data transfers

EDR killer ransomware: What it is, how to repel

FBI Flawed Data Handling Raises Security Concerns

'Flabbergasted': Some Mainstreet tenants say they weren’t informed about the data breach

Gafgyt Botnet: Weak SSH Passwords Targeted For GPU Mining

Google Cloud Bucket Leak Tied to Shark Tank Contestant, Exposed Data of 83,000 People

Google Warns of CVE-2024-7965 Chrome Security Flaw Under Active Exploitation

Hackers claim to have hit US Marshals Service with a major cyberattack

Hackers use US Marshals ransomware to steal secret documents from The U.S.

Half of enterprises suffer breaches despite heavy security investments

How Manufacturers In Southeast Asia (SEA) Can Protect Themselves From Ransomware

How to prioritize data privacy in core customer-facing systems

How to protect your credit after massive data breach

Hunters International claims cyber attack on US Marshals Service

Hunters International ransomware gang threatens to leak US Marshals data

Identity of Notorious Hacker USDoD Revealed

Illinois county leaked over 470K critical voter documents

Investigations into massive National Public Data breach heat up

Large number of businesses exposed in 32 million document leak from ServiceBridge

Lateral movement: Clearest sign of unfolding ransomware attack

LockBit, RansomHub Lead Ransomware Attacks in July

MacOS users warned of crypto stealing malware Cthulhu

macOS Version of HZ RAT Backdoor Targets Chinese Messaging App Users

Mad Liberator ransomware operation: Lessons learned from Sophos analysis

Malware infiltrates Pidgin messenger’s official plugin repository

Maryland hospital settles ransomware lawsuit for $2.25M

McLaren CEO says cybersecurity experts continue to investigate ransomware attack

McLaren Health Care Fights Back: Restoring Operations After Ransomware Attack

McLaren Health Care systems restored after weeks of disruption from ransomware attack

Meta Uncovers Iran-Backed Phishing Campaign Targeting 2024 US Presidential Campaign Officials

Microsoft 365 Copilot Vulnerability Exposes User Data Risks

Microsoft Fixes ASCII Smuggling Flaw That Enabled Data Theft from Microsoft 365 Copilot

Microsoft Sway abused in massive QR code phishing campaign

MOVEit Hack Exposed Personal Data of Half Million Texas Dow Employees Credit Union (TDECU) Users

Nearly 1/3 of Companies Suffered a SaaS Data Breach in Last Year

New Password Hacking Warning For Gmail, Facebook And Amazon Users

New research estimates ransomware cost companies over $274 billion over last 5 years

New Unicode QR Code Phishing Scam Bypasses Traditional Security

North Korean insider attacks are skyrocketing – dozens of US firms didn't spot the hacker in their midst

Nursing Home Provider Carespring Health’s Data Breach Impacted 67,000 Residents, Lawsuit Alleges

Old ransomware players are on the back foot. New ones emerge

One-Third Of Companies Suffered SaaS Breach This Year

Over 2 million customer records leaked in breach of Japanese insurers

Park'N Fly Confirms July Data Breach

Park’N Fly data breach affects 1 million customers; no financial information compromised

Park'N Fly data breach affects about 1 million customers

Park'N Fly data breach included personal information of 1 Million Canadian customers, company says

Park’N Fly notifies 1 million customers of data breach

Park‘N Fly personal data breach affects 1 Million customers

Patelco confirms thousands of customers hit in ransomware attack

Patelco Credit Union confirms data breach affecting 726,000 customers

Patelco Credit Union Notifies 726,000 Customers of Data Breach Following Ransomware Attack

Personal info compromised in the Florida Department of Health data breach? Here's what to do

Phishing on Google tripled with a 243% rise

Phishing Subpoenas – A New Privacy Threat?

Potential Surge in Cryptocurrency Leaks

PythonAnywhere Cloud Platform Abused for Hosting Ransomware

RansomHub attack against Patelco Credit Union impacts 726K

Ransomware Gang Targets Google Chrome Users In Surprise New Threat Twist

Ransomware gang threatens release of ‘Top Secret’ documents from U.S. Marshals

Ransomware Hackers Steal Medical Insurance Data of 1 Million People

Ransomware-as-a-Service (RaaS) on the Rise: MSPs Need to Step Up Their Game

Russian hackers target European websites after Pavel Durov arrested

Salford City Council's housing register still down weeks after cyber attack targeted thousands

Securing the Cloud: Best Practices for Data Protection and Compliance

Security leaders respond to the Halliburton cyberattack

SenangPay Malaysia Allegedly Breached

Social Security data breach: 7 steps to take if you're affected, according to the Social Security Administration

South Carolina State University (SC State) responds to data breach, employees affected

Spotify Phishing Scams Are on the Rise: Here's How You Spot One

St. Helena, California, Cyber Attack Compromises Data of Nearly 1,000

State and local governments see decline in ransomware attacks but face rising costs and encryption rates

Suspected Cyber-Attack Causes Travel Chaos at Seattle Airport

Texas Dow Employees Credit Union (TDECU) Data Breach: 500,000+ Members Affected by MOVEit Exploit

‘Texas Dow Employees Credit Union’ Data Breach Impacts More Than 500,000 Individuals

The Facial Pain Center Notifies Over 238k Consumers of Recent Data Breach

The Role of AI in Email Security: Beyond Phishing Detection

This New Ransomware Steals Data Saved in Google Chrome

Threat Actor Claimed to Breach Database of DimeCuba

Trionfo Solutions Announces Data Breach Affecting Over 76k MetLife Plan Holders

Two hacker groups break into AMD and put data up for sale

Uber Fined €290 Million for GDPR Violations After Moving Data from EU to US

Uber Hit With €290m GDPR Fine

US Marshals say data posted by ransomware gang not from 'new or undisclosed incident'

US Marshals Service disputes ransomware gang's breach claims

US offers $2.5 million reward for Angler hacker arrest

US Offers $2.5 Million Reward For Arrest Of Global Computer Hacker

US offers $2.5 million reward for information on Belarusian hacker

US sets reward of up to $2.5 million for arrest of suspected Belarusian hacker

US State Department Offers $2.5 Million for Information on Belarusian Hacker

Versa Director zero-day exploited to compromise ISPs, MSPs (CVE-2024-39717)

Watch out for phishing attacks with fake banking app updates

Were you part of the massive SSN data breach?

Young Consulting Data Breach Affects Personal Information of Nearly 1 Million Blue Shield of California Members

26th August

1 million customer files accessed in massive Park'N Fly data breach

2 out of 3 major political donation sites lack critical security

2 TB of Sensitive “ServiceBridge” Records Exposed in Cloud Misconfiguration

63% of security practitioners experience burnout

A cyberattack impacted operations at the Port of Seattle and Sea-Tac Airport

Adversaries love bots, short-lived IP addresses, out-of-band domains

Alleged Karakurt ransomware scumbag charged in US

American Radio Relay League Paid $1 Million to Ransomware Gang

Angus Council apologises for data breach

Another data breach: Change Healthcare is the latest to warn of stolen info. How to freeze your credit

Arete releases H1 2024 crimeware report detailing ransomware and extortion trends and shifts in the cyber threat landscape

Argentine Air Force Website Hacked by LulzSec Muslims in Retaliation for Gaza Casualties

Australian not-for-profit community support service Meli confirms cyber attack

BlackSuit Ransomware Deployed After 15 Days From Initial Access

California credit union confirms 726k affected by June ransomware attack

CannonDesign data breach allegedly caused by Avos Locker

Chinese Velvet Ant Uses Cisco Zero-Day to Deploy Custom Malware

Chrome-stored passwords targeted by notorious ransomware group

Companies That Use AI and Automation Report $1.8M Lower Data Breach Cost

Credit Union Issues Belated MOVEit Data Breach Notification

Critical Flaws in Traccar GPS System Expose Users to Remote Attacks

Crypto Crime Crackdown: Russian Hacker Extradited to US

Customer conversation platform Exotel suffers data breach

Cyber Threats Pose Growing Risk to Financial Services

Cyberattack Disrupts Seattle Airport: Thousands of Travelers Impacted by Port of Seattle Outage

Data breach at ParkTree Community Health Center exposes sensitive patient information

Data breach cost for Middle East businesses rises 10 percent to $8.74 million in 2024

Data Breach Costs for Businesses Continue Their Upward Trajectory in the Middle East Reaching an Average of SAR 32.80 Million

Delays, outages continue after cyber attack on Seattle-Tacoma International Airport

Dutch data privacy regulator fines Uber $324 million for failing to adhere to GDPR

Dutch Regulator Fines Uber €290 Million for GDPR Violations in Data Transfers to U.S.

Dutch Watchdog Slams $324m Fine Against Uber Over Alleged Data Breach

Exotel Faces Data Breach As Swift Response Mitigates Impact

FBI Captures Cyber Kingpin Who Scammed Millions of Americans

Florida Department of Health Reports Data Breach

France Extends Telegram CEO Pavel Durov’s Detention Over Cybercrime Allegations

From Hack To Hostage: The Rise Of Ransomware As A Geopolitical Weapon

Global Cyber Insurance Premiums Decline Despite Ransomware Surge

Google tags a tenth Chrome zero-day as exploited this year

Hacker USDoD sheds light on identity

Halliburton confirms cyber attack behind system issues

Halliburton Probes Impact of Cyber Attack With Law Enforcement

Halliburton, Law Enforcement Investigates Cyberattack Impact

How to check if your Social Security number was part of massive data breach

How to tell if your online accounts have been hacked

India: Government warns about fake SMS asking users to update their PAN – what it is and how to stay safe

IntelBroker Alleged Data Breach of AMD Internal Communications

Is Your Social Security Number (SSN) in the National Public Data Breach? Here’s How to Find Out

Kaspersky Reports 40% Increase in Phishing Attempts Against Google, Facebook and Amazon

Klarna rival collapsed after unreported cyber attack

Lynx ransomware claims attack on Australian electrical wholesaler

Malaysia: Prasarana confirms cybersecurity breach, public transport operations unaffected

Malaysia: Prasarana confirms cybersecurity incident

Malaysia: Prasarana confirms internal data breach, says no disruption to public rail services

Miggio Uncovers Amazon Web Services (AWS) Load Balancer Security Flaw

National Research Council of Italy Allegedly Breached

National Security Agency (NSA) Releases Guide to Combat Living Off the Land Attacks

New Android Malware NGate Steals NFC Data to Clone Contactless Payment Cards

New research finds that lateral movement is a clear sign of ransomware attack

Newly Discovered Group Offers CAPTCHA-Solving Services to Cybercriminals

North Wales Police Cybercrime team warns of rise in HMRC phishing scams

NTLM Credential Theft Risk in Python Apps Threaten Windows Security

Park’N Fly airport parking service alerts customers of data breach

Park’N Fly data breach hits roughly a million customers

Park'N Fly data breach included personal information of 1 Million Canadian customers, company says

Park’N Fly reports 1M customers impacted by recent data breach

Park'N Fly reveals data breach affecting 1 million customer files

Patelco Credit Union Says Breach Impacts 726k After Ransomware Gang Auctions Data

Patelco notifies 726,000 customers of ransomware data breach

Phishers Combine Tactics and Resources in Newest Attack Schemes

Phishing Subpoenas - A New Privacy Threat?

Polygon Discord Secure After $145,000 Hack Amid POL Token Launch

Prasarana confirms cybersecurity breach, assures no disruption to public transport services

Prasarana Gets Hit By Ransomware Attack; Over 300GB Of Data Reportedly Stolen

Prasarana Malaysia Berhad confirms 316GB ransomware attack

Prasarana Malaysia confirms cyberattack, assures there’s no effect on its daily operations

Prepare your small business for ransomware attacks

Ransomware attacks on schools threaten student data nationwide

Ransomware Attacks, Demands, and Payments Rise in Q2

Ransomware payment disclosed by American Radio Relay League

Remote Work: A Ticking Time Bomb Waiting to be Exploited

Report urges consulting firms to strengthen their cyber frontiers

Researchers Identify Over 20 Supply Chain Vulnerabilities in MLOps Platforms

Researchers warn of text scams that send drivers fake bills for highway tolls

Scammer Transfers $2.7M After $55.4M in DAI Phishing Attack

Sea-Tac Airport Cyberattack Disrupts Operations and Travel Plans

Seattle airport 'possible cyberattack' snarls travel yet again

Seattle-Tacoma Airport IT systems down due to a cyberattack

Seattle-Tacoma Airport suffers through third day of disruptions following possible ransomware attack

Seattle-Tacoma International Airport faces delays amid possible cyberattack

Seattle's airport, seaport isolate systems after cyberattack

SonicWall Issues Critical Patch for Firewall Vulnerability Allowing Unauthorized Access

SonicWall patches critical flaw affecting its firewalls (CVE-2024-40766)

SonicWall warns of critical access control flaw in SonicOS

South African Government Tendering Site Allegedly Suffers Data Breach

South London GPs Still Affected by June Cyber-Attack on Synnovis

Spear-Phishing Campaigns Target Russian, Belarusian Groups

State Department offers up to $2.5 million for info on Belarus hacker

Telegram says arrested CEO has ‘nothing to hide’ as France reportedly extends his detention

The cost of a data breach

This clever new ransomware is targeting your Google Chrome data, so be on your guard

To pay or not to pay: CISOs weigh in on the ransomware dilemma

Uber fined €290 million for transferring European data to US servers

Uber fined $324M over EU drivers’ data transfer breach

Uber fined $325 million for moving driver data from Europe to US

Uber Hit with 290 Million Euro Fine for Data Transfer Violations

University of Toronto Allegedly Breached

Upgrade Hospital Cybersecurity with Passwordless, Phishing-Resistant MFA

Versa fixes Director zero-day vulnerability exploited in attacks

Yes, the Billion-Records Data Breach Is Real