Editor's Message

Welcome to DBD. On March 8th we celebrated our 4th Anniversary and the 1st Anniversary of our PRiSM application, officially endorsed by the SANS Institute. Despite recent personal issues that have impacted the amount of time I have been able to dedicate to both projects, I have been doing my best to keep everything as up-to-date as possible, and I would like to take this opportunity to thank everyone for their patience and support whilst I navigate through this very difficult time. Stay safe. :)



Monday 5 August 2024

Data Breaches Digest - Week 32 2024

Welcome to this week's Data Breaches Digest, a catalogue of links concerning Data Breaches and Cyber Security that were published on the Internet during the period between 5th August and 11th August 2024.


11th August

4,300,000 Americans Exposed As Savings Account Data Breach Leaks Customers’ Names, Addresses and Social Security Numbers

Chinese hacking groups target Russian government, IT firms

Cybersecurity investigators worry ransomware attacks may worsen as young, Western hackers work with Russians

Elon Musk’s X targeted with nine privacy complaints after grabbing EU users’ data for training Grok

Fake X content warnings on Ukraine war, earthquakes used as clickbait

Hackers leak 2.7 billion data records with Social Security numbers

Interviewing the ghost that took down 20% of the dark web

Jackson County: Grandview collection windows to reopen following suspected cyberattack

Rogue PyPI Library Solana Users, Steals Blockchain Wallet Keys

Threat Actor Claims to Sell Over 600,000 Indian Credit Card Records

Trump Campaign Accuses Iranian Hackers of Internal Document Theft

What GitHub’s security breach says about IT vulnerabilities

10th August

CSC ServiceWorks reveals 2023 data breach affecting thousands of people

Darktrace report highlights rising dominance of Malware-as-a-Service (MaaS) and Ransomware-as-a-Service (RaaS) in escalating cyber threat landscape

Expert Warns of Security Threats in Microsoft's Copilot, Exposing AI to Data Breaches and Phishing

Healthcare Providers Must Plan for Ransomware Attacks on Third-Party Suppliers

Local governments in Texas, Florida hit with ransomware as cyber leaders question best path forward

Microsoft Warns of Unpatched Office Vulnerability Leading to Data Exposure

New Malware Hits 300,000 Users with Rogue Chrome and Edge Extensions

Researchers Uncover 10 Flaws in Google's File Transfer Tool Quick Share

Russian Midnight Blizzard Breached UK Home Office via Microsoft

The 10 largest GDPR fines on Big Tech

Threat Actor Claims to Leak 8.6 Million Records from Florida Office of Financial Regulation

Trump campaign says its internal messages hacked by Iran

Two Suspects Arrested for Running WWH-Club Stolen Credit Card Marketplace

WWH-Club credit card market admins arrested after cash spending spree

9th August

“0.0.0.0-Day” vulnerability affects Chrome, Safari and Firefox

$10M bounty for information on CyberAv3ngers

A Threat Actor Claims Breach of TV SAT 364/Widzew Database

ADT Data Breach: Customers Personal Information Exposed

ADT data breach leaks customers’ location and email addresses - here’s what happened

Alert: Federal Motor Carrier Safety Administration (FMCSA) registrants targeted in phishing attack

Apple Intelligence is “a boomer dad” that reportedly prioritizes phishing emails

Aqua Security Researchers Disclose Series of Amazon Web Services (AWS) Flaws

Are you one of the billions impacted by a data breach this week? Here's what you can do about it

Browsers on MacOS and Linux have failed to block malicious instructions sent to 0.0.0.0 – for 18 years

CISA and FBI issue updated alert on BlackSuit ransomware targeting critical infrastructure sectors

CISA Encourages Organizations to Adopt a 'Secure by Demand' Strategy

CISA Warns of Hackers Exploiting Legacy Cisco Smart Install Feature

Coforge Faces ₹92 Crore Notice from US Client Over Alleged Data Breach: Indian IT Firm Plans to Dispute Claims

Coforge Receives $11 Million Indemnity Notice Over Data Breach

Coforge Receives $11-Million Notice from North American Client over Alleged Data Breach

Columbus cyber attack still disrupting services nearly a month after hackers steal data

Columbus hit with class action lawsuit over handling of ransomware attack

Computer Crash Reports Are an Untapped Hacker Gold Mine

Critical 1Password flaws may allow hackers to snatch your passwords (CVE-2024-42219, CVE-2024-42218)

CrowdStrike Alert: Phishing Attacks Targets German Customers

CSC ServiceWorks discloses data breach after 2023 cyberattack

Cyber-attack paralyses 40 French museums

Data breach disclosed by ADT following leak

Department of Justice (DoJ) Charges Nashville Man for Helping North Koreans Get U.S. Tech Jobs

easySim.global confirms data breach; customer information exposed

Ecovacs home robots can be hacked to spy on their owners, researchers say

Elon Musk’s X Halts EU Data Processing Amid AI Grok Training Concerns

Experts Uncover Severe AWS Flaws Leading to RCE, Data Theft, and Full-Service Takeovers

Federal Authorities Work to Boost Health-Care Cybersecurity

Gang targeting Instagram accounts busted in Ukraine

Half of Australian ransomware victims paid up

How a cybersecurity researcher befriended, then doxed, the leader of LockBit ransomware gang

How much damage would a cyber attack cause in the Middle East?

How ‘rookie mistakes’ on hacker websites saved 6 companies from paying ransoms

How to protect yourself from health care cybersecurity breaches

Information Commissioner’s Office (ICO) fines software company Advanced over £6m over data security failings

IntelBroker Alleged Data Breach of FacilityBills.com Database

IntelBroker Alleged Data Breach of Mykukun/USBank.com Database

Iranian hackers ramping up US election interference, Microsoft warns

Iranian hackers target U.S. presidential campaign official, Microsoft says

Just the Hacks: How Journalists Work With Hackers to Break News

Legislature must respond to ransomware attacks in Michigan hospitals

Majority of phishing emails still bypassing security protection

Malware force-installs Chrome extensions on 300,000 browsers, patches DLLs

Malware-as-a-Service and Ransomware-as-a-Service lower barriers for cybercriminals

Manila Health Department Allegedly Breached, Sensitive Patient and Employee Records Exposed

Michigan Attorney General reminding people to protect their personal information after McLaren Cyber Attack

Microsoft discloses Office zero-day, still working on a patch

Microsoft Reveals Four OpenVPN Flaws Leading to Potential RCE and LPE

Microsoft’s AI Assistant Can Be Exploited by Cybercriminals

Mistakes To Avoid Before And After A Ransomware Attack

Mobile UK Travel SIM Provider easySim Global Suffers Data Breach

Moonly app data breach exposes employee credentials and user GPS locations

Netflix 'aggressively taking action' after huge data breach sees full episodes of Arcane season 2, Heartstopper season 3, and more leak online

Netflix breaks silence on huge data breach after leaks of Heartstopper, Arcane & more

Netflix Data Breach: A List of Every Leaked Anime, Show, and Movie

Netflix Issues Official Statement on Heartstopper, Arcane Data Breach

New AMD SinkClose flaw helps install nearly undetectable malware

New Double-Extortion Ransomware Attacking Linux Machines

New Flaws in Sonos Smart Speakers Allow Hackers to Eavesdrop on Users

NIS2: A catalyst for cybersecurity innovation or just another box-ticking exercise?

Ohio School Boards Association suffers from a cyber attack

Ohio School Boards Association targeted in cyber attack

Paris Olympics deals with ransomware attack

Phishing Scam Targets Google Users with Malware Disguised as Authenticator App

Police officers suing Columbus for keeping them ‘in the dark’ over ransomware attack

Poultry Company Peco Foods Facing Class Action Lawsuit Over Data Breach Affecting 48K People

Ransomware Attack on Blood Center OneBlood Disrupts Distribution Across 250 Hospitals

Ransomware firms had some basic security flaws that meant victims never had to pay up

Ransomware leak site bugs avert ransom demand payments

Ransomware Recovery: Steps to Take After an Attack

Ransomware victims recover data for free due to hackers’ bugs

Recovering from a data breach requires an effective cyber resilience strategy

Report reveals 10% increase in the exploitation of old CVEs

Rhysida ransomware hits Sumter County Sheriff, threatens data leak

Rhysida ransomware takes responsibility for Bayhealth Hospital compromise

Rising Threat: Golddigger and Gigabud Banking Trojans Exploit Phishing Tactics

Rite Aid Facing Class Action Lawsuit Over Data Breach Impacting 2.2 Million Customers

Security Giant ADT Confirms Data Breach, Customer Info Leaked on Dark Web

Singapore has the most firms that pay up at every ransomware attack

South Suburban College says cyber attack impacted over 96,000 individuals

StormBamboo Compromises ISP, Spreads Malware

Student raised security concerns in Mobile Guardian MDM weeks before cyberattack

Tennessee man builds laptop farm to help North Korea

Tennessee man charged over role in North Korea IT worker scheme

The Philippines: National Privacy Commission (NPC) verifying JG Summit ransomware assault

Threat Actor Claims to Sell Sensitive Data from Federacion EspaƱola de Padel

Threat Actors Favor Rclone, WinSCP and cURL as Data Exfiltration Tools

'Troubling': HR-related phishing emails still targeting employees

Two new threats emerge for bitcoin and crypto users

UN cybercrime treaty passes in unanimous vote

Urgent: CISA Flags Cisco Device Risks, Weak Passwords a Major Threat

What is phishing? New digital scams keep emerging and becoming more sophisticated

White House working on cyber insurance policy proposal for ‘catastrophic’ incidents

Why Healthcare CISOs Must Prioritize Third-Party Risk Management

X agrees to not use some EU user data to train AI chatbot

Youth football team says cyber hacker stole $9,000 from bank account

8th August

0.0.0.0 Day: 18-Year-Old Browser Vulnerability Impacts MacOS and Linux Devices

18-year-old security flaw in Firefox and Chrome exploited in attacks

56% of phishing emails bypass security checks

A hacker attack on National Public Data has led to one of the largest leaks of personal data ever recorded

A new type of cyber attack: Iran's attack on Israel's consciousness

Acadian Ambulance faces six class-action lawsuits over stolen customer, employee information

Acronis report reveals 293% surge in email attacks H1 2024

ADT confirms data breach after customer info leaked on hacking forum

ADT home security breach exposes customer data on hacker forum

Alleged WeChat and UnionPay Data Available for Sale

Amazon Web Services (AWS) ‘Bucket Monopoly’ Flaw Led to Account Takeover

As use of IoT devices grows, so do the associated security risks

Astrology app exposes locations of 6M users, founders likely linked to Russia

Beware Of Fake WinRar Websites Delivering Ransomware via GitHub

BlackSuit/Royal Ransomware Group Has Demanded $500m

Blue Ridge Rural Water Company reveals major customer data breach

Chip Flaw ‘GhostWrite’ Steals Data from CPU Memory

Chrome, Safari, Mozilla Under Siege: ‘0.0.0.0 Day’ Vulnerability Exposes Millions

CISA warns about actively exploited Apache OFBiz RCE flaw

CISA warns of hackers abusing Cisco Smart Install feature

Cisco warns of critical RCE zero-days in end of life IP phones

Columbus City Mayor updates council on progress for recovery from data breach attack

Consumer Reports study finds data removal services are often ineffective

Critical 1Password Vulnerability: Hackers Could Exploit Security Flaw to Access Unlock Keys

Critical Flaw in Microsoft Entra ID Allows Privileged Users to Gain Global Admin Status

Cyber Incident Shuts Down North Miami City Hall: What You Need to Know

Cybercriminals weaponising stolen data in attacks

Defying officials and experts, Singapore firms keep paying ransomware blackmail

‘Devastating:’ Stolen Columbus data leaked by ransomware group after auction gets no bids

“DIANA” Malware Command and Control Framework for Sale

Downgrade Attacks Could Affect Fully Updated Windows Systems With Previously Patched Vulnerabilities

Epic National Public Data Breach Exposes Nearly 3 Billion Records from National Public Data

Ethical Hackers Steal and Return $12m to Ronin Network

Exploit released for Cisco SSM bug allowing admin password changes

FBI and CISA Warn of BlackSuit Ransomware That Demands Up to $500 Million

Federal Trade Commission (FTC) approves lawsuit against TikTok for violating COPPA

Google Drawings and WhatsApp Short-Links Used in Amazon-Impersonating Phishing Campaign

Growing Menace in Digital Age

Hacker dumps 3 billion personal records stolen from the National Public Data

Hacker Targets Early Settler Furniture, Customer Data on Dark Web

Hackers return $12 million taken during Ronin network breach

Half of Australian businesses have paid a ransom after a cyber attack

HealthEquity class action alleges company failed to secure customer data

Home alarm company ADT says hackers obtained ‘limited’ customer data

Home security giant ADT says it was hacked

How BlackSuit Ransomware is Crippling Businesses: FBI, CISA Sound Alarm

How network segmentation can strengthen visibility in Operational Technology (OT) networks

HR emails top phishing tactics in KnowBe4's Q2 2024 report

Humans are Top Factor in Cloud Security

Indonesia’s National Data Centre Ransomware Attack: A Digital Governance Failure?

Interpol halts $40M business compromise heist in a largest-ever recovery

JG Summit investigating ‘possible cybersecurity attack’

Massive Data Breach Exposes Personal Information of 2.9 Billion People

Massive Data Breach Hits Background Check Firm: Nearly 3 Billion Records Exposed

Massive National Public Data Breach: 2.9 Billion Records Stolen from National Public Data

Michigan hospital system struggles with cyberattack as healthcare industry decries ‘Russian’ ransomware

Microsoft 365 anti-phishing alert “erased” with one simple trick

Microsoft 365 Anti-Phishing Measure Compromised by CSS Flaw

Microsoft 365 Anti-Phishing Measures Bypassed by Altering ‘First Contact Safety Tip’ via CSS

Microsoft 365 Users Face New Phishing Threats From CSS Vulnerability

National Curry Awards Allegedly Targeted by Moroccan Threat Actors

National Public Data Breach: Exposes 2.9 Billion Records, Full Names, Addresses, and SSNs at Risk

National Public Data Breach: Nearly 3 Billion Records Exposed by Fenice on Breach Forums

Neiman Marcus class action claims retailer failed to protect customers from data breach

New ExtraHop Research Helps Organisations Predict Where Ransomware May Strike Next

New Phishing Scam Uses Google Drawings and WhatsApp Shortened Links

New Security Alert For Outlook Users Says Anti-Phishing Tools On Microsoft 365 Are Being Bypassed

Nomad Bridge hacker moves 14,500 Ethereum ($35.2M) to Tornado Cash

Nomad Bridge Hacker Transfers $35.2M in ETH to Tornado Cash

NoName057(16) Allegedly Targeted Ukraine After Ukrainian Offensive Towards Kursk Oblast

North Korea Kimsuky Launch Phishing Attacks on Universities

North Korean Ransomware Attacks: Department of Justice (DoJ) Indicts Threat Actor

Number of appointments at NHS trusts impacted by cyber attack passes 10,000

OneBlood operations back to normal after being targeted for ransomware attack

OneBlood returns to normal blood distribution to hospitals following ransomware event

Operational Technology (OT) Security a Top Priority for CIOs

Organizations face an average of 8 ransomware incidents per year

Patelco Sued Over Data Breach

“Perfect” Windows downgrade attack turns fixed vulnerabilities into zero-days

Phishing Attack Exploits Google, WhatsApp to Steal Data

Provisional £6m Fine Imposed on Software Provider Following NHS Ransomware Attack

Ransomware Attack Costs loanDepot Almost $27 Million

Ransomware Attack Targets Grand Palais, Paris

Ransomware attacks spread with extortion sums reaching $60M, warns FBI

Ransomware groups are better at web app security than you, says researcher

Ransomware gangs: How low will they go?

Ransomware Groups Weaponize Stolen Data To Increase Pressure On Targets

Ransomware groups weaponise stolen data to increase pressure on targets who refuse to pay, Sophos report finds

Ransomware operators continue to innovate

Rapid7 report reveals surge in ransomware attacks & new groups

Rhysida Ransomware group claims to have breached Bayhealth Hospital in Delaware

Ronin Network’s Lucky Escape: $12 Million Hack Reversed by ‘White Hat Hackers’

Russia's Kursk region suffers 'massive' DDoS attack amid Ukraine offensive

Russian spies hacked UK government systems earlier this year, stole data and emails

Securities and Exchange Commission (SEC) decides against penalizing MOVEit software maker

Securities and Exchange Commission (SEC) Investigation into Progress MOVEit Hack Ends Without Charges

Securities and Exchange Commission (SEC) Won’t Bring Charges Against Progress Software Over MOVEit Supply Chain Attack

Security bugs in ransomware leak sites helped save six companies from paying hefty ransoms

Security leaders respond to Olympic venue ransomware attack

Solar eclipsed: 20% of global solar power vulnerable to cyber attack

STAC6451 Hackers Attacking Microsoft SQL Servers to Compromise Organizations

Swiss cow and calf dead after ransomware attack on milking robot

The Achilles Heel of Cybersecurity: Lessons from a Recent Data Breach

Thousands of Exposed Industrial Control Systems in US, UK Threaten Water Supplies

Threat Actor Claims to Sell Access to an AI Company for $15,000

Turning the Screws: Sophos Report Details Aggressive Ransomware Pressure Tactics

University Professors Targeted by North Korean Cyber Espionage Group

Unprecedented National Public Data Breach: Nearly 3 Billion Records Exposed in National Public Data Hack

Urgent warning as ‘one of the largest data breaches in history’ targets 2.9 billion – & social security numbers at risk

US dismantles laptop farm used by undercover North Korean IT workers

US offers $10 million for info on Iranian leaders behind CyberAv3ngers water utility attacks

Web-Connected Industrial Control Systems Vulnerable to Attack

Windows Downgrade Attack Risks Exposing Patched Systems to Old Vulnerabilities

7th August

3 billion hit in catastrophic data breach exposing full names, addresses and SSNs on dark web

62% of phishing emails can bypass DMARC verification checks

Advanced fined £6m over stolen patient data in 2022 cyber attack

After yet another crypto exploit, Ronin Bridge claims it has recovered lost funds

AI is responsible for 40% of Business Email Compromise (BEC) emails

AI PCs bring new security protections and risks. Here's what users need to know

Alleged Ingresse Breach Compromised Over 15 Million Users

Amazon Web Services (AWS) Vulnerabilities Revealed by Researchers at Black Hat Conference

An American company is being sued for not adequately protecting the private data of its users against a cyber attack

Background check company breached, nearly 3 billion exposed in data theft

Belfast Trust investigating patient details data breach at Mental Health unit

BlackSuit ransomware made over $500 million in ransom demands

Brazil FGTS Allegedly Breached 39 Million Entries Compromised

Chameleon Android Banking Trojan Targets Users Through Fake CRM App

Check that email carefully - experts warn anti-phishing tools in Microsoft 365 can be easily bypassed

CISA Releases Guide to Enhance Software Security Evaluations

City of Cold Lake: Recovery a slow process after cyber attack

Cost of a data breach

Critical Docker Engine Flaw Enables Authorization Plugin Bypass

Critical Progress WhatsUp RCE flaw now under active exploitation

Critical ServiceNow Vulnerability Exposes Organizations to Remote Code Execution Attacks

Critical Solar Power Grid Vulnerabilities Risk Global Blackouts

CrowdStrike Outage Serves as Dress Rehearsal for China-Led Cyber-Attacks

Cyber predator locked up for hacking into Snapchat to steal explicit images

Cybercriminals target Canadian restaurant chain with Chameleon malware

Elon Musk’s X taken to court in Ireland for grabbing EU user data to train Grok without consent

Enhancing Cyber Defense: CEO Perspectives on Attack Surface Management

Executives Beware: Understanding the Risk of Targeted Cyberattacks

Feds help investigate ransomware used in cyberattack against North Miami government

French Museums Hit by Ransomware Attack

Global Average Cost of a Data Breach Reaches $4.88M in 2023

Hackers could spy on cell phone users by abusing 5G baseband flaws, researchers say

Historic data breach of nearly 3 BILLION people including American's social security numbers leaks to the dark web - here's what to do if you were exposed

Hours counting down on deadline before ransomware group leaks Columbus data

How to Buy Secure Software: New Guide from CISA and FBI

Hunters International RaaS Group Points SharpRhino at IT Workers

Illinois Drivers Alert, Officials Warn Against 'Tollway Services' Phishing Scam via 438 Area Code Texts

Illinois Tollway advises I-PASS customers to disregard phishing texts detailing outstanding toll amounts

Information Commissioner’s Office (ICO) Prepares £6m Fine for NHS Supplier Advanced

Information Commissioner’s Office (ICO) “provisionally” decides to fine Advanced £6m for 2022 health sector ransomware attack

Information Commissioner’s Office (ICO) ransomware probe sparks warning of huge fines

Ireland's Data Protection Commission (DPC) Takes Twitter to Court Over AI User Data Concerns

Japanese Publisher Kadokawa Confirms Massive Data Breach Affecting Over 250,000 People

Largest Data Breach Ever? Lawsuit Against National Public Data for Allegedly Compromising Data of 3 Billion People

Massive Data Breach Exposes Info of 2.9 Billion People

McLaren confirms cyberattack across its 13 Michigan hospitals, physician network

McLaren Health Care: 'Criminal cyber attack' took down phone, computer systems

McLaren Health Care confirms criminal cyberattack caused disruptions to IT, phone systems

McLaren hospitals disruption linked to INC ransomware attack

McLaren victim of a cyber attack

Microsoft 365 anti-phishing feature can be bypassed with CSS

Microsoft 365 Phishing Alert Can Be Hidden with CSS

Microsoft’s AI will soon start leaking user data

More than 330 Million Email Addresses Allegedly Scraped from Security Platform SOCRadar.io Exposed Online

National Public Data Allegedly Leaked in Full on Dark Web

Network of 40 French museums hit by ransomware attack

New CMoon USB worm targets Russians in data theft attacks

New Go-based Backdoor GoGra Targets South Asian Media Organization

New Linux Kernel Exploit Technique 'SLUBStick' Discovered by Researchers

New Ransomware Groups Emerge Despite Crackdowns

Nexera DeFi Protocol Hacked: $1.8M Stolen in Major Smart Contract Exploit

Nexera Suffers Major Crypto Hack; Claims Only $440K Stolen

NHS IT firm faces £6m fine over medical records hack

NHS IT Firm May Get £6M Fine Following Ransomware Attack

NHS software supplier Advanced faces £6m fine over ransomware attack failings

Northern Ireland: Mental health unit back in the spotlight after second data breach in three years

Number of incidents affecting GitHub, Bitbucket, GitLab, and Jira continues to rise

Personal, financial data of New Jersey City University (NJCU) students, staff leaked on dark web as $700K ransom goes unpaid

Phishing Attacks Can Bypass Microsoft 365 Email Safety Warnings

Port of Tyne website hit by cyber attack

Ransomware attack paralyzes milking robots - cow dead

Ransomware Attack Strikes Olympics Venue, French Cultural Sites

Ransomware impacts dozens of French museums

Ransomware in 2024: More Attacks, More Leaks, and Increased Sophistication

Ransomware to be regarded as terrorism under new bill

Researchers Bypass Microsoft 365 Anti-Phishing Measures By Manipulating First Contact Safety Tip

Ronin Network hacked, $12 million returned by "white hat" hackers

Roundcube flaws allow easy email account compromise (CVE-2024-42009, CVE-2024-42008)

Roundcube Webmail Flaws Allow Hackers to Steal Emails and Passwords

Royal ransomware successor BlackSuit has demanded more than $500 million

Russian Hacker Group APT28 Launches HeadLace Malware via Fake Car Ads to Target Diplomats

Scammers target I-Pass users with phishing texts about unpaid tolls

Securities and Exchange Commission (SEC) ends probe into MOVEit attacks impacting 95 million people

Small CSS tweaks can help nasty emails slip through Outlook's anti-phishing net

South Suburban College Notifies 96k Current and Former Students of Recent Data Breach

Sports venues must vet their vendors to maintain security

Structure of ransomware gangs is more science than art

Synnovis rebuilds IT systems following London cyber attack

The Amazon Web Services (AWS) bucket trap: six major services affected by critical vulnerabilities

The C-Suite Conundrum: Are Senior Executives the Achilles’ Heel of Cybersecurity?

This Caller Does Not Exist: Using AI to Conduct Vishing Attacks

Threat Actor Claims to Breached Tribunal Superior de Justicia CDMX Database

Threat Actor Offers Unauthorized Access to Major Casino Software and Game Providers for $80,000

UK Data Breach costs climb to £3.58m, Financial Sector hit hard

UK Information Commissioner’s Office (ICO) Fines NHS Supplier For Medical Records Breach

UK IT provider faces $7.7 million fine for 2022 ransomware breach

UK Managers Improve Cyber Knowledge but Staff Lack Training

UK’s Data Regulator Proposed £6M Fine to Advanced Software Over the 2022 NHS Ransomware Attack

UK’s watchdog proposes millions in fines following NHS ransomware attack

Understanding Ransomware: Key Measures For BFSI Sector Companies

US offers up to $10M for successful tips about Iranian hacker group

Windows Update downgrade attack "unpatches" fully-updated systems

6th August

7 Billion Passwords Allegedly For Sale

17.8 million Phishing Emails Detected in First Half of 2024

30 New Ransomwares are Detected by Malware Researchers in July

48% of healthcare organizations are using AI to manage cyber risk

A ransomware attack hit French museum network

After ransomware cyberattack, OneBlood’s computer systems are recovering

AI-fueled phishing scams raise alarm ahead of U.S. presidential election

Alleged Access for an Israeli Fintech Company is For Sale

Australia: Court action follows cyber attack

Australian furniture retailer Early Settler confirms data breach

Beware of this new phishing scam that could arrive in your mailbox

Breach at Kerman Unified, phishing emails sent to students

‘Calibrated Healthcare’ Suffers Data Breach Exposing Sensitive Patient Information

Calibrated Healthcare Suffers Data Breach, Patient Information Compromised

Chameleon malware is attacking restaurants in Canada and Europe

Common Vulnerabilities and Exposures (CVEs) Surge 30% in 2024, Only 0.91% Weaponized

Cost of a data breach: The healthcare industry

Cricket Wireless class action claims data breach affects 10M customers

Cyber Attack Targets Grand Palais Amid Olympic Events

Cyberattack knocks Mobile Guardian Mobile Device Management (MDM) offline and wipes thousands of student devices

Cyberattack Wipes 13,000 School Devices in Mobile Guardian Breach

Cyberattacks Hit Henry Schein Hard, Profits Fall

Data Breach: 3 Billion National Public Data Records with SSNs Dumped Online

Data Breaches Are Costing Australian Organisations, IBM Report Reveals

Doubleface Shared a New Ransomware on Telegram

EchoSpoofing Phishing Campaign Exploiting Proofpoint’s Email Protection

Email attacks skyrocket 293%

Ethereum’s Unexpected Ally: Hacker Channels $40 Million Amid 25% Price Crash

Firms Should Prepare and Protect Themselves as Ransomware Statistics ‘Grow More Dire’

France: Olympic venue among 40 museums hit by ransomware attack

France's Grand Palais discloses cyberattack during Olympic games

French authorities investigate ransomware attack targeting Olympic venue

French museum network hit by ransomware attack, but no disruptions are reported at Olympic events

French museum network, including those hosting Olympic events, hit by ransomware attack

French Museums Hit By Ransomware Attack

French Police Probe Ransomware Attack on Major Museums

French police probe ransomware attack on Grand Palais Olympic venue

French police probe ransomware attack on Olympic venue

French police probe ransomware attack targeting Olympics venue and museums

Google Patches New Android Kernel Vulnerability Exploited in the Wild

Google says Android zero-day was exploited in the wild

Hacker wipes 13,000 devices after breaching classroom management platform

Hackers remotely wipe 13,000 students’ iPads and Chromebooks after breaching safety software

Health-ISAC/AHA Issue Warning Following Ransomware Attacks on Mission-Critical Suppliers

Human-operated ransomware - Your business’ next cyber threat

India: Income Tax Returns (ITR) Refund Scam Alert - Beware of Phishing Messages Targeting Taxpayers

Indonesia: Communications minister sued over ransomware attack

Information Security vs Cyber Security: The Difference

Intelligence bill would elevate ransomware to a terrorist threat

INTERPOL Recovers $41 Million in Largest Ever Business Email Compromise (BEC) Scam in Singapore

INTERPOL recovers over $40 million stolen in a Business Email Compromise (BEC) attack

Iranian cyberattack targets Israeli firms with phishing campaign amid ongoing conflict

Japan Considers Measures To Mandate Private Sector Cybersecurity Incident Reporting

Key Tronic’s ransomware-related losses exceed $17M

Litigation to be brought over Northern Ireland data breach

Microsoft says cyber-attack triggered latest outage

Minimizing the Impact of Ransomware in the Cloud

Mobile Guardian Hack Leads to 13,000 Student Devices Wiped in Singapore

More than half of phishing bypasses all security

National Public Data breach: Lawsuit claims nearly three billion people had personal data exposed

Nearly 40 French museums reportedly affected by ransomware attack

Network Admins Beware! SharpRhino Ransomware Attacking Mimic As Angry IP Scanner

New Android Spyware LianSpy Evades Detection Using Yandex Cloud

New Cryptokat Ransomware Released Allegedly Claiming Fast Encryption

New Zero-Day Flaw in Apache OFBiz ERP Allows Remote Code Execution

Nigeria: Fake AlatByWema Website Created in the US Is Phishing for Bankers’ Sensitive Information

Nomad bridge hackers made around $4 million by buying the Ethereum dip

Non-Profit Blood Center OneBlood Recovering from Crippling Ransomware Attack

North Korean Hackers Moonstone Sleet Push Malicious JS Packages to npm Registry

Novel Proton Ransomware Variant with Kill Switch Emerges

Olympic venue among 40 museums hit by ransomware attack

Optimizing IT Infrastructure: CFO Views on Attack Surface Management

Point of entry: Why hackers target stolen credentials for initial access

Police Recover Over $40m Headed to Business Email Compromise (BEC) Scammers

Polish quiz website fails cybersecurity test, leaving 60K users exposed

Protect Your Streaming Accounts Now Before It’s Too Late

Ransom Payments Surge, Organizations Pay Average of $2.5m

Ransomware Actors Test New Pressure Techniques

Ransomware Attack Targets Grand Palais Amidst Olympic Events

Ransomware Attack Targets Parisian Museums: Olympic Events Unaffected

Ransomware Crisis Escalating Globally, New Report Shows

Ransomware gang targets IT workers with new RAT masquerading as IP scanner

Ransomware groups develop more sophisticated business models

Ransomware Hits French Museums Amid Olympic Cyberattacks Surge

Ransomware Hits Nearly 40 French Museums Amid Olympics

Ransomware Leads to $30M in Lost Income at Sonic Automotive

Ransomware swells despite collective push to curb attacks

Rapid7 Ransomware Radar Report charts ransomware group activity and methodologies for fresh insights

Researchers Demonstrate New Windows Smart App Control and SmartScreen Bypass Techniques

Researchers unearth Mark of the Web (MotW) bypass technique used by threat actors for years

Rhysida group claims ransomware attack on the City of Columbus

Rite Aid class action alleges data breach affects 2.2M customers

Ronin Bridge Paused After Whitehat Hacker Exposes Vulnerability in $12M Exploit

Ronin hit by $12 million exploit, possibly by white hat hacker

Ronin Network Exploit Sees $9.8M in Ether Stolen; White Hat Hacker Suspected

Ronin Network exploited for $9.8M in ETH, white hat hacker suspected

Scammer boasts about Telegram, Instagram, and TikTok account takeovers on podcast, sparks FBI investigation

Scammers Target Olympic Venue With Ransomware Attack

Securing from Active Directory Attacks

SharpRhino RAT tied to Hunters International ransomware gang

Soft ransomware targets, a new top emerging risk for enterprises

Sonic Automotive says ransomware-linked CDK software outage cost it $30M

Sumter County Sheriff's Office hit by 'ransomware attack'

Sumter County Sheriff’s Office hit by ransomware attack. Here’s what’s impacted

Sumter County Sheriff’s Office victim of ransomware attack

Suspicious Minds: Insider Threats in The SaaS World

Telangana Police in India Recover, Return $10.13 Billion to Cybercrime Victims in 2024

‘The Biggest Fraud Are All Those Fees’: Ticketmaster Data Breach Letters Draw Ire from Affected Customers

The Evolution of Phishing: How AI is Revolutionizing Cybersecurity Threats

Threat Actors Alleged Data Breach on Cartier via BORN GROUP

Threat Actors Announced Doubleface Ransomware, Claims Fully Undetectable

U.S. Government Sues TikTok for COPPA Violations, Exposing Millions of Children’s Data

UK data breach costs soar to £3.58 million

UK data watchdog to fine NHS vendor Advanced for security failures prior to LockBit ransomware attack

US: Southern blood center recovering from ransomware attack

WazirX $230 million cyber attack: Important update from crypto exchange

WazirX Cyber Attack: FIR Filed after 20 Days Amid Community Backlash

WazirX Files Police Case After Cyber Attack on Multi-Signature Wallet; FIR Registered by Delhi Police

What Is Extortionware and How Does It Differ From Ransomware?

White Hat Hacker Suspected in $9.8 Million Ronin ETH Exploit

5th August

2.9 billion hit in one of the largest data breaches ever - full names, addresses and SSNs exposed

5 Reasons why you should have cyber insurance

23andMe Data Breach - Hackers Targeted Jewish and Chinese Users Data

42% of targeted email attacks against larger companies involve lateral phishing

86% of Firms Identify Unknown Cyber-Risks as Top Concern

99% of Global 2000 organizations are linked to a supply chain breach

332 Million Email Addresses Scraped from SOCRadar.io Published Online

AI-enhanced cyber attack tops emerging enterprise risk rankings

Alleged Access Sale for a US Based Gambling Company

Almost Three-quarters of Ransomware Victims Hit Multiple Times

Apple Intelligence is falling for phishing emails, and that could cost iPhone users

Apple Intelligence is marking phishing scams as priority emails - here’s what you need to know

Apple Intelligence Thinks Phishing Emails Are 'Priority' Messages

Apple Unveils Homomorphic Encryption Package for Secure Cloud Computing

APT Group StormBamboo Attacks ISP Customers Via DNS Poisoning

Arisa Health Confirms Data Breach Affected More Than 375,000 Patients

Australia: Environment Protection Authority (EPA) data breach impacts locals

Australia: the federal police investigate 2000 crypto wallet victims of scams

Australia joins global campaign to disrupt and prevent cryptocurrency scams

Australian federal police to probe 2,000 exploited crypto wallets

Australian Police Investigate Crypto Phishing Scams Impacting 2,000 Wallets

Australians Crypto Wallets Hit by Phishing Scams

Best Practices for Handling a Data Breach

BianLian contacts Sable International customers following attack

Blood donations needed after Hurricane Debby as OneBlood recovers from ransomware attack

Calibrated Healthcare Notifies Healthcare Patients of Recent Data Breach

CERT-In issues severe warning on critical Apple vulnerabilities

Channel should use AI to fight ransomware threat

China-Linked Hackers Compromise ISP to Deploy Malicious Software Updates

Chinese hacker group StormBamboo cyberattacks internet provider

Chinese hackers compromised an ISP to deliver malicious software updates

Computers at blood center in southeast US hit by ransomware attack

Connecticut homebuyer loses $600K to hacker theft

Critical Apache OFBiz pre-auth RCE flaw fixed, update ASAP! (CVE-2024-38856)

Critical Flaw in Rockwell Automation Devices Allows Unauthorized Access

Critical Vulnerability in Apache OFBiz Requires Immediate Patching

Crypto hackers buy Ethereum dip using stolen funds

Cyber firm KnowBe4 unknowingly hired a North Korean hacker – and it went exactly as you might think

Cyberattack cost more than $17 million, Key Tronic tells regulators

Data breach victims up by more than 1,000%

DIY Ransomware: novice cybercriminals - bigger threat due to off-the-shelf code

English Premier League fans urged to look out for ticket scams

Escalating data breach disruption pushes costs to new highs

Google fixes Android kernel zero-day exploited in targeted attacks

Google warns to turn off 2G on Android phones to protect against phishing

Hacker group FIN7 is selling EDR evasion tools to other cyber criminals

Halifax phishing warning as this key sign indicates a phone call is fake

Halifax warning over key sign a phone call may be a scam after phishing alert

Home users increasingly targeted by global Magniber ransomware campaign

Immediate Action Required: Critical Apache InLong Vulnerability Exploitable

India: Central Government Warns Taxpayers About Phishing Scams Promising Fake Income Tax Refunds

Is Australia’s Public Sector Ready for a Major Cyber Security Incident?

Jerico Pictures faces class action over massive data breach

Kazakhstan Organizations Targeted by 'Bloody Wolf' Cyber Attacks

Keytronic incurred approximately $17 million of expenses following ransomware attack

Keytronic reports losses of over $17 million after ransomware attack

Keytronic Reveals $15 Million Financial Loss from Ransomware Attack

Louvre, Olympic Venue Among 40 Museums Hit By Ransomware Attack

Low-Drama ‘Dark Angels’ Reap Record Ransoms

LS Networks Provides Notification to Victims of Recent Data Breach

LulzSec Muslims Allegedly Targeting Argentina

Major ticket seller suffers data breach: Was your identity stolen?

Malaysian 'mastermind' behind worldwide phishing scams still active, claims report

Massive Magniber campaign targets home users worldwide

More than 4 million Americans' info is exposed in massive health savings account data breach - in ANOTHER hack linked to Microsoft

Nation-State Attacks Target Hardware Supply Chains

National Payments Corporation of India (NPCI) cuts off hundreds of banks over IT vendor ransomware attack

National Public Data Sued for Hack that Exposed Data of 2.9 Billion People

New Android spyware is tracking Russian victims, researchers say

New Android Trojan "BlankBot" Targets Turkish Users' Financial Data

New LianSpy malware hides by blocking Android security feature

Nomad Bridge Hacker Leverages Ethereum’s 33% Crash, Buys the Dip

Nomad hacker buys the dip, scooping up $40M of Ethereum (ETH) two years later

North Korean hackers attack South Korea’s construction, machinery sectors

North Korean hackers exploit VPN update flaw to install malware

Northern Ireland: Education data breach has left parents of Special Educational Needs (SEN) pupils feeling ‘further disheartened’, says reform group

Northern Ireland: Investigation Launched Into Department Of Education Data Breach

Northern Ireland: Legal action against Department of Education over data breach

Northwest Arkansas Community College pushes back fall semester start in wake of cyber attack

Omaha National Notifies Consumers of Recent Data Breach Following Compromised Email Accounts

OneBlood Says Its Critical Software Systems Are Starting to Come Back Online Following Ransomware Attack

OneBlood says systems are rebooting after cyberattack

OneBlood software coming back online amid ransomware event

OneBlood software partially restored after ransomware attack

OneBlood still accepting donations during Tropical Storm Debby despite ransomware attack

OneBlood systems start to come back online after ransomware attack

Over $4 Billion In Crypto Scam Losses Prompts Australian Police to Join Global Campaign

Over two fifths of critical infrastructure organisations have suffered a cyber breach

Phishing Scam Compromises Thousands of Australian Crypto Wallets

PlayNow advises users to update password credentials after cyber attack

Proton ransomware continues evolution with latest Zola variant

Ransomware gang targets IT workers with new SharpRhino malware

Replacement for Action Fraud, UK’s cybercrime reporting service, delayed again until 2025

Researchers Uncover Flaws in Windows Smart App Control and SmartScreen

Rhysida ransomware group claims Columbus, Ohio, cyberattack

Schools will remove app from students' Chromebooks and iPads following security breach

Singapore Ministry of Education (MOE) Orders Removal of Mobile Guardian App After Data Breach

Singapore police wrest back $41 million stolen from commodities firm in Business Email Compromise (BEC) scam

South Korean Fitness Platform Allegedly Breached

Tech contractor exposes data of 4.6 million US voters

The average cost of a retail data breach is...

The role of AI in cybersecurity operations

Threat Actor Claims to Sell 3 Million US Credit Cards Information for $180,000

Threat Actor Claims to Sell Users Data of Brazil’s Largest Casino, Compromised 13 Million Users Data

Threat Actor Groups Launching Attacks Using Leaked Ransomware Variants

Threat Actor Groups Using Leaked Ransomware Variants To Launch Attacks

Two-Thirds Of Healthcare Organisations Were Hit By Ransomware In 2024

U.S. pharma company Cencora says hackers stole patients' personal and health information

UK Data Privacy Watchdog Targets Social Media for Children’s Privacy Violations

Unprecedented $75M Ransomware Payout Signals Growing Threat

US: Southern blood center recovering after ransomware attack

US Sues TikTok For Children’s Law Violations

Users are getting malware instead of software updates in ISP breach

Windows Smart App Control, SmartScreen bypass exploited since 2018