Editor's Message

Welcome to DBD. On March 8th we celebrated our 4th Anniversary and the 1st Anniversary of our PRiSM application, officially endorsed by the SANS Institute. Despite recent personal issues that have impacted the amount of time I have been able to dedicate to both projects, I have been doing my best to keep everything as up-to-date as possible, and I would like to take this opportunity to thank everyone for their patience and support whilst I navigate through this very difficult time. Stay safe. :)



Monday, 12 August 2024

Data Breaches Digest - Week 33 2024

Welcome to this week's Data Breaches Digest, a catalogue of links concerning Data Breaches and Cyber Security that were published on the Internet during the period between 12th August and 18th August 2024.


18th August

1LINK Clarifies Reports of Cyber Attack on ATM, Online Banking Services in Pakistan

A ransomware attack closed Los Angeles courts for two days. The public deserves a full accounting

Chrome will redact credit cards, passwords when you share Android screen

Crypto firm says hacker locked all employees out of Google products for four days

Cyber specialists from the Ukrainian Defense Intelligence have paralyzed a Russian nuclear warhead developer

Florida firm sued over data breach that exposed Social Security numbers

How to freeze your credit - and how it can help protect you after data breaches

Massive Data Breach Compromises Millions Of Social Security Numbers

Massive Data Breach Exposes Billions Of Personal Records

North Miami councilman talks about cyber attack: ‘City is being extorted’

Personal data, including Social Security numbers, stolen in massive data breach, lawsuit says

Ransomware attacks surge 58% in July, breaking records

Ransomware revenues and crypto thefts to surge in first half of 2024

The Slow-Burn Nightmare of the National Public Data Breach

Threat Actor Allegedly Selling Network Access to Corporations, Prices Range Up to $3,000

Ukraine’s intelligence reveals details of cyber attack on producer of Russian nukes

17th August

5 ways to spot a phishing email: A guide to cyber awareness

6 essential tips for more secure online transactions

7-Year-Old Pre-Installed Google Pixel App Flaw Puts Millions at Risk

As much as $5.1bn in illicit crypto transactions linked to UK annually, National Crime Agency (NCA) says

Azure domains and Google abused to spread disinformation and malware

Billions May Have Had Personal Information, Including Social Security Numbers, Leaked on the Dark Web in Massive Data Breach

Billions of Personal Records Stolen in Florida Data Breach...Are You One of the Victims? Find Out Now!

Chile Faces Major Data Breach Exposing Millions

Crypto-Stealing Malware 'Styx Stealer' Exposed by Hacker's Critical Mistake

Flint officials, residents still dealing with effects of ransomware attack

Florida company faces multiple lawsuits after massive data breach

Hong Kong Monetary Authority (HKMA) Warns Public About Phishing Emails Impersonating Dah Sing Bank

How the ransomware attack at Change Healthcare went down: A timeline

Japan: Ransomware attacks force companies to take precautionary measures

Massive Data Breach Exposes Billions Of Social Security Numbers

National Public Data admits it leaked Social Security numbers in a massive data breach

National Public Data Confirms Massive Data Breach. Millions of Social Security Numbers Exposed in Shocking Leak

National Public Data confirms massive data breach included Social Security numbers

National Public Data Suffers Massive Data Breach Exposing Millions

New Mad Liberator gang uses fake Windows update screen to hide data theft

Ransomware strikes Australian mining giant

Should You Be Worried About the National Public Data (NPD) Data Breach?

T-Mobile Fined $60 Million for Breaches of National Security Agreement

They steal 14 million dollars in cryptocurrency with hacker attacks on Cayman Islands exchanges: 4 arrests in a luxury villa on the Amalfi coast

Threat Actor Claims to Sell Data of Over 1.2 Billion China Mobile Users, Including Sensitive IMEI Information

$VOW Plummets Over 50% Following Cyber Attack Report Uncovering Multi-Million Dollar Hack

What small businesses should know about phishing attacks

16th August

2.7 billion records leaked in massive US data breach

2.9 billion Social Security records possibly stolen in massive data breach

6 Things to Know About the Social Security Number Data Breach

7 simple steps to protect yourself after a data breach

49% of DDoS attacks targeted gaming organizations

2024 Sees Surge in Crypto Hacks and Ransomware Attacks

A flaw in Proofpoint’s anti-phishing platform allowed a hacker to send millions of spam emails

A 'very large percentage' of Pixel phones have a hidden security vulnerability

Airbnb guest mines $100K in crypto, leaves host with $1,500 power bill

Ambulnz Experiences Data Breach Affecting Patients of Jefferson Health, Main Line Health, Mount Sinai Health System, and UCHealth

Angus Council admits ‘serious’ data breach after Ukrainian refugee details released

Another huge data breach: Don’t stress out; take action instead

ArtiPACKED Flaw Exposed GitHub Actions to Token Leaks

Attackers Exploit Public .env Files to Breach Cloud and Social Media Accounts

Background-check giant confirms security incident leaked millions of SSNs

Business and tech consolidation opens doors for cybercriminals

Can Microsoft Copilot Into a Phishing Tool?

Central Bank of Iran Under Siege: Massive Cyberattack Disrupts Banking

Chainalysis Reports Decline in Illicit Transactions On-Chain Despite Rise in Stolen Funds and Ransomware

CISA warns critical SolarWinds RCE bug is exploited in attacks

Columbus offering free credit monitoring to all residents after ransomware attack

Competenz Confirms Cyber Attack On IT Systems

Copy2Pwn Vulnerability Bypasses Windows Protections

Crypto Crime Drops, But Ransomware & Heists Surge in 2024

Crypto Crime Shifts Gears: $1.58B Stolen as Ransomware Hits $459.8M

Crypto firm says hacker locked all employees out of Google products for four days

Crypto Ransomware Inflows Rise As Attackers Shift to Targeted, ‘Big Game Hunting’ Strategy

Crypto-linked cybercrime saw another record year as ransomware risk rises

CVE-2024-38063: An In-Depth Look at the Critical Remote Code Execution Vulnerability

Cyberattack has cost Hamilton $7.4M so far, says city

Cybercrime consolidation: the big fish are getting bigger

Data breach exposed details of Ukrainian refugees in Scotland

Data Breach Reportedly Leads To Stolen Social Security Numbers Of Nearly 3 Billion Americans

Data Breach Strikes AutoCanada as Company Recovers from CDK Outage

Data of more than half of Chile’s population exposed in massive leak

Dispossessor ransomware group shut down by US, European authorities

Dragos reports resurgence of ransomware attacks on industrial sectors, raising likelihood of targeting Operational Technology (OT) networks

Enzo Biochem to pay $4.5 million over cyberattack, New York attorney general says

Every American's Social Security number, address may have been stolen in hack

Evolution Mining targeted in latest cyber attack

FBI and CISA Reassure Public on Election Day Cybersecurity Amid Ransomware Concerns

FBI, Attorney General (AG) investigating ransomware attack responsible for internet, phone outages in Flint

File-sharing phishing attacks on the rise, report reveals

Flint, Michigan ransomware attack knocks city offline

Flint's Municipal Services Disrupted by Criminal Ransomware Attack, FBI Investigates

Florida-Based National Public Data Confirms Data Breach

Geopolitical Tensions Drive Explosion in DDoS Attacks

Google Pixel Devices Shipped with Vulnerable App, Leaving Millions at Risk

Google warns of phishing threat targeting U.S. elections and Israeli accounts

Greater Manchester Cyberattack Exposes Thousands to Phishing Scam

Group behind Jefferson County Clerk's Office data breach claims county files stolen, officials say

Hackers demanded crypto ransom amid cyber attack at Paris 2024 Olympics

Hackers Just Leaked a Bunch of Social Security Numbers. Here's What To Know

Hackers may have stolen your Social Security number in a massive breach. Here's what to know

Half the population of this entire country may have had their personal data leaked in massive data breach

Home Security Company ADT Confirms Data Breach after a Hacker Lists Stolen Database for Sale

Hong Kong Monetary Authority (HKMA) Warns Public of Phishing Scams Impersonating Bank of China (Hong Kong)

How to Check if Your Information Was Compromised in the Social Security Number Breach

How to Modernize Your Cryptography Ahead of the Quantum Threat

Illicit Blockchain Activity Down 20% But Stolen Funds, Ransomware Inflows Rise

Industrial firms face ransomware spike in second quarter

International authorities dismantle Dispossessor ransomware group targeting global companies

Investigation into cyber attack at University of Winnipeg concludes, more groups affected

Iranian hackers target allies of Donald Trump and Kamala Harris, FBI says

Japan: Ransomware attacks force companies to take precautions

KnowBe4 cautions phishing is now a major global curse

Lawmakers Ask for Probe of Chinese Router Maker TP-Link

Looking to Freeze Your Credit After the National Public Data Breach? Here’s How

Manual techniques are fueling ransomware attacks

Massive Cyber Attack Exposes Billions of Social Security Numbers and Personal Data

Massive Data Breach at Change Healthcare Exposes Billions of Medical Claims...What It Means for Your Privacy

Massive data breach that includes Social Security numbers may be even worse than suspected

McLaren confirms disruptions were caused by ransomware attack

McLaren Health confirms ransomware attack, says recovery will last through August

McLaren recovery from cyber-attack could last through month

More African countries rank high on global cyber attack index

Multi-Stage ValleyRAT Targets Chinese Users with Advanced Tactics

Muncie data breach: W2s inadvertently emailed to unintended party

National Community Pharmacists Association (NCPA) Sues UnitedHealth and Subsidiaries for Massive Cyber Attack

National Public Data confirms breach affecting Social Security numbers of nearly all Americans

National Public Data confirms breach exposing Social Security numbers

New Banshee Stealer Targets 100+ Browser Extensions on Apple macOS Systems

New infostealer targets macOS devices, appears to have Russian links

New POS Malware “ShadowPOS” Advertised in DarkWeb Forum

Newly emergent Mad Liberator ransomware gang detailed

North Miami Works to Restore Services After Cyber Attack

Personal e-mail accounts of US election campaign workers targeted in cyber attack

Police officers file lawsuit against city after cyber attack leaks their bank & personal information

Potential Data Exposure Issue Discovered in NetSuite’s SuiteCommerce Platform

Pre-installed app on millions of Pixel devices is making them vulnerable to attack

Protecting Millions: How CISOs Use Take Down Services to Shield Patient Data

Radiology information systems provider reports data breach

Ransomware attack on Flint affecting city services as FBI investigates incident

Ransomware attack on Indian payment system traced back to Jenkins bug

Ransomware attack proceeds, crypto theft rise in first half

Ransomware gangs escalating tactics, going to ‘chilling’ lengths

Ransomware in the global healthcare industry

Ransomware Kingpin Extradited to U.S. Faces Decades in Prison

Ransomware on the Rise: Steps to Protect Your Practice and Systems from Cyber Disruption

Ransomware on track for highest-grossing year

Ransomware Surge Exploits Cybersecurity Gaps Caused by M&A

Ransomware threats are on the rise, with LockBit 3.0 leading global attacks

Rödl & Partner Provides Notice of Data Breach Following Early 2024 Data Breach

Russia ups the ante: Kremlin-backed hackers launching more sophisticated phishing attacks

Russian Hacker Jailed 3+ Years for Selling Stolen Credentials on Dark Web

Security Experts Welcome NIST’s New Encryption Standards For Quantum Computers

Scotland: Council data breach sees personal details of Ukrainian refugees released

Scotland: Council probe ‘serious data breach’ after personal details revealed on Facebook group

Scotland: Ukrainian refugee's personal details released after data breach

Social Security number breach: 2.9 billion records reportedly stolen; what to do now

Social Security Numbers and Personal Data of Billions Breached in National Public Data Cyber Attack. Here’s What You Need to Know

Striking a Balance Between Business Growth, Risk Management and Cybersecurity

Tech support scammers impersonate Google via malicious search ads

The cyberattack cycle: First comes outage, next comes phishing

The Slow-Burn Nightmare of the National Public Data Breach

Threat Actor Claims to Have Access to a Popular E-commerce Website

Threat Actors Increasingly Target macOS, Report Finds

UConn Health Files Notice of Data Breach with Federal Government

Understanding healthcare data breach lawsuit trends

University of Winnipeg Data Breach Worse Than Expected: New Details Emerge

Unmasking Styx Stealer: How a Hacker’s Slip Led to an Intelligence Treasure Trove

US Bipartisan Committee Urges Investigation Into Chinese Wi-Fi Routers

US Lawmakers Call for Investigation into TP-Link Amidst Chinese Cyber Attack Fears

US lawmakers urge probe of WiFi router maker TP-Link over fears of Chinese cyber attacks

What to do when you’re involved in a data breach

Why Are Organizations Losing the Ransomware Battle?

Why CEOs Must Integrate Take Down Services into Their Cybersecurity Plan

World Agricultural Cycling Competition Targeted in Large-Scale Phishing Scam

ZeroSevenGroup Claims to Have Hacked Toyota Branch, Allegedly Leaking 240 GB of Sensitive Data

15th August

2.9 billion records may have been exposed in a data breach. Here's what to know

2.9 billion records, including Social Security numbers, stolen in data hack: What to know

6 things to know about the Social Security number hack

74% of IT professionals worry AI tools will replace them

5,000 AI-Controlled Fake X Accounts Linked to China Disinformation Campaign

A banner year for data breaches: Cybersecurity expert shows how to protect your privacy

A massive cyber attack hit Central Bank of Iran and other Iranian banks

Advanced ValleyRAT Campaign Hits Windows Users in China

Akeela faces legal action for alleged negligence in handling patient data

Alaska mental-health provider Akeela sued over delayed data breach warning

Alleged EduSports Breach Leaked 70K Rows

Another Record Year For Ransomware Beckons as Crypto Profits Hit $460m

Australian gold mining giant targeted by a ransomware attack

Average cost of a data breach in the Middle East rises to $8.75 million

Background check service data breach may affect 2.7 billion individuals

Barracuda exposes advanced phishing attacks with new malware

Benefits plan provider Aviben says third party software breach impacted 40,000 customers

Billions of people possibly compromised after National Public Data breach

Bolton affected by phishing scam and cyber attack

Centralized Exchanges Reclaimed by Hackers as Ransomware Payments Soar in 2024

City of Flint online & phone services victimized by ransomware attack

City of Flint’s network outage caused by criminal ransomware attack

Class action suit reveals major data breach, exposing Social Security Numbers

Cloud Extortion Campaign Uses Exposed AWS .Env Files to Target 110,000 Domains

Could Your Social Security Number Be on the Dark Web?

Court order merges Acadian Ambulance class actions over data breach

Critical RCE bug in SolarWinds Web Help Desk fixed (CVE-2024-28986)

Crypto Hacks and Ransomware Increase, Illicit Crypto Transactions Decline

Cyber Attack Sparks False Doping Allegations Against Polish Sports Stars, Including Iga Swiatek and Robert Lewandowski

Cyber hack releases 2.9 billion records, Social Security numbers to dark web: What to know

Cyber-criminals Exploited Paris Olympics With Fake Domains

Cybercrime group disables EDR software to launch RansomHub ransomware

Cybersecurity expert explains what to do if you were impacted by Social Security data breach

DATA BREACH: Billions of records, including Social Security numbers, stolen in hack

Data Breach Has Gathered 2.9 Billion Social Security Numbers and Identities

Data Breach Reportedly Includes Social Security Number of Most Americans

Data stolen in Jefferson County, Kentucky, cyberattack includes election info, employee reviews

DDoS attack volume rises, peak power reaches 1.7 Tbps

Dispossessor ransomware group shut down by US, European authorities

EDRKillShifter: New EDR Killer Tool in Ransomware Actors’ Toolkit

Elmhurst Sports Club Target Of Phishing Scam

Enterprise Financial Group (EFG) Companies breached through third-party VPN

Enzo Biochem settles ransomware-related breach for $4.5M

Evolution Mining targeted in latest cyber attack

Experts Weigh In on Refusing or Paying After a Ransomware Attack

Extreme data breach may affect over 2 billion people

Fraser Child and Family Center Notifies 67k of Recent Data Breach

Gadsden School District hit by ransomware, no student data compromised

GitHub Vulnerability 'ArtiPACKED' Exposes Repositories to Potential Takeover

Google found that Iran carried out cyber attacks against Trump, Biden and Harris

Google raps Iran's APT42 for raining down spear-phishing attacks

Google Report Exposes Iranian Hacker Attacks on Israeli and U.S. Targets

Google to remove app from Pixel devices following claims that it made phones vulnerable

Google Warns of Iranian Cyber-Attacks on Presidential Campaigns

GRIT Ransomware Report: July 2024

Guaranty Trust Bank (GTBank) Assures Customers No Data Breach, Confirms Attempt To Compromise Website

Hackers behind cyber attack ordered by judge to return stolen NHS patient data

Hackers ordered to return or delete data stolen from two London NHS trusts

Hackers stole patient data from Alabama Cardiovascular Group's systems

Healthcare provider Monte Nido reveals data breach exposing sensitive patient information

Hide your environment files! Or risk getting your cloud-stored data stolen and held for ransom

Highly-Personalized Phishing Campaign Targets Russian Government Dissidents

Hong Kong privacy watchdog opens probe into Oxfam Hong Kong's data breach

How Iran-linked hackers escalated cyber attacks on Israel and US

How passkeys eliminate password management headaches

How to Maximize Network Security With AI and ML

How to spot a phishing scam – and protect yourself

Human Error - An Overlooked Aspect of Cyber Risk

Iga Swiatek false doping claims quickly dismissed by Polish agency after cyber attack

Increasingly advanced phishing campaigns launched by Russia

Iranian APT42 Group Launches a Massive Phishing Campaign to Attack U.S. Presidential Election

Iranian banking system hit by major cyber attack

Iranian Group APT42 Behind Trump, Biden Hack Attempts

Iranian hackers targeting affiliates of both US presidential campaigns

Israel: Cyber Directorate - 60% increase in attacks in 2023

July ransomware attacks slam public sector organizations

Kootenai Health says data security incident impacted over 450,000 individuals

Landmark Admin notifies clients of data breach

Lessons From a $2 Million Ransomware Attack SEC Settlement

Looking to Freeze Your Credit After the Alleged National Public Data Breach? Here’s How

Los Angeles: Public Deserves Full Accounting of Ransomware Attack

LulzSec Muslims Demands Ransom from Argentine Government

Major ransomware attack exposes vulnerabilities in South Africa’s public health sector

Massive Data Breach Exposes 2.7 Billion Records: Are Cuban Americans at Risk?

Massive Data Breach Exposes Billions of Personal Records – Here’s What You Can Do to Prevent Identity Theft

Massive data breach exposes personal information of billions

More Than 60% of Successful Ransomware Attacks Sourced Through SaaS Applications

National Public Data breach: How to protect yourself and your SSN

National Public Data class actions allege company responsible for data breach affecting billions

National Public Data data breach reportedly affects everyone in US, UK, Canada

NAZA Warns Of Group CEO Being Used In Phishing Scams

New Cyber Threat Targets Azerbaijan and Israel Diplomats, Stealing Sensitive Data

New email phishing campaign targets Russian dissidents worldwide

New Gafgyt Botnet Variant Targets Weak SSH Passwords for GPU Crypto Mining

New ValleyRAT Malware Targets Chinese Windows Users in Multi-Stage Attack

Park Dental Announces Data Breach After Hackers Accessed Employee Email Accounts

Pemiscot Memorial Hospital Provides Notice of Data Breach to Over 33k Patients

Phishing via file-sharing services jumps 350%

RansomHub Group Deploys New EDR-Killing Tool in Latest Cyber Attacks

Ransomware and theft drive over $2 billion in illicit crypto activity in 2024

Ransomware Attacks on Industrial Firms Surged in Q2 2024

Ransomware gang deploys new malware to kill security software

Ransomware gangs rake in more than $450 million in first half of 2024

Ransomware Group Behind Major Indonesian Attack Wears Many Masks

Rhysida claims ransomware attack on The Washington Times

Rhysida Ransomware Lays Claim on Washington Times Hack

Rivers Of Phish – New Phishing Campaign Attacks Russia Enemies Globally

Russia escalates phishing attacks with sophisticated tactics

Russia's FSB Behind Massive Phishing Espionage Campaign

Russian citizen sentenced in US for selling stolen financial data on criminal marketplace

Russian National Receives 40-Month Sentence for Selling Stolen Login Credentials

Russian state-sponsored phishing campaign targets Western NGOs and diplomats

Russian-Linked Hackers Target Eastern European NGOs and Media

Social Security Data Breach 2024. How to freeze your credit?

SolarWinds Releases Patch for Critical Flaw in Web Help Desk Software

SolarWinds Urges Upgrade After Revealing Critical RCE Bug

Steps to take to protect yourself from identity theft after massive social security data breach

SystemBC malware deployed in Black Basta-linked attacks

T-Mobile Fined $60M by Committee on Foreign Investment in the U.S. (CFIUS) for Data Breach Failings

T-Mobile fined $60 million over data breach, notching top Committee on Foreign Investment in the U.S. (CFIUS) penalty

T-Mobile to pay $60 million settlement for data breach

T-Mobile's data security lapse leads to record-breaking fine

TD Bank employee ‘improperly’ accessed customer data

The AI balancing act: Unlocking potential, dealing with security issues, complexity

This new phishing attack uses a sneaky infostealer to cause maximum damage

Thousands targeted with phishing emails after cyber attack on Greater Manchester councils

Threat Actor Claims Breach of South Korean Career Site Database

U.S., Israel Subjected to Escalating APT42 Phishing Attacks

UnionPay International Hit by Alleged Breach Exposing Over 637 Million Records for Sale

University of Winnipeg: Cyber attack update - Investigation concluded

Unlearning the RaaS Model: How ransomware attacks are evolving

Value of Crypto Hacks, Ransomware Payments Rise in 2024

Was your Social Security number leaked to the dark web? Here's how to know and what to do

Watch Out for Info-Stealers and RATs

What you can do about the massive data breach that probably exposed all of your personal info

Wiping a Windows laptop? Here's the safest free way to erase your personal data

Your Social Security number may have been stolen by hackers. How to freeze your credit

14th August

3 Billion Compromised in Massive Data Breach: Should You Be Worried?

75% of security leaders say threat intelligence is most valuable skill

2024 Paris Olympic Venue Hit by a Ransomware Attack

A Single Iranian Hacker Group Targeted Both Presidential Campaigns, Google Says

Accounting firm Heier Weisbrot & Bernstein suffers data breach, exposing client information

ADT confirms data breach that compromised customer data

Alleged Data Breach at Universitas PGRI Pontianak Exposes Sensitive Information

Approximately 2.8M User Data From Lulu Hyper Market is For Sale

AutoCanada discloses cyberattack impacting internal IT systems

Belarusian-Ukrainian Hacker Extradited to U.S. for Ransomware and Cybercrime Charges

Beware of New Phishing Campaign that Impersonates Google Safety Centre

Biotech company hacked in 2023 pays states $4.5 million over breached data

Black Basta-Linked Attackers Target Users with SystemBC Malware

Bridewell research reveals 71% of government organizations hit by ransomware attack

Business Email Compromise (BEC) scam costs Orion nearly $60M

Caught on the net: Russia-linked phishing campaigns ensnare Russian and Belarusian civil society, as well as international NGOs

China-Backed Earth Baku Expands Cyber Attacks to Europe, Middle East, and Africa

Columbus Mayor Confirms Ransomware Attack, Assures No Usable Personal Data Leaked on Dark Web

Columbus ransomware data leak: How you can protect yourself from credit fraud

Columbus Suffers Major Data Breach, Over 400,000 Citizens' Information Exposed on Dark Web

Critical Flaw in Ivanti Virtual Traffic Manager Could Allow Rogue Admin Access

Cyber Attack Cripples Central Bank of Iran

Cyber attack on Greater Manchester councils leaves residents vulnerable to phishing

Cyber-Attack Spreads Phishing Scam Across Greater Manchester Areas

Cybercrime Surge Highlights Phishing Scams Targeting Both Individuals And Businesses

Cybersecurity Lessons Learned From the Recent CDK Car Dealership Ransomware Attack

DDoS Attacks Surge 46% in First Half of 2024, Gcore Report Reveals

Deciphering the Brain Cipher Ransomware

Disclosure of Data Through Website Cookies May Be a Data Breach - What A Recent Court Ruling Means for Healthcare Businesses

Ensuring Compliance: CFO Perspectives on Third-Party Risk Management

Enzo Biochem ordered to cough up $4.5 million over lousy security that led to ransomware disaster

Enzo Biochem to Pay $4.5 Million Settlement Over Cybersecurity Failures Leading to Data Breach

Every American's Social Security number, address may have been stolen in hack

Expert counters downplaying of Columbus ransomware-related data breach

Fake contests and phishing scams surge, warns Cyprus Consumers Association

FBI Shuts Down Infamous Radar Ransomware Syndicate in Global Sting, Cleveland, United Kingdom, and Germany Crack Cybercrime Fortress

From Celebrations to Cyber Strikes: The Rise of Hacktivism During Independence Day Events

FSB-Linked Phishing Campaign Targets Russian Activists, Independent Media

Gadsden School District hit by ransomware, no student data compromised

General Motors (GM) lawsuit is Texas attorney general’s first shot in privacy initiative

Generative AI phishing: Why cybersecurity training must evolve

GitHub Actions artifacts found leaking auth tokens in popular projects

Gold Mining Company Struck by Ransomware Attack

Golddigger And Gigabud Android Malware Attacking Airlines Customers

Greater Manchester: Cyber attack leaves thousands vulnerable to phishing scam

Greater Manchester Residents Receive Phishing Messages Following Attack

Hackers hit Paris Olympics venues & museums with ransomware

High-Risk Cloud Exposures Surge Due to Rapid Service Growth

How LLMs are Revolutionizing Data Loss Prevention

How to react during a cyber-crisis

Idaho outpatient imaging center suffers data breach

Inc Ransomware Encryptor Contains Keys to Victim Data Recovery

Indian telecom regulator orders crackdown on spam calls

Iran's central bank crippled in massive cyberattack

Iranian Banks Suffer Major Cyber Attack, Reportedly Among the Largest in History

Is your personal data among the billions included in the National Public Data leak?

‘It was Iran,’ Trump says of presidential campaign hack

Kootenai Health Ransomware Attack: 464,000 patients Data Exposed

Large-scale cyber attack cripples Iranian banks

Major cyber attack strikes banks in Iran

Malware Payloads, Tactics Identified in Active AnyDesk and Microsoft Teams Social Engineering Campaign

Manufacturing Firm Loses $60m in BEC Scam

Massive cyber-attack on Iran's major banks

Massive cyberattack rocks Central Bank of Iran, computer system paralyzed

Massive data breach at East Valley Institute of Technology (EVIT) exposes sensitive information of over 200,000 individuals

Mayor of Columbus, Ohio, says ransomware attackers stole corrupted, unusable data

Media, activists, former US diplomat were on Russia-aligned phishing campaigns' hit lists

Microsoft Fixes Nine Zero-Days on Patch Tuesday

Microsoft Issues Patches for 90 Flaws, Including 10 Critical Zero-Days

Microsoft Patched 6 Actively Exploited Zero-Day Flaws

Microsoft Tackles 9 Zero-Day Exploits in August 2024 Patch Tuesday Update

More hackers want to bite Apple: new malware in high demand

National Cyber Security Centre (NCSC) Calls on UK Firms to Join Mass Cyber-Deception Initiative

New Cybersecurity Concerns Emerge as Kamala Harris Presidential Campaign Targeted by Foreign Hackers

New Phishing Attack Uses Sophisticated Infostealer Malware

New Phishing Campaign Attacking AWS Accounts To Steal Logins

NIST releases first encryption tools to resist quantum computing

NIST’s Shield Against Quantum Cyberattacks: New Encryption Standards

NoName057(16) Claims DDoS Attack on Ukrainian Websites

Oldham Council housing website down after cyber attack

Over 464K impacted by ransomware attack against Kootenai Health

Poland: Iga Swiatek and Robert Lewandowski victims of cyber attack leaking 'fake doping tests'

Probe launched after 470,000 people potentially affected in Oxfam Hong Kong data breach

Prolific RaaS, malvertising scheme leader faces US charges

Putting Threat Modeling Into Practice: A Guide for Business Leaders

Ransomware attackers introduce new EDR killer to their arsenal

Ransomware group claims it hacked the Washington Times - hosts data auction on dark web

Ransomware Groups Weaponise Stolen Data To Pressurise Targets Refusing Payment

Ransomware incidents rising with M&A activity, new data shows

Ransomware Kingpin Who Called Himself "J P Morgan" Extradited to the United States

Report finds threat actors exploit cybersecurity gaps from M&A and software consolidation to maximise damage and profit

Report reveals lag in disclosure of ransomware attacks in 2023

Research shows 350% surge in file-sharing phishing attacks

Research Uncovers New Microsoft Outlook Vulnerability

Researchers Identify Working Method to Exploit GitHub Artifacts to Hack Major Projects

Revealing the UTG-Q-010 Campaign: A Deep Dive into Cryptocurrency Lures and Pupy RAT

Risk Management Strategies: Incorporating Cloud WAFs into Your Plan

Russia launching more sophisticated phishing attacks, new report finds

Russia Spreading Deepfakes and Misinformation on Kursk Offensive, Says Ukraine

Russia-Backed Hackers Target Human Rights Groups With Sophisticated Emails

Russia-Linked Phishing Attacks Targeted NGOs And Ex-U.S. Ambassador

Russian cyber snoops linked to massive credential-stealing campaign

Russian spy agency hackers breach human rights groups, victims say

Russian who sold 300,000 stolen credentials gets 40 months in prison

SAP Update Addresses Critical Vulnerabilities That Enable System Takeover by Hackers

Social engineering attacks continue to evolve – here’s how to keep up

SolarWinds fixes critical RCE bug affecting all Web Help Desk versions

‘Stunning’ data breach at New Jersey healthcare company, Attorney General says

Texas firm says it lost $60M in a bank wire transfer scam

The importance of rapid response

The State of Ransomware in State and Local Government 2024

The Upside-Down, Topsy-Turvy World of Ransomware

The Washington Times newspaper claimed by Rhysida ransomware cartel

There’s a new ransomware gang on the block, and it’s exploiting the human element

Threat Actor Offers Blum South East Asia Client and Payment Data for Sale

Threat actors leverage cybersecurity gaps from M&A

Trump campaign hack-and-leak appears like a rerun of 2016. This time, media outlets are responding differently

Trump, Biden, Harris targeted in Iran phishing campaign, Google finds

Trumpsters suddenly forget 2016 and urge media to not publish leaked documents

Unlocking the Front Door: Phishing Emails Remain a Top Cyber Threat Despite MFA

Update from the Ransomware Trenches

US Army soldier conspired with Chinese Government agent to deliver top-secret information

Was Your Social Security Number Stolen in the National Public Data Breach? What to Do

What Were the Key Ransomware Trends in July?

White hat hacker shines spotlight on vulnerability of solar panels installed in Europe

Zero-click Windows TCP/IP RCE impacts all systems with IPv6 enabled, patch now

13th August

3AM ransomware stole data of 464,000 Kootenai Health patients

35% of exposed API keys still active, posing major security risks

A ransomware attack closed L.A. courts for two days. The public deserves a full accounting

Aire Dental Arts Notice of Data Breach

Alleged European KYC Data is For Sale

Alleged Magento Admin Access to a US Company is For Sale

Almost two-thirds of ransomware-related claims result in loss

Americans’ personal data posted online for free: over 2.7 billion records leaked

Architect of Ransomware-as-a-Service Model Extradited to U.S. After More than a Decade on the Run

Australia's Evolution Mining targeted in latest cyber attack

Australian gold mining company hit with ransomware

Bayou Vermilion District Urged to Enhance Cybersecurity Measures Following Auditor’s Report

Biden-Harris Campaign, Trump Operative Stone Also Target of Hackers

Bob and Maria most breached male, female names

Browser backdoors: Securing the new frontline of shadow IT

Carbon black supplier Orion loses $60 million in business email compromise scam

Cato Network Reports Spike in Attempts to Exploit Log4j Vulnerabilities

CERT-UA warns of a phishing campaign targeting government entities

China-linked hackers could be behind cyberattacks on Russian state agencies, researchers say

Cleveland FBI shuts down ransomware enterprise

Collaborating for optimal threat intelligence

Consumers file multiple class actions over Acadian Ambulance data breach

Cost of a data breach 2024: Financial industry

Critical SAP flaw allows remote attackers to bypass authentication

Critical Vulnerabilities Exposed in Microsoft Azure Health Chatbot Service

Crypto fraudsters bilked $650M from thousands of victims, Securities and Exchange Commission (SEC) says

Dangerous ransomware sites shut down by FBI

Data breach hits Indonesia’s National Civil Service Agency ahead of Independence Day

Data breach may have exposed billions of personal records, lawsuit claims

Data stolen in Columbus, Ohio, ransomware attack likely ‘unusable,’ mayor says

DDoS Attack Behind Glitches in Musk-Trump Interview on X, Claims Tesla CEO

Dispossessor ransomware group shut down by US, European authorities

East Valley Institute of Technology Data Breach Exposes Over 200,000 Records

Escalating ransomware and phishing threats demand reinforced cyber defenses for aviation

Evolution Mining’s IT systems disrupted by ransomware attack

FBI claims success in taking down another major ransomware group

FBI Confirms Trump 2024 Campaign Hacking Investigation

FBI Disrupts Dispossessor Ransomware Group, Seizes Servers

FBI Disrupts Operations of the Dispossessor Ransomware Group

FBI Leads Effort to Dismantle Radar/Dispossessor Ransomware

FBI Shuts Down Dispossessor Ransomware Group's Servers Across U.S., U.K., and Germany

FBI Shuts Down Dispossessor Ransomware Operations, Domains Dismantled

FBI Shuts Down Dozens of Radar/Dispossessor Ransomware Servers

FBI takes down ‘Radar/Dispossessor’ ransomware group, 43 companies targeted worldwide

FBI-led Operation Shut Down Radar/Dispossessor Ransomware Group’s Servers

Federal Trade Commission (FTC) works on AI fraud prevention

Feds bust minor league Radar/Dispossessor ransomware gang

Gastrointestinal Medicine Associates Notifies Patients of Recent Data Breach

GhostWrite: New T-Head CPU Bugs Expose Devices to Unrestricted Attacks

Gold Mining Firm in Australia Reports Ransomware Breach

Gold producer Evolution Mining confirms ransomware cyber attack, says incident 'contained'

Hackers Leak 1.4 Billion Tencent User Accounts Online

Hackers may have stolen the Social Security numbers of every American. How to protect yourself

Hidden crisis in cybersecurity: 17 out of 20 professionals suffering from fatigue and burnout

Home security giant ADT confirms data breach

Horror story app Chilling haunted by loose permissions, spilling data

How CIOs, CTOs, and CISOs view cyber risks differently

Huge Data Leak Impacting at least 2.7B People Detailed on Hacker Forum

Human-operated ransomware an emerging cyber threat

Indian Government Warns Users of Critical Chrome Vulnerabilities

Indonesia: Cybersecurity Expert Slams Government Over Repeated Data Breaches

International investigation shuts down Radar/Dispossessor ransomware group

Ivanti warns of critical vTM auth bypass with public exploit

Law enforcement disrupts Radar/Dispossessor ransomware group

Managers Twice as Likely as Employees to Fall For Phishing Attacks

Managing attack surface management

Massive data breach compromises billions of personal records around the world

Massive Data Breach Leaks 2.7 Billion Records Including Social Security Numbers

McLaren continues effort to fully restore services following criminal cyber attack

McLaren makes progress in restoration since cyberattack

Mergers and Acquisitions (M&A), vendor reliance help drive up ransomware threat

Microsoft August 2024 Patch Tuesday fixes 9 zero-days, 6 exploited

Microsoft fixes 6 zero-days under active attack

Microsoft’s AI Copilot can be weaponized as an ‘automated phishing machine,’ but the problem is bigger than one company

Monte Nido Notifies Consumers of September 2023 Data Breach

National Public Data Breach: 2.7 billion Records Leaked on Dark Web

Nearly 2.7 billion personal records at risk in possibly biggest data breach in US history

New Banshee MacOS Stealer Attacking Users to Steal Keychain Data

New Jersey City University (NJCU) establishes help line for potential victims of ransomware attack on school

New phishing campaign disguised as Ukraine’s Security Service targeting government computers

New Windows SmartScreen bypass exploited as zero-day since March

NIST Formalizes World's First Post-Quantum Cryptography Standards

Notorious Alleged 'Scareware' Hacker In US Custody

Off-chain attacks are an increasing threat to DeFi

One of the world's biggest gold mining companies has been hit by a huge ransomware attack

Operation Uncle Scam – AI-Powered Phishing Attack Steals Microsoft Dynamics 365 Credentials

Orion S.A. says scammers conned company out of $60 million

Over 100 Ukrainian computers infected with backdoor malware, researchers say

Phishing attack seeks to steal sensitive fleet data

Phishing Campaign Compromises 100+ Ukrainian Government Computers

Phishing Evolved: Inside the Surge of High-Stakes Whaling Attacks

Phishing, business email compromise haunt Nigerian firms

Prolific Belarusian Cybercriminal Arrested in Spain

‘Prolific’ malvertising scammer arrested and extradited to US to face charges

Radar/Dispossessor ransomware dismantled in global operation

Radar/Dispossessor Ransomware Operation Disrupted by Authorities

Ransom Cartel, Reveton ransomware owner arrested, charged in US

Ransomware attack hits Swiss manufacturer Schlatter Industries

Ransomware’s newest target? Blood banks

Researchers Uncover Vulnerabilities in AI-Powered Azure Health Bot Service

Roseland Community Hospital Provides Notice of June 2024 Data Breach

Scammer transformed ads into malware

Scammers dupe chemical company into wiring $60 million

Sensitive Israeli Ministry Data Allegedly Leaked on Dark Web

Sharjah Finance Department Strengthens Cybersecurity with New Defense Center

South Korea Warns Pyongyang Has Stolen Spy Plane Details

Suspected head of prolific cybercrime groups arrested and extradited

Suspected head of Reveton, Ransom Cartel RaaS groups arrested

Suspected 'hostile state' behind hack of Poland’s anti-doping agency and leak of athletes' data

Suspected ransomware intrusion affects Schlatter Industries

Swedish Data Protection Authority Faces Court Challenge Over Complaint Handling

Texas sues General Motors (GM), saying it tricked customers into sharing driving data sold to insurers

The Crucial Role of Firewall Rule Histories

Thousands affected by phishing scam and cyber attack in three Greater Manchester boroughs

Threat Actor Claims to Have Access to Multiple Government Systems and Ministries Worldwide

Threat Actor Tools Found that Bypass Antivirus, Delete Backups, Disable Systems

Three Reasons to Take a New Cyber-Resilient Approach to Data Protection

UK tradespeople targeted by sophisticated Screwfix phishing scam offering free tools

Ukraine Warns of New Phishing Campaign Targeting Government Computers

Ukraine’s government attacked by emails loaded with malware

Understanding Social Engineering Tactics: 8 Attacks to Watch Out For

US accuses man of being 'elite' ransomware pioneer they've hunted for years

US authorities dismantle Dispossessor ransomware gang

US, UK, and Germany shut down global ransomware gang Dispossessor

Warning as Screwfix phishing scam targets tradespeople’s bank details - ‘do not click’

What to do if you’re part of a data breach

Why Hardsec Matters: From Protecting Critical Services to Enhancing Resilience

X’s AI Training Irks Privacy Experts; Draws 9 GDPR Complaints Across Europe

12th August

2.9 Billion People May Have Been Compromised in National Public Data Breach. Here’s What You Need to Know

3 lessons learned from the Change Healthcare ransomware attack

4.3 million Americans are at risk of fraud after savings account data breach

74% of ransomware victims were attacked multiple times in a year

15,000 secrets; 66,000 vulnerabilities: How one hacker found them all

A look inside leading K-12 cybersecurity and cyberscams

Alabama Cardiovascular Group notifies clients of weeks-long data breach

Alleged Access Sale Related to an Israeli Organizations Company

Alleged Access Sale to a US Based Logistics Company

Almost 50 PII categories impacted in data breach at East Valley Institute of Technology

Amazon India Customer Raises Data Breach Concerns After Receiving Duplicate Orders, Fake Products

Amazon India Suspected of Data Breach Due to Duplicate Charges and Fake Products Delivery

Answering every question you have about the East Valley Institute of Technology (EVIT) data breach

Attackers Spoof Public Bodies and US Government Departments in Phishing Lure

Australia's Evolution Mining targeted in latest cyber attack

Australian gold miner Evolution flags ransomware attack

Australian gold mining company Evolution Mining announces ransomware attack

Australian gold producer Evolution Mining hit by ransomware

Australian Mining Giant Evolution Mining Hit by Ransomware Attack

Baxter International Notifies Consumers of June 2024 Data Breach

Britain and France to discuss misuse of commercial cyber intrusion tools

Chrome, Edge users beset by malicious extensions that can’t be easily removed

CISA Issues Advisories on “Royal” Ransomware and Three New Vulnerabilities

Cleveland FBI shuts down ransomware enterprise

Coforge Receives Indemnification Notice for Data Breach Settlement

Common Business-Related Phishing Scams Include Fake HR and IT Subject Lines

Cost of a data breach in France soars to £3.8M, finds IBM report

Critical OpenSSH Vulnerability in FreeBSD Allows Remote Root Access

CSC ServiceWorks data breach could affect thousands of victims

Cyber attacks against Michigan hospitals prompt calls for legislative remedies

Cyber insurance costs ease, but for how much longer?

Cyberattack Targets Swiss Schlatter Industries’ IT Network

Cybersecurity Teams Investing in Automation to Reduce Noise Levels

Dark Angels ransomware gang extorts $75M in successful attack

Data breach may have exposed billions of personal information records, lawsuit claims: What to know

Deepfakes, AI-driven phishing pose new challenges in cybersecurity

Department of Justice Shuts Down Another North Korean ‘Laptop Farm’

EastWind Attack Deploys PlugY and GrewApacha Backdoors Using Booby-Trapped LNK Files

Energy leaders face escalating ransomware and phishing threats

FBI disrupts the Dispossessor ransomware operation, seizes servers

FBI says it is investigating purported Trump campaign hack

FBI takes down ransomware gang that hacked dozens of companies

Feds seize Radar/Dispossessor ransomware gang servers in US and Europe

Florida Mayor Ground Zero for Cyber Attack on City

FreeBSD Releases Urgent Patch for High-Severity OpenSSH Vulnerability

Google Patches Critical Vulnerabilities in Quick Share After Researchers’ Warning

Hacker appeals US extradition decision, citing mental health concerns

Hacker claims successful hack of Adreno, the ‘world’s largest dive store’

Hackers posing as Ukraine’s Security Service infect 100 government PCs

Hacking of Ewon Cosy+ Secure Industrial Remote Access Gateway is Possible

High-Risk Cloud Exposures Surge Due to Rapid Service Growth

How Phishing Attacks Adapt Quickly to Capitalize on Current Events

How To Spot New Phishing Scam Targeting Facebook Business Users

How to spot phishing in the age of AI

Indonesia: Massive Data Breach Exposes 4.7 Million ASN Records Sold for $159 Million

Indonesia: Massive data breach hits civil service agency ahead of Independence Day

Industrial Remote Access Tool Ewon Cosy+ Vulnerable to Root Access Attacks

International Effort Dismantles ‘Radar/Dispossessor’ Ransomware Group

International Investigation Leads to Shutdown of Ransomware Group

Japan will launch DARPA-esque research institute for cyberwarfare

Lawmaker calls for increased penalties for ransomware attacks against Michigan hospitals

Leicester City Council cyber attack exposes more data than first reported

Massive data breach sparks wave of lawsuits against data broker

Massive leak of US personal information shows up on hacking forum, including almost 2.7 billion records

McLaren Health Care experienced a criminal cyber attack

Microsoft Reveals Iranian US Election Interference Ops

Misconfigurations and IAM weaknesses top cloud security concerns

Mobex Allegedly Breached: 24GB Data is For Sale

National Public Data breach sees 2.7 billion sensitive records exposed

ONNX Bot Tool Hijacks Microsoft 365 accounts & Even Bypass 2FA

Ransomware: what it is and how it works

Ransomware Group BlackSuit Upgrades Capabilities

Researchers Uncover Vulnerabilities in Solarman and Deye Solar Systems

Russia subjected to Chinese cyberattacks

Russian Government and IT Firms Receive Spear-Phishing Emails with Trojans and Backdoors

Russian hackers accessed UK Home Office’s emails and data

Scammers Exploit Ukraine War & Japan Earthquake Fears to Spread Malware on X

Schlatter Group affected by hacker attack

Security Flaws in Cybercriminal Sites Prevent Potential Attacks on Six Companies

Services at Swiss manufacturer Schlatter disrupted in likely ransomware attack

Sinkclose Vulnerability in AMD Chips: What You Need to Know About Unpatched Models

Six Healthcare Providers Added to Ransomware Data Leak Sites

Sophos finds ransomware groups weaponising stolen data to increase pressure on targets

South Korea says DPRK hackers stole spy plane technical data

Suspected Maltese hacker appeals extradition to the United States

Swiss manufacturer investigating ransomware attack that shut down IT network

Swiss-based Schlatter says IT network affected by cyberattack

The Belfast Trust Investigates Data Breach

The biggest data breaches in 2024: 1 billion stolen records and rising

The cyber assault on healthcare: What the Change Healthcare breach reveals

The Ransomware Risk Remains: Employee Awareness, Among Other Things, Is Key

The Value in Root Cause Analysis for Vulnerability Management

The world’s greatest cyber threats, according to pros on Reddit

This cyber sleuth infiltrated the LockBit ransomware gang and unmasked its leader

Threat Actor Allegedly Selling Tentree.com Customer Database

Threat Actor Claims to Sell Data of Former Israeli Intelligence Members

Top 10 Cybersecurity Threats Facing Businesses Today

Trump Campaign Hack Points to Growing U.S. Election Threats

Trump campaign said senior staffer hacked by Iran-backed APT

Trump Campaign Says Hackers Nabbed Internal Documents to Influence Election

Trump Campaign Says It Got Spear-Phished By Iranian Hacker With AOL Address

Trump campaign suffers sensitive data breach in alleged Iranian hack

Two Columbus police officers file class action lawsuit against city after cyber attack leak

Ukrainian Government Agencies Hit by Stealthy MeshAgent Malware Campaign

UN Adopts Controversial Cybercrime Treaty

Unpatched MS Office flaw may leak NTLM hashes to attackers (CVE-2024-38200)

Vulnerability in Windows Driver Leads to System Crashes

Why Simple Email Phishing Attacks Are Sometimes Also The ‘Scariest’

World’s biggest hacker fest Def Con spotlights AI’s soaring importance in the high-stakes cybersecurity war - and its vulnerability

X faces GDPR complaints for unauthorized use of data for AI training