Editor's Message

Welcome to DBD. On March 8th we celebrated our 4th Anniversary and the 1st Anniversary of our PRiSM application, officially endorsed by the SANS Institute. Despite recent personal issues that have impacted the amount of time I have been able to dedicate to both projects, I have been doing my best to keep everything as up-to-date as possible, and I would like to take this opportunity to thank everyone for their patience and support whilst I navigate through this very difficult time. Stay safe. :)



Monday 23 September 2024

Data Breaches Digest - Week 39 2024

Welcome to this week's Data Breaches Digest, a catalogue of links concerning Data Breaches and Cyber Security that were published on the Internet during the period between 23rd September and 29th September 2024.


29th September

$32M spWETH Stolen in Phishing Attack Targeting High-Profile Wallet

Alleged Insecure Direct Object Reference (IDOR) Vulnerability in Al Rajhi Bank’s APIs for Sale

Cloudflare denies hosting sites linked to data leak at India's Star Health

Critical flaw in NVIDIA Container Toolkit allows full host takeover

Crypto Whale Falls Victim To $32 Million Phishing Attack

Massive MC2 Data Breach Affects Millions of Americans – Are You Affected?

Ransomware attack continues at UMC hospital in Lubbock. Here is what you need to know

The Real Human Cost of Healthcare Ransomware

US Charges Two Russians for Crypto Money Laundering, Places $10 Million Bounty Hunt for Each

28th September

Crypto Scam App Disguised as WalletConnect Steals $70K in Five-Month Campaign

Cyber security expert calls ransomware attack on UMC a ‘national security issue’

Cybersecurity Expert Says Providence Schools Have “Moral Obligation” to Disclose Information About Attack

Google App Scripts exploited in new multi-language phishing campaign, claims report

Industries most at risk from data breaches revealed

Ireland fines Meta 91 million euros over EU data breach

Ireland fines Meta €91 million for storing passwords in plaintext

Ireland fines Meta $101m for EU data breach

South Africa: Discovery Bank warns of ‘Vitality Server’ tactic used by scammers

Threat Actor Claims to Sell Database of Thai Honda Manufacturing, 3.3 Million Records at Risk

Transport for London (TfL) cyber attack: What you need to know

U.S. Charges Three Iranian Nationals for Election Interference and Cybercrimes

US Justice Department indicts Iranian nationals for 'hack-and-leak' attacks against Trump campaign

User loses $32 million spWETH in a sophisticated phishing attack

Wallet Phishing Scam Costs $32 Million: Inferno Drainer Linked

Your VR headset can help hackers get your password and username

27th September

3 tips for securing IoT devices in a connected world

14 Million patients affected by healthcare data breaches in 2024

100,000,000 Americans Exposed in Massive Data Breach – Revealing Names, Locations, Dates of Birth, IP Addresses, Phone Numbers and More

A Member of SiegedSec Group Arrested by FBI

Alleged PopinBorder Leak is Published For Free

Amgen Announces Third-party Data Breach Stemming from Incident at Sirva Relocation

AnonSec Kerala Starts DDoS Attacks on Countries Supporting Palestine

Are You Sabotaging Your Cybersecurity Posture?

Australian Organisations Targeted by Phishing Attacks Disguised as Atlassian

Avis class action claims data breach exposed data of 300,000 customers

Beyond encryption: Hidden dangers in the wake of ransomware incidents

Canadian dealership AutoCanada says cyber attack compromised employees’ data

China-backed hacker hijacked 9,200 Canadian devices to operate illegal hacking network

Chinese national living unlawfully in Australia denied bail over phishing scam involving millions of fraudulent texts

Covenant Health in Lubbock takes in patients amid ransomware attack at UMC

Critical Linux CUPS Printing System Flaws Could Allow Remote Command Execution

Critical NVIDIA Container Toolkit Vulnerability Could Grant Full Host Access to Attackers

Crypto Hacker Behind $2 Million Theft Receives Job Offer

CUPS vulnerabilities affecting Linux, Unix systems can lead to RCE

Cyberattack at Cincinnati Public Schools may have compromised district data

Dell data breach reportedly affects 10,000+ employees

Developing an effective cyberwarfare response plan

Embargo ransomware escalates attacks to cloud environments

EU privacy regulator fines Meta 91 million euros over password storage

Feds crack down on Russian crypto exchanges used by ransomware gangs

First Mobile Crypto Drainer on Google Play Steals $70K from Users

Former affiliate upgrades to ransomware gang and launches its own attacks

GCHQ: Lawyers don’t undermine cyber capabilities, they underpin them

Global ransomware attacks continue to climb month on month

Got a threatening email with a photo of your house? London police warn it's a scam

Governments Urge Improved Security and Resilience for Undersea Cables

Hacker behind $2M crypto heist receives job offer from victim protocol

Hackers Abuse HTML Smuggling Technique To Deliver Sophisticated Phishing Page

Hackers Could Remotely Control Kia Cars by Exploiting License Plates

Hackers slacking? Fewer losses from crypto hacks and fraud in Q3

Healthcare organizations are having to pay millions to solve ransomware attacks

Iranian hackers charged for ‘hack-and-leak’ plot to influence election

Iranian hackers charged with hacking Trump campaign to ‘stoke discord’

Ireland fines Meta 91 million euros over EU data breach

Ireland fines Meta $102M over EU data breach

Ireland's Data Protection Commission (DPC) Hits Meta with €91 Million Penalty for GDPR Violation

Kia vulnerabilities could allow bad actors to steal your car

Key Takeaways for Healthcare Providers Following HHS OCR’s Most Recent Ransomware Investigation

Lancaster Royal Grammar hit by cyber attack

Lubbock UMC experiences ransomware attack, diverts patients to other hospitals

Man arrested after ‘Islamophobic cyber attack’ on railway stations’ Wi-Fi systems

Man arrested following UK-wide cyber-attack

Man arrested over 'Islamophobic' Network Rail cyber attack

Man Arrested Over UK Railway Station Wi-Fi Hack

Mayor Andrew Ginther says 70% of Columbus' IT services have been restored after July cyber attack

Meta fined $100M for exposing plaintext passwords of millions of Facebook users

Meta fined $101 million for storing hundreds of millions of passwords in plaintext

Meta fined $101.5M for 2019 breach that exposed hundreds of millions of Facebook passwords

Michigan Medicine notifies 58,000 people of potential data breach after cyberattack

Microsoft Identifies Storm-0501 as Major Threat in Hybrid Cloud Ransomware Attacks

MoneyGram’s Money Transfer Services Knocked out for Days After Cyber Attack

Network Rail cyber attack: man arrested

New Email Scam Includes Pictures of Your House. Don’t Fall For It

New HTML Smuggling Campaign Delivers DCRat Malware to Russian-Speaking Users

North Korea’s Kimsuky adds new malware variants to expanding phishing arsenal

Patchwork APT Group Unleashes Nexe Backdoor: A New Era in Cyber Espionage Tactics

Pentagon gives thumbs-down to cyber service proposal in defense bill

Police Service of Northern Ireland to pay out tens of millions to data breach victims

Progress urges admins to patch critical WhatsUp Gold bugs ASAP

Ransomware attack continues at UMC hospital in Lubbock. Here is what you need to know

Ransomware attacks against healthcare companies hit 4-year high

Ransomware attacks on healthcare institutions globally reach four-year high in 2024

Ransomware gang using stolen Microsoft Entra ID credentials to bust into the cloud

Ransomware recovery costs skyrocket for education sector

Reading Train Station hit by cyber attack - man arrested

Republicans Push for FBI Inquiry into Temu’s Data Practices Following TikTok Concerns

Richmond schools: Student information compromised in ransomware attack Friday

Russian Hackers Target Ukrainian Servicemen via Messaging Apps

Seattle Public Library will spend $1M responding to ransomware attack

Sensitive information for thousands of Michigan Health patients may have been exposed in cyber-attack

Star Health sues Telegram, hacker, and Cloudflare over data leak

Storm-0501 Ransomware Group Attacking Hybrid Cloud Environments

Teenager arrested after Transport for London cyber attack

Top 6 Cloud Security Threats to Watch Out For

Top health insurance firm hacked, sensitive customer data including medical records leaked online

Transport for London (TfL) cyber attack: Colleges express concern about students unable to get new Oyster Zip Card

U.S. charges Joker's Stash and Rescator money launderers

U.S. Sanctions Two Crypto Exchanges for Facilitating Cybercrime and Money Laundering

UK and US issue alert over cyber actors working on behalf of Iranian state

UK data watchdog confirms it’s investigating MoneyGram data breach

UK national hacked public companies for stock trading intel, Department of Justice says

UMC Health System Responding to Ransomware Attack

UMC releases more info after ransomware attack causes hospital diversion in Lubbock

US charges three Iranians allegedly behind Trump campaign hack

US Sanctions Crypto Exchanges for Facilitating Russian Cybercrime

Water Filtration Company Adoucéo Allegedly Breached

Wells Fargo Customers’ Bank Account and Social Security Numbers Exposed, Used for Fraud in Mysterious Data Breach

Worried about that critical RCE Linux bug? Here's why you can relax

X blocks links to hacked Trump campaign docs about JD Vance

26th September

5 Data Privacy Laws in Australia You Need to Know About

19 UK railway stations suffer cyber attack

60% of vulnerabilities were leveraged against Microsoft Exchange

Active Directory compromise: Cybersecurity agencies provide guidance

After TikTok inquiry, Republicans call for investigation into Temu data practices

'All videos deleted': Ranveer Allahbadia's both YouTube channels hacked, renamed to Tesla in alarming cyber attack

Alleged Erasmus+ Database Leak Surfaces on Dark Web Forum

Alleged Sale of WebShelll Access to a Small National Bank

Apex Softcell Vulnerability: CERT-In Issues Critical Warning for Users

Arkansas Water Plant Ransomware Cyberattack: City Calls in FBI

Birmingham New Street 'targeted with chilling terrorism message' in suspected cyber attack

Britain's biggest train stations hit by cyber attack as passengers shown terrorism message

China-Backed Salt Typhoon Targets U.S. Internet Providers

China-linked attackers Salt Typhoon infiltrate US internet service providers

Chinese Hackers Infiltrate U.S. Internet Providers in Cyber Espionage Campaign

Cloudflare Warns of India-Linked Hackers Targeting South and East Asian Entities

Companies mentioned on the dark web at higher risk for cyber attacks

Company That Makes Anti-Phishing And Security Education Software Gets Fooled By Hacker Posing As Remote Worker

Compliance management strategies for protecting data in complex regulatory environments

Could more public wi-fi hotspots be targeted in 'Islamophobic' cyber attack? Fears airports, hospitals, schools and restaurants face shutdown after 'Nightsleeper-style' hackers hit railway stations

Crypto-powered Truflation hacked, wants to negotiate with attacker

CUPS flaws enable Linux remote code execution, but there’s a catch

Cyber Attack Cripples Public Wi-Fi at 19 UK Railway Stations, Affecting Thousands

Cyber Attack Disrupts Wi-Fi at Major UK Railway Stations

Cyber attack disrupts Wi-Fi services at major UK railway stations

Cyber attack hits Network Rail train stations

Cyber attack hits Scotland's busiest train stations with terror messages

‘Cyber security incident’ hits wifi at Reading station

Cybercriminals Hack UK Rail Network Wi-Fi

Dallas suburb working with FBI to address attempted ransomware attack

Data Breach at MC2 Data Leaves 100 Million at Risk of Fraud

Deluge of Threats to Water Utilities: Securing Operational Technology Against Cyberattacks

Edinburgh Waverley targeted in Wi-Fi cyber-attack displaying terror messages

Fake League of Legends Download Ads Spread Lumma Stealer Malware

Fake WalletConnect app on Google Play steals Android users’ crypto

First Mobile Crypto Drainer Found on Google Play

Hacker creates false memories in ChatGPT to steal victim data - but it might not be as bad as it sounds

Hacker of Indian Exchange WazirX Nearly Fully Laundered Funds

Hackers Could Have Remotely Controlled Kia Cars Using Only License Plates

How hackers could have remotely controlled millions of cars

HPE Aruba Networking fixes critical flaws impacting Access Points

I-MED data breach exposes tens of thousands of patient files using details shared online for a year

India's Star Health sues Telegram after hacker uses app's chatbots to leak data

‘Islamophobic cyber attack’ at major train stations sparks police investigation

Kia dealer portal flaw could let attackers hack millions of cars

Kreen and KMNC Allegedly Breached, Databases Sold on Dark Web

Kuwait Health Ministry restoring systems after cyberattack takes down hospitals, healthcare app

Malicious Ads Hide Infostealer in League of Legends ‘Download’

Man arrested after Britain's biggest train stations hit by cyber attack as passengers shown terrorism message

Man arrested after Glasgow Central and Edinburgh Waverley hit by cyber attack

Massive data breach at Indonesia’s tax agency DJP exposes information of 6 million taxpayers

Massive French citizens data leak exposes 95 million records

MoneyGram Cyberattack: Global Service Disruptions Enter Day 5

MoneyGram services restored but questions remain about cyber incident

National Institute of Standards and Technology (NIST) Scraps Passwords Complexity and Mandatory Changes in New Guidelines

National Public Data quietly ends data profiling services following massive security breach

Network Rail confirms cyber attack on Wi-Fi systems at UK train stations

Network Rail issues statement after cyber attack disrupts public wifi at major UK rail stations

Network Rail issues update after 19 stations targeted in cyber attack

New Massachusetts Institute of Technology (MIT) protocol protects sensitive data during cloud-based computation

New RomCom malware variant 'SnipBot' spotted in data theft attacks

'Nightsleeper-style' cyber attack hits 20 railway stations: Passengers logging on to public wi-fi at UK's biggest transport hubs 'are met with screen about terror attacks in Europe'

North Korean Hackers Deploy New KLogEXE and FPSpy Malware in Targeted Attacks

Old Vulnerability Rated 9.9 Impacts All GNU/Linux Systems, Researcher Claims

Over a Third of Employees Secretly Sharing Work Info with AI

Pro-Palestinian hackers claim they hacked famous Israeli politicians, share personal photos, emails

Queensland man charged over alleged phishing scam, sending millions of texts

Ranveer Allahbadia YouTube Channel Hack: What Happened and What’s Next

Ranveer Allahbadia's YouTube channels hacked and all videos deleted in major cyber attack: Here's what happened

RansomHub Ransomware Gang Extorts Delaware Libraries in Unprecedented Attack

Ransomware attacks increasingly target Vietnam's financial sector

Ransomware incidents hit 117 countries in 2023, task force says

Reading station cyber attack: Wi-fi suspended as investigation widens

Russia-backed Gamaredon still ‘most engaged’ hacker group in Ukraine

Scotland’s busiest railway stations affected by UK-wide cyberattack on passenger Wi-Fi

Scotland's train stations hit by cyber attack as passengers met with 'terror messages'

Scottish train stations hit by cyber attack

Scottish train stations in Edinburgh and Glasgow hit by WiFi cyber attack showing 'terror' messages

Senate bill pushes cyber mandates for medical industry in wake of Change Healthcare debacle

Shocking poll: Half the world has fallen victim to cyberattacks

Star Health hacking: Insurance giant sues Telegram, hacker and this IT company after data leak of 31 million customers

Star Health sues Telegram after hacker uses app's chatbots to leak data

Star Health’s data breach highlights growing cyber risks in insurance industry

Ten London train stations hit by ‘Islamophobic’ cyber attack on Network Rail

Terrifying cyber attack hits rail stations as departure boards display alarming messages

The number of Android memory safety vulnerabilities has tumbled, and here’s why

Threat Actor Offers Alleged BotSpace User Data for Sale

Threat Actor Offers Exploit for Magento 2 Vulnerability

Train cyber attack: 20 Network Rail stations affected by Wi-Fi cyber attack

Train passengers receive Islamophobic messages after cyber attack

Train station Wi-Fi cyber attack: London's biggest hubs including King's Cross and Waterloo hit by 'Islamophobic cyber attack'

Train stations targeted in apparent cyber-attack

Transport, Logistics Orgs Hit by Stealthy Phishing Gambit

UK: Hacker attack hits public Wi-Fi at train stations - terrorist messages spread, user data at risk

UK: Railway stations hit by cyber attack as Wi-Fi systems compromised

UK: Railway stations targeted by cyber attack

UK: Several railway stations hit by a cyber attack

UK Train Stations’ Wi-Fi Hacked, Displays Islamophobic Messages

UMC Health System on local and regional diversion due to ransomware attack

US sanctions crypto exchanges used by Russian ransomware gangs

US-led operation disrupts crypto exchanges linked to Russian cybercrime

Use at your own risk: how top education apps can spy on you

Watering Hole Attack on Kurdish Sites Distributing Malicious APKs and Spyware

Who is behind the rail cyber attack and is YOUR data under threat? Experts issue warning over use of public wi-fi after 'Nightsleeper-style' hack targeted UK stations

Wi-Fi at major UK train stations hacked to display terror messages

Wifi suspended at big UK train stations after ‘cybersecurity incident’

YouTuber Ranveer Allahbadia falls victim to cyber attack: Channels hacked and content deleted

Yubico finds majority still using outdated methods to secure data

25th September

75% of organizations say phishing poses the greatest AI risk

82% of Phishing Sites Now Target Mobile Devices

100 million Americans just had their background check data exposed - phone numbers, dates of birth and more

A catastrophic browser flaw is patched almost immediately - here's how

A Threat Actor Claims to Sell Data of Israel Harel Insurance, Compromising Data of 1.8 Million Records

Arkansas City Responds to Cybersecurity Incident at Water Facility, Ensures Safe Drinking Water

AutoCanada confirms ransomware attack as data leak surfaces

Binance Refutes Claims of a Data Breach Involving 13 Million Users

Cactus Ransomware Discloses Three New Alleged Victims

Canadian school photo company says hackers held Saskatchewan students' pictures for ransom

CEO Durov Says Telegram Will Provide More Data to Governments

ChatGPT macOS Flaw Could've Enabled Long-Term Spyware via Memory Function

China's Salt Typhoon cyber spies are deep inside US ISPs

CISA: Hackers target industrial systems using “unsophisticated methods”

CISA Flags Critical Ivanti vTM Vulnerability Amid Active Exploitation Concerns

CISA warns of continuing attacks on water systems after Kansas town reports incident

City Water Facility in Kansas Hit by Cyberattack

Cofense report reveals new phishing scam using TikTok URLs to target Microsoft 365 credentials

Commuters targeted in cyber-terror attack at major train stations across UK

CorrectCare Data Breach Lawsuit Settles for $6.9 Million

CosmicBeetle group joins forces with other ransomware gangs

Critical Ivanti Authentication Bypass Bug Exploited in Wild

Cyber attack attempts targeted Azerbaijan during elections

Cyber attack could cost Western Isles council more than £1m

Cyber attack on Harvey Nichols compromised customers' sensitive personal information

Cyber Threats Loom Over U.S. Railroads as Transportation Security Administration (TSA) Pushes for Stronger Security

Cybercriminals target transportation companies in North America with info-stealing malware

Cybersecurity Researchers Warn of New Rust-Based Splinter Post-Exploitation Tool

Data breach exposes personal information of 3,000+ congressional staffers on dark web

Data privacy watchdog files complaint against Mozilla for new ad tracking feature

Dell Hit by Third Data Leak in a Week Amid “grep” Cyberattacks

Dell investigating employee data breach claims

Dell Investigating Two Data Breach Claims

Disney to drop Slack after data breach in July

DragonForce Ransomware Expands RaaS, Targets Firms Worldwide

Elitecare Emergency Hospital suffers healthcare data breach

Employees file for class-action suit over Sibanye Stillwater data breach

English Football League (EFL) issues cyber attack warning after TWO Championship clubs are breached...as panicked teams recruit external agencies to fend off hackers

Enhancing Cloud Security: Securing Windows and Linux Operating Systems with CIS Hardened Images

Enterprises suffer surge in mobile phishing attacks

Experts Highlight Increased Cyber Attack Risks in Commercial Flights

Federal Communications Commission (FCC) fines AT&T $13M over January 2023 data breach

Financial Services Giant MoneyGram Systems Down After Cyberattack

G7 cyber group warns financial sector to prep for quantum computing risks

Google sees 68% drop in Android memory safety flaws over 5 years

Google's Shift to Rust Programming Cuts Android Memory Vulnerabilities by 52%

Hacker nearly completes laundering $230 million stolen from WazirX

Hackers hiding malware in fake “deleted Diddy files”

Hackers target Delaware public library system, investigation underway

Hezbollah pager attacks will trigger tighter security at airports, schools, and even hospitals, experts say

How Cybercriminals Use Social Media to Attack Businesses

How Scanning A Cafe's QR Code Led This 'Hacker' To A Treasure Trove Of Confidential User Data

In the ransomware battle of good vs evil, we must unite against a common enemy

In wake of scam texts, police seize fraudulent ‘GeauxPass’ website on Russian server

Indonesia’s Tax Agency Data Breach Impacts 6 Million, Including President Widodo and His Cabinet

Ivanti vTM auth bypass flaw exploited in attacks, CISA warns (CVE-2024-7593)

Kansas Water Facility Moves to Manual Operations After Ransomware Attack

KukuFM Data Breach: Millions Exposed

Lancaster School Battled Cyber-Attack in Summer

Lawsuits Accuse Ally of Failing to Protect Customers From Data Breach

LockBit, ALPHV lead attacks as healthcare sector faces surge

London and other UK train stations' Wi-Fi targeted in cyber attack

Major ‘Nightsleeper-style’ cyber hack hits 20 train stations with Brits warned of ‘terror’ risk in phone pop up

Manchester Piccadilly and other UK stations targeted with terrorism message in Wi-Fi 'cyber security incident'

MC2 Data Leak Exposes Private Data of Over 100 Million Americans

Medusa ransomware group stole about 800GB of data from Australia's Compass Group

Mobile Phishing Attacks Against Enterprises Rising

Mobile Phishing Attacks Explode, Enterprise Devices Targeted

Modified LockBit and Conti ransomware shows up in DragonForce gang’s attacks

MoneyGram admits ‘cybersecurity issue’ behind several-day outage

MoneyGram cyberattack leads to days-long outage, unprocessed payments

Mozilla accused of tracking users in Firefox without consent

Mozilla Faces Privacy Complaint for Enabling Tracking in Firefox Without User Consent

Mozilla hit with privacy complaint in EU over Firefox tracking tech

Mozilla is “taking a leaf out of Google’s playbook”

New Vulnerability in Microchip Advanced Software Framework Poses Risks

Organizations are making email more secure, and it’s paying off

Over 90 million French records exposed: mysterious data hoarder leaves instances open

Pennsylvania-based health network reaches $65 million settlement after nude photos of cancer patients leak

PDiddySploit Malware Hidden in Files Claiming to Reveal Deleted Diddy Posts

Phishing Attacks, Deepfakes Top AI-Powered Threats

Proof-of-Concept (PoC) for critical SolarWinds Web Help Desk vulnerability released (CVE-2024-28987)

RansomHub genius tries to put the squeeze on Delaware Libraries

Reading Station hit in major cyber attack showing "terrorism" message

Secure Web Gateways cannot protect you from phishing attacks

Securing non-human identities: Why fragmented strategies fail

Star Health Data Breach – A Breach of Trust and Accountability

Sweden Links Iran to Cyberattack Targeting Text Messaging Service

Thousands of US Congress Emails Exposed to Takeover

Threat Actor Allegedly Selling US Credit Card and Personal Data from a Pakistani CRM Software Company

‘Titanic Mindset’: Just 54% of UK IT Pros Confident in Data Recovery

Transportation Companies Hit by Cyberattacks Using Lumma Stealer and NetSupport Malware

Trump campaign hack still ongoing

UK: Wi-fi hacked at 19 railway stations

US government agency confirms it was hit by major ransomware attack

US House Bill Addresses Growing Threat of Chinese Cyber Actors

UserSec Announced a New Division & Targeting Estonia

WazirX Hacker Is Almost Done Laundering $230M Stolen Funds

WazirX Hacker Moves Another $13.2M in ETH to New Address

WazirX hacker nears final stages of laundering $230M in stolen funds

WazirX Hacker ready to vanish with 2000 crores of user funds

What to do after a data breach - and how to protect yourself from one

Youtuber MKBHD will fix “excessive data disclosures” on his app after backlash

Yubico survey finds rising AI-driven cyber threats globally

24th September

7 Ways to Strengthen Your Cybersecurity Posture with AI and Machine Learning

14 Million Patients Impacted by US Healthcare Data Breaches in 2024

65% of websites are unprotected against simple bot attacks

100 million Americans just had their personal information leaked in the massive MC2 Data breach

A generative artificial intelligence malware used in phishing attacks

AI can now solve reCAPTCHA tests as accurately as you can

AI makes ethical hackers 40% more effective, twice as productive, EC-Council claims

AI threats pushing cyber pros to seek legal safeguards

AI’s Influence on Malware Attacks Tops IT Pros’ Concerns

Almost 30K impacted by Kansas county ransomware attack

AutoCanada says ransomware attack "may" impact employee data

Biden Administration Proposes Ban on Chinese and Russian Vehicle Connectivity Systems

Biden Administration Proposes Ban on Connected Vehicles from China and Russia

China Accuses ‘Taiwanese Hackers’ of Disinformation Campaign

China are the real hackers not us, Taiwan says after cyber accusations

Congressional Staffers’ Data Leaked on Dark Web

CorrectCare settles class action over 2022 data breach for $6.49 million

Critical Ivanti Virtual Traffic Manager (vTM) authentication bypass bug now exploited in attacks

Crooks, beware: Telegram will now hand over your data to authorities if asked

Crypto scammers get into OpenAI’s newsroom

‘Currently investigating’ - Over 10,000 Dell employees at risk after reported data breach

Cybercrime: Assume breach, never trust and always verify

Cybersecurity Incident Affects Arkansas City Water Treatment Facility

Cyberthreats to railroads loom as industry and Transportation Security Administration (TSA) grow an uneasy partnership

Dell Data Breach Leaves Info of Over 10,000 Employees at Risk

Deloitte Says No Threat to Sensitive Data After Hacker Claims Server Breach

Discover how online fraud can impact your business

Europol: GenAI Offers “Treasure Trove of Possibilities”

Future-proofing cybersecurity: Why talent development is key

Hacker plants false memories in ChatGPT to steal user data in perpetuity

Hackers claim fresh Dell data breach just days after the company confirms probe into employee info leak

Hackers deploy AI-written malware in targeted attacks

Hackers hold Lancaster grammar school to ransom after cyber attack

Healthcare Data Breach Statistics

How cyber compliance helps minimize the risk of ransomware infections

How to protect yourself and your family as phishing scams reach record numbers

Infostealer malware bypasses Chrome’s new cookie-theft defenses

Inside a Russian ransomware gang

Iran Accused of Cyber Attack Targeting Sweden Amid Quran-Burning Controversy

Iran Rejects Sweden Hacker Attack Accusations As 'Baseless'

Israel’s Pager Attacks and Supply Chain Vulnerabilities

Kansas county says cyber attack compromised the data of about 30,000 residents

Kansas water plant cyberattack forces switch to manual operations

Massive Data Breach at Star Health: Customer Medical Records Sold on Telegram

MediCheck.io Allegedly Hacked by KillSec

MedReview Files Notice of Data Breach Leaking Individuals’ SSNs

MFA bypass becomes a critical security issue as ransomware tactics advance

Microsoft Initiative the ‘Largest Cybersecurity Engineering Effort in History’

Microsoft’s Secure Future Initiative (SFI): A Six-Pillar Approach to Cyber Defense

Money transfer firm MoneyGram rushes to contain cyber attack

MoneyGram blames ‘cybersecurity issue’ for ongoing days-long outage

MoneyGram confirms a cyberattack is behind dayslong outage

MoneyGram says cyber incident causing network outages

MoneyGram services disrupted by likely ransomware attack, global transactions affected

MoneyGram Systems Coming Back Online After Cyber Attack

More than 100 MILLION Americans' private information leaked in massive data breach at background check company

Nationwide Recovery Service Notifies Federal Regulators of Recent Data Breach

Necro Android Malware Found in Popular Camera and Browser Apps on Play Store

New Octo Android malware version impersonates NordVPN, Google Chrome

New Octo2 Android Banking Trojan Emerges with Device Takeover Capabilities

New Octo2 Malware Variant Threatens Mobile Banking Security

New twist on sextortion scam includes pictures of people's homes

Northern Ireland: Attempt to agree PSNI data breach compensation

Northern Ireland: Data breach claim by PSNI staff goes to mediation for damages

Octapharma Plasma Notifies Individuals Affected by April 2024 Ransomware Attack

One Point HR Solutions Provides Notice of Data Breach Affecting an Unknown Number of Consumers

OpenAI Falls Victim to Crypto Scam: 4th Account Hacked in 15 Months

Phishing and deepfakes are leading AI-powered threats

Popular podcast platform leaks data of tens of millions of its customers

Pro-Russia hackers aim DDoS campaign at Austrian websites ahead of elections

Ransomware attack on Fylde Coast Academy Trust impacted multiple primary schools

Snowflake Hacker Still Active, Finding New Victims, Expert Says

Study finds many European car resellers fail to delete driver data

Sweden blames Iran for cyber-attack after Quran burnings

Sweden says Iran behind 2023 hacker attack that urged revenge for Qur’an burning

Sweden says Iran behind 2023 Koran burning hacker attack

Sweden says Iran behind cyberattack calling for revenge on Quran burners

Systems return after Tewkesbury Borough Council cyber attack

Telegram Agrees to Share User Data With Authorities for Criminal Investigations

Telegram Boss Agrees to Closer Police Cooperation

Telegram to Share User IPs and Phone Numbers on Legal Request

Telegram will share IP addresses, phone numbers of criminal suspects with cops

Telegram’s New Rules Push Criminal Groups to Flee the Platform

The cyber and data security risks facing law firms: How firms can protect themselves and how to manage a security/data breach

The Importance Of Post-Breach Digital Identity

'These claims poison relations': Iran rejects Sweden hacker attack accusations as 'baseless'

This Windows malware is now evolving to target Linux systems

Threat Actor Offers Full Network Access to Telecom Company in Arabian Gulf

Threat Actors Shift to JavaScript-Based Phishing Attacks

Title Financial Corporation Provides Notice of Recent Data Breach

Transportation, logistics companies targeted with lures impersonating fleet management software

Twilio Call Records Allegedly Exposed on Dark Web

U.S. government agency Centers for Medicare & Medicaid Services (CMS) says data breach impacted 3.1 million people

U.S. Proposes Ban on Connected Vehicles Using Chinese and Russian Tech

US Mulls Ban on Russian, Chinese Parts in Connected Vehicles

Versa Director Flaw Could Lead to API Attacks, Token Theft

Warnings After New Valencia Ransomware Group Strikes Businesses and Leaks Data

What to do - and not to do - when you suffer a cyber-attack

Zero Failure Tolerance, A Cybersecurity Myth Holding Back Organizations

23rd September

A Threat Actor Claims to Sell Database of Raaga, Compromising of 9.4 Million Users Data

After summer leak, Disney is doing away with Slack for good

AI drives surge in cybercrime

AI’s cyber-security revolution to secure tomorrow, today

Android malware 'Necro' infects 11 million devices via Google Play

Apple users warned about high-risk security vulnerabilities

August 2024 Healthcare Data Breach Report

Australia's largest medical imaging provider under probe for data breach over AI training

Bankroll Status Suffer $230K Loss to DualPools Hacker Attack

Barracuda reveals cybercriminals target creative platforms for phishing scams

Behind the Scenes: The Technical Details of Arc’s Recent Vulnerability

Beyond Disclosure: Transforming Vulnerability Data Into Actionable Security

Binance User Data Allegedly Leaked on a Dark Web Forum

China: Ministry of State Security unveils hacker group supported by ‘Taiwan independence’ forces

China Accuses Taiwan-Backed Hacker Group Of Targeting Beijing Amid Deteriorating Cross-Strait Relations

China State Security accuses Taiwan hacker group of carrying out cyberattacks in Macau and Hong Kong

Chinese Hackers Exploit GeoServer Flaw to Target APAC Nations with EAGLEDOOR Malware

Cloud Security Risk Prioritization is Broken. Here’s How to Fix It

CorrectCare Integrated Health Data Breach Lawsuit Settled for $6.49 Million

Critical Flaw in Microchip ASF Exposes IoT Devices to Remote Code Execution Risk

Crypto scammers hack OpenAI’s press account on X

Customer data exposed in Harvey Nichols data breach

Customer’s Use of Flawed 3rd-Party Tool Exposes 12K Twilio Call Records, Recordings

Dark Web Sales Fuel 32% Increase in Global Healthcare Cyberattacks

Data breach at Australian hardware retailer Total Tools impacted 38,000 customers

Dell confirms it is investigating data breach after employee info leaked

Dell Hit by Second Data Breach in a Week, Hackers Claim

Dozens of Fortune 100 companies have unwittingly hired North Korean IT workers, according to report

DualPools hacker group steals $230K from Bankroll Status in DeFi attack

Fallout from Transport for London (TfL) cyber-attack is slow burning and potentially costly

Fragmented Cybersecurity Standards Leave Ohio Cities Exposed

German Police Shutter 47 Criminal Crypto Exchanges

Grand Theft Auto 6 (GTA 6) Files Were Allegedly Leaked Because of Phishing Email

Government Blames Weak Passwords for Taxpayer Data Breach

Hacker Leaks 12,000 Alleged Twilio Call Records with Audio Recordings

Hacker selling Dell employees’ data after a second alleged data breach

Hackers Posed as Google Support to Steal $243 Million in Crypto

Harvey Nichols confirms cyberattack, says customer data leaked

Healthcare organisations targeted by ransomware gangs

I was a hospital cyber attack victim and nude photos of me in treatment were leaked on the dark web

India: Hacker uses Telegram chatbots to leak data

Indonesia: Government Claims Leaked Taxpayer Data Not Authentic

Iranian-Linked Group Facilitates APT Attacks on Middle East Networks

IT Professionals Brace for 2025 Threats as U.S. Businesses Face Growing AI-Enhanced Cyberattacks

Johnson & Wales University says data breach impacted more than 20,000 individuals

Keeping the public sector cyber-secure

Kryptina Ransomware Resurfaces in Enterprise Attacks By Mallox

Legislation to mandate universal data privacy opt-outs vetoed in California

LinkedIn Pauses GenAI Training Following Information Commissioner’s Office (ICO) Concerns

Majority of Asia Pacific Enterprises targeted by ransomware in 2023

MedReview reports a data breach exposing sensitive consumer information

New Android Spyware Campaign Targets South Koreans via AWS

New Mallox ransomware Linux variant based on leaked Kryptina code

New PondRAT Malware Hidden in Python Packages Targets Software Developers

Offensive cyber operations are more than just attacks

Oracle Faces Alleged Data Breach Exposing Employee Information

Organizations are changing cybersecurity providers in wake of Crowdstrike outage

Paid open-source maintainers spend more time on security

Phishing scam delivers SambaSpy malware to Italian systems

Phishing Tests Are a Key Defense Against the Rise of Phishing Attacks

Popular US car rental company Hertz didn’t spot this access control vulnerability

Public Sector Compliance: Passwords and Credentials Matter

QR Code Phishing Attack Bypasses Email Security Scanners And Abuse SharePoint

Quantum Computing: Revolutionizing Cybersecurity Risks and Solutions

RansomHub Ransomware Using Multiple Techniques To Disable EDR And Antivirus

Ransomware affected 44% of U.S. companies

Ransomware attack on Kansas county exposed sensitive info of nearly 30,000 residents

Ransomware hits Blackpool schools

Rental Car Company Avis Suffers Data Breach Of Over 300,000 Customers

Risks and Mitigation of Insider Threats

Russia’s H1 2024 Cyber Offensive Strategy Favored Espionage Over Destruction

Russian Cyber-Attacks Home in on Ukraine’s Military Infrastructure

Russian hackers have shifted tactics in third year of war, Ukraine cyber agency says

Schools overpay ransomware demands

Shezmu Hack Unveiled: How $5M Was Stolen and Partially Recovered

Shezmu Recovers Millions in Stolen Crypto Through Hacker Negotiation After Stablecoin Vault Exploit

Singaporean crypto exchange BingX offers 10% bounty after $44M hack

Snowflake hacker may still be active, and hunting down new victims, experts claim

Snowflake Hacker Still Active, Finding New Victims, Expert Says

Star Health Data Breach: A Breach Of Trust And Accountability

Star Health Data Breach: Hacker Offers 31 Million Users’ Data for Sale on Telegram, Using Chatbots

Taiwan: Military denies involvement in hacker group

Telegram now shares users’ IP and phone number on legal requests

Telegram says it will share phone numbers and IP addresses of ‘bad actors’ to authorities

The Problem With Third-Party Breaches: A Data Protection Dilemma

The surge in cyber insurance and what it means for your business

Threat Actor Allegedly Leaked Massive Datasets From Chinese Firms and Institutions

Uber Eats Data Breach Leaked Online, Exposing Over 280,000 Records

UK firms are dangerously overconfident about paying ransoms to cyber criminals

US proposes ban on connected vehicle tech from China, Russia

Vulnerabilities Found in Popular Houzez Theme and Plugin

Wells Fargo Clearing Services suffers data breach; Sensitive information exposed

What Is Threat Hunting In Cybersecurity?

White House closer to ban sale of any ‘connected car’ using software made in China

Why 'Never Expire' Passwords Can Be a Risky Decision