Welcome to DBD. On March 8th, DBD celebrated it's 5th anniversary and 
Dentons Senior Analyst, Washington DC
Welcome to this week's Data Breaches Digest, a catalogue of links concerning Data Breaches and Cyber Security that were published on the Internet during the period between 21st October and 27th October 2024.27th October
Fog ransomware targets SonicWall VPNs to breach corporate networks
Four REvil Ransomware members sentenced for hacking and money laundering
FTP Access to University of California Offered for Sale on Dark Web
In legal first, Japan convicts man of abusing AI to generate ransomware
Parkland Health data breach exposes sensitive information of over 6,500 patients
Protecting the Healthcare Sector from Phishing Attacks
Royal Thai Police Database Breached, Claims Dark Web Actor
26th October
33 Corporate RDP Accesses Offered for Sale on Dark Web
100 million people hit in largest healthcare data breach in history - medical info, SSNs and more
15,500 Bahrain Service Accounts Leaked on Dark Web
Australia: Passport, Visa Details Compromised In Cyber Attack On ZicroDATA
Black Basta Ransomware Operators Using Microsoft Teams To Breach Organizations
Cash App data breach settlement offers compensation for affected users
Cash App Users Eligible to Claim Thousands in Data Breach Settlement
CERT-UA Identifies Malicious RDP Files in Latest Attack on Ukrainian Entities
Council avoids six-figure fine after data breach
Cybersecurity in Nigeria’s digital age: Securing the future of our nation
Data Breach Exposes Sensitive Information from Major Egyptian Clubs, Banks, and Real Estate Firms
Database Leak of 50,000 Records Reported in Brazil
FBI, CISA investigating China-linked telecom hacks following reports of intrusions on Trump, Harris phones
Four REvil Ransomware Members Sentenced in Rare Russian Cybercrime Convictions
Hacker returns $19 million in stolen crypto to US government just one day after breach
Hacker Who Looted $20,000,000 From a US Government Address Returns the Vast Majority of Stolen Funds
Irish Data Protection Commission fined LinkedIn €310M for GDPR infringement
Majority of Aussies caught in cyber attacks as threats surge
New Attack Lets Hackers Downgrade Windows to Exploit Patched Flaws
New Cisco ASA and Firepower Threat Defense (FTD) features block VPN brute-force password attacks
New Google Cyber Attack Warning As Russian APT28 Hackers Strike
New Windows Driver Signature bypass allows kernel rootkit installs
Notorious Hacker Group TeamTNT Launches New Cloud Attacks for Crypto Mining
PrestaShop Admin Access Up for Sale on Dark Web
Unitedhealth Confirms That 100 Million Users Were Impacted in the February Ransomware Attack
25th October
1StopBedrooms.com Database Breach Exposes 1 Million Orders
3 Myths About Identity and Access Management
3 Tips for Organizations to Shore Up Their Cyber Resilience Strategies This Fall
7 essential password rules to follow in 2024, according to security experts
99% of CISOs report fear over losing positions due to a data breach
100 million US citizens officially impacted by Change Healthcare data breach
$240K Fine for Ortho Group Ransomware Attack
800,000 people just had their full names, SSNs and more exposed in massive insurance admin company data breach
Achieving peak cyber resilience
Addressing growing concerns about cybersecurity in manufacturing
Amazon seizes domains used in rogue Remote Desktop campaign to steal data
Amazon Web Services (AWS) breaks up massive Russian phishing operation
Amazon Web Services (AWS) Seizes Domains Used by Russian Threat Group APT29
Apple Opens Private Cloud Compute (PCC) Source Code for Researchers to Identify Bugs in Cloud AI Security
Beyond Business Email Compromise: Multi-Channel Phishing Is Here To Stay
Bitfinex wallet hacker returns most of the $20 million back to US government
Black Basta ransomware poses as IT support on Microsoft Teams to breach networks
Cash App users can claim thousands of dollars in a data breach settlement
Change Healthcare Breach Affects 100 Million Americans
Change Healthcare Cyberattack Exposed Data of Over 100 Million People
Change Healthcare data breach exposed ‘only’ 100 million US health records
Change Healthcare data breach officially affects 100M people
Change Healthcare Ransomware Attack Impacts 100 Million People
Change Healthcare says 100 million people impacted by February ransomware attack
Change Healthcare's Massive Data Breach Impacted 100 Million People. What to Know
Chimienti & Associates Experiences Data Breach Following Compromised Email Account
China hacks Verizon to target Trump/Vance communications, new report says
Chinese Hackers Target Trump and Vance Phone Data via Verizon Hack
Chinese Hackers Tried To Break Into Trump And Vance’s Cellphones In Data Breach
Cisco Patches Critical Vulnerability Affecting VPN Services
Columbus agrees to resolve data breach lawsuit
Community Dental Files Official Notice of Data Breach After Cyberattack Exposed Patients’ Sensitive Info
Connecticut Attorney General settles $500,000 data breach case with Guardian Analytics
Countering ransomware: Ransomware gang disruptions do work
Critical Vulnerabilities Found in Siemens and Schneider Electric Products
Cyberattacks Against Sporting Events are Growing More Calculated
DDoS attacks surge to unprecedented levels, bombarding servers with 4.2Tbps
Easterseals reports breach as Rhysida ransom gang demands $1.3M
Eliminating AI Deepfake Threats: Is Your Identity Security AI-Proof?
Epic Telecom: No evidence of data breach amid online leak claims
Europol Details Pursuit of LockBit Ransomware Affiliates
Exploited: Cisco, SharePoint, Chrome vulnerabilities
Federal Prosecutors Offer Plea Deal to SEC X Account Hacker
Four REvil members sentenced to more than four years in prison
From bad to infamous: UnitedHealth says hack impacted 100 Million Americans
Gándara Mental Health Center Provides Notice of Recent Data Breach
Hacker behind fake Bitcoin ETF X post pleads not guilty
Hacker Drains $20 Million from U.S. Government Controlled Wallet?
Hacker Returns $19 Million After U.S. Government Crypto Wallet Breach
Hacker Returns $19.3 Million to Drained US Government Crypto Wallet
Hacker returns stolen funds to US government in less than 24 hours
Hacker Returns Stolen Funds to US Government Wallet
Hacker “USDoD” Arrested in Brazil for Long String of Data Breaches
Hackers put 350 Million Hot Topic customers’ records for sale: “largest retail breach in history”
Healthcare giant Henry Schein reveals data breach following major ransomware attack
Historic Healthcare Data Breach: UnitedHealth Confirms 100 Million Americans Affected in Change Healthcare Attack
HOMESTEEL Malware Emerges as the Latest Cyberthreat to Ukraine’s Data Assets
‘I’m not a Robot’ reCAPTCHA Trojanized by Russian Hackers to Target Local Ukrainian Government
Insurance admin services company data breach exposes details about 8 lakh US users
Internet Archive is back online, but for how long?
Internet Archive suffers second data breach within a month
Investigation confirms Floyd County Public Schools data breach
Irish Data Protection Watchdog Fines LinkedIn $336m
Irish Watchdog Imposes Record €310 Million Fine on LinkedIn for GDPR Violations
Is the Blockchain Secure? Yes, and Here’s Why
Kremlin-linked hackers target Ukraine’s state, military agencies in new espionage campaign
MacOS-Focused Ransomware Attempts to Leverage LockBit Brand
Massive data breach hits UnitedHealth tech unit
Microsoft Reports Nearly 400 U.S. Healthcare Facilities Targeted by Ransomware Attacks
More than 100 Million impacted by record-breaking Change Healthcare hack
Nearly a million users affected by Landmark data breach
New Phishing Schemes To Watch Out For
No Recovery Prospects: Casio Systems Still Down Two Weeks After a Ransomware Attack
Oregon Department of Corrections (DOC) employee ‘mistakenly’ exposed personal data of 861 people
Oregon Department of Corrections waited 47 days to inform public of data breach involving hundreds
Parkland Health data breach exposes sensitive information of over 6,500 patients
Public Relations (PR) dos and don’ts for a company data breach
Qilin Ransomware Adds Encryption, Stealth Features
QR Codes Fuel Rising Phishing Threats
Radisson properties allegedly suffer data breach
Ransomware Attacks Down Month-on-Month
RansomHub gang allegedly behind attack on Mexican airport operator
ReliaQuest report reveals new cloud phishing tactics
Researchers Discover Command Injection Flaw in Wi-Fi Alliance's Test Suite
Rumpke says its been hit with a cyber attack
Russia sentences REvil ransomware members to over 4 years in prison
Securities and Exchange Commission (SEC) Charges 4 Companies Over Misleading SolarWinds Cyberattack Disclosures
Securities and Exchange Commission (SEC) fines tech companies for misleading SolarWinds disclosures
SonicWall firewalls the common access point in spreading ransomware campaign
Southend Council 'reprimanded' following data breach
Suspected Hacker Steals $20M in Crypto From US Government Bitfinex Wallet
Sysdig Predicts Global Cyberattacks Costs Will Exceed $100 Billion in 2025
Telegram Argues Against Policing Role in Star Health Data Breach Case
Telegram says it can't police all chatbots in Star Health India data leak
The Change Healthcare Data Breach Is the Biggest Ever: Here’s What You Need to Know
The future of cyber insurance: Meeting the demand for non-attack coverage
The State of Cybersecurity: Challenges, Priorities and Insights
Transport for London (TfL) grapples with Cyber Attack: Concession card renewals delayed until IT systems repaired
Transport for London (TfL) update about London Underground refunds and discount cards as computer systems hit by cyber attack
Trump and Vance possible targets of China-backed cyber attack
Ukraine Warns of Mass Phishing Campaign Targeting Citizens Data
UNC5820 Exploits FortiManager Zero-Day Vulnerability (CVE-2024-47575)
United Health confirms largest ever US healthcare data breach, says 100 million users had info stolen
UnitedHealth data breach leaked info on over 100 million people
UnitedHealth Ransomware Attack Exposed 100 Million People
UnitedHealth's Data Breach Affected 100 Million Americans. Here's What the Cyberattack Exposed
Updated Qilin Ransomware Escalates Encryption and Evasion
Urgent fraud warning for more than 300,000 Aussies after their details leak onto the dark web as retailer digiDirect is allegedly hacked in huge data breach
US government likely lost $20M in crypto hack
24th October
67% of organizations say employees lack basic security awareness
389 healthcare companies hit by ransomware this year, Microsoft finds
AI and deepfakes fuel phishing scams, making detection harder
AI honeypot hit 800K times and managed to trap six AI-powered hacking agents
Amazon Web Services (AWS) Cloud Development Kit Vulnerability Exposes Users to Potential Account Takeover Risks
Apple Computers Targeted With macOS.NotLockBit Ransomware
Apple will pay security researchers up to $1 million to hack its private AI cloud
Bangladesh: Massive data breach exposes security flaws at Atif Aslam concert in Dhaka
Bangladesh: Night made less magical by data breach - We didn't pay attention to website security, organisers say
Brazilian police arrest National Public Data hacker
Change Healthcare Cyberattack Affected 100 Million Individuals
Change Healthcare data breach officially affects 100 Million
Cisco fixes VPN DoS flaw discovered in password spray attacks
Cisco Investigates Alleged Data Breach, Hacker Claims Big Firms' Involvement
Cisco Issues Urgent Fix for Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) Software Vulnerability Under Active Attack
Class action litigation in South Africa could spike with ‘non-attack’ data breach claims
Cyber attack affecting Texas Tech Health System's students, patients
Cyber attack on cryptocurrency payment processor Transak impacted 92,000 customers
Cybersecurity Teams Largely Ignored in AI Policy Development
Embargo Ransomware Actors Abuses Safe Mode To Disable Security Solutions
Embargo ransomware analysis exposes developing toolkit of new group
Exploring the Transformative Potential of AI in Cybersecurity
First credible ransomware variant detected for Macs: creeping evolution spells danger
Fortinet Confirms Exploitation of Critical FortiManager Zero-Day Vulnerability
Fortinet FortiManager flaw exploited in zero-day attacks (CVE-2024-47575)
Fortinet Warns of Critical Vulnerability in FortiManager Under Active Exploitation
Fraudulent DeFi game leveraged in new crypto investor-targeted Lazarus attack
From phishing to deepfakes and beyond: Tips to protect your small business
Hacker behind Radiant Capital Heist Moves $52M in Stolen Crypto Funds
Hackers Can Be Heroes: The Importance of Responsible Disclosure
Hackers Leak 180,000 Esport North Africa User Records a Day Before Tournament Begins
Have you stayed at a Marriott? Here's what its settlement with the FTC means for you
Healthcare Sees 300% Surge in Ransomware Attacks
Henry Schein discloses data breach a year after ransomware attack
How does revenue impact ransomware outcomes?
How the ransomware attack at Change Healthcare went down: A timeline
Increased stealth integrated into novel Grandoreiro banking trojan variants
Insurance admin Landmark says data breach impacts 800,000 people
Iranian hacker group focuses on US election websites, media, ahead of vote, Microsoft says
Iranian Hacker Group Focuses on US Election Websites, Media, Microsoft says
Iranian Hackers Target U.S. Election Systems Ahead of 2024 Presidential Race
Ireland Fines LinkedIn 310 Million Euros Over EU Data Breach
Ireland fines LinkedIn €310 million over targeted advertising
Ireland fines LinkedIn $335 million over EU data breach
Irish Data Protection Commission (DPC) Slaps LinkedIn with €310 Million Fine Over Data Processing Violations
Landmark Admin Announces Data Breach Affecting 806,519 Liberty Bankers Insurance Group Policyholders
Landmark, an administrator for insurance firms, says 800,000 affected by data breach
Lazarus Group Exploits Chrome 0-Day for Crypto with Fake NFT Game
Lazarus Group Exploits Google Chrome Flaw in New Campaign
Lazarus Group Exploits Google Chrome Vulnerability to Control Infected Devices
LinkedIn fined €310 million for violating EU privacy rules
LinkedIn fined $335 million in EU for tracking ads privacy breaches
LinkedIn hit with $335 million fine for using member data for ad targeting without consent
Mallox ransomware decryption tool issued by Avast
Mandiant says new Fortinet flaw has been exploited since June
Manufacturing faces rising cyber threats, report reveals
Millions of Hot Topic shoppers have data stolen by "Satanic" hacker
Misconfigured UN Database Exposes 228GB of Gender Violence Victims’ Data
New generation of QR code phishing tries to evade detection with text-based codes and specially crafted URLs
New macOS vulnerability allows unauthorized data access
New Qilin ransomware encryptor features stronger encryption, evasion
New Qilin.B Ransomware Variant Emerges with Improved Encryption and Evasion Tactics
NotLockBit: Ransomware Discovery Serves As Wake-Up Call For Mac Users
Over 940,000 Medicare Beneficiaries Impacted by Data Breach
Penn State Fined £1.25 Million for Cybersecurity Failures in Federal Contracts
Pennsylvania State University (Penn State) Settles for $1.25M Over Cybersecurity Violations
Pinterest accused of secretly tracking their users
Pokémon Developer Game Freak’s Data Breach Includes Thousands of Employee Records, Internal Nintendo Secrets
Radiant Capital hacker moves $52M in stolen funds
Radiant Capital hacker moves $52M worth of crypto funds into Ethereum
Radiant Capital Hacker Shifts Stolen $52M Days Post-Attack
Ransomware Gang Targets Easterseals, A Nonprofit for Disabled Individuals
Ransomware's ripple effect felt across ERs as patient care suffers
Report Shows Well-Known Threats Persist at Alarming Levels
Researchers out new Qilin ransomware-as-a-service variant
Rhysida demands $1.3M ransom from disability nonprofit Easterseals
Russia says unprecedented cyber attack hits foreign ministry
Russia says 'unprecedented' cyber attack hits foreign ministry amid BRICS summit
Russian foreign ministry suffers ‘powerful’ cyber attack
Securities and Exchange Commission (SEC) Fines Four Tech Firms for Downplaying SolarWinds Impacts
Security Breach: Preventing Phishing Attacks 'Not Rocket Science'
Singapore: Banks, telcos and scam victims to share liability for losses under new framework to kick in on December 16th
Singapore: New real-time fraud surveillance duty for financial institutions; loss-sharing framework to begin on December 16th
Source Code of TargetMaps Geo-Analytics Leaked on Dark Web
Swiss vocational training institute pauses operations following a ransomware attack
The alarming rise of voice phishing: How to protect your business in the age of AI-powered scams
The ransomware negotiation playbook adds new chapters
The University of Manchester avoided disaster in last year’s cyber attack – now it wants to set an industry example
Transport for London (TfL) cyber attack: applications for new Zip cards and 60+ Oyster cards to reopen 'shortly'
UK Government Introduces New Data Governance Legislation
UK Government Urges Organizations to Get Cyber Essentials Certified
UK proposes new data protection regime, hopes for £10 billion economic boost
UK revives plan to reform data protection rules with an eye on boosting the economy
Unauthorized access leads to data breach in Arkansas Blue Cross Blue Shield rewards program
UnitedHealth says Change Healthcare hack affects over 100 million, the largest-ever US healthcare data breach
UnitedHealth says data of 100 million stolen in Change Healthcare breach
Vendors responsible for almost half of breaches in the energy sector, study finds
What is URL phishing?
Why Phishing-Resistant MFA Is No Longer Optional: The Hidden Risks of Legacy MFA
Why Should You Care About In-Memory Attacks?
Yearlong Henry Schein breach probe surges victim total five-fold
23rd October
4 organizations charged with misleading cyber disclosures
10 most common passwords you should never use according to an ethical hacker
14% Increase in Large Cyber Claims, Driven by Data Breaches and Privacy Violations
49% of CISOs plan to leave role without industry action
70% of Leaders See Cyber Knowledge Gap in Employees
140% Increase in Callback Phishing
Access to Rockwool’s Digital Assets Offered for Sale on Dark Web
Akira Double-Extortion Ransomware Tactics Return
API Vulnerabilities Jump 21% in Third Quarter
Arkansas Blue Cross Addresses Data Breach
Attackers Use Encoded JavaScript to Deliver Malware
Avast Releases Free Decryptor for Mallox Ransomware
Average data breach cost hit Rs 19 crore in 2024; 16% Indians know privacy rights
Campus.gov.il Data Breach Exposes Over 110GB of Sensitive Information
Casio yet to recover affected systems following a devastating ransomware attack
CISA Warns of Active Exploitation of Microsoft SharePoint Vulnerability (CVE-2024-38094)
Cisco Data Breach Leaks Sensitive Infrastructure Information Impacting High-Profile Organizations
Columbus, Ohio’s messy ransomware saga underscores legal gray areas
Connecticut Obtains Settlement Over Data Breach Affecting Webster Bank Customers
Cyble Sensors Uncover Cyberattacks on Java Framework and IoT Devices
Data Breach Exposes Over 220,000 Users of TrueCalia.com
Data breach impacts insurer Johnson & Johnson
Detect ransomware in storage to act before it spreads
Dutch Police Infiltrate Telegram Groups, Arrest 4 for Illegal Data Trading
Effective strategies for measuring and testing cyber resilience
Embargo ransomware: Rock’n’Rust
Embargo Ransomware Disables Security Defenses
Embargo Ransomware Gang Deploys Customized Defense Evasion Tools
Enhanced Phishing, AI-Enabled Threats and Cloud Flaws Most Concerning for 2025
Flat networks and small cyber budgets left schools vulnerable, but analysts say there’s help
Fortinet warns of new critical FortiManager flaw used in zero-day attacks
Great Expressions Dental Centers agrees to $2.7M settlement over 2023 data breach
Greece’s ruling party fined over diaspora email data breach
Greek ruling party fined over data breach
Hacker May Have Breached Hot Topic, Stolen Data on Millions
Happy Hack-tober! Don’t be Scared: How to Protect Your Business from RaaS Threats
High-Risk ICS Vulnerability Exposes ICONICS and Mitsubishi Electric Products to Data Breaches
High-severity FortiManager bug being exploited by hackers
Hong Kong: Sports club data hack affecting 72,000 'could have been avoided'
Internet Archive Secures Zendesk Account, Works Toward Full-Service Restoration
Iranian hacker group focuses on US election websites, media, ahead of vote, Microsoft says
Lack of investment leaving firms open to cyber attack
Lansing Community College reaches $1.45M settlement over data breach affecting 750,000 individuals
Largest Retail Breach in History: 350 Million "Hot Topic" Customers’ Personal & Payment Data Exposed - As a Result of Infostealer Infection
Lazarus hackers used fake DeFi game to exploit Google Chrome zero-day
LockBit, Conti, and BlackCat: 166 Ransomware Attacks Put Brazil in the Crosshairs in 2024
London trains contactless key update for commuters after cyber attack
Mallox Ransomware Flaw Let Victims Recover Files Without Ransom Payment
Mallox Ransomware Vulnerability Lets Victims Decrypt Files
Millions affected in major health data breach caused by a missing password
Millions of iOS and Android Users at Risk as Popular Apps Expose Cloud Keys
'Missing' teen Hannah Green scam plagues Norfolk Facebook
Multiple High-Severity Vulnerabilities Found in Bitdefender Products: Patch Now
New Anti-Bot Services Bypassing Google’s Protective ‘Red Page’ Warnings
New Grandoreiro Banking Malware Variants Emerge with Advanced Tactics to Evade Detection
New malware family NotLockBit aims ransomware attacks toward macOS
New Malware WarmCookie Targets Users with Malicious Links
Novel PowerRAT, DCRat deployed via Gophish toolkit
Over 1,000 NHS Accounts Leaked on Dark Web Forum
Over 52,000 American car wash customers exposed in data breach
Penn State University fined $1.25 million for failing to meet cyber requirements in federal contracts
Phishing scams use QR codes in PDFs to bypass defences
Pinterest faces EU privacy complaint over tracking ads
PriceBlink Data Leak Exposes Information of Over 148,000 Users
Prove you’re not a robot by running malware: crooks delivering stealers with fake CAPTCHAs
'Quishing': That QR Code You Scan May Be Malicious
Ransomware attack on Leaders Staffing impacted close to 52,000 customers
Ransomware Gang Attack Tactics Have Shifted
Ransomware gang stoops to new low, targets prominent nonprofit for disabled people
Ransomware Gangs Use LockBit's Fame to Intimidate Victims in Latest Attacks
Researchers Reveal 'Deceptive Delight' Method to Jailbreak AI Models
Rogue RDP Files Used in Latest Campaign Targeting Ukrainian Government, Military
Russia Came Close to Breaching U.S. Critical Infrastructure Before Ukraine War, CISA Official Reveals
Russia says 'unprecedented' cyber attack hits foreign ministry amid BRICS summit
Russia's foreign ministry hit by ‘unprecedented’ cyber attack amid BRICS Summit
Securities and Exchange Commission (SEC) fines four companies $7 million for “downplaying” cyberattack
September 2024 Healthcare Data Breach Report
SoftBank, Mastercard, and Anthropic cyber chiefs sound alarms on AI phishing and deepfakes - but those aren’t the only things keeping them up at night
TA866 Group Linked to New WarmCookie Malware in Espionage Campaign
The evolution of cybercrime: How ransomware became the weapon of choice
The Key Components For a Secure Password Policy (And Why Complexity Isn’t One)
Think You're Secure? 49% of Enterprises Underestimate SaaS Risks
Threat Actors Are Exploiting Vulnerabilities Faster Than Ever
Transak Data Breach Exposes 92K Users: Employee Phishing Attack, Ransomware Group Claims Responsibility
Trickle-down cyber economics: UK hails success of Cyber Essentials certification scheme
UK court says dissident can sue the Saudi government for targeting him with spyware
UK Government "Considering All Options" to Combat Cyberthreats, Says Security Minister
UK Government Weighs Review of Computer Misuse Act to Combat Cybercrime
US Energy Sector Vulnerable to Supply Chain Attacks
US Government Pledges to Cyber Threat Sharing Via TLP Protocol
Winning cybersecurity warfare is the ultimate millstone for CISOs
Wisconsin sued over voting system’s allegedly weak cyber protections
Zendesk Assists Internet Archive in Securing Account After Cyber Breach
22nd October
34% of Chief Information Officers (CIOs) ranked securing the network as their number one priority
75% of US Senate Campaign Websites Fail to Implement DMARC
Access to US-Based Finance Company Network Listed for Sale on Dark Web
AI-Powered Attacks Flood Retail Websites
Akira Ransomware Actors Developing Rust Variant To Attack ESXi Servers
Akira ransomware is encrypting victims again following pure extortion fling
Akira ransomware pivots back to double extortion, C++ code
All hospitals should be concerned about cyberattacks. Here's why
Amazon Web Services (AWS), Azure auth keys found in Android and iOS apps used by millions
Arkansas Blue Cross and Blue Shield providing protection after data breach of member personal information
Arkansas Blue Cross and Blue Shield warns of data breach involving member information
Bulk data collection on American citizens? US government wants your opinion
Bumblebee and Latrodectus Malware Return with Sophisticated Phishing Strategies
Bumblebee malware loader reemerges in new attacks
Callback Phishing Attacks Using Google Groups To Steal Login Details
CISA Adds ScienceLogic SL1 Vulnerability to Exploited Catalog After Active Zero-Day Attack
CISA proposes new security requirements to protect government, personal data
Cisco confirms investigation into data breach claims
Cisco shuts down DevHub developer environment following data breach
Connecticut settles with machine learning company over Webster Bank data breach
Consumer Financial Protection Bureau (CFPB): New regulations will better protect consumers’ personal financial data
Consumer Financial Protection Bureau (CFPB) Finalizes Data Privacy Rule to Boost Competition, Protect Consumers
Critical Veeam CVE actively exploited in ransomware attacks
Crypto Payment Firm Transak Hit by Data Breach After Employee’s Laptop Hack
CVE-2024-9537: CISA Warns of Unpatched ScienceLogic SL1 Exploit in Active Use
Cyber attack prompts early dismissal at Nebraska school
Cybercriminals Exploiting Docker API Servers for SRBMiner Crypto Mining Attacks
Dark Web Anti-Bot Services Let Phishers Bypass Google’s Red Page
Data breaches against financial services drop
Database Access for Brazilian Microcredit Organization Auctioned on Dark Web
Employee laptop hack leaves crypto firm customers exposed
Evolving Ransomware Threats: Why Offline Storage is Essential for Modern Data Protection
Exploit released for new Windows Server "WinReg" NTLM Relay attack
Fake CAPTCHA Pages Used by Lumma Stealer to Spread Fileless Malware
Gambling sector subjected to APT41 intrusions
Georgetown University faces class-action lawsuit following data breach
Gophish Framework Used in Phishing Campaigns to Deploy Remote Access Trojans
Great Expressions Dental Centers Settle Data Breach Lawsuit for $2.7 Million
Greece’s ruling party fined over misuse of voter records
Greek Ruling Party Fined Over Data Breach
Hackers are finding new ways to leverage AI
Half of UK businesses experienced a cyber attack in the last year, experts share advice to stay safe and vigilant online
Hong Kong: 'Lack of care led to sports association data breach'
Hong Kong watchdog slams sports club for sloppy cybersecurity ahead of data breach
How enhanced classification of cloud data can minimize ransomware risk
Immutable storage essential to protect against ransomware attacks on backup data
Infosys McCamish Systems Updates Data Breach Victim Count to Over 6 Million and Adds Wells Fargo, Continental Casualty Company, and The Nolan Financial Group
Iranian cyber actors are targeting critical infrastructure entities
IT security and government services: Balancing transparency and security
Japanese electric car manufacturer Nidec confirms major cyber attack on internal systems
Lawmakers ask Department of Justice (DOJ) to prosecute tax preparation firms for sharing customer data with big tech
LLMjacking and Open-Source Tool Abuse Surge in 2024 Cloud Attacks
Malicious npm Packages Target Developers' Ethereum Wallets with SSH Backdoor
Massive data leak hits Mexican healthcare sector with over 5 million at risk
Meta to Fight Celeb-Bait Scams with Facial Recognition
Microsoft reported nearly 400 ransomware attacks in fiscal year 2024
National Financial Services Announces Data Breach Affecting MassMutual Subsidiary, MML Investors Services LLC
Newly Acquired Varsity Brands Sued Over Pre-Acquisition Cyber Hack
Nissan to pay out $1.82 million in Canadian data-breach suit
Nearly Two-Thirds of IT Leaders Have Fallen For Phishing Attacks
Over 92K impacted by Transak data breach
Phishing Attack Impacts Over 92,000 Transak Users
Phishing scams and malicious domains take center stage as the US election approaches
Phishing Scams & Ransomware: Fortinet's Threat Intelligence Highlights Election Cyber Risks
Prigozhin links, Kremlin funding put another Russian media company on US list
Proposed settlement to compensate those impacted by Lansing Community College (LCC) Data Breach
Radisson’s Country Inn and Suites Allegedly Hit by Ransomware
Radisson’s Country Inn & Suites purportedly breached by Everest ransomware
Ransomware attacks on health care sector are driving increase in emergency patient care
Ransomware on the Rise: Arm your business with the tools to face the next ransomware attack
Research uncovers new attack method, security leaders share insights
Researchers link Polyfill supply chain attack to huge network of copycat gambling sites
Rocky Mountain Gastroenterology Reportedly Experiences Triple Cyberattack, Resulting in Data Breach Affecting Up to 169,000
Roundcube Vulnerability (CVE-2024-37383) Exploited in Phishing Attacks Targeting Government Agencies for Credential Theft
Roundcube XSS flaw exploited to steal credentials, email (CVE-2024-37383)
Samsung zero-day flaw actively exploited in the wild
Securities and Exchange Commission (SEC) charges tech companies for downplaying SolarWinds breaches
Securities and Exchange Commission (SEC) Charges Tech Firms Over Misleading SolarWinds Hack Disclosures
Securities and Exchange Commission (SEC) fines four companies $7 million for ‘misleading cyber disclosures’ regarding SolarWinds hack
Securities and Exchange Commission (SEC) Fines Major Companies for Misleading Cyber Disclosures Amid SolarWinds Fallout
Securities and Exchange Commission (SEC) hits security companies with massive fines for misdirection over SolarWinds Orion hack
Security Flaw in Styra's Open Policy Agent (OPA) Exposes NTLM Hashes to Remote Attackers
Schreck Financial Group Experiences Email-Related Data Breach
Sony’s blockchain venture Soneium has a phishing scam issue
Splunk’s Recent Security Advisory: Addressing Vulnerabilities in Splunk Enterprise
The struggle for software liability: Inside a ‘very, very, very hard problem’
Think Tanks Urge Action to Curb Misuse of Spyware and Hack-for-Hire
Threat actors increasingly using malicious virtual hard drives in phishing attacks
Threat actors prepare at least 1,000 new malicious domains ahead of US presidential elections
Transak Data Breach Exposes 92K Users: Employee Phishing Attack, Ransomware Group Claims Responsibility
UK 'considering all options' to tackle cyberthreats, says government minister
US justice department indicts two Anonymous Sudan operatives
US unveils new rules to block China, Russia and Iran from accessing bulk US data
VMware fixes bad patch for critical vCenter Server RCE flaw
VMware fixes critical vCenter Server RCE bug – again! (CVE-2024-38812)
VMware Releases vCenter Server Update to Fix Critical RCE Vulnerability
WazirX moved over $73 million crypto after data breach
Wells Fargo named in Infosys attack affecting 6 Million
What do we know about the data breach at Intesa Sanpaolo?
Zendesk helped Internet Archive secure account after hacker breached email system
21st October
50,000 Files Exposed in Nidec Ransomware Attack
225,000+ German B2B Leads Database Leaked on the Dark Web
A CISO’s guide to creating a cyber resilience toolkit
Abbott Laboratories Employees Credit Union Data Breach Caused by Compromised Email Account
Active Directory Faces Greater Risks Than Ever in 2024
Addressing Vulnerabilities in Critical ICS Products: A Focus on Siemens, Rockwell, and Delta
AI scam targets Ripple holders and memcoin trader loses it all
AI-enabled voice phishing new threat to cybersecurity
Alleged Data Breach at PT Haleyora Power Exposes Employee Information
Anti-Bot Services Help Cybercrooks Bypass Google 'Red Page'
Australia’s New Scam Prevention Laws: What You Need to Know
Bank of Cyprus: Cyber-attack thwarted on Friday
Beast Ransomware Attacking Windows, Linux, And ESXi Systems
Biden administration proposes new rules governing data transfers to adversarial nations
Biggest Education Industry Attacks in 2024
BlackSuit ransomware claims to have hacked Kansas City Hospice
Brazilian Police Caught the Hacker responsible for one of the Largest Personal Data Breaches ever
Bumblebee malware returns after recent law enforcement disruption
Caleb & Brown Client Data Leaked and Up for Sale
Canada: Texts claiming to be from the 'Ministry of Transportation' are scams
Chinese Nation-State Hackers APT41 Hit Gambling Sector for Financial Gain
Chinese Research Using Quantum System to Crack Encryption a ‘Cautionary Tale’
Cisco Confirms Security Incident After Hacker Offers to Sell Data
Cisco denies data breach exposed sensitive personal data
Community Day School (CDS) data breach spurs digital review and recommitment to student safety
Connecticut Attorney General Reaches Settlement In Webster Bank Data Breach
Critical Vulnerability at Epicor Software Corporation Exposes Sensitive Data of Over 6,300 Clients
Crypto Employee's Use of Laptop Outside of Work Cited in Data Breach Affecting 93K Transak Users
Crypto Hack: Transak Hit By Data Breach, 57,000 Users Affected
Crypto payment services firm says more than 92,000 affected by data breach
Cybersecurity in healthcare: How hackers get in and how organizations can protect themselves
Cyprus' critical infrastructure targeted by coordinated cyberattacks linked to pro-Palestine groups
Data Breach Statistics [2024] : Penalties and Fines for Major regulations
Data Resilience and Protection in the Ransomware Age
Did You Know? Email Remains First 'Go-To' for Cyber Attack
EigenLayer Twitter Account Hacked In Phishing Scam; Community Warned Of Risks
Fake WordPress Plugins on 6,000 Sites Prompt Users to Install Malware
FBI Arrested Hacker Behind the Takeover of the U.S. SEC X account
FBI’s Most Wanted Hacker Arrested in Malpensa
Fidelity data breach confirmed, impacting 77K customers
Fortinet releases patches for undisclosed critical FortiManager vulnerability
Gambling in South Korea: Paradise Company warns of phishing scams
Genomics company 23andMe to pay up to $10,000 per person to victims of data breach
Hacked access tokens leveraged to breach Internet Archive anew
Hacker Advertises “Top Secret US Space Force (USSF) Military Technology Archive”
Hacker targets ESET’s Israeli partner by sending malware capable of wiping out computers
Hackers exploit Roundcube webmail flaw to steal email, credentials
Half of Organizations Have Unmanaged Long-Lived Cloud Credentials
High-risk vulnerability affecting UniFi Network Server
How Microsoft outplays scammers with clever virtual ‘honeypot’ traps
How to Meet the NCSC’s 14 Cloud Security Principles
If you’ve emailed the Internet Archive, “your data is now in the hands of some random guy”
Insurance Data Breach: Insurance Regulatory and Development Authority of India (IRDAI) Steps Up IT Security Audits
Internet Archive (Archive.org) Hacked for Second Time in a Month
Internet Archive Faces Yet Another Data Breach. Here’s What Happened
Internet archive hacked again: mass mail campaign after attack
Internet Archive hacker claims to still have access, responds to Zendesk support tickets
Internet Archive hackers sending email replies to support tickets
Internet Archive Struggles with Third Cyberattack in October
Internet Archive suffers third October cyber attack
Internet Archive was breached twice in a month
Japanese tech giant Nidec confirms 8Base data breach, company data published
Japanese watchmaker Casio warns of delivery delays after ransomware attack
Major Australian mechanic Ultra Tune suffers alleged cyber attack
Microsoft builds fake IT environments to lure hackers
Microsoft Phishing Scams Soar
MoneyGram class action claims data breach stole customer data
More of Internet Archive is back online, despite hackers infiltrating its helpdesk
Netskope Reports Possible Bumblebee Loader Resurgence
New Anti-Bot Services on the Dark Web Help Phishing Pages Bypass Google’s Red Page
New Cybersecurity Warning As 1,000 Elite Hackers Embrace AI
New U.S. Rule Takes Aim at Foreign Access to Sensitive Data
New York-based pediatric group says hackers stole patients' sensitive personal data
Nidec confirms ransomware attack leaked company data online
Over 6,000 WordPress hacked to install plugins pushing infostealers
Paystack, VasTopUp Tell Customer to ‘Wait for Court Order’ After Hacker Stole His N130,000
Radisson's Country Inn & Suites hack claim, thousands reported breached
RANEPA University Systems Hacked, Sensitive Data Leaked
Ransomware threats surge in India: 90% of Indian respondents targeted by attacks in the past year, OpenText survey reveals
Ransomware-related breach disclosed by Nidec Corporation
Researchers Discover Severe Security Flaws in Major E2EE Cloud Storage Providers
Russia subjected to intrusions with LockBit 3.0, Babuk ransomware
Should the CISOs role be split into two functions?
SolarWinds Help Desk software vulnerability added to CISA catalogue
South Korea: Paradise Company warns of phishing scams via mobile apps
Spate of ransomware attacks on German-speaking schools hits another in Switzerland
Stolen Access Tokens Lead to New Internet Archive Breach
The current state of ransomware risk
The Digital Battlefield: Ransomware Threats Looming Over India
The Internet Archive breach continues
The Internet Archive Has Been Breached, Again
Transak hit by data breach, 92K users exposed
Transak was hacked. Attacker takes responsibility
U.S. insurer Globe Life faces ransom demand following a major breach
UAE cybercrime: Abu Dhabi study exposes six electronic blackmail tactics
UK Biobank denies claims of data breach by 'race science' group
What is Vulnerability Management? Compliance, Challenges, & Solutions
What to do if you're hit by a cyber attack
Why hasn’t Fractal ID addressed its possible data breach?
Wiper malware deployed against Israel via spoofed ESET emails
