Ransomware Operator Claims - Week 47 2024

Welcome to last week's ROC Report, an exclusive summary of Ransomware Operator's global victims that were claimed during the period between 18th November and 24th November 2024, kindly assisted by our partners.

For further analysis on these (and any historic) Ransomware Operator Claims, including the Victim Names and Industry Sectors attacked, please use our PRiSM application.

Download PDF



Data Source: Data Breaches Digest. Flag Icons created by Freepik and provided by Flaticon.

Data Breaches Digest - Week 48 2024

Welcome to this week's Data Breaches Digest, a catalogue of links concerning Data Breaches and Cyber Security that were published on the Internet during the period between 25th November and 1st December 2024.

1st December

1 Billion URL User-Pass Combo Leak: Security Risks Escalate

Apple user? Phishing, deepfake threats on macOS are not uncommon anymore

Average data breach cost jumps to $5 million

Colombian Government Database Breach Exposes Sensitive Data

French Database Leak Exposes Sensitive User Information

Here are 10 key facts regarding the new zero-click cyber attack targeting Windows and Firefox users by Russian Group RomCom

McLeod Russel India responds to ransomware attack; no major impact on operations

Novel phising campaign uses corrupted Word documents to evade security

Ransomware Attacks Erupt Across Industries

Ransomware Developer Mikhail Matveev Arrested in Russia

Ransomware in the Digital Realm

“Rockstar 2FA” Phishing-as-a-Service Steals Microsoft 365 Credentials Via Adversary-in-The-Middle (AiTM) Attacks

SeaJob Database Leak: Maritime Job Platform Compromised

The Evolution of Phishing Tactics: Unveiling the Duality of Cyber Threats

“Valid Access” Credential Leak Raises Alarms

Why Simulating Phishing Attacks Is the Best Way to Train Employees

30th November

500,000 WordPress Credentials Leaked Online

644,869 Records on American Citizens Exposed As Massive Data Breach Reveals Full Names, Addresses, Emails, Employment Details, Social Media Accounts, Phone Numbers and Criminal Records

Arrested Kitchener man, alleged Snowflake hacker, a 'danger' to public, officials say

Certified InfoSec Database Breach Exposes User Data

Cyber Attack Disrupts Major Retailers Supply Chains

Closelly Data Breach Exposes User Information

FBI-Wanted Hacker Behind Global Ransomware Attacks Arrested in Russia

Hacker Group “Waste” Steals $17M from Central Bank of Uganda in Suspected Inside Job

Massive Database Leak: 200 Million Login Credentials Compromised

SpyLoan Android apps on Google play installed 8 million times

U.S. Passport Data Leak Sparks Privacy Concerns

Wanted Russian Hacker Linked to Hive and LockBit Ransomware Arrested

Wazawaka Arrested in Kaliningrad

Worried About Identity Theft? Locking your Social Security Number May Help

29th November

1TB Fresh URL Login Pass Logs Exposed Online

6.5M Private URL Login Credentials Leaked in “Maître Cloud” Incident

616 Million veterans affected by cyber attack on Department of Veterans Affairs (VA) health care system server: What to know

AI-based tools designed for criminal activity are in high demand

AI-Powered Fake News Campaign Targets Western Support for Ukraine and U.S. Elections

Alder Hey children’s hospital explores ‘data breach’ after ransomware claims

Alleged Snowflake Hacker 'Danger' to the Public, Canada Says

Alvin Acheampong and Alexander Manfo sentenced in Auckland for large-scale phishing uncovered by Operation Cargo

Beware Of New Phishing Scam Targeting Corporate Internet Banking Users

Black Friday’s Dirty Secret: How to Spot Fakes Before You Checkout

Bologna FC confirms data breach after RansomHub ransomware attack

Bologna under cyber attack, release statement

Campinas City Government SQLi Database Leak Exposes Sensitive Data

CPanel Data Breach Exposes Thousands of Login Credentials

Critical ICS Vulnerabilities Discovered in Schneider Electric, mySCADA, and Automated Logic Products

Cundinamarca Colombia Data Breach – Corporación Autónoma Regional de Cundinamarca Exposes Sensitive Information

Cyber attack on Liberty First Credit Union impacted over 50,000 individuals

Cyber attack on the City of Coppell disrupted operations, impacted server data

Cyber-Attacks Could Impact Romanian Presidential Race, Officials Claim

Cyberattack Disrupts Major UK Healthcare Provider, Delays Patient Services

Cybercriminals are paying pentesters to vet their ransomware

Cybercriminals target shoppers with 38 million phishing attacks in 2024

Cybersecurity Gone Wrong: How a Hacker’s Pitch for Clients Could Land Him 15 Years in Jail

Data breach at Rocky Mountain Gastroenterology impacted 366,000 patients

Data broker exposes 600K background checks and other sensitive files

Dohman, Akerlund & Eddy reports data breach affecting nearly 10,000 individuals

Fake Betting Apps Using AI-Generated Voices to Steal Sensitive Data

Ford Denies Hacker Claims, Data Breach Sparks Controversy

Fresh Stealer Logs from November 2024 Leaked, Exposing Sensitive Data

From Patchwork to Framework: Towards a Global IoT Security Paradigm

Godot Engine Exploited to Spread Malware on Windows, macOS, Linux

Google And Microsoft Users Warned - Rockstar 2FA Bypass Attacks Incoming

Grace Digital Database Breach Exposes User Data

Hackers Actively Deploying Zyxel Firewall Flaw To Deploy Ransomware

Hackers Threaten Bologna FC with Data Breach

Hacxx ULP JavaScript Search Engine Update Leaked, Exposing New Functionalities and Potential Vulnerabilities

Holiday scams are on the rise in South Dakota. These tips can help you stay safe

How KnowBe4 stopped a North Korean hacker from joining the company

INC Ransom claims cyber-attack on Alder Hey Children's Hospital

INC Ransom Claims Cyber-Attack on UK Children's Hospital

Italian football club Bologna FC says company data stolen during ransomware attack

Italian watchdog warns publisher GEDI against sharing data with OpenAI

LifeLabs data breach report released after court rejects bid to block publication

Losses from crypto hacks and fraud keep falling in 2024

Major Companies Recover from Blue Yonder Ransomware Attack

Man accused of involvement in massive data breach appears in Kitchener court

Microsoft Fixes AI, Cloud, and ERP Security Flaws; One Exploited in Active Attacks

Mobile Security: The Remarkable Rise of Sideloading

Most Fortune 500 companies lack security.txt files: how big of the deal is it?

New Phishing Attack Targeting Corporate Internet Banking Users

New Rockstar 2FA phishing service targets Microsoft 365 accounts

New Windows Server 2012 zero-day gets free, unofficial patches

Northeast Spine and Sports Medicine data breach exposes sensitive information of 6,300 patients

Outrage as Sadiq Khan warned people could ‘miss out on refunds’ after huge cyber attack

Over 8.6K Solana wallets linked to $21M DEXX hacker

Over 38 million phishing attacks launched during 2024

Over 8,600 Solana Wallets Linked to Dexx Hacker

Over 600,000 people hit in massive data breach - background checks, vehicle and property records

Phishing Attacks Dominate Threat Landscape in Q3 2024

Phishing-as-a-Service Rockstar 2FA continues to be prevalent

Phishing-as-a-Service "Rockstar 2FA" Targets Microsoft 365 Users with AiTM Attacks

Ransom gang claims attack on NHS Alder Hey Children's Hospital

RansomHub takes responsibility for Texas city, Minneapolis agency breaches

Ransomware Gangs Seek Pen Testers to Boost Quality

Republic Bank Ltd (RBL) customers face new phishing scam

Russia arrests cybercriminal Wazawaka for ties with ransomware gangs

Russia arrests ransomware attacker Wazawaka

Servers crash, data corrupted as cyber-attack hits Dewan Farooque Motors Limited

Starbucks Faces Ransomware Crisis Amid Scheduling Disruptions

The effect of compliance requirements on vulnerability management strategies

Trell.co Data Breach Exposes Nearly 10 Million User Records

Two UK nationals to be deported over text phishing scam

U.S. Department of Justice (DOJ) Charges 5 Suspected Members of Cybercrime Gang Scattered Spider

U.S. Department of Veterans Affairs (VA) says cyberattack targeted health data of hundreds of veterans in Minnesota

Uganda confirms cyberattack on central bank but minimizes extent of breach

UK: Metropolitan Police apologises to honeytrap victims over email

UK hospital cyber attack interrupts operations, disruption to continue

UK Justice System Failing Cybercrime Victims, Cyber Helpline Finds

USA 50+ Age-Targeted Data Collection Leak Exposes Sensitive Information

Washington saw a huge spike in data-breach notices in 2024

What It Costs to Hire a Hacker on the Dark Web

Windows Warning As New 0-Click Backdoor Russian Cyber Attack Confirmed

Wirral NHS Trust forced to rely on pen & paper following a major cyber attack

Zello tells users to reset passwords following suspected data breach

Zello urges users to reset passwords following a cyber attack

Zyxel Firewalls Targeted by Helldown Ransomware: CVE-2024-11667 Exploited

Zyxel Firewalls Vulnerability Targeted by Helldown Ransomware

28th November

988 Million URL Login Credentials Exposed in Massive Data Leak

Accused Kitchener hacker unmasked after threatening woman online

Australia’s New Cyber Security Act: Mandatory Ransom Payment Reporting

BeachGuide.com Email Database Leak Affects Over 92,000 Users

Betting Platform Database Leak Exposes User Data

Blue Yonder ransomware attack leaves global brands scrambling

Coupang Fined Over 1.5 Billion Won for Major Data Breach Violations

Critical Flaw in Oracle Agile PLM Framework Exposes Sensitive Data: Patch Now

Critical Vulnerabilities Discovered in Industrial Wireless Access Point

Crypto companies are losing ground to deepfake attacks

Cybercriminals Exploit Popular Game Engine Godot to Distribute Cross-Platform Malware

Data Breach Exposes 250 Abuse Survivors; £30k Payouts Awarded

Don’t get held to ransom this festive season

Ecobank Ghana eProcess System Leak Raises Security Concerns

Essential Healthcare Cybersecurity: Protecting Patient Data

Former Fortnite player accused of meme coin scam

Global Passport Data Leak Exposes UK, Italy, and India Records

GodLoader Malware Infects Thousands via Game Development Tools

Hacker Behind Snowflake Data Breach Linked To U.S. Military

Hacker Group Steals $17 Million from Uganda’s Central Bank

Hackers can access laptop webcams without activating the LED, researcher finds

Hackers stole 37,000 students’ data from St Thomas Aquinas school’s network

Hello, this is your chatbot leaking: WotNot exposes 346K sensitive customer files

Independent probe to examine Transport for London (TfL) cyber attack impact and response

Information Commissioner’s Office (ICO) fines the PSNI £750,000 following spreadsheet data breach

Keep Your Eye Out for Signs of This Apple ID Phishing Scam

Kitchener, Ontario, man arrested in massive Snowflake hacking scheme faces possible extradition to U.S.

LifeLabs Data Breach Report Sheds Light on Key Failures in Data Protection

Major cyber attack forces Wirral NHS Trust to cancel outpatient appointments

Malicious Actors Exploit ProjectSend Critical Vulnerability

Malicious PyPI Package Exposes Crypto Wallets to Infostealer Code

Man living in Kitchener, Ontario alleged to be involved in massive data breach

Massive Data Breach At OnlyFans Competitor Site

North Korean hackers have stolen billions in crypto by posing as VCs, recruiters and IT workers

Northern Ireland: Settlement for historical abuse survivors caught up in data breach could pave way for payout of millions in damages

OnePoint Patient Care breach affects 1.7 million people

OnePoint Patient Care Data Breach Affects 1.7 Million Individuals; Ransom Group Leaks Data

Over Two Dozen Flaws Identified in Advantech Industrial Wi-Fi Access Points – Patch ASAP

Phishing Alert: Here's how to safeguard your iPhone against online fraud

Phishing campaigns target Black Friday shoppers. Here's how to spot them

Propertyrec Leak Exposes Over Half a Million Background Check Records

Protecting Active Directory in the age of ransomware

Ransomware Attack Disrupts Retail Giants Operations

Ransomware attack hits retailers worldwide

Ransomware Attack on Blue Yonder Disrupts Starbucks, UK Supermarkets: A Cyber Wake-Up Call

Ransomware payments are now a critical business decision

Ransomware payments rise to AUD $1.35m for Australian firms

Rise in phishing attacks observed from August to October 2024

Silver Springs Exposes 7 Years of HR Data

Snowflake hacker still on the loose – close to being identified

South African government top target for cyber criminals

Starbucks And Major Retailers Grapple With Blue Yonder Ransomware Fallout

Starbucks Ransomware Attack: Analysis, Impact, and Defense Strategy

T-Mobile Claims Salt Typhoon Did Not Access Customer Data

T-Mobile Confirms Cyber Attack Attempts, but No Customer Information Accessed: What You Must Know

T-Mobile prevents data breach amid Salt Typhoon cyberespionage campaign

T-Mobile says cyber attackers had no access to customer data

The only thing worse than being fired is scammers fooling you into thinking you're fired

The phishing threat landscape evolves

Transport for London (TfL) cyber attack: Independent review will examine huge hack and response

Transport for London (TfL) cyber attack and response that saw Oyster services down to be investigated

Transport for London (TfL) Faces Independent Investigation Over Cyber-Attack Response

U.S. Telecom Giant T-Mobile Detects Network Intrusion Attempts from Wireline Provider

UK hospital network postpones procedures after cyberattack

Vodacom Business Unveils Cybersecurity Report

VPN vulnerabilities, weak credentials fuel ransomware attacks

Washington data breach notices hit record high of 11.6 Million

Wirral hospital issue update after cyber attack

XML-RPC npm Library Turns Malicious, Steals Data, Deploys Crypto Miner

Zello faces potential data breach, urges customers reset passwords

27th November

AI viewed as phishing threat as well as defense

Appeals court overturns Treasury sanctions against crypto mixer Tornado Cash

APT-C-60 Hackers Exploit StatCounter and Bitbucket in SpyGlace Malware Campaign

Attack Group APT-C-60 Targets Japan Using Trusted Platforms

Ballet Crypto Data Breach Exposes Cryptocurrency User Information

BIC, Starbucks, Morrisons continue recovery after Blue Yonder ransomware attack

Blue Yonder ransomware attack still impacting UK supermarket supply chains

Blue Yonder ransomware attack triggers potato shortages

BMW Chile Data Breach Exposes Customer and Operational Data

Brazilian Telecom Provider Suffers Data Breach

British government demands Chinese-owned company appoint a security chief with UK clearances

Chinese hackers breached T-Mobile's routers to scope out network

Cloudflare says it lost 55% of logs pushed to customers for 3.5 hours

Contemporary Information Corp. Provides Notice of Data Breach Following Incident at BackChecked, LLC

Critical Firefox and Windows zero-days exploited by Russian hackers

Critical Flaw in ProjectSend Under Active Exploitation Against Public-Facing Servers

Cyber attack on restaurant chain Bojangles compromised customers’ personal data

Cybercriminals used a gaming engine to create undetectable malware loader

Data Breach Affects Patients of Maternal Fetal Medicine Associates PLLC, Carnegie Hill Imaging for Women, and Carnegie Women’s Health

Emserpa Data Breach Exposes Colombian Public Service Information

Hackers abuse popular Godot game engine to infect thousands of PCs

Hackers Exploit Firefox and Windows Flaws: RomCom’s Advanced Attack Unveiled

Hackers exploit ProjectSend flaw to backdoor exposed servers

Hoboken City Hall hit by ransomware cyberattack

Hoboken closes city hall, local courts after pre-Thanksgiving ransomware attack

Hoboken Cyber Attack? City Hall Closed, Services Suspended After Ransomware Breach

Hoboken Hit by Ransomware Attack as City Hall Closes and Online Services Disrupted

Hoboken, New Jersey hit with ransomware cyberattack, officials say

How can gambling operators avoid hacker attacks?

India’s new cyber rules for telecoms come with big privacy risks, experts say

Interpol Arrests Over 1,000 in Massive Cybercrime Operation Across Africa

INTERPOL Busts African Cybercrime: 1,006 Arrests, 134,089 Malicious Networks Dismantled

INTERPOL Operation Links Kenyan Cybercrime Suspects to KES 1.1 Billion Heist

Interpol, African Nations Arrest 1,006 in Sweeping ‘Operation Serengeti’

Judge rejects data brokers’ bid to throw out case brought by law enforcement officers

Man warns 'this is just the beginning' after cyber attack on Merseyside Police

Matrix Botnet Exploits IoT Devices in Widespread DDoS Botnet Campaign

Matrix Cyber Attack Targets 35 Million Devices, Researchers Warn

Meet the Hacker: How Simulated Phishing Addresses Your Biggest Security Risk

Microsoft patches four vulnerabilities, some critical and exploited in the wild

Microsoft says it's not using your Word, Excel data for AI training

Microsoft takes down 240 Egypt-based Phishing-as-a-Service websites

Nearly Every Hacker Believes AI Tools Have Created a New Attack Vector

New Bootkit “Bootkitty” Targets Linux Systems via UEFI

New EU Commission to Unveil Healthcare Cybersecurity Plan in First 100 Days

New phishing scams in Kuwait target victims for money laundering operations

Northern Ireland: Historical abuse victims awarded £30,000 in damages over data breach

Northern Ireland: Institutional abuse victims awarded £30,000 after data breach

Operation Serengeti Disrupts $193m African Cybercrime Networks

Police bust pirate streaming service making €250 million per month

Pro-Russian Hacktivists Launch Branded Ransomware Operations

Protecting Web-Based Work: Connecting People, Web Browsers and Security

Ransomware attack closes Hoboken city hall, impacts services

Ransomware attack on Blue Yonder disrupts retailers ahead of holidays

Ransomware attack on Blue Yonder impacted retailers worldwide, including Morrisons and Sainsbury's

Ransomware Groups Targeting VPNs for Initial Access

Ransomware Report: Telecommunications Sixth Among Most-Targeted Industries

Ransomware Strikes when Organizations Unknowingly Open the Door

Researchers Discover "Bootkitty" – First UEFI Bootkit Targeting Linux Kernels

Researchers discover first UEFI bootkit malware for Linux

Rise of ransomware-as-a-service leading to blackmail-fueled industry

Russian Hackers Exploit Firefox and Windows 0-Days to Deploy Backdoor

Russian RomCom APT Group Leverages Zero-Day Flaws in Firefox and Windows

Starbucks Faces Payroll Chaos From Blue Yonder Ransomware Attack

Starbucks, Supermarkets Targeted in Ransomware Attack

Supply chain managers underestimate cybersecurity risks in warehouses

T-Mobile opens up about how it stopped that major cyber attack

T-Mobile rebuffed breach attempts by hackers likely connected to China’s Salt Typhoon

T-Mobile says telco hackers had ‘no access’ to customer call and text message logs

Texas Tech Discloses Cyber Attack on Health Sciences Centers

Tips to avoid phishing scams

‘Tis the season for website cloning tools, RCEs and AI phishing lures

Verizon, AT&T Targeted by Second Threat Actor Who Claims Trump, Harris Call Logs

Washington state data breaches have reached an all-time high

Why Cybersecurity is Critical in IoT Development Services for a Safer Connected World

Your Apple ID is not suspended – how to avoid the latest dangerous phishing scam

Zello asks users to reset passwords after security incident

26th November

African cybercrime crackdown culminates in 1,006 captured and cuffed

Aggressive Chinese APT Group Targets Governments with New Backdoors

Australia Passes Groundbreaking Cyber Security Law to Boost Resilience

Authorities disrupt major cybercrime operation, 1000+ suspects arrested

Automating Data Encryption and Security Audits for Continuous Protection

Black Friday shoppers targeted with thousands of fraudulent online stores

British hospital group declares ‘major incident’ following cyberattack

Canadian privacy regulators publish details of medical testing company’s data breach

China Attack on U.S. Telecom Networks: ‘Thousands and Thousands’ of Devices Need to Be Replaced

Chinese Hackers Use GHOSTSPIDER Malware to Hack Telecoms Across 12+ Countries

CISA Adds Array Networks’ CVE-2023-28461 to Known Exploited Vulnerabilities (KEV) List: Critical Patching Urged

CISA Urges Agencies to Patch Critical "Array Networks" Flaw Amid Active Attacks

Critical WordPress Anti-Spam Plugin Flaws Expose 200,000+ Sites to Remote Attacks

'CyberVolk' hacktivists use ransomware in support of Russian interests

Darknet Services Fuel Holiday Scams and E-Commerce Exploits

Firefox and Windows zero-days exploited by Russian RomCom hackers

Hackers exploit critical bug in Array Networks SSL VPN products

How to recognize employment fraud before it becomes a security issue

Interpol busts major cybercrime centers in Africa, over 1000 arrested

Is Bitcoin Still a Secure and Reliable Trading Option?

Kashin App Data Breach Exposes Sensitive User Information

Major Cybercrime Operation Nets Over 1,000 Arrests Across Africa

‘Matrix’ Hackers Deploy Massive New IoT Botnet for DDoS Attacks

More than 2,000 Palo Alto Networks firewalls compromised

New DDoS Campaign Exploits IoT Devices and Server Misconfigurations

New NachoVPN attack uses rogue VPN servers to install malicious updates

NHS Trust Declares Major Incident for “Cybersecurity Reasons”

OnlyFans alternative leaks private conversations, payment data

Over 1,000 arrested in massive ‘Serengeti’ anti-cybercrime operation

Over a Third of Firms Struggling With Shadow AI

Patients sent home after cyberattack hits UK hospitals

Practical strategies to build an inclusive culture in cybersecurity

RansomHub gang says it broke into networks of Texas city, Minneapolis agency

Researchers reveal exploitable flaws in corporate VPN clients

Retailers struggle after ransomware attack on supply chain tech provider Blue Yonder

RomCom Exploits Zero-Day Firefox and Windows Flaws in Sophisticated Cyberattacks

RomCom hackers chained Firefox and Windows zero-days to deliver backdoor

Russia-aligned RomCom hackers exploited Firefox and Windows zero-days

Russia-linked hackers exploited Firefox and Windows bugs in ‘widespread’ hacking campaign

Security leaders discuss risks and offer advice on seasonal scams

Starbucks and Grocery Stores Face Disruption after Ransomware Attack on Blue Yonder

Starbucks forced to pay baristas manually after cyberattack

Starbucks Shifts to Manual Processes After Contractor Ransomware Attack

Starbucks using pen and paper after Blue Yonder supply chain ransomware attack

Starbucks, grocery stores impacted by Blue Yonder ransomware attack

Supply Chain Ransomware Attack Hits Starbucks, UK Grocers

UK Scam Losses Surge 50% Annually to £11.4bn

UK, US retail giants hit by ongoing disruption after ransomware attack on supply chain firm

Ursnif Trojan Campaign Targets U.S. Professionals via Stealthy Spam Attacks

25th November

99% of UAE’s .ae Domains Exposed to Phishing and Spoofing

Arizona State Database Leak Exposes Sensitive Information

Authorities catch ‘SMS blaster’ gang that drove around Bangkok sending thousands of phishing messages

Black Basta Ransomware Group Retools for Strategic Attacks

BlackBasta Ransomware Brand Picks Up Where Conti Left Off

Blue Yonder ransomware attack disrupts grocery store supply chain

Blue Yonder ransomware attack disrupts supply chains across UK and US

Breaking In to Keep Hackers Out: The Essential Work of Penetration Testers

Can AI Save the UK from a Cyber Catastrophe? The Fight Against Russian Hackers

China’s Salt Typhoon hackers target telecom firms in Southeast Asia with new malware

Cyber agencies reveal top 15 routinely exploited vulnerabilities

Cyber Resiliency in the AI Era: Building the Unbreakable Shield

Cyberattacks cost British businesses $55 billion in past five years, broker says

Defining Cyber Risk Assessment and a Compliance Gap Analysis and How They Can be Used Together

Faraway Russian hackers breached US organization via Wi-Fi

Feronow.com Database Breach Exposes Sensitive User Data

Finastra investigates data breach, security leaders discuss

Flying Under the Radar - Security Evasion Techniques

Former Verizon employee gets four-year sentence for sharing cyber secrets with Chinese government

Fujian Provincial Government Database Leak Exposes Sensitive Data

Geopolitical strife drives increased ransomware activity

How to protect the global supply chain from phishing scams

How to Reduce Risk From Exposed Secrets

Howden: cyber-attacks cost UK businesses £44bn in the last five years

Huge Leak of Customer Data Includes Military Personnel Info

In a Growing Threat Landscape, Companies Must do Three Things to Get Serious About Cybersecurity

Information Commissioner’s Office (ICO) Urges More Data Sharing to Tackle Fraud Epidemic

Internet of Things (IoT) Device Traffic Up 18% as Malware Attacks Surge 400%

Justice Concerns over Breached Prison Details

Leaked SHSH Blob Tool Sparks iOS Downgrade Concerns

Malware Exploits Trusted Avast Anti-Rootkit Driver to Disable Security Software

Man hacked networks to pitch cybersecurity services

Meta lawsuit over Cambridge Analytica privacy scandal to proceed, Supreme Court rules

Meta Shutters Two Million Scam Accounts in Two-Year Crackdown

New York fines Geico, Travelers $11 million for exposed driver’s license numbers

New York Secures $11.3m from Insurance Firms in Data Breach Settlement

North Korea’s Cyber Evolution and China’s Storm-2077 Unveiled by Microsoft Analysts

Novel attack unveiled: Russian hackers using neighbors’ WiFi to launch attacks

npm Package Lottie-Player Compromised in Supply Chain Attack

Overcoming legal and organizational challenges in ethical hacking

Peruvian Corporate Data Leak: WIN Empresas Customer Records Exposed

Phishing Prevention Framework Reduces Incidents by Half

PyPI Python Library "aiocpa" Found Exfiltrating Crypto Keys via Telegram Bot

QNAP addresses critical flaws across NAS, router software

Ransomware Attack on Blue Yonder Hits Starbucks, Supermarkets

Ransomware hits supply chain software firm Blue Yonder ahead of Thanksgiving

Researchers Uncover Malware Using Bring Your Own Vulnerable Driver (BYOVD) to Bypass Antivirus Protections

Salt Typhoon hackers backdoor telcos with new GhostSpider malware

South Asian hackers target Pakistani entities in new espionage campaign

Spring EQ Notifies Consumers of Data Breach Stemming from Compromised Employee Email Account

SSGMCE.ac.in Database Breach Exposes Sensitive Academic Data

Starbucks baristas can’t view their schedules after ransomware attack on vendor

Starbucks forced to pay its baristas manually because of a ransomware attack on third-party software

Starbucks impacted by ransomware attack on software vendor

Stay Safe Online This Black Friday: Protect Your Digital Security While Scoring the Best Deals

The case for a ransomware payment ban

The Cyberthreats from China are Ongoing: U.S. Officials

Trello Data Breach Exposes Personal Information of 15 Million Customers

UK Businesses Have Lost $55 Billion to Cyber-attacks In 5 Years

Understanding the New York Department of Financial Services (NYDFS) Cybersecurity Regulation

Visiting Physician Services (VPS) of MI, PLLC Announces Data Breach Following Discovery of Malware

Voice Phishing Attacks: How to Prevent and Respond to Them

Ransomware Operator Claims - Week 46 2024

Welcome to last week's ROC Report, an exclusive summary of Ransomware Operator's global victims that were claimed during the period between 11th November and 17th November 2024, kindly assisted by our partners.

For further analysis on these (and any historic) Ransomware Operator Claims, including the Victim Names and Industry Sectors attacked, please use our PRiSM application.

Download PDF



Data Source: Data Breaches Digest. Flag Icons created by Freepik and provided by Flaticon.

Data Breaches Digest - Week 47 2024

Welcome to this week's Data Breaches Digest, a catalogue of links concerning Data Breaches and Cyber Security that were published on the Internet during the period between 18th November and 24th November 2024.

24th November

1.5GB Mixed Document Collection Leaked on the Dark Web

Attackers retain old scamming tricks with new twists - and consumers must stay informed to protect themselves

Bangkok busts SMS Blaster sending 1 million scam texts from a van

Department of Justice (DoJ) seized credit card marketplace PopeyeTools and charges its administrators

Don’t get caught in the 'Apple ID suspended' phishing scam

Egypt arrests hacker behind global cyber fraud platforms targeting individuals, organizations

Iranian attempts have become more sophisticated, more targeted, and really tailored to the interests of the target

Major cybercrime crackdowns signal shift in global cybersecurity strategies

Meta removes over 2 million accounts pushing pig butchering scams

OpenAI Spoofing Scams: How to Counter Phishing Attacks

Security Gaps in VPN Infrastructure Drive Ransomware Surge

23rd November

8,100 Banks and Financial Institutions Brace for Fallout As Hackers Reveal Major Data Breach on Dark Web

A cyberattack on gambling giant IGT disrupted portions of its IT systems

Andrew Tate’s University Breach: 1 Million User Records and Chats Leaked

Financial phishing plagues Southeast Asia (SEA) firms; Thailand hit hardest with 140K+ attacks

Finastra Suffers Data Breach, Puts 8,100 Banks on Alert

Hackers abuse Avast anti-rootkit driver to disable defenses

‘Immediate security action’ taken after prison maps leaked on dark web

Microsoft seized 240 sites used by the ONNX phishing service

Nearly 60,000 Ransomware Attacks Detected In First-Half 2024 in Southeast Asia (SEA)

New threat report from Cato Networks reveals ransomware gangs recruiting penetration testers to improve effectiveness of attacks

North Korean Hackers Steal $10M with AI-Driven Scams and Malware on LinkedIn

Pacific Pulmonary Medical Group patient information dumped by Everest Ransomware Team

Prison layouts reportedly leaked on dark web

Ransomware-as-a-Service group BianLian opts for unique model

Russia 'prepared to bash Britain with massive cyber attack', ministers to warn NATO conference

Russia-Linked Hacker Group TAG-110 Hits 60+ Targets Across Asia and Europe in Espionage Blitz

Russian Connected To Multimillion-Dollar Ransomware Gang Extradited To US

The rise and fall of the ‘Scattered Spider’ hackers

22nd November

7-Zip affected by dangerous vulnerability: users must update the app manually

9 Months After Breach, Change Healthcare Billing Back Online

240+ Domains Used By Phishing-as-a-Service (PhaaS) Platform ONNX Seized by Microsoft

Advisory warns of activity by BianLian ransomware group

Agencies Release Joint Advisory on Russian Cybercriminal Group BianLian

AI and Open Source Security: The Critical Role of AI-Powered Fuzzing in Finding Flaws

Andrew Tate’s controversial online “university” breached, 800K users’ data stolen

Andrew Tate's online university suffers mass data breach of 800,000 users after hack

APT-K-47 Uses Hajj-Themed Lures to Deliver Advanced Asyncshell Malware

Aspen Healthcare says hackers stole patient's healthcare data from its systems

Attackers targeting VPNs account for over a quarter of ransomware incidents in Q3

Bojangles data leak: “It’s breach time!”

CERT-In Flags Critical Vulnerabilities in Zoom: Update Your Apps Now

ChatGPT’s Solana API Suggestion Links to Phishing Site, Costing User $2,500

China-linked hackers target Linux systems with new spying malware

China-Linked TAG-112 Targets Tibetan Media with Cobalt Strike Espionage Campaign

City of Sheboygan says no evidence sensitive data were obtained in cyber attack

Critical Condition: The Increasing Frequency of Ransomware Attacks in Healthcare

Cyber attack on French health tech platform compromised over 1.5 million patients records

Cyber attack targets borough operations of Montreal North

Cybercriminals target Olympic Games & concerts in 2024

Cybercriminals turn to pen testers to test ransomware efficiency

Data breach exposes over 1.1 million records belonging to Forces Penpals

Deepfake attacks occur every five minutes

Deepfake attacks seen as top cyber threat in Australia

DeliveryHero subsidiary fined $5.2 million for tracking drivers’ geolocation

Department of Justice (DOJ) Charges Five in ‘Scattered Spider’ Crypto Phishing Case

Department of Justice (DOJ) Takes Down Global Cybercrime Hub PopeyeTools, Seizes Cryptocurrency

Don’t get caught in the “Apple ID suspended” phishing scam

Eight ways in which AI is altering corporate approaches to cybersecurity

Email Phishing and DMARC Statistics

Ever kept '123456' as your password? NordPass report reveals why such passwords are a hacker's dream

Examining the 'Worst' Telco Cyber Attack in US History

Experts warn of Palo Alto firewall exploitation after 2,000 compromises spotted

Fintech giant Finastra says hacker stole data from its internal network

Five Alleged Scammers Federally Charged With Running Crypto Phishing Scheme by Department of Justice (DOJ)

Five Ransomware Groups Responsible for 40% of Cyber-Attacks in 2024

Ford debunks data breach claims, confirms no customer impact

Ford denies it was hit by data breach, says customer data is safe

Fraud Prevention in Online Payments: A Practical Guide

French hypermarket chain Auchan says cyber attack impacted loyalty programme member data

Gen reports surge in ransomware & mobile threats

Hackers board Palo Alto vulnerability bandwagon: over 2,000 firewalls hacked and counting

Hackers breach US firm over Wi-Fi from Russia in 'Nearest Neighbor Attack'

Hackers Leveraging Google Docs & Weebly Services To Attack Telecom Industries

How to Spot Black Friday Scams

Humboldt Independent Practice Association (Humboldt IPA) Data Breach Affects an Unknown Number of Individuals

Infosys McCamish Confirms Farmers Insurance Customers Were Affected by October 2023 Data Breach

Italian food delivery app Foodinho eats another privacy fine

Italy plans crackdown on database hacks

Kitchener man alleged mastermind behind Snowflake hack

Major Cyberattack Targets Gambling Giant International Game Technology (IGT), Systems Taken Offline

Malware Bypasses Microsoft Defender and 2FA to Steal $24K in Crypto

Manufacturing Sector in the Crosshairs of Advanced Email Attacks

Members Trust Company Data Breach Following Compromised Email Accounts Affects 11,854 Consumers

Meta boots over 2 Million fake accounts originating from overseas scam centers

Microsoft Disrupts ONNX Phishing Service, Names Its Operator

Microsoft Seizes 240 Domains Used By Phishing-As-A-Service (PhaaS) Platform

Microsoft Seizes 240 Websites to Disrupt Global Distribution of Phish Kits

Microsoft Takes Down Phishing-as-a-Service Domains

Microsoft, Meta, and DOJ Disrupt Global Cybercrime and Fraudulent Networks

MITRE Unveils Top 25 Most Critical Software Flaws

More than 2,000 Palo Alto Networks firewalls hacked exploiting recently patched zero-days

Nigeria: National Information Technology Development Agency (NITDA) Alerts Businesses to Rising Ymir Ransomware Threat

North Korean IT worker scams lead to FBI seizure of fake domains, exposes new tactics

Novel hacker group claims major ransomware attack on tech provider Microlise

Oil Giant Halliburton Lost $35 Million Due to the August 2024 RansomHub Ransomware Data Breach

One of the nastiest ransomware groups around may have a whole new way of doing things

ONNX phishing-as-a-service operation disrupted

Operation Lunar Peek: More Than 2,000 Palo Alto Network Firewalls Hacked

Phishing Attacks Exploits the Open Enrollment Period

Phishing Emails Use SVG Files to Avoid Detection

Pro-Russian hacker group targets critical infrastructure and public services

PyPI Attack: ChatGPT, Claude Impersonators Deliver JarkaStealer via Python Libraries

Ransomware attacks rise by 19% in October according to NCC Group

Ransomware attacks rise with construction sector most hit

RRCA Accounts Management Falls Victim to Play Ransomware Attack

Russia has intensified cyber espionage activities in Central Asia

Russia-Linked Cyber-Espionage Campaign Targets Central Asia

Russian Cyber Spies Target Organizations with HatVibe and CherrySpy Malware

Russian Hackers Deploy HATVIBE and CHERRYSPY Malware Across Europe and Asia

SafePay ransomware gang claims Microlise attack that disrupted prison van tracking

Scattered Spider Hacking Group Charged in Million-Dollar Multi-County Crypto Phishing Heist

Scattered Spider suspects indicted

Senators call for audit of Transportation Security Administration's (TSA’s) facial recognition tech as use expands in airports

SFTP hack forced Finastra to investigate a data breach

Singapore: Beware of surge in parcel delivery phishing scams during year-end sales

Six-months on: Are we still afraid of the Black Cat?

Snow Brand Australia confirms SafePay ransomware attack

T-Mobile data breach part of Chinese telecom hacks

Tesla data breach falsely claimed by IntelBroker, third-party EV charging firm actually breached

The 1 Co apologizes for data breach impacting 5 million customers

The intersection of browser security and AI: how enterprises are navigating the double-edged sword

The limits of AI-based deepfake detection

The Story Of Conti Ransomware – The War Within (Episode 2)

The US Calls Out Russia for Ransomware Attacks on US Healthcare Organizations

The Yakuza Helpline Hack - Are 2,500 Ex-Gangsters And Victims In Danger?

Three-Quarters of Black Friday Spam Emails Identified as Scams

Toktest.org (Walmart Gift Card), Indiana Toll Road Text, and Netfix Phishing: Top Scams of the Week

U.S. Agencies Seize Four North Korean IT Worker Scam Websites

UK drinking water supplies disrupted by record number of undisclosed cyber incidents

UK fintech Finastra investigating data breach impacting internal SFTP platform

UMC Health System confirms patient data exposure after cyber attack, patients being notified

UMC Health System provides update on those affected in ransomware attack

Unmasking ELPACO-team: A Deep Dive into the Latest Ransomware Threat

US and Europe Account for 73% of Global Exposed ICS Systems

21st November

5 charged in “Scattered Spider,” one of the most profitable phishing scams ever

5 Hackers Charged for Attacking Companies via Phishing Text Messages

5 Scattered Spider Gang Members Indicted in Multi-Million Dollar Cybercrime Scheme

90% of Industrial Firms Hit By Cyber-attack This Year

2,000 Palo Alto Networks devices compromised in latest attacks

750,000 Patients' Medical Records Exposed After Data Breach at French Hospital

A Fifth of UK Enterprises “Not Sure” If NIS2 Applies

Active network of North Korean IT front companies exposed

Advice for Critical Infrastructure Security and Resilience Month

Apple Patches Two Zero-Day Attack Vectors

BianLian cyber gang drops encryption-based ransomware

BianLian Ransomware Group Adopts New Tactics, Posing Significant Risk

Buyoplace.com Database Leak Exposes Customer and Transaction Data

Chinese APT Gelsemium Targets Linux Systems with New WolfsBane Backdoor

Chinese hackers target Linux with new WolfsBane malware

CISA says BianLian ransomware now focuses only on data theft

Coalition highlights 68% surge in ransomware claims severity

Cyber attack hits Auchan, customer data stolen

Cyber insurers address ransom reimbursement policy concerns

Cyber Threats in Australia: Insights from the Annual Cyber Threat Report 2023-2024

Cybersecurity Myths: Debunking the Top 5 Most Common Misconceptions

Data breach at law firm Thompson Coburn affects Presbyterian Healthcare patients

Database Leak Exposes Information on 180,000 Chinese-American WeChat Users

Delta Airlines reportedly experiences data breach

Dozens of Central Asian targets hit in recent Russia-linked cyber-espionage campaign

Duolingo User Data Scraped and Circulating on the Dark Web

Enhancing visibility for better security in multi-cloud and hybrid environments

Fake discount sites exploit Black Friday to hijack shopper information

FBI says BianLian based in Russia, moving from ransomware attacks to extortion

Feds Charge Five Men in ‘Scattered Spider’ Roundup

Feds Shut Down 'PopeyeTools' Hacking Site That Sold Credit Card Numbers

Finance giant Finastra warns clients of potential data breach

Financial Software Firm Finastra Investigating Data Breach

Finastra discloses large-scale data breach

Five Alleged Members of Scattered Spider Cybercrime Group Charged for Stealing $11 Million

Five Charged in Scattered Spider Case

Five members of cyber gang Scattered Spider indicted in U.S.

Five Scattered Spider suspects indicted for phishing spree and crypto heists

Florida man charged in nationwide scams worth millions

Ford Says Data Breach Claims Are Bogus

Fortinet VPN design flaw hides successful brute-force attacks

French hospital hit by massive data breach, over 750,000 patients impacted

French hospital suffers major data breach in cyberattack

Full recovery from breaches takes longer than expected

Gambling and lottery giant disrupted by cyberattack, working to bring systems back online

Google OSS-Fuzz Harnesses AI to Expose 26 Hidden Security Vulnerabilities

Google's AI-Powered OSS-Fuzz Tool Finds 26 Vulnerabilities in Open-Source Projects

Grand Forks Public Schools Loses $2.2M to Phishing Scam

Hackers break into Andrew Tate’s online ‘university,’ steal user data and flood chats with emojis

How Phishing Emails Target Mobile Users: Tips To Stay Safe

Huge US healthcare payment network finally restored after ransomware attack

iLearningEngines Notifies SEC of Recent Cyberattack, Raising Concerns over Possible Data Breach

Job termination scam warns staff of phony Employment Tribunal decision

Joint US, Australian advisory sheds more light on BianLian ransomware

Linux Malware WolfsBane and FireWood Linked to Gelsemium APT

Lumma Stealer Proliferation Fueled by Telegram Activity

Massive B2B Database Leak Exposes 420,000 U.S. Companies

Massive cyber attack targets Direct Assurance

Massive Leak Exposes Data of 4 Million Israeli Facebook Users

MDLand International Files Official Notice of Data Breach Affecting 63,052 People

Mercer University settles lawsuit over data breach, agrees to compensation

Meta says it has removed 2 million accounts linked to pig butchering scams

Microsoft disrupts ONNX phishing-as-a-service infrastructure

Microsoft seizes 240 websites used by Egyptian phishing-as-a-service operation ‘ONNX’

Microsoft Takes Action Against Phishing-as-a-Service Platform

Microsoft targets Egyptian linked to DIY phishing kits

NodeStealer Malware Targets Facebook Ad Accounts, Harvesting Credit Card Data

North Korea hackers behind 2019 $42 million Ethereum heist, South Korea police say

North Korean Front Companies Impersonate U.S. IT Firms to Fund Missile Programs

Novel NFC-exploiting Ghost Tap attack technique gains traction

Now BlueSky hit with crypto scams as it crosses 20 million users

Now Hackers Are Using Snail Mail In Cyber Attacks - Here’s How

Operation Shipwrecked: US Seizes PopeyeTools Marketplace, Charges 3

Over 2,000 Palo Alto firewalls hacked using recently patched bugs

Over 145,000 Industrial Control Systems Across 175 Countries Found Exposed Online

Palo Alto Networks warns hackers are breaking into its customers’ firewalls - again

Phishing Scams Costing Americans Billions

Phishing scams exploit Japan’s digital currencies as fraud cases rise

Phishing Scheme Busted: U.S. Charges Five in Cryptocurrency Theft

Phobos ransomware operation uncovered by indictment against suspected admin

'PopeyeTools' marketplace for stolen credit cards disrupted by feds

Prepare for the Holiday Ransomware Storm

Protecting Critical Infrastructure with Zero-Trust and Microsegmentation

Ransomware attacks primarily caused by poor cyber hygiene

Ransomware gang BianLian ditches encryption, profits from data extortion

Ransomware Group Cooperation: A Growing Challenge in the Fight Against Cybercrime

Ransomware Groups Increasingly Targeting Poorly Secured and Outdated VPNs for Initial Access

Report reveals a major ransomware entry point for cyberattacks

Researchers unearth two previously unknown Linux backdoors

Retail loyalty programme apologises for customer data breach

Rockford Gastroenterology Associates Notifies 147,253 of 2023 Data Breach

Scattered Spider Cybercrime Group Faces Federal Indictments for $11 Million Theft

Sophisticated email threats on the rise

South Korea identifies North Korean hacker groups as suspects in $50M Upbit hack

Space technology giant Maxar says hacker stole employees' personal information

SSV Blockchain Network Data Leak Exposes Sensitive Information

The Alarming Reality: APAC Firms Experience Heightened Ransomware Attacks

Transport for London (TfL) resumes refund processing and Zip applications

Trellix report reveals evolving ransomware ecosystem trends

U.S. automaker Ford investigating major data breach from its internal network

U.S. Department of Agriculture (USDA) FIDO Rollout: A Case Study in Phishing-Resistant MFA

Uruguay’s Partido Nacional Website Faces HTML Injection Vulnerability

US Authorities Charge Five Criminals in $11 Million Crypto Phishing Scheme

US Charges 5 Suspected MGM Hackers from Scattered Spider Gang

US charges five alleged members of Scattered Spider gang

US charges suspected Scattered Spider hackers, disrupts PopeyeTools

US military officials used China-linked promotional gift shop GS-JJ, exposing over 300K emails

US seizes PopeyeTools cybercrime marketplace, charges administrators

Vietnam’s Infostealer Crackdown Reveals VietCredCare and DuckTail

vTech Solution Files Official Notice of Data Breach Leaking Individuals’ Social Security Numbers

Walls close in on MGM attackers as Department of Justice (DoJ) indicts five

Warning: Over 2,000 Palo Alto Networks Devices Hacked in Ongoing Attack Campaign

20th November

60% of Emails with QR Codes Classified as Spam or Malicious

2024 Arctic Wolf Security Report: Key insights and trends

4000 Stealer Logs Leaked, Exposing Personal Data

AI Company Reports $250,000 Stolen in Cyberattack

AI Detection Revolutionizes the Battle Against Ransomware Threats

AI-Driven Cyber Scams 'Real And Present Threat' To Australia's Critical Infrastructure

Amazon and Audible flooded with 'forex trading' and warez listings

AnnieMac details extent of data breach

Apple fixes 2 zero-days exploited to breach macOS systems (CVE-2024-44309, CVE-2024-44308)

Apple Issues Emergency Security Update for Actively Exploited Vulnerabilities

Apple issues update for Mac users targeted in zero-day cyber attack

Apple Releases Urgent Updates to Patch Actively Exploited Zero-Day Vulnerabilities

Apple Security Update: Addressing Critical Vulnerabilities in Apple Software

Apple security updates address dangerous zero-day attacks

Arete’s Latest Crimeware Report Details Ransomware and Extortion Trends and the Evolution of the Cyber Threat Landscape

Attackers Targeting VPNs Account for 28.7 Percent of Ransomware Incidents in Q3 According to Corvus Insurance Cyber Threat Report

Australia: Private schools being held for ransom by hackers as authorities warn cyber threats are 'evolving'

Australia critical infrastructure faces cyber threats, report says

Bitfinex hacker’s wife jailed for laundering

Black Friday Scammers are Hard at Work

BlackSuit ransomware ramps up operations hitting 93 organisations

Boksha Database Leaked, User Privacy at Risk

China-Backed Hackers Leverage SIGTRAN, GSM Protocols to Infiltrate Telecom Networks

Chinese APT Group Targets Telecom Firms Linked to Belt and Road Initiative

Cloud Find Login Data Leak Raises Major Security Concerns

Crypto phishing scam nets $129 million in USDT then funds mysteriously return

Cyberattack at French hospital exposes health data of 750,000 patients

Cybercriminals Exploit Weekend Lull to Launch Ransomware Attacks

Debunking myths about open-source security

Decades-Old Security Vulnerabilities Found in Ubuntu's Needrestart Package

Denniskirk.com Database Breach Leaks Customer Data

Financial Phishing Becomes A Threat To Companies In Southeast Asia

Financial phishing floods devices in Indian companies

Financial phishing still threatens Southeast Asia (SEA) businesses

Finastra Data Breach: 400GB Banking Data on Sale in Dark Web

Fintech giant Finastra confirms it’s investigating a data breach

Fintech giant Finastra investigates data breach after SFTP hack

Five alleged members of Scattered Spider cybercrime group charged for breaches, theft of $11 million

Five backup lessons learned from the UnitedHealth ransomware attack

Five Privilege Escalation Flaws Found in Ubuntu needrestart

Flash loan attack on Polter Finance: hacker steals $7 million in cryptocurrencies

Fleet tech provider Microlise says data security incident compromised corporate data

Ford Blames Third-Party Supplier for Data Breach

Fortinet VPN design flaw hides successful brute-force attacks

Gabagool Leveraging Cloudflare’s R2 Storage Service To Bypass Security Filters

German court rules Facebook users can seek compensation for data breach

Ghost Tap: Hackers Exploiting NFCGate to Steal Funds via Mobile Payments

Great Plains hospital says ransomware attack impacted over 133,000 patients

Hacker obtains House ethics testimony on Matt Gaetz as Trump makes calls for Attorney General (AG) nominee

Hacker steals sealed testimony of Matt Gaetz accusers

Hackers breach Library of Congress’ congressional research service emails in a cyberattack

Hackers Exploit Misconfigured Jupyter Servers for Illegal Sports Streaming

Hackers Hijack Jupyter Servers for Sport Stream Ripping

Healthcare organization Equinox notifies 21K patients and staff of data theft

Here's the New Hacker Trick to Trap You with Infected Emails

Hong Kong Monetary Authority (HKMA) Warns Public of Fraudulent Banking Websites and Phishing Scams

How today's ransomware groups operate

In a new era of cyber risk, businesses are preparing for zero hour

Infamous threat actor targets Tesla, gets immediately roasted by cyber pros

Linux Variant of Helldown Ransomware Targets VMware ESX Servers

Majority of UK businesses lack readiness for rising AI-led phishing attacks, reveals survey

Massive data breach exposes 56 million Hot Topic customers

Massive National Public Data Leak Exposes Sensitive Information

Massive November 2024 Stealer Logs Leak Exposes Sensitive Data

Meow, INC Ransom gangs leak San Francisco Ballet Company data

Mexico's president says government is investigating reported ransomware hack of legal affairs office

MITRE shares 2024's top 25 most dangerous software weaknesses

Names, addresses and other details of 44,000 customers leaked in Ford hacking

New Cyble Report Highlights Critical Vulnerabilities and Rising Cyber Threats in Australia and New Zealand (ANZ)

New Ghost Tap attack abuses NFC mobile payments to steal money

One Deepfake Digital Identity Attack Strikes Every Five Minutes

Online shoppers warned of Black Friday phishing campaign

Open Worldwide Application Security Project (OWASP) Warns of Growing Data Exposure Risk from AI in New Top 10 List for LLMs

Oracle Warns of Agile PLM Vulnerability Currently Under Active Exploitation

Over 21K Equinox patients, staff impacted by LockBit-claimed attack

Overreliance on GenAI to develop software compromises security

Overseas Business Continuity (BC) Data Collection Exposed for Blackmailing Purposes

Phishing Attack Failed?! Crypto Scammer Returns $129 Million in USDT

Phishing Decoded: How Cybercriminals Target You And How To Fight Back

Phobos ransomware indictment sheds light on long-running, quietly successful scheme

RansomHub hits Australian Securities and Investments Commission (ASIC) compliance firm in alleged cyber attack

Report reveals 614% surge in 'Scam-Yourself Attacks'

Russian ransomware gangs are going on a recruitment drive

‘Scam Yourself’ attacks have fooled millions — here's how not to fall victim

Scammer Stole Over $6.5 Million by Impersonating Coinbase Support

Six steps companies should take after a data breach

Slot Machine Operator International Game Reports Hacker Incident

Sophos alerts on rising quishing attacks

Southend Council at risk of ‘catastrophic’ cyber attack

Surge in financial phishing attacks in Southeast Asia

T-Mobile finally managed to thwart a data breach before it occured

Threat Assessment: Ignoble Scorpius, Distributors of BlackSuit Ransomware

Three big banks’ anti-phishing campaigns inspire new global framework

Trellix Uncovers Diversification of Ransomware Ecosystem as Cybercriminal Use of AI Expands

U.S. Government Accountability Office (GAO) recommends new agency to streamline how US government protects citizens’ data

Ubuntu Linux impacted by decade-old 'needrestart' flaw that gives root

Unknown person accessed documents on Matt Gaetz misconduct allegations

US and UK Military Social Network “Forces Penpals” Exposes SSN, PII Data

US charges five accused of multi-year hacking spree targeting tech and crypto giants

US charges five linked to Scattered Spider cybercrime gang

US space tech firm Maxar says employee personal data leaked in hack

Warning after data of 500,000 Auchan shoppers is targeted in cyber attack

Weaponized pen testers are becoming a new hacker staple

WezRat malware weaponised in phishing attacks to steal data

19th November

7 Common Web App Security Vulnerabilities Explained

'Abuse boxes' and other methods banks can use to counteract phishing

AdventHealth Files Official Notice of Data Breach

Agencies Need Data Backup and Recovery to Combat Increasingly Complex Ransomware

AI automation firm iLearningEngines hacked, $250K stolen

AI Firm iLearningEngines Hit by Cyberattack, Loses $250,000 in Wire Fraud

AMGtime Database Leak Exposes Sensitive Workforce Data

Apple fixes two zero-days used in attacks on Intel-based Macs

Aspen Healthcare Services Announces Data Breach Following Ransomware Attack

Bad Actors Impersonating Government Agencies in Latest DocuSign Scams

Black Friday deals or data steals: here’s how top shopping apps can access your data

Botnet fueling residential proxies disrupted in cybercrime crackdown

Change Healthcare Fully Restores Clearinghouse Services After February Ransomware Attack

Check Point uncovers Gmail phishing scheme

Chinese Hackers Exploit T-Mobile and Other U.S. Telecoms in Broader Espionage Campaign

CISA Rolls Out Next-Gen Learning Platform to Boost Cybersecurity Skills

CISA tags Progress Kemp LoadMaster flaw as exploited in attacks

Cloud ransomware threats rise, targeting Amazon's Simple Storage Service (S3) & Azure

Companies Take Over Seven Months to Recover From Cyber Incidents

Critical Windows Kerberos Flaw Exposes Millions of Servers to Attack

Cross-IdP impersonation bypasses SSO protections

Cyber Threat Trends in 2024: The Landscape According to Top Industry Reports

Cybersecurity Advice Customers Love to Ignore

D-Link urges users to retire VPN routers impacted by unfixed RCE flaw

‘Damaging Testimony’ Related To Gaetz Investigation Accessed By Hacker

Damning Testimony From Matt Gaetz Accuser Now in The Hands of Hacker

Data privacy experts predict some wins under Trump 2.0

Drinking Water Systems for 27 Million Americans Have High-Risk Security Vulnerabilities

Enhancing Traveler Data Security: Best Practices for Managing Sensitive Info

Fintech Giant Finastra Investigating Data Breach

Ford investigates alleged breach following customer data leak

France: Hospital Database Breach Affects 750K Records

France: Hospital Data Breach Exposes 1.5M Customer Records

Gaetz investigation documents stolen by hacker

German Court Rules Facebook Users Can Claim Money Over Data Breach

German court says victims of massive Facebook data breach can be compensated

Google warns millions over ‘random emoji’ clue that you’re about to suffer costly phishing scam

Hacker accesses sealed testimony of woman alleging Matt Gaetz had sex with her when she was 17 years old

Hacker alleges to have accessed testimony around Matt Gaetz

Hacker gains access to testimony in Matt Gaetz investigations

Hacker gets access to 'damaging' Matt Gaetz files with testimony 'from woman who was 17 when they had sex'

Hacker obtains files from House Ethics Committee detailing explosive claims against Matt Gaetz

Hacker reportedly accessed file with damaging testimony about Attorney General candidate Matt Gaetz

Hacker roamed space tech giant Maxar‘s systems for days

Hacker Steals File With Damaging Testimony Against Matt Gaetz

Hacker stole documents from file server used in civil case connected to Matt Gaetz

Hackers Hijack Unsecured Jupyter Notebooks to Stream Illegal Sports Broadcasts

Hackus Mail Checker 2.2.0 Cracked Version Leaked Online

"Helldown" ransomware attacks expand to Linux and VMware

Helldown ransomware evolves to target VMware systems via Linux

Helldown Ransomware Expands to Target VMware and Linux Systems

Helldown ransomware exploits Zyxel VPN flaw to breach networks

Helldown Ransomware Group Tied to Zyxel's Firewall Exploits

Landmark ruling by Australian regulator sets guardrails for commercial use of facial recognition technology

Linux Variant of Helldown Ransomware Targets VMware ESXi Systems

Massive 600GB Emirates Cloud Data Breach Raises Security Concerns

Massive Credential Leak Exposes 1 Billion Login Records

Mercer University Settles Lawsuit Over Personal Data Breach

Meridian Man Sentenced to 10 Years for Cyber Hacking and Extortion Scheme

Microlise Admits Hackers Compromised Corporate Data in Cyberattack

New 'Helldown' Ransomware Variant Expands Attacks to VMware and Linux Systems

New Threat Report from Cato Networks Reveals Ransomware Gangs Recruiting Penetration Testers to Improve Effectiveness of Attacks

Ngioweb Botnet Fuels NSOCKS Residential Proxy Network Exploiting IoT Devices

November 2024 Logs Leak Exposes Sensitive Information

Oklahoma Hospital Says Ransomware Hack Hits 133,000 People

Option Care Health Reports August 2024 Data Breach Following Compromised Employee Emails Account

Oracle patches exploited Agile PLM vulnerability (CVE-2024-21287)

Oracle warns of Agile PLM file disclosure flaw exploited in attacks

Palo Alto Networks Patches Critical Firewall Vulnerability

Phobos ransomware administrator faces US cybercrime charges

'Phobos' Ransomware Cybercriminal Extradited From South Korea

PracticeSuite Announces Data Breach Affecting Patients of Texan ENT Specialists, PLLC

Privileged Accounts, Hidden Threats: Why Privileged Access Security Must Be a Top Priority

Ransomware Evolution: From Triple-Quadruple Extortion to RaaS

Ransomware Gangs on Recruitment Drive for Pen Testers

Ransomware group ‘Sarcoma’ attacks Popular Life Insurance

Red red team team: Threat actors hire pentesters to test out ransomware effectiveness

Russian extradited to US from South Korea to face cybercrime charges

Russian hacker extradited to US over Phobos ransomware crimes

Russian Man Extradited to US, Face Charges in Phobos Ransomware Operation

Russian Phobos ransomware operator faces cybercrime charges

Russian Ransomware Gangs on the Hunt for Pen Testers

Russian suspected Phobos ransomware admin extradited to US over $16M extortion

Russian-American Hacker Sentenced in Historic $4.5 Billion Bitcoin Laundering Case

San Francisco Ballet hacked data posted for sale by two ransomware gangs

'Scam yourself' attacks just increased over 600% - here's what to look for

Significant surge in DocuSign impersonation attacks: hackers mimicking government

Space tech giant Maxar confirms attackers accessed employee data

Suspected Phobos Ransomware Admin Extradited to US

T-Mobile Breached in Major Chinese Cyber-Attack on Telecoms

Testimony from NSO Group raises questions about its culpability for spyware abuses

The rise of “porch pirates” using leaked tracking data to steal iPhones

Transportation Security Administration (TSA) not monitoring transportation sector efforts to stop ransomware, watchdog says

Unidentified hacker gains access to damaging Matt Gaetz's files

"Unknown and unauthorized third party" has gained access to Matt Gaetz depositions

Unknown Hacker Gets Hands on Damning Evidence Against Matt Gaetz

US charges ransomware administrator with help of Japan police

US extradites Russian accused of extorting millions in Phobos ransomware payments

Vishing, Wangiri, and Other VoIP Fraud Tactics On the Rise

VMware virtual machines under attack: hackers exploit critical vCenter Server flaw

Warning: VMware vCenter and Kemp LoadMaster Flaws Under Active Exploitation

What is Phishing and How To Avoid It?

Why AI alone can’t protect you from sophisticated email threats

Wife of Bitfinex hacker receives lighter sentence, “excited” to share her story

You're Not Imagining It: Phishing Attacks Are Rampant

18th November

1.5 Million Exposed: Set Forth & Centrex Hit by Massive Data Breach

300 Drinking Water Systems in US Exposed to Disruptive, Damaging Hacker Attacks

Accused Phobos Ransomware Hacker in US Custody

ADT Freight Services listed as alleged victim by Sarcoma ransomware gang

AI Can Be Leveraged For Phishing Scams: What You Need To Know To Stay Safe

AI company tells Securities and Exchange Commission (SEC) that $250,000 stolen in cyberattack

AI training software firm iLearningEngines says it lost $250,000 in recent cyberattack

Akira Ransomware: Published Over 30 New Victims on their DLS

Akira Ransomware Racks Up 30+ Victims in a Single Day

Amazon data breach affects employee info

AnnieMac Data Breach Impacts 171,000 Customers

APT Group DONOT Launches Cyberattack on Pakistan’s Maritime and Defense Industry

Argentina: Student Database Breach in Entre Ríos Province

Attackers are exploiting 2 zero-days in Palo Alto Networks firewalls (CVE-2024-0012, CVE-2024-9474)

Australia: Cyber security bill recommended for 'urgent' parliamentary approval

Beware of Fake Sites Mimicking Black Friday Deals

Bipartisan effort to clean up cyber regulations gets a boost in House, but calendar is tight

Bitfinex hacker who stole 120,000 bitcoins gets five years in prison

Bitfinex Hacker’s Wife Razzlekhan Sentenced to 18 Months for Laundering

Black Friday gaming sales could be disrupted by bots

Black Friday or Black Fraud-day? A Prime Time for Fraud and Cyberattacks

British software company Microlise confirms hackers compromised corporate data

Chatbots & Voice Phishing: How To Safeguard Against Potential Risks From AI

Chinese hackers exploit Fortinet VPN zero-day to steal credentials

Chinese Salt Typhoon Hacked T-Mobile in US Telecom Breach Spree

‘ClickFix’ Cyber-Attacks for Malware Deployment on the Rise

Critical RCE bug in VMware vCenter Server now exploited in attacks

Cyber attack on AnnieMac Home Mortgage impacted over 170,000 borrowers

Data Breaches and Spreadsheets: How to Avoid Fines When Excelling

Distributor of ANOM Encrypted Devices Sentenced to Over 5 Years in Prison

Don’t Hold Down The Ctrl Key - New Warning As Cyber Attacks Confirmed

El Dorado school district says hackers stole the data of over 30,000 students and staff

Exploitation of Scalable Vector Graphics (SVG) attachments in phishing on the rise

Facebook Data Breach Fallout - Millions May Receive Compensation

Facebook Malvertising Campaign Spreads Malware via Fake Bitwarden

Facebook users affected by data breach eligible for compensation, German court says

Fake Bitwarden ads on Facebook push info-stealing Chrome extension

Fake Discount Sites Exploit Black Friday to Hijack Shopper Information

Fake Donald Trump Assassination Story Used in Phishing Scam

Ford Customer Data Breach, German Statistical Data Leak, and Bank of France Targeted

Germany: Compensation for Facebook data breach victims

Germany: Stauberstahl.com Database Breach Exposes Sensitive Data

Gmail's New Shielded Email Feature Lets Users Create Aliases for Email Privacy

Government Agency Spoofing: DocuSign Attacks Exploit Government-Vendor Trust

Great Plains Regional Medical Center Notifies Patients of Data Breach Following Ransomware Attack

Hacked crypto project Thala agrees to $300K bounty, recovers $25M

Heather ‘Razzlekhan’ Morgan sentenced to 18 months in prison, ending Bitfinex saga

Helix darknet Bitcoin 'mixer' will fork over $750M, serve time, for processing 1M+ transactions

How and where to report cybercrime: What you need to know

How to Create a Strong Security Culture

How to ensure a fast recovery from the inevitable cyber-attack

Increased GDPR Enforcement Highlights the Need for Data Security

India: NCISM NEET Students Data Breach Exposes Personal Details

India: Sreedharscce.com Data Breach Exposes Millions of Records

India: Tjori.com 2021 Data Breach Exposes 1 Million User Records

India sees 135,173 financial phishing attacks in H1 2024, says study

Israel subjected to Iranian attacks with new WezRat infostealer

Just Eat urged to engage with Northern Ireland takeaways that fell victim to phishing scam

Major US telecom T-Mobile among victims of China-linked breach

Many US water systems exposed to ‘high-risk’ vulnerabilities, watchdog finds

Microsoft 365 Admin portal abused to send sextortion emails

Mistakes that leave you open to attack

Mozilla 0Din Warns of ChatGPT Sandbox Flaws Enabling Python Execution

Navigating the compliance labyrinth: A CSO’s guide to scaling security

New Chrome, Safari, Firefox, Edge Warning - Do Not Shop On These Websites

New Stealthy BabbleLoader Malware Spotted Delivering WhiteSnake and Meduza Stealers

North Korean IT Worker Network Tied to BeaverTail Phishing Campaign

NSO Group Exploited WhatsApp to Install Pegasus Spyware Even After Meta's Lawsuit

One in five DocuSign spoofs targeting businesses found to be impersonations of regulatory agencies

Palo Alto firewalls exploited after critical zero-day vulnerability

Palo Alto Networks patches two firewall zero-days used in attacks

Palo Alto Reports Two More Bugs in PAN-OS That Are Being Actively Exploited

RansomHub lays claim on Mexican government website hack

RansomHub ransomware gang claims data breach targeting Mexican government

RansomHub says 313GB exfiltrated in Mexican government cyber attack

Ransomware: Significant rise of attacks on Indian businesses

Ransomware Attack on Oklahoma Medical Center Impacts 133,000

Ransomware attacks surge in Southeast Asia with 57,000 cases

Ransomware gang Akira leaks unprecedented number of victims’ data in one day

Research finds 56% increase in active ransomware groups

Rockport Mortgage Notifies Individuals of Recent Data Breach Leaking Their Personal Information

Russian national in US custody in Phobos ransomware investigation

Space tech giant Maxar confirms hacker accessed employees’ personal data

Strengthening cybersecurity this Black Friday: combatting social engineering and phishing threats

Surge in DocuSign Phishing Attacks Target US State Contractors

Swiss Cyber Agency Warns of QR Code Malware in Mail Scam

T-Mobile Also Hit in China-linked Telecom Network Breaches

T-Mobile confirms breach amid wave of Chinese state-sponsored telecom attacks

T-Mobile hit by alleged Chinese cyber attack in major data breach

TEAM Software Breach, Hackers Gain Unauthorized Access To Network Infrastructure

Thala recovers $25.5M in crypto lost through v1 farming vulnerability

The Problem of Permissions and Non-Human Identities - Why Remediating Credentials Takes Longer Than You Think

Transforce.in – Database Breach Exposes Sensitive User Data

TriHealth Physician Partners Sends Out Data Breach Letters Following Incident at Vendor

Turkey fines Amazon’s Twitch 2 million lira for data breach

Turkey fines Twitch over data breach that revealed top streamer income

Turkey sanctions Twitch for user data breach

Türkiye fines Twitch $58K over massive data breach impacting thousands

Twitch data breach leaves Amazon with major fine

Twitch Fined $58K in Turkey Over Major Data Breach Fail

U.S. Extradites and Charges Alleged Phobos Ransomware Admin

UK Shoppers Lost £11.5m Last Christmas, National Cyber Security Centre (NCSC) Warns

Unraveling the Mysteries of Ransomware- How AI-Driven Detection is Turning the Tide

Urgent: Critical WordPress Plugin Vulnerability Exposes Over 4 Million Sites

URL Login & Password Leak – 2.5 Million Records Exposed

US charges Phobos ransomware admin after South Korea extradition

US Government Agencies Impersonated in Aggressive DocuSign Phishing Scams

US space tech giant Maxar discloses employee data breach