Editor's Message

Welcome to DBD. On March 8th we celebrated our 4th Anniversary and the 1st Anniversary of our PRiSM application, officially endorsed by the SANS Institute. Despite recent personal issues that have impacted the amount of time I have been able to dedicate to both projects, I have been doing my best to keep everything as up-to-date as possible, and I would like to take this opportunity to thank everyone for their patience and support whilst I navigate through this very difficult time. Stay safe. :)



Monday, 11 November 2024

Data Breaches Digest - Week 46 2024

Welcome to this week's Data Breaches Digest, a catalogue of links concerning Data Breaches and Cyber Security that were published on the Internet during the period between 11th November and 17th November 2024.


17th November

Data Breach Drama: When Trust Turns Costly in a Digital Age

Don’t Hold Down The Ctrl Key Warning As New 2SP Cyber Attacks Emerge

Good Hacker Hacked 100 Dark Web Hackers Using Fake Ransomware Tool

Head of Rape Crisis Scotland cleared over data breach complaints

Phishing emails increasingly use Scalable Vector Graphics (SVG) attachments to evade detection

Security plugin flaw in millions of WordPress sites gives admin access

US: ‘We need quicker reporting' – Some lawmakers push for stronger data breach regulation

16th November

Chinese Hacker Group Salt Typhoon Targets US Telecoms

Cybersecurity Flaws in US Drinking Water Systems Put 26 Million at Risk

Data breach affects Limerick offices of major financial company

DEEPDATA Malware Exploiting Unpatched Fortinet Flaw to Steal VPN Credentials

Do not use this password since it will take a hacker just one second to figure it out

Equinox discloses data breach involving health info of clients, staff

Fake AI video generators infect Windows, macOS with infostealers

German stats body says suffered possible data breach

Giggle Academy Breach Highlights $800 Million Crypto Phishing Crisis

GitHub projects targeted with malicious commits to frame researcher

Glove Stealer bypasses Chrome’s App-Bound Encryption to steal cookies

Google thinks these are the biggest security threats facing businesses in 2025

Hackers attempt to backdoor GitHub projects with malicious commits

Here's What a Hacker Could Really Do With Access to Your Wi-Fi Router

Idaho hacker detained for breaching Georgia medical clinic and police department computers

Infamous Crypto Hacker Behind Nearly $11,000,000,000 Bitfinex Exploit Sentenced to Five Years in Prison

Internet Archive Strengthens Defenses After Data Breach and DDoS Attack

NSO Group used WhatsApp exploits even after Meta-owned company sued it

PAN-OS Firewall Vulnerability Under Active Exploitation – Indicators of Compromise (IoCs) Released

Snowflake Hackers Charged With Massive 50 Billion Data Breach Of AT&T

T-Mobile confirms it was hacked in recent wave of telecom breaches

T-Mobile hack linked to Chinese breaches of telecom networks

T-Mobile Hacked – China Launched Massive Cyber Attack on U.S. Telecom Networks

T-Mobile hacked in massive Chinese breach of telecom networks

Thala Recovers $25.5M in Stolen User Assets from Hacker

Turkey fines Amazon's Twitch 2 million lira for data breach

What a second Trump term means for the future of ransomware

15th November

8.8 Rated PostgreSQL Vulnerability Puts Databases at Risk

183 million business contacts stolen from DemandScience listed for sale by hacker

2016 Bitfinex Hack Case Closed: Ilya Lichtenstein Sentenced for Laundering Billions in Stolen Bitcoin

AI’s impact on the future of web application security

American Associated Pharmacies allegedly breached by Embargo ransomware

AnnieMac Home Mortgage Data Breach Leaks Information of 171,074 Consumers

Australia: Wollongong-based Micon Office National confirms ransomware attack

Beyond the breach: How cloud ransomware is redefining cyber threats in 2024

Bitdefender Cracks ShrinkLocker Decryption: How to Fix Your PC

Bitfinex hacker gets 5 years in prison for 120,000 bitcoin heist

Bitfinex hacker gets prison time

Bitfinex Hacker Ilya Lichtenstein Jailed for Five Years

Bitfinex hacker Ilya Lichtenstein was sentenced to 5 years in prison

Bitfinex Hacker Jailed for Five Years Over Billion Dollar Crypto Heist

Bitfinex hacker Lichtenstein sentenced to five years for 2016 crypto heist

Bitfinex Hacker Receives 5 Years for 120,000 BTC Theft

Bitfinex hacker receives five-year sentence for record-breaking crypto heist

Bitfinex hacker sentenced to 5 years in prison for extracting nearly 120k BTC

Bitfinex Hacker Sentenced to 5 Years, Guilty of Laundering $10.5 Billion in Bitcoin

Bitfinex hacker sentenced to five years for massive crypto heist

Black Basta Ransomware Leveraging Social Engineering For Malware Deployment

Black Friday scams: 4 red flags to look out for

Black Lotus, Emotet, Beep, and Dark Pink, still the top malware threats of 2024

Botnet exploits GeoVision zero-day to install Mirai malware

Brazilian Databases Leak Exposes Sensitive Information

China-linked hackers stole surveillance data from telecom companies, US says

Chinese Cyber Attack Hits U.S. Telecom Firms: T-Mobile, AT&T, and More Compromised

Chinese targeting of US telecoms involved extensive data compromise

CISA Annual Top Exploited Vulnerabilities List Finds Zero-Days On the Rise, Log4Shell Still A Problem

CISA Flags Two Actively Exploited Palo Alto Flaws; New RCE Attack Confirmed

Cloud Services Are Becoming a Ransomware Hotspot

Critical vulnerabilities persist in high-risk sectors

Crypto hacker who stole $11 billion of bitcoin sentenced to prison

Cyber crooks push Android malware via letter

Cyberattack leads to bare shelves at Stop & Shop, Hannaford, Food Lion and more

Cybercriminals hijack DNS to build stealth attack networks

Data Breach Statistics By Types, Attacks, Industry, Geography, Customers and Facts

DNS predators steal 70K websites with simple hack: researchers warned it was coming

Expert warns construction industry on costly ransomware attacks

FBI, CISA confirm China-linked cyber espionage targeting US telecoms, government

German Stats Body Says Suffered Possible Data Breach

Germany’s Federal Office for Information Security (BSI) 2024 Cybersecurity Report: How Germany Is Battling Ransomware, APTs, and Election Security Challenges

Government of Mexico's official website claimed by RansomHub gang

Hacker sentenced over bitcoin theft worth billions

Hackers charged in AT&T data breach that exposed 50 billion customer records

Hackers now sending physical malicious letters, Swiss authorities warn

Half of all Ransomware Attacks This Year Targeted Small Businesses

Herron Todd White says new ransomware claim is the same dataset

High-Severity Flaw in PostgreSQL Allows Hackers to Exploit Environment Variables

High-Severity Vulnerability in Cisco ECE Could Lead to Denial of Service, CERT-In Issues Alert

Hot Topic customers exposed in 'largest retail breach in history,' report says

How AI Is Transforming Identity Access Management (IAM) and Identity Security

How to Prevent Phishing: Everything You Need to Know

Idaho hacker sentenced for breaching Georgia medical clinic, police department computers

Indian police arrest suspect in $230 million WazirX crypto exchange hack

Indian University Data Breach Exposes Sensitive Information

Iranian Hackers Deploy WezRat Malware in Attacks Targeting Israeli Organizations

Keyboard robbers steal 171K customers' data from AnnieMac mortgage house

Law firm Thompson Coburn says data breach impacted over 300,000 Presbyterian Healthcare patients

Lobby groups accuse Safaricom of data breach, calls for accountability

Microsoft Power Pages Misconfigurations Expose Millions of Records Globally

Moray Council refers itself to watchdog over apparent data breach

Multinational retailer Ahold Delhaize says cyber attack impacted its U.S. operations

NIST report on hardware security risks reveals 98 failure scenarios

Novel ShrinkLocker ransomware decryptor unveiled

NSO Group used another WhatsApp zero-day after being sued, court docs say

O2’s AI Granny Outsmarts Scam Callers with Knitting Tales

Ohio man behind Helix cryptocurrency mixer gets 3-year sentence

Otsego Public Schools alerts families to data breach, offers resources

Otsego Public Schools wraps up investigation of 2023 data breach

Palo Alto Networks Confirms New Zero-Day Being Exploited by Threat Actors

Palo Alto Networks firewalls, Expedition under attack (CVE-2024-9463, CVE-2024-9465)

Palo Alto Networks warns of critical RCE zero-day exploited in attacks

Palo Alto updates advisory about firewall bug after discovering exploitation attempts

Patients at center of data breach case win $65M settlement against Lehigh Valley Health Network

Phishing attacks accelerated in 2024, cost $800M year-to-date

PoinCampus Data Breach Exposes Sensitive User and Institutional Data

Ransomware attack forces Wisconsin's City of Sheboygan to take its network offline

Ransomware Attacks on Healthcare Sector Surge in 2024

Ransomware Groups Use Cloud Services For Data Exfiltration

Ransomware surge highlights critical cybersecurity gaps in health care

RBN Insurance Services Notifies 10,205 Individuals of February 2024 Data Breach

Researchers Warn of Privilege Escalation Risks in Google's Vertex AI Machine Learning (ML) Platform

Schneider Electric Data Breach Leaks Critical Data, Hellcat Ransomware Group Demands Hefty Ransom in Baguettes

Second threat actor claims Cisco data breach

SelectBlinds announced card-skimming data breach

Shoemaker Start-Rite says hackers accessed customers' personal and payment information

SilkSpecter Scam Network’s 4,700 Fake Black Friday Shopping Sites Impersonate IKEA, The North Face, Lidl

Ten billion dollar crypto theft lands hacker five years sentence

The consequences of paying the ransom in a ransomware attack

The Houston Housing Authority Announces Data Breach Following Ransomware Attack

The Pervasive Threat of Ransomware

This ‘AI Granny’ hack wastes telephone scammers’ time with boring chit-chat

Thwarting Phishing Attacks with Predictive Analytics and Machine Learning in 2024

Two charged in Snowflake data breach

Up to 300k people impacted in City of Helsinki's massive data breach

US confirms Chinese hacker group Salt Typhoon behind several telecom breaches — what you need to know

US hacker jailed for five years over Bitcoin heist worth billions of dollars

US hacker sentenced over Bitcoin heist worth billions

US Hacker Sentenced to Five Years for $4.5 Billion Bitcoin Heist

US hacker sentenced to five years in the slammer for laundering the proceeds of nearly 120,000 stolen bitcoin worth $10,800,000,000 at today's prices

US Hacker Who Stole $4.5 Billion Worth Bitcoins Sentenced

Use These 5 Rules to Block Phishing Emails From Your Inbox

Vietnam Strengthens Cybersecurity by Partnering with CISA to Secure Critical Infrastructure

Vietnamese Hacker Group Deploys New PXA Stealer Targeting Europe and Asia

VRSEC Data Breach Exposes Sensitive Student Information

VTB Bank Data Breach Exposes 6.3 Million Client Records

watchTowr Finds New Zero-Day Vulnerability in Fortinet Products

Zero-Day Exploits Surge in 2023, Cisco, Fortinet Vulnerabilities Targeted

14th November

1.1 Million UK NHS Employee Records Exposed From Microsoft Power Pages Misconfiguration

39% of firms have shown ransomware readiness

60% increase in scam domain registrations targeting holiday shoppers

1,400 Pegasus spyware infections detailed in WhatsApp’s lawsuit filings

200,000+ customers’ data compromised at retailer

ACao.org Data Breach Exposes Sensitive User Information

American Associated Pharmacies allegedly breached by Embargo ransomware

API Security in Peril as 83% of Firms Suffer Incidents

Australia: New South Wales healthcare provider JewishCare suffers comprehensive data breach

Bank of England U-turns on Vulnerability Disclosure Rules

Bitdefender released a decryptor for the ShrinkLocker ransomware

Bitdefender Releases ShrinkLocker Ransomware Decryptor That Recovers BitLocker Files

Bitfinex Hacker Sentenced to 5 Years as DOJ Ends $10 Billion Crypto Theft Case

Cargill employee’s ransomware attack and discrimination claims dismissed

CarSwitch.com Data Breach Exposes Personal Information of 220K Users

China-linked threat actors compromised multiple telecos and spied on a limited number of U.S. government officials

Chinese malware attack hits Tibetan websites

CISA and FBI: Chinese Hackers Compromised US Telecom Networks

CISA warns of more Palo Alto Networks bugs exploited in attacks

Cybercriminals target victims in Spain, Germany, Ukraine with Strela Stealer malware

Data breach at Alltech Consulting exposes over 216,000 job seekers' personal information

Data Breach Exposes 87K User Records from American Companies and Infragard.org

Data breach exposes 122M records from DemandScience following initial denials

Data Breach Exposes Personal Information of 57 Million Retail Customers

DeFi Capital Data Breach Exposes Sensitive Investment Fund Data

Delhi Police Arrests Accused From Bengal In Rs 2,000-Crore WazirX Cyber Attack Case

Delhi Police Crack Down on WazirX Crypto Heist, Arrest Bengal Man for ₹2,000 Crore Theft

DOC Data Breach Exposes 6K User Records

Dominican Republic Data Breach Exposes Vaccination Information

Embargo Ransomware Group Claims Attack on American Associated Pharmacies

Experts Uncover 70,000 Hijacked Domains in Widespread 'Sitting Ducks' Attack Scheme

Fake North Korean IT Worker Linked to BeaverTail Video Conference App Phishing Attack

FBI confirms China-backed hackers breached US telecom giants to steal wiretap data

FBI confirms China-linked cyber espionage involving breached telecom providers

Fortifying data security with advanced technology

Fraud network uses 4,700 fake shopping sites to steal credit cards

German Federation Statistical Database Breach Exposes 3.8GB of Sensitive Data

German interior minister warns of cyber threat ahead of elections

GigaChad Investor Loses $6 Million in Phishing Attack Involving Fake Zoom Link

GoCloud Router Zero-Day Vulnerability for Sale

Google Cloud Cybersecurity Forecast 2025: AI, geopolitics, and cybercrime take centre stage

Google launches on-device AI to alert Android users of scam calls in real-time

Google starts rolling out scam and malware detection tools for Pixel smartphones

Google Warns of Rising Cloaking Scams, AI-Driven Fraud, and Crypto Schemes

Guarding against ransomware in the midgame

Hacker gets 10 years in prison for extorting US healthcare provider

Hot Topic Data Breach Exposes Millions’ Private Details

How a Windows zero-day was exploited in the wild for months (CVE-2024-43451)

How cybersecurity failures are draining business budgets

Hungary confirms hack of defense procurement agency

Idaho Hacker Sentenced to 10 Years for Extortion and Data Breach Affecting 132,000, Including Georgia Residents

Indian Police Arrest Key Suspect in $234 Million WazirX Cyber Attack

Indian Police Arrest Suspect Tied to $234M WazirX Cyber Attack

Iran Paper Information Center Data Breach Exposes Sensitive Data

Iran-linked group aims malware at aerospace industry through fake job recruiters

Key ICS Vulnerabilities Identified in Latest CISA Advisories

Law enforcement keeps raiding the homes of high-profile crypto players

Lazarus Group Targets macOS with RustyAttr Trojan in Fake Job PDFs

Lebak Regency Data Breach Exposes Full Citizen Data

LinkedIn Data Breach Exposes Personal and Professional Data of 50K Users

Major Companies Lag in Reporting Phishing Scams Using Their Brand Names

Major Data Breach Exposes Personal Information of 1.5 Million Americans

Malware being delivered by mail, warns Swiss cyber agency

Massive Data Breach Exposes 122 Million Business Contacts from DemandScience

Massive Telecom Hack Exposes US Officials to Chinese Espionage

Microsoft Power Pages Misconfiguration Leads to Data Exposure

Millions Still Use Basic Passwords Despite Rising Data Breach Risks

Mobile County Health Department Data Breach Leaves Patients in the Dark

National Institute of Standards and Technology (NIST) Clears Backlog of Known Security Flaws but Not All Vulnerabilities

National Institute of Standards and Technology (NIST) is chipping away at National Vulnerability Database (NVD) backlog

New Glove infostealer malware bypasses Chrome’s cookie encryption

New RustyAttr Malware Targets macOS Through Extended Attribute Abuse

Novel ShrinkLocker ransomware decryptor unveiled

O2 launches AI “grandma” to keep fraudsters on the line

Oak Valley Hospital Reaches Settlement in Class Action over Data Breach

Ransomware continues to pummel organisations in Southeast Asia

Russian Hackers Exploit New NTLM Flaw to Deploy RAT Malware via Phishing Emails

Ruthless sextortion scammers now threatening to show up at your house

Set Forth data breach exposes sensitive information of 1.5 million customers

ShrinkLocker Ransomware: What You Need To Know

ShrinkLocker ransomware scrambled your files? Free decryption tool to the rescue

Singapore targets ransomware with tougher policies, avoids payouts

Sitting Ducks DNS Attacks Put Global Domains at Risk

Six steps companies should take after a data breach

The Bahamas: Container port CEO highlights “painful” cyber attack as call for stronger cybersecurity culture

The Bahamas: Failed cyber attack on Central Bank’s website sparks heightened threat awareness

The data breach on Hot Topic retail firm impacts millions of clients

The Real Price of a Data Breach in Retail

The State of Cloud Ransomware in 2024

These 8 Apps on Google Play Store Contain Android/FakeApp Trojan

TIAA data breach exposes 2.4 million Social Security numbers

URL-Log-Pass Data Breach Exposes 147K User Login Credentials

US agencies confirm Beijing-linked telecom breach involving call records of politicians, wiretaps

US says China conducted massive espionage through breached telcos

WazirX hack: West Bengal man arrested over $235 million cyber attack

Why that Google Meet error might be a sneaky hacker trick

Xobin leak: screening job applicants with AI, but storing personal data in an open bucket

Yorozu Corporation Faces Cyberattack, Delays Financial Report Submission Amid Data Breaches

You Can Lock Your Social Security Number After a Data Breach. Here's How

Zero-days dominate top frequently exploited vulnerabilities

13th November

300,000 Patients Impacted By Law Firm Data Breach

57,000,000 Retail Customers Exposed In Massive Data Breach

Aerospace employees targeted with malicious “dream job” offers

AI Threat to Escalate in 2025, Google Cloud Warns

Amazon Confirms Data Breach Affecting the Data of 2.8 Million of Its Employees

Amazon Confirms Data Breach Exposing Employee Phone Numbers and Sensitive Information

Amazon says hackers stole employee data from vendor’s servers

Amazon MOVEit Leaker Claims to Be Ethical Hacker

ASM Global Notifies Affected Individuals of Recent Data Breach

AT&T, Ticketmaster data breach hackers charged with stealing 50 billion records

Australian Critical Infrastructure Faced Heightened Cyberthreats in 2024

Bitdefender Finds New ShrinkLocker Ransomware, Releases Its Decryptor Tool

Bitdefender releases decryptor for ShrinkLocker ransomware

CarSwitch.com Data Breach Exposes Personal Information of 220K Users

China-linked group hacked Tibetan media and university sites to distribute Cobalt Strike payload

CISA Alerts: Five Newly Exploited Vulnerabilities Added to Critical Watchlist

CISA reveals hackers’ favorite targets: critical flaws affect major tech giants

Critical bug in End-of-Life (EoL) D-Link NAS devices now exploited in attacks

Critical Infrastructure in Australia Faces Heightened Threats in 2024, Says Annual Risk Review

Cyber attack caused major outage at Washington state's district and municipal courts

Cyber attack on debt relief company Set Forth impacted about 1.5 million individuals

Cyber attack on tech vendor disrupted Serco's prisoner transport service

Data broker amasses 100M+ records on people – then someone snatches, sells it

Delta Air Lines joins Amazon in confirming third-party data leak

DNA-testing firm vanishes with highly sensitive customer genetic data

Drilling equipment provider Newpark Resources hit by a ransomware attack

Eagle Bank notifies customers of potential data breach compromising Mastercard accounts

Emmenhtal Loader Uses Scripts to Deliver Lumma and Other Malware

Ex-Air Guardsman Sentenced to 15 Years for Leaking Top-Secret U.S. Military Intel on Social Media

Florida law firm Gunster settles 2022 data breach case for $8.5 million

Free Decryptor Released for BitLocker-Based ShrinkLocker Ransomware Victims

From Royal to BlackSuit: Understanding the Tactics and Impact of a Sophisticated Ransomware Strain

GitHub users targeted by dangerous new phishing threat

GoIssue phishing tool targets GitHub developer credentials

Government Accountability Office (GAO) Finds Persistent Gaps in HHS Cybersecurity Efforts in U.S. Healthcare

Hackers use macOS extended file attributes to hide malicious code

Hamas-Affiliated WIRTE Employs SameCoin Wiper in Disruptive Attacks Against Israel

Hive0145 Targets Europe with Advanced Strela Stealer Campaigns

Hot Topic data breach exposed personal data of 57 million customers

Iranian Hackers Use "Dream Job" Lures to Deploy SnailResin Malware in Aerospace Attacks

Lawyer allegedly hacked with spyware names NSO founders in lawsuit

Lazarus Group Uses Extended Attributes for Code Smuggling in macOS

Leaked info of 122 million linked to B2B data aggregator breach

LePoint.fr Data Breach Exposes Thousands of User Records

Microsoft Fixes 90 New Flaws, Including Actively Exploited NTLM and Task Scheduler Bugs

Microsoft Fixes Four More Zero-Days in November Patch Tuesday

Microsoft patches Windows zero-day exploited in attacks on Ukraine

Microsoft’s November 2024 Patch Tuesday Addresses 91 Vulnerabilities, Including Four Critical Zero-Days

MOVEit Culprit Claims to be Ethical Hacker

National Institute of Standards and Technology (NIST) says exploited vulnerability backlog cleared but end-of-year goal for full list unlikely

New England Grocers Stop & Shop, Hannaford Coping With Cyber Attack

New ShrinkLocker ransomware decryptor recovers BitLocker password

Oilfield giant Halliburton took a $35 million hit from the August ransomware attack

OvrC Platform Vulnerabilities Expose IoT Devices to Remote Attacks and Code Execution

Patch Tuesday: Four Critical Vulnerabilities Paved Over

Pentagon leaker Jack Teixeira sentenced to 15 years in federal prison

Ransomware fiends boast they've stolen 1.4TB from US pharmacy network

Research uncovers the tool creating recent GitHub phishing attacks

Rhysida group claims major cyber attack on Fylde Coast Academy Trust

Roblox Data Breach Exposes Millions of User Accounts

Sango Family Dentistry notifies 27,000 patients of data breach, offers identity protection

Social engineering scams sweep through financial institutions

South West Family Medicine Associates notifies nearly 37,000 patients and employees of data breach

The infamous Volt Typhoon hacker group is back

The Role of Threat Intelligence in Preventing Ransomware

Thousands of Israeli gun owners allegedly exposed

Tips to protect yourself from phishing attacks

Top 15 Exploited Cyber Vulnerabilities Revealed: Five Eyes Alliance Urges Immediate Patching

UK and allies warn of cyber attack vulnerabilities

U.S. Department of Health and Human Services (HHS) Announces Additional Settlements Following Ransomware Attacks Including First Enforcement Under Risk Analysis Initiative

UN Security Council meeting discusses impact of ransomware attacks on hospitals

US government charges hackers behind massive AT&T breach

US government officials’ communications compromised in recent telecom hack

US indicts Snowflake hackers who extorted $2.5 million from 3 victims

Wisconsin city of Sheboygan says ransom demanded after cyberattack

Your Biggest Security Risk: The Insider Threat

12th November

5 Ways Behavioral Analytics is Revolutionizing Incident Response

4,800 phishing incidents monthly in India's banks

A cyberattack on payment systems blocked cards readers across stores and gas stations in Israel

Accused Ticketmaster hacker Connor Moucka facing extradition and decades in jail

Ahold Delhaize Confirms Cyber Breach – Food Lion, Stop & Shop, Hannaford Among Affected Brands

AI-enhanced ransomware attacks in the UK necessitate Enterprise Resource Planning (ERP) security

Alleged Data Leak of Equis Financial Exposes Detailed Client Information

Alleged Data Leak of Michelin-Starred Restaurant in Singapore Exposes Customer Information

Almost 500 million Instagram users had their data scraped, hackers claim

Amazon Acknowledges Data Breach That Leaked Employees' Phone Numbers And More Info

Amazon Admits Data Breach as Latest MOVEit Scandal Victim

Amazon Confirms Data Breach Affecting Employee Information

Amazon Confirms Data Breach Linked to MOVEit Vulnerability

Amazon Confirms Employee Data Breach Through Third-Party Vendor

Amazon Confirms Employee Data Breach Via Third-party Vendor

Amazon confirms employee data breach, but company says financial details remain secure

Amazon confirms employee data breached during cyber attack

Amazon confirms employee data compromised amid 2023 MOVEit breach claims – but the hacker behind the leak says a host of other big tech names are also implicated

Amazon confirms employee data exposed in third-party data breach: What we know

Amazon Confirms Limited Data Breach Involving Employee Contact Details

Amazon confirms major data breach, important details of millions of employees compromised

Amazon Confirms MOVEit Data Breach Exposes Employee Data

Amazon Confirms MOVEit-Related Data Breach Exposed Employee Information

Amazon Data Breach: Employees' Phone Numbers, Personal Information And Other Details Compromised

Amazon employee data breach exposes contact information

Amazon employee data breach linked to third-party vendor

Amazon Employee Data Leaked by Hacker

Amazon employee data stolen by hacker, company confirms

Amazon Employees Experienced A Data Breach. Here’s What Happened

BBS Financial Confirms Data Breach Following January 2024 Ransomware Attack

Brightline reaches $7 million settlement over 2023 data breach

Business Bank Accounts from Major Platforms Allegedly Listed for Sale, Raising Financial Security Concerns

China's Hacker Army Outshines America

CISOs Turn to Indemnity Insurance as Breach Pressure Mounts

Communication after a cyber-attack

Controversial UN cybercrime treaty clears final hurdle before full vote as US defends support

Court filings reveal inner workings of alleged hackers accused of the ShinyHunters data breach

Critical Veeam CVE targeted by new ransomware variant

Crypto Investor Loses $6M in GigaChad Phishing Scam: Key Lessons for Security

Cyber Attack on UK Train Station WiFi Sparks Safety Concerns

D-Link won’t fix critical bug in 60,000 exposed End-of-Life (EoL) modems

Data Vigilante Leaks 8 Million Employee Records from Amazon, HP and Others

Dell India Vendor Portal Allegedly Compromised, Exposing Sensitive User Data

Delta, Amazon confirm vendor breach as dark web posts revive MOVEit leak concerns

Devastating email compromise scheme robs home buyers of life’s savings

Dutch company behind Hannaford, Stop & Shop says cyber issue affecting US network

Employee data from Canada Post, Amazon and more revealed in data breach

Energy Giant Halliburton Reveals $35m Ransomware Loss

FBI, CISA, and NSA reveal most exploited vulnerabilities of 2023

From Amazon to McDonald’s: what do we know about the latest major data leak?

Germany warns of potential cyber threats from Russia ahead of snap election

GIGA investor loses $6 million in phishing scam

GIGA investor loses $6 Million to phishing scam via fake Zoom link

GigaChad Token Holder Loses $6 Million in Phishing Attack

Google Chrome Users at Risk: CERT-In Advises Urgent Update to Fix Security Flaws

Hacker Leaks BBVA Bank Data, Including User Details

Hackers Exploit Microsoft Office Flaw in New Remcos RAT Phishing Attack

Hackers Leveraging Microsoft Visio Files & SharePoint For Two-Step Phishing Attack

Halliburton says ransomware attack cost it $35 million in losses

Harnessing Chisel for Covert Operations: Unpacking a Multi-Stage PowerShell Campaign

Have I Been Pwned says 57 million affected in Hot Topic data breach

Hewlett Packard Enterprise (HPE) Issues Urgent Patches for Critical Vulnerabilities in Aruba Networking Access Points

Hot Topic breach: Has your credit card info been compromised?

Hot Topic Data Breach: A Massive Leak Exposes Millions of Customer Records

Hot Topic data breach thought to have hit nearly 54 million customers

How cyber hacks might change under Trump's presidency

How Italy became an unexpected spyware hub

Important lessons to be learned from Police Service of Northern Ireland (PSNI) Data Breach

Insurance Firm Introduces Liability Coverage for CISOs

Major Hot Topic Data Breach Affects 57 Million Customers

Majority of Indian businesses invest in AI but only 39% ready to fight ransomware attacks

Malicious Python Package Index steals Amazon Web Services credentials

Massive troves of Amazon, HSBC employee data leaked

Microsoft Exchange adds warning to emails abusing spoofing flaw

Microsoft fixes actively exploited zero-days (CVE-2024-43451, CVE-2024-49039)

Microsoft November 2024 Patch Tuesday fixes 4 zero-days, 91 flaws

Microsoft Visio files used to carry out dangerous phishing attacks

Microsoft’s November Patch Tuesday Fixes 91 Vulnerabilities, 4 Zero-Days

Millions of Hot Topic Customers Impacted by Data Breach

MOVEit Data Leak Exposes Employee Data of Amazon, HSBC & More – What You Need to Know

MOVEit vulnerability sees Amazon, McDonald’s, HSBC, and more employee data leaked

New Citrix Zero-Day Vulnerability Allows Remote Code Execution

New England Grocery Stores and Pharmacies Hit Hard by Devastating Cyber Attack

New Flaws in Citrix Virtual Apps Enable RCE Attacks via MSMQ Misconfiguration

New GitLoker-Linked GoIssue Tool Targets GitHub Users for Phishing

New Google Chrome Warning As ‘No 0-Day’ Drive-By Cyber Attack Confirmed

New MOVEit exploit hits Amazon, HP and McDonald’s

New Phishing Campaign Delivers Advanced Remcos RAT Variant

New Phishing Tool GoIssue Targets GitHub Developers in Bulk Email Campaigns

New Ransomware Ymir Discovered in the Wild Using RustyStealer

New Wave of Phishing Attacks Exploits Microsoft Visio Files for Two-Step Credential Theft

New Ymir Ransomware Exploits Memory for Stealthy Attacks; Targets Corporate Networks

North Korea Hackers Leverage Flutter to Deliver macOS Malware

North Korean hackers create Flutter apps to bypass macOS security

North Korean Hackers Target macOS Using Flutter-Embedded Malware

Novel Ymir ransomware targets enterprises with memory manipulation

Only 39% of Indian companies have the ability to withstand a prolonged ransomware event

Over 60% Indian Organizations Vulnerable to AI-Driven Ransomware Attack

Pakistan Telecommunication Authority (PTA) Report Reveals Surge in Cyber Attacks, APT Threats in Pakistan’s Digital Sector

Phemedrone Stealer V2.3.2 Malware Tool for Sale, Posing Major Security Threat

Phish n’ Ships phishing attack continues to attack unaware users

Phishing Emails Are On the Rise: Spot These Trends

Phishing scam via fake Zoom link costs GIGA investor $6 Million

Phishing Tool GoIssue Targets Developers on GitHub

Reported Data Leak at Equis Financial Exposes Extensive Client Information

Reporting Into the Void: Research Suggests Companies Fall Short When It Comes to Addressing Phishing

SelectBlinds Data Breach, 200,000+ Customers Card Details Skimmed in Cyberattack

Singapore wants police to stop stubborn victims from sending money to scammers

SlashNext warns of ‘GoIssue’ phishing tool targeting GitHub users

Snowflake hackers identified and charged with stealing 50 billion AT&T records

Sri Lanka: Meteorological Department’s website being restored after cyber attack

Surge in exploits of zero-day vulnerabilities is ‘new normal’ warns Five Eyes alliance

TA455’s Iranian Dream Job Campaign Targets Aerospace with Malware

Tewkesbury Council’s ‘Cyber Attack’ Turns Out to Be a False Alarm

The changing face of identity security

The future of cyber-security education

The rise of phishing-resistant Multi-Factor Authentication (MFA) and what it means for a passwordless future

Two major hacking groups are teaming up for dangerous new ransomware attacks

Understanding the Cybercriminal Mindset: Protecting Your School’s Data

Verified Cryptocurrency Exchange Accounts Allegedly for Sale, Raising Security and Fraud Concerns

Volt Typhoon rebuilds malware botnet following FBI disruption

Was Amazon Hacked - Have Your Account And Password Been Compromised?

Washington State Court systems face widespread outages following “unauthorized activity” on networks

Watch out, that Excel document could be infected with dangerous malware

Ymir Ransomware Hacks Memory to Breach Networks Unseen

Ymir ransomware, a new stealthy ransomware grow in the wild

11th November

1.5 million Americans hit in massive debt relief service data breach - names, addresses, SSNs and more exposed

4 reasons why veterans thrive as cybersecurity professionals

91 Million Mobile and Phone Number Records Allegedly Leaked, Raising Privacy Concerns

2014-2021 Mazdas vulnerable: attackers can take over infotainment system using USB

A cyber attack blocked credit card payments in Israel for several hours

A new fileless variant of Remcos RAT observed in the wild

A surge in Pro-Russia cyberattacks after decision to monitor North Korean Troops in Ukraine

Alleged Data Breach at Indian Ayurvedic Herbs Online Store Exposes Sensitive Customer Data

Alleged Data Breach at Mr. Winter Wheels Exposes Sensitive Customer Information

Alleged Leak of Updated Grand Theft Auto V (GTA V) Source Code Raises Security Concerns for Rockstar Games

Alleged Scraping of 489 Million Instagram User Records Raises Privacy Concerns

Amazon Confirms Data Breach Exposed 2,800,000 Lines Of Employee Data

Amazon confirms employee data breach after vendor hack

Amazon confirms employee data breach, but says it’s limited to contact info

Amazon confirms employee data stolen after hacker claims MOVEit breach

Amazon discloses employee data breach after May 2023 MOVEit attacks

Anti-Israel hacker claims hack on Ministry of National Security, posts settler IDs online

Are You Googling This? You Could Be Walking Into a Cyber Trap

Australia: Computer Users Warned of Cyber Attack Triggered by Innocuous Search About Bengal Cats

Authorities arrest alleged Ticketmaster, AT&T hacker

Bitcoin Fog Operator Gets 12.5 Years for Longest-Running Bitcoin Laundering

Canadian authorities arrest Snowflake hacker Moucka

Chinese threat actor exploits credentials from password spray attacks

CISA Urges Patching of Critical Palo Alto Networks’ Expedition Tool Vulnerability

CISA Warns of Critical Vulnerabilities in Industrial Control Systems Affecting Key Infrastructure Sectors

City of Sheboygan hit by apparent ransomware attack

City of Sheboygan Hit by Cyberattack – Here’s the Latest on the Ransom Threat

City of Sheboygan investigating ransomware attack

Combating the Ransomware Menace: How to Safeguard and Respond Effectively

Critical WPLMS WordPress Theme Vulnerability Puts Websites at Risk of Remote Code Execution (RCE) Attacks

Crypto Community on Alert: Dormant Hacker Steals and Launders Millions

'Cyber attack' council working to ease backlog

Cyberattack causes credit card readers to malfunction in Israel

Cyberattack Cost Oil Giant Halliburton $35 Million

Cyberattack Disrupts Israel’s Gas Stations and Payment Systems - Here’s What We Know

Cybercrime Investigation and Coordinating Center (CICC) Probes GCash Heist: Major Cyber Attack Uncovered

Cybercriminals Use Excel Exploit to Spread Fileless Remcos RAT Malware

D-Link to Not Fix Critical Bug Found in End-of-Life NAS Devices

Data breach laws drive up private debt costs but being cyber smart can help

Embargo Ransomware Gang Sets Deadline to Leak Hospital Data

English Construction Company Targeted in Ransomware Attack, Leading to Data Breach Affecting Former Employees

Food Lion involved in cyber attack: What to know

For the first time, Telegram hands criminal user data to Dutch authorities

Gmail's worldwide warning 'over large-scale phishing campaign' - urges users to delete scam emails

Hackers Exploiting Veeam RCE Flaw to Deploy New Frag Ransomware

Hackers use Visio files to spread phishing links

Halliburton reports $35 million loss after ransomware attack

Have I Been Pwned (HIBP) notifies 57 million people of Hot Topic data breach

Health and Human Services (HHS) Inks $90K Settlement Linked to Ransomware Hack

Healthcare sector faces surge in ransomware attacks, Sophos finds

Hewlett Packard Enterprise (HPE) Issues Critical Security Patches for Aruba Access Point Vulnerabilities

Hot Topic suffers data breach exposing 57 million records

Hot Topic’s Approximately 57 Million Breached Accounts Added to Have I Been Pwned (HIBP)

How Crypto Whales Become Phishing Targets

How Data Breach Laws Impact Loan Terms for Businesses

How human ingenuity continues to outpace automated security tools

Kaspersky identifies new stealthy ransomware

Layering Defences to Safeguard Sensitive Data Within AI Systems

Man gets 10 years for stealing $20M in nest eggs from 400 US home buyers

Man Gets 12.5 Years for Running Bitcoin Fog Crypto Mixer

Mass Telegram account hijacking via supply-chain phishing campaign

Massive data breach: American debt relief service exposes 1.5 million

Microsoft Bookings Flaw Enables Account Hijacking and Impersonation

Microsoft Visio Files Used in Sophisticated Phishing Attacks

Mizuno USA Hit! BianLian Ransomware Leaks Sensitive Data

MOVEit fallout: hackers leak employee data from Amazon, MetLife, HSBC, and other major companies

New England grocery stores, pharmacies impacted by cyber attack

New GootLoader Campaign Targets Users Searching for Bengal Cat Laws in Australia

New Remcos RAT Variant Targets Windows Users Via Phishing

New Ymir ransomware partners with RustyStealer in attacks

Newpark Resources discloses October ransomware attack

Newpark Resources hit by ransomware; activates cybersecurity response

Nokia Security Breach Leaks Source Code, Login Credentials, Keys and More; Hacker Sells Data To Special Buyers

Northern Schools and Academy Locked Down by Ransomware

OpenText reveals 2024 nastiest malware, LockBit leads list

Orthopedics Rhode Island Confirms September 2024 Data Breach Compromised Sensitive Patient Information

Pensioners Warned Over Winter Fuel Payment Scam Texts

Philippines GCash hit by major phishing attack

Phishing attack targets Massachusetts employee emails

Planned Parenthood of Montana Confirms August 2024 Data Breach Leaking Sensitive Patient Information

Radwan Cyber Pal Hacker Group Alleges Access to Sensitive Data of Israeli Soldiers and Settlers

Scattered Spider and BlackCat reemerge after takedown

Security Flaws in Popular Machine Learning (ML) Toolkits Enable Server Hijacks, Privilege Escalation

Set Forth, Inc. Sends Data Breach Letters to 1.5 Million Consumers

Sheboygan Fights Ransomware Attack Amid Service Disruptions

South West Family Medicine Associates Notifies Patients of August 2024 Data Breach

Standard Bank data breach: How to check if you’ve been impacted

Standard Bank data breach: How to know if you have been affected

Standard Bank Data Breach Exposes Customer Details Globally

Strategies for CISOs navigating hybrid and multi-cloud security

The Importance of Effective Incident Response

The Philippines: Cybercrime Investigation and Coordinating Center (CICC) probing possible GCash cyber attack

This Crafty Excel Phishing Campaign Is Spreading Dangerous Fileless Malware

UK pensioners targeted with fake Winter Fuel Payment scam

UK Urges International Collaboration to Battle Ransomware Surge

US oilfield service provider disrupted by ransomware attack

Wayback Machine cyber attacks: Everything you need to know

White House Slams Russia Over Ransomware's Healthcare Hits

Why Business Email Compromise (BEC) Impersonation is the Weapon of Choice for Cybercriminals

World Economic Forum (WEF) Introduces Framework to Strengthen Anti-Cybercrime Partnerships

World Health Organization (WHO), 50 countries warn UN of rising ransomware attacks on hospitals

Ymir: new stealthy ransomware in the wild