Welcome to this week's Data Breaches Digest, a catalogue of links concerning Data Breaches and Cyber Security that were published on the Internet during the period between 18th November and 24th November 2024.
24th November
1.5GB Mixed Document Collection Leaked on the Dark Web
Attackers retain old scamming tricks with new twists - and consumers must stay informed to protect themselves
Bangkok busts SMS Blaster sending 1 million scam texts from a van
Department of Justice (DoJ) seized credit card marketplace PopeyeTools and charges its administrators
Don’t get caught in the 'Apple ID suspended' phishing scam
Egypt arrests hacker behind global cyber fraud platforms targeting individuals, organizations
Iranian attempts have become more sophisticated, more targeted, and really tailored to the interests of the target
Major cybercrime crackdowns signal shift in global cybersecurity strategies
Meta removes over 2 million accounts pushing pig butchering scams
OpenAI Spoofing Scams: How to Counter Phishing Attacks
Security Gaps in VPN Infrastructure Drive Ransomware Surge
23rd November
8,100 Banks and Financial Institutions Brace for Fallout As Hackers Reveal Major Data Breach on Dark Web
A cyberattack on gambling giant IGT disrupted portions of its IT systems
Andrew Tate’s University Breach: 1 Million User Records and Chats Leaked
Financial phishing plagues Southeast Asia (SEA) firms; Thailand hit hardest with 140K+ attacks
Finastra Suffers Data Breach, Puts 8,100 Banks on Alert
Hackers abuse Avast anti-rootkit driver to disable defenses
‘Immediate security action’ taken after prison maps leaked on dark web
Microsoft seized 240 sites used by the ONNX phishing service
Nearly 60,000 Ransomware Attacks Detected In First-Half 2024 in Southeast Asia (SEA)
New threat report from Cato Networks reveals ransomware gangs recruiting penetration testers to improve effectiveness of attacks
North Korean Hackers Steal $10M with AI-Driven Scams and Malware on LinkedIn
Pacific Pulmonary Medical Group patient information dumped by Everest Ransomware Team
Prison layouts reportedly leaked on dark web
Ransomware-as-a-Service group BianLian opts for unique model
Russia 'prepared to bash Britain with massive cyber attack', ministers to warn NATO conference
Russia-Linked Hacker Group TAG-110 Hits 60+ Targets Across Asia and Europe in Espionage Blitz
Russian Connected To Multimillion-Dollar Ransomware Gang Extradited To US
The rise and fall of the ‘Scattered Spider’ hackers
22nd November
7-Zip affected by dangerous vulnerability: users must update the app manually
9 Months After Breach, Change Healthcare Billing Back Online
240+ Domains Used By Phishing-as-a-Service (PhaaS) Platform ONNX Seized by Microsoft
Advisory warns of activity by BianLian ransomware group
Agencies Release Joint Advisory on Russian Cybercriminal Group BianLian
AI and Open Source Security: The Critical Role of AI-Powered Fuzzing in Finding Flaws
Andrew Tate’s controversial online “university” breached, 800K users’ data stolen
Andrew Tate's online university suffers mass data breach of 800,000 users after hack
APT-K-47 Uses Hajj-Themed Lures to Deliver Advanced Asyncshell Malware
Aspen Healthcare says hackers stole patient's healthcare data from its systems
Attackers targeting VPNs account for over a quarter of ransomware incidents in Q3
Bojangles data leak: “It’s breach time!”
CERT-In Flags Critical Vulnerabilities in Zoom: Update Your Apps Now
ChatGPT’s Solana API Suggestion Links to Phishing Site, Costing User $2,500
China-linked hackers target Linux systems with new spying malware
China-Linked TAG-112 Targets Tibetan Media with Cobalt Strike Espionage Campaign
City of Sheboygan says no evidence sensitive data were obtained in cyber attack
Critical Condition: The Increasing Frequency of Ransomware Attacks in Healthcare
Cyber attack on French health tech platform compromised over 1.5 million patients records
Cyber attack targets borough operations of Montreal North
Cybercriminals target Olympic Games & concerts in 2024
Cybercriminals turn to pen testers to test ransomware efficiency
Data breach exposes over 1.1 million records belonging to Forces Penpals
Deepfake attacks occur every five minutes
Deepfake attacks seen as top cyber threat in Australia
DeliveryHero subsidiary fined $5.2 million for tracking drivers’ geolocation
Department of Justice (DOJ) Charges Five in ‘Scattered Spider’ Crypto Phishing Case
Department of Justice (DOJ) Takes Down Global Cybercrime Hub PopeyeTools, Seizes Cryptocurrency
Don’t get caught in the “Apple ID suspended” phishing scam
Eight ways in which AI is altering corporate approaches to cybersecurity
Email Phishing and DMARC Statistics
Ever kept '123456' as your password? NordPass report reveals why such passwords are a hacker's dream
Examining the 'Worst' Telco Cyber Attack in US History
Experts warn of Palo Alto firewall exploitation after 2,000 compromises spotted
Fintech giant Finastra says hacker stole data from its internal network
Five Alleged Scammers Federally Charged With Running Crypto Phishing Scheme by Department of Justice (DOJ)
Five Ransomware Groups Responsible for 40% of Cyber-Attacks in 2024
Ford debunks data breach claims, confirms no customer impact
Ford denies it was hit by data breach, says customer data is safe
Fraud Prevention in Online Payments: A Practical Guide
French hypermarket chain Auchan says cyber attack impacted loyalty programme member data
Gen reports surge in ransomware & mobile threats
Hackers board Palo Alto vulnerability bandwagon: over 2,000 firewalls hacked and counting
Hackers breach US firm over Wi-Fi from Russia in 'Nearest Neighbor Attack'
Hackers Leveraging Google Docs & Weebly Services To Attack Telecom Industries
How to Spot Black Friday Scams
Humboldt Independent Practice Association (Humboldt IPA) Data Breach Affects an Unknown Number of Individuals
Infosys McCamish Confirms Farmers Insurance Customers Were Affected by October 2023 Data Breach
Italian food delivery app Foodinho eats another privacy fine
Italy plans crackdown on database hacks
Kitchener man alleged mastermind behind Snowflake hack
Major Cyberattack Targets Gambling Giant International Game Technology (IGT), Systems Taken Offline
Malware Bypasses Microsoft Defender and 2FA to Steal $24K in Crypto
Manufacturing Sector in the Crosshairs of Advanced Email Attacks
Members Trust Company Data Breach Following Compromised Email Accounts Affects 11,854 Consumers
Meta boots over 2 Million fake accounts originating from overseas scam centers
Microsoft Disrupts ONNX Phishing Service, Names Its Operator
Microsoft Seizes 240 Domains Used By Phishing-As-A-Service (PhaaS) Platform
Microsoft Seizes 240 Websites to Disrupt Global Distribution of Phish Kits
Microsoft Takes Down Phishing-as-a-Service Domains
Microsoft, Meta, and DOJ Disrupt Global Cybercrime and Fraudulent Networks
MITRE Unveils Top 25 Most Critical Software Flaws
More than 2,000 Palo Alto Networks firewalls hacked exploiting recently patched zero-days
Nigeria: National Information Technology Development Agency (NITDA) Alerts Businesses to Rising Ymir Ransomware Threat
North Korean IT worker scams lead to FBI seizure of fake domains, exposes new tactics
Novel hacker group claims major ransomware attack on tech provider Microlise
Oil Giant Halliburton Lost $35 Million Due to the August 2024 RansomHub Ransomware Data Breach
One of the nastiest ransomware groups around may have a whole new way of doing things
ONNX phishing-as-a-service operation disrupted
Operation Lunar Peek: More Than 2,000 Palo Alto Network Firewalls Hacked
Phishing Attacks Exploits the Open Enrollment Period
Phishing Emails Use SVG Files to Avoid Detection
Pro-Russian hacker group targets critical infrastructure and public services
PyPI Attack: ChatGPT, Claude Impersonators Deliver JarkaStealer via Python Libraries
Ransomware attacks rise by 19% in October according to NCC Group
Ransomware attacks rise with construction sector most hit
RRCA Accounts Management Falls Victim to Play Ransomware Attack
Russia has intensified cyber espionage activities in Central Asia
Russia-Linked Cyber-Espionage Campaign Targets Central Asia
Russian Cyber Spies Target Organizations with HatVibe and CherrySpy Malware
Russian Hackers Deploy HATVIBE and CHERRYSPY Malware Across Europe and Asia
SafePay ransomware gang claims Microlise attack that disrupted prison van tracking
Scattered Spider Hacking Group Charged in Million-Dollar Multi-County Crypto Phishing Heist
Scattered Spider suspects indicted
Senators call for audit of Transportation Security Administration's (TSA’s) facial recognition tech as use expands in airports
SFTP hack forced Finastra to investigate a data breach
Singapore: Beware of surge in parcel delivery phishing scams during year-end sales
Six-months on: Are we still afraid of the Black Cat?
Snow Brand Australia confirms SafePay ransomware attack
T-Mobile data breach part of Chinese telecom hacks
Tesla data breach falsely claimed by IntelBroker, third-party EV charging firm actually breached
The 1 Co apologizes for data breach impacting 5 million customers
The intersection of browser security and AI: how enterprises are navigating the double-edged sword
The limits of AI-based deepfake detection
The Story Of Conti Ransomware – The War Within (Episode 2)
The US Calls Out Russia for Ransomware Attacks on US Healthcare Organizations
The Yakuza Helpline Hack - Are 2,500 Ex-Gangsters And Victims In Danger?
Three-Quarters of Black Friday Spam Emails Identified as Scams
Toktest.org (Walmart Gift Card), Indiana Toll Road Text, and Netfix Phishing: Top Scams of the Week
U.S. Agencies Seize Four North Korean IT Worker Scam Websites
UK drinking water supplies disrupted by record number of undisclosed cyber incidents
UK fintech Finastra investigating data breach impacting internal SFTP platform
UMC Health System confirms patient data exposure after cyber attack, patients being notified
UMC Health System provides update on those affected in ransomware attack
Unmasking ELPACO-team: A Deep Dive into the Latest Ransomware Threat
US and Europe Account for 73% of Global Exposed ICS Systems
21st November
5 charged in “Scattered Spider,” one of the most profitable phishing scams ever
5 Hackers Charged for Attacking Companies via Phishing Text Messages
5 Scattered Spider Gang Members Indicted in Multi-Million Dollar Cybercrime Scheme
90% of Industrial Firms Hit By Cyber-attack This Year
2,000 Palo Alto Networks devices compromised in latest attacks
750,000 Patients' Medical Records Exposed After Data Breach at French Hospital
A Fifth of UK Enterprises “Not Sure” If NIS2 Applies
Active network of North Korean IT front companies exposed
Advice for Critical Infrastructure Security and Resilience Month
Apple Patches Two Zero-Day Attack Vectors
BianLian cyber gang drops encryption-based ransomware
BianLian Ransomware Group Adopts New Tactics, Posing Significant Risk
Buyoplace.com Database Leak Exposes Customer and Transaction Data
Chinese APT Gelsemium Targets Linux Systems with New WolfsBane Backdoor
Chinese hackers target Linux with new WolfsBane malware
CISA says BianLian ransomware now focuses only on data theft
Coalition highlights 68% surge in ransomware claims severity
Cyber attack hits Auchan, customer data stolen
Cyber insurers address ransom reimbursement policy concerns
Cyber Threats in Australia: Insights from the Annual Cyber Threat Report 2023-2024
Cybersecurity Myths: Debunking the Top 5 Most Common Misconceptions
Data breach at law firm Thompson Coburn affects Presbyterian Healthcare patients
Database Leak Exposes Information on 180,000 Chinese-American WeChat Users
Delta Airlines reportedly experiences data breach
Dozens of Central Asian targets hit in recent Russia-linked cyber-espionage campaign
Duolingo User Data Scraped and Circulating on the Dark Web
Enhancing visibility for better security in multi-cloud and hybrid environments
Fake discount sites exploit Black Friday to hijack shopper information
FBI says BianLian based in Russia, moving from ransomware attacks to extortion
Feds Charge Five Men in ‘Scattered Spider’ Roundup
Feds Shut Down 'PopeyeTools' Hacking Site That Sold Credit Card Numbers
Finance giant Finastra warns clients of potential data breach
Financial Software Firm Finastra Investigating Data Breach
Finastra discloses large-scale data breach
Five Alleged Members of Scattered Spider Cybercrime Group Charged for Stealing $11 Million
Five Charged in Scattered Spider Case
Five members of cyber gang Scattered Spider indicted in U.S.
Five Scattered Spider suspects indicted for phishing spree and crypto heists
Florida man charged in nationwide scams worth millions
Ford Says Data Breach Claims Are Bogus
Fortinet VPN design flaw hides successful brute-force attacks
French hospital hit by massive data breach, over 750,000 patients impacted
French hospital suffers major data breach in cyberattack
Full recovery from breaches takes longer than expected
Gambling and lottery giant disrupted by cyberattack, working to bring systems back online
Google OSS-Fuzz Harnesses AI to Expose 26 Hidden Security Vulnerabilities
Google's AI-Powered OSS-Fuzz Tool Finds 26 Vulnerabilities in Open-Source Projects
Grand Forks Public Schools Loses $2.2M to Phishing Scam
Hackers break into Andrew Tate’s online ‘university,’ steal user data and flood chats with emojis
How Phishing Emails Target Mobile Users: Tips To Stay Safe
Huge US healthcare payment network finally restored after ransomware attack
iLearningEngines Notifies SEC of Recent Cyberattack, Raising Concerns over Possible Data Breach
Job termination scam warns staff of phony Employment Tribunal decision
Joint US, Australian advisory sheds more light on BianLian ransomware
Linux Malware WolfsBane and FireWood Linked to Gelsemium APT
Lumma Stealer Proliferation Fueled by Telegram Activity
Massive B2B Database Leak Exposes 420,000 U.S. Companies
Massive cyber attack targets Direct Assurance
Massive Leak Exposes Data of 4 Million Israeli Facebook Users
MDLand International Files Official Notice of Data Breach Affecting 63,052 People
Mercer University settles lawsuit over data breach, agrees to compensation
Meta says it has removed 2 million accounts linked to pig butchering scams
Microsoft disrupts ONNX phishing-as-a-service infrastructure
Microsoft seizes 240 websites used by Egyptian phishing-as-a-service operation ‘ONNX’
Microsoft Takes Action Against Phishing-as-a-Service Platform
Microsoft targets Egyptian linked to DIY phishing kits
NodeStealer Malware Targets Facebook Ad Accounts, Harvesting Credit Card Data
North Korea hackers behind 2019 $42 million Ethereum heist, South Korea police say
North Korean Front Companies Impersonate U.S. IT Firms to Fund Missile Programs
Novel NFC-exploiting Ghost Tap attack technique gains traction
Now BlueSky hit with crypto scams as it crosses 20 million users
Now Hackers Are Using Snail Mail In Cyber Attacks - Here’s How
Operation Shipwrecked: US Seizes PopeyeTools Marketplace, Charges 3
Over 2,000 Palo Alto firewalls hacked using recently patched bugs
Over 145,000 Industrial Control Systems Across 175 Countries Found Exposed Online
Palo Alto Networks warns hackers are breaking into its customers’ firewalls - again
Phishing Scams Costing Americans Billions
Phishing scams exploit Japan’s digital currencies as fraud cases rise
Phishing Scheme Busted: U.S. Charges Five in Cryptocurrency Theft
Phobos ransomware operation uncovered by indictment against suspected admin
'PopeyeTools' marketplace for stolen credit cards disrupted by feds
Prepare for the Holiday Ransomware Storm
Protecting Critical Infrastructure with Zero-Trust and Microsegmentation
Ransomware attacks primarily caused by poor cyber hygiene
Ransomware gang BianLian ditches encryption, profits from data extortion
Ransomware Group Cooperation: A Growing Challenge in the Fight Against Cybercrime
Ransomware Groups Increasingly Targeting Poorly Secured and Outdated VPNs for Initial Access
Report reveals a major ransomware entry point for cyberattacks
Researchers unearth two previously unknown Linux backdoors
Retail loyalty programme apologises for customer data breach
Rockford Gastroenterology Associates Notifies 147,253 of 2023 Data Breach
Scattered Spider Cybercrime Group Faces Federal Indictments for $11 Million Theft
Sophisticated email threats on the rise
South Korea identifies North Korean hacker groups as suspects in $50M Upbit hack
Space technology giant Maxar says hacker stole employees' personal information
SSV Blockchain Network Data Leak Exposes Sensitive Information
The Alarming Reality: APAC Firms Experience Heightened Ransomware Attacks
Transport for London (TfL) resumes refund processing and Zip applications
Trellix report reveals evolving ransomware ecosystem trends
U.S. automaker Ford investigating major data breach from its internal network
U.S. Department of Agriculture (USDA) FIDO Rollout: A Case Study in Phishing-Resistant MFA
Uruguay’s Partido Nacional Website Faces HTML Injection Vulnerability
US Authorities Charge Five Criminals in $11 Million Crypto Phishing Scheme
US Charges 5 Suspected MGM Hackers from Scattered Spider Gang
US charges five alleged members of Scattered Spider gang
US charges suspected Scattered Spider hackers, disrupts PopeyeTools
US military officials used China-linked promotional gift shop GS-JJ, exposing over 300K emails
US seizes PopeyeTools cybercrime marketplace, charges administrators
Vietnam’s Infostealer Crackdown Reveals VietCredCare and DuckTail
vTech Solution Files Official Notice of Data Breach Leaking Individuals’ Social Security Numbers
Walls close in on MGM attackers as Department of Justice (DoJ) indicts five
Warning: Over 2,000 Palo Alto Networks Devices Hacked in Ongoing Attack Campaign
20th November
60% of Emails with QR Codes Classified as Spam or Malicious
2024 Arctic Wolf Security Report: Key insights and trends
4000 Stealer Logs Leaked, Exposing Personal Data
AI Company Reports $250,000 Stolen in Cyberattack
AI Detection Revolutionizes the Battle Against Ransomware Threats
AI-Driven Cyber Scams 'Real And Present Threat' To Australia's Critical Infrastructure
Amazon and Audible flooded with 'forex trading' and warez listings
AnnieMac details extent of data breach
Apple fixes 2 zero-days exploited to breach macOS systems (CVE-2024-44309, CVE-2024-44308)
Apple Issues Emergency Security Update for Actively Exploited Vulnerabilities
Apple issues update for Mac users targeted in zero-day cyber attack
Apple Releases Urgent Updates to Patch Actively Exploited Zero-Day Vulnerabilities
Apple Security Update: Addressing Critical Vulnerabilities in Apple Software
Apple security updates address dangerous zero-day attacks
Arete’s Latest Crimeware Report Details Ransomware and Extortion Trends and the Evolution of the Cyber Threat Landscape
Attackers Targeting VPNs Account for 28.7 Percent of Ransomware Incidents in Q3 According to Corvus Insurance Cyber Threat Report
Australia: Private schools being held for ransom by hackers as authorities warn cyber threats are 'evolving'
Australia critical infrastructure faces cyber threats, report says
Bitfinex hacker’s wife jailed for laundering
Black Friday Scammers are Hard at Work
BlackSuit ransomware ramps up operations hitting 93 organisations
Boksha Database Leaked, User Privacy at Risk
China-Backed Hackers Leverage SIGTRAN, GSM Protocols to Infiltrate Telecom Networks
Chinese APT Group Targets Telecom Firms Linked to Belt and Road Initiative
Cloud Find Login Data Leak Raises Major Security Concerns
Crypto phishing scam nets $129 million in USDT then funds mysteriously return
Cyberattack at French hospital exposes health data of 750,000 patients
Cybercriminals Exploit Weekend Lull to Launch Ransomware Attacks
Debunking myths about open-source security
Decades-Old Security Vulnerabilities Found in Ubuntu's Needrestart Package
Denniskirk.com Database Breach Leaks Customer Data
Financial Phishing Becomes A Threat To Companies In Southeast Asia
Financial phishing floods devices in Indian companies
Financial phishing still threatens Southeast Asia (SEA) businesses
Finastra Data Breach: 400GB Banking Data on Sale in Dark Web
Fintech giant Finastra confirms it’s investigating a data breach
Fintech giant Finastra investigates data breach after SFTP hack
Five alleged members of Scattered Spider cybercrime group charged for breaches, theft of $11 million
Five backup lessons learned from the UnitedHealth ransomware attack
Five Privilege Escalation Flaws Found in Ubuntu needrestart
Flash loan attack on Polter Finance: hacker steals $7 million in cryptocurrencies
Fleet tech provider Microlise says data security incident compromised corporate data
Ford Blames Third-Party Supplier for Data Breach
Fortinet VPN design flaw hides successful brute-force attacks
Gabagool Leveraging Cloudflare’s R2 Storage Service To Bypass Security Filters
German court rules Facebook users can seek compensation for data breach
Ghost Tap: Hackers Exploiting NFCGate to Steal Funds via Mobile Payments
Great Plains hospital says ransomware attack impacted over 133,000 patients
Hacker obtains House ethics testimony on Matt Gaetz as Trump makes calls for Attorney General (AG) nominee
Hacker steals sealed testimony of Matt Gaetz accusers
Hackers breach Library of Congress’ congressional research service emails in a cyberattack
Hackers Exploit Misconfigured Jupyter Servers for Illegal Sports Streaming
Hackers Hijack Jupyter Servers for Sport Stream Ripping
Healthcare organization Equinox notifies 21K patients and staff of data theft
Here's the New Hacker Trick to Trap You with Infected Emails
Hong Kong Monetary Authority (HKMA) Warns Public of Fraudulent Banking Websites and Phishing Scams
How today's ransomware groups operate
In a new era of cyber risk, businesses are preparing for zero hour
Infamous threat actor targets Tesla, gets immediately roasted by cyber pros
Linux Variant of Helldown Ransomware Targets VMware ESX Servers
Majority of UK businesses lack readiness for rising AI-led phishing attacks, reveals survey
Massive data breach exposes 56 million Hot Topic customers
Massive National Public Data Leak Exposes Sensitive Information
Massive November 2024 Stealer Logs Leak Exposes Sensitive Data
Meow, INC Ransom gangs leak San Francisco Ballet Company data
Mexico's president says government is investigating reported ransomware hack of legal affairs office
MITRE shares 2024's top 25 most dangerous software weaknesses
Names, addresses and other details of 44,000 customers leaked in Ford hacking
New Cyble Report Highlights Critical Vulnerabilities and Rising Cyber Threats in Australia and New Zealand (ANZ)
New Ghost Tap attack abuses NFC mobile payments to steal money
One Deepfake Digital Identity Attack Strikes Every Five Minutes
Online shoppers warned of Black Friday phishing campaign
Open Worldwide Application Security Project (OWASP) Warns of Growing Data Exposure Risk from AI in New Top 10 List for LLMs
Oracle Warns of Agile PLM Vulnerability Currently Under Active Exploitation
Over 21K Equinox patients, staff impacted by LockBit-claimed attack
Overreliance on GenAI to develop software compromises security
Overseas Business Continuity (BC) Data Collection Exposed for Blackmailing Purposes
Phishing Attack Failed?! Crypto Scammer Returns $129 Million in USDT
Phishing Decoded: How Cybercriminals Target You And How To Fight Back
Phobos ransomware indictment sheds light on long-running, quietly successful scheme
RansomHub hits Australian Securities and Investments Commission (ASIC) compliance firm in alleged cyber attack
Report reveals 614% surge in 'Scam-Yourself Attacks'
Russian ransomware gangs are going on a recruitment drive
‘Scam Yourself’ attacks have fooled millions — here's how not to fall victim
Scammer Stole Over $6.5 Million by Impersonating Coinbase Support
Six steps companies should take after a data breach
Slot Machine Operator International Game Reports Hacker Incident
Sophos alerts on rising quishing attacks
Southend Council at risk of ‘catastrophic’ cyber attack
Surge in financial phishing attacks in Southeast Asia
T-Mobile finally managed to thwart a data breach before it occured
Threat Assessment: Ignoble Scorpius, Distributors of BlackSuit Ransomware
Three big banks’ anti-phishing campaigns inspire new global framework
Trellix Uncovers Diversification of Ransomware Ecosystem as Cybercriminal Use of AI Expands
U.S. Government Accountability Office (GAO) recommends new agency to streamline how US government protects citizens’ data
Ubuntu Linux impacted by decade-old 'needrestart' flaw that gives root
Unknown person accessed documents on Matt Gaetz misconduct allegations
US and UK Military Social Network “Forces Penpals” Exposes SSN, PII Data
US charges five accused of multi-year hacking spree targeting tech and crypto giants
US charges five linked to Scattered Spider cybercrime gang
US space tech firm Maxar says employee personal data leaked in hack
Warning after data of 500,000 Auchan shoppers is targeted in cyber attack
Weaponized pen testers are becoming a new hacker staple
WezRat malware weaponised in phishing attacks to steal data
19th November
7 Common Web App Security Vulnerabilities Explained
'Abuse boxes' and other methods banks can use to counteract phishing
AdventHealth Files Official Notice of Data Breach
Agencies Need Data Backup and Recovery to Combat Increasingly Complex Ransomware
AI automation firm iLearningEngines hacked, $250K stolen
AI Firm iLearningEngines Hit by Cyberattack, Loses $250,000 in Wire Fraud
AMGtime Database Leak Exposes Sensitive Workforce Data
Apple fixes two zero-days used in attacks on Intel-based Macs
Aspen Healthcare Services Announces Data Breach Following Ransomware Attack
Bad Actors Impersonating Government Agencies in Latest DocuSign Scams
Black Friday deals or data steals: here’s how top shopping apps can access your data
Botnet fueling residential proxies disrupted in cybercrime crackdown
Change Healthcare Fully Restores Clearinghouse Services After February Ransomware Attack
Check Point uncovers Gmail phishing scheme
Chinese Hackers Exploit T-Mobile and Other U.S. Telecoms in Broader Espionage Campaign
CISA Rolls Out Next-Gen Learning Platform to Boost Cybersecurity Skills
CISA tags Progress Kemp LoadMaster flaw as exploited in attacks
Cloud ransomware threats rise, targeting Amazon's Simple Storage Service (S3) & Azure
Companies Take Over Seven Months to Recover From Cyber Incidents
Critical Windows Kerberos Flaw Exposes Millions of Servers to Attack
Cross-IdP impersonation bypasses SSO protections
Cyber Threat Trends in 2024: The Landscape According to Top Industry Reports
Cybersecurity Advice Customers Love to Ignore
D-Link urges users to retire VPN routers impacted by unfixed RCE flaw
‘Damaging Testimony’ Related To Gaetz Investigation Accessed By Hacker
Damning Testimony From Matt Gaetz Accuser Now in The Hands of Hacker
Data privacy experts predict some wins under Trump 2.0
Drinking Water Systems for 27 Million Americans Have High-Risk Security Vulnerabilities
Enhancing Traveler Data Security: Best Practices for Managing Sensitive Info
Fintech Giant Finastra Investigating Data Breach
Ford investigates alleged breach following customer data leak
France: Hospital Database Breach Affects 750K Records
France: Hospital Data Breach Exposes 1.5M Customer Records
Gaetz investigation documents stolen by hacker
German Court Rules Facebook Users Can Claim Money Over Data Breach
German court says victims of massive Facebook data breach can be compensated
Google warns millions over ‘random emoji’ clue that you’re about to suffer costly phishing scam
Hacker accesses sealed testimony of woman alleging Matt Gaetz had sex with her when she was 17 years old
Hacker alleges to have accessed testimony around Matt Gaetz
Hacker gains access to testimony in Matt Gaetz investigations
Hacker gets access to 'damaging' Matt Gaetz files with testimony 'from woman who was 17 when they had sex'
Hacker obtains files from House Ethics Committee detailing explosive claims against Matt Gaetz
Hacker reportedly accessed file with damaging testimony about Attorney General candidate Matt Gaetz
Hacker roamed space tech giant Maxar‘s systems for days
Hacker Steals File With Damaging Testimony Against Matt Gaetz
Hacker stole documents from file server used in civil case connected to Matt Gaetz
Hackers Hijack Unsecured Jupyter Notebooks to Stream Illegal Sports Broadcasts
Hackus Mail Checker 2.2.0 Cracked Version Leaked Online
"Helldown" ransomware attacks expand to Linux and VMware
Helldown ransomware evolves to target VMware systems via Linux
Helldown Ransomware Expands to Target VMware and Linux Systems
Helldown ransomware exploits Zyxel VPN flaw to breach networks
Helldown Ransomware Group Tied to Zyxel's Firewall Exploits
Landmark ruling by Australian regulator sets guardrails for commercial use of facial recognition technology
Linux Variant of Helldown Ransomware Targets VMware ESXi Systems
Massive 600GB Emirates Cloud Data Breach Raises Security Concerns
Massive Credential Leak Exposes 1 Billion Login Records
Mercer University Settles Lawsuit Over Personal Data Breach
Meridian Man Sentenced to 10 Years for Cyber Hacking and Extortion Scheme
Microlise Admits Hackers Compromised Corporate Data in Cyberattack
New 'Helldown' Ransomware Variant Expands Attacks to VMware and Linux Systems
New Threat Report from Cato Networks Reveals Ransomware Gangs Recruiting Penetration Testers to Improve Effectiveness of Attacks
Ngioweb Botnet Fuels NSOCKS Residential Proxy Network Exploiting IoT Devices
November 2024 Logs Leak Exposes Sensitive Information
Oklahoma Hospital Says Ransomware Hack Hits 133,000 People
Option Care Health Reports August 2024 Data Breach Following Compromised Employee Emails Account
Oracle patches exploited Agile PLM vulnerability (CVE-2024-21287)
Oracle warns of Agile PLM file disclosure flaw exploited in attacks
Palo Alto Networks Patches Critical Firewall Vulnerability
Phobos ransomware administrator faces US cybercrime charges
'Phobos' Ransomware Cybercriminal Extradited From South Korea
PracticeSuite Announces Data Breach Affecting Patients of Texan ENT Specialists, PLLC
Privileged Accounts, Hidden Threats: Why Privileged Access Security Must Be a Top Priority
Ransomware Evolution: From Triple-Quadruple Extortion to RaaS
Ransomware Gangs on Recruitment Drive for Pen Testers
Ransomware group ‘Sarcoma’ attacks Popular Life Insurance
Red red team team: Threat actors hire pentesters to test out ransomware effectiveness
Russian extradited to US from South Korea to face cybercrime charges
Russian hacker extradited to US over Phobos ransomware crimes
Russian Man Extradited to US, Face Charges in Phobos Ransomware Operation
Russian Phobos ransomware operator faces cybercrime charges
Russian Ransomware Gangs on the Hunt for Pen Testers
Russian suspected Phobos ransomware admin extradited to US over $16M extortion
Russian-American Hacker Sentenced in Historic $4.5 Billion Bitcoin Laundering Case
San Francisco Ballet hacked data posted for sale by two ransomware gangs
'Scam yourself' attacks just increased over 600% - here's what to look for
Significant surge in DocuSign impersonation attacks: hackers mimicking government
Space tech giant Maxar confirms attackers accessed employee data
Suspected Phobos Ransomware Admin Extradited to US
T-Mobile Breached in Major Chinese Cyber-Attack on Telecoms
Testimony from NSO Group raises questions about its culpability for spyware abuses
The rise of “porch pirates” using leaked tracking data to steal iPhones
Transportation Security Administration (TSA) not monitoring transportation sector efforts to stop ransomware, watchdog says
Unidentified hacker gains access to damaging Matt Gaetz's files
"Unknown and unauthorized third party" has gained access to Matt Gaetz depositions
Unknown Hacker Gets Hands on Damning Evidence Against Matt Gaetz
US charges ransomware administrator with help of Japan police
US extradites Russian accused of extorting millions in Phobos ransomware payments
Vishing, Wangiri, and Other VoIP Fraud Tactics On the Rise
VMware virtual machines under attack: hackers exploit critical vCenter Server flaw
Warning: VMware vCenter and Kemp LoadMaster Flaws Under Active Exploitation
What is Phishing and How To Avoid It?
Why AI alone can’t protect you from sophisticated email threats
Wife of Bitfinex hacker receives lighter sentence, “excited” to share her story
You're Not Imagining It: Phishing Attacks Are Rampant
18th November
1.5 Million Exposed: Set Forth & Centrex Hit by Massive Data Breach
300 Drinking Water Systems in US Exposed to Disruptive, Damaging Hacker Attacks
Accused Phobos Ransomware Hacker in US Custody
ADT Freight Services listed as alleged victim by Sarcoma ransomware gang
AI Can Be Leveraged For Phishing Scams: What You Need To Know To Stay Safe
AI company tells Securities and Exchange Commission (SEC) that $250,000 stolen in cyberattack
AI training software firm iLearningEngines says it lost $250,000 in recent cyberattack
Akira Ransomware: Published Over 30 New Victims on their DLS
Akira Ransomware Racks Up 30+ Victims in a Single Day
Amazon data breach affects employee info
AnnieMac Data Breach Impacts 171,000 Customers
APT Group DONOT Launches Cyberattack on Pakistan’s Maritime and Defense Industry
Argentina: Student Database Breach in Entre RÃos Province
Attackers are exploiting 2 zero-days in Palo Alto Networks firewalls (CVE-2024-0012, CVE-2024-9474)
Australia: Cyber security bill recommended for 'urgent' parliamentary approval
Beware of Fake Sites Mimicking Black Friday Deals
Bipartisan effort to clean up cyber regulations gets a boost in House, but calendar is tight
Bitfinex hacker who stole 120,000 bitcoins gets five years in prison
Bitfinex Hacker’s Wife Razzlekhan Sentenced to 18 Months for Laundering
Black Friday gaming sales could be disrupted by bots
Black Friday or Black Fraud-day? A Prime Time for Fraud and Cyberattacks
British software company Microlise confirms hackers compromised corporate data
Chatbots & Voice Phishing: How To Safeguard Against Potential Risks From AI
Chinese hackers exploit Fortinet VPN zero-day to steal credentials
Chinese Salt Typhoon Hacked T-Mobile in US Telecom Breach Spree
‘ClickFix’ Cyber-Attacks for Malware Deployment on the Rise
Critical RCE bug in VMware vCenter Server now exploited in attacks
Cyber attack on AnnieMac Home Mortgage impacted over 170,000 borrowers
Data Breaches and Spreadsheets: How to Avoid Fines When Excelling
Distributor of ANOM Encrypted Devices Sentenced to Over 5 Years in Prison
Don’t Hold Down The Ctrl Key - New Warning As Cyber Attacks Confirmed
El Dorado school district says hackers stole the data of over 30,000 students and staff
Exploitation of Scalable Vector Graphics (SVG) attachments in phishing on the rise
Facebook Data Breach Fallout - Millions May Receive Compensation
Facebook Malvertising Campaign Spreads Malware via Fake Bitwarden
Facebook users affected by data breach eligible for compensation, German court says
Fake Bitwarden ads on Facebook push info-stealing Chrome extension
Fake Discount Sites Exploit Black Friday to Hijack Shopper Information
Fake Donald Trump Assassination Story Used in Phishing Scam
Ford Customer Data Breach, German Statistical Data Leak, and Bank of France Targeted
Germany: Compensation for Facebook data breach victims
Germany: Stauberstahl.com Database Breach Exposes Sensitive Data
Gmail's New Shielded Email Feature Lets Users Create Aliases for Email Privacy
Government Agency Spoofing: DocuSign Attacks Exploit Government-Vendor Trust
Great Plains Regional Medical Center Notifies Patients of Data Breach Following Ransomware Attack
Hacked crypto project Thala agrees to $300K bounty, recovers $25M
Heather ‘Razzlekhan’ Morgan sentenced to 18 months in prison, ending Bitfinex saga
Helix darknet Bitcoin 'mixer' will fork over $750M, serve time, for processing 1M+ transactions
How and where to report cybercrime: What you need to know
How to Create a Strong Security Culture
How to ensure a fast recovery from the inevitable cyber-attack
Increased GDPR Enforcement Highlights the Need for Data Security
India: NCISM NEET Students Data Breach Exposes Personal Details
India: Sreedharscce.com Data Breach Exposes Millions of Records
India: Tjori.com 2021 Data Breach Exposes 1 Million User Records
India sees 135,173 financial phishing attacks in H1 2024, says study
Israel subjected to Iranian attacks with new WezRat infostealer
Just Eat urged to engage with Northern Ireland takeaways that fell victim to phishing scam
Major US telecom T-Mobile among victims of China-linked breach
Many US water systems exposed to ‘high-risk’ vulnerabilities, watchdog finds
Microsoft 365 Admin portal abused to send sextortion emails
Mistakes that leave you open to attack
Mozilla 0Din Warns of ChatGPT Sandbox Flaws Enabling Python Execution
Navigating the compliance labyrinth: A CSO’s guide to scaling security
New Chrome, Safari, Firefox, Edge Warning - Do Not Shop On These Websites
New Stealthy BabbleLoader Malware Spotted Delivering WhiteSnake and Meduza Stealers
North Korean IT Worker Network Tied to BeaverTail Phishing Campaign
NSO Group Exploited WhatsApp to Install Pegasus Spyware Even After Meta's Lawsuit
One in five DocuSign spoofs targeting businesses found to be impersonations of regulatory agencies
Palo Alto firewalls exploited after critical zero-day vulnerability
Palo Alto Networks patches two firewall zero-days used in attacks
Palo Alto Reports Two More Bugs in PAN-OS That Are Being Actively Exploited
RansomHub lays claim on Mexican government website hack
RansomHub ransomware gang claims data breach targeting Mexican government
RansomHub says 313GB exfiltrated in Mexican government cyber attack
Ransomware: Significant rise of attacks on Indian businesses
Ransomware Attack on Oklahoma Medical Center Impacts 133,000
Ransomware attacks surge in Southeast Asia with 57,000 cases
Ransomware gang Akira leaks unprecedented number of victims’ data in one day
Research finds 56% increase in active ransomware groups
Rockport Mortgage Notifies Individuals of Recent Data Breach Leaking Their Personal Information
Russian national in US custody in Phobos ransomware investigation
Space tech giant Maxar confirms hacker accessed employees’ personal data
Strengthening cybersecurity this Black Friday: combatting social engineering and phishing threats
Surge in DocuSign Phishing Attacks Target US State Contractors
Swiss Cyber Agency Warns of QR Code Malware in Mail Scam
T-Mobile Also Hit in China-linked Telecom Network Breaches
T-Mobile confirms breach amid wave of Chinese state-sponsored telecom attacks
T-Mobile hit by alleged Chinese cyber attack in major data breach
TEAM Software Breach, Hackers Gain Unauthorized Access To Network Infrastructure
Thala recovers $25.5M in crypto lost through v1 farming vulnerability
The Problem of Permissions and Non-Human Identities - Why Remediating Credentials Takes Longer Than You Think
Transforce.in – Database Breach Exposes Sensitive User Data
TriHealth Physician Partners Sends Out Data Breach Letters Following Incident at Vendor
Turkey fines Amazon’s Twitch 2 million lira for data breach
Turkey fines Twitch over data breach that revealed top streamer income
Turkey sanctions Twitch for user data breach
Türkiye fines Twitch $58K over massive data breach impacting thousands
Twitch data breach leaves Amazon with major fine
Twitch Fined $58K in Turkey Over Major Data Breach Fail
U.S. Extradites and Charges Alleged Phobos Ransomware Admin
UK Shoppers Lost £11.5m Last Christmas, National Cyber Security Centre (NCSC) Warns
Unraveling the Mysteries of Ransomware- How AI-Driven Detection is Turning the Tide
Urgent: Critical WordPress Plugin Vulnerability Exposes Over 4 Million Sites
URL Login & Password Leak – 2.5 Million Records Exposed
US charges Phobos ransomware admin after South Korea extradition
US Government Agencies Impersonated in Aggressive DocuSign Phishing Scams
US space tech giant Maxar discloses employee data breach