Editor's Message

Welcome to DBD. On March 8th we celebrated our 4th Anniversary and the 1st Anniversary of our PRiSM application, officially endorsed by the SANS Institute. Despite recent personal issues that have impacted the amount of time I have been able to dedicate to both projects, I have been doing my best to keep everything as up-to-date as possible, and I would like to take this opportunity to thank everyone for their patience and support whilst I navigate through this very difficult time. Stay safe. :)



Monday, 18 November 2024

Data Breaches Digest - Week 47 2024

Welcome to this week's Data Breaches Digest, a catalogue of links concerning Data Breaches and Cyber Security that were published on the Internet during the period between 18th November and 24th November 2024.


24th November

1.5GB Mixed Document Collection Leaked on the Dark Web

Attackers retain old scamming tricks with new twists - and consumers must stay informed to protect themselves

Bangkok busts SMS Blaster sending 1 million scam texts from a van

Department of Justice (DoJ) seized credit card marketplace PopeyeTools and charges its administrators

Don’t get caught in the 'Apple ID suspended' phishing scam

Egypt arrests hacker behind global cyber fraud platforms targeting individuals, organizations

Iranian attempts have become more sophisticated, more targeted, and really tailored to the interests of the target

Major cybercrime crackdowns signal shift in global cybersecurity strategies

Meta removes over 2 million accounts pushing pig butchering scams

OpenAI Spoofing Scams: How to Counter Phishing Attacks

Security Gaps in VPN Infrastructure Drive Ransomware Surge

23rd November

8,100 Banks and Financial Institutions Brace for Fallout As Hackers Reveal Major Data Breach on Dark Web

A cyberattack on gambling giant IGT disrupted portions of its IT systems

Andrew Tate’s University Breach: 1 Million User Records and Chats Leaked

Financial phishing plagues Southeast Asia (SEA) firms; Thailand hit hardest with 140K+ attacks

Finastra Suffers Data Breach, Puts 8,100 Banks on Alert

Hackers abuse Avast anti-rootkit driver to disable defenses

‘Immediate security action’ taken after prison maps leaked on dark web

Microsoft seized 240 sites used by the ONNX phishing service

Nearly 60,000 Ransomware Attacks Detected In First-Half 2024 in Southeast Asia (SEA)

New threat report from Cato Networks reveals ransomware gangs recruiting penetration testers to improve effectiveness of attacks

North Korean Hackers Steal $10M with AI-Driven Scams and Malware on LinkedIn

Pacific Pulmonary Medical Group patient information dumped by Everest Ransomware Team

Prison layouts reportedly leaked on dark web

Ransomware-as-a-Service group BianLian opts for unique model

Russia 'prepared to bash Britain with massive cyber attack', ministers to warn NATO conference

Russia-Linked Hacker Group TAG-110 Hits 60+ Targets Across Asia and Europe in Espionage Blitz

Russian Connected To Multimillion-Dollar Ransomware Gang Extradited To US

The rise and fall of the ‘Scattered Spider’ hackers

22nd November

7-Zip affected by dangerous vulnerability: users must update the app manually

9 Months After Breach, Change Healthcare Billing Back Online

240+ Domains Used By Phishing-as-a-Service (PhaaS) Platform ONNX Seized by Microsoft

Advisory warns of activity by BianLian ransomware group

Agencies Release Joint Advisory on Russian Cybercriminal Group BianLian

AI and Open Source Security: The Critical Role of AI-Powered Fuzzing in Finding Flaws

Andrew Tate’s controversial online “university” breached, 800K users’ data stolen

Andrew Tate's online university suffers mass data breach of 800,000 users after hack

APT-K-47 Uses Hajj-Themed Lures to Deliver Advanced Asyncshell Malware

Aspen Healthcare says hackers stole patient's healthcare data from its systems

Attackers targeting VPNs account for over a quarter of ransomware incidents in Q3

Bojangles data leak: “It’s breach time!”

CERT-In Flags Critical Vulnerabilities in Zoom: Update Your Apps Now

ChatGPT’s Solana API Suggestion Links to Phishing Site, Costing User $2,500

China-linked hackers target Linux systems with new spying malware

China-Linked TAG-112 Targets Tibetan Media with Cobalt Strike Espionage Campaign

City of Sheboygan says no evidence sensitive data were obtained in cyber attack

Critical Condition: The Increasing Frequency of Ransomware Attacks in Healthcare

Cyber attack on French health tech platform compromised over 1.5 million patients records

Cyber attack targets borough operations of Montreal North

Cybercriminals target Olympic Games & concerts in 2024

Cybercriminals turn to pen testers to test ransomware efficiency

Data breach exposes over 1.1 million records belonging to Forces Penpals

Deepfake attacks occur every five minutes

Deepfake attacks seen as top cyber threat in Australia

DeliveryHero subsidiary fined $5.2 million for tracking drivers’ geolocation

Department of Justice (DOJ) Charges Five in ‘Scattered Spider’ Crypto Phishing Case

Department of Justice (DOJ) Takes Down Global Cybercrime Hub PopeyeTools, Seizes Cryptocurrency

Don’t get caught in the “Apple ID suspended” phishing scam

Eight ways in which AI is altering corporate approaches to cybersecurity

Email Phishing and DMARC Statistics

Ever kept '123456' as your password? NordPass report reveals why such passwords are a hacker's dream

Examining the 'Worst' Telco Cyber Attack in US History

Experts warn of Palo Alto firewall exploitation after 2,000 compromises spotted

Fintech giant Finastra says hacker stole data from its internal network

Five Alleged Scammers Federally Charged With Running Crypto Phishing Scheme by Department of Justice (DOJ)

Five Ransomware Groups Responsible for 40% of Cyber-Attacks in 2024

Ford debunks data breach claims, confirms no customer impact

Ford denies it was hit by data breach, says customer data is safe

Fraud Prevention in Online Payments: A Practical Guide

French hypermarket chain Auchan says cyber attack impacted loyalty programme member data

Gen reports surge in ransomware & mobile threats

Hackers board Palo Alto vulnerability bandwagon: over 2,000 firewalls hacked and counting

Hackers breach US firm over Wi-Fi from Russia in 'Nearest Neighbor Attack'

Hackers Leveraging Google Docs & Weebly Services To Attack Telecom Industries

How to Spot Black Friday Scams

Humboldt Independent Practice Association (Humboldt IPA) Data Breach Affects an Unknown Number of Individuals

Infosys McCamish Confirms Farmers Insurance Customers Were Affected by October 2023 Data Breach

Italian food delivery app Foodinho eats another privacy fine

Italy plans crackdown on database hacks

Kitchener man alleged mastermind behind Snowflake hack

Major Cyberattack Targets Gambling Giant International Game Technology (IGT), Systems Taken Offline

Malware Bypasses Microsoft Defender and 2FA to Steal $24K in Crypto

Manufacturing Sector in the Crosshairs of Advanced Email Attacks

Members Trust Company Data Breach Following Compromised Email Accounts Affects 11,854 Consumers

Meta boots over 2 Million fake accounts originating from overseas scam centers

Microsoft Disrupts ONNX Phishing Service, Names Its Operator

Microsoft Seizes 240 Domains Used By Phishing-As-A-Service (PhaaS) Platform

Microsoft Seizes 240 Websites to Disrupt Global Distribution of Phish Kits

Microsoft Takes Down Phishing-as-a-Service Domains

Microsoft, Meta, and DOJ Disrupt Global Cybercrime and Fraudulent Networks

MITRE Unveils Top 25 Most Critical Software Flaws

More than 2,000 Palo Alto Networks firewalls hacked exploiting recently patched zero-days

Nigeria: National Information Technology Development Agency (NITDA) Alerts Businesses to Rising Ymir Ransomware Threat

North Korean IT worker scams lead to FBI seizure of fake domains, exposes new tactics

Novel hacker group claims major ransomware attack on tech provider Microlise

Oil Giant Halliburton Lost $35 Million Due to the August 2024 RansomHub Ransomware Data Breach

One of the nastiest ransomware groups around may have a whole new way of doing things

ONNX phishing-as-a-service operation disrupted

Operation Lunar Peek: More Than 2,000 Palo Alto Network Firewalls Hacked

Phishing Attacks Exploits the Open Enrollment Period

Phishing Emails Use SVG Files to Avoid Detection

Pro-Russian hacker group targets critical infrastructure and public services

PyPI Attack: ChatGPT, Claude Impersonators Deliver JarkaStealer via Python Libraries

Ransomware attacks rise by 19% in October according to NCC Group

Ransomware attacks rise with construction sector most hit

RRCA Accounts Management Falls Victim to Play Ransomware Attack

Russia has intensified cyber espionage activities in Central Asia

Russia-Linked Cyber-Espionage Campaign Targets Central Asia

Russian Cyber Spies Target Organizations with HatVibe and CherrySpy Malware

Russian Hackers Deploy HATVIBE and CHERRYSPY Malware Across Europe and Asia

SafePay ransomware gang claims Microlise attack that disrupted prison van tracking

Scattered Spider Hacking Group Charged in Million-Dollar Multi-County Crypto Phishing Heist

Scattered Spider suspects indicted

Senators call for audit of Transportation Security Administration's (TSA’s) facial recognition tech as use expands in airports

SFTP hack forced Finastra to investigate a data breach

Singapore: Beware of surge in parcel delivery phishing scams during year-end sales

Six-months on: Are we still afraid of the Black Cat?

Snow Brand Australia confirms SafePay ransomware attack

T-Mobile data breach part of Chinese telecom hacks

Tesla data breach falsely claimed by IntelBroker, third-party EV charging firm actually breached

The 1 Co apologizes for data breach impacting 5 million customers

The intersection of browser security and AI: how enterprises are navigating the double-edged sword

The limits of AI-based deepfake detection

The Story Of Conti Ransomware – The War Within (Episode 2)

The US Calls Out Russia for Ransomware Attacks on US Healthcare Organizations

The Yakuza Helpline Hack - Are 2,500 Ex-Gangsters And Victims In Danger?

Three-Quarters of Black Friday Spam Emails Identified as Scams

Toktest.org (Walmart Gift Card), Indiana Toll Road Text, and Netfix Phishing: Top Scams of the Week

U.S. Agencies Seize Four North Korean IT Worker Scam Websites

UK drinking water supplies disrupted by record number of undisclosed cyber incidents

UK fintech Finastra investigating data breach impacting internal SFTP platform

UMC Health System confirms patient data exposure after cyber attack, patients being notified

UMC Health System provides update on those affected in ransomware attack

Unmasking ELPACO-team: A Deep Dive into the Latest Ransomware Threat

US and Europe Account for 73% of Global Exposed ICS Systems

21st November

5 charged in “Scattered Spider,” one of the most profitable phishing scams ever

5 Hackers Charged for Attacking Companies via Phishing Text Messages

5 Scattered Spider Gang Members Indicted in Multi-Million Dollar Cybercrime Scheme

90% of Industrial Firms Hit By Cyber-attack This Year

2,000 Palo Alto Networks devices compromised in latest attacks

750,000 Patients' Medical Records Exposed After Data Breach at French Hospital

A Fifth of UK Enterprises “Not Sure” If NIS2 Applies

Active network of North Korean IT front companies exposed

Advice for Critical Infrastructure Security and Resilience Month

Apple Patches Two Zero-Day Attack Vectors

BianLian cyber gang drops encryption-based ransomware

BianLian Ransomware Group Adopts New Tactics, Posing Significant Risk

Buyoplace.com Database Leak Exposes Customer and Transaction Data

Chinese APT Gelsemium Targets Linux Systems with New WolfsBane Backdoor

Chinese hackers target Linux with new WolfsBane malware

CISA says BianLian ransomware now focuses only on data theft

Coalition highlights 68% surge in ransomware claims severity

Cyber attack hits Auchan, customer data stolen

Cyber insurers address ransom reimbursement policy concerns

Cyber Threats in Australia: Insights from the Annual Cyber Threat Report 2023-2024

Cybersecurity Myths: Debunking the Top 5 Most Common Misconceptions

Data breach at law firm Thompson Coburn affects Presbyterian Healthcare patients

Database Leak Exposes Information on 180,000 Chinese-American WeChat Users

Delta Airlines reportedly experiences data breach

Dozens of Central Asian targets hit in recent Russia-linked cyber-espionage campaign

Duolingo User Data Scraped and Circulating on the Dark Web

Enhancing visibility for better security in multi-cloud and hybrid environments

Fake discount sites exploit Black Friday to hijack shopper information

FBI says BianLian based in Russia, moving from ransomware attacks to extortion

Feds Charge Five Men in ‘Scattered Spider’ Roundup

Feds Shut Down 'PopeyeTools' Hacking Site That Sold Credit Card Numbers

Finance giant Finastra warns clients of potential data breach

Financial Software Firm Finastra Investigating Data Breach

Finastra discloses large-scale data breach

Five Alleged Members of Scattered Spider Cybercrime Group Charged for Stealing $11 Million

Five Charged in Scattered Spider Case

Five members of cyber gang Scattered Spider indicted in U.S.

Five Scattered Spider suspects indicted for phishing spree and crypto heists

Florida man charged in nationwide scams worth millions

Ford Says Data Breach Claims Are Bogus

Fortinet VPN design flaw hides successful brute-force attacks

French hospital hit by massive data breach, over 750,000 patients impacted

French hospital suffers major data breach in cyberattack

Full recovery from breaches takes longer than expected

Gambling and lottery giant disrupted by cyberattack, working to bring systems back online

Google OSS-Fuzz Harnesses AI to Expose 26 Hidden Security Vulnerabilities

Google's AI-Powered OSS-Fuzz Tool Finds 26 Vulnerabilities in Open-Source Projects

Grand Forks Public Schools Loses $2.2M to Phishing Scam

Hackers break into Andrew Tate’s online ‘university,’ steal user data and flood chats with emojis

How Phishing Emails Target Mobile Users: Tips To Stay Safe

Huge US healthcare payment network finally restored after ransomware attack

iLearningEngines Notifies SEC of Recent Cyberattack, Raising Concerns over Possible Data Breach

Job termination scam warns staff of phony Employment Tribunal decision

Joint US, Australian advisory sheds more light on BianLian ransomware

Linux Malware WolfsBane and FireWood Linked to Gelsemium APT

Lumma Stealer Proliferation Fueled by Telegram Activity

Massive B2B Database Leak Exposes 420,000 U.S. Companies

Massive cyber attack targets Direct Assurance

Massive Leak Exposes Data of 4 Million Israeli Facebook Users

MDLand International Files Official Notice of Data Breach Affecting 63,052 People

Mercer University settles lawsuit over data breach, agrees to compensation

Meta says it has removed 2 million accounts linked to pig butchering scams

Microsoft disrupts ONNX phishing-as-a-service infrastructure

Microsoft seizes 240 websites used by Egyptian phishing-as-a-service operation ‘ONNX’

Microsoft Takes Action Against Phishing-as-a-Service Platform

Microsoft targets Egyptian linked to DIY phishing kits

NodeStealer Malware Targets Facebook Ad Accounts, Harvesting Credit Card Data

North Korea hackers behind 2019 $42 million Ethereum heist, South Korea police say

North Korean Front Companies Impersonate U.S. IT Firms to Fund Missile Programs

Novel NFC-exploiting Ghost Tap attack technique gains traction

Now BlueSky hit with crypto scams as it crosses 20 million users

Now Hackers Are Using Snail Mail In Cyber Attacks - Here’s How

Operation Shipwrecked: US Seizes PopeyeTools Marketplace, Charges 3

Over 2,000 Palo Alto firewalls hacked using recently patched bugs

Over 145,000 Industrial Control Systems Across 175 Countries Found Exposed Online

Palo Alto Networks warns hackers are breaking into its customers’ firewalls - again

Phishing Scams Costing Americans Billions

Phishing scams exploit Japan’s digital currencies as fraud cases rise

Phishing Scheme Busted: U.S. Charges Five in Cryptocurrency Theft

Phobos ransomware operation uncovered by indictment against suspected admin

'PopeyeTools' marketplace for stolen credit cards disrupted by feds

Prepare for the Holiday Ransomware Storm

Protecting Critical Infrastructure with Zero-Trust and Microsegmentation

Ransomware attacks primarily caused by poor cyber hygiene

Ransomware gang BianLian ditches encryption, profits from data extortion

Ransomware Group Cooperation: A Growing Challenge in the Fight Against Cybercrime

Ransomware Groups Increasingly Targeting Poorly Secured and Outdated VPNs for Initial Access

Report reveals a major ransomware entry point for cyberattacks

Researchers unearth two previously unknown Linux backdoors

Retail loyalty programme apologises for customer data breach

Rockford Gastroenterology Associates Notifies 147,253 of 2023 Data Breach

Scattered Spider Cybercrime Group Faces Federal Indictments for $11 Million Theft

Sophisticated email threats on the rise

South Korea identifies North Korean hacker groups as suspects in $50M Upbit hack

Space technology giant Maxar says hacker stole employees' personal information

SSV Blockchain Network Data Leak Exposes Sensitive Information

The Alarming Reality: APAC Firms Experience Heightened Ransomware Attacks

Transport for London (TfL) resumes refund processing and Zip applications

Trellix report reveals evolving ransomware ecosystem trends

U.S. automaker Ford investigating major data breach from its internal network

U.S. Department of Agriculture (USDA) FIDO Rollout: A Case Study in Phishing-Resistant MFA

Uruguay’s Partido Nacional Website Faces HTML Injection Vulnerability

US Authorities Charge Five Criminals in $11 Million Crypto Phishing Scheme

US Charges 5 Suspected MGM Hackers from Scattered Spider Gang

US charges five alleged members of Scattered Spider gang

US charges suspected Scattered Spider hackers, disrupts PopeyeTools

US military officials used China-linked promotional gift shop GS-JJ, exposing over 300K emails

US seizes PopeyeTools cybercrime marketplace, charges administrators

Vietnam’s Infostealer Crackdown Reveals VietCredCare and DuckTail

vTech Solution Files Official Notice of Data Breach Leaking Individuals’ Social Security Numbers

Walls close in on MGM attackers as Department of Justice (DoJ) indicts five

Warning: Over 2,000 Palo Alto Networks Devices Hacked in Ongoing Attack Campaign

20th November

60% of Emails with QR Codes Classified as Spam or Malicious

2024 Arctic Wolf Security Report: Key insights and trends

4000 Stealer Logs Leaked, Exposing Personal Data

AI Company Reports $250,000 Stolen in Cyberattack

AI Detection Revolutionizes the Battle Against Ransomware Threats

AI-Driven Cyber Scams 'Real And Present Threat' To Australia's Critical Infrastructure

Amazon and Audible flooded with 'forex trading' and warez listings

AnnieMac details extent of data breach

Apple fixes 2 zero-days exploited to breach macOS systems (CVE-2024-44309, CVE-2024-44308)

Apple Issues Emergency Security Update for Actively Exploited Vulnerabilities

Apple issues update for Mac users targeted in zero-day cyber attack

Apple Releases Urgent Updates to Patch Actively Exploited Zero-Day Vulnerabilities

Apple Security Update: Addressing Critical Vulnerabilities in Apple Software

Apple security updates address dangerous zero-day attacks

Arete’s Latest Crimeware Report Details Ransomware and Extortion Trends and the Evolution of the Cyber Threat Landscape

Attackers Targeting VPNs Account for 28.7 Percent of Ransomware Incidents in Q3 According to Corvus Insurance Cyber Threat Report

Australia: Private schools being held for ransom by hackers as authorities warn cyber threats are 'evolving'

Australia critical infrastructure faces cyber threats, report says

Bitfinex hacker’s wife jailed for laundering

Black Friday Scammers are Hard at Work

BlackSuit ransomware ramps up operations hitting 93 organisations

Boksha Database Leaked, User Privacy at Risk

China-Backed Hackers Leverage SIGTRAN, GSM Protocols to Infiltrate Telecom Networks

Chinese APT Group Targets Telecom Firms Linked to Belt and Road Initiative

Cloud Find Login Data Leak Raises Major Security Concerns

Crypto phishing scam nets $129 million in USDT then funds mysteriously return

Cyberattack at French hospital exposes health data of 750,000 patients

Cybercriminals Exploit Weekend Lull to Launch Ransomware Attacks

Debunking myths about open-source security

Decades-Old Security Vulnerabilities Found in Ubuntu's Needrestart Package

Denniskirk.com Database Breach Leaks Customer Data

Financial Phishing Becomes A Threat To Companies In Southeast Asia

Financial phishing floods devices in Indian companies

Financial phishing still threatens Southeast Asia (SEA) businesses

Finastra Data Breach: 400GB Banking Data on Sale in Dark Web

Fintech giant Finastra confirms it’s investigating a data breach

Fintech giant Finastra investigates data breach after SFTP hack

Five alleged members of Scattered Spider cybercrime group charged for breaches, theft of $11 million

Five backup lessons learned from the UnitedHealth ransomware attack

Five Privilege Escalation Flaws Found in Ubuntu needrestart

Flash loan attack on Polter Finance: hacker steals $7 million in cryptocurrencies

Fleet tech provider Microlise says data security incident compromised corporate data

Ford Blames Third-Party Supplier for Data Breach

Fortinet VPN design flaw hides successful brute-force attacks

Gabagool Leveraging Cloudflare’s R2 Storage Service To Bypass Security Filters

German court rules Facebook users can seek compensation for data breach

Ghost Tap: Hackers Exploiting NFCGate to Steal Funds via Mobile Payments

Great Plains hospital says ransomware attack impacted over 133,000 patients

Hacker obtains House ethics testimony on Matt Gaetz as Trump makes calls for Attorney General (AG) nominee

Hacker steals sealed testimony of Matt Gaetz accusers

Hackers breach Library of Congress’ congressional research service emails in a cyberattack

Hackers Exploit Misconfigured Jupyter Servers for Illegal Sports Streaming

Hackers Hijack Jupyter Servers for Sport Stream Ripping

Healthcare organization Equinox notifies 21K patients and staff of data theft

Here's the New Hacker Trick to Trap You with Infected Emails

Hong Kong Monetary Authority (HKMA) Warns Public of Fraudulent Banking Websites and Phishing Scams

How today's ransomware groups operate

In a new era of cyber risk, businesses are preparing for zero hour

Infamous threat actor targets Tesla, gets immediately roasted by cyber pros

Linux Variant of Helldown Ransomware Targets VMware ESX Servers

Majority of UK businesses lack readiness for rising AI-led phishing attacks, reveals survey

Massive data breach exposes 56 million Hot Topic customers

Massive National Public Data Leak Exposes Sensitive Information

Massive November 2024 Stealer Logs Leak Exposes Sensitive Data

Meow, INC Ransom gangs leak San Francisco Ballet Company data

Mexico's president says government is investigating reported ransomware hack of legal affairs office

MITRE shares 2024's top 25 most dangerous software weaknesses

Names, addresses and other details of 44,000 customers leaked in Ford hacking

New Cyble Report Highlights Critical Vulnerabilities and Rising Cyber Threats in Australia and New Zealand (ANZ)

New Ghost Tap attack abuses NFC mobile payments to steal money

One Deepfake Digital Identity Attack Strikes Every Five Minutes

Online shoppers warned of Black Friday phishing campaign

Open Worldwide Application Security Project (OWASP) Warns of Growing Data Exposure Risk from AI in New Top 10 List for LLMs

Oracle Warns of Agile PLM Vulnerability Currently Under Active Exploitation

Over 21K Equinox patients, staff impacted by LockBit-claimed attack

Overreliance on GenAI to develop software compromises security

Overseas Business Continuity (BC) Data Collection Exposed for Blackmailing Purposes

Phishing Attack Failed?! Crypto Scammer Returns $129 Million in USDT

Phishing Decoded: How Cybercriminals Target You And How To Fight Back

Phobos ransomware indictment sheds light on long-running, quietly successful scheme

RansomHub hits Australian Securities and Investments Commission (ASIC) compliance firm in alleged cyber attack

Report reveals 614% surge in 'Scam-Yourself Attacks'

Russian ransomware gangs are going on a recruitment drive

‘Scam Yourself’ attacks have fooled millions — here's how not to fall victim

Scammer Stole Over $6.5 Million by Impersonating Coinbase Support

Six steps companies should take after a data breach

Slot Machine Operator International Game Reports Hacker Incident

Sophos alerts on rising quishing attacks

Southend Council at risk of ‘catastrophic’ cyber attack

Surge in financial phishing attacks in Southeast Asia

T-Mobile finally managed to thwart a data breach before it occured

Threat Assessment: Ignoble Scorpius, Distributors of BlackSuit Ransomware

Three big banks’ anti-phishing campaigns inspire new global framework

Trellix Uncovers Diversification of Ransomware Ecosystem as Cybercriminal Use of AI Expands

U.S. Government Accountability Office (GAO) recommends new agency to streamline how US government protects citizens’ data

Ubuntu Linux impacted by decade-old 'needrestart' flaw that gives root

Unknown person accessed documents on Matt Gaetz misconduct allegations

US and UK Military Social Network “Forces Penpals” Exposes SSN, PII Data

US charges five accused of multi-year hacking spree targeting tech and crypto giants

US charges five linked to Scattered Spider cybercrime gang

US space tech firm Maxar says employee personal data leaked in hack

Warning after data of 500,000 Auchan shoppers is targeted in cyber attack

Weaponized pen testers are becoming a new hacker staple

WezRat malware weaponised in phishing attacks to steal data

19th November

7 Common Web App Security Vulnerabilities Explained

'Abuse boxes' and other methods banks can use to counteract phishing

AdventHealth Files Official Notice of Data Breach

Agencies Need Data Backup and Recovery to Combat Increasingly Complex Ransomware

AI automation firm iLearningEngines hacked, $250K stolen

AI Firm iLearningEngines Hit by Cyberattack, Loses $250,000 in Wire Fraud

AMGtime Database Leak Exposes Sensitive Workforce Data

Apple fixes two zero-days used in attacks on Intel-based Macs

Aspen Healthcare Services Announces Data Breach Following Ransomware Attack

Bad Actors Impersonating Government Agencies in Latest DocuSign Scams

Black Friday deals or data steals: here’s how top shopping apps can access your data

Botnet fueling residential proxies disrupted in cybercrime crackdown

Change Healthcare Fully Restores Clearinghouse Services After February Ransomware Attack

Check Point uncovers Gmail phishing scheme

Chinese Hackers Exploit T-Mobile and Other U.S. Telecoms in Broader Espionage Campaign

CISA Rolls Out Next-Gen Learning Platform to Boost Cybersecurity Skills

CISA tags Progress Kemp LoadMaster flaw as exploited in attacks

Cloud ransomware threats rise, targeting Amazon's Simple Storage Service (S3) & Azure

Companies Take Over Seven Months to Recover From Cyber Incidents

Critical Windows Kerberos Flaw Exposes Millions of Servers to Attack

Cross-IdP impersonation bypasses SSO protections

Cyber Threat Trends in 2024: The Landscape According to Top Industry Reports

Cybersecurity Advice Customers Love to Ignore

D-Link urges users to retire VPN routers impacted by unfixed RCE flaw

‘Damaging Testimony’ Related To Gaetz Investigation Accessed By Hacker

Damning Testimony From Matt Gaetz Accuser Now in The Hands of Hacker

Data privacy experts predict some wins under Trump 2.0

Drinking Water Systems for 27 Million Americans Have High-Risk Security Vulnerabilities

Enhancing Traveler Data Security: Best Practices for Managing Sensitive Info

Fintech Giant Finastra Investigating Data Breach

Ford investigates alleged breach following customer data leak

France: Hospital Database Breach Affects 750K Records

France: Hospital Data Breach Exposes 1.5M Customer Records

Gaetz investigation documents stolen by hacker

German Court Rules Facebook Users Can Claim Money Over Data Breach

German court says victims of massive Facebook data breach can be compensated

Google warns millions over ‘random emoji’ clue that you’re about to suffer costly phishing scam

Hacker accesses sealed testimony of woman alleging Matt Gaetz had sex with her when she was 17 years old

Hacker alleges to have accessed testimony around Matt Gaetz

Hacker gains access to testimony in Matt Gaetz investigations

Hacker gets access to 'damaging' Matt Gaetz files with testimony 'from woman who was 17 when they had sex'

Hacker obtains files from House Ethics Committee detailing explosive claims against Matt Gaetz

Hacker reportedly accessed file with damaging testimony about Attorney General candidate Matt Gaetz

Hacker roamed space tech giant Maxar‘s systems for days

Hacker Steals File With Damaging Testimony Against Matt Gaetz

Hacker stole documents from file server used in civil case connected to Matt Gaetz

Hackers Hijack Unsecured Jupyter Notebooks to Stream Illegal Sports Broadcasts

Hackus Mail Checker 2.2.0 Cracked Version Leaked Online

"Helldown" ransomware attacks expand to Linux and VMware

Helldown ransomware evolves to target VMware systems via Linux

Helldown Ransomware Expands to Target VMware and Linux Systems

Helldown ransomware exploits Zyxel VPN flaw to breach networks

Helldown Ransomware Group Tied to Zyxel's Firewall Exploits

Landmark ruling by Australian regulator sets guardrails for commercial use of facial recognition technology

Linux Variant of Helldown Ransomware Targets VMware ESXi Systems

Massive 600GB Emirates Cloud Data Breach Raises Security Concerns

Massive Credential Leak Exposes 1 Billion Login Records

Mercer University Settles Lawsuit Over Personal Data Breach

Meridian Man Sentenced to 10 Years for Cyber Hacking and Extortion Scheme

Microlise Admits Hackers Compromised Corporate Data in Cyberattack

New 'Helldown' Ransomware Variant Expands Attacks to VMware and Linux Systems

New Threat Report from Cato Networks Reveals Ransomware Gangs Recruiting Penetration Testers to Improve Effectiveness of Attacks

Ngioweb Botnet Fuels NSOCKS Residential Proxy Network Exploiting IoT Devices

November 2024 Logs Leak Exposes Sensitive Information

Oklahoma Hospital Says Ransomware Hack Hits 133,000 People

Option Care Health Reports August 2024 Data Breach Following Compromised Employee Emails Account

Oracle patches exploited Agile PLM vulnerability (CVE-2024-21287)

Oracle warns of Agile PLM file disclosure flaw exploited in attacks

Palo Alto Networks Patches Critical Firewall Vulnerability

Phobos ransomware administrator faces US cybercrime charges

'Phobos' Ransomware Cybercriminal Extradited From South Korea

PracticeSuite Announces Data Breach Affecting Patients of Texan ENT Specialists, PLLC

Privileged Accounts, Hidden Threats: Why Privileged Access Security Must Be a Top Priority

Ransomware Evolution: From Triple-Quadruple Extortion to RaaS

Ransomware Gangs on Recruitment Drive for Pen Testers

Ransomware group ‘Sarcoma’ attacks Popular Life Insurance

Red red team team: Threat actors hire pentesters to test out ransomware effectiveness

Russian extradited to US from South Korea to face cybercrime charges

Russian hacker extradited to US over Phobos ransomware crimes

Russian Man Extradited to US, Face Charges in Phobos Ransomware Operation

Russian Phobos ransomware operator faces cybercrime charges

Russian Ransomware Gangs on the Hunt for Pen Testers

Russian suspected Phobos ransomware admin extradited to US over $16M extortion

Russian-American Hacker Sentenced in Historic $4.5 Billion Bitcoin Laundering Case

San Francisco Ballet hacked data posted for sale by two ransomware gangs

'Scam yourself' attacks just increased over 600% - here's what to look for

Significant surge in DocuSign impersonation attacks: hackers mimicking government

Space tech giant Maxar confirms attackers accessed employee data

Suspected Phobos Ransomware Admin Extradited to US

T-Mobile Breached in Major Chinese Cyber-Attack on Telecoms

Testimony from NSO Group raises questions about its culpability for spyware abuses

The rise of “porch pirates” using leaked tracking data to steal iPhones

Transportation Security Administration (TSA) not monitoring transportation sector efforts to stop ransomware, watchdog says

Unidentified hacker gains access to damaging Matt Gaetz's files

"Unknown and unauthorized third party" has gained access to Matt Gaetz depositions

Unknown Hacker Gets Hands on Damning Evidence Against Matt Gaetz

US charges ransomware administrator with help of Japan police

US extradites Russian accused of extorting millions in Phobos ransomware payments

Vishing, Wangiri, and Other VoIP Fraud Tactics On the Rise

VMware virtual machines under attack: hackers exploit critical vCenter Server flaw

Warning: VMware vCenter and Kemp LoadMaster Flaws Under Active Exploitation

What is Phishing and How To Avoid It?

Why AI alone can’t protect you from sophisticated email threats

Wife of Bitfinex hacker receives lighter sentence, “excited” to share her story

You're Not Imagining It: Phishing Attacks Are Rampant

18th November

1.5 Million Exposed: Set Forth & Centrex Hit by Massive Data Breach

300 Drinking Water Systems in US Exposed to Disruptive, Damaging Hacker Attacks

Accused Phobos Ransomware Hacker in US Custody

ADT Freight Services listed as alleged victim by Sarcoma ransomware gang

AI Can Be Leveraged For Phishing Scams: What You Need To Know To Stay Safe

AI company tells Securities and Exchange Commission (SEC) that $250,000 stolen in cyberattack

AI training software firm iLearningEngines says it lost $250,000 in recent cyberattack

Akira Ransomware: Published Over 30 New Victims on their DLS

Akira Ransomware Racks Up 30+ Victims in a Single Day

Amazon data breach affects employee info

AnnieMac Data Breach Impacts 171,000 Customers

APT Group DONOT Launches Cyberattack on Pakistan’s Maritime and Defense Industry

Argentina: Student Database Breach in Entre Ríos Province

Attackers are exploiting 2 zero-days in Palo Alto Networks firewalls (CVE-2024-0012, CVE-2024-9474)

Australia: Cyber security bill recommended for 'urgent' parliamentary approval

Beware of Fake Sites Mimicking Black Friday Deals

Bipartisan effort to clean up cyber regulations gets a boost in House, but calendar is tight

Bitfinex hacker who stole 120,000 bitcoins gets five years in prison

Bitfinex Hacker’s Wife Razzlekhan Sentenced to 18 Months for Laundering

Black Friday gaming sales could be disrupted by bots

Black Friday or Black Fraud-day? A Prime Time for Fraud and Cyberattacks

British software company Microlise confirms hackers compromised corporate data

Chatbots & Voice Phishing: How To Safeguard Against Potential Risks From AI

Chinese hackers exploit Fortinet VPN zero-day to steal credentials

Chinese Salt Typhoon Hacked T-Mobile in US Telecom Breach Spree

‘ClickFix’ Cyber-Attacks for Malware Deployment on the Rise

Critical RCE bug in VMware vCenter Server now exploited in attacks

Cyber attack on AnnieMac Home Mortgage impacted over 170,000 borrowers

Data Breaches and Spreadsheets: How to Avoid Fines When Excelling

Distributor of ANOM Encrypted Devices Sentenced to Over 5 Years in Prison

Don’t Hold Down The Ctrl Key - New Warning As Cyber Attacks Confirmed

El Dorado school district says hackers stole the data of over 30,000 students and staff

Exploitation of Scalable Vector Graphics (SVG) attachments in phishing on the rise

Facebook Data Breach Fallout - Millions May Receive Compensation

Facebook Malvertising Campaign Spreads Malware via Fake Bitwarden

Facebook users affected by data breach eligible for compensation, German court says

Fake Bitwarden ads on Facebook push info-stealing Chrome extension

Fake Discount Sites Exploit Black Friday to Hijack Shopper Information

Fake Donald Trump Assassination Story Used in Phishing Scam

Ford Customer Data Breach, German Statistical Data Leak, and Bank of France Targeted

Germany: Compensation for Facebook data breach victims

Germany: Stauberstahl.com Database Breach Exposes Sensitive Data

Gmail's New Shielded Email Feature Lets Users Create Aliases for Email Privacy

Government Agency Spoofing: DocuSign Attacks Exploit Government-Vendor Trust

Great Plains Regional Medical Center Notifies Patients of Data Breach Following Ransomware Attack

Hacked crypto project Thala agrees to $300K bounty, recovers $25M

Heather ‘Razzlekhan’ Morgan sentenced to 18 months in prison, ending Bitfinex saga

Helix darknet Bitcoin 'mixer' will fork over $750M, serve time, for processing 1M+ transactions

How and where to report cybercrime: What you need to know

How to Create a Strong Security Culture

How to ensure a fast recovery from the inevitable cyber-attack

Increased GDPR Enforcement Highlights the Need for Data Security

India: NCISM NEET Students Data Breach Exposes Personal Details

India: Sreedharscce.com Data Breach Exposes Millions of Records

India: Tjori.com 2021 Data Breach Exposes 1 Million User Records

India sees 135,173 financial phishing attacks in H1 2024, says study

Israel subjected to Iranian attacks with new WezRat infostealer

Just Eat urged to engage with Northern Ireland takeaways that fell victim to phishing scam

Major US telecom T-Mobile among victims of China-linked breach

Many US water systems exposed to ‘high-risk’ vulnerabilities, watchdog finds

Microsoft 365 Admin portal abused to send sextortion emails

Mistakes that leave you open to attack

Mozilla 0Din Warns of ChatGPT Sandbox Flaws Enabling Python Execution

Navigating the compliance labyrinth: A CSO’s guide to scaling security

New Chrome, Safari, Firefox, Edge Warning - Do Not Shop On These Websites

New Stealthy BabbleLoader Malware Spotted Delivering WhiteSnake and Meduza Stealers

North Korean IT Worker Network Tied to BeaverTail Phishing Campaign

NSO Group Exploited WhatsApp to Install Pegasus Spyware Even After Meta's Lawsuit

One in five DocuSign spoofs targeting businesses found to be impersonations of regulatory agencies

Palo Alto firewalls exploited after critical zero-day vulnerability

Palo Alto Networks patches two firewall zero-days used in attacks

Palo Alto Reports Two More Bugs in PAN-OS That Are Being Actively Exploited

RansomHub lays claim on Mexican government website hack

RansomHub ransomware gang claims data breach targeting Mexican government

RansomHub says 313GB exfiltrated in Mexican government cyber attack

Ransomware: Significant rise of attacks on Indian businesses

Ransomware Attack on Oklahoma Medical Center Impacts 133,000

Ransomware attacks surge in Southeast Asia with 57,000 cases

Ransomware gang Akira leaks unprecedented number of victims’ data in one day

Research finds 56% increase in active ransomware groups

Rockport Mortgage Notifies Individuals of Recent Data Breach Leaking Their Personal Information

Russian national in US custody in Phobos ransomware investigation

Space tech giant Maxar confirms hacker accessed employees’ personal data

Strengthening cybersecurity this Black Friday: combatting social engineering and phishing threats

Surge in DocuSign Phishing Attacks Target US State Contractors

Swiss Cyber Agency Warns of QR Code Malware in Mail Scam

T-Mobile Also Hit in China-linked Telecom Network Breaches

T-Mobile confirms breach amid wave of Chinese state-sponsored telecom attacks

T-Mobile hit by alleged Chinese cyber attack in major data breach

TEAM Software Breach, Hackers Gain Unauthorized Access To Network Infrastructure

Thala recovers $25.5M in crypto lost through v1 farming vulnerability

The Problem of Permissions and Non-Human Identities - Why Remediating Credentials Takes Longer Than You Think

Transforce.in – Database Breach Exposes Sensitive User Data

TriHealth Physician Partners Sends Out Data Breach Letters Following Incident at Vendor

Turkey fines Amazon’s Twitch 2 million lira for data breach

Turkey fines Twitch over data breach that revealed top streamer income

Turkey sanctions Twitch for user data breach

Türkiye fines Twitch $58K over massive data breach impacting thousands

Twitch data breach leaves Amazon with major fine

Twitch Fined $58K in Turkey Over Major Data Breach Fail

U.S. Extradites and Charges Alleged Phobos Ransomware Admin

UK Shoppers Lost £11.5m Last Christmas, National Cyber Security Centre (NCSC) Warns

Unraveling the Mysteries of Ransomware- How AI-Driven Detection is Turning the Tide

Urgent: Critical WordPress Plugin Vulnerability Exposes Over 4 Million Sites

URL Login & Password Leak – 2.5 Million Records Exposed

US charges Phobos ransomware admin after South Korea extradition

US Government Agencies Impersonated in Aggressive DocuSign Phishing Scams

US space tech giant Maxar discloses employee data breach