Editor's Message

Welcome to DBD. On March 8th we celebrated our 4th Anniversary and the 1st Anniversary of our PRiSM application, officially endorsed by the SANS Institute. Despite recent personal issues that have impacted the amount of time I have been able to dedicate to both projects, I have been doing my best to keep everything as up-to-date as possible, and I would like to take this opportunity to thank everyone for their patience and support whilst I navigate through this very difficult time. Stay safe. :)



Monday, 25 November 2024

Data Breaches Digest - Week 48 2024

Welcome to this week's Data Breaches Digest, a catalogue of links concerning Data Breaches and Cyber Security that were published on the Internet during the period between 25th November and 1st December 2024.


1st December

1 Billion URL User-Pass Combo Leak: Security Risks Escalate

Apple user? Phishing, deepfake threats on macOS are not uncommon anymore

Average data breach cost jumps to $5 million

Colombian Government Database Breach Exposes Sensitive Data

French Database Leak Exposes Sensitive User Information

Here are 10 key facts regarding the new zero-click cyber attack targeting Windows and Firefox users by Russian Group RomCom

McLeod Russel India responds to ransomware attack; no major impact on operations

Novel phising campaign uses corrupted Word documents to evade security

Ransomware Attacks Erupt Across Industries

Ransomware Developer Mikhail Matveev Arrested in Russia

Ransomware in the Digital Realm

“Rockstar 2FA” Phishing-as-a-Service Steals Microsoft 365 Credentials Via Adversary-in-The-Middle (AiTM) Attacks

SeaJob Database Leak: Maritime Job Platform Compromised

The Evolution of Phishing Tactics: Unveiling the Duality of Cyber Threats

“Valid Access” Credential Leak Raises Alarms

Why Simulating Phishing Attacks Is the Best Way to Train Employees

30th November

500,000 WordPress Credentials Leaked Online

644,869 Records on American Citizens Exposed As Massive Data Breach Reveals Full Names, Addresses, Emails, Employment Details, Social Media Accounts, Phone Numbers and Criminal Records

Arrested Kitchener man, alleged Snowflake hacker, a 'danger' to public, officials say

Certified InfoSec Database Breach Exposes User Data

Cyber Attack Disrupts Major Retailers Supply Chains

Closelly Data Breach Exposes User Information

FBI-Wanted Hacker Behind Global Ransomware Attacks Arrested in Russia

Hacker Group “Waste” Steals $17M from Central Bank of Uganda in Suspected Inside Job

Massive Database Leak: 200 Million Login Credentials Compromised

SpyLoan Android apps on Google play installed 8 million times

U.S. Passport Data Leak Sparks Privacy Concerns

Wanted Russian Hacker Linked to Hive and LockBit Ransomware Arrested

Wazawaka Arrested in Kaliningrad

Worried About Identity Theft? Locking your Social Security Number May Help

29th November

1TB Fresh URL Login Pass Logs Exposed Online

6.5M Private URL Login Credentials Leaked in “Maître Cloud” Incident

616 Million veterans affected by cyber attack on Department of Veterans Affairs (VA) health care system server: What to know

AI-based tools designed for criminal activity are in high demand

AI-Powered Fake News Campaign Targets Western Support for Ukraine and U.S. Elections

Alder Hey children’s hospital explores ‘data breach’ after ransomware claims

Alleged Snowflake Hacker 'Danger' to the Public, Canada Says

Alvin Acheampong and Alexander Manfo sentenced in Auckland for large-scale phishing uncovered by Operation Cargo

Beware Of New Phishing Scam Targeting Corporate Internet Banking Users

Black Friday’s Dirty Secret: How to Spot Fakes Before You Checkout

Bologna FC confirms data breach after RansomHub ransomware attack

Bologna under cyber attack, release statement

Campinas City Government SQLi Database Leak Exposes Sensitive Data

CPanel Data Breach Exposes Thousands of Login Credentials

Critical ICS Vulnerabilities Discovered in Schneider Electric, mySCADA, and Automated Logic Products

Cundinamarca Colombia Data Breach – Corporación Autónoma Regional de Cundinamarca Exposes Sensitive Information

Cyber attack on Liberty First Credit Union impacted over 50,000 individuals

Cyber attack on the City of Coppell disrupted operations, impacted server data

Cyber-Attacks Could Impact Romanian Presidential Race, Officials Claim

Cyberattack Disrupts Major UK Healthcare Provider, Delays Patient Services

Cybercriminals are paying pentesters to vet their ransomware

Cybercriminals target shoppers with 38 million phishing attacks in 2024

Cybersecurity Gone Wrong: How a Hacker’s Pitch for Clients Could Land Him 15 Years in Jail

Data breach at Rocky Mountain Gastroenterology impacted 366,000 patients

Data broker exposes 600K background checks and other sensitive files

Dohman, Akerlund & Eddy reports data breach affecting nearly 10,000 individuals

Fake Betting Apps Using AI-Generated Voices to Steal Sensitive Data

Ford Denies Hacker Claims, Data Breach Sparks Controversy

Fresh Stealer Logs from November 2024 Leaked, Exposing Sensitive Data

From Patchwork to Framework: Towards a Global IoT Security Paradigm

Godot Engine Exploited to Spread Malware on Windows, macOS, Linux

Google And Microsoft Users Warned - Rockstar 2FA Bypass Attacks Incoming

Grace Digital Database Breach Exposes User Data

Hackers Actively Deploying Zyxel Firewall Flaw To Deploy Ransomware

Hackers Threaten Bologna FC with Data Breach

Hacxx ULP JavaScript Search Engine Update Leaked, Exposing New Functionalities and Potential Vulnerabilities

Holiday scams are on the rise in South Dakota. These tips can help you stay safe

How KnowBe4 stopped a North Korean hacker from joining the company

INC Ransom claims cyber-attack on Alder Hey Children's Hospital

INC Ransom Claims Cyber-Attack on UK Children's Hospital

Italian football club Bologna FC says company data stolen during ransomware attack

Italian watchdog warns publisher GEDI against sharing data with OpenAI

LifeLabs data breach report released after court rejects bid to block publication

Losses from crypto hacks and fraud keep falling in 2024

Major Companies Recover from Blue Yonder Ransomware Attack

Man accused of involvement in massive data breach appears in Kitchener court

Microsoft Fixes AI, Cloud, and ERP Security Flaws; One Exploited in Active Attacks

Mobile Security: The Remarkable Rise of Sideloading

Most Fortune 500 companies lack security.txt files: how big of the deal is it?

New Phishing Attack Targeting Corporate Internet Banking Users

New Rockstar 2FA phishing service targets Microsoft 365 accounts

New Windows Server 2012 zero-day gets free, unofficial patches

Northeast Spine and Sports Medicine data breach exposes sensitive information of 6,300 patients

Outrage as Sadiq Khan warned people could ‘miss out on refunds’ after huge cyber attack

Over 8.6K Solana wallets linked to $21M DEXX hacker

Over 38 million phishing attacks launched during 2024

Over 8,600 Solana Wallets Linked to Dexx Hacker

Over 600,000 people hit in massive data breach - background checks, vehicle and property records

Phishing Attacks Dominate Threat Landscape in Q3 2024

Phishing-as-a-Service Rockstar 2FA continues to be prevalent

Phishing-as-a-Service "Rockstar 2FA" Targets Microsoft 365 Users with AiTM Attacks

Ransom gang claims attack on NHS Alder Hey Children's Hospital

RansomHub takes responsibility for Texas city, Minneapolis agency breaches

Ransomware Gangs Seek Pen Testers to Boost Quality

Republic Bank Ltd (RBL) customers face new phishing scam

Russia arrests cybercriminal Wazawaka for ties with ransomware gangs

Russia arrests ransomware attacker Wazawaka

Servers crash, data corrupted as cyber-attack hits Dewan Farooque Motors Limited

Starbucks Faces Ransomware Crisis Amid Scheduling Disruptions

The effect of compliance requirements on vulnerability management strategies

Trell.co Data Breach Exposes Nearly 10 Million User Records

Two UK nationals to be deported over text phishing scam

U.S. Department of Justice (DOJ) Charges 5 Suspected Members of Cybercrime Gang Scattered Spider

U.S. Department of Veterans Affairs (VA) says cyberattack targeted health data of hundreds of veterans in Minnesota

Uganda confirms cyberattack on central bank but minimizes extent of breach

UK: Metropolitan Police apologises to honeytrap victims over email

UK hospital cyber attack interrupts operations, disruption to continue

UK Justice System Failing Cybercrime Victims, Cyber Helpline Finds

USA 50+ Age-Targeted Data Collection Leak Exposes Sensitive Information

Washington saw a huge spike in data-breach notices in 2024

What It Costs to Hire a Hacker on the Dark Web

Windows Warning As New 0-Click Backdoor Russian Cyber Attack Confirmed

Wirral NHS Trust forced to rely on pen & paper following a major cyber attack

Zello tells users to reset passwords following suspected data breach

Zello urges users to reset passwords following a cyber attack

Zyxel Firewalls Targeted by Helldown Ransomware: CVE-2024-11667 Exploited

Zyxel Firewalls Vulnerability Targeted by Helldown Ransomware

28th November

988 Million URL Login Credentials Exposed in Massive Data Leak

Accused Kitchener hacker unmasked after threatening woman online

Australia’s New Cyber Security Act: Mandatory Ransom Payment Reporting

BeachGuide.com Email Database Leak Affects Over 92,000 Users

Betting Platform Database Leak Exposes User Data

Blue Yonder ransomware attack leaves global brands scrambling

Coupang Fined Over 1.5 Billion Won for Major Data Breach Violations

Critical Flaw in Oracle Agile PLM Framework Exposes Sensitive Data: Patch Now

Critical Vulnerabilities Discovered in Industrial Wireless Access Point

Crypto companies are losing ground to deepfake attacks

Cybercriminals Exploit Popular Game Engine Godot to Distribute Cross-Platform Malware

Data Breach Exposes 250 Abuse Survivors; £30k Payouts Awarded

Don’t get held to ransom this festive season

Ecobank Ghana eProcess System Leak Raises Security Concerns

Essential Healthcare Cybersecurity: Protecting Patient Data

Former Fortnite player accused of meme coin scam

Global Passport Data Leak Exposes UK, Italy, and India Records

GodLoader Malware Infects Thousands via Game Development Tools

Hacker Behind Snowflake Data Breach Linked To U.S. Military

Hacker Group Steals $17 Million from Uganda’s Central Bank

Hackers can access laptop webcams without activating the LED, researcher finds

Hackers stole 37,000 students’ data from St Thomas Aquinas school’s network

Hello, this is your chatbot leaking: WotNot exposes 346K sensitive customer files

Independent probe to examine Transport for London (TfL) cyber attack impact and response

Information Commissioner’s Office (ICO) fines the PSNI £750,000 following spreadsheet data breach

Keep Your Eye Out for Signs of This Apple ID Phishing Scam

Kitchener, Ontario, man arrested in massive Snowflake hacking scheme faces possible extradition to U.S.

LifeLabs Data Breach Report Sheds Light on Key Failures in Data Protection

Major cyber attack forces Wirral NHS Trust to cancel outpatient appointments

Malicious Actors Exploit ProjectSend Critical Vulnerability

Malicious PyPI Package Exposes Crypto Wallets to Infostealer Code

Man living in Kitchener, Ontario alleged to be involved in massive data breach

Massive Data Breach At OnlyFans Competitor Site

North Korean hackers have stolen billions in crypto by posing as VCs, recruiters and IT workers

Northern Ireland: Settlement for historical abuse survivors caught up in data breach could pave way for payout of millions in damages

OnePoint Patient Care breach affects 1.7 million people

OnePoint Patient Care Data Breach Affects 1.7 Million Individuals; Ransom Group Leaks Data

Over Two Dozen Flaws Identified in Advantech Industrial Wi-Fi Access Points – Patch ASAP

Phishing Alert: Here's how to safeguard your iPhone against online fraud

Phishing campaigns target Black Friday shoppers. Here's how to spot them

Propertyrec Leak Exposes Over Half a Million Background Check Records

Protecting Active Directory in the age of ransomware

Ransomware Attack Disrupts Retail Giants Operations

Ransomware attack hits retailers worldwide

Ransomware Attack on Blue Yonder Disrupts Starbucks, UK Supermarkets: A Cyber Wake-Up Call

Ransomware payments are now a critical business decision

Ransomware payments rise to AUD $1.35m for Australian firms

Rise in phishing attacks observed from August to October 2024

Silver Springs Exposes 7 Years of HR Data

Snowflake hacker still on the loose – close to being identified

South African government top target for cyber criminals

Starbucks And Major Retailers Grapple With Blue Yonder Ransomware Fallout

Starbucks Ransomware Attack: Analysis, Impact, and Defense Strategy

T-Mobile Claims Salt Typhoon Did Not Access Customer Data

T-Mobile Confirms Cyber Attack Attempts, but No Customer Information Accessed: What You Must Know

T-Mobile prevents data breach amid Salt Typhoon cyberespionage campaign

T-Mobile says cyber attackers had no access to customer data

The only thing worse than being fired is scammers fooling you into thinking you're fired

The phishing threat landscape evolves

Transport for London (TfL) cyber attack: Independent review will examine huge hack and response

Transport for London (TfL) cyber attack and response that saw Oyster services down to be investigated

Transport for London (TfL) Faces Independent Investigation Over Cyber-Attack Response

U.S. Telecom Giant T-Mobile Detects Network Intrusion Attempts from Wireline Provider

UK hospital network postpones procedures after cyberattack

Vodacom Business Unveils Cybersecurity Report

VPN vulnerabilities, weak credentials fuel ransomware attacks

Washington data breach notices hit record high of 11.6 Million

Wirral hospital issue update after cyber attack

XML-RPC npm Library Turns Malicious, Steals Data, Deploys Crypto Miner

Zello faces potential data breach, urges customers reset passwords

27th November

AI viewed as phishing threat as well as defense

Appeals court overturns Treasury sanctions against crypto mixer Tornado Cash

APT-C-60 Hackers Exploit StatCounter and Bitbucket in SpyGlace Malware Campaign

Attack Group APT-C-60 Targets Japan Using Trusted Platforms

Ballet Crypto Data Breach Exposes Cryptocurrency User Information

BIC, Starbucks, Morrisons continue recovery after Blue Yonder ransomware attack

Blue Yonder ransomware attack still impacting UK supermarket supply chains

Blue Yonder ransomware attack triggers potato shortages

BMW Chile Data Breach Exposes Customer and Operational Data

Brazilian Telecom Provider Suffers Data Breach

British government demands Chinese-owned company appoint a security chief with UK clearances

Chinese hackers breached T-Mobile's routers to scope out network

Cloudflare says it lost 55% of logs pushed to customers for 3.5 hours

Contemporary Information Corp. Provides Notice of Data Breach Following Incident at BackChecked, LLC

Critical Firefox and Windows zero-days exploited by Russian hackers

Critical Flaw in ProjectSend Under Active Exploitation Against Public-Facing Servers

Cyber attack on restaurant chain Bojangles compromised customers’ personal data

Cybercriminals used a gaming engine to create undetectable malware loader

Data Breach Affects Patients of Maternal Fetal Medicine Associates PLLC, Carnegie Hill Imaging for Women, and Carnegie Women’s Health

Emserpa Data Breach Exposes Colombian Public Service Information

Hackers abuse popular Godot game engine to infect thousands of PCs

Hackers Exploit Firefox and Windows Flaws: RomCom’s Advanced Attack Unveiled

Hackers exploit ProjectSend flaw to backdoor exposed servers

Hoboken City Hall hit by ransomware cyberattack

Hoboken closes city hall, local courts after pre-Thanksgiving ransomware attack

Hoboken Cyber Attack? City Hall Closed, Services Suspended After Ransomware Breach

Hoboken Hit by Ransomware Attack as City Hall Closes and Online Services Disrupted

Hoboken, New Jersey hit with ransomware cyberattack, officials say

How can gambling operators avoid hacker attacks?

India’s new cyber rules for telecoms come with big privacy risks, experts say

Interpol Arrests Over 1,000 in Massive Cybercrime Operation Across Africa

INTERPOL Busts African Cybercrime: 1,006 Arrests, 134,089 Malicious Networks Dismantled

INTERPOL Operation Links Kenyan Cybercrime Suspects to KES 1.1 Billion Heist

Interpol, African Nations Arrest 1,006 in Sweeping ‘Operation Serengeti’

Judge rejects data brokers’ bid to throw out case brought by law enforcement officers

Man warns 'this is just the beginning' after cyber attack on Merseyside Police

Matrix Botnet Exploits IoT Devices in Widespread DDoS Botnet Campaign

Matrix Cyber Attack Targets 35 Million Devices, Researchers Warn

Meet the Hacker: How Simulated Phishing Addresses Your Biggest Security Risk

Microsoft patches four vulnerabilities, some critical and exploited in the wild

Microsoft says it's not using your Word, Excel data for AI training

Microsoft takes down 240 Egypt-based Phishing-as-a-Service websites

Nearly Every Hacker Believes AI Tools Have Created a New Attack Vector

New Bootkit “Bootkitty” Targets Linux Systems via UEFI

New EU Commission to Unveil Healthcare Cybersecurity Plan in First 100 Days

New phishing scams in Kuwait target victims for money laundering operations

Northern Ireland: Historical abuse victims awarded £30,000 in damages over data breach

Northern Ireland: Institutional abuse victims awarded £30,000 after data breach

Operation Serengeti Disrupts $193m African Cybercrime Networks

Police bust pirate streaming service making €250 million per month

Pro-Russian Hacktivists Launch Branded Ransomware Operations

Protecting Web-Based Work: Connecting People, Web Browsers and Security

Ransomware attack closes Hoboken city hall, impacts services

Ransomware attack on Blue Yonder disrupts retailers ahead of holidays

Ransomware attack on Blue Yonder impacted retailers worldwide, including Morrisons and Sainsbury's

Ransomware Groups Targeting VPNs for Initial Access

Ransomware Report: Telecommunications Sixth Among Most-Targeted Industries

Ransomware Strikes when Organizations Unknowingly Open the Door

Researchers Discover "Bootkitty" – First UEFI Bootkit Targeting Linux Kernels

Researchers discover first UEFI bootkit malware for Linux

Rise of ransomware-as-a-service leading to blackmail-fueled industry

Russian Hackers Exploit Firefox and Windows 0-Days to Deploy Backdoor

Russian RomCom APT Group Leverages Zero-Day Flaws in Firefox and Windows

Starbucks Faces Payroll Chaos From Blue Yonder Ransomware Attack

Starbucks, Supermarkets Targeted in Ransomware Attack

Supply chain managers underestimate cybersecurity risks in warehouses

T-Mobile opens up about how it stopped that major cyber attack

T-Mobile rebuffed breach attempts by hackers likely connected to China’s Salt Typhoon

T-Mobile says telco hackers had ‘no access’ to customer call and text message logs

Texas Tech Discloses Cyber Attack on Health Sciences Centers

Tips to avoid phishing scams

‘Tis the season for website cloning tools, RCEs and AI phishing lures

Verizon, AT&T Targeted by Second Threat Actor Who Claims Trump, Harris Call Logs

Washington state data breaches have reached an all-time high

Why Cybersecurity is Critical in IoT Development Services for a Safer Connected World

Your Apple ID is not suspended – how to avoid the latest dangerous phishing scam

Zello asks users to reset passwords after security incident

26th November

African cybercrime crackdown culminates in 1,006 captured and cuffed

Aggressive Chinese APT Group Targets Governments with New Backdoors

Australia Passes Groundbreaking Cyber Security Law to Boost Resilience

Authorities disrupt major cybercrime operation, 1000+ suspects arrested

Automating Data Encryption and Security Audits for Continuous Protection

Black Friday shoppers targeted with thousands of fraudulent online stores

British hospital group declares ‘major incident’ following cyberattack

Canadian privacy regulators publish details of medical testing company’s data breach

China Attack on U.S. Telecom Networks: ‘Thousands and Thousands’ of Devices Need to Be Replaced

Chinese Hackers Use GHOSTSPIDER Malware to Hack Telecoms Across 12+ Countries

CISA Adds Array Networks’ CVE-2023-28461 to Known Exploited Vulnerabilities (KEV) List: Critical Patching Urged

CISA Urges Agencies to Patch Critical "Array Networks" Flaw Amid Active Attacks

Critical WordPress Anti-Spam Plugin Flaws Expose 200,000+ Sites to Remote Attacks

'CyberVolk' hacktivists use ransomware in support of Russian interests

Darknet Services Fuel Holiday Scams and E-Commerce Exploits

Firefox and Windows zero-days exploited by Russian RomCom hackers

Hackers exploit critical bug in Array Networks SSL VPN products

How to recognize employment fraud before it becomes a security issue

Interpol busts major cybercrime centers in Africa, over 1000 arrested

Is Bitcoin Still a Secure and Reliable Trading Option?

Kashin App Data Breach Exposes Sensitive User Information

Major Cybercrime Operation Nets Over 1,000 Arrests Across Africa

‘Matrix’ Hackers Deploy Massive New IoT Botnet for DDoS Attacks

More than 2,000 Palo Alto Networks firewalls compromised

New DDoS Campaign Exploits IoT Devices and Server Misconfigurations

New NachoVPN attack uses rogue VPN servers to install malicious updates

NHS Trust Declares Major Incident for “Cybersecurity Reasons”

OnlyFans alternative leaks private conversations, payment data

Over 1,000 arrested in massive ‘Serengeti’ anti-cybercrime operation

Over a Third of Firms Struggling With Shadow AI

Patients sent home after cyberattack hits UK hospitals

Practical strategies to build an inclusive culture in cybersecurity

RansomHub gang says it broke into networks of Texas city, Minneapolis agency

Researchers reveal exploitable flaws in corporate VPN clients

Retailers struggle after ransomware attack on supply chain tech provider Blue Yonder

RomCom Exploits Zero-Day Firefox and Windows Flaws in Sophisticated Cyberattacks

RomCom hackers chained Firefox and Windows zero-days to deliver backdoor

Russia-aligned RomCom hackers exploited Firefox and Windows zero-days

Russia-linked hackers exploited Firefox and Windows bugs in ‘widespread’ hacking campaign

Security leaders discuss risks and offer advice on seasonal scams

Starbucks and Grocery Stores Face Disruption after Ransomware Attack on Blue Yonder

Starbucks forced to pay baristas manually after cyberattack

Starbucks Shifts to Manual Processes After Contractor Ransomware Attack

Starbucks using pen and paper after Blue Yonder supply chain ransomware attack

Starbucks, grocery stores impacted by Blue Yonder ransomware attack

Supply Chain Ransomware Attack Hits Starbucks, UK Grocers

UK Scam Losses Surge 50% Annually to £11.4bn

UK, US retail giants hit by ongoing disruption after ransomware attack on supply chain firm

Ursnif Trojan Campaign Targets U.S. Professionals via Stealthy Spam Attacks

25th November

99% of UAE’s .ae Domains Exposed to Phishing and Spoofing

Arizona State Database Leak Exposes Sensitive Information

Authorities catch ‘SMS blaster’ gang that drove around Bangkok sending thousands of phishing messages

Black Basta Ransomware Group Retools for Strategic Attacks

BlackBasta Ransomware Brand Picks Up Where Conti Left Off

Blue Yonder ransomware attack disrupts grocery store supply chain

Blue Yonder ransomware attack disrupts supply chains across UK and US

Breaking In to Keep Hackers Out: The Essential Work of Penetration Testers

Can AI Save the UK from a Cyber Catastrophe? The Fight Against Russian Hackers

China’s Salt Typhoon hackers target telecom firms in Southeast Asia with new malware

Cyber agencies reveal top 15 routinely exploited vulnerabilities

Cyber Resiliency in the AI Era: Building the Unbreakable Shield

Cyberattacks cost British businesses $55 billion in past five years, broker says

Defining Cyber Risk Assessment and a Compliance Gap Analysis and How They Can be Used Together

Faraway Russian hackers breached US organization via Wi-Fi

Feronow.com Database Breach Exposes Sensitive User Data

Finastra investigates data breach, security leaders discuss

Flying Under the Radar - Security Evasion Techniques

Former Verizon employee gets four-year sentence for sharing cyber secrets with Chinese government

Fujian Provincial Government Database Leak Exposes Sensitive Data

Geopolitical strife drives increased ransomware activity

How to protect the global supply chain from phishing scams

How to Reduce Risk From Exposed Secrets

Howden: cyber-attacks cost UK businesses £44bn in the last five years

Huge Leak of Customer Data Includes Military Personnel Info

In a Growing Threat Landscape, Companies Must do Three Things to Get Serious About Cybersecurity

Information Commissioner’s Office (ICO) Urges More Data Sharing to Tackle Fraud Epidemic

Internet of Things (IoT) Device Traffic Up 18% as Malware Attacks Surge 400%

Justice Concerns over Breached Prison Details

Leaked SHSH Blob Tool Sparks iOS Downgrade Concerns

Malware Exploits Trusted Avast Anti-Rootkit Driver to Disable Security Software

Man hacked networks to pitch cybersecurity services

Meta lawsuit over Cambridge Analytica privacy scandal to proceed, Supreme Court rules

Meta Shutters Two Million Scam Accounts in Two-Year Crackdown

New York fines Geico, Travelers $11 million for exposed driver’s license numbers

New York Secures $11.3m from Insurance Firms in Data Breach Settlement

North Korea’s Cyber Evolution and China’s Storm-2077 Unveiled by Microsoft Analysts

Novel attack unveiled: Russian hackers using neighbors’ WiFi to launch attacks

npm Package Lottie-Player Compromised in Supply Chain Attack

Overcoming legal and organizational challenges in ethical hacking

Peruvian Corporate Data Leak: WIN Empresas Customer Records Exposed

Phishing Prevention Framework Reduces Incidents by Half

PyPI Python Library "aiocpa" Found Exfiltrating Crypto Keys via Telegram Bot

QNAP addresses critical flaws across NAS, router software

Ransomware Attack on Blue Yonder Hits Starbucks, Supermarkets

Ransomware hits supply chain software firm Blue Yonder ahead of Thanksgiving

Researchers Uncover Malware Using Bring Your Own Vulnerable Driver (BYOVD) to Bypass Antivirus Protections

Salt Typhoon hackers backdoor telcos with new GhostSpider malware

South Asian hackers target Pakistani entities in new espionage campaign

Spring EQ Notifies Consumers of Data Breach Stemming from Compromised Employee Email Account

SSGMCE.ac.in Database Breach Exposes Sensitive Academic Data

Starbucks baristas can’t view their schedules after ransomware attack on vendor

Starbucks forced to pay its baristas manually because of a ransomware attack on third-party software

Starbucks impacted by ransomware attack on software vendor

Stay Safe Online This Black Friday: Protect Your Digital Security While Scoring the Best Deals

The case for a ransomware payment ban

The Cyberthreats from China are Ongoing: U.S. Officials

Trello Data Breach Exposes Personal Information of 15 Million Customers

UK Businesses Have Lost $55 Billion to Cyber-attacks In 5 Years

Understanding the New York Department of Financial Services (NYDFS) Cybersecurity Regulation

Visiting Physician Services (VPS) of MI, PLLC Announces Data Breach Following Discovery of Malware

Voice Phishing Attacks: How to Prevent and Respond to Them