Editor's Message

Welcome to DBD. 2024 was a tough year for me personally, and I'd like to thank every one of you who has supported me - you have been my light in times of darkness. 2024 saw the highest number of ransomware attacks on record, and there's no sign of these attacks slowing down as we head into the new year. Ransomware is a BIG problem that is NOT going away anytime soon, and this year could be just as catastrophic, if not worse, as cyber criminals continue to extort their victims with very little chance of being brought to justice. Wishing you all the very best for 2025. Stay safe. :)


“Data Breaches Digest and its PRiSM portal provide Dentons Global Security Team with valuable insights into the ransomware landscape, from the latest incidents to trends over time, as well as the ability to customize visual analytics. Timely reports and tracking by Data Breaches Digest help inform cyber intelligence for the world’s largest law firm and thus our cybersecurity posture across more than 80 countries worldwide.”
Dentons Senior Analyst, Washington DC



Monday, 2 December 2024

Data Breaches Digest - Week 49 2024

Welcome to this week's Data Breaches Digest, a catalogue of links concerning Data Breaches and Cyber Security that were published on the Internet during the period between 2nd December and 8th December 2024.


8th December

Alleged Data Breach at Cian.ru Exposes 4 Million User Record

Alleged Data Breach at DIRSAPOL Exposes Peruvian Police Health Records

Alleged Data Breach at S-Zdorovie.ru Exposes Sensitive Health Data

Alleged Data Breach at Walae Cristal Exposes Sensitive User Information

Cyber Attacks In India: Telangana On Top

Got phished? Here's how to avoid cybercriminals and their scams

Massive Leak of 1 Billion URL Login Credentials and Passwords Raises Global Security Concerns

McLeod Russel India responds to ransomware attack; no major impact on operations

North Korean hackers target South Korea with Internet Explorer vulnerabilities to deploy RokRAT malware

South Bend dentist office notifies patients of data breach

QR Code Phishing on the Rise According to New Report

QR codes bypass browser isolation for malicious C2 communication

7th December

84 Arrested as Russian Ransomware Laundering Networks Disrupted

Alleged Data Leak Exposes 102,000 Spanish WhatsApp Numbers

Alleged Data Leak Exposes Personal Information of 90,000 Australian Forex Traders

Almost 90% of Belgians targeted by phishing scams; fewer than 1% get money back

Anna Jaques Hospital ransomware breach exposed data of 300K patients

BT conferencing system hacked by Black Basta Ransomware

Chinese Can Monitor All Your Calls And Emails After The Biggest Cyber Attack In U.S. History

Chinese Hackers Allegedly Behind Massive ‘Salt Typhoon’ Cyber-Attack on U.S. Telecom Sector

Data Breach at Volgograd State Medical University Exposes Sensitive Information

Deloitte Data Breach: Company Denies The Breach Says, “Only Single Client System Affected”

Deloitte Denies Breach, Claims Only Single System Affected

Hackers Using Fake Video Conferencing Apps to Steal Web3 Professionals' Data

New DroidBot Android Spyware Targeting Banking and Crypto Users

Phishing scam fleeces West Australians out of hundreds of thousands, four men arrested

Romania’s election systems hit by 85,000 attacks ahead of presidential vote

Russia’s FSB used spyware against a Russian programmer

Significant Data Breach at Prixet Exposes User Information

Tamil Nadu GovMail Database Breach Exposes Government Email Accounts

Ultralytics AI Library Compromised: Cryptocurrency Miner Found in PyPI Versions

Unauthorized Access to Yunnan Television Systems Raises Security Concerns

Watsonville hospital network outage caused by cyber attack

6th December

A new report shows QR code phishing is on the rise

Action against ‘phone phishing’ gang in Belgium and the Netherlands: eight arrests

Alleged Data Breach at Anex Baby Exposes Customer Information

Alleged Data Breach at Lazz Hotel Exposes Customer Information

Alleged Data Breach at SalonBiz Exposes Customer Information

Alleged Data Breach of Indian Government Volunteer Database Exposes Sensitive Information

Alleged Data Breach of Indian Government Volunteer Database Exposes Sensitive Information

Alleged phishing scammers used Apple Pay to spend $350k stolen from bank customers using fake text messages

Another teenage hacker charged as feds continue Scattered Spider crackdown

Atrium Health Data Breach Impacts 585,000 People

Atrium Health says cyber attack compromised the data of 585,000 patients

Australia: Four men charged over phishing scam

Black Basta Ransomware Leverages Microsoft Teams To Attack Windows Users

Black Friday kicks off surge in phishing attacks on consumers

Blue Yonder Attack Attributed to New ‘Termite’ Ransomware Group

Blue Yonder Hack Tied To New Ransomware Gang 'Termite'

Blue Yonder SaaS giant breached by Termite ransomware gang

Blue Yonder says some customers restored as ransomware gang boasts of attack

Brain Cipher Ransomware Hits Deloitte, Steals 1TB of Sensitive Data

BT Group confirms cyber incident following Black Basta ransomware claims

BT Group hit by Black Basta ransomware, data theft suspected

BT Group’s Conferencing division attacked by Black Basta ransomware gang

BT investigating a Black Basta ransomware attack on its conferencing platform

Building a robust security posture with limited resources

Businesses received over 20 billion spam emails this year

Calgary's Fueling Brains Academy targeted by 'possible data breach'

Coordinated Cyberattack Disables British Army Websites and More

Costa Rica’s RECOPE Seeks US Cybersecurity Help After Ransomware Attack

Critical Windows Zero-Day Vulnerability Lets Attackers Steal Users NTLM Credentials

Crypto-stealing malware posing as a meeting app targets Web3 pros

Cyber Attack at White Lake Township Hall Cripples Transactions

Cyberattack targets Port of Rijeka, data stolen

Cybercriminals Target Retail Shoppers with 38 Million Phishing Attacks

Cybersecurity in the European Union 2024: ENISA’s Insights and Recommendations for Strengthening Resilience

Data deletion enters the ransomware chat

Deloitte Denies Breach, Claims Cyber-Attack Targeted Single Client

Deloitte Denies Data Breach Claims

Deloitte says "no systems have been impacted", as Brain Cipher hacker group claims access to company's 1TB data

Deloitte UK Reportedly Cyberattacked for 1TB of Sensitive Data by Ransomware Group

Emerging Ransomware Group Termite Claims Attack on Blue Yonder

Employee Data Access Behaviors Putting Australian Employers At Risk

Europol Dismantles Major Online Fraud Platform in Major Blow to Fraudsters

Federal Communications Commission (FCC) Proposes Stricter Cybersecurity Rules for US Telecoms

Fortra Finds 200% Rise in Cloudflare Abuse for Phishing Schemes

FSB Uses Trojan App to Monitor Russian Programmer Accused of Supporting Ukraine

GenAI makes phishing attacks more believable and cost-effective

Hackers Leveraging Cloudflare Tunnels, DNS Fast-Flux to Hide GammaDrop Malware

HDFC Life Insurance Data Breach: 1.6 Crore Customers' Information Leaked On Dark Web

Highland Park ISD Affected by Ransomware

How to choose secure, verifiable technologies?

Hundreds of CISCO switches impacted by bootloader flaw

'Large number' of Americans' metadata stolen by Chinese hackers, senior official says

Leroy Merlin scam alert: Don’t fall for fake surveys

More_eggs Malware-as-a-Service (MaaS) Expands Operations with RevC2 Backdoor and Venom Loader

Movie Theater Data Breach Leads to Settlement and Class Action Lawsuits

Nebraska Man pleads guilty to $3.5 million cryptojacking scheme

New Malware Campaign Exposes Gaps in Manufacturing Cybersecurity Defenses

New Russian Threat Group Z-Pentest Targets Energy System Controls

New Smartphone Warning - Forget What You’ve Been Told About Security

New Windows zero-day exposes NTLM credentials, gets unofficial patch

North Tyneside Council apologises for data breach involving email addresses of 143 parents

Office for Civil Rights (OCR) Phishing Investigation Uncovers HIPAA Training Failure; Colorado Children’s Hospital Fined $548,265

Over 650GB SRP Federal Credit Union data breached by Nitrogen ransomware

Pakistan Telecommunication Authority (PTA) Issues Alert Against Phishing Scams

Phishing attacks rose by more than 600% in the buildup to Black Friday

Phishing scams fleecing Western Australians

Pirated corporate software infects Russian businesses with info-stealing malware

Ransomware attacks in the cloud and how to prevent them

Ransomware Gangs’ Merciless Attacks Bleed Small Companies Dry

Ransomware Group Claims 1TB Stolen From Deloitte

Ransomware Hits Alder Hey: Patient Data on Dark Web

Recently Charged Scattered Spider Suspect Did Poor Job at Covering Tracks

Researchers Uncover Flaws in Popular Open-Source Machine Learning Frameworks

Russian users report Gazprombank outages amid alleged Ukrainian cyberattack

Signzy investigating KYC customer data breach

Singapore: Police warn of phishing scams involving online entry visa, digital arrival card applications

Stay alert during holiday season. Phishing sites lure shoppers with enticing deals

Teenagers leading new wave of cybercrime

Top Five Industries Aggressively Targeted By Phishing Attacks

Top Five Industries Most Frequently Targeted by Phishing Attacks

Transport for London (TfL) cyber attack cost over £30m to date

Tripura Gramin Bank Website Reportedly Taken Offline in Suspected Cyberattack

UK SMEs Are Concerned About Preparedness For Cyberattacks as Fraud Rises

Ultralytics AI model hijacked to infect thousands with cryptominer

Understanding the Cybercriminal Mindset: Protecting Your School’s Data

UnitedHealthcare CEO's murder follows ransomware attack leaking millions of patient records

Unmasking digital deception: Phishing, smishing, and vishing attacks explained

US authorities arrest another alleged Scattered Spider hacker

US hospital reveals Christmas breach that exposed hundreds of thousands

Vodka maker Stoli files for bankruptcy in the US after a ransomware attack

Windows zero-day: attackers can steal NTLM credentials with little user interaction

Windows, macOS users targeted with crypto-and-info-stealing malware

5th December

4 Defining Characteristics of a Hacker

8 phishing email scams to watch out for this holiday season

8 US telcos compromised, FBI advises Americans to use encrypted communications

50 Servers Linked to Cybercrime Marketplace and Phishing Sites Seized by Law Enforcement

100,000 Websites Allegedly Vulnerable to CVE-2023-6553 Exploit

600,000 sensitive files exposed by data broker SL Data Services

A snake in the net: Defending against Adversary-in-the-Middle (AiTM) phishing threats and Mamba 2FA

A Teen Hacker Faces Charges For Exploiting Vulnerabilities In Two Telecom Networks And Phishing Millions Of Users

“aiocpa” Python Package Exposed as Cryptocurrency Infostealer

Alder Hey NHS foundation says cyber attack compromised the systems of three NHS hospitals

Alleged Compromise of Administrator Access to Sécurité Nationale Systems Raises Security Concerns

Alleged Data Breach at Edizionidottrinari.it Exposes Sensitive User Information

Alleged Data Breach at LIXIL Exposes Sensitive Customer Information

Alleged Data Breach at Tribelsky Exposes Sensitive User Information

Alleged Data Breach at VozoHealth Exposes Sensitive EHR Data

ANEL and NOOPDOOR Backdoors Weaponized in New MirrorFace Campaign Against Japan

Beware Of New HR Payroll Phishing Attack Targeting Numerous Employees

Black Basta attack disrupts BT unit’s servers

Black Basta ransomware operators refine social engineering tactics

Brain Cipher claims to breach Deloitte UK, allegedly steals 1TB of data

BT Group Affected by Ransomware Breach by Black Basta Gang

BT Group confirms attackers tried to break into Conferencing division

BT Group says it was forced to take some servers offline following ransomware attack

BT Investigating Hack After Ransomware Group Claims Theft of Sensitive Data

BT isolates conferencing servers following Black Basta ransomware attack

BT shuts servers following ransomware attack

Change Healthcare Data Breach Settlement Talks Due to Commence

Chinese Hacker Steals Metadata From US Telecom Firms

Chinese Hackers Breach US Firm, Maintain Network Access for Months

CISA Adds Three Critical Vulnerabilities to Known Exploited Vulnerabilities (KEV) Catalog: Immediate Action Urged

CISA Warns of Active Exploitation of Flaws in Zyxel, ProjectSend, and CyberPanel

Citadel of Northbrook Reports Data Breach Stemming from Incident at PointClickCare

Critical Mitel MiCollab Flaw Exposes Systems to Unauthorized File and Admin Access

Critical Veeam Vulnerabilities Expose Service Provider Console to Cyber Risks

Cyber attack forces U.S. energy sector contractor ENGlobal to shut IT systems

Cyber attack hits three Liverpool hospitals

Cyber bandits rely on AI to bypass biometric security measures in financial institutions

Cyber threats surge ahead of Black Friday: Kaspersky reports 25% increase in retail-focused phishing attacks

Data breach notification: Why when you're alerted varies by where you live

DDoS Attacks: It’s What You Don’t Know That May Hurt You

Deloitte Allegedly Breached by Hackers

Deloitte UK reportedly hacked, over 1TB of data stolen

Deloitte UK suffers alleged cyber incident, over 1TB stolen

Delta Dental data breach exposes more than 802,000 records

European police shut down major stolen data marketplace

Europol Official Website Reportedly Targeted in Significant Cyberattack

Europol Shuts Down Manson Market Fraud Marketplace, Seizes 50 Servers

Experts warn of AI-driven scams mimicking familiar voices

FBI issues dire iPhone and Android warning to users over 'massive and ongoing' cyber attack

FBI warning to iPhone and Android users amid major ongoing cyber attack

FBI Warns GenAI is Boosting Financial Fraud

FBI Warns Smartphone Users - Hang Up And Create A Secret Word Now

Florida Healthcare Provider Faces $1.19M HIPAA Penalty Following Independent Contractor Breach

Fourteen million telecom customers' phone numbers and locations exposed

Fuji Electric Indonesia Hit by Ransomware Attack

Fuji Electric Indonesia Hit By Ransomware Attack, Business Information Compromised

G20 Leaders Fear Economic Risks Over Cyber Threats

GoodRx agrees to a $25 million settlement over a data privacy class action lawsuit

Hacker claims personal data theft of employees at the world's largest tech companies

Hackers Target Uyghurs and Tibetans with MOONSHINE Exploit and DarkNimbus Backdoor

Hoboken government recovering from ransomware attack as Conti-linked gang takes credit

How laws strain to keep pace with AI advances and data theft

How the National Crime Agency (NCA) Cracked Billion-Dollar Money Laundering Rings Linked to Ransomware Gangs

How to stay safe after major cyber attack

Identity Phishing: Using Legitimate Cloud Services to Steal User Access

iPhone users experience massive hacking attack: How to protect your smartphone

Israeli investigator linked to 'hack and leak' scandal involving Exxon, MBS

Law enforcement shuts down Manson Market cybercrime marketplace

Major USAID contractor Chemonics says 263,000 affected by 2023 data breach

Malaysia: National Registration Department (JPN) - No Data Breach Occurred On System, Database

Malaysia: National Registration Department (JPN) confirms no MyKad data breach

Malaysia: National Registration Department (JPN) denies data breach claims, assures MyKad security

Malaysia: National Registration Department (NRD) confirms no MyKad data breach detected

‘Massive breach’: Social security numbers, health info and much more stolen in Hoboken cyberattack

Metadata of Americans Stolen in Chinese Hack

Mid-Ohio Psychological Services Files Notice of Data Breach with HHS-OCR

MirrorFace targets Japan in fresh ANEL and NOOPDOOR spearphishing campaign

Mitel MiCollab zero-day and PoC exploit unveiled

Mitel MiCollab zero-day flaw gets proof-of-concept exploit

Money-Laundering Network Linked To Drugs and Ransomware Disrupted

More Complex Ransomware, AI and 'Mission-Impossible' Style Hacks

MyKad data breach claim: JPN denies leak, cites no suspicious activity

National Crime Agency (NCA) Busts Russian Crypto Networks Laundering Funds and Evading Sanctions

National Crime Agency (NCA) Targets Russian Networks Laundering Ransomware Profits

National Public Data Closes Down After Major Data Breach

New Android spyware found on phone seized by Russian FSB

New York Fines Auto Insurance Companies GEICO and Traveler Nearly $12 Million Over Data Breaches

New Zealand's cyber watchdog sounds warning over mass hacking operation

No one is safe from Pegasus: spyware detected on ordinary people’s phones

Phishing scam uses Globe Telecom’s official SMS channel

Phishing in style: Microsoft Sway abused to deliver quishing attacks

PointClickCare Data Breach Affects Residents of Multiple Long-Term Care Facilities

Police bust cybercrime marketplace, phishing network

Police Dismantle Manson Market, Seize 50 Servers and 200TB Evidence

Police shuts down Manson cybercrime market, arrests key suspects

Pro-Russian Hacktivist Group Claims 6600 Attacks Targeting Europe

Pro-Russian videos about "bad life in Ukraine" aired on Ukrainian TV channels due to hacker attack

Pro-Russian videos appear on Ukrainian TV channels due to hacker attack

Ransomware Assault Disrupts NHS Hospitals And Patient Services

Ransomware attack against Greek company hurts IKEA stores

Ransomware 'Gang' Took Credit For Hoboken Cyberattack, Report Says

Ransomware Group Claims to Have Breached One of BT’s UK Systems

Ransomware hangover, Putin grudge blamed for vodka maker's bankruptcy

Researchers achieve 96% accuracy in detecting phishing emails with open-source AI

Researchers Uncover 4-Month Cyberattack on U.S. Firm Linked to Chinese Hackers

Revealed: Huge financial cost of Transport for London (TfL) cyber attack

Robinhood Data Breach Lawsuit Filed After Customer Information Allegedly Posted to Dark Web

Romania's election systems targeted in over 85,000 cyberattacks

Russia arrests ransomware suspect Mikhail Matveev

Russian authorities seized phone from detainee, infected it with spyware

Russian FSB-linked hackers rely on other cybercriminals’ infrastructure, report finds

Russian Hackers Exploit Rival Attackers' Infrastructure for Espionage

Russian programmer says FSB agents planted spyware on his Android phone

Russian state hackers abuse Cloudflare services to spy on Ukrainian targets

Russian state hackers hijacked rival servers to spy on targets in India, Afghanistan

Salt Typhoon cyber attack escalation sees Americans warned by SMS

Single Cyber-Attack Impacted Multiple Liverpool Hospitals

Smartphone Security Alert: Why You Need to Act Now

Solana Library Supply Chain Attack Exposes Cryptocurrency Wallets

Stoli Group subsidiaries collapse amid ransomware crisis

Synnovis staff to strike following ‘alarming impact’ of cyber attack

Teen hacks telecom networks to send millions of phishing texts

Telecom Giant BT Group Hit by Black Basta Ransomware

Telecom network hack results in phishing links sent to millions

Texas accuses four companies of sharing sensitive user data without proper notice and consent

The phishing phenomenon: Why your spam filter isn’t enough

The top ransomware stories of 2024

This $3,000 Android Trojan Targeting Banks and Cryptocurrency Exchanges

This sneaky phishing attack is a new take on a dirty old trick

Three more Merseyside hospitals targeted in cyber attack

Transport for London (TfL) Restores Contactless Service After Cyber Attack

Transport for London (TfL) restores fares services three months after a devastating cyber attack

Two more Liverpool hospitals impacted by Alder Hey cyber attack

UK: Three more hospitals hit by cyber attack

UK Cyber Risks Are ‘Widely Underestimated,’ Warns Country’s Security Chief

UK-led operation dismantles huge Russian cybercrime network: 84 arrested, $25 million seized

UK’s National Crime Agency (NCA) Disrupts Multibillion-Dollar Russian Money Launderers

US arrests Scattered Spider suspect linked to telecom hacks

US may plan legislation to contain Chinese cyber espionage

US organization suffered four month intrusion by Chinese hackers

US organization with ‘significant presence in China’ targeted by hackers, Symantec says

US prioritises action against Chinese hacker group after massive metadata breach

USA: Eight telecom providers target of hacker attacks

Veeam Urges Immediate Update to Patch Severe Vulnerabilities

Voice Cloning, Fake Videos & More: AI Is Making Scams Unstoppable

Warning issued after Chinese hacker group breaches telco firms in "dozens of countries"

Warning issued for 10-year-old vulnerability, security leaders discuss

Woman arrested over alleged data breach at Irish utility company

4th December

65% of office workers bypass cybersecurity to boost productivity

70% of open-source components are poorly or no longer maintained

Abuse of Cloudflare domains for phishing doubled in 2024, report says

Alleged Data Breach at CentraCare Exposes Sensitive Patient Information

Alleged Data Breach at Norauto.fr Exposes Sensitive Customer Information

API Security in Open Banking: Balancing Innovation with Risk Management

Are Long-Lived Credentials the New Achilles’ Heel for Cloud Security?

Are We on the Brink of Saying Goodbye to Passwords?

At least 8 US telcos, dozens of countries impacted by Salt Typhoon breaches, White House says

Authorities Take Down Criminal Encrypted Messaging Platform MATRIX

British telecoms giant BT confirms attempted cyberattack after ransomware gang claims hack

BT unit took servers offline after Black Basta ransomware breach

Business leaders among Pegasus spyware victims, says security firm

CISA, FBI Issue Guidance for Securing Communications Infrastructure

CISA, FBI urge Americans to use encrypted messaging apps to combat Chinese telco hackers

Cisco Urges Immediate Patch for Decade-Old WebVPN Vulnerability

Compromised Email Account Leads to LA Financial Federal Credit Union Data Breach

Corrupted Word Files Fuel New Phishing Scam, Evading Detection

Critical flaw in Zabbix monitoring tool: attackers can take over thousands of systems

Critical SailPoint IdentityIQ Vulnerability Exposes Files to Unauthorized Access

Critical Veeam Vulnerabilities Allow Remote Code Execution – Update Now

Crypto and Cybersecurity: How to Keep Your Cryptocurrency Safe in 2025

Cyber incident board’s Salt Typhoon review to begin within days, CISA leader says

Cyber Threats During the Holidays: How to Stay Safe From Seasonal Scams and Data Breaches

Cybercriminals already using AI for most types of scams, FBI warns

Data brokers sold sensitive location info of Americans' visits to health clinics, protests, and more

Data from hospital cyber attack ‘could be released before NHS can investigate’

ENISA Launches First State of EU Cybersecurity Report

ESHA Notifies Over 76k People of Recent Data Breach

Europol Dismantles Criminal Messaging Service MATRIX in Major Global Takedown

Europol Dismantles MATRIX: The Encrypted Messaging Service Fueling Global Crime

FBI and CISA say to use encrypted messengers as Chinese hackers attack networks

FBI, CISA urge Americans to use secure messaging apps in wake of massive cyberattack

FBI shares tips on how to tackle AI-powered fraud schemes

Federal Trade Commission (FTC) Safeguards US Consumers from Location Data Misuse

German Police Shutter Country’s Largest Dark Web Market

Germany arrests suspected admin of country’s largest criminal marketplace

Hackers Use Corrupted ZIPs and Office Docs to Evade Antivirus and Email Defenses

How to Implement Zero Trust: Best Practices and Guidelines

How widespread is mercenary spyware? More than you think

Japan warns of IO-Data zero-day router flaws exploited in attacks

Joint Advisory Warns of People's Republic of China (PRC)-Backed Cyber Espionage Targeting Telecom Networks

Liverpool Children's Hospital Confirms Cyber-Attack

Massive breach exposes major USAID contractor

Metropolitan Police Data Breach Exposes Westminster Honeytrap Victims

National Public Data Shuts Down Months After Massive Breach

New DroidBot Android banking malware spreads across Europe

NHS Ransomware Attack: Russian INC Ransom Gang Steals Patient Data

PIH Health hospitals targeted in ransomware attack

Proof-of-Concept (PoC) exploit for critical WhatsUp Gold RCE vulnerability released (CVE-2024-8785)

Ransomware Costs Manufacturing Sector $17bn in Downtime

Ransomware gang claims Deloitte UK

Ransomware Groups Target UK Hospitals Raising Alarms

Ransomware hackers target NHS hospitals with new cyberattacks

Researchers Uncover Backdoor in Solana's Popular Web3.js npm Library

Russia-Linked Turla Exploits Pakistani Hackers' Servers to Target Afghan and Indian Entities

Russian hackers hijack Pakistani hackers' servers for their own attacks

Russian money laundering networks uncovered linking narco traffickers, ransomware gangs and Kremlin spies

Salt Typhoon hacked telcos in dozens of countries

Securing AI’s new frontier: Visibility, governance, and mitigating compliance risks

Security Risks Persist in Open Source Ecosystem

Senators say US military is failing to secure its phones from foreign spies

Senators urge Department of Defense (DOD) watchdog to probe ‘failure to secure’ communications amid Salt Typhoon hacks

Solana Web3.js library backdoored to steal secret, private keys

Solana’s popular web3.js library backdoored in supply chain compromise

The New Cyber Frontier: Managing Risks in Distributed Teams

Transport for London (TfL) contactless refunds return after cyber attack

Transport for London (TfL) cyber attack: Contactless journey history and refund applications restored

UK disrupts Russian money laundering networks used by ransomware

Understanding password hashing and security

Veeam Issues Patch for Critical RCE Vulnerability in Service Provider Console

Vodka Giant Stoli Files for Bankruptcy After Ransomware Attack

Wirral Hospital Recovery Continues One Week After Cyber Incident

3rd December

3 Million URL Login Credentials and Passwords Allegedly Exposed in Recent Leak

15 SpyLoan Apps Found on Play Store Targeting Millions

Alleged Data Breach at Albazaar.shop Exposes Sensitive Customer Information

Alleged Data Breach at EazyDiner.com Exposes User Information

Alleged Data Breach at Immobilière Essaouira Exposes Customer Information

Alleged Data Breach at Nanosoft Exposes User Information

Alleged Data Breach at Peruvian Army Military School Exposes Sensitive Information

Alleged Data Breach at SEAT S.A. Exposes Customer Information

Alleged Data Breach at South Africa’s CSIR Exposes Sensitive Information

Alleged Data Breach at Word Check Sanctions Exposes Compliance Data

Alleged Snowflake Hacker ‘Danger’ to the Public, Canada Says

Apple Faces Privacy Lawsuit: Employee Alleges Invasive Device Monitoring

Beyond the Apple myth: Addressing rising phishing and deepfake threats

BianLian ransomware transitioned into a data theft-exclusive group

CERT-In Alerts Multiple Vulnerabilities in Drupal Expose Systems

Cisco Warns of Exploitation of Decade-Old ASA WebVPN Vulnerability

Clipper DEX Seeks Negotiation with Hacker After $450,000 Exploit

CLOUD 2754 Stealer Logs Allegedly Exposed, Highlighting Privacy Risks

Cloudflare’s developer domains increasingly abused by threat actors

Dark Web Hydra Market Mastermind Sentenced to Life by Russia

Data Vigilante Leaks 772K Employee Records from Top Firms and 12.3 Million-Row Database

Energy industry contractor says ransomware attack has limited access to IT systems

Exploit released for critical WhatsUp Gold RCE flaw, patch now

Federal Trade Commission (FTC) bans data brokers from selling Americans’ sensitive location data

Federal Trade Commission (FTC) bans two data brokers from collecting and selling Americans’ sensitive location data

Globe Telecom’s official SMS channel used in phishing

Horns&Hooves Campaign Delivers RATs via Fake Emails and JavaScript Payloads

How Attackers Use Corrupted Files to Slip Past Security

Hydra Market Leader Sentenced to Life by Moscow Court

India tops global list for mobile malware attacks; banking systems particularly vulnerable

Indian Restaurant Reservation Platform EazyDiner Hit by Cyber Attack: Sensitive Customer Data Leaked

International Crackdown Dismantles Criminal Messaging Network MATRIX

Ivanti Research Finds Phishing Tops List of Growing Cyber Threats, Fueled by GenAI

Kimsuky Group Adopts New Phishing Tactics to Target Victims

NachoVPN Tool Exploits Flaws in Popular VPN Clients for System Compromise

Nordic Threat Landscape Report 2024: Ransomware, Phishing, and Dark Web Insights

North Korean Kimsuky Hackers Use Russian Email Addresses for Credential Theft Attacks

Over 600,000 Personal Records Exposed by Data Broker

Over $9m lost in November phishing scams affecting 9.2k victims, data shows

Phishers send corrupted documents to bypass email security

Police seize Matrix encrypted chat service after spying on criminals

Police seizes largest German online crime marketplace, arrests admin

Police Shut Down Matrix Encrypted Criminal Hub

Police takes down Matrix encrypted chat service used by criminals

Ransomware Attack Disrupts Operations at US Contractor ENGlobal

Ransomware Hits Alder Hey: Patient Data on Dark Web

Ransomware Statistics By Industry, Root Cause, Revenue and Economic Impact

Russian hacker arrested...in Russia

Security Pros Positive About GenAI in Cyber, Despite Raising Attack Severity

Treat AI like a human: Redefining cybersecurity

UK cyber chief warns country is ‘widely underestimating’ risks from cyberattacks

UK Cyber-Attacks Surge as Threats Hit Harder, Warns National Cyber Security Centre (NCSC)

UK Hospital Hit by Cyber Attack: Critical Medical Services Disrupted, IPD and OPD Shift to Manual Operations

US agency proposes new rule blocking data brokers from selling Americans’ sensitive personal data

US government contractor ENGlobal says operations are ‘limited’ following cyberattack

US government, energy sector contractor hit by ransomware

US shares tips to block hackers behind recent telecom breaches

Veeam plugs serious holes in Service Provider Console (CVE-2024-42448, CVE-2024-42449)

Veeam warns of critical RCE bug in Service Provider Console

Vodka maker Stoli files for bankruptcy in US after ransomware attack

What happened to the Grand Theft Auto 6 (GTA 6) hacker? Sentence explained

2nd December

5 reasons to double down on network security

5 Strategies to Combat Ransomware and Ensure Data Security in Microsoft 365

8 Million Android Users Hit by SpyLoan Malware in Loan Apps on Google Play

200 Iranian phishing attacks against Israelis uncovered

$400 Million seized, 5,500 arrested in global operation targeting cyber fraud

A Look at the Social Engineering Element of Spear Phishing Attacks

Alder Hey Children's Hospital investigates data breach claims

Alleged Snowflake Hacker ‘Danger’ to the Public

American Associated Pharmacies Struck by Ransomware Attack

An Apple employee is suing the company over monitoring employee personal devices

Antivirus blind spot: corrupted files turn deadly once user attempts to 'recover' them

Blue Yonder moves closer to full recovery after November ransomware attack

Bologna FC Falls Victim to RansomHub Data Breach, Vincenzo Italiano Details Leak

Bologna FC Hit By 200GB Data Theft and Ransom Demand

Bonpoint.com Customer Data Breach Exposes Sensitive Information

BootKitty UEFI malware exploits LogoFAIL to infect Linux systems

Canada holds onto alleged Snowflake hacker in face of US extradition

China Threat Actor Targets Individuals and Entities in Japan Via Spear Phishing Campaign

Clipper DEX Exploit Targets Withdrawal Functionality, Resulting in $450K Loss

Clipper DEX Hit by Cyberattack: Exploit Targets Withdrawal Functionality

Colonial Behavioral Health Files Official Notice of October 2024 Data Breach

Corrupted Microsoft Office documents used in phishing campaign

Corrupted Word Documents Phishing Attacks Avoid Security Checks

Corrupted Word Files Fuel New Phishing Scam, Evading Detection

Corrupted Word Files Fuel Sophisticated Phishing Campaign

Costa Rica state energy company calls in US experts to help with ransomware attack

Crypto.com Launches Massive $2m Bug Bounty Program

Crуptocurrencу exchange DMM Bitcoin to close due to hacker attack

Cyber attack prompts Stoli Group USA bankruptcy filing

Cyber Essentials vs ISO 27001: Key Differences

Cyber Monday 2FA Alert - 30 Million Authentication Cookies Up For Sale

‘Data breach’ after cyber attack on Alder Hey Children’s Hospital

Data breach costs: Geico and Travelers fined $11.3M by New York State

Data Breach Exposes 250 Abuse Survivors; £30k Payouts Awarded

Data Breach Hits Bologna FC as RansomHub Strikes

Data published online following data breach at Alder Hey

Datamaxx Applied Technologies Announces Data Breach Affecting Over 61k People

DMM Bitcoin Closes After Hacker Hacked, 4,500 Bitcoins Lost

Experts predict AI-driven cyber threats & defences by 2025

Fahmi Fadzil Proposes Major Updates to Malaysia’s Cyber Laws

Former Polish spy chief arrested to testify before parliament in spyware probe

GenAI poses looming worldwide cyber security risk

Global Police Arrest 5500 in $400m Cyber-Fraud Crackdown

Hackers Drain $1.48 Billion from Crypto in 2024, Led by DeFi Exploits

Hackers Steal $950K from Marin County, California, Housing Authority

Health information of 600+ Minnesota veterans taken in cyber attack

Henderson Stamping Production Data Breach Reported

Hoboken, New Jersey, slowly recovering from Thanksgiving week cyberattack

How callback phishing threatens our online safety

How useful, really, are the steps you can take after a data breach?

Indian online ID verification firm Signzy confirms security incident

INTERPOL Arrests 5,500 in Global Cybercrime Crackdown, Seizes Over $400 Million

Is it real? How AI is warping reality and opening up financial fraud

Israel Uncovers 200 Iranian Cyberattack, Phishing Attempts Against Israelis

Italian Football Team Bologna Suffers Cyber-Attack. Data Leaked

Ivanhoe Club Data Breach Exposes Sensitive Information

Jamaica Defence Force (JDF) soldier in National Commercial Bank (NCB) $47-million phishing scam charged

Japanese crypto service shuts down after theft of bitcoin worth $308 million

Jones Lang LaSalle (JLL) Data Breach – Part 1

Kimsuky’s Phishing Attacks Evolve with Sophisticated Strategies

Korea arrests CEO for adding DDoS feature to satellite receivers

LenselS2 USA Company Data Breach Reported

Major Organised Crime and Anti-Corruption Agency (MOCA) charges two people in connection with phishing scam, that defrauded National Commercial Bank (NCB) of over $47M

Microsoft 365 credentials stolen via adversary-in-the-middle campaign

Microsoft 365 users attacked via Rockstar 2FA

New England Grocers Coping With Cyber Attack

New phishing tactic uses corrupted Word documents to bypass security systems

New Rockstar 2FA Phishing-as-a-Service Kit Targets Microsoft 365 Accounts

No company too small for Phobos ransomware gang, indictment reveals

North Korean Hacking Group Launches Undetected Malwareless URL Phishing Attacks

Notorious cybercriminal Wazawaka arrested in Russia

Notorious Russian Hacker Connected to Conti and LockBit Ransomware Was Apprehended

Notorious ransomware developer charged with computer crimes in Russia

Once-Popular Booze Brand Files for Bankruptcy Following Cyber Attack

OnePoint Patient Care Notifies Over 1.7 Million People of Recent Data Breach

Operation HAECHI V: Interpol Arrests 5,500 Cybercriminals, Recovers $400 Million

Other UK hospitals purportedly subjected to INC Ransom attack

Over $400M sequestered, more than 5K arrested in global cybercrime crackdown

Phishing campaign bypasses security corrupt Word documents

Phishing experts are upping their game to hunt for C-suite whales

Poison Ivy APT Launches Continuous Cyber Attack on Defense, Government, Technology & Education Sectors

Poland arrests former spy chief in Pegasus spyware probe

Protect Your Customers And Your Brand From Holiday-Fueled Phishing

RansomHub attack compromises Bologna FC data

Ransomware suspect Wazawaka reportedly arrested by Russia

Record ransomware payment and breach affected thousands in Saskatchewan

Remote work is making your business a hacker’s paradise – here’s how to fight back

Report Sheds Light on Massive Phishing-as-a-service Ring

Retail outages drag into second week after Blue Yonder ransomware attack

Russia Arrests Alleged HIVE/LockBit Ransomware Actor Wanted by FBI

Russia arrests one of its own – a cybercrime suspect on FBI's most wanted list

Russia Arrests Prominent Ransomware Operator

Russia arrests ransomware-linked hacker

Russia Indicts Alleged Ransomware Hacker Wanted by the FBI

Russia Indicts Ransomware Hacker Wanted by the FBI

Russia sentences Hydra dark web market leader to life in prison

Russian Arrested over Ransomware Charges

Russian government confirms rare criminal charges against ransomware hacker

Russian Hacker With $10 Million Bounty on His Head Reportedly Arrested

Shin Bet exposes over 200 Iranian cyber phishing attempts against senior Israeli officials, aimed at enabling future attacks on them

Shin Bet thwarts 200 Iranian cyber attacks against Israelis

SmokeLoader Malware Campaign Targets Companies in Taiwan

SmokeLoader Malware Exploits MS Office Flaws to Steal Browser Credentials

SmokeLoader Malware Resurfaces, Targeting Manufacturing and IT in Taiwan

Soldier charged in connection with $47 million National Commercial Bank (NCB) phishing scam

Supply chain technology provider Blue Yonder faces ransomware attack

Suspects charged in connection with multi-million dollar phishing scam

Talk about an own goal - Bologna FC hit by ransomware hackers

The ransomware attack that started it all

This New Microsoft 365 Attack Can Break Through Your 2FA: Here's How

This worrying new phishing attack is going after Microsoft 365 accounts

Thomaston police warn of phishing scam posing as local bank

Threat Assessment: Howling Scorpius (Akira Ransomware)

Tis the Season for Scammers: How to Stay Cyber Safe This Holiday

Toll of OnePoint Patient Care breach exceeds 1.7 Million

Top 10 Cyber-Attacks of 2024

Two UK Hospitals Hit by Cyberattacks, One Postponed Procedures

U.S. Securities and Exchange Commission (SEC) settles with ICBC unit over ransomware attack, imposes no fine

US: Internal Revenue Service (IRS) warns of holiday scams involving phishing emails

Warn Aging Parents Now About Online Phishing Scams

Washington College Approaches Settlement Over Data Breach

Washington state data breaches have reached an all-time high

Wazawaka Hacker Arrested in Kaliningrad, Russia

Western Montana Mental Health Center Notifies Federal Government of Recent Data Breach

WhatsApp Phishing Scam Targets Users in St. Vincent and the Grenadines

Why You Must Beware Of Dangerous New Scam-Yourself Cyber Attacks

Will arresting the National Public Data threat actor make a difference?

Yet another ransomware attack - an NHS children’s hospital is the latest victim

‘You’re fired’ phishing campaign targets employees

Zane Benefits Sends Data Breach Letters Confirming Leaked SSNs