Urgent warning to Google users after hackers uploaded fake ads
Users were warned about a cyberattack posing as Google Authenticator, leading to personal data theft.
$75 Million Record-Breaking Ransom Paid To Cybercriminals, Say Researchers
The largest known ransom payment of US $75 million was made by a Fortune 50 company to the Dark Angels ransomware group.
Ongoing campaign compromises senior execs' Azure accounts, locks them using MFA
Unknown attackers are targeting Microsoft Azure accounts in an ongoing campaign to steal sensitive data and financial assets.
The attackers use phishing techniques and account takeovers to compromise the targeted accounts and enroll them in multifactor authentication to secure them.
Researchers warn high-risk ConnectWise flaw under attack is 'embarrassingly easy' to exploit | TechCrunch
High-risk vulnerability in ConnectWise ScreenConnect is easy to exploit
Malicious hackers actively exploiting the flaw
Fake IT workers from North Korea have started blackmailing their victims
North Korean group Nickel Tapestry is now training IT workers not only to find jobs abroad but also to steal data for extortion.
So your data was stolen in a data breach
The recent data breach affects hundreds of millions, highlighting severe vulnerabilities in data security.
Urgent warning to Google users after hackers uploaded fake ads
Users were warned about a cyberattack posing as Google Authenticator, leading to personal data theft.
$75 Million Record-Breaking Ransom Paid To Cybercriminals, Say Researchers
The largest known ransom payment of US $75 million was made by a Fortune 50 company to the Dark Angels ransomware group.
Ongoing campaign compromises senior execs' Azure accounts, locks them using MFA
Unknown attackers are targeting Microsoft Azure accounts in an ongoing campaign to steal sensitive data and financial assets.
The attackers use phishing techniques and account takeovers to compromise the targeted accounts and enroll them in multifactor authentication to secure them.
Researchers warn high-risk ConnectWise flaw under attack is 'embarrassingly easy' to exploit | TechCrunch
High-risk vulnerability in ConnectWise ScreenConnect is easy to exploit
Malicious hackers actively exploiting the flaw
Fake IT workers from North Korea have started blackmailing their victims
North Korean group Nickel Tapestry is now training IT workers not only to find jobs abroad but also to steal data for extortion.
So your data was stolen in a data breach
The recent data breach affects hundreds of millions, highlighting severe vulnerabilities in data security.
SK hynix chip engineer gets 1.5 years in prison on IP theft
A former SK hynix employee was sentenced to 18 months for stealing semiconductor technology, raising concerns about corporate espionage and data protection.
Hazem Altal: Unraveling the Web of Fraud at a Turkish Hair Clinic - Social Media Explorer
A scandal in Istanbul exposes extensive medical fraud involving data theft and unauthorized practices by former clinic manager Hazem Altal.
Latvian Hacker Extradited to U.S. for Role in Karakurt Cybercrime Group
Deniss Zolotarjovs has been indicted in the U.S. for cybercrimes including data theft, extortion, and money laundering since August 2021.
Meow ransomware sees surge of activity post-overhaul
Meow ransomware has shifted from file encryption to pure data theft, becoming highly active in global cybercrime.
FCC staff targeted in phishing attack that cloned agency login site
The FCC was targeted in a phishing operation using a fake login page.
The phishing kit named CryptoChameleon targeted cryptocurrency exchange platforms and successfully collected sensitive information.
Brazilian police claim they've cuffed the USDoD cybercrook
Brazilian police arrest a suspected hacker linked to high-profile data thefts, including attacks on the FBI and Airbus.
Europol confirms incident after data breach claims
Europol is investigating a cybercriminal's claims of stealing data; Europol Platform for Experts affected but no core systems compromised.
Snowflake Users Targeted for Data Theft and Extortion
Financially motivated threat actor UNC5537 accessed data from 165 organizations' Snowflake instances using stolen credentials and sold data to cybercriminals for various malicious purposes.
Latvian Hacker Extradited to U.S. for Role in Karakurt Cybercrime Group
Deniss Zolotarjovs has been indicted in the U.S. for cybercrimes including data theft, extortion, and money laundering since August 2021.
Meow ransomware sees surge of activity post-overhaul
Meow ransomware has shifted from file encryption to pure data theft, becoming highly active in global cybercrime.
FCC staff targeted in phishing attack that cloned agency login site
The FCC was targeted in a phishing operation using a fake login page.
The phishing kit named CryptoChameleon targeted cryptocurrency exchange platforms and successfully collected sensitive information.
Brazilian police claim they've cuffed the USDoD cybercrook
Brazilian police arrest a suspected hacker linked to high-profile data thefts, including attacks on the FBI and Airbus.
Europol confirms incident after data breach claims
Europol is investigating a cybercriminal's claims of stealing data; Europol Platform for Experts affected but no core systems compromised.
Snowflake Users Targeted for Data Theft and Extortion
Financially motivated threat actor UNC5537 accessed data from 165 organizations' Snowflake instances using stolen credentials and sold data to cybercriminals for various malicious purposes.
Roundcube Webmail Flaws Allow Hackers to Steal Emails and Passwords
Security flaws in Roundcube webmail could allow theft of sensitive information through malicious JavaScript.
Facebook ads for this fake AI image editor were just an excuse to infect your PC with malware
Attackers exploit AI image editing tool popularity to distribute malware through fake applications on social media, stealing credentials and data for sale on the dark web.
Facebook Ads Lead to Fake Websites Stealing Credit Card Information
Facebook users targeted by ERIAKOS scam e-commerce network, employing fake websites for data theft.
New Nork-y cyberespionage outfit uncovered after three years
A new cybercrime group named LilacSquid has been active for three years, targeting organizations in the US, Europe, and Asia with espionage-focused attacks.
Cisco Talos: LilacSquid Threat Actor Targets Multiple Sectors Worldwide With PurpleInk Malware
LilacSquid, a cyberespionage group, uses various tactics to compromise systems with custom malware, targeting organizations worldwide for data theft.
New Nork-y cyberespionage outfit uncovered after three years
A new cybercrime group named LilacSquid has been active for three years, targeting organizations in the US, Europe, and Asia with espionage-focused attacks.
Cisco Talos: LilacSquid Threat Actor Targets Multiple Sectors Worldwide With PurpleInk Malware
LilacSquid, a cyberespionage group, uses various tactics to compromise systems with custom malware, targeting organizations worldwide for data theft.
Pharmaceutical giant Cencora says data was stolen in a cyberattack
Cencora, previously AmerisourceBergen, faced a cyberattack involving data theft.
The company contained the incident, is cooperating with authorities, but impact on finances is undetermined.
4 Remote Workplaces Most Vulnerable To Cyberattacks And 9 Common Mistakes
Remote workers face increased cyber threats as cyberattacks on individuals and companies continue to rise.
Co-working spaces, libraries, coffee shops, cafes, and working in a different country or city from your company are the most vulnerable locations for data theft.
Caravan club admits members' personal data possibly accessed
The Caravan and Motorhome Club (CAMC) still cannot confirm whether members' data was stolen in a January cyberattack.
The club has listed the types of data that might have been accessed, but remains uncertain about any theft.
Rhysida ransomware gang hits hospital holding royal family's data | Computer Weekly
The Rhysida ransomware group has targeted the private King Edward VII Hospital in London and claims to have stolen data on the royal family.
The gang is offering the stolen data for sale, with a price set at 10 bitcoin if no buyer takes up the offer within seven days, they will make the data publicly available.
NHS confirms stolen data published online is from blood test provider
The NHS provider Synnovis suffered a cyber-attack by the Russian group Qilin, leading to the publication of stolen data online.
Pharmaceutical giant Cencora says data was stolen in a cyberattack
Cencora, previously AmerisourceBergen, faced a cyberattack involving data theft.
The company contained the incident, is cooperating with authorities, but impact on finances is undetermined.
4 Remote Workplaces Most Vulnerable To Cyberattacks And 9 Common Mistakes
Remote workers face increased cyber threats as cyberattacks on individuals and companies continue to rise.
Co-working spaces, libraries, coffee shops, cafes, and working in a different country or city from your company are the most vulnerable locations for data theft.
Caravan club admits members' personal data possibly accessed
The Caravan and Motorhome Club (CAMC) still cannot confirm whether members' data was stolen in a January cyberattack.
The club has listed the types of data that might have been accessed, but remains uncertain about any theft.
Rhysida ransomware gang hits hospital holding royal family's data | Computer Weekly
The Rhysida ransomware group has targeted the private King Edward VII Hospital in London and claims to have stolen data on the royal family.
The gang is offering the stolen data for sale, with a price set at 10 bitcoin if no buyer takes up the offer within seven days, they will make the data publicly available.
NHS confirms stolen data published online is from blood test provider
The NHS provider Synnovis suffered a cyber-attack by the Russian group Qilin, leading to the publication of stolen data online.
Google's Threat Analysis Group's Spyware Research: How CSVs Target Devices and Applications
Commercial surveillance vendors sell surveillance services to governments for monitoring or spying purposes.
CSVs openly operate with websites, marketing content, and sales teams, and may change names to avoid scrutiny.
Phishers pwn hundreds of users, dozens of Azure environments
Phishing campaign targets senior business executives, including C-suite roles and VPs.
Attackers aim to gain access to privileged accounts and steal sensitive data.
Warzone RAT Sales and Support Actors in Malta and Nigeria Charged in U.S. Federal Indictments
Federal authorities seized internet domains used to sell RAT malware
Individuals in Malta and Nigeria were indicted for selling malware and supporting cybercriminals
New attack steals AI secrets from GPUs made by Apple, AMD, and Qualcomm
Demand for GPU chips is increasing as companies rely on them for running large language models and processing data at scale.
Researchers have uncovered a vulnerability in multiple brands of GPUs, including Apple, Qualcomm, and AMD chips, that could allow attackers to steal data from a GPU's memory.
Data-theft malware exploits Windows Defender SmartScreen
Criminals are exploiting a Windows Defender SmartScreen bypass vulnerability to distribute Phemedrone Stealer malware that steals sensitive information from infected PCs.
The malware targets a wide range of browsers, applications, cryptocurrency wallets, and messaging apps to gather sensitive information and login credentials.
First American makes progress on restoring systems from pre-Christmas cyberattack
First American Financial is making progress in restoring its systems after a data theft incident.
This is the second major cyber security incident to hit the title industry in less than a month.
Recent attacks on Fred Hutch and Integris: Is attempting to extort patients directly becoming the "new normal?"
DataBreaches previously reported a breach involving Integris Health in Oklahoma.
Au: St Vincent's unable to confirm if medical records stolen
Jess Malcolm and Greg Brown report:
Multiple Data Leaks at 23andme
Genetics testing firm 23andme and its users were targeted by cybercriminals who leaked or breached millions of user profiles and genetic data records.
The threat actors accessed user accounts through credential stuffing and scraped data from the DNA Relatives feature.