Chinese Hackers Outnumber FBI Cyber Staff 50 to 1, Bureau Director Says

Tonto Team Uses Anti-Malware File to Launch Attacks on South Korean Institutions

Russian APT28 Hackers Use Fake ‘Windows Update’ Guides to Target Ukrainian Gov’t

The DOJ Detected the SolarWinds Hack 6 Months Earlier Than First Disclosed

Krebs: Many Public Salesforce Sites are Leaking Private Data

Hackers Are Breaking Into AT&T Email Accounts to Steal Cryptocurrency

Man Gets Four Years for Stealing Bitcoins Seized by Feds

Kia and Hyundai Owners Now Face New Struggle: Getting Parts for Their Stolen Cars

Workers Are Secretly Using ChatGPT, AI and It Will Pose Big Risks for Tech Leaders

Italy Restores ChatGPT After OpenAI Responds to Regulator

Online Safety Bill Age Checks? We Won’t Do ‘Em, Says Wikipedia

I Cloned Myself With AI. She Fooled My Bank and My Family.
Cold Storage Giant Americold Outage Caused by Network Breach

UnitedHealthCare Warns Members’ Information Was Exposed in Data Breach

Cyber Attack at Bluefield University Leads to Postponed Finals

Attention Online Shoppers: Don’t Be Fooled by Their Sleek, Modern Looks — It’s Magecart!

Investigation Into North Kingstown (RI) Ransomware Attack in Full Swing

Diocese of Las Vegas Impacted by Data Breach

ViperSoftX InfoStealer Adopts Sophisticated Techniques to Avoid Detection

Android Apps Fail to Protect User Data During Device Transfer

Hackers Target Vulnerable Veeam Backup Servers Exposed Online

CISA Warns of Critical Flaws in Illumina’s DNA Sequencing Instruments

Zyxel Firewall Devices Vulnerable to Remote Code Execution Attacks — Patch Now

Apple, Google, and Microsoft Just Fixed Zero-Day Security Flaws


CISA’s Eric Goldstein on Bridging Public-Private Cyber Gaps

NSA Cybersecurity Director Says ‘Buckle Up’ for Generative AI

(ISC)2 Urges Countries to Strengthen Collaboration on Cybersecurity Regulation

APT Groups Expand Reach to New Industries and Geographies

Vietnamese Hackers Linked to ‘Malverposting’ Campaign

Paperbug Attack: New Politically-Motivated Surveillance Campaign in Tajikistan

A Cyberattack Forced a Logistics Company to Temporarily Halt Operations

Microsoft Is Busy Rewriting Core Windows Code in Memory-Safe Rust

Google Banned 173K Developer Accounts to Block Malware, Fraud Rings

SANS Reveals Top 5 Most Dangerous Cyberattacks for 2023

How Companies Can Ace Cybersecurity Training
‘Anonymous Sudan’ Cyber Attack Targets Israel’s Supreme Court

CommScope Employees Left in the Dark After Ransomware Attack

Harvard Pilgrim Systems Still Struggling After Ransomware Cyberattack

Aspen Dental (FL) Latest Victim in Series of Cyberattacks on Healthcare Providers

Ransomware Attack Impacts Spartanburg County (SC) Computer Network

Hardenhuish School in Chippenham (UK) Hit by Cyber Attack

Microsoft Confirms PaperCut Servers Used to Deliver LockBit and Cl0p Ransomware

Linux Version of RTM Locker Ransomware Targets VMware ESXi Servers

New Atomic macOS Info-Stealing Malware Targets 50 Crypto Wallets

Android Minecraft Clones With 35M Downloads Infect Users With Adware

LimeRAT Malware Analysis: Extracting the Config


Evasive Panda’s Backdoor MgBot Delivered Via Chinese Software Updates

Tencent QQ Users Hacked in Mysterious Malware Attack, Says ESET

Alloy Taurus Hackers Update PingPull Malware to Target Linux Systems

Charming Kitten’s New BellaCiao Malware Discovered in Multi-Country Attacks

Ukrainian Arrested for Selling Data of 300M People to Russians

DoJ, Treasury Accuses 3 Men of Laundering Crypto for North Korea

Google Disrupts the CryptBot Info-Stealing Malware Operation

Cyber Chiefs Forge Partnerships With Physical Security Units as Combined Threats Grow

A U.S. Bill Would Ban Kids Under 13 From Joining Social Media

Tinder Is Implementing Video Verification to Further Curb Creepy Scammers

Microsoft Probes Complaints of Edge Leaking Urls to Bing
HR Firm StaffScapes Discloses Data Breach

Astral Brands Discloses Data Breach

Cyberattack Disrupts Lowell (MA) City Government, Shuts Down Computers

Truman State University (MO) Slowly Recovering From ‘Cybersecurity Virus Attack’

Students’ Psychological Reports, Abuse Allegations Leaked by Minneapolis Schools Ransomware Hackers

Apache Superset Vulnerability: Insecure Default Configuration Exposes Servers to RCE Attacks

Cisco Discloses XSS Zero-Day Flaw in Server Management Tool

PrestaShop Fixes Bug That Lets Any Backend User Delete Databases

Critical Flaw Patched in VMware Workstation and Fusion

Google will add End-to-End encryption to Google Authenticator

Effects of the Hive Ransomware Group Takedown

There’s No Silver Bullet for Cybersecurity


Lazarus Subgroup Targeting Apple Devices with New RustBucket macOS Malware

Iranian Hackers “Educated Manticore” Target Israel With New Tools

U.S. Sent Teams into Foreign Networks to Hunt SolarWinds, Microsoft Hackers

A Security Team Is Turning ‘Gootloader’ Malware Gang’s Tricks Against It

Zero Trust for Zoom Calls: ChromeOS Getting Universal Microphone/Camera Toggles

OpenAI Rolls Out ‘Incognito Mode’ on ChatGPT

Google Authenticator Now Backs up Your 2FA Codes to the Cloud

Prince William Got ‘Very Large Sum’ in Phone Hack Settlement
Data Security Breach May Have Left Jewel-Osco Employees’ Information Exposed

CIC Group Notifies Individuals of Recent Data Breach

IMA Financial Group (KS) Files Notice of 2022 Data Breach

PaperCut Says Hackers Are Exploiting ‘Critical’ Security Flaws in Unpatched Servers

New SLP Vulnerability Could Let Attackers Launch 2200x Powerful DDoS Attacks

TP-Link Archer WiFi Router Flaw Exploited by Mirai Malware

VMware Fixes Critical Zero-Day Exploit Chain Used at Pwn2Own

When Companies Get Stuck In A Cybersecurity Loop


3CX Hackers Also Compromised Critical Infrastructure Firms

Russian Hackers Suspected in Ongoing Exploitation of Unpatched PaperCut Servers

Tomiris and Turla APT Groups Collaborate to Target Government Entities

Google Debuts Cybersecurity-Focused AI System

Intel Let Google Cloud Hack New Secure Chips and Found 10 Bugs

Google Authenticator Finally, Mercifully Adds Account Syncing for Two-Factor Codes

VirusTotal Now Has an AI-Powered Malware Analysis Feature

Cloud Complexity Means Bugs Are Missed in Testing

Scammers Impersonate Meta in Facebook Campaign With 3200 Profiles

Intel CPUs Vulnerable to New Transient Execution Side-Channel Attack

APC Warns of Critical Unauthenticated RCE Flaws in UPS Software
U.S. Navy Contractor Fincantieri Marine Group Hit by Cyber-attack

Yellow Pages Canada Confirms Cyber Attack as Black Basta Leaks Data

San Bernardino County Sheriff’s Office Struggling to Recover From ‘Malware’ Incident

Albertsons Companies Files Notice of Data Breach Following Malware Attack

Gateway Casinos Confirms IT Outage Caused by a Ransomware Cyberattack

Robeson Health Care Corporation Reports Data Breach Affecting Over 15k Individuals

KuCoin’s Twitter Account Hacked to Promote Crypto Scam

Naivas Confirms Cyber Attack on Systems by a Criminal Organization

Hacker Demands Ransom After ‘Taking Control’ of Wiltshire School’s IT

Microsoft 365 Search Outage Affects Outlook, Teams, and Sharepoint

Ransomware Hackers Using AuKill Tool to Disable EDR Software Using BYOVD Attack


European Air Traffic Control Confirms Website ‘Under Attack’ by Pro-Russia Hackers

Russian Mercenaries Sympathetic to Putin Target UK With Cyber Threats Over War in Ukraine

China Developing Anti-Satellite Weapons

Biden’s Order Against Commercial Spyware Is ‘Upsetting the Market’

Hacker Group Names Are Now Absurdly Out of Control

The Car Thieves Using Tech Disguised Inside Old Nokia Phones and Bluetooth Speakers

Krebs: 3CX Breach Was a Double Supply Chain Compromise

North Korea’s Kimsuky APT Keeps Growing, Despite Public Outing

Mullvad VPN Maker Says Police Tried to Raid Its Offices but Couldn’t Find Any User Data

ChatGPT Won’t Take Over From Humans for Now, Says Infosys Founder

Google Bard Can Now Help Write Software Code

When Apple Comes Calling, ‘It’s the Kiss of Death’
American Bar Association Data Breach Hits 1.4 Million Members

Accounting Firm Rubino & Company Files Official Notice of Data Breach

Kubernetes RBAC Exploited in Large-Scale Campaign for Cryptocurrency Mining

Lily Collins — The Hack, Not the Actress — Wants Your Facebook Account

University Websites Using MediaWiki, TWiki Hacked to Serve Fortnite Spam

Evil Extractor Targets Windows Devices to Steal Sensitive Data

Trojanized Installers Used to Distribute Bumblebee Malware

Decoy Dog Malware Toolkit Found After Analyzing 70 Billion DNS Queries

GhostToken Flaw Could Let Attackers Hide Malicious Apps in Google Cloud Platform

GitHub Now Allows Enabling Private Vulnerability Reporting at Scale

Intel Prioritizes Security in Latest vPro Chips

The Tangled Web of IR Strategies


3CX Hack Caused by Supply Chain Attack at Stock Trading Automation Company Trading Technologies

Google: Ukraine Targeted by 60% Of Russian Phishing Attacks in 2023

Consumer Financial Protection Bureau Says Employee Breached Data of 250,000 Consumers in ‘Major Incident’

Lawmakers Introduce Bill to Counter Chinese Cyber Threats Against Taiwan

Huawei Launches In-House Software System After Being Cut Off From Us Services

Seagate Hit With $300 Million Penalty for Continuing $1 Billion Relationship With Blacklisted Firm Huawei, Despite U.S. Export Controls

Proton Launches an End-To-End Encrypted Password Manager

ChatGPT-Related Malicious URLs on the Rise

Expert Insight: Dangers of Using Large Language Models Before They Are Baked
Lazarus Group Adds Linux Malware to Arsenal in Operation Dream Job

Capita Has ‘Evidence’ Customer Data Was Stolen in Digital Burglary

LockBit Ransomware Reportedly Strikes Venezuela’s Largest Bank

Cyber Attack Reportedly Hits Montana State University

Medical Imaging Firm Shields Health Care Group, Inc. Announces Third Party Data Breach Affecting Over 2.3 Million People

Daggerfly APT Targets African Telecoms Firm With New MgBot Malware

Attackers Use Abandoned WordPress Plugin to Backdoor Websites

Two Critical Flaws Found in Alibaba Cloud’s PostgreSQL Databases

VMware Fixes vRealize Bug That Let Attackers Run Code as Root


March 2023 Broke Ransomware Attack Records With 459 Incidents

Ransomware Gangs Abuse Process Explorer Driver to Kill Security Software

Fortra Shares Findings on GoAnywhere MFT Zero-Day Attacks

Popular Fitness Apps Leak Location Data Even When Users Set Privacy Zones

Krebs: Giving a Face to the Malware Proxy Service ‘Faceless’

DC Health Link Data Breach Blamed on Human Error

Nurse Call Systems, Infusion Pumps Riskiest Connected Medical Devices

The Hacker Who Hijacked Matt Walsh’s Twitter Was Just ‘Bored’

The iPhone Setting Thieves Use to Lock You Out of Your Apple Account

Patient Seeks to Force Hospital Network to Pay Hackers Ransom to Remove Naked Photos Online

U.S. Citizens Charged With Pushing Pro-Kremlin Disinfo, Election Interference

Gary Bowser, Former Nintendo Hacker, Released From Prison

No Prison Time for Ryuk Ransomware Gang Broker After Guilty Plea

Hackers Got Hacking Wrong, But It Got Entertainment Right

Phishing Scams Growing More Sophisticated, Finra Says
Google TAG Warns of Russian APT28 Hackers Conducting Phishing Attacks in Ukraine

Blind Eagle Cyber Espionage Group Strikes Again: New Attack Chain Uncovered

Pakistani Hackers Use Linux Malware Poseidon to Target Indian Government Agencies

Huntington Ingalls Industries Data Breach Affects 43,643 Individuals

Major MA, NH Health Insurance Provider Point32Health Hit by Cybersecurity Ransomware Attack

West Technology Group Confirms Employee SSNs Leaked in Recent Data Breach

Bryant Bank (AL) Data Breach Leaked an Unknown Number of SSNs

Play Ransomware Gang Uses Custom Shadow Volume Copy Data-Theft Tool

Raspberry Robin Adopts Unique Evasion Techniques

Hackers Actively Exploit Critical RCE Bug in PaperCut Servers

Microsoft SQL Servers Hacked to Deploy Trigona Ransomware

Google Chrome Hit by Second Zero-Day Attack – Urgent Patch Update Released

Microsoft Defender Update Causes Windows Hardware Stack Protection Mess


Apple’s High Security Mode Blocked NSO Spyware, Researchers Say

Cyberattack Risks Rise up Company Agendas

Used Routers Often Come Loaded With Corporate Secrets

What Happened When the IRS Got Audited

WhatsApp, Signal Claim UK Online Safety Bill Threatens User Privacy and Safety

Brit Cops Rapped Over App That Recorded 200K Phone Calls

Australian Military Helicopter Crash Blamed on Failure to Apply Software Patch

Avalor Wants to Unify Cybersecurity Tools by Aggregating Data

Combatting Cyber Attacks Requires More Than Just Money
NSO Group’s Pegasus Spyware Found on High-Risk iPhones

Russian APT28 Snoops Just Love Invading Unpatched Cisco Gear, America and UK Warn

Chinese APT41 Taps Google Red Teaming Tool in Targeted Info-Stealing Attacks

Microsoft: Iranian Mint Sandstorm Hackers Behind Retaliatory Cyberattacks on U.S. Orgs

Iranian MuddyWater Uses SimpleHelp to Target Critical Infrastructure Firms

University of the People (CA) Data Breach After Unauthorized SharePoint Access

YouTube Videos Distributing Aurora Stealer Malware via Highly Evasive Loader

New Sandbox Escape PoC Exploit Available for VM2 Library, Patch Now

Microsoft Opens up Defender Threat Intel Library With File Hash, URL Search


Chinese Cops Ran Troll Farm and Secret NY Police Station, U.S. Says

ICE Records Reveal How Agents Abuse Access to Secret Data

Israeli Spyware Vendor QuaDream to Shut Down Following Citizen Lab and Microsoft Expose

I Just Discovered My Roomba Can Be a Security Camera

Marketing Biz Join the Triboo Limited Sent 107 Million Spam Emails… To Just 437K People

Student Requested Access to Research Data. And Waited. And Waited. Then Hacked to Get Root.

Elon Musk to Develop ‘TruthGPT’ as He Warns About ‘Civilizational Destruction’ From AI

Insurers Wary of Longer-Term Costs of Cyberattacks

Apple’s Macs Have Long Escaped Ransomware. That May Be Changing

FIN7 and Ex-Conti Cybercrime Gangs Join Forces in Domino Malware Attacks

Hackers Publish Sensitive Employee Data Stolen During CommScope Ransomware Attack

Capita Investigates Authenticity of Ransomware Gang Leaks

Charity Data Stolen in Ransomware Attack on Supplier Evide

New Chameleon Android Malware Mimics Bank, Gov’t, and Crypto Apps

QBot Banking Trojan Increasingly Delivered Via Business Emails

New Zaraza Bot Credential-Stealer Sold on Telegram Targeting 38 Web Browsers

Hackers Abuse Google Command and Control Red Team Tool in Attacks

Engineering Cybersecurity into U.S. Critical Infrastructure


Social-Media Account Overseen by Former Navy Noncommissioned Officer Helped Spread Secrets

Meet the Hacker Armies on Ukraine’s Cyber Front Line

Montana Lawmakers Approve Statewide Ban on TikTok

Krebs: Why is ‘Juice Jacking’ Suddenly Back in the News?

What Business Needs to Know About the New U.S. Cybersecurity Strategy

The U.S. Cracked a $3.4 Billion Crypto Heist—and Bitcoin’s Anonymity

Are You Being Tracked by an AirTag? Here’s How to Check

Elon Musk Is Reportedly Planning an A.I. Startup to Compete With OpenAI, Which He Cofounded

What It Will Look Like if China Launches Cyberattacks in the U.S.

How to Define Tier-Zero Assets in Active Directory Security
NCR Suffers Aloha POS Outage After BlackCat Ransomware Attack

Western Digital Hackers Demand 8-Figure Ransom Payment for Data

ConsenSys Reports Data Breach Affecting Over 7,000 MetaMask Users

Android Malware Infiltrates 60 Google Play Apps With 100M Installs

Hackers Start Abusing Action1 RMM in Ransomware Attacks

LockBit Ransomware Encryptors Found Targeting Mac Devices

Vice Society Ransomware Uses New PowerShell Data Theft Tool in Attacks

CISA Warns of Android Bug Exploited by Chinese App to Spy on Users

Google Releases Urgent Chrome Update to Fix Actively Exploited Zero-Day Vulnerability


Air Guardsman Arrested in Connection With Leaked Documents

Pentagon Leak Leads to Limits on Who Gets Access to Military’s Top Secrets

Russian APT29 Hackers Linked to Widespread Attacks Targeting NATO and EU

Pakistan-Aligned Hackers Disrupt Indian Education Sector

The Hacking of ChatGPT Is Just Getting Started

European Privacy Watchdog Creates ChatGPT Task Force

For AI Laws, China Joins the U.S. In Asking the Public to Chime In

New Arkansas Bill to Keep Minors off Social Media Exempts Most Social Media Platforms

WhatsApp Introduces New Device Verification Feature to Prevent Account Takeover Attacks

Dutch Police Mails RaidForums Members to Warn They’re Being Watched

Five Arrested After 33,000 Victims Lose $98M to Online Investment Fraud

Cyber Company Darktrace Gets Caught up in LockBit Gang’s Apparent Blunder
Over 20,000 Iowa Medicaid Members Affected By Data Breach

Unlimited Care (NY) Files Notice of Data Breach Affecting More than 29K Employees

Kansas Health Care Company Medicalodges Hit by Ransomware Attack

Collegedale (TN) Has Computer Systems Hacked, Restored

Ransomware Attack on Suffolk County Began in 2021

No Indication of Identity Theft or Fraud in Beacon Health (IN) Data Breach by Employee

Money Ransomware Group Enters Double-Extortion Fray

GuLoader Targets U.S. Financial Firms With Tax-Themed Phishing Lures

RTM Locker: Emerging Cybercrime Group Targeting Businesses with Ransomware

New Python-Based “Legion” Hacking Tool Emerges on Telegram

Windows 11 Is Getting a New ‘Presence Sensing’ Privacy Setting

Gov’t Agencies Urge ‘Revamp’ of Certain Software to Take Cybersecurity Burden off Customers


Lazarus Group’s DeathNote Campaign Reveals Shift in Targets

FBI: How Fake Xi Cops Prey on Chinese Nationals in the U.S.

Leaked Pentagon Documents May Herald a New Era of Revelations

CISA Updates Zero Trust Maturity Model With Public Feedback

U.S. Cyber Chiefs Warn AI Will Help Crooks, China Develop Nastier Cyberattacks Faster

ChatGPT Can Resume in Italy if Meets Data Watchdog’s Demands

Ethical Hackers Could Earn up to $20,000 Uncovering ChatGPT Vulnerabilities

Nurses Sue CommonSpirit Hospital Chain Over Unpaid Wages After 2022 Cyberattack

Gartner: Human-Centric Design Is Top Cybersecurity Trend for 2023
Hyundai Data Breach Exposes Owner Details in France and Italy

German Superyacht Maker Lürssen Hit by Ransomware Cyber Attack

Kyocera Android App With 1M Installs Can Be Abused to Drop Malware

Retina & Vitreous of Texas Files Notice of Data Breach Following Cybersecurity Incident

DDoS Attacks Shifting to VPS Infrastructure for Increased Power

Microsoft Shares Guidance to Detect BlackLotus UEFI Bootkit Attacks

Windows Admins Warned to Patch Critical MSMQ QueueJumper Bug

Krebs: Microsoft (& Apple) Patch Tuesday, April 2023 Edition

Were You Caught up in the Latest Data Breach? Here’s How to Tell


Ukrainian Hackers Say They Have Compromised Russian Spy Who Hacked Democrats in 2016

3CX Confirms North Korean Hackers Behind Supply Chain Attack

iPhones Hacked via Invisible Calendar Invites to Drop QuaDream Spyware

Hacked Sites Caught Spreading Malware via Fake Chrome Updates

‘Blatantly Obvious’: Spyware Offered to Cyberattackers via PyPI Python Repository by ‘SylexSquad’

How LockBit Changed Cybersecurity Forever

OpenAI Launches Bug Bounty Program With Rewards up to $20K

U.S. Begins Study of Possible Rules to Regulate AI Like ChatGPT

FBI and Former City Manager Say Oldsmar (FL) Cyberattack Never Happened

7 Things Your Ransomware Response Playbook Is Likely Missing
Kodi Discloses Data Breach After Forum Database for Sale Online

Latitude Financial Refuses to Pay Ransom

Webster Bank Reports Third-Party Data Breach at Guardian Analytics

Harrington Raceway (DE) Data Breach Leaks Personal Info of More Than 12k Individuals

Woodward Communications (IA) Data Breach Affects 12,467 Individuals

Cryptocurrency Stealer Malware Distributed via 13 NuGet Packages

Newly Discovered “By-Design” Flaw in Microsoft Azure Could Expose Storage Accounts to Hackers

Windows Zero-Day Vulnerability Exploited in Ransomware Attacks

Microsoft April 2023 Patch Tuesday Fixes 1 Zero-day, 97 Flaws

SAP Releases Security Updates for Two Critical-Severity Flaws


Pro-Russia Hackers Say They Breached Canadian Pipeline, but Experts Are Skeptical

Estonian National Charged in U.S. for Acquiring Electronics and Metasploit Pro for Russian Military

‘I’m Sick to My Stomach’: Pentagon Officials Shocked by Intel Leaks

How the Latest Leaked Documents Are Different From Past Breaches

FBI Warns Against Using Public Phone Charging Stations

How to Write Better ChatGPT Prompts (And This Applies to Most Other Text-Based AIs, Too)

The Human Factor In Cybersecurity: Understanding Social Engineering

Inside FTX: Jokes About Misplaced Funds, Diabolical IT, Poor Oversight, and Worse

High-Stakes Ransomware Response: Know What Cards You Hold

Apps for Sale: Cybercriminals Sell Android Hacks for Up to $20K a Pop

Apple Fixes Recently Disclosed Zero-Days on Older iPhones and iPads
KFC, Pizza Hut Owner Yum! Brands Discloses Data Breach After Ransomware Attack

SD Worx Shuts Down UK Payroll, HR Services After Cyberattack

Rochester Public School Cancels School Monday After Cyber Attack

Baldor Specialty Foods Reports Data Breach Impacting the Confidential Info of 13k+ Consumers

HawaiiUSA Federal Credit Union Confirms Recent Data Breach Affected Over 20k Customers

Reports of Data Breach at PharMerica Corp Leave Customers Worried About Their Personal Info

Hackers Flood NPM with Bogus Packages Causing a DoS Attack

Korea-Based Exchange GDAC Suspends Withdrawals, Deposits After $13M Hack

Terra DeFi Project Terraport Suffers $2M Hack Days After Launch

Community on Sushiswap Exploit: The $3.3 Hack Is ‘Weird’

CISA Orders Gov’t Agencies to Update iPhones, Macs by May 1st


Pentagon Investigates More Social-Media Posts Purporting to Include Secret U.S. Documents

Leaked Pentagon Documents Show Spies Infiltrated Kremlin… and Also in South Korea, Ukraine & UK

Russia’s Military Struggles

Biden Administration Weighs Action Against Russian Cybersecurity Firm Kaspersky Lab

Americans Now Fear Cyberattack More Than Nuclear Attack

There’s a New Form of Keyless Car Theft That Works in Under 2 Minutes

Amazon Bans Flipper Zero, Claiming It Violates Policy Against Card Skimming Devices

‘A Real Worry’: How AI Is Making It Harder to Spot Fake Images

FBI Warns of Companies Exploiting Sextortion Victims for Profit

Breached Shutdown Sparks Migration to ARES Data Leak Forums

CISA Orders Agencies to Patch Backup Exec Bugs Used by Ransomware Gang

All Dutch Gov’t Networks to Use RPKI to Prevent BGP Hijacking
Iran-Based Hackers MuddyWater Caught Carrying Out Destructive Attacks Under Ransomware Guise

Tasmanian Data Breach: Schoolchildren’s Info Among 16,000 Documents Leaked on Dark Web

University of Hawaii Maui College Announces Recent Data Breach

Camden County (NJ) Police Department Confirms Ransomware Attack

Culbertson Memorial Hospital (IL) Hit by Cyber-Attack

Cyber Attack Leaves Irrigation Systems in Upper Galilee Dysfunctional

Massive Balada Injector Campaign Attacking WordPress Sites Since 2017

Researchers Discover Critical Remote Code Execution Flaw in VM2 Sandbox Library

Apple Releases Updates to Address Zero-Day Flaws in iOS, iPadOS, macOS, and Safari

Microsoft Delays Exchange Online CARs Deprecation Until 2024

Bad Actors Will Use Large Language Models — but Defenders Can, Too

Australia Is Scouring the Earth for Cybercriminals — the US Should Too


Two-Fifths of IT Pros Told to Keep Breaches Quiet

Microsoft and Fortra Crack Down on Malicious Cobalt Strike Servers

The Dangerous Weak Link in the U.S. Food Chain

Threat Actors Increasingly Use Telegram For Phishing Purposes

Can Do Attitude: How Thieves Steal Cars Using Network Bus

Tesla Employees Reportedly Passed Around Personal Videos From Owners’ Cars

Google Mandates Data Deletion Policy For Android Apps

Privacy Concerns Surround Plans for AI Camera Surveillance at 2024 Paris Olympics

Cops Put the Squeeze on Genesis Crime Souk Denizens, Not Just the Admins This Time
UK Criminal Records Office Crippled by “Cyber Incident”

Legal Powerhouse Proskauer Exposed Clients’ Confidential M&A Data

Oakland Ransomware Attack Worsens With Massive New Release of Personal Info

Medusa Ransomware Claims Attack on Open University of Cyprus

Money Message Ransomware Gang Claims MSI Breach, Demands $4 Million

‘BEC 3.0’ Is Here With Tax-Season QuickBooks Cyberattacks

Throne Fixes Security Bug That Exposed Creators’ Private Home Addresses

QNAP ‘Urgently’ Fixing Vulnerabilities in Multiple Systems


Google TAG Warns of North Korean-linked ARCHIPELAGO Cyberattacks

UK Discloses Offensive Cyber Capabilities Principles

Spain’s Most Dangerous and Elusive Hacker Now in Police Custody

Krebs: FBI Seizes Bot Shop ‘Genesis Market’ Amid Arrests Targeting Operators, Suppliers

New Dark Web Market STYX Focuses on Financial Fraud Services

Here’s Where the A.I. Jobs Are

Log4j Bug Being Used in New Malicious Attacks
Database Snafu Leaks 600K Records from Z2U Marketplace

Our Lady of the Lake University (TX) Notifies Data Breach Victims

CryptoClippy: New Clipper Malware Targeting Portuguese Cryptocurrency Users

Typhon Reborn Stealer Malware Resurfaces with Advanced Evasion Techniques

Hackers Using Self-Extracting Archives Exploit for Stealthy Backdoor Attacks

Open Nexx Garage Doors Anywhere in the World by Exploiting This “Smart” Device


In His New Cybersecurity Strategy, Biden Identifies Cloud Security as a Major Threat

Broad Pay Ranges Can Hamper Cybersecurity Hiring

Bank Rewrote Ads for Infosec Jobs to Stop Scaring Away Women

Alcohol Counseling Companies Monument and Tempest Leaked Patient Data to Advertisers for Years

IRS-Authorized eFile.com Tax Return Software Caught Serving JS Malware

Krebs: A Serial Tech Investment Scammer Takes Up Coding?

ChatGPT Has a Big Privacy Problem

TikTok Fined £12.7m For Violating UK Data Privacy Laws

A Tiny Blog Took on Big Surveillance in China—and Won

Cybercrime Marketplace Genesis Market Shut by FBI, International Law Enforcement
Israeli Cyber Security Website Check Point Briefly Taken Down in Cyberattack

Arid Viper Hacking Group Using Upgraded Malware in Middle East Cyber Attacks

Tallahassee Memorial HealthCare Data Breach Affects Patients’ SSNs and PHI

New “Rorschach” Ransomware Spread Via Commercial Product

New Rilide Malware Targeting Chromium-Based Browsers to Steal Cryptocurrency

ALPHV Ransomware Exploits Veritas Backup Exec Bugs for Initial Access

HP to Patch Critical Bug in LaserJet Printers Within 90 Days

15M+ Services & Apps Remain Sitting Ducks for Known Exploits

How Strategic Investors Can Help Cybersecurity Startups


TikTok to Comply With US Law, Protect User Data From China

The Massive 3CX Supply-Chain Hack Targeted Cryptocurrency Firms

3CX Thought Supply Chain Attack Was a False Positive

April Brings Tulips, Taxes … And Phisherfolk Scammers

ICE Is Grabbing Data From Schools and Abortion Clinics

Tor Project’s New Privacy-Focused Browser Lets You Layer a VPN

Okay, so ChatGPT Just Debugged My Code. For Real.

U.S. DoD Unveils Website For Hack the Pentagon Bug Bounty Program

U.S. Seizes $112 Million From Cryptocurrency Investment Scammers

School Principal Resigns After Writing $100,000 Check to Elon Musk Impersonator

What The Board Needs To Know
Western Digital Hit by Network Security Breach – Critical Services Disrupted

Outsourcer Capita Claims to Have Contained “Cyber Incident”

BMW Claims Data Breach Limited to Local Dealer

Uber Driver Info Stolen Yet Again: This Time From Law Firm Genova Burns

Montgomery General Hospital (WV) Data Breach Following Ransomware Attack

Southwest Healthcare Services (ND) Data Breach Affects Patients’ SSNs and PHI

Crypto-Stealing OpcJacker Malware Targets Users with Fake VPN Service

WinRAR SFX Archives Can Run PowerShell Without Being Detected

CISA Warns of Zimbra Bug Exploited in Attacks Against NATO Countries

For Cybercrime Gangs, Professionalization Comes With ‘Corporate’ Headaches


10-Year-Old Windows Bug With ‘Opt-In’ Fix Exploited in 3CX Attack

Federal Government Published Social Security Numbers of 1,900 White House Visitors

China Opens Cybersecurity Probe of Micron Amid Competition With U.S. Over Technology

Italy Curbs ChatGPT, Starts Probe Over Privacy Concerns

NYPD Blues: Cops Ignored 93 Percent of Surveillance Law Rules

Lazarus Heist: The Intercontinental ATM Theft That Netted $14M in Two Hours

Krebs: German Police Raid DDoS-Friendly Host ‘FlyHosting’

DISH Slapped With Multiple Lawsuits After Ransomware Cyber Attack
Consumer Lender TMX Discloses Data Breach Impacting 4.8 Million People

Lumen Hit by Ransomware, Malware Attacks

Jefferson County (AL) School System Victim of Ransomware Attack During Spring Break

Lewis & Clark College Cyberattack Claimed by Notorious Ransomware Gang

New Money Message Ransomware Demands Million Dollar Ransoms

Fake Ransomware Gang ‘Midnight’ Targets U.S. Orgs With Empty Data Leak Threats

Hackers Exploiting WordPress Elementor Pro Vulnerability: Millions of Sites at Risk

15 Million Public-Facing Services Vulnerable to CISA KEV Flaws