Chinese ‘Earth Krahang’ Group Compromised 70 Organizations – March 20th
Trend Micro reported on an advanced persistent threat actor linked to the Chinese government called ‘Earth Krahang’, compromising over 70
Fake Chrome Update Spreads Banking Malware – March 19th
According to a Broadcom report, a banking trojan named "Cerberus" pretending to be a Google Chrome update has successfully distributed
Google’s Improvements to Chrome’s ‘Safe Browsing’ Mode – March 18th
Google announced major security-focused revamps to Chrome's 'Safe Browsing' mode, which enables the service to work while checking against a
Security Flaws Found in ChatGPT Plugins – March 15th
According to Salt Labs research, third-party OpenAI ChatGPT plugin security flaws could allow attackers to install malicious plugins, and hijack
The EU’s AI Rules Get Final Approval – March 14th
Five years after its proposal, European Union lawmakers approved the artificial intelligence law, a world-first on AI rules. Centered around
Google’s Gemini AI Restricted to Answer Global Election Questions –
Google announced that the Gemini AI chatbot will be restricted to answering any global election-related questions to avoid any potential
27,000 Private Data Stolen from Stanford Ransomware Attack – March
Stanford University announced that the personal information of 27,000 individuals was stolen as a result of a September 2023 ransomware
CISA Systems Shut Down Due to Third-Party Breach – March
Cybersecurity and Infrastructure Security Agency (CISA) confirmed that two of its systems were voluntarily shut down due to a breach
Russian Hackers Breach Microsoft’s Code Base – March 8th
Microsoft announced the cyber campaign by the Russian-state-sponsored 'Midnight Blizzard' hackers, resulting in the group stealing the tech giant's source
Skype, Google Meet, and Zoom were used in the New
Zscaler discovered a new remote access trojan (RAT) campaign that lures victims through fake online meeting links. Once the victims
Suspected Hackers Behind Meta Social Media Temporary Shutdown – March
Cyberint reported that three threat actor groups (Skynet, Godzilla, and Anonymous Sudan) are suspected to be behind the temporary shutdown
Third-Party Breach Places AmEx Cardholders at Risk – March 5th
American Express released a notification to its customers, informing them of a third-party data breach, placing 'some' customer information at
“Morris II Worm” Built to Target GenAI Systems – March
Researchers from the Israel Institute of Technology, in collaboration with Intuit, and Cornell Tech developed the "Morris II Worm" to
50% of Companies Experienced IoT Cyber Incidents – February 28th
A Viakoo survey unveiled that 50% of respondents experienced IoT cyber incidents in 2023. Among those IoT cyber incidents, 44%
US Energy Sector Receives a $45M Investment to Bolster Cybersecurity
As part of the US Biden-Harris administration's "Investing in America" agenda, the US energy sector received a $45M investment to
LockBit Resurfaces After Takedown – February 26th
Arriving days after law enforcement agencies took down LockBit's servers, the ransomware gang resurfaces with a new data leak portal
FTC Fines Avast $16.5M for Selling User Data – February
The U.S. Federal Trade Commission (FTC) filed a complaint against Avast for selling user data, along with a $16.5M fine.
I-Soon Leak Offers Glimpse Into Chinese Hacking Campaigns – February
The Chinese Police reported on a nation-state sensitive data leak on Chinese company, I-Soon. The data uncovers in detail, methods
Ransomware Attacks Decline by 11% in 2023 – February 21st
IBM X-Force released a report, disclosing that ransomware attacks declined by 11.5% in 2023, compared to 2022. IBM says the
International Law Enforcement Seizes LockBit’s Website – February 20th
U.S. and U.K. authorities announced the seizure of the LockBit ransomware gang's extortion website. The "Operation Cronos" campaign was led
‘Ransomania’ Ransomware Repository Launches – February 19th
Cyberint announced the launch of 'Ransomania' a free-to-use ransomware attack repository featuring thousands of recorded ransomware attacks. Ransomania allows users
iOS Trojan Steals Facial Recognition Data – February 16th
Group-IB discovered a new iOS Trojan named "GoldPickaxe.iOS" that was built to steal facial recognition data from infected iOS devices.
11 Romantic AI Chatbots Fail Security Tests – February 15th
The Mozilla Foundation released research that unveils that all 11 romantic AI chatbots tested, failed security and privacy tests. All
Facebook Marketplace User Data For Sale – February 14th
A cyber-criminal known as "algoatson" placed the data of over 200,000 Facebook Marketplace users for sale on Breach Forums, an
US Adults Lose Over $10B to Fraud in 2023 –
According to the US Federal Trade Commission (FTC), US adults lost over $10B to cyber fraud incidents in 2023, led
UK Claims e-Visas to be an ‘Enhanced Security’ Measure –
In the UK's move to phase out physical immigration documents by 2025, the UK’s Home Office claims the implementation of
Blocked IP Addresses Increase by 116% – February 9th
According to a report by Qrator Labs, blocked IP addresses associated with malicious activity increased by 116% in Q3 2023.
Ransomware Payments Reach a Collective Payout Estimated at $1B in
According to Chainalysis, the estimated total value received by ransomware attackers reached $1.1B in 2023. The Chainalysis report also states
Chinese Malware Breaches Dutch Defense Department – February 7th
Specialists from the Netherlands' Military Intelligence and Security Service (MIVD) and the General Intelligence and Security Service (AIVD) announced a
DDoS Attack on Pennsylvania Fails to Halt City Government –
Officials from the Administrative Office of Pennsylvania Courts announced their website was hit by a Distributed Denial of Service (DDoS)
US Sanctions 6 Iranian Officials for Cyber Espionage Attacks –
The US Treasury Department's Office of Foreign Assets Control (OFAC) announced sanctions placed on six Iranian officials behind cyberattacks on
CISA and EPA Launch Water Sector Cyber Toolkit – February
CISA and EPA Launch Water Sector Cyber Toolkit Amid the recent string of critical water infrastructure cyber attacks, the Cybersecurity
Schneider Electric Confirms Data Breach from Ransomware Attack – January
Schneider Electric announced that they were hit by a ransomware attack on January 17th, resulting in a data breach exposing
Critical Sectors Faced 13 Cyber Attacks per Second in 2023
A Forescout Research - Vedere Labs report disclosed that over 420 million attacks were recorded between January and December 2023
Trello Data Breach Exposes 15M Users – January 29th
Initially noted by the 'Have I Been Pwned?' breach notification service, user data of 15 million Trello users are now
Government Vulnerabilities Grow by 151% – January 26th
According to a Bugcrowd report, no other sector saw as much vulnerability growth as the government sector, which saw a
The UK Warns on AI-Generated Malware from Nation-States – January
According to the UK's National Cyber Security Centre (NCSC), AI-generated malware built to avoid detection could be a serious threat