Recent Cyber Attacks, Data Breaches & Ransomware Attacks February 2023

Date: 1 March 2023

Featured Image

Here's the ultimate list of all the cyber attacks, data breaches and ransomware attacks that made it to the news in February 2023. 

The second month of the year has clearly been no different from the first. Organisations have been bleeding data as cyber attacks, ransomware attacks and new malware just don't stop. Airlines, airports, healthcare organisations, grocery chains, food manufacturers, oil producers almost every industry seems to have been affected in the month gone by. 

What is the solution to beat these advanced and persistent attackers? Is there a way to mitigate  threats and/or control the damage? 

Unfortunately, in all likelihood you can and will be attacked at some point or the other in your organisational lifetime. The best strategy is to focus on improving your cybersecurity posture and keep your incident response plans and processes up to date and relevant.    

Need help in evaluating your business's breach readiness and strengthening your cybersecurity posture without blowing your budget? Choose our convenient and cost-effective Virtual Cyber Assistant service. Our virtual cybersecurity experts can  help you conduct risk assessments and crisis tabletop exercises to help you see where your organisation actually stands today. They can then help you work on your strengths and plug the gaps.

New call-to-action

For a clearer picture of why you must make cybersecurity your top priority immediately, take a look at the below lists of the biggest cyber attacks, ransomware attacks and data breaches in February 2023.   

  1. Ransomware Attacks in February 2023
  2. Data Breaches in February 2023
  3. Cyber-Attacks in February 2023
  4. New Ransomware/Malware Detected in February 2023
  5. Vulnerabilities/Patches 
  6. Advisories issued, reports, analysis etc. in February 2023

Ransomware Attacks in February 2023

Date

Victim

Summary

Threat Actor

Business Impact

Source Link

February 01, 2023

ION Group

City of London traders hit by Russia-linked cyber attack.

LockBit ransomware

Ion said 42 clients have been affected by the attack as it faces disruption in its cleared derivatives division.

City of London traders, ION Group cyber attack

February 03, 2023

Chip equipment maker MKS Instruments

Chip equipment maker MKS Instruments suffers a ransomware attack.

Unknown

The attack affected the company's production-related systems as MKS said it would temporarily suspend operations  at some of its facilities, as part of its containment efforts.

MKS Instruments ransomware attack

February 06, 2023

Royal Mail

LockBit ransomware gang claims responsibility for Royal Mail cyber attack.

LockBit ransomware

The cyber attack forced the company to halt its international shipping services due to “severe service disruption”.

Royal Mail ransomware attack

February 06. 2023

Lehigh Valley Health Network

Lehigh Valley Health Network says it was the target of Russian ransomware gang BlackCat.

BlackCat Ransomware

Based on Lehigh Valley Healthcare’s initial analysis, the attack was on the network supporting one physician practice located in Lackawanna County. It said, however, that the attack has not disrupted LVHN’s operations.

Lehigh Valley Health Network ransomware attack

February 07, 2020

Drug distributor AmerisourceBergen

Drug distributor AmerisourceBergen confirms security breach.

Lorenz Ransomware

AmerisourceBergen’s internal investigation quickly identified that a subsidiary’s IT system was compromised as the threat actors began leaking stolen data.

Drug distributor AmerisourceBergen ransomware attack

February 08, 2023

Canadian bookstore Indigo

Largest Canadian bookstore Indigo shuts down site after ransomware attack

Unknown

The Indigo bookstore cyber attack forced the company to make the website unavailable to customers and to only accept cash payments. The ransomware attack compromised the data of current and former employees.

Canadian bookstore Indigo cyber attack  


Some Indigo bookstore employee data was stolen in the ransomware attack

February 08, 2020

Águas e Energia do Porto (Water utility in Porto, Portugal)

LockBit gang takes credit for attack on water utility in Portugal.

LockBit Ransomware

The LockBit Ransomware gang stole information and gave the utility until March 7 to pay a ransom, threatening to publish stolen information from Águas e Energia do Porto systems if the deadline passed without payment.

Ransomware attack on water utility in Portugal

February 09, 2023

A10 Networks

A10 Networks confirms data breach after Play Ransomware attack.

Play Ransomware 

Play ransomware gang managed to gain access to shared drives, deployed malware, and 'compromised' data related to human resources, finance, and legal functions and threatened to leak the files it stole during the intrusion.

A10 Networks ransomware attack

February 10, 2023

City of Oakland

City of Oakland systems offline after ransomware attack

Unknown

The ransomware attack forced the City of Oakland to take all systems offline until the network is secured and affected services are brought back online.

City of Oakland ransomware attack

February 12, 2023

Technion university

DarkBit ransomware hits Technion university to protest tech layoffs and Israel.

DarkBit ransomware

The ransomware group encrypted university data and demanded 80 BTC to release the decryptor. 

Israel’s Technion university ransomware attack 

February 16, 2023

Applied Materials

Semiconductor industry giant Applied Material says ransomware attack on supplier will cost it $250 million.

Unknown

Applied Materials Chief Executive Officer Gary Dickerson said, “very recently, one of our major suppliers (apparently MKS Instruments) encountered a disruption that will impact our second-quarter shipments and this impact would cost it $250 million in the next quarter.”

Semiconductor industry giant Applied Material may suffer a loss of millions due to a ransomware attack on its supplier

February 17, 2023

U.S. Marshals Service

U.S. Marshals Service investigating ransomware attack, data theft

Unknown

The affected system contains law enforcement sensitive information, including returns from legal process, administrative information, and personally identifiable information pertaining to subjects of USMS investigations, third parties, and certain USMS employees.

U.S. Marshals Service ransomware attack

February 22, 2023

Fruit Giant, Dole 

Fruit giant Dole disclosed a ransomware attack impacting operations.

Unknown

Dole halted its shipments to grocery stores as the ransomware attack forced it to shut down operations of its production plants in North America.

Fruit giant Dole ransomware attack

February 22, 2023

Ohio’s largest ​​oil producer Encino Energy

Ohio’s largest ​​oil producer claims ‘no impact’ seen after cyberattack.

ALPHV Ransomware group

The ransomware group posted 400 GB of stolen data on its leak site. 

Ohio’s largest ​​oil producer Encino Energy ransomware attack

February 27, 2023

Los Angeles school district

Los Angeles school district confirms sensitive student data leaked.

Vice Society Ransomware group 

Health records and psychological assessments of about 2,000 students, including 60 current students, were exposed by last year’s ransomware attack.

Los Angeles school district student data leak

February 28, 2023

Dish Network

Dish Network confirms ransomware attack behind multi-day outage.

Black Basta ransomware (Apparently) 

The Corporation became aware that certain data was extracted from the Corporation’s IT systems as part of this incident and it is possible the investigation will reveal that the extracted data includes personal information.

Dish Network ransomware attack



Here are some FREE resources created by our cybersecurity experts to help you prepare for dealing with ransomware attacks and mitigating the damage they can cause:

  1. Ransomware Mitigation Checklist
  2. Ransomware Response Checklist
  3. Ransomware Response Workflow Guide  

Back to Top 

New call-to-action

Data Breaches in February 2023

Date

Victim

Summary

Threat Actor

Business Impact

Source Link

February 03, 2023

PeopleConnect, the owners of the TruthFinder and Instant Checkmate

TruthFinder, Instant Checkmate confirm data breach affecting 20 million customers.

A hacker who calls himself GOD

The stolen data was shared as two 2.9 GB CSV files containing only customer information of 20.22 million TruthFinder and Instant Checkmate customers before the backup was created on April 16th, 2019.

TruthFinder, Instant Checkmate data breach

February 05, 2023

CoinBase

Coinbase cyber attack targeted employees with fake SMS alert.

Unknown

The threat actor stole the login credentials of one of its employees in an attempt to gain remote access to the company's systems and obtained some contact information belonging to multiple Coinbase employees. 

Coinbase data breach

February 06, 2023

Weee! grocery service

Weee! grocery service confirms data breach; 1.1 million affected.

A hacker who calls himself GOD

The breach exposed the personal information of 1.1 million customers.

Weee! grocery service data breach

February 06, 2023

A Birmingham-based medical practice, Cardiovascular Associates (CVA)

Birmingham medical practice informs patients of security breach.

Unknown

After an investigation, it was determined that a third party had gained access to personal information and removed a copy of some data between November 28 and December 5.

Birmingham medical practice CVA data breach

February 07, 2023

Toyota

Researcher breaches Toyota supplier portal with info on 14,000 partners.

A security researcher 

Toyota's Global Supplier Preparation Information Management System (GSPIMS) was breached by a security researcher who discovered a "backdoor" in Toyota's system that allowed anyone to access an existing user account as long as they knew their email.

Researcher breaches Toyota supplier portal

February 10, 2023

California medical groups; Regal Medical Group, Lakeside Medical Organization, ADOC Medical Group, and Greater Covina Medical

California medical group data breach impacts 3.3 million patients.

Unknown

Sensitive data of 3,300,638 patients was exposed in the attack.

California medical group data breach

February 10, 2023

GoAnywhere

Clop ransomware claims it breached 130 organisations using GoAnywhere zero-day.

Clop ransomware

The Clop ransomware gang claimed to be behind recent attacks that exploited a zero-day vulnerability CVE-2023-0669 in the GoAnywhere MFT secure file transfer tool, saying they stole data from over 130 organisations.

Clop ransomware exploits GoAnywhere zero-day

February 12, 2023

NameCheap

NameCheap's email hacked to send MetaMask, DHL phishing emails.

Unknown

NameCheap had their email account breached Sunday night, causing a flood of MetaMask and DHL phishing emails that attempted to steal recipients' personal information and cryptocurrency wallets.

Hackers target NameCheap email 

February 15, 2023

Atlassian’s third party vendor Envoy

Atlassian data leak caused by stolen employee credentials.

A hacking group known as SiegedSec



The threat actors used stolen employee credentials to steal data from Atlassian’s third-party vendor. The hackers said: "We are leaking thousands of employee records as well as a few building floor plans. These employee records contain email addresses, phone numbers, names, and lots more~!."

Atlassian’s third party vendor data breach

February 15, 2023

Pepsi Bottling Ventures

Pepsi Bottling Ventures suffers data breach after malware attack.

Unknown

Hackers accessed the internal IT systems of Pepsi, installed malware, and downloaded certain information contained on the accessed IT systems.

Pepsi Bottling Ventures data breach

February 16, 2023

GoDaddy

GoDaddy says its source code was stolen and malware installed in breach.

Unknown

GoDaddy revealed that an unauthorised party gained access to its servers and installed malware, causing the intermittent redirection of customer websites.

GoDaddy’s February data breach incident

February 17, 2023

Liverpool NHS Hospital

Data leak hits thousands of NHS workers.

Human Error

A file containing sensitive payroll information of 14,000 employees was mistakenly sent to hundreds of NHS managers and 24 external accounts.

Liverpool NHS hospital data leak incident

February 19, 2023 

The International Center of Photography Museum

The International Center of Photography Museum in New York City has allegedly been breached by the Medusa Team.

Medusa Team

Hackers hit IT systems of The International Center of Photography Museum.

The International Center of Photography Museum data breach

February 20, 2023

RailYatri

Hackers leak stolen data of about 31 million users of an Indian Ticketing Platform, RailYatri.

Name unknown. Data leaked on forum, Unit86/V.I.P

The 12 GB worth of leaked data includes email addresses, full names, genders, phone numbers, locations and 37,000 invoices which could put millions of users at risk of identity theft, phishing attacks, and other cyber crimes.

RailYatri data leak incident

February 21, 2023

Game maker, Activision

Activision data breach exposes employee and game information.

A hacker who calls himself GOD

The threat actor "exfiltrated sensitive workplace documents" along with the content release schedule until November 17, 2023 and now on February 27, 2023, threat actors have posted leaked data that consists of 19,444 unique records containing full names, phone numbers, job titles, locations, and email addresses of alleged Activision employees. 

Activision data breach


Hackers post stolen data on a data leak forum

February 21, 2023

Canadian Telecom, TELUS

TELUS investigates leak of stolen source code, employee data.

Hacker name unknown. Data leaked on forum called Seize/VIP

The threat actor posted screenshots that apparently show private source code repositories and payroll records held by TELUS.

TELUS data breach incident

February 21, 2023

FNB home loan

FNB home loan applicants' personal info exposed in app data breach.

Unknown

First National Bank’s (FNB’s) mobile app has exposed personal information of customers applying for home loans using the digital platform.

First National Bank’s (FNB’s) mobile app data breach

February 22, 2023

UB Box Office’s third-party vendor AudienceView

UB Box Office’s third-party vendor reports data breach.

Unknown

The data breach may have jeopardised the personal information of 292 customers. 

UB Box Office’s third-party vendor data breach

February 23, 2023

Good Guys and Pegasus Group Australia Pty Ltd

The Good Guys customers' personal data stolen in cyber attack on third-party supplier.

Unknown

The Good Guys has revealed some of its customers' personal data has been stolen as the supplier held contact details of Concierge members, including names, addresses, phone numbers and email addresses, as well as encrypted passwords and dates of birth of some members.

Good Guys data breach

February 24, 2023

Stanford University

Stanford University discloses data breach affecting PhD applicants.

Unknown

The exposed information contains PhD applications and accompanying materials, including names, dates of birth, home and mailing addresses, phone numbers, email addresses, race and ethnicity, citizenship, and gender of the applicants.

Stanford University data breach incident

Back to Top 

New call-to-action

Cyber Attacks in February 2023

Date

Victim

Summary

Threat Actor

Business Impact

Source Link

February 02, 2023

Super Bock

Super Bock says 'cyber' nasty 'disrupting computer services'.

Unknown

The cyber attack that hit Super Bock's tech infrastructure caused disruption to computer services, with constraints on regular operation, particularly at the service level.

Super Bock cyber attack

February 03, 2023

Tallahassee Memorial HealthCare (TMH)

Florida hospital takes IT systems offline after cyber attack.

Unknown 

The cyber attack forced Tallahassee Memorial HealthCare (TMH) to take its IT systems offline and to suspend non-emergency procedures. The hospital also had to divert emergency patients to other hospitals.

Florida hospital cyber attack

February 03, 2023

Bermuda Power Supplier BELCO

Bermuda hit by widespread internet outage amid power cut.

Unknown

The cyber attack impacted the island's internet and phone service availability.

Bermuda’s electricity supplier BELCO cyber attack

February 06, 2023

German kitchen system specialist Häfele

Häfele IT systems down after cyber attack.

Unknown

The company shut down its computer systems and disconnected them from the internet.

German kitchen system specialist Häfele cyber attack

February 06, 2023

UK Metal Engineering Firm Vesuvius

UK metal engineering firm Vesuvius hit by cyber attack.

Unknown

Due to the cyber attack, Vesuvius shut down its IT systems. 

UK Metal Firm Vesuvius Cyber Attack

February 07, 2023

Blue Star Refrigerators 

Blue Star detects cyber attack at certain locations, but says no impact on operations.

Unknown 

Blue Star claims it has not found any material impact on the operations of the company. 

Blue Star Refrigerators cyber attack

February 14, 2023

Aker Solutions’ Brazilian subsidiary 

Aker Solutions’ Brazilian arm becomes victim of a cyber attack.

Unknown

The cyber attack impacted IT systems of Aker Solutions’ Brazilian subsidiary.  

Aker Solutions’ Brazilian subsidiary cyber attack 

February 15, 2023

Lufthansa

Lufthansa IT meltdown leaves thousands of passengers stranded.

Lufthansa said the outage was caused by a damage in the fibre optic cable bundle of Deutsche Telekom but the Pro-Russian group Killnet claimed responsibility for the incident.

More than 200 flights were cancelled at Frankfurt airport and more than 100 flights were delayed.



Pro Russian Killnet claims Lufthansa IT outage

February 15, 2023

Scandinavian Airlines

Scandinavian Airlines hit by cyber attack; ‘Anonymous Sudan’ claims responsibility.

Anonymous Sudan

A cyber attack on Scandinavian Airlines (SAS) knocked its website offline and exposed some customer data.

Scandinavian Airlines cyber attack

February 16, 2023

Burton Snowboards

Burton Snowboards cancels online orders after 'cyber incident'.

Unknown

Burton Snowboards, a leading snowboard manufacturing company, has cancelled all online orders following what it describes as a cyber incident.

Burton Snowboards cyber attack

February 16, 2023

German airports

German airports hit by DDoS attack; ‘Anonymous Russia’ claims responsibility.

Anonymous Russia

The websites of seven airports were hit by a suspected cyber attack. Victim airports included Dusseldorf, Nuremberg, Erfurt-Weimar and Dortmund.

DDoS attack on German airports

February 16, 2023

DeFi platform Platypus 

DeFi platform Platypus says nearly $9 million in crypto stolen in flash loan attack.

Unknown

Almost $9 million lost in cryptocurrency.

DeFi platform Platypus cyber attack

February 27, 2023

LastPass

LastPass Says DevOps Engineer Home Computer Hacked.

Unknown

LastPass DevOp engineer’s home computer hacked and implanted with keylogging malware as part of a sustained cyberattack that exfiltrated corporate data from the cloud storage resources.

LastPass cyber attack



Back to Top 

New call-to-action

New Ransomware/Malware Discovered in February 2023

New Ransomware

Summary

Source Link

New Nevada Ransomware

Nevada tried to grow its capabilities quickly as security researchers noticed improved functionality for the locker targeting Windows and VMware ESXi systems.

New Nevada Ransomware targets Windows and VMware ESXi systems

Honkai (Paradise) Ransomware

Honkai (Paradise) Ransomware; Extension: .honkai (also appends victim's ID and developers' email); Ransom note: #DECRYPT MY FILES#.html

New Honkai (Paradise) Ransomware

Sunjn Ransomware

Sunjn Ransomware; VoidCrypt ransomware family; Extension: .sunjn (also appends victim's ID and developers' email address); Ransom note: Dectryption-guide.txt

New Sunjn Ransomware from VoidCrypt ransomware family

DODO Ransomware

DODO Ransomware; Extension: .dodov2; Ransom note: dodov2_readit.txt

New DODO Ransomware

MortalKombat Ransomware

New ‘MortalKombat’ ransomware targets systems in the U.S.

Xortist commodity ransomware named 'MortalKombat'

'Beep' malware 

New stealthy 'Beep' malware focuses heavily on evading detection

Beep malware tries to hide itself

Medusa (New Version)

A new version of the Medusa DDoS (distributed denial of service) botnet, based on Mirai code, has appeared in the wild

Medusa botnet returns as a Mirai-based variant with ransomware sting

Adrianov Ransomware; Based on Chaos ransomware;

Extension: .1iyT6bav7VyWM5; Ransom notes: adrianov.txt and desktop wallpaper

New Chaos ransomware

Stop/Djvu Ransomware (v0643)

Stop Ransomware (v0643); Extension: .vvmm; Ransom note: _readme.txt

New version of Stop Ransomware (v0643)

Stop/Djvu Ransomware (v0645)

Stop Ransomware (v0645); Extension: .vvoo; Ransom note: _readme.txt

New version of Stop Ransomware (v0645)

Mirai malware

New Mirai malware variant infects Linux devices to build DDoS botnet

New Mirai malware

Frebniis Malware

Frebniis Malware Exploits Microsoft IIS Feature

Frebniis Malware spreads its wings by hitting Microsoft 

WhiskerSpy malware

New WhiskerSpy malware delivered via trojanized codec installer

New WhiskerSpy malware

Stealc malware

New Stealc malware emerges with a wide set of stealing capabilities

New Stealc malware

 

Vulnerabilities/Patches Discovered in February 2023

Date

Flaws/Fixes

Summary

Source Link

February 3, 2023

CVE-2023-0669

GoAnywhere warned customers of zero-day remote code execution vulnerability on exposed administrator consoles.

GoAnywhere MFT zero-day vulnerability lets hackers breach servers

February 6, 2023

CNVD-2022-10270 / CNVD-2022-03672 RCE vulnerabilities in Sunlogin v11.0.0.33 and earlier

A new hacking campaign exploited Sunlogin flaws to deploy the Sliver post-exploitation toolkit and launch Windows Bring Your Own Vulnerable Driver (BYOVD) attacks to disable security software.

Hackers backdoor Windows devices in Sliver and BYOVD attacks

February 13, 2023

The zero-day patched is tracked as CVE-2023-23529

Apple releases emergency security updates to address a new zero-day vulnerability used in attacks to hack iPhones, iPads, and Macs. 

Apple fixes new WebKit zero-day exploited to hack iPhones, Macs

February 16, 2023

CVE-2021-34473 and CVE-2021-34523

A new malware dubbed 'ProxyShellMiner' exploits the Microsoft Exchange ProxyShell vulnerabilities to deploy cryptocurrency miners throughout a Windows domain to generate profit for the attackers.

Microsoft Exchange ProxyShell flaws exploited in new crypto-mining attack

February 16, 2023

RCE (CVE-2023-21823) and escalate privileges (CVE-2023-23376), (CVE-2023-21715) can be exploited to bypass Microsoft Office macro policies, a WebKit type confusion issue (CVE-2023-23529)  

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added four security vulnerabilities exploited in attacks as zero-day to its list of bugs known to be abused in the wild.

CISA warns of Windows and iOS bugs exploited as zero-days

February 17, 2023

CVE-2022-39952 and CVE-2021-42756

Cybersecurity solutions company Fortinet has released security updates for its FortiNAC and FortiWeb products, addressing two critical-severity vulnerabilities that may allow unauthenticated attackers to perform arbitrary code or command execution.

Fortinet fixes critical RCE flaws in FortiNAC and FortiWeb

February 21, 2023

CVE-2022-39952

Security researchers have released a proof-of-concept exploit for a critical-severity vulnerability in Fortinet's FortiNAC network access control suite.

Exploit released for critical Fortinet RCE flaws, patch now

February 23, 2023

CVE-2022-47986

The IBM Aspera Faspex file transfer tool used by dozens of large organisations and businesses has a serious bug that malicious hackers are actively exploiting.

Popular IBM file transfer tool vulnerable to cyberattacks, CISA says

February 27, 2023

CVE-2023-26540

Hackers exploit two critical-severity vulnerabilities in the Houzez theme and plugin for WordPress, two premium add-ons used primarily in real estate websites.

Critical flaws in WordPress Houzez theme exploited to hijack websites

 Back to Top 

cta Free incident response checklist

Warnings/Advisories/Reports/Analysis

News

Summary

Source Link

Report

Arnold Clark, Europe's largest independent car retailer, notified some customers that their personal information was stolen in a December 23 cyber attack claimed by Play Ransomware group.

Arnold Clark customer data stolen in attack claimed by Play ransomware

Report

The ASEC analysis team recently discovered the distribution of the TZW ransomware, which encrypts files before adding the “TZW” file extension to the original extension.

TZW Ransomware Being Distributed in Korea

Report

Schools in Tucson, Arizona, and Nantucket, Massachusetts, are dealing with cyber attacks as U.S. schools continue to face a barrage of threats in the first weeks of 2023.

K-12 schools in Tucson, Nantucket respond to cyber attacks

Report

A critical new vulnerability disclosed by network-attached storage (NAS) vendor QNAP could be exploited on almost 30,000 devices globally.

Nearly 30,000 QNAP Devices Exposed Via New Bug

Report

More than 10,000 employees, students and former staff have now been affected by the major cyber attack on one of Queensland's largest tertiary institutions.

More than 11,000 employees, students and former staff affected by cyber attack, QUT says

Report

A senior councillor has been accused of creating an online voting system that could have potentially allowed members' votes on budget cuts to be tracked.

Pembrokeshire: Top councillor accused of possible data breach

Report

Royal Ransomware is the latest ransomware operation to add support for encrypting Linux devices to its most recent malware variants, specifically targeting VMware ESXi virtual machines.

Linux version of Royal Ransomware targets VMware ESXi servers

Report

Russian citizen Denis Mihaqlovic Dubnikov pleaded guilty on Tuesday to laundering money for the notorious Ryuk ransomware group for over three years.

Russian man pleads guilty to laundering Ryuk ransomware money

Report

Eurostar rail forced its customers to reset their account passwords but customers failed to reset due to technical error in the given link. 

Eurostar forces 'password resets' but faced with a technical error

Report

Scammers are now exploiting the ongoing humanitarian crisis in Turkey and Syria: this time stealing donations by abusing legitimate platforms like PayPal and Twitter.

PayPal and Twitter abused in Turkey relief donation scams

Report

DDoS attacks affected connectivity and performance of Tor and I2P networks.

Tor and I2P networks hit by wave of ongoing DDoS attacks

Analysis

Online stores expose private backups in public folders, including internal account passwords, which can be leveraged to take over the e-commerce sites and extort owners.

Over 12% of analysed online stores expose private data, backups

Report

Cloudflare blocked what it describes as the largest volumetric distributed denial-of-service (DDoS) attack to date.

Cloudflare blocks record-breaking 71 million RPS DDoS attack

Report

Five malicious packages found on the Python Package Index (PyPI), stealing passwords, Discord authentication cookies, and cryptocurrency wallets from unsuspecting developers.

Devs targeted by W4SP Stealer malware in malicious PyPi packages

Report

The US Cybersecurity and Infrastructure Security Agency (CISA) has released a script to recover VMware ESXi servers encrypted by the recent widespread ESXiArgs ransomware attacks.

CISA releases recovery script for ESXiArgs ransomware victims

Report

The Dutch police announced on Friday that they dismantled the Exclu encrypted communications platform after hacking into the service to monitor the activities of criminal organisations.

Police hacked Exclu 'secure' message platform to snoop on criminals

Report

Microsoft found an ongoing outage affecting the company's Outlook webmail service as users reported issues while sending, receiving, or searching email through Outlook.com. 

Microsoft Outlook outage prevents users from sending, receiving emails

Report

HSE has issued over 32,000 notification letters to people who had their data stolen in the cyber attack on the Health Service Executive (HSE) and the costs associated with the cyber attack could rise to €500m.

HSE cyber attack: 32,000 notified of stolen data

Report

According to reports from an increasing number of Microsoft customers, Outlook inboxes have been flooded with spam emails because email spam filters are currently broken.

Microsoft Outlook flooded with spam due to broken email filters

Report

The U.S. Federal Bureau of Investigation (FBI) is reportedly investigating malicious cyber activity on the agency’s network.

FBI is investigating a cybersecurity incident on its network

Report

Norwegian police (Økokrim) have seized 60 million kroner ($5,800,000) worth of cryptocurrency stolen by the North Korean Lazarus hacking group last year from Axie Infinity's Ronin Bridge.

Norwegian police recover $5.8M crypto from massive Axie Infinity hack

Report

Cybersecurity company Group-IB has revealed it successfully detected and blocked an email carrying a malicious attachment by Tonto Team in June 2022.

Group-IB Blocks Attack By Chinese Tonto Team Hackers

Report

New vulnerability reporting frameworks are now in place in Belgium, to give cybersecurity researchers a way to legally report software and hardware bugs to organisations and the government.

Belgium institutes nationwide vulnerability disclosure policy

Report

Over 1.6 million cyber attacks were blocked on 114 Indian insurance companies every day in January.

Over 1.6 m cyber attacks blocked on Indian insurance firms a day in Jan

Report

One of the largest commercial DNA testing companies in the world agreed to pay a $400,000 fine to Ohio and Pennsylvania after a 2021 data breach compromised the information of more than 2 million people. 

DNA Diagnostics Center to pay $400,000 fine for 2021 data breach

Report

In an episode that underscores the vulnerability of global computer networks, hackers got a hold of login credentials for data centres in Asia used by some of the world’s biggest businesses, a potential bonanza for spying or sabotage.

Hackers Scored Data Center Logins for Some of the World's Biggest Companies

Report

Ireland's child and family agency, Tusla, says it is beginning a months-long process to notify 20,000 individuals that their personal information was exposed in the May 2021 ransomware attack against the Health Service Executive.

Ireland Set to Notify 20,000 More Health Data Breach Victims

Report

A threat actor has been targeting government entities with the PureCrypter malware downloader that has been seen delivering multiple information stealers and ransomware strains.

PureCrypter malware hits govt orgs with ransomware, info-stealers

Report

According to BleepingComputer, Mass media and publishing giant News Corporation (News Corp) says that attackers behind a breach disclosed in 2022 first gained access to its systems two years before, in February 2020.

News Corp says state hackers were on its network for two years

Report

Australia's federal government will overhaul a $1.7 billion cyber security plan set up under Scott Morrison in the aftermath of the hacks of Optus and Medibank.

Federal government to rewrite cyber laws after Optus, Medibank hacks

Report

The Australian government said it planned to overhaul its cyber security rules and set up an agency to oversee government investment in the field and help coordinate responses to hacker attacks.

Australia plans to reform cyber security rules, set up agency

Report

Letters are being mailed to the last known permanent address of 2,158 users whose personally identifiable information was involved in a data breach of the Physician Assistant Portal at Commonwealth University-Lock Haven in January 2023.

Commonwealth University notifies 2,158 PA portal users affected by data breach

Report

Microsoft has addressed a known issue behind unsupported computers being offered Windows 11 22H2 upgrades and unable to complete the installation process.

Microsoft fixes bug offering Windows 11 upgrades to unsupported PCs

Back to Top 

New call-to-action

Get Email Updates on our Latest News

Simply enter you details in the form below to subscribe:

  • Or call us on:
  • +44 (0) 203 189 1422
yt-1