Daily News - Dezembro (22/12 - 28/12) - 52 Semana de 2024

Information Security, Cyber Security, Privacy and Hacking News --- Daily Updates !! Weekly Resume...

!!! Security Is a Lifestyle Weekly News !!!

28/12

15,000+ Four-Faith Routers Exposed to New Exploit Due to Default Credentials

Customer data from 800,000 electric cars and owners exposed online

Cyber attack on Italy's Foreign Ministry, airports claimed by pro-Russian hacker group

FICORA, CAPSAICIN Botnets Exploit Old D-Link Router Flaws for DDoS Attacks

Hackers steal ZAGG customers' credit cards in third-party breach

Hackers take over Google Chrome extensions in cyberattack

How cops taking down LockBit, ALPHV led to RansomHub's meteoric rise

Investors Beware: Hackers Target Crypto Users With New Zoom Meeting Scam – Report

Kaspersky Exposes New Phishing Scam Targeting Businesses on Facebook

Ninth US Telecom Breached by Chinese Hackers – Texts & Calls Records Stolen

Pro-Russian Hacker Group Claims Cyber Attack On Italy's Foreign Ministry

Pro-Russian Hacker Group Claims Italy Cyberattack

Pro-Russian hackers attack website of Italian Foreign Ministry and number of airports

Pro-Russian hackers target Italian airport websites

The top 10 data breaches of 2024

Volkswagen Group data breach exposes personal data of 800,000 EV owners in Europe

27/12

4 signs you’re being socially engineered by scammers

5 critical infrastructure sectors hit hardest by cyberattacks in 2024

5 cybersecurity habits to take into 2025

2024 Cybersecurity Wrap-Up: Top Attacks, Impacts & Key Takeaways

2024’s Data Breach Catastrophes: A Year of Lessons Unlearned

422,000+ Impacted in American Addiction Centers Cybersecurity Incident

A new hack in town – Crypto users warned of phishing attacks disguised as Zoom meeting links

Access TeleCare Sends Data Breach Letters Following Compromised Employee Email Accounts

American Addiction Centers Data Breach Affects an Estimated 422,424 People

Anniversary Holding Company Files Notice of Data Breach Affecting Certain Employees of Dynasty Healthcare Company

Apache Foundation urges users to patch now and fix major security worries

Apache MINA CVE-2024-52046: CVSS 10.0 Flaw Enables RCE via Unsafe Serialization

B2B Email Database Leak Raises Concerns Over Business Data Security

Brazilian citizen charged for threatening to release data stolen from a company in 2020

CISA's 2024 Review Highlights Major Efforts in Cybersecurity Industry Collaboration

Cl0p ransomware hits over 60 companies using Cleo platform

Clop ransomware lists Cleo cyberattack victims

Cloud Atlas Deploys VBCloud Malware: Over 80% of Targets Found in Russia

Collezione.com.tr Data Breach Exposes 200,000 Records

Cyber attack on Japan Airlines: A wake-up call for aviation security

Cybercriminals Send Fake Legal Notices to Scam Indians: Here’s What to Know

Cyberhaven Chrome Extension Hacked to Inject Malicious Scripts

Cybersecurity firm's Chrome extension hijacked to steal users' data

D-Link Routers Under Attack – Botnet Exploiting Devices to Gain Full Remote Control

Data protection advancements expected to shape 2025 security

Data protection challenges abound as volumes surge and threats evolve

Effortless Office Files Official Notice of Recent Data Breach

Ekonika.ru Data Breach Raises Privacy Concerns

EPS-MTOSB.gov.kh Data Breach Raises Concerns Over Government Data Security

Experts warn of a surge in activity associated FICORA and Kaiten botnets

FICORA and Kaiten Botnets Exploit Old D-Link Vulnerabilities for Global Attacks

General Dynamics reports data breach following phishing campaign

Gold Coast couple loses $250,000 house deposit in 'spear phishing' scam

Hackers exploit DoS flaw to disable Palo Alto Networks firewalls

Hackers Release Second Batch of Stolen Cisco Data

Healthcare Providers Lose Nearly $2M Per Day Due to Cyberattack-Induced Downtime

How 2024 prepared bitcoin and crypto for 2025: Main trends and predictions

Human error to blame in Ascension data breach that impacted 5.6 million patients

Infosec products of the month: December 2024

iOS Devices More Vulnerable to Phishing Than Android, Says Lookout Report

Japan Airlines hit by cyber attack, causing delays to domestic, international flights

Kaspersky Finds New Phishing Scheme Targeting Business Accounts On Facebook

Kaspersky reports 135% rise in crypto-drainer discussions

Law enforcement agencies see AI as a key tool for reducing crime

LegalNurse.com Experiences Data Security Incident, Leading to Data Breach

Massive Data Breach Hits DAP Health: Sensitive Info Exposed

Massive VW Data Leak Exposed 800,000 EV Owners’ Movements, From Homes To Private Spaces

Mysterious NotLockBit Ransomware Attacks Windows & Mac

North Korean Hackers Deploy OtterCookie Malware in Contagious Interview Campaign

Op-Ed: Building a cyber resilient Australia – insights from the Office of the CTO

Over 4,600 Randolph Brooks Federal Credit Union (RBFCU) customers’ data may be leaked in data breach, Texas Attorney General’s office says

Overwhelmed by fraud? Here’s how financial pros fight back

Palo Alto Networks Firewall Vulnerability “CVE-2024-3393” Exploited in the Wild

Palo Alto Networks fixed a high-severity PAN-OS flaw

Palo Alto Networks patches DoS bug in PAN-OS software

Palo Alto Releases Patch for PAN-OS DoS Flaw — Update Immediately

Pharmanewsonline.com Data Breach Raises Concerns in Healthcare Sector

Phishing attack compromises General Dynamics employees

Phishing Attack Targets Defense Giant ‘General Dynamics’, Employees Data Breached

Phishing scam targets Web3 users through Google Ads

Record-breaking ransoms and breaches: A timeline of ransomware in 2024

River Region Cardiology Files Notice of Data Breach Affecting an Estimated 500k

Russian Hackers Behind Trending Zoom Link Phishing Attack

Scotland’s rail network ‘wholly unequipped’ for Nightsleeper-style cyber attack, warns expert

Security leaders don't want to be held personally liable for attacks

STIIIZY Files Official Notice of Data Breach

Suno India Data Breach Sparks Privacy and Security Concerns

Supply Chain Resilience and Physical Security: Lessons for 2025

Tayfa Denizcilik Data Breach Raises Maritime Industry Privacy Concerns

Texas hits data brokers for not registering, underscoring a larger privacy problem

Texas Tech Health Sciences Center El Paso data breach impacted 1.4 million people

The 5 Dumbest Things in Cybersecurity This Year

The future of data and AI: Seven trends shaping 2025 and beyond

The Top 10 Most Active Ransomware Groups of 2024

The Top Cybersecurity Threats of 2024: How AI, Ransomware, and VPN Vulnerabilities Are Shaping the Threat Landscape

This widely-used instant loan app leaks nearly 30 million files of user data

Top CISO Challenges 2024

US adds 9th telecom company to list of known Salt Typhoon targets

US charges Brazilian hacker over extortion activities

Volkswagen Data Breach: 800,000 Electric Car Owners’ Data Leaked

Wexford County works to restore deeds office after cyber-attack stalls services

White House links ninth telecom breach to Chinese hackers

Why the US needs its own Cyberspace Force

WiFi hackers can bypass WPA3 security by exploiting its weakest link: the user

26/12

75% of organizations view social unrest as the greatest risk

A cyber attack hit Japan Airlines delaying ticket sales for flights

AEP Texas Data Breach Exposes Millions of Customer Records

Aosense.com Database Breach Raises Concerns Over NASA-Related Data Security

Apache fixed a critical SQL Injection in Apache Traffic Control

Apache MINA Vulnerability Let Attackers Execute Remote Code

Apache warns of critical flaws in MINA, HugeGraph, Traffic Control

Ataque cibernético retarda voos da Japan Airlines

Ataque hacker atinge companhia aérea e causa atraso em voos

Brazilian Hacker Charged for Extorting $3.2M in Bitcoin After Breaching 300,000 Accounts

Cairo Governorate Education Portal Data Breach Raises Privacy Concerns

Central Securities Depository Data Breach Raises Financial Security Concerns

Cyberattack Disrupts Japan Airlines Operations, Delays Over 40 Flights

Cybersecurity spending trends and their impact on businesses

Data disclosures shaped compliance landscape in 2024

Dell SupportAssist Vulnerability Let Attackers Escalate Privileges

EPA.gov Data Breach Raises Concerns Over Government Data Security

Hacker brasileiro é acusado nos EUA de extorsão milionária

Hacker brasileiro é indiciado por extorsão de R$ 17 milhões em Bitcoin

Hackers invadem site do governo da Argentina e deixam comentários contra Milei

Hospital billing vendor settles $2Mn data breach lawsuit

How to reduce the typical 24-day recovery timeline

IBM AIX Vulnerability Let Attackers Trigger DoS Condition

Indian Railways Website Crashed Again, Disrupting Tatkal Ticket Booking Across India

Infosecurity's Top 10 AI Cybersecurity Stories of 2024

Infostealers Dominate as Lumma Stealer Detections Soar by Almost 400%

iOS devices more exposed to phishing than Android

Japan Airlines (JAL) cyberattack disrupts operations causing flight delays and cancellations

Japan Airlines System Hit by Cyber Attack, Flight Operations Affected

Nara.ae Data Breach Raises Concerns Over User Privacy

Nearly half a million people had data stolen after cyberattack on American Addiction Centers

New 'OtterCookie' malware used to backdoor devs in fake job offers

Os piores ataques hackers de 2024

Pick n Pay Data Breach Sparks Concerns Over Customer Privacy

Psychogen Database Breach Raises Concerns Over User Privacy

Researchers Uncover Dark Web Operation Entirely Focused on KYC Bypass

Researchers Uncovered Dark Web Operation Acquiring KYC Details

Service disruptions continue to blindside businesses

These were the badly handled data breaches of 2024

Top 10 DevOps Stories of 2024: Key Insights and Innovations

Two Californians charged in the largest NFT fraud case to date

Using Shorter Public Certificate Lifespans to Prepare for Post-Quantum Cryptography

25/12

$500K Phishing Scam Targeting Solana Memecoin Investors Revealed

Apache Traffic Control Vulnerability Let Attackers Inject Malicious SQL Commands

BellaCPP, Charming Kitten’s BellaCiao variant written in C++

Clop ransomware hits 66 companies: Check if you’re on their radar

Critical SQL Injection Vulnerability in Apache Traffic Control Rated 9.9 CVSS — Patch Now

DeFi Phishing Attack : How a Fake Zoom App Stole $1M

DMM Bitcoin $308M Bitcoin heist linked to North Korea

Five lesser known Task Manager features in Windows 11

Former NSA cyberspy's not-so-secret hobby: Hacking Christmas lights

FunFun688.com Casino Database Breach Exposes Sensitive User Information

Hackers are stealing Gmail and Microsoft 365 accounts with this new phishing technique

Hackers are tricking victims into scam-yourself attacks with fake tutorials, CAPTCHAs, and updates

Hackers are using Russian domains to launch complex document-based phishing attacks

How Healthcare Cyberattacks Broke Records in 2024

Indonesia Government Data Breach – Hackers Leaked 82 GB of Sensitive Data Online

Interlock ransomware attacks highlight need for greater security standards on critical infrastructure

Iran's Charming Kitten Deploys BellaCPP: A New C++ Variant of BellaCiao Malware

New Sophisticated Attack Weaponizes Windows Defender to Bypass EDR

North Korea-Backed Hacker Poses as LinkedIn Recruiter, Steals Rs 2,560 Crore from Japanese Crypto Firm

NRJ Mobile Database Breach Raises Privacy Concerns

Phishing Alert: Crypto Event Attendee Data For Sale

Pittsburgh Regional Transit attributes recent service disruptions to ransomware attack

Postman Data Leak – 30,000 Publicly Accessible Workspaces Could Lead Massive Hack

Ruijie Networks' Cloud Platform Flaws Could Expose 50,000 Devices to Remote Attacks

Stanford University Servers Allegedly Compromised with SSH Access for Sale

The 2024 cyberwar playbook: Tricks used by nation-state actors

The Fintech Wild West: Why Preventive Cybersecurity Is Essential for Survival

This devious two-step phishing campaign uses Microsoft tools to bypass email security

Top 10 Cyber Law Enforcement Operations of 2024

Trifecta.com Database Breach Sparks Privacy Concerns

US healthcare sector faces new data breach

U.S. indicts Chinese hacker for firewall breach

WhatsApp Wins Lawsuit Against Israeli Spyware Maker NSO Group

Wood County recovering from ransomware attack

WY88 Casino Database Breach Raises Privacy Concerns

Yaaka.fr Database Breach Raises User Privacy Concerns

24/12

7 biggest cybersecurity stories of 2024

2025 is going to be a bumpy year for IoT

Adobe ColdFusion Vulnerability: Critical Bug (CVE-2024-53961) with PoC Exploit Code Discovered

Adobe ColdFusion Vulnerability Let Attackers Read arbitrary files – PoC Released

Adobe is aware that ColdFusion bug CVE-2024-53961 has a known PoC exploit code

AI-driven scams are about to get a lot more convincing

Apache Foundation fixed a severe Tomcat vulnerability

Apache HugeGraph-Server Vulnerability Lets Attackers Bypass Authentication

Apache Tomcat Vulnerability CVE-2024-56337 Exposes Servers to RCE Attacks

API security blind spots put businesses at risk

As Ransomware Groups Evolve, How Do Police and Defenders Keep Up?

Ascension Healthcare Cyberattack Hits 5.6 Million: A Peek into the Massive Data Breach

Brazilian Hacker Charged for Selling Data Stolen From Hacked Computers

CISA Adds Acclaim USAHERDS Vulnerability to KEV Catalog Amid Active Exploitation

CISA Flags CVE-2021-44207 in Exploited Vulnerabilities Catalog: High Impact Alert

Clop ransomware gang takes credit for latest mass hack that breached dozens of companies

Clop ransomware is now extorting 66 Cleo data-theft victims

Digital battlefield: Navigating the cyber threats of 2025

Don’t take the phishing bait

FBI, DC3, and NPA Track $308 Million Cryptocurrency Theft to North Korean Hackers

FBI links North Korean hackers to $308 million crypto heist

How CISOs can make smarter risk decisions

HubSpot phishing campaign eyes thousands of MS Azure accounts

Hyperliquid Faces Record Outflow Amid Allegations of North Korean Hacker Activity

India’s States Collaborate on Digital Growth and Cybersecurity at MeitY Summit

Industry predictions for 2025: What can government do to combat cyber crime?

Infosecurity's Top 10 Cybersecurity Stories of 2024

Italy’s data protection watchdog fined OpenAI €15 million over ChatGPT's data management violations

Japan, US blame North Koreans for US$300 million crypto theft

Japão e EUA acusam Coreia do Norte pelo roubo de US$ 300 milhões em criptomoedas

Kaspersky Alerts Users on Telegram Premium Phishing Scams

Kaspersky Shares Tips For Minimizing Ransomware Attacks For Companies In Indonesia

Kingpin of Deadly Ransomware Gang Arrested: Extorted Thousands of Crores in Global Cyber Attacks

LockBit developer snared in latest blow for infamous hacker group

Major Biometric Data Farming Operation Uncovered

Node.js “systeminformation” Vulnerability Exposes Millions of Systems to RCE Attacks

North Korean hacker group behind DMM Bitcoin’s cryptocurrency leak

North Korean Hackers Pull Off $308M Bitcoin Heist from Crypto Firm DMM Bitcoin

North Korean hackers steal $308M in crypto posing as LinkedIn recruiters

OilRig Hackers Exploiting Windows Kernel 0-day to Attack Organizations

Over 400K patients exposed in addiction treatment hack

Patient and Employee Data Exposed in June Ascension Cyberattack: New Details Released

Pittsburgh Regional Transit dealing with ransomware attack that slowed light rail system last week

Pittsburgh transit agency victim of ransomware attack

Postman Workspaces Leak 30000 API Keys and Sensitive Tokens

Python Malware in Zebo-0.1.0 and Cometlogger-0.1 Found Stealing User Data

Researchers Uncover PyPI Packages Stealing Keystrokes and Hijacking Social Accounts

Spyware Maker NSO Group Liable for WhatsApp User Hacks

SRP Federal Credit Union reports data breach affecting more than 240,000 people

Texas university suffers breach, thousands affected

Two New Malicious PyPI Packages Attacking Users to Steal Login Details

Urgent New Gmail Security Warning For Billions As Attacks Continue

US and Japan Blame North Korea for $308m Crypto Heist

U.S. Department of State offering $10M reward for information on Fulton ransomware attack suspect

US House to Vote on $3 Billion Funding for Removal of Chinese Telecom Equipment

Your Business is Exposed on the Dark Web: What to do About it

23/12

5.6 Million Impacted by Ransomware Attack on Healthcare Giant Ascension

10 Best Linux Firewalls In 2025

15 years of leaks: how Mark Gurman became the go-to news breaker for all things Apple

17M Patient Records Stolen in Ransomware Attack on Three California Hospitals

2024: A year of data leaks, espionage, and DDoS attacks

A new Microsoft 365 phishing service has emerged, so be on your guard

AI Could Generate 10,000 Malware Variants, Evading Detection in 88% of Case

AI-fueled phishing, shadow AI, jailbreaks kept security pros busy in 2024

Apache fixes remote code execution bypass in Tomcat web server

Be Careful, Cyber Attack Misinformation Is More Dangerous Than Ransomware Attacks

Beverly.org Data Breach Exposes Sensitive User Information

Black Basta group claims ransomware attack on U.S. vegetables producer Furmano's

BrownPacking.com Data Breach Exposes Sensitive Information

Court finds Pegasus spyware maker NSO Group liable for hacking 1,400 WhatsApp users

Criminal duo charged for $22M rug-pulled NFT schemes like ‘Vault of Gems’

Critical SHARP Routers Vulnerabilities Lets Attacker Trigger RCE to Gain Root Access

Critical Vulnerabilities Found in WordPress Plugins WPLMS and VibeBP

Crypto investors losing millions to Google impersonators

Cryptomining Malware Found in Popular Open Source Packages

Demystifying the CISO: A Guide to Cybersecurity Leadership

Emerging Threats in Healthcare Cybersecurity: Patient Data at Risk

Enterprise Security Architecture: A Quality Management and Resilience Enhancer

Estate agents warned against festive cyber attacks

Evilginx: Open-source man-in-the-middle attack framework

Healthcare management firm Regional Care said hackers stole the data of 225,000 individuals

How companies can fight ransomware impersonations

How Hackers Are Using Physical Mail for Phishing Scams

HyperLiquid Experiences Unprecedented USDC Withdrawal Following Hacker Rumors

IBM Cognos Analytics Vulnerability Allows Malicious File Upload & Injection Attacks

ICO Warns of Mobile Phone Festive Privacy Snafu

Interpol Identifies Over 140 Human Traffickers in New Initiative

Irish DPC fines Meta €251m over 2018 data breach that affected 3 million EU users

Italy Fines OpenAI €15 Million for ChatGPT GDPR Data Privacy Violations

Italy Imposed EUR 15 million Fine to Open AI For Violating GDPR

Justice Department Cracks Down on LockBit Ransomware: Key Developer Arrested in Israel

Kaspersky warns of rising Telegram Premium phishing scams and malware threats

Lazarus APT targeted employees at an unnamed nuclear-related organization

LockBit Dev Exposed: Ransomware Secrets Rock Cybercrime

Maximizing the impact of cybercrime intelligence on business resilience

McDonalds delivery customers put at risk by possible data breach

Microsoft fixes bug behind random Office 365 deactivation errors

More than 910,000 patients at risk after ConnectOnCall health data breach

New Study Reveals Widening Gap Between Cyber Attack Causes and Public Perception

NFT scammers charged for stealing $22 million through “rug pulls”

Phishing and social engineering account for 70-90% of malicious Data breaches, says cyber-security specialist

Phishing Report Findings Call for a Fundamental Shift in Organizational Approaches to Defense

PHP-based Craft CMS Vulnerability Let Attackers Execute Remote Code

Premium WPLMS WordPress plugins address seven critical flaws

Ransomware Attack Exposes Data of 5.6 Million Ascension Patients

Ransomware attack on Rhode Island health system exposes data of hundreds of thousands

Researchers Bypass WPA3 to Acquire Network Password via Man-in-the-Middle Attack & Social Engineering

Rockstar2FA Collapse Fuels Expansion of FlowerStorm Phishing-as-a-Service

Russia's biggest cyber attack on Ukraine: Justice Ministry starts recovering state registers

Supply Chain Attack Hits Rspack, Vant npm Packages with Monero Miner

Texas hospital shared the healthcare data of over 40,000 patients with a third party vendor

Top 7 zero-day exploitation trends of 2024

Top 10 Cybersecurity Trends to Expect in 2025

Top LockBit developer arrested, awaiting extradition to US

UN delegate data allegedly exposed in claimed cyber attack

US charges suspected LockBit ransomware developer

US court finds spyware maker NSO liable for WhatsApp hacks

U.S. Court rules against NSO Group in WhatsApp spyware Lawsuit

U.S Intelligence Agencies Launched Cyber Attack on Chinese Tech Companies

U.S. Judge Rules Against NSO Group in WhatsApp Pegasus Spyware Case

VESD.net Data Breach Exposes Thousands of Sensitive Records

VESD.net Data Breach Exposes Thousands of Social Security Numbers

What open source means for cybersecurity

WilsonSD.org Data Breach Exposes Social Security Numbers

22/12

Alleged Data Breach at Alexandria University Exposes Sensitive Information

Alleged Data Breach at Nirjai.com Exposes 13,000 Records

Alleged Data Breach Exposes 19,950 Student Records

Alleged Data Breach Exposes Russian Pensioners’ Information from 2021

Alleged Data Breach Exposes Worldwide Domain Database

Data breach may impact thousands of Monument Health patients

New PaaS Platform “FlowerStorm” Attacking Microsoft 365 Users

North Korean hackers stole $1.3 billion worth of crypto this year

Patricia reportedly begins customer repayment plan after 2023 cyber attack

Synology patches critical vulnerabilities, urges users to update devices against zero-click attacks

Two arrested for posing as Delhi Jal Board officials, running phishing scam

US charged Dual Russian and Israeli National as LockBit Ransomware developer

U.S. Charges Developer Of LockBit For Billions In Ransomware Damages

Daily News - Dezembro (15/12 - 21/12) - 51 Semana de 2024