LATEST POST
Hackers abuse Google Cloud to send trusted phishing emails
Fox News reports: Cybercriminals have found a clever new way to get phishing emails straight into inboxes. Instead of spoofing brands, they are abusing real cloud tools that people already trust. Security researchers say attackers recently hijacked a legitimate email feature inside Google Cloud. The result was thousands of phishing messages that looked and felt like […]
Cloud file-sharing sites targeted for corporate data theft attacks
BleepingComputer reports: A threat actor known as Zestix has been offering to sell corporate data stolen from dozens of companies likely after breaching their ShareFile, Nextcloud, and OwnCloud instances. According to cybercrime intelligence company Hudson Rock, initial access may have been obtained through credentials collected by info-stealing malware such as RedLine, Lumma, and Vidar deployed on employee devices. […]
HIPAA Compliance and Breach Communications: Helpful Tips for SMBs
An article by DataBreaches.net in collaboration with North Country Communications, LLC On December 15, North Country Communications launched as a consultancy dedicated to helping small and mid-sized HIPAA-regulated entities comply with HIPAA’s privacy, security, and breach notification requirements. DataBreaches took the opportunity to interview its founder, Rachel Klugman Seeger, about the services she provides to clients through on-site or […]
Third-Party Data Breaches: What You Need to Know
Sarah Hemmersbach or Mitratech Holdings writes: A third-party data breach occurs when malicious actors compromise a vendor, supplier, contractor, or other organization to gain access to sensitive information or systems of the victim’s customers, clients, or business partners. Third-party data breaches are becoming increasingly common as technology makes it easier for businesses to connect and […]
The biggest cybersecurity and cyberattack stories of 2025
BleepingComputer recaps what they view as the 15 biggest cybersecurity and cyberattack stories of 2025. Four of the 15 involve ShinyHunters or the ScatteredLapsus$Hunters collective. Among other stories: In 2025, ClickFix attacks became widely adopted by numerous threat actors, including state-sponsored hacking groups and ransomware gangs. What started as a Windows malware campaign, quickly expanded to macOS and […]
Responding to a Data Breach
From an article in The Financial Poise: When a business gets the call that something has gone wrong with its data, the first instinct is usually panic. Systems are slow, employees are confused, and leadership wants answers immediately. But as cybersecurity incidents become a routine part of modern business life, the difference between companies that […]
Two cybersecurity guys plead guilty to being hackers all along
KnowTechie reports: Two former cybersecurity professionals have admitted they were secretly running ransomware attacks on the side. According to an announcement this week from the US Department of Justice, Ryan Goldberg, 40, and Kevin Martin, 36, pleaded guilty to orchestrating a string of ransomware attacks in 2023 that netted them about $1.2 million in Bitcoin. Here’s the […]
80 Hospitals May Have Been Affected by the Oracle Health Data Breach
HIPAA Journal reports: The number of individuals affected by the hacking incident at Oracle Health has yet to be confirmed; however, the data breach is known to have affected approximately 80 hospitals, although a list of those hospitals has not been made public. Oracle Health has been notifying the affected healthcare provider clients, some of […]