Take action on the latest cybersecurity events

Cybersecurity advisories and events as they happen, with a clear action you can take.

published: Nov. 6, 2023
During the week of October 30 to November 6, 2023, there were 6 cybersecurity advisories and 22 data breach events, including a record-breaking incident affecting over 815 million individuals, marking a slight statistical improvement from the previous week but revealing a concerning trend with the magnitude of individuals impacted by data breaches.
published: Oct. 30, 2023
Between Oct. 23 and 30, 2023, there were 7 advisories and 24 incidents/data breaches, marking a decrease from the previous week with impacted individuals dropping to over 2.92 million from over 5 million. The largest breach involved Redcliffe Labs, affecting 2.5 million individuals. Industries affected ranged from IT to Aviation, with various causes such as ransomware and third-party breaches.
On Friday, October 20, the identity management platform Okta said it suffered an intrusion in its customer support system.
published: Oct. 23, 2023
In the week between October 16, 2023, and October 23, 2023, there were 7 advisory/vulnerability events and 32 incident/data breach events, marking a concerning increase in incidents compared to the previous week, with over 5,000,000 individuals impacted across various industries due to factors such as ransomware attacks, third-party breaches, and critical software vulnerabilities, including actively exploited ones like WinRAR, Citrix Netscaler, and JetBrains TeamCity.
published: Oct. 16, 2023
Between October 9, 2023, and October 16, 2023, there were 11 advisory/vulnerability events and 23 incident/data breach events, with a slight increase in impacted individuals to approximately 1,100,000, compared to the previous week's 900,000, and notable incidents included a data breach of 530,000 individuals on the French gaming platform Shadow.
Cloudflare, alongside Google and Amazon AWS, unveiled a significant "HTTP/2 Rapid Reset" zero-day vulnerability that enabled attackers to launch unprecedented DDoS attacks. Cloudflare and other cloud providers has since taken proactive measures, collaborating with industry peers and urging entities to update systems and consider additional protections.
published: Oct. 9, 2023
Between Oct. 2 and Oct. 9, 2023, there were 8 advisory/vulnerability events and 19 incident/data breach events, with a notable decrease from the previous week, impacting approximately 900,000 individuals, with the most significant breach affecting 600,000 people due to the RansomedVC's theft of voter data from the DC Board of Elections.
published: Oct. 2, 2023
During the week between September 25, 2023, midnight and October 2, 2023, midnight, there were a total of 11 advisory/vulnerability events and 20 incident/data breach events, with 3 practical knowledge items shared. In comparison to the previous week, advisories and incidents remained in a similar range, with a significant increase in the number of known impacted individuals from data breaches reaching over 47 million. The incidents were primarily caused by ransomware, third-party breaches, and denial of service attacks, affecting various industries including finance, healthcare, entertainment, education, and others.
A massive data exposure occurred as digital risk protection company DarkBeam left a database containing over 3.8 billion user records, sourced from prior breaches, unprotected, raising concerns about data security practices and the potential for cybercriminals to exploit this well-aggregated data in future attacks.
published: Sept. 25, 2023
In the week between September 18, 2023, midnight, and September 25, 2023, midnight, there were 10 advisory/vulnerability events, 22 incident/data breach events, and 3 shared practical knowledge items. This is a minor week-over-week improvement with increased advisories but reduced incidents compared to the previous week. The incidents are reported to impact a total of 26,336 individuals across various industries with major causes remaining ransomware and third party breaches.