DAILY NEWS: Abril (16/04 - 22/04) - 16 Semana de 2023
Cyber Security and Information Security News --- Daily Updates !! Weekly Resume

22/04
Airman accused of leaking Pentagon documents previously shared other classified information: Report
Billions of Google users warned over dangerous ‘info email’ – don’t let your bank be emptied
ChatGPT Can be Tricked To Write Malware When You Act as a Developer Mode
CISA Adds 3 Actively Exploited Flaws to KEV Catalog, including Critical PaperCut Bug
Don’t Fall for the Latest iPhone Phishing Scam
EvilExtractor malware activity spikes in Europe and the U.S.
First-Ever Cyber Attack Via Kubernetes RBAC to Create Backdoor on Clusters
Gateway Casinos Confirms Cyberattack on Ontario IT Infrastructure
Gateway Casino Sudbury remains closed following cybersecurity incident
Google ads push BumbleBee malware used by ransomware gangs
Google reveals 7 common signs you may already be a victim of bank-raid attack – check your inbox now
Hacker keep off: Password tips to secure business accounts
Hackers Breach American Bar Association, Millions of Logins Potentially Stolen
How Businesses Can Improve Data Security
How to prevent your printer from getting hacked
ICICI Bank refutes data breach allegation; here's what we know so far
Indian insurance regulator suffers cyber attack, insurers data at risk
Lazarus X_TRADER Hack Impacts Critical Infrastructure Beyond 3CX Breach
Netflix scam: Why you should not respond to email asking for payment details and how to stay safe
Optus sued by ‘vulnerable’ victims of data breach
Ransomware attacks hit an all-time in March 2023
SafeMoon hacker agrees to return 80% of stolen funds: Finance Redefined
Senate to probe data breach in goverment agencies
Sudanese hackers knock offline websites of major Israeli airport, electric company
Tank storage company Vopak hacked, Ransomware groups report
Thousands impacted by Council programme data breach
UK's new emergency phone alert system 'vulnerable to cyber criminals'
21/04
3CX Cyber Attack: It Was The Aftermath of Another Supply-Chain Attack
3CX hack highlights risk of cascading software supply-chain compromises
14 Kubernetes and Cloud Security Challenges and How to Solve Them
A malicious campaign by Daggerfly hits major African telecom services providers
ABS Wavesight, ActZero alliance to boost cyber-security service
Anti-poaching tech vulnerable to cyber attacks, study finds
Billions of WhatsApp users must avoid three huge mistakes – check app to be safe
Can electric vehicles be hacked?
Capita: Data Was Taken in March Cyber Incident
Capita Warns Customer Data May Have Been Stolen in Cyber Attack
China building cyber weapons to hijack enemy satellites, says US leak
China Developing Anti-Satellite Weapons - Report
Cisco and VMware Release Security Updates to Patch Critical Flaws in their Products
Cisco fixed critical flaws in the Industrial Network Director and Modeling Labs solutions
Controle de tráfego aéreo europeu diz que ataque de hackers pró-Rússia não afeta voos
Cyber attack led to data breach
Cyber attack strikes the City of Ballwin's servers, disrupts online payment portals
Cyber Experts Predict More Harmful Cyberattacks in Ukraine
CyberMaxx Releases First Quarter Ransomware Research Report
CYBERUK23: Five Takeaways From the NCSC Conference on the UK's Cyber Strategy
Defi protocol “Unlock” hacked for 20 Ethereum
European air traffic control agency's website under cyber attack from pro-Russian hackers: Report
GhostToken Flaw Could Let Attackers Hide Malicious Apps in Google Cloud Platform
Good Friday Agreement paved way for Northern Ireland’s emergence as a global cybersecurity hub
Government Agencies Release Blueprint for Secure Smart Cities
Government launches new cyber security measures
Hackers steal ‘goldmine of personal data’ in cyber attack
How Does Identity Transport Across Privacy Jurisdictions?
How SMEs Can Secure the Remote Workforce
Hybrid Workers Make the Attack Surface More Complex
ICICI Bank Data Leak – Millions of Records with Sensitive Data Exposed
Inaugural Langevin Symposium addresses cybersecurity and cyberwarfare
Industrial Cybersecurity Market Size worth USD 29.41 Billion by 2027 | Fortune Business Insights
Intro to phishing: simulating attacks to build resiliency
Is your bank account safe? Mass layoffs weaken cybersecurity across finance sector
Kubernetes RBAC Exploited in Large-Scale Campaign for Cryptocurrency Mining
Latitude leak reveals personal financial data
More Russian cyber-attacks targeting Finland, agencies say
Most interesting products to see at RSA Conference 2023
National Bureau of Investigation (NBI) denies system linked to massive data breach
National Cyber Security Centre tells Government departments to avoid TikTok on official devices
N.K. Hackers Employ Matryoshka Doll-Style Cascading Supply Chain Attack on 3CX
‘Operation cookie monster’ and other cybersecurity news to know this month
Optus data breach class action launched by Slater and Gordon
Prioritising cybersecurity is the only way to stop threat actors from barging in
Pro-Russian hackers stage attack against Europe’s air-traffic control agency
Prototype cyber tech has revolutionary potential
Rentomojo cyber attack: Company informs customers financial data is safe
Scammers using social media to dupe people into becoming money mules
Secureworks has discovered malware in online advertising
Spear Wilderman Facing Class Action Over 2021 Data Breach
The CSO guide to top security conferences
The Expert View: Accelerating cyber-security maturity in a time of economic uncertainty
The New Risks ChatGPT Poses to Cybersecurity
The staying power of shadow IT, and how to combat risks related to it
The strong link between cyber threat intelligence and digital risk protection
TIM expands into the cybersecurity market with the acquisition of TS-Way
Top three factors leading to burnout at work
UK cyber chief recognises Northern Ireland as global cyber security hub
UK Cyber Security Council Identifiy Key Inhibitors to Cyber-diversity
UK Government launches new cyber security measures
UK Government puts critical infrastructure and services on heightened alert for cyber attacks
University websites using MediaWiki, TWiki hacked to serve Fortnite spam
Use of Generative AI Poses Risk to Companies
‘We Are Not Under Any Cyber Attack’: Bolt Slams ‘Malicious’ Rumours Of App Being Hacked
What Does Top-Notch Managed IT Security Look Like?
20/04
3CX hack caused by trading software supply chain attack
A 2023 Mantra: Think of Cybersecurity Risk as Business Risk
Accurate, Useful Risk Scoring Demands Business Risk Observability
Analyzing Malware using FREE Online Tools
Beyond Traditional Security: NDR's Pivotal Role in Safeguarding OT Networks
Capita confirms hackers stole data in recent cyberattack
ChatGPT-Related Malicious URLs on the Rise
ChatGPT's Data Protection Blind Spots and How Security Teams Can Solve Them
CISOs struggling to protect sensitive data records
Critical Infrastructure Firms Concerned Over Insider Threat
Cyber Attack on SD Worx Shuts Down HR Services for UK and Ireland Customers
Cyber insurer launches InsurSec solution to help SMBs improve security, risk management
CYBERUK23: Russian Cyber Offensive Exhibits ‘Unprecedented’ Speed and Agility
CYBERUK23: UK Strengthens Cybersecurity Audits for Government Agencies
Daggerfly APT Targets African Telecoms Firm With New MgBot Malware
Daggerfly Cyberattack Campaign Hits African Telecom Services Providers
Data Security Best-Practice in a World of Evolving Risks and Regulations
Experts disclosed two critical flaws in Alibaba cloud database services
Five Eye nations release new guidance on smart city cybersecurity
Fortra Sheds Light on GoAnywhere MFT Zero-Day Exploit Used in Ransomware Attacks
Google TAG warns of Russia-linked APT groups targeting Ukraine
Government launches new cyber security measures to tackle ever growing threats
How companies are struggling to build and run effective cybersecurity programs
How to update your router's firmware (and why you should be doing it regularly)
IT and business services market shows resilience with positive growth outlook
Lazarus Group Adds Linux Malware to Arsenal in Operation Dream Job
Lazarus hackers now push Linux malware via fake job offers
Microsoft 365 outage blocks access to web apps and services
Ministros e altos oficiais do governo usam aplicativos chineses que roubam dados dos usuários
North Korean Hacker Suspected in 3CX Software Supply Chain Attack
NSO Group Used 3 Zero-Click iPhone Exploits Against Human Rights Defenders
Outdated cybersecurity practices leave door open for criminals
Recycled Network Devices Exposing Corporate Secrets
Small Business Interest in Cyber-Hygiene is Waning
The biggest data security blind spot: Authorization
The K-12 guide to multi-layered cybersecurity
Trigona Ransomware targets Microsoft SQL servers
Two Critical Flaws Found in Alibaba Cloud's PostgreSQL Databases
Valid Certificadora restabelece sistema após tentativa de ataque hacker
VMware fixes vRealize bug that let attackers run code as root
Xage’s new IAM offering provides multilayer authentication for ICS/OT
Windows secrets extraction: a summary
19/04
5 free online cybersecurity resources for small businesses
17 House members, 585 staff among victims of D.C. Health Link breach, director will say
A Hacker Has Stolen $10 Million in Ethereum and No One Knows How
A shocking number of businesses aren't getting their data back after a ransomware attack
A Year of Armed Conflict: Lessons to Be Learned for Cybersecurity
AI is being exploited to create more convincing scams
Announcing Mandiant Executive Cybersecurity Services
Are public USB charging stations to be trusted?
Black Basta hacker group claims responsibility for a cyber attack on Capita
BlackBerry Unveils AI-Based Cybersecurity Tool, Hannover Messe 2023
BlackCat (ALPHV) Gang Claims Ransomware Attack on NCR Data Center
Blind Eagle Cyber Espionage Group Strikes Again: New Attack Chain Uncovered
Coro raises $75M at a $575M valuation to grow its all-in-one cybersecurity platform
Critical Flaws in vm2 JavaScript Library Can Lead to Remote Code Execution
Cyber-attack Detection Time Lowest on Record
Cyber Security & Risk Management 2023
Cybersecurity agencies publish new guidance on safe software design: Here's why it matters
CYBERUK23: NCSC Urges International Collaboration to Build Cyber Resilience
Darwinium upgrades its payment fraud protection platform
Data Security in the Digital Age: Cybersecurity Companies Offer Solutions
DC Health Link Data Breach Caused by Human Error
Digital asset phishing scams shot up 40% in 2022: report
Enterprises Exposed to Hacker Attacks Due to Failure to Wipe Discarded Routers
Expel Publishes New Research on the Cybersecurity Challenges Facing British Organisations
Fighting Password Fatigue Means Retiring Passwords for Good
Glasgow NatWest customers issued warning over email scam draining bank accounts
Global finance firms take part in NATO cyber attack simulation
Google Chrome Hit by Second Zero-Day Attack - Urgent Patch Update Released
Google patches another actively exploited Chrome zero-day
Google TAG Warns of Russian Hackers Conducting Phishing Attacks in Ukraine
Hackers targeting businesses through weak links in supply chain
Hackers Using Old Nokia 3310 Phone to Steal Cars
Iranian Government-Backed Hackers Targeting U.S. Energy and Transit Systems
Israeli firm NSO’s spyware again hacking iPhones: Report
Korea seeks legislation against phishing attacks
Lacework adds vulnerability risk management to its flagship offering
Legion Hacker Tool Used to Steal Data from Poorly Protected Websites
Lloydspharmacy vows to take action after media reports of customer data breach
March 2023 broke ransomware attack records with 459 incidents
Marsh McClennan releases new cyber security report
Mid-market cybersecurity platform Coro pulls in $75m
NCSC Warns of Destructive Russian Attacks on Critical Infrastructure
New BlackBerry Research Finds Manufacturers Increasingly Wary of Nation State Threats
Nintendo processou! Hacker que desbloqueou Switch e 3DS é condenado a pagar indenização vitalícia
OpenSSF releases SLSA v1.0, adds software supply chain-specific tracks
Pakistani Hackers Use Linux Malware Poseidon to Target Indian Government Agencies
PDF and WSF files used in powerful email malware attack
Play Ransomware Attacks Utilize New Custom Tools
Play ransomware gang uses custom Shadow Volume Copy data-theft tool
Police Escape $1.2m Fine For Secretly Recording Phone Calls
Property firm OrangeTee & Tie fined $37k for data breach affecting over 250,000 customers, staff
Quantifying cyber risk vital for business survival
Ransomware reinfection and its impact on businesses
Researchers discover sensitive corporate data on decommissioned routers
Russian-aligned cyber groups are seeking to target Western infrastructure, U.K. says
Security beyond software: The open source hardware security evolution
The crippling effect of cybercrime on our emotional wellbeing
The Importance of Cybersecurity Training for Employees
These medical IoT devices carry biggest security risks
Tight budgets and burnout push enterprises to outsource cybersecurity
Top risks and best practices for securely offboarding employees
Top Strategic Cybersecurity Trends for 2023
Triple-digit Increase in API and App Attacks on Tech and Retail
Tucson Unified School District (TUSD) provides update on ransomware attack investigation
UK NCSC warns of new class of Russian cyber adversary threatening critical infrastructure
Uncovering (and Understanding) the Hidden Risks of SaaS Apps
U.S. and U.K. Warn of Russian Hackers Exploiting Cisco Router Flaws for Espionage
What is Cyber Security? 6 Steps to Support Profitability and Prevent Chaos
What Uber’s Latest Data Breach Means for Third-Party Risk
Workshop on cyber security for MSMEs and women entrepreneurs held in Shillong
18/04
19 startups to check out at RSA Conference 2023
Akamai Report Surfaces Spike in Attacks Against Web Apps and APIs
Apple’s Macs Have Long Escaped Ransomware. That May Be Changing
Aussie, NZ business paying up in ransomware attacks
Avalor wants to unify cybersecurity tools by aggregating data
Balancing cybersecurity with business priorities: Advice for Boards
Cloud identity: Are you who you say you are?
Cloud Security Alerts Take Six Days to Resolve
Conversational Attacks Fastest Growing Mobile Threat
Data breach concerns ahead of Gloucester cyber attack report
Data-driven cyber: transforming cyber security through an evidence-based approach
Data Security in the Digital Age: Cybersecurity Companies Offer Solutions
Deal Signed To Hold First Cyber Security Summit Next September
DFIR via XDR: How to expedite your investigations with a DFIRent approach
Emerge Digital and ConnectWise team up to redefine cyber security for SMEs
Gateway Casinos’ Ontario system-wide IT outage due to cyber security incident
Gateway casinos to remain closed after cyber attack: officials
Generative AI like ChatGPT fuels sophisticated phishing attacks
Goldoson Android Malware Infects Over 100 Million Google Play Store Downloads
Guarding Against Insider Threats
Hacker da Nintendo terá de ceder parte do ordenado à companhia toda a vida
How does zero-trust technology aids businesses in implementing effective cybersecurity measures?
How Website Tracking Technologies Are Transforming Risk Analysis Across Industries
How Will a Recession Change the Cybersecurity Landscape?
Hyundai data breach exposed customer info
Implementing a zero-trust system that uses workload identity across a service mesh in Kubernetes
IPH reveals data breach originated from member firm
Iranian Hackers Using SimpleHelp Remote Support Software for Persistent Access
Israeli surveillance firm QuaDream is shutting down amidst spyware accusations
LockBit Ransomware Now Targeting Apple macOS Devices
NatWest issues urgent warning to all customers amid new email scam concerns
Netflix and Gmail users warned about new email scam
Network infrastructure provider CommScope investigating data leak following ransomware attack
New Jersey State workers targeted in cyber attack
New Qbot campaign delivers malware by hijacking business emails
Nintendo com requintes de crueldade – Hacker pagará multa vitalícia
Phishing Attacks Surge as Threat Actors Leverage New AI Tools
Pre-pandemic techniques are fueling record fraud rates
Ransomware Hackers Steal Sensitive Charity Data
Real estate firm OrangeTee & Tie fined for data breach involving 250,000 customers and employees
S. Korea Successfully Foils Cyber Attack by US-Sanctioned Lazarus Group: Report
The classified document leak: let’s talk about Jack Teixeira’s need-to-know
The future of cyber security in an AI-driven world
The intricate relationships between the FIN7 group and members of the Conti ransomware gang
UK's SMEs to Benefit From New Cyber Advisors
Wargaming an effective data breach playbook
Weak credentials, unpatched vulnerabilities, malicious OSS packages causing cloud security risks
What Is Data Minimisation? Definition & Examples
What is e-mail spoofing and how can you prevent it?
WhatsApp, Signal Claim Online Safety Bill Threatens User Privacy and Safety
Why don't people care about data leaks?
17/04
7 countries unite to push for secure-by-design development
7 cybersecurity mindsets that undermine practitioners and how to avoid them
Abuse victims’ data stolen in ransomware attack on Derry company
AI tools like ChatGPT expected to fuel BEC attacks
AI verification systems give businesses an edge over scammers
Alcohol Recovery Startup Suffers Healthcare Data Breach, 108K Impacted
Are Smart Home Devices Invading Your Privacy?
Breach Me Twice, Shame On Who? The Importance Of Backing Cybersecurity Initiatives
Can Generative AI Shrink the Cybersecurity Skills Gap?
Capita falls on reports cyber attack was worse than admitted
Catholic Health Initiatives hit by data breach
ChatGPT Account Take Over Vulnerability Let Hackers Gain User’s Online Account
China-linked APT41 group spotted using open-source red teaming tool GC2
CISA: Patch Bug Exploited by Chinese E-commerce App
CISA updates zero trust maturity model to provide an easier launch
Coles alerts customers of Latitude Financial data breach
Credential harvesting malware appears on deep web
Cyber security continues to be a top concern in Malaysia
Cybersecurity in the Energy Sector: Risks and Mitigation Strategies
Cybersecurity leaders reflect on Samsung, ChatGPT incidents
Cybersecurity Market In The Digital Age: Understanding Threats And Protecting Information Online
Cybersecurity must factor in both people and technology
Cybersecurity rules could pose unfair contract risk to small business, peak insurance body warns
Drop Everything: Update Chrome NOW — 0-Day Exploit in Wild
Economic uncertainty drives upskilling as a key strategy for organizations
Evotec SE cyber attack: German pharmaceuticals giant took all internal systems offline
Experts attribute string of cyber attacks to pro-Russian hackers
Experts warn of an emerging Python-based credential harvester named Legion
Exposed Web Panel Reveals Gamaredon Group’s Automated Spear Phishing Campaigns
FIN7 and Ex-Conti Cybercrime Gangs Join Forces in Domino Malware Attacks
Friendly Hacker, Keren Elazari, to Announced as Keynote Speaker at Infosecurity Europe 2023
German superyacht manufacturer Lürssen suffers a ransomware attack
Google bans 36 popular apps as Android users urged to delete them immediately
Google Uncovers APT41's Use of Open Source GC2 Tool to Target Media and Job Sites
Google urges users to update Chrome to address zero-day vulnerability
GUEST ESSAY: The Top 10 cybersecurity shortfalls that put SMBs, enterprises at elevated risk
Hacker drena protocolo e token do projeto desaba quase 50%
Hackers abuse Google Command and Control red team tool in attacks
Hackers publish sensitive employee data stolen during CommScope ransomware attack
Hackers roubam quase 10 TB de dados à Western Digital e ameaçam expor toda a informação
How reporting a data breach can make cybersecurity community stronger?
How to get executive buy-in to your cyber security awareness program
How To: Reduce Risk and Complexity in Cloud Networks
How to Write A Website Privacy Policy
Hundred Finance perde US$ 7 milhões em ataque hacker no Optimism
Hyundai confirms major data breach affecting car owners in Italy and France
Investigation underway into cyber attack affecting charities for sexual assault survivors
Is a Project Exodus From OWASP Looming?
Israeli Spyware Vendor QuaDream to Shut Down Following Citizen Lab and Microsoft Expose
Kodi says email IDs and passwords of all MyBB forum users have been compromised
Let’s take the fight to the identity thieves
LockBit Ransomware Could Be Targeting macOS Devices
LockBit ransomware is targeting Macs for the first time
Montana Becomes First US State to Pass TikTok Ban
New Chameleon Android malware mimics bank, govt, and crypto apps
New QBot Banking Trojan Campaign Hijacks Business Emails to Spread Malware
New QBot email attacks use PDF and WSF combo to install malware
New Zaraza Bot Credential-Stealer Sold on Telegram Targeting 38 Web Browsers
Next phase of 2023-2030 Australian Cyber Security Strategy in motion
Northern Ireland charities targeted in major cyber-attack
NorthStar Data Breach Exposed Personal Info of 82K People, Class Action Says
NSW government facing economic challenges, as Cyber Security NSW only budgeted to 2024–25
Payments Giant NCR Hit by Ransomware
Payments giant says it is investigating ransomware incident that caused POS outage
Phronesis Security appoints Eric Pinkerton to cyber security role
Plataforma de criptomoedas é hackeada, perde R$ 34,5 milhões e token despenca 60%
Police Crack Comms to Bust Money Laundering Group
Qbot Banking Trojan Increasingly Delivered Via Business Emails
Ransomware Attack Hits Payments Giant NCR's Datacenter
Ransomware hackers threatening to leak confidential Dutch football data
Ransomware strikes POS platform used by NCR’s customers in hospitality industry
Reunert’s +OneX buys MS cyber sec specialist
Russia’s Data Breaches Increase 42-Fold in 2022 – Report
Scams cost Aussies $3 billion last year, with calls for co-ordinated response to scourge
Second Batch of Leaked Data Published on Dark Web in the Oakland Ransomware Attack
Spyware Company QuaDream Set to Close
Stolen Irish identities on sale for €25 on the dark web
Suspected cyberattack halts travel from Israel airport
The Dark Side of Rust: Why Cybercriminals are Loving this Programming Language
The Growing Need for Cyber Security in an Age of AI Disruption
Thousands of Iowa Medicaid members affected in national data breach
Threats, Vulnerabilities, and Risks
Top 5 Cyberattacks of Q1 2023 and How Zero Trust Can Prevent Similar Attacks
Tour of the Underground: Master the Art of Dark Web Intelligence Gathering
Toyota Italy data leak could compromise customers' sensitive personal information
Vaultree: Building the future of cybersecurity with encryption tech
Vice Society gang is using a custom PowerShell tool for data exfiltration
Vice Society Ransomware Using Stealthy PowerShell Tool for Data Exfiltration
What's the Difference Between CSPM & SSPM?
Why Should Small Businesses Prioritize Cybersecurity?
16/04
83% of Ransomware Infected Organizations Paid Over $900,000 Each
Amazon issues impersonation scam warning to UK customers
CISA warns of Android bug exploited by Chinese app to spy on users
Crypto Hackers Snatches $7 Million From Hundred Finance
Cryptocurrency Phishing Attacks Surge in 2022
Cyber Attack on Tel Aviv Smart Homes: ‘You Have No Security on this Land’
Cybercrime-related cases see an alarming rise
Don’t Make These Mistakes With Your E-mail Or You’ll Put All Your Accounts At Risk
Encryption is the only way to protect your data on the Internet
Existe um tipo de hacker que se aproveita de bagunça e papéis para invadir
GTA 6 Leaker Current Whereabouts Unknown After Rockstar Games Launched FBI Investigation
Hundred Finance Lending Protocol Loses $7M to Hack on Optimism
Indonesian hacker group targets 12,000 government websites, government issues alert
Is cyber technology the perfect weapon?
LockBit ransomware encryptors found targeting Mac devices
O que acontece se um hacker roubar o chip do celular? Veja como se proteger
Scammers claim Crypto exchange Uniswap exploited: Scam Alert
Silk Road Hacker Sentenced to a Year in Prison for Wire Fraud
The Anatomy Of A Spear-Phishing Attack: What You Need To Know
What it will look like if China launches cyberattacks in the U.S.