DAILY NEWS: Abril (31/03 - 06/04) - 14 Semana de 2024

Cyber Security, Privacy and Information Security News --- Daily Updates !! Weekly Resume...

06/04

57,000 Kaspersky Fan Club Forum User Data Leaked in Hosting Breach

Amid cyber attack threats, we must always assume defense lines can be breached

AT&T's massive data breach, Pixels get new updates, and more

Ataque hacker iminente apavora autoridades dos EUA: “Incrivelmente sofisticado”

Bank information, social insurance numbers exposed in recent cyber attack at University of Winnipeg

BBB CONSUMER TIPS: Tips to avoid data breaches and the red flags of data theft

Cyber attack on TV channel BabyTV: Toddlers suddenly exposed to Russian propaganda

Georgia: Prosecutor office charges one for cyber attack

Hackers Exploit Magento Bug to Steal Payment Data from E-commerce Websites

Hit with massive data breach, boAt loses data of 7.5 million customers

MTU launch €38,000 cybersecurity scholarship programme

One engineer’s curiosity may have saved us from a devastating cyber-attack

Over 92,000 exposed D-Link NAS devices have a backdoor account

Ransomware Attack Via Unpatched Vulnerabilities Are Brutal: New Survey

Ransomware attacks closed multiple Jackson County offices: How did it impact the jail?

Second UK Lawmaker Targeted in ‘Honeytrap’ Sexting Phishing Scam

UK City Council Admits Ransomware Group Stole Private Data of Residents

US Health Dept warns hospitals of hackers targeting IT help desks

War & Geopolitical Ransomware Account For 70% of All Attacks

05/04

22% of employees admit to breaching company rules with GenAI

Acuity confirms hackers stole non-sensitive govt data from GitHub repos

AI-as-a-Service Providers Vulnerable to PrivEsc and Cross-Tenant Attacks

Alleged Home Depot Data Breach: IntelBroker Leaks 22,000 Employee Data

Anonymous Claims Major Breach of Israeli Justice Ministry, Vows to Expose Corruption

Apache HTTP Server Flaw Let Attackers Inject Malicious Headers & HTTP/2 DoS

Attempted hack on NYC continues wave of cyberattacks against municipal governments

Bank information, social insurance numbers exposed in recent cyber attack at University of Winnipeg

Beware Of Phishing Scams - They Open The Door To More Serious Crimes

Beware the Blur: Phishing Scam Drops Byakugan Malware via Fake PDF

China Using AI-Generated Content to Sow Division in US, Microsoft Finds

Chinese Threat Actors Deploy New TTPs to Exploit Ivanti Vulnerabilities

CISO Perspectives on Complying with Cybersecurity Regulations

City of Hope Cancer Center Faces Data Breach: Impacting Over 800,000 Individuals

‘Coordinated’ Cyber Attack Targets Albania’s Online Citizens Channel

Cyber Attack Hits World’s Second Largest Lens-maker

Cyberattack disrupted services at Omni Hotels & Resorts

Cybercriminal adoption of browser fingerprinting

Data Breach at New York Medical Billing Service Provider Affects 284K Individuals

Delhi traffic police website under scrutiny amid allegations of data breach

Dutch hacker finds critical vulnerability in macOS

Escalation of Fake E-Shop Campaign Threatens Banking Security in Multiple Regions

Fake Facebook MidJourney AI page promoted malware to 1.2 million people

Finra caught up in email phishing scheme

Firefox chooses French partner to prevent user tracking

From PDFs to Payload: Bogus Adobe Acrobat Reader Installers Distribute Byakugan Malware

German companies: 4th place among global ransomware victims

Google Pixel Phone Zero-days Exploited by Forensic Firms in the Wild : Patch Now

Guarding Digital Treasures: The Cybersecurity Challenge

Hacker Group Publishes NHS Scotland’s Stolen Data and Threatened to Dump Entire 3 TB Unless Paid

Hackers Claiming XpressBees Data Leak: 95K User Personal Data Leaked

Hosting company Leaseweb refuses to be open about cyber attacks

How manual access reviews might be weakening your defenses

HTTP/2 CONTINUATION Flood technique can be exploited in DoS attacks

Hugging Face partners with Wiz on AI security

INC ransomware group claims major ransomware attack on Leicester City Council

Initial access brokers are the latest cybercriminals targeting Australians. Here's how they work

Ivanti CEO Promises Stronger Security After a Year of Flaws

KuCoin Amplifies Security Alert: Beware of Phishing Scams Targeting Crypto Users

Leicester Council confirms ransomware attack

Leicester Cyberattack: Council Warns of Data Leak, Urges Vigilance

Magecart-style hackers charged by Russia in theft of 160,000 credit cards

Magento Vulnerability Let Attackers Inject Backdoor On E-commerce Websites

Major cyber attack forces Omni Hotels & Resorts to rely to manual bookings and services

Meta pushes back on US FTC's bid to amend 2020 privacy settlement

Microsoft fixes Windows Sysprep issue behind 0x80073cf2 errors

Missouri County is Under Lockdown after Vicious Ransomware Attack

Multiple Chinese Hacking Groups Exploiting Ivanti Connect Secure VPN Flaw

National Home Mortgage Finance Corporation (NHMFC) reports possible data breach in application systems

New Fake E-Shopping Attack Hijacking Users Banking Credentials

New Ivanti RCE flaw may impact 16,000 exposed VPN gateways

New Wave of JSOutProx Malware Targeting Financial Firms in APAC and MENA

New York City defends AI chatbot that advised entrepreneurs to break laws

Omni Hotels blames cyberattack for widespread tech outages

Pacific Guardian Life Insurance Data Breach Affects Confidential Information of 167,103 People

Panera Bread week-long IT outage caused by ransomware attack

Phishing campaigns with updated Rhadamanthys, Agent Tesla malware reported

Police investigating after explicit images sent to MPs in sexting scam

Proactive and Reactive Ransomware Protection Strategies

Ransomware accounted for 70% of cyberattacks in 2023 – Report

Ransomware Compromised Personal Data, Texas County Appraiser Says

Ransomware surged 110pc last month, report claims

Researchers Identify Multiple China Hacker Groups Exploiting Ivanti Security Flaws

Rhadamanthys Stealer Using Weaponized PDF Files To Attack Oil And Gas Sector

Rockland falls victim to phishing scam, loses more than $18,000

Security pros are cautiously optimistic about AI

Senior Tory MP admits leaking phone numbers in 'spear phishing' sext scandal

South Africa to investigate Microsoft over cloud computing licensing practices, source says

South Korean Crypto Voice Phishing Attacks Evolve and Become More Advanced

SouthState Bank addresses cybersecurity breach: Customers notified

Spear-phishing fears after North West MP admits passing on data

Strategies To Address Deepfakes And Generative AI Attacks On Identity

Talent shortage is leading to automation and outsourcing

The Home Depot Data Breach Exposes Information of 10,000 Employees

The XZ Backdoor explained

This backdoor almost infected Linux everywhere: The XZ Utils close call

Thousands of staff, students have sensitive data stolen in University of Winnipeg hack

Three trends set to drive cyber-attacks in 2024

U.K. police investigate "spear phishing" sexting scam as lawmaker admits to sharing colleagues' phone numbers

University of Winnipeg Confirms Cyber Intrusion: Warns of Stolen Information

US criminal case against China's Huawei heads toward 2026 trial

Victorian firefighters suffered delayed response post-cyber attack

Viral free flight tickets’ offers from airlines are phishing scams

VMware SD-WAN Vulnerabilities Let Attackers Execute Arbitrary Commands

Vulnerabilities Exposed Hugging Face to AI Supply Chain Attacks

Why a near-miss cyberattack put US officials and the tech industry on edge

Wiz Discovers Flaws in GenAI Models Enabling Customer Data Theft

World's second-largest eyeglass lens-maker blinded by infosec incident

04/04

76% of consumers don’t see themselves as cybercrime targets

A Vigilante Hacker Took Down North Korea’s Internet. Now He’s Taking Off His Mask

Alleged Delhi Police Data Breach Claimed by Notorious Hacker Group ‘Kill Security’

Asia-Pacific Ransomware Threats Depend on Country and Sector, Says Rapid7

Benetton Group claimed by Hunters International ransomware gang

California consulting firm Keenan & Associates says data breach impacted over 1.57m customers

Cancer hospital City of Hope says October data breach impacted over 800,000 patients

Canva Faces Scrutiny by Indian Authorities on Rising Cyber Fraud Activities

Considerations for Operational Technology Cybersecurity

Cybercriminals are spreading malware through Facebook pages impersonating AI brands

Deepfake Expert Henry Ajder to Keynote Infosecurity Europe 2024 on AI Challenges

Diabetes WA reveals data breach

Emergency Medical Services Authority (EMSA) data breach compromised the data of over 600,000 patients

Federal Communications Commission (FCC) Takes Action Against SS7 Vulnerabilities in Phone Networks

Firms Must Work Harder to Guard Children’s Privacy, Says UK ICO

Global Data Breaches and Cyber Attacks in March 2024 – 299,368,075 Records Breached

Google survey: 63% of IT and security pros believe AI will improve corporate cybersecurity

Hacker derruba sites do Procon e do Porto de Santos

Hackers claim to breach database containing thousands of Russian criminal records

Healthcare’s cyber resilience under siege as attacks multiply

Hosting Provider VMware ESXi Servers Hit by New SEXi Ransomware

How to Discover the Right AI Cybersecurity Tools for Your Security Strategy

How Ukraine’s volunteer hackers have created a ‘coordinated machine’ around low-level attacks

Hoya’s optics production and orders disrupted by cyberattack

Ivanti Rushes Patches for 4 New Flaws in Connect Secure and Policy Secure

Ivanti vows to transform its security operating model, reveals new vulnerabilities

Jackson County IT Systems Hit By Ransomware Attack

Jackson County shuts down over ransomware attack

Japanese optics company Hoya says cyber incident affected production

Kyivstar attacked by hackers from Russian Military Intelligence, case materials to be sent to The Hague

Leicester City Council confirms ransomware attack after confidential documents leaked

Leicester Council Confirms Confidential Documents Leaked in Ransomware Attack

LockBit Scrambles After Takedown, Repopulates Leak Site with Old Breaches

Major data leak hits 700,000 Estonians

Malaysia Strengthens Cybersecurity with Passage of Cyber Security Bill 2024

Mantis: Open-source framework that automates asset discovery, reconnaissance, scanning

MarineMax says Rhysida ransomware attack compromised employees' and customers' personal information

New HTTP/2 DoS attack can crash web servers with a single connection

New HTTP/2 Vulnerability Exposes Web Servers to DoS Attacks

New JSOutProx Malware Targets Financial Firms in APAC, MENA

New Latrodectus Downloader Malware Linked to IcedID and Qbot Creators

New Phishing Campaign Targets Oil & Gas with Evolved Data-Stealing Malware

New Red Ransomware Group (Red CryptoApp) Exposes Victims on Wall of Shame

Omni Hotels & Resorts Hit by Cyberattack, IT Systems Disrupted Nationwide

Omni Hotels suffer prolonged IT outage due to cyberattack

Otolaryngology Associates Data Breach Affects Almost 317,000 Patients

Parental control app exposes live GPS locations of kids on internet

Powys County Council pays out £11,000 in data breach claims

Ransomware 3.0 main menace for Indian IT and OT systems in 2024

Six steps for security and compliance in AI-enabled low-code/no-code development

Strengthening defenses against nation-state and for-profit cyber attacks

SurveyLama Alarmed Over Data Breach of 4.4 Million Users

Threat Actor Claims Classified Five Eyes Data Theft

Ukraine gathers evidence to prosecute hackers behind Kyivstar attack in Hague

Ukrainian cybersecurity official reveals structure of Russian hacker groups

US cancer center data breach exposes info of 827,000 patients

Vietnam-Based Hackers Steal Financial Data Across Asia with Malware

Visa warns of new JSOutProx malware variant targeting financial orgs

Volt Typhoon and 4 other groups targeting US energy and defense sectors through Ivanti bugs

What does ransomware look like in 2024?

WordPress Plugin SQL Injection Flaw Exposes 1,000,000 Sites to Cyber Attack

Wormhole Woes: Token Plunges 26% Amid Airdrop Frenzy and Phishing Scams

03/04

6 Prompts You Don't Want Employees Putting in Microsoft Copilot

A “cascade” of errors let Chinese hackers into US government inboxes

Andor Labs Notifies Federal Government of Recent Data Breach

AT&T Data Breach Exposes Millions To Identity Theft Threat

AT&T faces lawsuits over data breach affecting 73 million customers

Attack Surface Management vs. Vulnerability Management

Cancer treatment center City of Hope breached, 827K people exposed

Chinese Hackers Hijack Swedish Routers to Launch Cyber Attacks

CKHA cyber attack data breach notification letters being sent out this month

Configuration Error at UNOS Results in Data Breach Affecting an Estimated 1.5 Million People

Critical flaw in LayerSlider WordPress plugin impacts 1 million sites

Critical Security Flaw Found in Popular LayerSlider WordPress Plugin

Cyber attacks on critical infrastructure show advanced tactics and new capabilities

Cyber board says Chinese hack of US officials was 'preventable'

Cyber Safety Review Board Report Slams Microsoft Security Failures in Government Email Breach

Cyberattack at Benefit Management Corp. Results in Data Breach Affecting Certain Osaic Wealth Clients

Data Breach at Debt Collection Agency Designed Receivable Solutions Affects 129,584 Patients

Data Breach at On Q Financial Affects Names and SSNs of 211,650 Consumers

Detroit Symphony Orchestra hit by data breach

EUA culpam Microsoft por ataque hacker que acessou e-mails da Casa Branca

Exchange de criptomoedas perde 2,80 milhões de dólares após segundo ataque hacker do ano

Google Chrome Beta Tests New DBSC Protection Against Cookie-Stealing Attacks

Google Cloud/Cloud Security Alliance Report: IT and Security Pros Are ‘Cautiously Optimistic’ About AI

Google fighting back against session hijackers: stolen cookies to be worthless

Google fixed two actively exploited Pixel vulnerabilities

Google fixes one more Chrome zero-day exploited at Pwn2Own

Google fixes two Pixel zero-day flaws exploited by forensics firms

Google Warns: Android Zero-Day Flaws in Pixel Phones Exploited by Forensic Companies

Hacker que instalou PSP no PlayStation Portal ajudou Sony com atualização

Hackers roubam R$ 6 milhões de prefeitura; saiba detalhes

HALO hacked, private data stolen

Hanesbrands to Cover Out-of-Pocket Losses in Data Breach Deal

Highly sensitive files mysteriously disappeared from EUROPOL headquarters

How do security leaders protect PII and other important data?

How Google plans to make stolen session cookies worthless for attackers

Human risk is the top cyber threat for IT teams

Infostealers Prevalent in Retail Sector Cybercrime Trends

IntelBroker Leaks Alleged National Security Data Tied to US Contractor Acuity Inc.

Ivanti fixes VPN gateway vulnerability allowing RCE, DoS attacks

Jackson County in state of emergency after ransomware attack

JumpServer Critical Flaws Let Attackers Execute Arbitrary Code Remotely

LoanDepot data breach letter: Is it legitimate?

Location tracking and the battle for digital privacy

Mispadu Trojan Targets Europe, Thousands of Credentials Compromised

New Chrome Feature Blocks Hackers From Stealing Your Cookie

New Pikabot Campaign Weaponizes HTML, Javascript & Excel Files

NIS2 Requires Major Changes in EU SaaS Cybersecurity

NVD: NIST is working on longer-term solutions

OWASP Foundation alerts members to data breach involving old resumes

PandaBuy data breach exposes over 1.3 million customer records

Prudential Financial Notifies 36,000 Individuals of Data Breach

Ransomware cartel claims Leicester City, shares data

RDP Abuse Present in 90% of Ransomware Breaches

Relatório dos EUA responsabiliza Microsoft por ataque hacker aos e-mails da Casa Branca

Research reveals a resurfaced botnet targeting end-of-life devices

Series of cyberattacks hit rehabilitation hospitals

Sophos Reveals Ransomware Attacks Are Now Targeting Backups

StrelaStealer Attacking Users to Steal Logins from Outlook & Thunderbird

SurveyLama data breach exposes info of 4.4 million users

The Expert View: AI and LLMs from a Cyber Security Perspective

The New Version of JsOutProx is Attacking Financial Institutions in APAC and MENA via Gitlab Abuse

The urgent shift to post-quantum cryptography

UK and US to Build Common Approach on AI Safety

U.S. Cyber Safety Board Slams Microsoft Over Breach by China-Based Hackers

US federal employee data leaked, claimed by hacker trio

US State Department investigates alleged theft of government data

Wendy’s franchise exposed via payroll breach

What is identity fabric immunity? Abstracting identity for better security

What is Malware Packers? How To Analyse With ANY.RUN Sandbox – SOC/DIFR Guide

WhatsApp vs. Signal vs. Telegram vs. Facebook: What data do they have about you?

Wire-Fraud, Data Breach, and Phishing: A Live Action Role Play for In House Counsel

WP-Members Plugin Expose WordPress Sites To Injection Attacks

02/04

6 keys to navigating security and app development team tensions

73% brace for cybersecurity impact on business in the next year or two

Ace Hardware client data affected by cyberattack

AT&T Confirms 73 Million Customer Data Breach Linked to Dark Web

AT&T data leaked: 73 million customers affected

Backdoor Discovered in XZ Utils: Patch Your Systems Now (CVE-2024-3094)

Binarly released the free online scanner to detect the CVE-2024-3094 Backdoor

China-linked Hackers Deploy New 'UNAPIMON' Malware for Stealthy Operations

Cloud Active Defense: Open-source cloud protection

Critical XZ Utils Backdoor (CVE-2024-3094) Leads to SSH Compromise

Google agrees to delete Chrome browsing data of 136 million users

Google to Delete Billions of Browsing Records in 'Incognito Mode' Privacy Lawsuit Settlement

Google's latest project could help protect you against cookie theft

Government agencies collaborate on a guide to address DDoS attacks

Harnessing the Power of CTEM for Cloud Security

Hundreds of Indians Rescued from Cambodian Cybercrime Gangs

Impersonation Scams Net Fraudsters $1.1bn in a Year

Imperva WAF Flaw (CVE-2023-50969) Exposes Organizations to Breaches

Indian Authorities Rescue Hundreds Trafficked For Cybercrime

Malicious Code in XZ Utils for Linux Systems Enables Remote Code Execution

MarineMax Data Breach: Initial Reassurance Turns to Customer Data at Risk

Massive PandaBuy Data Breach Exposes Personal Information of 1.3 Million Users

Massive Phishing Campaign Strikes Latin America: Venom RAT Targeting Multiple Sectors

Microsoft warns Gmail blocks some Outlook email as spam, shares fix

Missouri county home to Kansas City says suspected ransomware attack affecting tax payments

New Chrome feature aims to stop hackers from using stolen cookies

New XZ backdoor scanner detects implant in any Linux binary

Omni Hotels experiencing nationwide IT outage since Friday

Open Worldwide Application Security Project (OWASP) Foundation warns members of data breach after discovering 1,000 resumes on Wiki server

PandaBuy data breach exposes 1.3 million people

Prudential Insurance says data of 36,000 exposed during February cyberattack

Researchers Report Sevenfold Increase in Data Theft Cases

Russia charges suspects behind theft of 160,000 credit cards

Top 5 Vulnerabilities for March 2024: A Closer Look at the XZ Utils Supply Chain Attack

Trusted Contributor Plants Sophisticated Backdoor in Critical Open-Source Library

US, UK join forces on AI safety and testing AI models

XSS flaw in WordPress WP-Members Plugin can lead to script injection

What the ID of tomorrow may look like

Why AI forensics matters now

WiFi WPS vulnerability: disable it, or else

Winnti's new UNAPIMON tool hides malware from security software

01/04

After Denial, AT&T Confirms Data Breach Affecting 73 Million Users

AT&T Data Breach: Millions of Customers Data Exposed in Dark Web Leak

AT&T resets passcodes for 7.6 million customers after data leak. What experts are saying

AT&T responds to a massive data breach, resets account passcodes

AT&T suffers critical breach impacting 73 million customers

Chattanooga Heart Institute says data breach compromised about 550,000 patients' healthcare data

China criticises US tightening of chip export rules

Communications Workers Union says cyber attack affected email systems and member data

Cybersecurity M&A Roundup: Cisco Closes Splunk Deal

Detecting Windows-based Malware Through Better Visibility

DNS Tunnel Keylogger – An Offensive Post-Exploitation Tool For Pentesters

Escalating malware tactics drive global cybercrime epidemic

Florida Pediatric Associates health data impacted by data breach

FTC: Americans lost $1.1 billion to impersonation scams in 2023

Gmail Turns 20! Evolves Constantly with Security Rules

Hackers Attack macOS Using Infostealer To Steal Sensitive Data

Hackers Attack Python Developers by Poising With Typosquat on PyPI

Hackers Exploit Google Ads Tracking Feature To Deliver Malware

How to design and deliver an effective cybersecurity exercise

Indian Government Rescues 250 Citizens Forced into Cybercrime in Cambodia

India rescuing citizens forced into cyber fraud schemes in Cambodia

Info stealer attacks target macOS users

Learning from Heartbleed to Quantum-Proof the Future

Linux Kernel Flaw Let Attackers Gain Full Root Access: PoC Published

Malicious Apps Caught Secretly Turning Android Phones into Proxies for Cybercriminals

Microsoft to Separate Office & Teams Globally

New Vultur malware version includes enhanced remote control and evasion capabilities

Pentagon established the Office of the Assistant Secretary of Defense for Cyber Policy

Recruit for diversity: Practical ways to remove bias from the hiring process

Securing privacy in the face of expanding data volumes

Shopping platform PandaBuy data leak impacts 1.3 million users

The biggest challenge with increased cybersecurity attacks, according to analysts

TOP 10 Emerging Cybersecurity Threats for 2030

Two crypto platforms hit by massive hacks, millions stolen

Urgent Security Alert! Upstream Supply Chain Attack Lead to SSH Compromise

Vultur Android Banking Trojan Returns with Upgraded Remote Control Capabilities

31/03

A massive AT&T data breach affected 73 million customers

AT&T confirmed that a data breach impacted 73 million customers

AT&T Data Breach Exposes Millions' Customer Data: Addresses, Social Security Numbers, Passcodes Compromised

AT&T Launches Investigation into Data Breach Affecting 73 Million Customers

Beware of MFA bombing: A new phishing scam targeting Apple users

DinodasRAT malware targets Linux servers in espionage campaign

Hacker attack on Activision users detected

Hackers estão mirando carteiras de Bitcoin; veja como se proteger

Israel confronts sharp rise in cyber attacks from Iran and Hezbollah amid war

Law firm suffers cyber attack

Massive data breach leaks info of millions on dark web

More Details About The New iPhone Phishing Scam

One Out of Six Phishing Email Attachments Get Opened, New Report Reveals

Prisma Finance Hacker Apologizes After Breach

Prisma Finance Hacker Continues On-Chain Tirade Following $11 Million Heist

Tax scam alert: From fake refunds to AI phishing attacks, hackers are cashing in

US telecoms firm AT&T notifying millions of customers over data breach

What is Freenet? How Safe Is It?

What is Privacy – Importance, Challenges & Solutions in Cybersecurity

What Is Tails OS: What It Does, How It Works, Who Is It For, and Much More!

World Backup Day: Protecting data from ever-evolving ransomware

DAILY NEWS: Março (24/03 - 30/03) - 13 Semana de 2024