DAILY NEWS: Abril - Maio (30/04 - 06/05) - 18 Semana de 2023

Cyber Security and Information Security News --- Daily Updates !! Weekly Resume

06/05

After a hacker assault, Western Digital has restored its systems and is contacting affected customers

Aussie organisations pessimistic on cyberattacks

Dados da MSI são expostos e comprometem mais de 200 dispositivos e parceiros

Fresh wave of shock as Latitude sends out last wave of cyberattack notifications

Hong Kong’s OT&P Healthcare apologises after data breach exposes patient details

How K-12 Cyber Compliance Laws Are Proving Effective: Insights From V3 Cybersecurity

ISMG Editors: Special Focus on Cybersecurity in Government

Level up your IT and cybersecurity skills with one of the web’s top resources

Medibank faces third class action over cyber breach

MSI in trouble after data breach

Murfreesboro Medical Clinic cyber attack

New Vulnerability in Popular WordPress Plugin Exposes Over 2 Million Sites to Cyberattacks

Qatar positioning itself as global leader in cybersecurity: Report

Russia’s IT squad

Special report: How does U.S. CIA conduct cyberattacks on other countries?

Standardised curriculum for Cybersecurity will bridge the skill gap

Stellenbosch University Study Discovers Anti-poaching Technologies Vulnerable To Cyber-attacks

UAE Cybersecurity Council warns public and private sectors against cyber attacks

UAE issues warning over cyber-attacks

Western Digital restores My Cloud services after cyber attack

Will ChatGPT Revolutionize Cybersecurity?

05/05

AI and Risk: The privacy and security perils of ChatGPT

ALPHV gang claims ransomware attack on Constellation Software

Aspen Dental falls victim to cyber attack, causing issues with scheduling patients

Bad bots can cause all kinds of harm online. Here's how to protect yourself

Banks warn of big increase in online scams

Barracuda Networks Reports Shift in HTML Malware Tactics

Cancer patients could be the latest victims of a cyber attack. Here's what we know

CertiK Alert: Feet Labs’ Discord Server Breach Detected

CISA Rolls Out Program to Protect Critical Infrastructure From Ransomware

Cisco Warns of Vulnerability in Popular Phone Adapter, Urges Migration to Newer Model

Coronation scams targeting UK shoppers, police and experts say

Creating A Culture of Security In Your Hospital & Health System

Critical RCE vulnerability in Cisco phone adapters, no update available (CVE-2023-20126)

Cyber-attack cost conveyancing giant £7m plus lost business

Cyber Patrols Lead to Seizure of Stolen Artefacts

Cyberattack shuts down Raleigh Housing Authority computer systems

Dallas Police Department Compromised in Ransomware Attack

Ex-Uber chief security officer sentenced to probation for covering up 2016 data breach

Ex-Uber security chief sentenced for 2016 data-breach cover-up

Fleckpe Android Malware Sneaks onto Google Play Store with Over 620,000 Downloads

Fleckpe Android malware totaled +620K downloads via Google Play Store

Former Uber CSO avoids prison for concealing data breach

Generative AI brings new risks to everyone. Here's how you can stay safe

Gmail introduces Blue Tick to verify senders, keep phishing emails at bay

Google launches entry-level cybersecurity certificate to teach threat detection skills

GroupMe iPad Giveaway, Costco, Walmart, and Tinder — Top Scams of the Week

Hackers sabotage Dallas public facilities, emergency services

Hackers Targeting Italian Corporate Banking Clients with New Web-Inject Toolkit DrIBAN

Hardware-based defenses give hybrid workers endpoint protection

Health care giant Medibank sued over data breach that affected 9.7m people

Here's how banks are coping with surge in cyber attacks, phishing, fraud

How to strengthen the weakest link in your cybersecurity chain in the AI era

Japan’s ‘myth of security’ raises cyber attack risk

Kaspersky lifts lid on META cyber threats

"Kekw" Malware in Python Packages Could Steal Data and Hijack Crypto

Lack of Visibility: The Challenge of Protecting Websites from Third-Party Scripts

May 2023 Patch Tuesday forecast: Dealing with End-of-Support (EOS)

McPherson Hospital, Inc. Notifies Over 19k Patients of Recent Data Breach

Meta Detects A Hacking Group Having 120 Accounts Linked To Pakistan That Targeted Indian Military Personnel

Minneapolis Data Breach a ‘Worst-Case Scenario’ after Ransomware Attack

More Swiss media groups affected by ransomware attack

N. Korean Kimsuky Hackers Using New Recon Tool ReconShark in Latest Cyberattacks

Naivas data breach a wake-up call for firms to comply with privacy laws

New Android FluHorse malware steals your passwords, 2FA codes

New Android Malware 'FluHorse' Targeting East Asian Markets with Deceptive Tactics

North Korean APT Kimsuky Launches Global Spear-Phishing Campaign

Online gas bills suspended after data breach

OpenAI Owner of ChatGPT Suffers Data Breach

Optima Tax Relief, LLC Reports Data Breach in the Wake of November 2022 Cyberattack

Organizations brace for cyber attacks despite improved preparedness

Packagist Repository Hacked: Over a Dozen PHP Packages with 500 Million Compromised

Payment software company AvidXchange suffers second ransomware attack in 2023

Pensions data ‘likely’ stolen in Capita hack

PHP Packagist supply chain poisoned by hacker “looking for a job”

Pinnacle Propane Notifies Victims of Leaked Social Security Numbers Following Data Breach

Ransomware Actors Extort University Via Alert System

Ransomware watchers are finding creative ways to track attacks

RIP World Password Day

Rochester Public Schools Hit by Ransomware Attack

San Bernardino County pays hackers $1.1 million ransom after cyber attack

Smart meters could be used by hackers to destabilise the power grid, experts warn

Social Media Phishing – The 2023 Cybersecurity Threat

Subscription Trojan Downloaded 600K Times From Google Play

Sydney cancer treatment centre caught up in cyber attack

The Cybersecurity Friction Between Globalization and Localization

The Double-Edged Sword of Crypto in Ransomware

The Merck appeal: cyber insurance and the definition of war

Think your data has no value? Scammers disagree

This ransomware gang used the emergency broadcast system to tell university students they've been attacked

Top cybersecurity M&A deals for 2023

Universal Data Permissions Scanner: Open-source tool to overcome data authorization blindspots

Weekly cyber attacks in India surge by 18 per cent in Q1

What Is DNS Poisoning? How Do You Stay Safe From It?

What We Know About the Group Behind the Dallas Cyber Attack

WordPress custom field plugin bug exposes over 1M sites to XSS attacks

Z-Library eBook site disrupted again by FBI domain seizures

04/05 - World Password Day !!!

A Decade On – What’s Happened to Crowdsourced Security?

Amazon Inspector allows search of its vulnerability intelligence database

Android Spyware BouldSpy Linked to Iranian Government

Aspen Dental falls victim to cyber attack, causing issues with scheduling patients

Ataque hacker em Dallas interrompe serviços da polícia e bombeiros

Australia to restore dedicated privacy role amid growing data security threats

Berlin Packaging Files Notice of Data Breach Involving “Human Resources Information”

Brightline Hack Exposes Data of Over 780,000 Child Mental Health Patients

BSidesLjubljana 0x7E7 CFP is still open!

Carvin Software Data Breach Affects 187,360 Consumers

ChatGPT and other AI-themed lures used to deliver malicious software

ChatGPT suffers data breach

CIA staged ‘Color Revolutions,’ hacker attacks around globe – China

Cisco phone adapters vulnerable to RCE attacks, no fix available

City of Dallas attacked by ransomware gang 'Royal', city services still affected

City of Dallas hit by ransomware

Consumer Group Slams Bank App Fraud Failings

Crown Princess Mary Cancer Centre in Westmead Hospital in cyber attack, hackers threatening to release stolen data

Dallas, Texas hit by ransomware attack

Discord leaks ‘demoralizing’ for US intelligence agencies, DNI Haines says

FluHorse – Check Point Research Exposes Newly Discovered Malware Disguised as Legitimate and Popular Android Apps Targeting East Asia

Fortra GoAnyWhere-Related Health Data Breach Tally Climbs

GuidePoint Study Shows a 27% Spike in Public Ransomware Victims

Hacked university warns of campus text alerts sent by ransomware group

Hacker with a Heart of Gold: Ransomware Gang Apologises After Targeting School

Harnessing the G20’s Potential for Global Counter-Ransomware Efforts

Has the Altruism Model of Open Source Security Peaked?

How AI is reshaping the cybersecurity landscape

How to make SSH even easier to use with config files

Lawyers lead ‘war game’ drills to prepare clients for cyber attacks

Malicious HTML Attachment Volumes Surge

Maxim Healthcare Services data breach class action settlement

Medusa ransomware gang publishes school students' mental health records after failing to secure a ransom

Meta Tackles Malware Posing as ChatGPT in Persistent Campaigns

Meta Takes Down Malware Campaign That Used ChatGPT as a Lure to Steal Accounts

Meta Uncovers Massive Social Media Cyber Espionage Operations Across South Asia

Microsoft testing improved Explorer details pane, Windows Spotlight

New Fleckpe Android malware installed 600K times on Google Play

Patch manager Action1 to add vulnerability discovery, prioritization

Phishing attacks are targeting your business more than ever, so watch out

Phishing Attacks Target BYOD Through Private Messaging Apps

Protecting the Future of Digital Identities

Ransomware attack forces Dallas to shut down courts, disrupts some 911 services

Ransomware gang hijacks university alert system to issue threats

Ransomware gangs display ruthless extortion tactics in April

Researchers Discover 3 Vulnerabilities in Microsoft Azure API Management Service

Researchers Uncover New Exploit for PaperCut Vulnerability That Can Bypass Detection

T-Mobile confirms second data breach in 2023

Top API vulnerabilities organizations can’t afford to ignore

Traditions Bank experienced a data breach; were you affected?

Unpaid open source maintainers struggle with increased security demands

Unwelcome guest: Trigona ransomware group claims they’ve taken up residence in Unique Imaging’s network

US Authorities Dismantle Dark Web "Card Checking" Platform

US insurance giant United HealthCare admits data breach impacted customers' personal information

Vikings Casino group forced to shut down its casinos due to cyber attack

When Good APIs Go Bad: Uncovering 3 Azure API Management Vulnerabilities

Why the Things You Don't Know about the Dark Web May Be Your Biggest Cybersecurity Threat

WinRAR Weaponized by Hacker Group Against Ukraine State Organizations

World Password Day: Confusion over Password Advice Adds to Top Security Risks for Organizations

03/05

5 API security best practices you must implement

Apple and Google Join Forces to Stop Unauthorized Location-Tracking Devices

Attacks increasingly use malicious HTML email attachments

BlackCat group releases screenshots of stolen Western Digital data

Ciberataques serão cada vez mais sofisticados com IAs generativas - e empresas precisam se preparar

CISA Issues Advisory on Critical RCE Affecting ME RTU Remote Terminal Units

Cyber-Risk Levels Improve

Cybersecurity is a boardroom issue

Dark Web Bust Leads to Arrest of 288 Suspects

Download the eBook: What Does it Take to be a Full-Fledged Virtual CISO?

Global Cybersecurity Market Outlook

Google Chrome will lose the “lock” icon for HTTPS-secured sites

Google starts rolling out passkey support for Google Accounts

Government's New Fraud Strategy Gets Lukewarm Reception

Hacker invade canal do São Paulo no YouTube e transmite Elon Musk

Hackers ajustam engenharia social e burlam barreiras de detecção

Hackers Exploiting 5-year-old Unpatched Vulnerability in TBK DVR Devices

IcedID: Exploring Four Recent Malware Infection Techniques

Keysight Launches Cybersecurity Partnership Program for MSSPs

Malicious content lurks all over the web

oneM2M IoT security specifications granted ITU approval

Operation SpecTor: $53.4 Million Seized, 288 Vendors Arrested in Dark Web Drug Bust

Researchers found DoS flaws in popular BGP implementation

Security in the cloud with more automation

Skilling up the security team for the AI-dominated era

Tasmanian Govt Launches Cybersecurity Campaign

Tenable unveils four prototype AI cybersecurity tools

The UAE Cyber Security Council and Oracle sign agreement to promote cooperation in cybersecurity

The importance of being certified

Three-Quarters of Firms Predict Breach in Coming Year

Tython: Open-source Security as Code framework and SDK

UK Government launches new cybersecurity measures to tackle threats

Understanding cybersecurity trends and regulations in a global world

02/05

5 tipos mais comuns de ciberataques que ocorrem no Brasil

11 security tools all remote employees should have

Advanced Fee Fraud Surges by Over 600%

Alert: Active Exploitation of TP-Link, Apache, and Oracle Vulnerabilities Detected

Apple starts delivering smaller security updates

Australian law firm HWL Ebsworth hit by Russian-linked ransomware attack

Bitmarck Halts Operations Due to Cybersecurity Breach

BouldSpy Android Spyware: Iranian Government's Alleged Tool for Spying on Minority Groups

Can Better Training Reduce the Success Rate of Phishing Attacks?

CISA adds TP-Link, Apache, and Oracle bugs to its Known Exploited Vulnerabilities catalog

Cyber attacks are inevitable, panellists at City Week warn

Cyber-Risk Declines But 78% of Organizations Predict Successful Attacks in Coming Year

Data-driven insights help prevent decisions based on fear

Easily exploitable flaw in Oracle Opera could spell trouble for hotel chains (CVE-2023-21932)

Fake ChatGPT desktop client steals Chrome login data

Fortinet warns of a spike in attacks against TBK DVR devices

Hackers exploit 5-year-old unpatched flaw in TBK DVR devices

Hackers Exploit High Severity Flaw in TBK DVR Camera System

Hackers "sequestram" página da prefeitura de Macapá no Facebook

How To Secure Web Applications Against AI-assisted Cyber Attacks

In the face of data disaster

Infoblox discovers rare Decoy Dog C2 exploit

Infostealer with hVNC capability pushed via Google Ads

Is legislation the best defence against ransomware attacks?

LOBSHOT: A Stealthy, Financial Trojan and Info Stealer Delivered through Google Ads

Mayday, Mayday our Network is Going Down

Mitigating Email Threats: A Guide To Protecting Your Email From Cyber Attacks

New Jersey Appeals Court Affirms War Exclusion Does Not Apply to Cyber Attack

New Lobshot hVNC malware spreads via Google ads

North Korea-linked ScarCruft APT uses large LNK files in infection chains

North Korea's ScarCruft Deploys RokRAT Malware via LNK File Infection Chains

Optimising Cyber Security Costs In A Recession

OWASP Penetration Testing: Your Ultimate Guide!

Palo Alto Networks Unfurls Managed Firewall Service for Azure

Police operation 'SpecTor' arrests 288 dark web drug vendors and buyers

PornHub blocked in Utah over SB287 age-verification law

Researchers Uncover New BGP Flaws in Popular Internet Routing Protocol Software

Samsung bans staff AI use over data leak concerns

SBOMs Can Help You With Compliance, Too

Singapore, US run cross-border cybersecurity drills to test banks' resilience

South Korean Lures Used to Deploy ROKRAT Malware

T-Mobile Reveals Second Breach of the Year

The best security keys you can buy (and how they work)

The best security system for your home, from DIY to pro installation

The costly threat that many businesses fail to address

The first iPhone Rapid Security Response update released by Apple fails to install

The warning signs for security analyst burnout and ways to prevent

UK Gun Owners May Be Targeted After Rifle Association Breach

Unlocking the Four C’s of Cloud-Native Security

Update: The Swedish authorities answered our protocol request

Veza releases access security, governance solution for SaaS applications

Wichita State restoring systems after cyber attack

White House seeks information on tools used for automated employee surveillance

Why Telecoms Struggle with SaaS Security

Why the manufacturing sector needs stronger cyber defenses

01/05

After ransomware attack, AIIMS pushes for maintaining cyber hygiene

Apache Superset RCE Vulnerability CVE-2023-27524 Highlights Ongoing Issues with Flask AppBuilder, Joining List of Previously Discovered CVEs

Apple’s first Rapid Security Response patch fails to install on iPhones

APT28 Targets Ukrainian Government Entities with Fake "Windows Update" Emails

Biden to private sector: Cybersecurity is your responsibility—not the user’s

Building a Healthy Security Culture: Insights from Kai Roer

CERT-UA warns of phishing campaign targeting Ukrainian organisations with fake Windows update

Chinese hackers outnumber our cyber staff 50 to 1: FBI director

Cloud Attack Surface Expands, Putting Pressure on Enterprise Security

Cyber resilience is more than just security: Infosys

Cybercriminals use proxies to legitimize fraudulent requests

Defence on notice to beef-up its cybersecurity efforts

Dejected by cyber attack, young woman commits suicide; case registered against former friend for abetting suicide

Experts spotted a new sophisticated malware toolkit called Decoy Dog

Gateway Casinos London reopens after cyber attack

German IT provider Bitmarck hit by cyberattack

German IT provider Bitmarck shuts all internal systems following a cyber attack

Global Cyber-attacks Continue to Rise in Q1 2023

Google banned 173k developer accounts in 2022

Google Blocks 1.43 Million Malicious Apps, Bans 173,000 Bad Accounts in 2022

Hacker revelam mais detalhes do ataque da Western Digital

Hacker targets Wichita State University

Hackers leak images to taunt Western Digital's cyberattack response

Iranian govt uses BouldSpy Android malware for internal surveillance operations

Israeli cyber security firm Check Point Software Q1 profit tops estimates

IT giant Bitmarck shuts down customer, internal systems after cyberattack

Large language models will transform corporate cybersecurity – for good and ill

Modern cybersecurity solutions: SIEM or MSSP?

Nashua schools open Monday despite cyberattack

New custom Iranian malware targeting organisations in US, Europe, and Asia

New Decoy Dog Malware Toolkit Uncovered: Targeting Enterprise Networks

New LOBSHOT malware gives hackers hidden VNC access to Windows devices

Panel investigating Suffolk County security cyberattack meets for 1st time

Radware Report Sees Religion Fueling More DDoS Attacks

Russian APT Nomadic Octopus hacked Tajikistani carrier

Russian Hackers Killnet Executed a Cyber Attack on European Air Traffic Control Agency Eurocontrol

Several Israeli websites, including Knesset, two major ports, targeted in new cyberattacks

T-Mobile discloses second data breach since the start of 2023

T-Mobile suffered the second data breach in 2023

The AI Takeover: Cybersecurity Tool or Terminator?

The hidden security risks in tech layoffs and how to mitigate them

Twitter bug let legacy verified accounts see blue check in their profile

Twitter outage logs you out and won’t let you back in

Ukrainian Government Targeted with Fake Windows Update

UNSW requests government protection for white hat hackers

Using just-in-time access to reduce cloud security risk

Using multiple solutions adds complexity to your zero trust strategy

Vietnamese Threat Actor Infects 500,000 Devices Using 'Malverposting' Tactics

Wanted Dead or Alive: Real-Time Protection Against Lateral Movement

Will your cyber insurance cover an attack in 2023?

30/04

All 435 million PayPal users warned over ‘money trick’ that empties your account – how to spot sinister attack

Atomic macOS Malware Steals Auto-fills, Passwords, Cookies, Wallets

ChatGPT returns to Italy after OpenAI tweaks privacy disclosures, controls

Crooks broke into AT&T email accounts to empty their cryptocurrency wallets

Cyberattacks fall sharply in Vietnam

Cyberattacks increasing in Japan ahead of G7 summit

Dangers of Social Media & How to Protect Privacy Online

Google blocks malware that steals key data from Chrome users

Hackers use fake ‘Windows Update’ guides to target Ukrainian govt

How Will The Cyber Attack Impact Dish's Q1 Results?

In 2022, Costa Rica Received More Than 2 Billion Cyber Attack...

Information isolation, the future of information security with Behzad Qasemi

Iran’s State-Backed Cyber-Threat Groups: Upgraded Arsenals and Aggressive Approaches

Is misinformation the newest malware?

Israeli radio station, software company targeted by cyber attack

Nem após a morte dos usuários, hackers deixam de invadir contas no Instagram

New WhatsApp feature can expose users to hacking, expert says

OVIX Protocol Falls Victim To $2 Million Oracle Exploit

Polícia Prende Hackers Suspeitos de Roubar Dados Bancários no MA e CE

Prepare for a career in cyber security with this $80 course bundle

The hidden security risks in tech layoffs and how to mitigate them

Think Like a Hacker: OPSEC Tips To Ensure Crypto Security

Unpreparedness Against China In Cyber Warfare!

YouTube helps recover hacked channel that attempted XRP crypto scams

DAILY NEWS: Abril (23/04 - 29/04) - 17 Semana de 2023