Daily News - Agosto (10/08 - 16/08) - 33 Semana de 2025Felipe Pradohá 2 dias5 min de leituraAtualizado: há 49 minutos12/085 key takeaways from Black Hat USA 20259 things CISOs need know about the dark web275M patient records breached—How to meet HIPAA password manager requirementsAndroid's pKVM hypervisor earns SESIP Level 5 security certificationAPT groups are getting personal, and CISOs should be concernedAustralian regulator sues telecom giant Optus over massive 2022 data breachBlackSuit ransomware takedown nabs 4 servers, 9 domains, and $1 million in cryptoBreachForums Seized and Turned into Honeypot by Law EnforcementConnex Credit Union Data Breach Affects 172,000 MembersCurly COMrades cyberspies hit govt orgs with custom malwareCyber attack Hits U.S. Judiciary, Compromises Sensitive Court DataCybercrime Groups ShinyHunters, Scattered Spider Join Forces in Extortion Attacks on BusinessesCybercriminals Exploit Low-Cost Initial Access Broker MarketDocker Hub still hosts dozens of Linux images with the XZ backdoorDutch NCSC Confirms Active Exploitation of Citrix NetScaler CVE-2025-6543 in Critical SectorsEntraGoat: Vulnerable Microsoft Entra ID infrastructure to simulate identity security misconfigurationsFBI, Ghana Authorities Bust $100 Million Romance Scam in Major International ExtraditionFinancial Services Could Be Next in Line for ShinyHuntersFortinet SSL VPNs Hit by Global Brute-Force Wave Before Attackers Shift to FortiManagerGDPR Password Management: Ensuring Compliance with PassworkHackers leak Allianz Life data stolen in Salesforce attacksHackers Raid Dutch Lab, Stealing Data on 500,000 PatientsHackers roubam passaportes de hotéis e colocam à venda na ItáliaHome Office Phishing Scam Targets UK Immigration SponsorsInterlock claims cyberattack on St. Paul, employees forced to scrub dataInterlock Ransomware Group Allegedly Breaches City of St. Paul – Leaking 43 GB of DataInterlock Ransomware Group Leaks 43GB of Data in City of St. Paul CyberattackLee & Associates Allegedly Hit by Major Data Leak – Confidential Files ExposedManpower discloses data breach affecting nearly 145,000 peopleMicrosoft August 2025 Patch Tuesday fixes one zero-day, 107 flawsMITRE: Russian APT28's LameHug, a Pilot for Future AI Cyber-AttacksMMA Transfers Allegedly Hit by D4rk4rmy Ransomware Attack – 74GB of Data LeakedMotorcycle Giant Royal Enfield Allegedly Hit by Ransomware AttackNew 'Curly COMrades' APT Using NGEN COM Hijacking in Georgia, Moldova AttacksNorth Korean hacking group Kimsuky hit by data breach, internal tools and stolen data leakedOver 3,000 NetScaler devices left unpatched against CitrixBleed 2 bugOver 29,000 Unpatched Microsoft Exchange Servers Leaving Networks at RiskOver 170,000 people impacted in Connex Credit Union data breachPlay Ransomware Group Allegedly Breaches Rite Track, Travancore Analytics, Bluewater Yacht Sales, and The Scharine GroupQilin Ransomware Group Allegedly Breaches Burmann and EMPUR Produktions GmbHResearchers Spot XZ Utils Backdoor in Dozens of Docker Hub Images, Fueling Supply Chain RisksRhysida Ransomware Allegedly Breaches US Printer Trans-TexRussian-Linked Curly COMrades Deploy MucorAgent Malware in EuropeSaint Paul cyberattack linked to Interlock ransomware gangThe Ultimate Battle: Enterprise Browsers vs. Secure Browser ExtensionsUrgent patch released for WinRAR zero-day under active exploitUS govt seizes $1 million in crypto from BlackSuit ransomware gangVistra Group Allegedly Breached – Sensitive Offshore Client Data Surfaces on Dark WebWhat makes a security program mature and how to get there fasterWhy DNS threats should be on every CISO’s radar in 2025Windows 10 KB5063709 update fixes extended security updates enrollmentWindows 11 KB5063878 & KB5063875 cumulative updates releasedWinRAR zero-day was exploited by two threat actors (CVE-2025-8088)11/086 Lessons Learned: Focusing Security Where Business Value Lives29K IPs still unpatched as CISA’s deadline nears: US and Germany most affected172K Connex members affected by data breachAustralian and New Zealand (ANZ) firms face rising repeat ransomware attacks & executive threatsBadCam Attack Turns Trusted Linux Webcams into Stealthy USB WeaponsBoeing, US Navy supplier Jamco Aerospace claimed in ransomware attackBreaches are up, budgets are too, so why isn’t healthcare safer?Britain's M&S restores click and collect services 15 weeks after systems hackedCarmaker Portal Flaw Could Let Hackers Unlock Cars, Steal DataCastleLoader Malware Hits 400+ Devices via Cloudflare-Themed ClickFix Phishing Attack'Chairmen' of $100 million scam operation extradited to USChange Healthcare Data Breach Exposed Personal Information of Over 192 Million PeopleChrome sandbox escape nets security researcher $250,000 rewardConnex Credit Union Breach Exposes 172,000 Members’ DataConnex Credit Union data breach impacts 172,000 membersCoordinated Disruption Actions Against BlackSuit (Royal) Ransomware OperationsCredential theft has surged 160% in 2025Crypto-stealing GreedyBear just became even greedierCSO hiring on the rise: How to land a top security exec roleData breach at Dutch medical laboratory much larger than expectedDepartment of Homeland Security (DHS), global partners dismantle BlackSuit ransomware network after 450 US victims; servers and assets seizedDetails emerge on WinRAR zero-day attacks that infected PCs with malwareDior data breach exposes personal details of nearly 1m HK customers: PCPDEfimer Trojan targets users via phishingEight Countries Face EU Action Over NIS2 Deadline FailingsEmbargo Ransomware Gang Amasses $34.2m in Attack ProceedsFrom legacy to SaaS: Why complexity is the enemy of enterprise securityGhanaian Nationals Extradited for Roles in $100M Romance and Wire Fraud RingGlobal Eyewear Giant Marcolin Allegedly BreachedGoogle clarifies data breach: business contacts of potential Ads customers affectedGoogle confirms Salesforce data breach targeting prospective ads customersHacker Exposes Flaw In Automaker's Portal That Could Let Thieves Unlock Cars RemotelyHackers breach cancer screening data of almost 500,000 womenHackers Leak 9GB of Data from Alleged North Korean Hacker’s ComputerHow Brandolini's law informs our everyday infosec realityHow ShinyHunters Hacking Group Stole Customer Data from SalesforceHoward Financial & Associates Allegedly Hit by INC RansomwareIndonesian Logistics Giant JNE Allegedly Breached – 81 Million Records for SaleItalian Tech Integrator Alascom Allegedly Hit by Rhysida RansomwareKaspersky uncovers Efimer trojan targeting organizations through phishing emailsLeaked credentials surge 160% as 2025 sees record-breaking data breachMassive Columbia University data breach affects nearly 900,000 past and present students - here's what was leaked, and how to stay safeMedusaLocker ransomware group is looking for pentestersMuddyWater's DarkBit ransomware cracked for free data recoveryNetherlands: Citrix Netscaler flaw CVE-2025-6543 exploited to breach orgsNew TETRA Radio Encryption Flaws Expose Law Enforcement CommunicationsNew WinRAR Zero-Day Exploited by RomCom HackersOver 29,000 Exchange servers unpatched against high-severity flawPatient PII and PHI Allegedly Leaked Following Ransomware Attack on California Surgeon Louis Tieu DDS MDPentesting is now central to CISO strategyResearchers Spot Surge in Erlang/OTP SSH RCE Exploits, 70% Target OT FirewallsSensitive Data of Columbia University Students and Staff Compromised in Major BreachSmart Buses flaws expose vehicles to tracking, control, and spyingSt. Paul races to restore systems after ransomware attack forces massive data resetThe Rise of Native Phishing: Microsoft 365 Apps Abused in AttacksThe University of Western Australia cyber-attack: A wake-up call for university cyber-securityUK Red Teamers “Deeply Skeptical” of AIWEYHRO Ransomware Group Allegedly Breaches Chemtron RiverBend and Community Services of MissouriWin-DDoS: Attackers can turn public domain controllers into DDoS agentsWinRAR zero day exploited by RomCom hackers in targeted attacksWinRAR Zero-Day Under Active Exploitation – Update to Latest Version ImmediatelyWinRAR Zero-Day Vulnerability Allegedly Exploited by Russian Hackers to Target Governments10/08AgentFlayer 0-click exploit abuses ChatGPT Connectors to Steal 3rd-party app dataAPT Sidewinder Mimics Government and Military Agencies to Steal Login CredentialsEmbargo ransomware group moved $34M in crypto since April: TRM LabsGoogle Calendar invites let researchers hijack Gemini to leak user dataGoogle Confirms Data Breach – Notifying Users Affected By the CyberattackKimsuky hackers target South Korean government and telecom firms in cyber attacksMarks & Spencer restores click-and-collect service for the first time in months after crippling cyber attackMassive leak of over 115 million US payment cards caused by Chinese "smishing" hackers - find out if you're affectedNational Cyber Emergency Response Team (NCERT) issues advisory as ransomware attacks surge in PakistanNew Win-DDoS Flaws Let Attackers Turn Public Domain Controllers into DDoS Botnet via RPC, LDAPResearchers Detail Windows EPM Poisoning Exploit Chain Leading to Domain Privilege EscalationThousands to report in for password change after St. Paul ransomware attackLAST WEEK - Última SemanaDaily News - Agosto (03/08 - 09/08) - 32 Semana de 2025
