top of page

DAILY NEWS: Dezembro (11/12 - 17/12) - 50 Semana de 2022

Cyber Security and Information Security News - Daily Updates !! Weekly Review

17/12


363 WiFi routers found to be at risk of serious cyber-attack


Abanca faces $3.29 mn penalty for delay in reporting cyber attack


Clearview Public Schools experiences data breach on Indeed.com


Countries With The Highest Rate Of Cybercrime 2023: Top 10


Cyber Warfare Is Getting Real


Cybersecurity Analysts Have Discovered That Fancy Beat Is Sniffing The US Satellite Network


Fire Rescue Victoria confirms cyber attack


Five AIIMS servers were affected, 1.3 TB of data encrypted in cyber attack: MoS IT


Gamers Beware: Cybercriminals Are Coming for You Next


Gemini Customer Data Leak Was Advertised for Sale on Hacker Forums for 30 BTC in September


Glupteba malware is back in action after Google disruption


Hacker Stole Sensitive Information From FBI’s Database


Hackers selling user data from CoWIN platform on DarkWeb


Jetting off for winter sun? Seven travel scams to avoid


Microsoft Cites Safety Concerns for Cloud Service Customers—Bans Crypto Mining


New Warning Issued Against Phishing Campaign That Uses Facebook Posts To Steal User Data


Over 9 Million Credit Card Data Exposed from Leading Payment Systems


Probe into data leak ongoing (AirAsia)


Protecting edge data in the era of decentralization


Samba Issues Security Updates to Patch Multiple High-Severity Vulnerabilities


Solana’s hack story continues with Raydium Protocol as the new victim


Spam vs. Phishing: How Are These Unwanted Messages Different?


Telegram App Scams & The Steps To Protect Against Them


Watch out for these holiday scams in South Africa


What Can Someone Do with Your IP Address? (& How to Stop it in 2022)


What’s cybersecurity and why it’s important


World Cup final a target for scammers


16/12


Australia releases cloud security reference guides for SMBs


CISA Alert: Veeam Backup and Replication Vulnerabilities Being Exploited in Attacks


Colombian energy supplier EPM hit by BlackCat ransomware attack


Como garantir que a sua empresa não seja a próxima vítima de um ataque hacker?


Cyber attack on NZ’s largest insurer of doctors MAS may have exposed members’ personal data


Cyber Security Is Not a Losing Game – If You Start Right Now


Ensuring trust for high-value digital transactions


Ex-Twitter employee Gets 3.5 Years Jail for Spying on Behalf of Saudi Arabia


Executives take more cybersecurity risks than office workers


External Cloud Automotive Cyber Security Services Global Market Report 2022: Rising Number of Connected Cars to Propel Sector Growth


FBI warns that BEC attacks now also target food shipments


Fire Rescue Victoria blames cyberattack for dispatch system outage


Former Twitter Employee Gets 42 Months for Saudi Scheme


FuboTV says World Cup streaming outage caused by a cyberattack


GitHub Announces Free Secret Scanning for All Public Repositories


Goodbye SHA-1: NIST Retires 27-Year-Old Widely Used Cryptographic Algorithm


Hackers leak personal info allegedly stolen from 5.7M Gemini users


Instagram is making it easier to get your account back if you've been hacked


Lack of key domain security measures leaves organizations at risk


Microsoft: Edge update will disable Internet Explorer in February


Microsoft fixes bug that made Task Manager partially unreadable


Microsoft Reclassifies SPNEGO Extended Negotiation Security Vulnerability as 'Critical'


Microsoft warns of new Minecraft DDoS malware infecting Windows, Linux


Minecraft Servers Under Attack: Microsoft Warns About Cross-Platform DDoS Botnet


OECD Signs "Landmark" Privacy Agreement


Researchers Uncover MirrorFace Cyber Attacks Targeting Japanese Political Entities


Social Blade Confirms Data Breach Exposing PII on the Dark Web


Trojanized Windows 10 Installer Used in Cyberattacks Against Ukrainian Government Entities


Two-Thirds of Security Pros Have Burnt Out in Past Year


Woman gets 66 months in prison for role in $3.3 million ID fraud op


15/12


5 tips for building a culture of cybersecurity accountability


18-year-old Brit arrested in international raid on hacker-for-hire sites


AirTag Stalking – Murder, Fear and Litigation


Android Malware Campaign Leverages Money-Lending Apps to Blackmail Victims


As legislation evolves, businesses need a firm understanding of secure payment options


Australia at increased risk of cyber attack: Microsoft report


Centers for Medicare & Medicaid Services (CMS) Responds to Third-Party Data Breach Impacting 254K Medicare Beneficiaries


Changing Market Trends Due To Adoption of Cloud Computing In Turkey


Conti investigating 'month-long' cyber attack on IT systems


Crooks use HTML smuggling to spread QBot malware via SVG files


Distractions at work can have serious cybersecurity implications


FBI Charges 6, Seizes 48 Domains Linked to DDoS-for-Hire Service Platforms


FBI seized 48 domains linked to DDoS-for-Hire service platforms


FDA, MDIC and MITRE Publish Medical Device Threat Modeling Playbook


Feds Hit DDoS-for-Hire Services with 48 Domain Seizures


Fire Rescue Victoria confirms cyber attack from 'external third party' as outage continues


Five Best Practices for Consumers to Beat Phishing Campaigns This Holiday Season


GitHub rolls out free secret scanning for all public repositories


GitHub to require all users to enable 2FA by the end of 2023


Hacker claims breach of FBI’s critical-infrastructure portal


Hackers Bombard Open Source Repositories with Over 144,000 Malicious Packages


Hackers target Japanese politicians with new MirrorStealer malware


Hacking Using SVG Files to Smuggle QBot Malware onto Windows Systems


Increased risk for detrimental damage caused by ransomware gangs


Indians exposed to cyber risk, 265 million accounts breached since 2004: Surfshark


Iran-linked Charming Kitten espionage gang bares claws to pollies, power orgs


LEGO BrickLink bugs let hackers hijack accounts, breach servers


Loan Scam Campaign 'MoneyMonger' Exploits Flutter to Hide Malware


Microsoft bans crypto mining to protect its cloud service customers


Microsoft Reclassifies SPNEGO Extended Negotiation Security Vulnerability as 'Critical'


Microsoft removes Windows 11 update block for PCs with gaming issues


North Korean Hackers Exploit Social Media to Fund Missile Program


NSA, CISA Warn Against Threats to 5G Network Slicing


Number of command-and-control servers spiked in 2022: report


Over 85% of Attacks Hide in Encrypted Channels


Personal information of 77,000 Uber employees stolen in third-party vendor breach


Phishing attack uses Facebook posts to evade email security


Platforms Flooded with 144,000 Phishing Packages


Play ransomware gang targets Antwerp's IT solutions provider, disrupts municipal & healthcare services


Police shut down 48 DDoS-for-hire services, arrest 7 alleged administrators


Potential cyber attack hits Victoria's peak fire response agency


Prosecutors charge six, seizes 48 domains over DDoS-for-hire services


Ransomware Business Models: Future Pivots and Trends


Researchers Uncover MirrorFace Cyber Attacks Targeting Japanese Political Entities


SEC Charges 8 Social Media Influencers Over Securities Fraud


Security alert: Use these most popular passwords at your peril


Social Blade admits to being hacked


Social Blade confirms breach after hacker posts stolen user data


South Korea ranks 5th in countries losing the most money to data breaches in the world


Spyware and surveillance-for-hire industry ‘growing globally’: report


Statement From FuboTV Regarding December 14, 2022 Cyber Attack


The Professionalization of Ransomware: What You Need to Know


The State of Cybersecurity: Why Industry Experts Are Optimistic


These hackers used Microsoft-signed malicious drivers to further their ransomware attacks


Third-Party Phishing Campaign Reportedly Impacted Gemini Customer Data


Top 5 Web App Vulnerabilities and How to Find Them


TPG Shares Plummet After Cyber Hack Exposes Customers


Trend Micro Urges Security Teams to Prepare for the Next Era of Ransomware


Uber hit by another data breach


Ukrainian govt networks breached via trojanized Windows 10 installers


Western Australia to get Privacy Commissioner, data breach notice scheme


What is Doxxing?


What Makes the FIFA World Cup a Prime Target for Cyber-Criminals?


Will 2023 be another year of chaos and instability?


14/12


3 major threat detection methods explained


6 IBM cybersecurity predictions for 2023: Ransomware and CaaS will spike


Advanced Azov data wiper likely to become active threat


AgentTesla Remains Most Prolific Malware in November, Emotet and Qbot Grow


AI security innovations needed to keep pace with cyber attacks


AIIMS Cyber Attack: Chinese Hackers Infiltrated 5 Servers, Data Retrieved Now


AIIMS cyber attack originated in China, all servers retrieved now


Apple Fixes Actively Exploited iPhone Zero-Day Vulnerability


Attackers use SVG files to smuggle QBot malware onto Windows systems


Batten Down The IT Hatches: Weathering An Unstable Economy With Resilient Cybersecurity


China lays out ground rules to stem deepfake abuse


CISA Warns Veeam Backup & Replication Vulnerabilities Exploited in Attacks


Consumer threats to look out for in 2023


Counter insider risks by taking security out to the edge


Cyber Attack Cases Rising Steadily in India, 12.67 Lakh Cases Reported in 2022


Cyber attack on AIIMS Delhi's servers originated in China, say government sources


Cybersecurity: Trends From 2022 and Predictions For 2023


December 2022 Patch Tuesday: Get Latest Security Updates from Microsoft and More


Digital DNA theft could be coming in 2023


Expert Cybersecurity Predictions for the Next 5 Years


Facing hard truths the first step to beating cyber crime over the holidays


FBI seized domains linked to 48 DDoS-for-hire service platforms


FBI’s Security Platform InfraGard Hacked; 87k Members’ Data Sold Online


FINRA (U.S. Financial Industry Regulatory Authority Inc.) sees surge in ransomware attacks


Hackers Actively Exploiting Citrix ADC and Gateway Zero-Day Vulnerability


Health Care Under Cyberattack: Unprotected Medical IoT Devices Threaten Patient Care


How ChatGPT can turn anyone into a ransomware and malware threat actor 


How companies can avoid costly data breaches


Improper use of password managers leaves people vulnerable to identity theft


iOS 16.2: These security updates will protect your iPhone from multiple vulnerabilities


Iran-linked cyberspies expand targeting to medical researchers, travel agencies


Iranian state-aligned threat actor targets new victims in cyberespionage and kinetic campaigns


Kaye-Smith Announces Data Breach Potentially Affecting MultiCare Patients


Loan Fee Fraud Surges by a Fifth as Christmas Approaches


LockBit behind the ransomware attack on the California Department of Finance


Microsoft: December Windows Server updates break Hyper-V VM creation


Microsoft fixes Windows Server issue causing freezes, restarts


Microsoft-Signed Drivers Helped Hackers Breach System Defenses


Microsoft Patches Zero-Day Magniber Ransomware Hackers Used


Microsoft patches Windows zero-day used to drop ransomware


Need for collaboration in addressing rising cyber-attacks


New Actively Exploited Zero-Day Vulnerability Discovered in Apple Products


New Google Tool Helps Devs Root Out Open Source Bugs


New GoTrim Botnet Attempting to Break into WordPress Sites' Admin Accounts


New ThreatLabz Report Reveals Over 85% of Attacks Are Encrypted


New Year, New Problems: Why 2023 Could be Another Turbulent Time for Cybersecurity


Nosey Parker: Find sensitive information in textual data and Git history


NSA shares tips on mitigating 5G network slicing threats


Open-source repositories flooded by 144,000 phishing packages


OSV-Scanner: A free vulnerability scanner for open-source software


Perícia revela que provas contra Pe. Swamy foram inseridas no PC por hacker


Ransomware Attackers Use Microsoft-Signed Drivers to Gain Access to Systems


Signed Microsoft Drivers Used in Attacks Against Businesses


Stellar Cyber Integrates with Deep Instinct’s Deep Learning Technology for Unrivaled Cyber Attack Prevention


The Dark Web is Getting Darker - Ransomware Thrives on Illegal Markets


The hooded man at the computer: What are cyber images telling us?


TPG Telecom Joins Growing List of Australian Companies Hit by Cyber Attacks


Two Zero-Days Fixed in December Patch Tuesday


VMware fixes critical ESXi and vRealize security flaws


What Building Owners Don’t Know About Cybersecurity Insurance Can Hurt Them


What CISOs consider when building up security resilience


Why PCI DSS 4.0 Should Be on Your Radar in 2023


13/12


5 things school districts need to know before selecting a security provider


24% of technology applications contain high-risk security flaws


33% of consumers are victims of data breaches on companies that are tasked with keeping their data safe


921 password attacks are happening every second, here’s how to stay protected


Amazon ECR Public Gallery flaw could have wiped or poisoned any image


Analyzing Australia’s cyberthreat landscape, and what it means for the rest of the world


Apple fixes new Webkit zero-day used in attacks against iPhones


Are Website Passwords Soon Coming To An End?


Aussie Data Breaches Surge 489% in Q4 2022


Australia and Vanuatu sign defense and cybersecurity pact


Automating the cyber-skills gap


AWS fixes vulnerability affecting container image repository


Beware of WhatsApp Messages Offering Free Data to Watch FIFA World Cup


BMW Social Media Accounts Have Seemingly Been Hacked


Boeing Addresses 'Cybersecurity Incident' in SEC Filing


California Hit By Cyber-Attack, LockBit Claims Responsibility


California Hospital Notifies Patients of Healthcare Data Breach


‘Crisis situation’ declared as two Swedish municipalities hit by cyberattack


Critical FortiOS pre-auth RCE vulnerability exploited by attackers (CVE-2022-42475)


Cyber-espionage group Cloud Atlas targets Russia and its supporters


Cybersecurity Experts Uncover Inner Workings of Destructive Azov Ransomware


Cybersecurity Trends: IBM’s Predictions for 2023


DDoS Activity Intensifies in Asia Pacific


Don’t forget to protect your M365 data


Enterprises Fear Continued API Sprawl, Security Weaknesses


Experts Warn ChatGPT Could Democratize Cybercrime


Fortinet Warns of Active Exploitation of New SSL-VPN Pre-auth RCE Vulnerability


Fraud Cases Continue to Rise Globally, 97% Of Indian Firms Consider Customer Experience Paramount, Says Report


Google Launches Largest Distributed Database of Open Source Vulnerabilities


Hacker atacou agência que gerencia contas de Everton, Rodinei e Ribas


Hackers continue to leak data from Albanian intelligence services


Hackers exploit critical Citrix ADC and Gateway zero day, patch now


How to Protect Your Organisation from a Cyber Attack


Implementing strong authentication across your business


Israeli Anonymous fails to hack Imam Khomeini Airport website: Iran


Lighting and building management firm Acuity Brands discloses two data breaches


Looking into cyber security’s crystal ball


Malware Strains Targeting Python and JavaScript Developers Through Official Repositories


Microsoft fixes exploited zero-day, revokes certificate used to sign malicious drivers (CVE-2022-44698)


Mind The Gap: A lack of cyber security skills is leaving SMEs exposed


Mobile BEC Attacks on the Rise


More than 5 out of 10 UAE consumers believe their personal data is at risk: report


New GoTrim botnet brute forces WordPress site admin accounts


New Uber Data Breach – Hacker Leaks Employee and Other Sensitive Data


One Brooklyn Health battling cyber attack that forced some critical services offline


One in Five Security Professionals Won’t Bet a Chocolate Bar They Could Prevent a Damaging Breach


Ontario's vaccine management system suffers a data breach, affecting thousands


Phishing Growing in Numbers, Sophistication and Cost


Privacy concerns are limiting data usage abilities


Ransomware Group Threatens to Publish Data Stolen From California Department of Finance


Risky Business: Cyberattacks A Top Concern For Organizations


Securing Remote Workers Are Essential


Security Overlooked in Rush to Hybrid Working


Serious Attacks Could Have Been Staged Through This Amazon ECR Public Gallery Vulnerability


Sri Lanka warned against foreign employment, import parcel phishing scams


State-sponsored attackers actively exploiting RCE in Citrix devices, patch ASAP! (CVE-2022-27518)


Tackling the Scourge of Advertising Fraud


Tesco, Sainsbury’s and Morrisons shoppers warned of dangerous voucher scam - ‘watch out!’


The Growing Problem with MFA Fatigue Attacks (And What You Can Do About It)


This Linux-targeting malware just got more powerful


Three Trends For Protecting Customers From Identity Fraud In 2023


Twitter Addresses November Data Leak Claims


Three Ways Cyber Grinches Could Take Advantage This Holiday Season


Twitter says recently leaked user data are from 2021 breach


Uber Data Breach | What You Need to Know


Uber Hit By New Data Breach After Attack on Third-Party Vendor


Uber says compromised third-party to blame for data breach


Warning about Royal Mail scam emails by Action Fraud


12/12


3 Realities of Building a Security Awareness Training Program


AHAD launches Offensive Security Unit to help protect organizations from cyber attacks


AI/ML is the Knight to Save the Day against Cybersecurity Threats


Após ataque hacker, Governo de AL recupera sites do Estado: 'Nenhum sistema foi invadido'


Chaos RAT Used to Enhance Linux Cryptomining Attacks


ChatGPT Goes Viral, More Trouble for LastPass, Apple’s New Data Protections


Cloudflare's Zero Trust suite now available for free to at-risk groups


Cost of HSE cyberattack by Conti rises to €80m, letter shows