DAILY NEWS: Fevereiro (05/02 - 11/02) - 06 Semana de 2023
Dia a Dia da Segurança da Informação !!!
Cyber Security and Information Security News
Daily Updates !! Weekly Review

11/02
America’s Vulnerable Energy Infrastructure Is A Threat To National Security
Best email security practices to protect your data privacy
Better intel sharing will help us combat scams, says Singapore minister
Case of Russian accused of hacking US companies sent to jury
Change Your LastPass Password Manager, Before It's Too Late
CISA Warns of Active Attacks Exploiting Fortra MFT, TerraMaster NAS, and Intel Driver Flaws
Clicking on Google Search Results Could Cost You All Your Passwords
Credit Union issue urgent warning over latest scam that could see your account wiped
Crypto Scams of the Week: WalletConnect and Hickmirelimited
Cyber emergency at Tallahassee Memorial
Cybercriminals bypass ChatGPT restrictions to make malware worse, phishing emails better
DeFi Protocol dForce Exploited of $3.65 Million by Hacker
Enigma, Vector, and TgToxic: The New Threats to Cryptocurrency Users
Hacker uses new 'Screenshotter' malware tool to target organisations
Has OpenAI Already Lost Control of ChatGPT?
KeePass isn’t as safe as we once thought. Here’s why
Munster Technological University (MTU) Blackmailed by Russian Hacking Group
New ESXiArgs Ransomware Variant Emerges After CISA Releases Decryptor Tool
Online romance scams on the rise as Valentine’s Day approach
Only 2% of employees report possible email attacks
Pak Foreign Ministry Data Allegedly Hacked By Indian Hackers, Claims Report
Play Ransomware Lists A10 Networks on its Leak Site
Queen Elizabeth Hospital (QEH) criticised for failing to recover from cyber attack two months later
Ransomware attack hits Oakland
Ransomware crooks steal 3m+ patients' medical records, personal info
Reddit hacked in phishing attack; how to secure your account
Reported ransomware attacks in Calgary dropped 41% last year
Tallahassee Memorial Hospital responds to cyber attack by attacking workers
“The hack attack? Perhaps a diversion that hides a more complex strategy»
Tor And I2P Networks Embraced Multiple DDoS Attacks
Website Security: How to Protect Your Site from Cyber Attacks
Why passkeys from Apple, Google, Microsoft may soon replace your passwords
10/02
3 Overlooked Cybersecurity Breaches
A10 Networks confirms data breach after Play ransomware attack
A Hacker’s Mind — how the elites exploit the system
A Look Ahead to 2023: 4 Identity Security Predictions
AmerisourceBergen data breach: Lorenz ransomware gang claims attack on pharma giant
An email attack can end up costing you over $1 million
Android mobile devices from top vendors in China have pre-installed malware
Austin ethical hacker group makes reporting security bugs easier
Beware charity scammers preying on Turkey and Syria quake disasters
Beware of these fake OneNote files used by hackers to steal your information
Business Email Compromise (BEC) attacks surged 81% in 2022, 98% employees failed to report threat
California medical group data breach impacts 3.3 million patients
Cashtab[.]info, Coca-Cola, Costco, and Walmart – Top Survey Scams This Week
CentraState hack stole data from 617,000, including some Social Security numbers
City of Oakland Hit With Ransomware Attack
City of Oakland systems offline after ransomware attack
Clop ransomware claims it breached 130 orgs using GoAnywhere zero-day
Cyber Incident Disrupts Modesto, Calif., Police Department
Cybersecurity Partner Program é o novo programa de canais da Radware
Dallas Central Appraisal District Confirms it Paid $170K to Hackers After Ransomware Attack
December sees surge in US cybersecurity hires
DeFi Protocol DForce Loses $3.6M in Reentrancy Exploit
e92plus strengthens cybersecurity portfolio with three major signings
Edmonds School District says sensitive information could have been exposed in data breach
Education Department reminds colleges of deadline for following cybersecurity rules
Endpoint security getting easier, but most organizations lack tool consolidation
Enhancing India’s Cybersecurity capacity - India Cyber Games way
Essential Practices for Defense Against Social Engineering Attacks
Event cybersecurity at the Super Bowl
Fifth of ICS Bugs Have No Patch Available
Geo Targetly URL Shortener Abused in Phishing Scam
Grocery delivery service Weee! confirms hack involving customer data
Hacker Exploits Flaw in Dota 2 to Create Malicious Custom Games
Hackers usam campanha de phishing para atacar Reddit e roubar dados da empresa
HanesBrands' employee information was exposed during ransomware attack in 2022, lawsuits allege
Hassan Hariry: An innovator in cybersecurity
Highmark data breach affecting 300,000 members
How much 5 health systems are paying to settle data breach lawsuits
How to manage third-party cybersecurity risks that are too costly to ignore
Indigo’s website and services still down for third day after cyber attack
Intesa Sanpaolo says most operations restored after ION ransomware attack
Kimmel Center, Philadelphia Orchestra websites hit by cyber attack
LockBit Leaps Conti as Top Ransomware Gang
Malicious Npm Package Uses Typosquatting, Downloads Malware
Many Africans still believe cybercrime won’t affect them
Millions of passwords stolen from LastPass earlier than company disclosed: Report
New birthday phishing tactic could target 900m people
New Jersey hospital admits data breach involving thousands of patients
New Threat Group Reviews Screenshots Before Striking
North Korea targets US, South Korean hospitals with ransomware to fund further cyber operations
North Korean Hackers Targeting Healthcare with Ransomware to Fund its Operations
Over 4 million users globally at risk from hardcoded Shopify tokens
Phishing attacks are easy for criminals. This is how expensive they could be for you
Polícia Civil prende hacker que furtava dados de moradores da cidade
Presidente do CNPq diz que irá reestruturar sistemas de informação após falhas e ataque hacker
Reddit breached: Internal docs, dashboards, systems accessed
Reddit Data Breach Leaks Code, Internal Data
Reddit discloses security breach that exposed source code and internal docs
Reddit Hit By Phishing Attack, Source Code Stolen
Reddit Suffers Security Breach Exposing Internal Documents and Source Code
Refund and Invoice Scams Surge in Q4
Researchers Uncover Obfuscated Malicious Code in PyPI Python Packages
Royal ransomware spreads to Linux and VMware ESXi
Samsung Galaxy User’s, Update Your App Store, or Fall Victim to This Malware
Smishing: The elephant in the room
The dangers of unsupported applications
The Dark Detectives: How to Defeat Reconnaissance-as-a-Service
Top cybersecurity M&A deals for 2023
TrickBot ransomware gang members sanctioned by UK and US
U.K. and U.S. Sanction 7 Russians for TrickBot, Ryuk, and Conti Ransomware Attacks
US Warns Critical Sectors Against North Korean Ransomware Attacks
Weee! data breach: Hacker selling the data of 1.1m customers on the dark web
What are obligations of a firm that has experienced a cyber security attack?
Will access to 3rd-party apps for Apple users create security risks?
09/02
1 in 8 Brits who use internet dating have been targeted by romance scam
4 Types Of Crypto Phishing Attacks And How to Combat Them
2023: Complexity Reigns in Cybersecurity as Existing Threats Adapt and New Technologies Emerge
A Hackers Pot of Gold: Your MSP's Data
Banner Health Pays $1.25 Million for 2016 Data Breach, HIPAA Violations
Britain and US make major move against ransomware gangs by sanctioning seven individuals
Cloud Credentials Phishing | Malicious Google Ads Target AWS Logins
Complexidade da nuvem coloca Cyber Security em xeque
Critical Infrastructure at Risk from New Vulnerabilities Found in Wireless IIoT Devices
Cybercriminals exploit volatile job market for targeted email attacks
Cybersecurity: Why we need to shift the narrative to build a cyber-ready workforce
Dark Web Market Revenues Sink 50% in 2022
Darknet market revenue plummeted to $1.3 billion in 2022
Establishing secure habits for software development in 2023
Experts published a list of proxy IPs used by the pro-Russia group Killnet
Golpe do Pix tem nova modalidade com uso de informações sigilosas
Gootkit Malware Adopts New Tactics to Attack Healthcare and Finance Firms
Hacker attacks via Adobe Acrobat Sign on Youtubers, with ransomware and other Trojans
Health Service Executive (HSE) cyber attack: 32,000 notified of stolen data
How CISOs can improve security practices to keep up with evolving technologies
Inadequate cybersecurity investments leave rail industry at risk
Irish university MTU cancels all classes for two days after an IT breach
Kaspersky finds growing number of parents experiencing ransomware attacks on children's schools
Meet the accelerator driving cybersecurity innovation in Canada
Network visibility and security gaps due to remote work challenge IT
New Info-Stealer Discovered as Russia Prepares Fresh Offensive
New UMD Center Puts Focus on Railway Cybersecurity and Safety
NewsPenguin Threat Actor Emerges with Malicious Campaign Targeting Pakistani Entities
NIST chooses encryption algorithms for lightweight IoT devices
OpenSSL Fixes Multiple New Security Flaws with Latest Update
Orion Hacker Steals $3M, Wants to Give It Back
Over SGD600 million lost to scams in 2022, with young adults most likely to fall victim
PayPal and Twitter abused in Turkey relief donation scams
Quell Ransomware And Malware Through Cyber Storage Resilience
Ransomware has hit 3,800 servers, but CISA says this tool might help
Ransomware Revolution: 4 Types of Cyber Risks in 2023
SaaS Security Best Practices: Safeguard Consumer Data
SAP cyber resilience is not a one-and-done procedure
Schools Out for Ransom: Education Under Attack
Steps To Planning And Implementation Of Data Privacy
The impact of Russia’s Ukraine invasion on digital threats
The Quantum Effect On Cybersecurity
There's been a big rise in phishing attacks. This one worked
THN Webinar – Learn How to Comply with New Cyber Insurance Identity Security Requirements
Tiny IoT devices are getting their own special encryption algorithms
Top 10 Cybersecurity Tips for Digital Transformation
Tor Network Hit By a Series of Ongoing DDoS Attacks
Trio Arrested in COVID PPE Fraud Probe
Twitter restricted in Turkey after the earthquake amid disinformation fear
UK cracks down on ransomware actors
US Cybersecurity Space Posted Jobs Index Up By 36% In 2022
With most tax filings happening online, experts say cybersecurity is crucial
08/02
A Deep Dive Into the Growing GootLoader Threat
Android 14 to block malware from abusing sensitive permissions
APOLLO Insurance Ends Competitive Price Scraping With DataDome
Apple ID scam email: Warning issued over impersonation scam
ARMO integrates ChatGPT to secure Kubernetes
Blue Star detects cyber attack in their systems at certain locations
Canadian hospital declares Code Grey cyber security incident, some systems offline
CERT-UA Alerts Ukrainian State Authorities of Remcos Software-Fueled Cyber Attacks
ChatGPT Is A Hacker’s Dream. Will Google’s Bard Do Better?
CISA releases ESXiArgs ransomware recovery script
CISA Releases Recovery Tool for VMware Ransomware Victims
Cybercrime and ChatGPT – A New Challenge
Cybersecurity trends for 2023 and what to expect
Dallas appraisal district paid $170K in ransomware hit
Do You Need EDR if You Already Have a Firewall?
Drug distributor AmerisourceBergen confirms security breach
Entelgy Innotec Security analyses cybersecurity risks and trends in 2023
ESXi ransomware campaign strikes Florida Supreme Court, worldwide universities
Generative AI: A benefit and a hazard
Grocery delivery platform Weee! confirms data breach
Hacker confirma plano para roubar dados de Moraes e diz prestar serviços para Zambelli
Hackers used fake websites to target state agencies in Ukraine and Poland
Hong Kong Police Disrupt International Phishing Syndicate
How to Implement CIEM – A Checklist
How to Think Like a Hacker and Stay Ahead of Threats
How to Use Cloud Access Security Brokers for Data Protection
India becomes 2nd most hacked country globally
Indigo says ‘cybersecurity incident’ has impacted online orders, electronic payments
Last year's data breaches shook Australian businesses
Lessons Learned on Ransomware Prevention from the Rackspace Attack
List of Proxy IPs Exposed to Block Killnet’s DDoS Bots
Malicious Dota 2 game mods infected players with malware
Medibank faces data breach class action
Money Lover for Android & iOS leaked email addresses, transactions
New cybersecurity data reveals persistent social engineering vulnerabilities
New ESXiArgs ransomware version prevents VMware ESXi recovery
New Graphiron info-stealer used in attacks against Ukraine
NIST Standardizes Ascon Cryptographic Algorithm for IoT and Other Lightweight Devices
‘No evidence of malicious access,’ Toyota says about serious bug exploited by outside researcher
Novel face swaps emerge as a major threat to biometric security
Phishing scam causes brief headache for Tehama County
Prolific social media fraudster jailed for three years
Ransomware attack may have caused IT breach that shut all four Cork MTU campuses
Reality Reimagined: Exploring Transformative Power of Virtual Worlds on Social Media
Regulator Halts AI Chatbot Over GDPR Concerns
Researcher compromised the Toyota Supplier Management Network
Russian e-commerce giant Elevel exposed buyers’ delivery addresses
Russian Hacker Pleads Guilty to Money Laundering Linked to Ryuk Ransomware
Russian Hackers Using Graphiron Malware to Steal Data from Ukraine
Russian hackers using new Graphiron information stealer in Ukraine
Russian hacking group Seaborgium targets SNP MP Stewart McDonald
Russian national pleads guilty to money laundering linked to Ryuk Ransomware operation
Scottish MP Admits Hack Of Personal Email, After NCSC Warning
Se você usa alguma destas senhas, mude já! Elas te tornam alvo fácil para hackers
Security Think Tank: Poor training is worse than no training at all
Singapore hit by growing cybercrimes, clocks $501M in losses from scams
SMBs Should Increase Cybersecurity Investment Despite the Economy
SNP MP Stewart McDonald falls for phishing scam with Russian-backed hackers suspected
SOOCon23: Global Cooperation Needed to Enhance Open Source Software Security
SOOCon23: UK Government Urges Industry Input on Software Security Policy
Stroke Scan, Inc. Files Notice of Data Breach Affecting 50k Consumers
Sydney Man Sentenced for Blackmailing Optus Customers After Data Breach
TD Synnex launches free security self-assessments for VMware partners
Third-Party Breaches Grow More Destructive
Third-Party Data Breach Victims Double, Healthcare Most Targeted
Top 3 resolutions for security teams
Tor and I2P networks hit by wave of ongoing DDoS attacks
UK High Court allows Bahraini activists to sue government over spyware
UK Politician's Email Hacked by Suspected Russian Threat Actors
Ukraine CERT-UA warns of phishing attacks employing Remcos software
Unpatched Security Flaws Disclosed in Multiple Document Management Systems
US CISA releases a script to recover servers infected with ESXiArgs ransomware
US NIST unveils winning encryption algorithm for IoT data protection
VMware Disputes Old Flaws at Root of ESXiArgs Ransomware Attacks
Weee! grocery service confirms data breach, 1.1 million affected
Why the Cybercrime Industrial Complex is Targeting Small to Medium-Sized Businesses
07/02
A new Linux variant of Clop ransomware has major flaws, researchers say
Actively exploited GoAnywhere MFT zero-day gets emergency patch
All classes canceled at Irish university as it announces ‘significant IT breach’
Amazon S3 to apply security best practices for all new buckets
Attackers are searching for online store backups in public folders. Can they find yours?
Blow to Morgan Advanced Materials as cyber-attack to cost millions to deal with
Blue Star detects cyber attack at certain locations, but says no impact on operations
Challenges in Protecting Cyber Critical Infrastructure
ChatGPT’s potential to aid attackers puts IT pros on high alert
CISA says Killnet DDoS attacks on U.S. hospitals had little effect
Clop ransomware flaw allowed Linux victims to recover files for months
CoW Swap hacker milks over 550 BNB using ‘solver’ exploit
Currys scam warning: fake Currys Smeg kettle giveaway
Cyber Insurance, A Must-Have for Small Businesses
Cybercriminals Bypass ChatGPT Restrictions to Generate Malicious Content
Cybercriminals Use These Types of Tactics, Techniques and Procedures (TTPs)
Disney+ scam emails: fake ‘technical incident’ warning
Drugs Labs Busted After Encrypted Chat App Takedown
Eliminating SOC fatigue in today’s distributed, hybrid workplace
Encrypted Messaging App Exclu Used by Criminal Groups Cracked by Joint Law Enforcement
Four ways to maximize a cybersecurity budget
Fraud alert! That WhatsApp message from your boss might be a phishing campaign
Hackers Exploit Vulnerabilities in Sunlogin to Deploy Sliver C2 Framework
Häfele IT systems down after cyber attack
How financial firms are fending off ransomware
How to avoid scams and fraud: Best practices for your business
How to scale cybersecurity for your business
How to Spot a Nefarious Cryptocurrency Platform