DAILY NEWS: Fevereiro (05/02 - 18/02) - 07 Semana de 2023
Dia a Dia da Segurança da Informação !!!
Cyber Security and Information Security News
Daily Updates !! Weekly Review
18/02
Addressing Cybersecurity Concerns During the Grid Modernization Process
Águas do Porto foi alvo de ataque ransomware
Beware Fake Disney Plus Emails That Steal Your Bank Information
CGU investiga suspeita de ação hacker em cartão de vacinação de Bolsonaro
Crypto investors under attack by new malware, reveals Cisco Talos
Cybersecurity: What can you do to reduce your risk of an online attack?
Data Breach: FBI Admits ‘Malicious Cyber Incident’ on Its Computer Network
German airport websites hit by suspected cyber attack
Gloucester’s GL1 leisure centre still suffering from city council cyber attack fallout
GoDaddy discloses a new data breach
GoDaddy Discloses Multi-Year Security Breach Causing Malware Installations and Source Code Theft
Hackers Ran Amok Inside GoDaddy for Nearly 3 Years
New WhiskerSpy malware delivered via trojanized codec installer
Oops! ‘Phishing’ scam cost small Ohio city $219,000, finance director his job
Queen’s updates cybersecurity measures to protect data
Smishing, vishing and whaling: How phishing scams are evolving
SMS-Based 2FA Will Be Limited to Twitter Blue Users
Spain Orders Extradition of British Alleged Hacker to U.S.
Suspeita de atividade hacker em cartão de vacina de Bolsonaro é investigada
The Feds Are Launching a Hack Back Squad
Threats in the cyberspace: Critical systems at risk
Top cybersecurity trends small businesses should be paying attention to this year
Twitter Limits SMS-Based 2-Factor Authentication to Blue Subscribers Only
Twitter will allow using the SMS-based two-factor authentication (2FA) only to its Blue subscribers
UK: Lancashire County Council has referred itself following a data breach
U.K.: NHS call center advisor found guilty of accessing medical records illegally
Unintended riot: Leading games manufacturer struck by ransomware
Vishing on phishing: messenger users will face a sharp increase in fraud
Weeklong ransomware attack on Oakland government drags on
What Role Does Mathematics Play In Cybersecurity? Check These Examples
17/02
2 Orgs Reach Settlements to Resolve Healthcare Data Breach Lawsuits
5 key cybersecurity trends for 2023
A consumer data leak involving Money Lover brings cybersecurity front and center for FIs
Admins, patch your Cisco enterprise security solutions! (CVE-2023-20032)
Aker Solutions continues to tackle Brazil cyber attack
Armenia and Azerbaijan Hackers Use OxtaRAT to Monitor Conflict
Armenian Entities Hit by New Version of OxtaRAT Spying Tool
As cybersecurity gaps grow, consolidation takes on new meaning for hybrid cloud
Atlassian Data Breach, Company Info Stolen From Third-Party App
Authorities break up gang responsible for €38 million CEO fraud
Belgium institutes nationwide vulnerability disclosure policy
Bing Chat's secret modes turn it into a personal assistant or friend
Building trust in IoT ecosystems: A privacy-enhancing approach to cybersecurity
Can Automation Replace People? 8 Key Roles Humans Play in Cybersecurity
CISA adds Cacti, Office, Windows and iOS bugs to its Known Exploited Vulnerabilities Catalog
Cisco fixed critical RCE bug in ClamAV Open-Source Antivirus engine
Cloud Infrastructure Used By WIP26 For Espionage Attacks on Telcos
Critical RCE Vulnerability Discovered in ClamAV Open Source Antivirus Software
Cryptocurrency stolen by N.Korean hackers seized in Norway
Cybercriminals Use Havoc Post-Exploitation Framework in Attack Campaigns
Cybersecurity budgets to increase by 22% over 3 years, says Kaspersky
Cybersecurity Collaborative Targets Open-Source Software
Cybersecurity jobs remain secure, despite recession fears
Data Breach Reported At Mount Pleasant Central School District
Data Leak Hits Thousands of NHS Workers
Data exposed in Des Moines schools ransomware attack that disrupted district
Digital Vigilance – Is Your Business Properly Protected Online?
DNA Testing Company Settles After Major Data Breach
EU Cybersecurity Agency Warns Against Chinese APTs
European Cyber Agencies Warn of Chinese Espionage Threat
Evolving Threat Landscape Leading to Cybersecurity Pro “Burnout,” Study Says
Experts Warn of RambleOn Android Malware Targeting South Korean Journalists
FBI detects, contains cyber attack on New York office: News reports
FBI is investigating a cybersecurity incident on its network
Firm Fined £200K For "Exploitative" Call Campaign
Five easy steps to keep your smartphone safe from hackers
For the Many, One: MSP Cybersecurity Considered
Fortinet fixes critical RCE flaws in FortiNAC and FortiWeb
Fortinet fixes critical vulnerabilities in FortiNAC and FortiWeb
German airport websites hit by DDos attacks once again
GoDaddy: Hackers stole source code, installed malware in multi-year breach
Google Ads Spreads FatalRAT Malware, Disguised As Popular Apps
Google Report Reveals Russia's Elaborate Cyber Strategy in Ukraine
Hacker group “Anonymous Sudan” claims major cyber attack on Scandinavian airline SAS
Hackers Fake Emsisoft Certificate to Hide Attack
Hackers usam anúncios do Google para espalhar malware FatalRAT disfarçado de aplicativos populares
Highmark notifies members of data breach related to malicious email phishing campaign
How hackers can cause physical damage to bridges
Indigo launches temporary website – for browsing only – after cybersecurity incident
Introducing Security Insights and Actions for Serverless-Centric Apps
Lancashire County Council has referred itself following a data breach
Lessons to be learnt from Royal Mail ransomware attack
MKS Instruments, Inc. Files Notice of Data Breach Affecting Current and Former Employees
Moroccan News Agency MAP Target of DDoS Cyber Attack
Multi-Cloud Strategy is Appealing, but Security Confidence Lags
Nation-State Actors and Cyberattacks in the Emerging 5G Ecosystem
Navigating the ever-changing landscape of digital security solutions
New AI wave will find uses and abuses in cybersecurity
New Mirai Botnet Variant 'V3G4' Exploiting 13 Flaws to Target Linux and IoT Devices
Norway finds a way to recover crypto North Korea pinched in Axie heist
Norwegian police recover $5.8M crypto from massive Axie Infinity hack
Oakland City Declares State of Emergency Following Ransomware Attack
OAS and Cisco conclude second Meeting of the Cybersecurity Innovation Councils
Oficial do FBI alerta estados dos EUA sobre ameaça de hackers chineses
Open Systems Launches MXDR Service Leveraging Microsoft AI
PayPal Scammers Using Legitimate Accounts to Send Phishing Invoices
Privacy in the US workplace – a rapidly changing landscape
Reducing the Risk of Severe Data Breaches
Report Found 98% Of Organizations Partner With Breached Third Parties
SideWinder Behind Govt Phishing Spree Across the East
Solving the cybersecurity puzzle
The Five Important Moments In History That Shaped The Modern Cybersecurity Landscape
UK NCSC Launches Recommendations on Supply Chain Mapping
Understanding Zero-Day Vulnerabilities and the Clop Ransomware Fallout
XIoT vendors get serious about security, devote resources to protect cyber-physical systems
Zero Trust Presents 'Doable' Cybersecurity Goals, State Department's CIO Says
Wealth management leader Succession Wealth investigating a cyber attack
West Lothian cancer patient slams NHS Lothian for 'inappropriate' data breach
Women are an untapped resource in cybersecurity
16/02
10 Dangerous Apps You Don't Want to Find On Your Kid's Phone
A major global chipmaking supplier claims an employee stole manufacturing secrets
Application and cloud security is a shared responsibility
Atlassian says recent data leak stems from third-party vendor hack
Audit: MySejahtera Data Breach Affected Three Million Users
BEC Groups Target Firms With Multilingual Impersonation Attacks
Breaking the Security "Black Box" in DBs, Data Warehouses and Data Lakes
Burton Snowboards cancels online orders after 'cyber incident'
California medical groups; Pepsi experience data breaches
Challenging cost misconceptions in STEM education
ChatGPT Empowers Millions of Potential Cyberattackers
CISA’s Recognition of Security Control Validation is a Major Milestone
CISA warns of Windows and iOS bugs exploited as zero-days
City of Oakland Declares State of Emergency After Ransomware Attack
Conheça os mais procurados hackers do mundo cibernético
Crypto giant Binance moved $400 million from U.S. partner to firm managed by CEO Zhao
Cryptocurrency users in the US hit by ransomware and Clipper malware
Denying hackers a pay day will break the ransomware business model
ESXiArgs Ransomware Hits Over 500 New Targets in European Countries
Expected advancements in quantum cryptography
Experts Warn of Surge in Multipurpose Malware
Fraudsters are using machine learning to help write scam emails in different languages
Golpe do Instagram: hackers copiam perfis de mulheres para vender pornografia
Google Ads drop FatalRAT malware from fake messenger, browser apps
Hacker que clonava cartões bancários apanhado pela PJ a comprar relógios
Hackers backdoor Microsoft IIS servers with new Frebniis malware
Hackers Leverage PayPal to Send Malicious Invoices
Hackers Using Google Ads to Spread FatalRAT Malware Disguised as Popular Apps
Helping users and organizations build an instinctive data privacy habit
High-risk users may be few, but the threat they pose is huge
How SQL Server Temp Tables Work
Hyundai and Kia to patch a flaw that allows the theft of the cars with a USB cable
Microsoft: February updates break some Windows Server 2022 VMs
Mirai Variant V3G4 Exploiting IoT Devices for DDoS Attacks
New MortalKombat ransomware employed in financially motivated campaign
New Threat Actor WIP26 Targeting Telecom Service Providers in the Middle East
Nice Try Tonto Team: How a nation-state APT attempted to attack Group-IB
Over 500 ESXiArgs Ransomware infections in one day, but they dropped the day after
Perceived Cloud Security vs. Reality: Test Yourself
Private Data Breach Litigation Comes of Age
Quarter of Crypto Tokens Linked to Pump-and-Dump
Researchers Hijack Popular NPM Package with Millions of Downloads
Researchers Link SideWinder Group to Dozens of Targeted Attacks in Multiple Countries
Researchers Warn of Critical Security Bugs in Schneider Electric Modicon PLCs
Scandinavian Airlines says cyberattack caused passenger data leak
The US Government’s Open Source Security Policy Discussed
The war in Ukraine has shaken up the cybercriminal ecosystem, Google says
UK Policing Riddled with Chinese CCTV Cameras
US, UK Join Forces to Sanction Trickbot Leaders
What Is Google's New Privacy Sandbox for Android and How Can You Join the Beta?
What is the tokenization process and why it is so important?
15/02
7 Email Security Mistakes You're Making (and How to Fix Them)
10 signs that scammers have you in their sights
A Pentester’s Guide to Strengthening Your Cloud Security Defenses
A10 Networks loses sensitive corporate data to a Play ransomware attack
AdSense fraud campaign relies on 10,890 sites that were infected since September 2022
Advent Health settles data breach suit for $500K
Aker Solutions’ Brazilian arm becomes a victim of cyber attack
Attack surface management (ASM) is not limited to the surface
Beep, a new highly evasive malware appeared in the threat landscape
Binance and Huobi freeze $1.4M in crypto linked to North Korean hackers
China Courier Shares Dip After Alleged Massive Data Breach
Chinese hacker ‘Xiao Qi-ying’ attacks 5 more domestic servers… KISA “Checking the hacking path”
Citrix fixes severe flaws in Workspace, Virtual Apps and Desktops
City of Oakland declares state of emergency after ransomware attack
Combining identity and security strategies to mitigate risks
Community Health Systems data breach caused by GoAnywhere MFT hack
CompSource Mutual Insurance Company Reports Data Breach Affecting Thousands of Claimants
Controller-level flaws can let hackers physically damage moving bridges
Crypto-Stealing Campaign Deploys MortalKombat Ransomware
Cyber-Attack Hits Greece’s ‘Documento’ After Report on Fraudster’s Wife
Cyber Warfare & National Cybersecurity in the 21st Century: Five Key Takeaways
'Cybercriminal, Cheat' Russian Hacker Guilty Of Boston Stock Conspiracy: Feds
Data protection regulations aren’t enough to safeguard your data
Defending against attacks on Azure AD: Goodbye firewall, hello identity protection
Developing a successful cyber resilience framework
Does Poor Cybersecurity Affect Healthcare?
Electromed Proposes $825,000 Class Action Data Breach Settlement
Emsisoft says hackers are spoofing its certs to breach networks
Experts Warn of 'Beep' - A New Evasive Malware That Can Fly Under the Radar
Financially Motivated Threat Actor Strikes with New Ransomware and Clipper Malware
Four cyber attack trends that mustn’t slip under your radar
Google Rolling Out Privacy Sandbox Beta on Android 13 Devices
Health data of 4,000 Garrison Women’s Health patients exposed in third-party security incident
How Can Forex Brokers Deal with Data Breaches?
How Vital is Threat intelligence Data to a Successful Cyber Strategy?
Hyundai, Kia patch bug allowing car thefts with a USB cable
Indigo Still Offline In Suspected Cyber Attack
Investigators uncover crypto scammers baiting ‘phish’ hooks on YouTube
Italy’s cyber sleuths warn of global hacking attack
January’s ‘Most Wanted’ malware
LG U+ made contact with hacker group claiming data theft
LockBit and Royal Mail Ransomware Negotiation Leaked
Management, lack of money blamed for poor cybersecurity at Canadian hospitals
Meriplex Communications Announces Data Breach Affecting Malaga Bank Customers
Microsoft fixes three zero-days in its 75-flaw February Patch Tuesday
Microsoft Patches Three Zero-Day Bugs This Month
Mobile pharmacy data breach affects 66,372 patients, including at Banner Health
Mount Saint Mary College Reports Data Breach Affecting 17,924 Students and Employees
New MortalKombat Ransomware Attack Aiming for Crypto Wallets
North Korea's APT37 Targeting Southern Counterpart with New M2RAT Malware
PHI Compromised in 4 Recent Ransomware and Malware Attacks
Philadelphia Orchestra Suffers Cyber-Attack
Ransomware attack causes Oakland to declare local state of emergency
Ransomware gang uses new zero-day to steal data on 1 million patients
Regular Pen Testing Is Key to Resolving Conflict Between SecOps and DevOps
Russian hacker convicted of $90 million hack-to-trade charges
SAS App and Website Hit as Attacks Target Swedish Firms
Scandinavian Airlines hit by cyberattack, ‘Anonymous Sudan’ claims responsibility
Secure 5G Networks Key for Business and Society
SideWinder APT Attacks Regional Targets in New Campaign
The Cyber Risks Of Scaling: How To Secure Your Expanding Attack Surfaces
The end of passwords as we know it: Why experts say the future of security is passwordless
The four most intriguing cyberattacks of 2022
The return of ICEFALL: Two critical bugs revealed in Schneider Electric tech
The Rise of Cybercrime: Understanding Hacking Basics and Protecting Your Online Activities
The risks and benefits of starting a vCISO practice
Threat Analysis: VMware ESXi Attacks Soared in 2022
Update Now: iOS Devices Receive Vital Security Updates from Apple
Update Now: Microsoft Releases Patches for 3 Actively Exploited Windows Vulnerabilities
What’s known about the ESXiArgs ransomware hitting VMware servers
Will Cyber Insurance Cover Nation-State Attacks in 2023?
14/02
1Password is saying goodbye to passwords in favor of passkeys. Here's why
A CISOs Practical Guide to Storage and Backup Ransomware Resiliency
Accenture Acquires Brazil-Based Cybersecurity Firm Morphus
Accenture acquires cybersecurity company Morphus
Actionable intelligence is the key to better security outcomes
Adsense abused: 11,000 sites hacked in a backdoor attack
Apple fixes actively exploited WebKit zero-day in iOS, macOS (CVE-2023-23529)
Apple fixes the first zero-day in iPhones and Macs this year
ChatGPT and more: What AI chatbots mean for the future of cybersecurity
Chinese Hackers Infiltrate South American Diplomatic Networks
Chinese Hackers Targeting South American Diplomatic Entities with ShadowPad
Cloudflare blocked record-breaking 71 million request-per-second DDoS attack
Cloudflare Stops Largest HTTP DDoS Attack on Record
Cyber Attacks Rise by 79%, says Report
Cybersecurity guide outlines growing threat
Cybersecurity High-Risk Series: Challenges in Protecting Privacy and Sensitive Data
Enigma info-stealing malware targets the cryptocurrency industry
Eurostar forces 'password resets' — then fails and locks users out
Expert warns Irish universities to ‘urgently’ review cybersecurity after MTU data leaked on dark web
Experts discover over 451 clipper malware-laced packages in the PyPI repository
Financial cybersecurity expert to speak at UB
Get hired in cybersecurity: Expert tips for job seekers
Goldman Sachs says buy Palo Alto Networks as the cybersecurity company diversifies its business
Google Vertex AI Vision: Revolutionizing E-Commerce?
Hackers Breach Pepsi Bottling Ventures' Network
Healthcare giant CHS reports first data breach in GoAnywhere hacks
How companies can minimize the cybersecurity risk from their tech vendors
How to Close the Cybersecurity Skills Gap: Collaboration, Creativity, and Education
How to Tackle Cybersecurity Threats with a Risk-Based Approach
Indigo website still offline nearly 1 week after cybersecurity incident
Malware that can do anything and everything is on the rise
Massive AdSense Fraud Campaign Uncovered - 10,000+ WordPress Sites Infected
Massive HTTP DDoS Attack Hits Record High of 71 Million Requests/Second
Measuring cybersecurity: The what, why, and how
Medical Device Cybersecurity: Are you Prepared?
Microsoft Edge update starts disabling Internet Explorer 11 today
Next-Gen: How A Security Researcher Turned EDRs Into Wipers Using 0-Day Exploits
New ‘MortalKombat’ ransomware targets systems in the U.S.
New stealthy 'Beep' malware focuses heavily on evading detection
New Year, More Cybersecurity Concerns: What To Expect In 2023
NPM packages posing as speed testers install crypto miners instead
Patch Now: Apple's iOS, iPadOS, macOS, and Safari Under Attack with New Zero-Day Flaw
Python Developers Beware: Clipper Malware Found in 450+ PyPI Packages!
QCI Commences Cyber Security Launch as Patent is Awarded Addressing Unconditional Network Security
Qualys expands cloud platform, introduces all-inclusive cybersecurity packages
Resurrected Crypto-mixer Launders $100m in North Korean Funds
Rohde & Schwarz, Chemnitz University of Technology partner for R&D in cybersecurity
Russian cybersecurity expert convicted of charges in $90M hack-to-trade case
Spanish Police Bust €5m Phishing Gang
Steps CISA should take in 2023
The Tor network hit by wave of DDoS attacks for at least 7 months
Why Keeping Your Gaming Console Secure Should be a Priority in 2023
Wisconsin Resident Producers Required to Submit Annual Cybersecurity Certification By March 1, 2023
13/02
$1.3 billion lost by 70,000 Americans to romance scams last year
Accenture surpreende e adquire a empresa brasileira Morphus
All but Florida, South Dakota apply for federal cyber grants allocated by infrastructure bill
As regulations skyrocket, is compliance even possible anymore?
Binance é condenada a ressarcir cliente brasileiro que diz ter sido vítima de ataque hacker
California healthcare organizations alert 3M patients of a ransomware attack in December
Can we predict cyber attacks? Bfore.AI says they can
Chinese Tonto Team Hackers' Second Attempt to Target Cybersecurity Firm Group-IB Fails
City of Oakland, Irish and Israeli universities suffer ransomware attacks
Cyber attack forced Canada's largest bookstore chain to shut website, accept only cash payments
Cyber criminals using ChatGPT to create malware, do phishing
Cybercriminals exploit fear and urgency to trick consumers
Data Breach: Overcoming a Critical Cyber Threat as it Becomes More Common
DHL, MetaMask phishing emails target Namecheap customers
Do Retail Forex Brokers Take Cyber Security Seriously Enough?
Email, collaboration tools top targets as SA braces for new year of cyberattacks
Evolving cybersecurity threats require modern defences
Galway Credit Unions urges public to be vigilant following SMS phishing scam
Hacker Reveals Microsoft’s New AI-Powered Bing Chat Search Secrets
Hackers Create Malicious Dota 2 Game Modes to Secretly Access Players' Systems
Hackers target Valentino, Michael Kors, and Creed fashionistas
Hackers Targeting U.S. and German Firms Monitor Victims' Desktops with Screenshotter
Hacktivists hacked Iranian State TV during President’s speech on Revolution Day
Honeypot-Factory: The Use of Deception in ICS/OT Environments
How cybercriminals use phishing and other tricks to hack smartphones
How To: Maximize Security ROI Amid an Economic Downturn
How To Protect Against AI-Based Email Security Threat Vectors
Information overload is a key barrier to effective threat intelligence, says Mandiant
Israel’s top tech university postpones exams after ransomware attack
Kimmel Center, Philadelphia Orchestra websites hit by cyber attack
Lazarus hackers use new mixer to hide $100 million in stolen crypto
Majority of Firms Make Cybersecurity Decisions Without Attacker Insight
MetaMask users targeted in Namecheap email scam
MoneyGram Fraud Victims Get $115m in Compensation
Mount Saint Mary College confirms ransomware attack in December
Namecheap Customers Flooded with Phishing Emails
Pepsi Bottling Ventures suffers data breach after malware attack
Philadelphia Orchestra, Kimmel Center websites down after cyberattack cripples ticket sales
Play Ransomware Group Claims Attack on A10 Networks
Ransomware hits Technion university, protests tech layoffs and Israel
Reimagining zero trust for modern SaaS
Researcher says PokerBaazi exposed users’ information, platform denies data breach
Researchers Uncover 700+ Malicious Open Source Packages
Several NATO websites suffer cyber attack
Social security numbers exposed in N.J. school district data breach
Spain, U.S. dismantle phishing gang that stole $5 million in a year
SynSaber Report Brings More Context to ICS Security
Trickbot Hacking Group Jointly Sanctioned By the US and Britain
Typosquatting: Legit Abquery Package Duped with Malicious Aabquerys
Uncover the Default Passwords Lurking in Your Active Directory
Under pressure – how can CISOs avoid burnout in the face of ransomware?
Vulnerabilities open Korenix JetWave industrial networking devices to attack
What was the extent of damage in a recent cyber attack on India’s top medical institute in Delhi?
Why Are Small Businesses At Highest Ransomware Risks
Wormhole hacker moves another $46M of stolen funds
12/02
4 misconceptions about data exfiltration
15 ways to spot online shopping scams
Data breach forcing companies to hike service charge
Data leak: Social media Slick exposed children’s user data
Devs targeted by W4SP Stealer malware in malicious PyPi packages
Florida Supreme Court, US, Europe hit by ransomware attacks
Hackers create ChatGPT-driven Telegram bots that can write malware
Hackers interrompem discurso de presidente do Irã no aniversário da Revolução Islâmica
Hackers target Israel’s Technion demanding huge sum in Bitcoin
HSE data leak: Thousands waiting for letter to find out if they were impacted by HSE cyber attack
Iranian President Raisi’s Speech Briefly Hacked On 44th Anniversary Of Islamic Revolution
Irish university confirms data posted on darkweb after cyber attack
Munster Technological University (MTU) data appears on dark web after cyber attack
NameCheap's email hacked to send Metamask, DHL phishing emails
Phishing scam scares users into sharing Facebook passwords
Ransomware attacks hit US courts, European universities
Reddit hacked in sophisticated, highly-targeted phishing attack
Seoul Sanctions North Korea Over Crypto Theft
The number of reported ransomware attacks in Calgary fell 41% last year Pipa News
Using the blockchain to prevent data breaches
Your online transaction may be a scam