DAILY NEWS: Fevereiro (05/02 - 18/02) - 07 Semana de 2023
Dia a Dia da Segurança da Informação !!!
Cyber Security and Information Security News
Daily Updates !! Weekly Review

18/02
Addressing Cybersecurity Concerns During the Grid Modernization Process
Águas do Porto foi alvo de ataque ransomware
Beware Fake Disney Plus Emails That Steal Your Bank Information
CGU investiga suspeita de ação hacker em cartão de vacinação de Bolsonaro
Crypto investors under attack by new malware, reveals Cisco Talos
Cybersecurity: What can you do to reduce your risk of an online attack?
Data Breach: FBI Admits ‘Malicious Cyber Incident’ on Its Computer Network
German airport websites hit by suspected cyber attack
Gloucester’s GL1 leisure centre still suffering from city council cyber attack fallout
GoDaddy discloses a new data breach
GoDaddy Discloses Multi-Year Security Breach Causing Malware Installations and Source Code Theft
Hackers Ran Amok Inside GoDaddy for Nearly 3 Years
New WhiskerSpy malware delivered via trojanized codec installer
Oops! ‘Phishing’ scam cost small Ohio city $219,000, finance director his job
Queen’s updates cybersecurity measures to protect data
Smishing, vishing and whaling: How phishing scams are evolving
SMS-Based 2FA Will Be Limited to Twitter Blue Users
Spain Orders Extradition of British Alleged Hacker to U.S.
Suspeita de atividade hacker em cartão de vacina de Bolsonaro é investigada
The Feds Are Launching a Hack Back Squad
Threats in the cyberspace: Critical systems at risk
Top cybersecurity trends small businesses should be paying attention to this year
Twitter Limits SMS-Based 2-Factor Authentication to Blue Subscribers Only
Twitter will allow using the SMS-based two-factor authentication (2FA) only to its Blue subscribers
UK: Lancashire County Council has referred itself following a data breach
U.K.: NHS call center advisor found guilty of accessing medical records illegally
Unintended riot: Leading games manufacturer struck by ransomware
Vishing on phishing: messenger users will face a sharp increase in fraud
Weeklong ransomware attack on Oakland government drags on
What Role Does Mathematics Play In Cybersecurity? Check These Examples
17/02
2 Orgs Reach Settlements to Resolve Healthcare Data Breach Lawsuits
5 key cybersecurity trends for 2023
A consumer data leak involving Money Lover brings cybersecurity front and center for FIs
Admins, patch your Cisco enterprise security solutions! (CVE-2023-20032)
Aker Solutions continues to tackle Brazil cyber attack
Armenia and Azerbaijan Hackers Use OxtaRAT to Monitor Conflict
Armenian Entities Hit by New Version of OxtaRAT Spying Tool
As cybersecurity gaps grow, consolidation takes on new meaning for hybrid cloud
Atlassian Data Breach, Company Info Stolen From Third-Party App
Authorities break up gang responsible for €38 million CEO fraud
Belgium institutes nationwide vulnerability disclosure policy
Bing Chat's secret modes turn it into a personal assistant or friend
Building trust in IoT ecosystems: A privacy-enhancing approach to cybersecurity
Can Automation Replace People? 8 Key Roles Humans Play in Cybersecurity
CISA adds Cacti, Office, Windows and iOS bugs to its Known Exploited Vulnerabilities Catalog
Cisco fixed critical RCE bug in ClamAV Open-Source Antivirus engine
Cloud Infrastructure Used By WIP26 For Espionage Attacks on Telcos
Critical RCE Vulnerability Discovered in ClamAV Open Source Antivirus Software
Cryptocurrency stolen by N.Korean hackers seized in Norway
Cybercriminals Use Havoc Post-Exploitation Framework in Attack Campaigns
Cybersecurity budgets to increase by 22% over 3 years, says Kaspersky
Cybersecurity Collaborative Targets Open-Source Software
Cybersecurity jobs remain secure, despite recession fears
Data Breach Reported At Mount Pleasant Central School District
Data Leak Hits Thousands of NHS Workers
Data exposed in Des Moines schools ransomware attack that disrupted district
Digital Vigilance – Is Your Business Properly Protected Online?
DNA Testing Company Settles After Major Data Breach
EU Cybersecurity Agency Warns Against Chinese APTs
European Cyber Agencies Warn of Chinese Espionage Threat
Evolving Threat Landscape Leading to Cybersecurity Pro “Burnout,” Study Says
Experts Warn of RambleOn Android Malware Targeting South Korean Journalists
FBI detects, contains cyber attack on New York office: News reports
FBI is investigating a cybersecurity incident on its network
Firm Fined £200K For "Exploitative" Call Campaign
Five easy steps to keep your smartphone safe from hackers
For the Many, One: MSP Cybersecurity Considered
Fortinet fixes critical RCE flaws in FortiNAC and FortiWeb
Fortinet fixes critical vulnerabilities in FortiNAC and FortiWeb
German airport websites hit by DDos attacks once again
GoDaddy: Hackers stole source code, installed malware in multi-year breach
Google Ads Spreads FatalRAT Malware, Disguised As Popular Apps
Google Report Reveals Russia's Elaborate Cyber Strategy in Ukraine
Hacker group “Anonymous Sudan” claims major cyber attack on Scandinavian airline SAS
Hackers Fake Emsisoft Certificate to Hide Attack
Hackers usam anúncios do Google para espalhar malware FatalRAT disfarçado de aplicativos populares
Highmark notifies members of data breach related to malicious email phishing campaign
How hackers can cause physical damage to bridges
Indigo launches temporary website – for browsing only – after cybersecurity incident
Introducing Security Insights and Actions for Serverless-Centric Apps
Lancashire County Council has referred itself following a data breach
Lessons to be learnt from Royal Mail ransomware attack
MKS Instruments, Inc. Files Notice of Data Breach Affecting Current and Former Employees
Moroccan News Agency MAP Target of DDoS Cyber Attack
Multi-Cloud Strategy is Appealing, but Security Confidence Lags
Nation-State Actors and Cyberattacks in the Emerging 5G Ecosystem
Navigating the ever-changing landscape of digital security solutions
New AI wave will find uses and abuses in cybersecurity
New Mirai Botnet Variant 'V3G4' Exploiting 13 Flaws to Target Linux and IoT Devices
Norway finds a way to recover crypto North Korea pinched in Axie heist
Norwegian police recover $5.8M crypto from massive Axie Infinity hack
Oakland City Declares State of Emergency Following Ransomware Attack
OAS and Cisco conclude second Meeting of the Cybersecurity Innovation Councils
Oficial do FBI alerta estados dos EUA sobre ameaça de hackers chineses
Open Systems Launches MXDR Service Leveraging Microsoft AI
PayPal Scammers Using Legitimate Accounts to Send Phishing Invoices
Privacy in the US workplace – a rapidly changing landscape
Reducing the Risk of Severe Data Breaches
Report Found 98% Of Organizations Partner With Breached Third Parties
SideWinder Behind Govt Phishing Spree Across the East
Solving the cybersecurity puzzle
The Five Important Moments In History That Shaped The Modern Cybersecurity Landscape
UK NCSC Launches Recommendations on Supply Chain Mapping
Understanding Zero-Day Vulnerabilities and the Clop Ransomware Fallout
XIoT vendors get serious about security, devote resources to protect cyber-physical systems
Zero Trust Presents 'Doable' Cybersecurity Goals, State Department's CIO Says
Wealth management leader Succession Wealth investigating a cyber attack
West Lothian cancer patient slams NHS Lothian for 'inappropriate' data breach
Women are an untapped resource in cybersecurity
16/02
10 Dangerous Apps You Don't Want to Find On Your Kid's Phone
A major global chipmaking supplier claims an employee stole manufacturing secrets
Application and cloud security is a shared responsibility
Atlassian says recent data leak stems from third-party vendor hack
Audit: MySejahtera Data Breach Affected Three Million Users
BEC Groups Target Firms With Multilingual Impersonation Attacks
Breaking the Security "Black Box" in DBs, Data Warehouses and Data Lakes
Burton Snowboards cancels online orders after 'cyber incident'
California medical groups; Pepsi experience data breaches
Challenging cost misconceptions in STEM education
ChatGPT Empowers Millions of Potential Cyberattackers
CISA’s Recognition of Security Control Validation is a Major Milestone
CISA warns of Windows and iOS bugs exploited as zero-days
City of Oakland Declares State of Emergency After Ransomware Attack
Conheça os mais procurados hackers do mundo cibernético
Crypto giant Binance moved $400 million from U.S. partner to firm managed by CEO Zhao
Cryptocurrency users in the US hit by ransomware and Clipper malware
Denying hackers a pay day will break the ransomware business model
ESXiArgs Ransomware Hits Over 500 New Targets in European Countries
Expected advancements in quantum cryptography
Experts Warn of Surge in Multipurpose Malware
Fraudsters are using machine learning to help write scam emails in different languages
Golpe do Instagram: hackers copiam perfis de mulheres para vender pornografia
Google Ads drop FatalRAT malware from fake messenger, browser apps
Hacker que clonava cartões bancários apanhado pela PJ a comprar relógios
Hackers backdoor Microsoft IIS servers with new Frebniis malware
Hackers Leverage PayPal to Send Malicious Invoices
Hackers Using Google Ads to Spread FatalRAT Malware Disguised as Popular Apps
Helping users and organizations build an instinctive data privacy habit
High-risk users may be few, but the threat they pose is huge
How SQL Server Temp Tables Work
Hyundai and Kia to patch a flaw that allows the theft of the cars with a USB cable
Microsoft: February updates break some Windows Server 2022 VMs
Mirai Variant V3G4 Exploiting IoT Devices for DDoS Attacks
New MortalKombat ransomware employed in financially motivated campaign
New Threat Actor WIP26 Targeting Telecom Service Providers in the Middle East
Nice Try Tonto Team: How a nation-state APT attempted to attack Group-IB
Over 500 ESXiArgs Ransomware infections in one day, but they dropped the day after
Perceived Cloud Security vs. Reality: Test Yourself
Private Data Breach Litigation Comes of Age
Quarter of Crypto Tokens Linked to Pump-and-Dump
Researchers Hijack Popular NPM Package with Millions of Downloads
Researchers Link SideWinder Group to Dozens of Targeted Attacks in Multiple Countries
Researchers Warn of Critical Security Bugs in Schneider Electric Modicon PLCs
Scandinavian Airlines says cyberattack caused passenger data leak
The US Government’s Open Source Security Policy Discussed
The war in Ukraine has shaken up the cybercriminal ecosystem, Google says
UK Policing Riddled with Chinese CCTV Cameras
US, UK Join Forces to Sanction Trickbot Leaders
What Is Google's New Privacy Sandbox for Android and How Can You Join the Beta?
What is the tokenization process and why it is so important?
15/02
7 Email Security Mistakes You're Making (and How to Fix Them)
10 signs that scammers have you in their sights
A Pentester’s Guide to Strengthening Your Cloud Security Defenses
A10 Networks loses sensitive corporate data to a Play ransomware attack
AdSense fraud campaign relies on 10,890 sites that were infected since September 2022
Advent Health settles data breach suit for $500K
Aker Solutions’ Brazilian arm becomes a victim of cyber attack
Attack surface management (ASM) is not limited to the surface
Beep, a new highly evasive malware appeared in the threat landscape
Binance and Huobi freeze $1.4M in crypto linked to North Korean hackers
China Courier Shares Dip After Alleged Massive Data Breach
Chinese hacker ‘Xiao Qi-ying’ attacks 5 more domestic servers… KISA “Checking the hacking path”
Citrix fixes severe flaws in Workspace, Virtual Apps and Desktops
City of Oakland declares state of emergency after ransomware attack
Combining identity and security strategies to mitigate risks
Community Health Systems data breach caused by GoAnywhere MFT hack
CompSource Mutual Insurance Company Reports Data Breach Affecting Thousands of Claimants
Controller-level flaws can let hackers physically damage moving bridges
Crypto-Stealing Campaign Deploys MortalKombat Ransomware
Cyber-Attack Hits Greece’s ‘Documento’ After Report on Fraudster’s Wife
Cyber Warfare & National Cybersecurity in the 21st Century: Five Key Takeaways
'Cybercriminal, Cheat' Russian Hacker Guilty Of Boston Stock Conspiracy: Feds
Data protection regulations aren’t enough to safeguard your data
Defending against attacks on Azure AD: Goodbye firewall, hello identity protection
Developing a successful cyber resilience framework
Does Poor Cybersecurity Affect Healthcare?
Electromed Proposes $825,000 Class Action Data Breach Settlement
Emsisoft says hackers are spoofing its certs to breach networks
Experts Warn of 'Beep' - A New Evasive Malware That Can Fly Under the Radar
Financially Motivated Threat Actor Strikes with New Ransomware and Clipper Malware
Four cyber attack trends that mustn’t slip under your radar
Google Rolling Out Privacy Sandbox Beta on Android 13 Devices
Health data of 4,000 Garrison Women’s Health patients exposed in third-party security incident
How Can Forex Brokers Deal with Data Breaches?
How Vital is Threat intelligence Data to a Successful Cyber Strategy?
Hyundai, Kia patch bug allowing car thefts with a USB cable
Indigo Still Offline In Suspected Cyber Attack
Investigators uncover crypto scammers baiting ‘phish’ hooks on YouTube
Italy’s cyber sleuths warn of global hacking attack
January’s ‘Most Wanted’ malware
LG U+ made contact with hacker group claiming data theft
LockBit and Royal Mail Ransomware Negotiation Leaked
Management, lack of money blamed for poor cybersecurity at Canadian hospitals
Meriplex Communications Announces Data Breach Affecting Malaga Bank Customers
Microsoft fixes three zero-days in its 75-flaw February Patch Tuesday
Microsoft Patches Three Zero-Day Bugs This Month
Mobile pharmacy data breach affects 66,372 patients, including at Banner Health
Mount Saint Mary College Reports Data Breach Affecting 17,924 Students and Employees
New MortalKombat Ransomware Attack Aiming for Crypto Wallets
North Korea's APT37 Targeting Southern Counterpart with New M2RAT Malware
PHI Compromised in 4 Recent Ransomware and Malware Attacks
Philadelphia Orchestra Suffers Cyber-Attack
Ransomware attack causes Oakland to declare local state of emergency
Ransomware gang uses new zero-day to steal data on 1 million patients
Regular Pen Testing Is Key to Resolving Conflict Between SecOps and DevOps
Russian hacker convicted of $90 million hack-to-trade charges
SAS App and Website Hit as Attacks Target Swedish Firms
Scandinavian Airlines hit by cyberattack, ‘Anonymous Sudan’ claims responsibility
Secure 5G Networks Key for Business and Society
SideWinder APT Attacks Regional Targets in New Campaign
The Cyber Risks Of Scaling: How To Secure Your Expanding Attack Surfaces
The end of passwords as we know it: Why experts say the future of security is passwordless
The four most intriguing cyberattacks of 2022
The return of ICEFALL: Two critical bugs revealed in Schneider Electric tech
The Rise of Cybercrime: Understanding Hacking Basics and Protecting Your Online Activities
The risks and benefits of starting a vCISO practice
Threat Analysis: VMware ESXi Attacks Soared in 2022
Update Now: iOS Devices Receive Vital Security Updates from Apple
Update Now: Microsoft Releases Patches for 3 Actively Exploited Windows Vulnerabilities
What’s known about the ESXiArgs ransomware hitting VMware servers
Will Cyber Insurance Cover Nation-State Attacks in 2023?
14/02
1Password is saying goodbye to passwords in favor of passkeys. Here's why
A CISOs Practical Guide to Storage and Backup Ransomware Resiliency
Accenture Acquires Brazil-Based Cybersecurity Firm Morphus
Accenture acquires cybersecurity company Morphus
Actionable intelligence is the key to better security outcomes
Adsense abused: 11,000 sites hacked in a backdoor attack
Apple fixes actively exploited WebKit zero-day in iOS, macOS (CVE-2023-23529)
Apple fixes the first zero-day in iPhones and Macs this year
ChatGPT and more: What AI chatbots mean for the future of cybersecurity
Chinese Hackers Infiltrate South American Diplomatic Networks
Chinese Hackers Targeting South American Diplomatic Entities with ShadowPad
Cloudflare blocked record-breaking 71 million request-per-second DDoS attack
Cloudflare Stops Largest HTTP DDoS Attack on Record
Cyber Attacks Rise by 79%, says Report
Cybersecurity guide outlines growing threat
Cybersecurity High-Risk Series: Challenges in Protecting Privacy and Sensitive Data
Enigma info-stealing malware targets the cryptocurrency industry
Eurostar forces 'password resets' — then fails and locks users out
Expert warns Irish universities to ‘urgently’ review cybersecurity after MTU data leaked on dark web
Experts discover over 451 clipper malware-laced packages in the PyPI repository
Financial cybersecurity expert to speak at UB
Get hired in cybersecurity: Expert tips for job seekers
Goldman Sachs says buy Palo Alto Networks as the cybersecurity company diversifies its business
Google Vertex AI Vision: Revolutionizing E-Commerce?
Hackers Breach Pepsi Bottling Ventures' Network
Healthcare giant CHS reports first data breach in GoAnywhere hacks
How companies can minimize the cybersecurity risk from their tech vendors
How to Close the Cybersecurity Skills Gap: Collaboration, Creativity, and Education
How to Tackle Cybersecurity Threats with a Risk-Based Approach
Indigo website still offline nearly 1 week after cybersecurity incident
Malware that can do anything and everything is on the rise
Massive AdSense Fraud Campaign Uncovered - 10,000+ WordPress Sites Infected
Massive HTTP DDoS Attack Hits Record High of 71 Million Requests/Second