top of page

DAILY NEWS: Fevereiro/Março (26/02 - 04/03) - 09 Semana de 2023

Dia a Dia da Segurança da Informação !!! Cyber Security and Information Security News --- Daily Updates !! Weekly Review


13% das empresas ainda correm risco de ataque de ransomware em massa

BidenCash leaks 2.1M stolen credit/debit cards

Blackburn with Darwen Council set for cyber attack data disaster

Brazilian construction giant Andrade Gutierrez suffers major data breach

Chick-fil-A announces app data breach, tells customers how to protect personal information

Chinese tech giant to invest over $300 million in Africa's data center and cyber security market

City of Modesto to notify people whose people information was accessed in last month’s ransomware attack

Cyber security expert's latest tips on how to avoid hard-to-spot scams

Cybersecurity Is Becoming A Priority For GCC Nations

Cybersecurity Threat: Oakland Falls Victim to Ransomware Attack by Play Ransomware Group

Equipe de metaverso de criptomoeda alerta para incidente de segurança

Hacker stole bank account, Social Security numbers, and health plan info of Colorado school district employees

HSE warns 52,000 people over data stolen in cyber attack but THOUSANDS still to be contacted

Israel and Cyber Security: 2023 Forecast

Medicare under attack: Healthcare data breaches increase fraud risks

New FiXS ATM Malware Targeting Mexican Banks

New TPM 2.0 flaws could let hackers steal cryptographic keys

PayPal Sued Over Data Breach that Impacted 35,000 users

Preventing data breaches

Protocolo Launch Zone pede que usuários revoguem contratos após ataque

Ransomware attacks more common across the country

Ransomware gang leaks data stolen from City of Oakland

Security and IT Teams No Longer Need To Pay For SaaS-Shadow IT Discovery

SIEM platform helps proactive cyber security strategy

Tennessee State, Southeastern Louisiana universities hit with cyberattacks

The Chautauqua Center notifies patients of breach; changes EMR provider

Top 10 High-in-Demand Cybersecurity Jobs in 2023

Top 10 Use Cases of ChatGPT in IT Departments

Viasat strengthens network security posture for enterprises with Trusted Cybersecurity Services

What is Data Engineering? Challenges Faced by Data Engineers


6 Top Targeted Industries for Cyber Attacks

8.7% of users encountered phishing attacks in Africa in 2022, global number of attacks exceeds 500mln

Aloha Nursing Rehab Centre Reports 2022 Data Breach Affecting More Than 20k Patients

Apple Fixes Exploitable Zero-Day Vulnerability

At Least 30% of "Cyber-Criminals" Are Women: Report

Attackers are developing and deploying exploits faster than ever

Authorization Oversight: The Data Security Pitfall Keeping You at Risk

Be careful if you open a QR with your mobile! They are stealing passwords with that simple gesture

Beware of fake CEOs: Report warns against rising phishing scams

BidenCash market leaks over 2 million stolen credit cards for free

Chick-fil-A: 71,000 customers had financial information stolen during cyberattack

Chinese Hackers Targeting European Entities with New MQsTTang Backdoor

Chip supplier reports $200M revenue hit after ransomware attack halted operations

CISA Warns Against Royal Ransomware in New Advisory

Cyber Attack Breaches Sun Pharma Systems; Firm Isolates Affected Assets

Cybercrime site shows off with a free leak of 2 million stolen card numbers

Death By Social Media: Are TikTok and WeChat Easy Marks for Attackers?

DeFi perdeu US$ 20 milhões em ataques hacker durante fevereiro

Deposit Theft And Phishing Emails Among The Casino Scams To Be Aware Of

Dish Network Finally Acknowledges Huge Hack After Days Of Not Answering Questions

Environmental Protection Agency (EPA) takes steps to address cybersecurity weaknesses at water utilities

Expert tips to avoid broadband scams

Experts Warn of "SMS Pumping" Fraud Epidemic

FBI and CISA warn of increasing Royal ransomware attack risks

Five tips for maximizing data security and ensuring HIPAA compliance

Frankenstein malware stitched together from code of others disguised as PyPI package

Gemini assures customers of secure accounts despite third-party breaches

Hackers Can Turn Bing's AI Chatbot Into a Convincing Scammer, Researchers Say

Hackers use phishing, malware to target job seekers amid layoffs

How to detect and prevent Royal Ransomware attack ?

Incentives and threats: How to avoid scammers ‘phishing’ for money, personal information

Incident of the Week: US Marshals Service suffers ransomware attack

Known Vulnerabilities Drove Most Cyberattacks in 2022

LockBit has published the data stolen in La Segunda: there are judicial files, expert reports and medical data

New Backdoor MQsTTang Attributed to Mustang Panda Group

New Flaws in TPM 2.0 Library Pose Threat to Billions of IoT and Enterprise Devices

New White House cyber strategy picks a fight with ransomware

Oakland officials say ransomware group may release personal data on Saturday

Organizations Struggle With CCPA, CPRA, GDPR Compliance

Over 50% of personal devices were exposed to a mobile phishing attack

PayPal Pixel Scam Email Explained

Play ransomware claims disruptive attack on City of Oakland

Prepare For The AI Phishing Onslaught

Preparing employees to win the battle against social engineering

Ransomware hackers stole city of Oakland files, plan to leak sensitive data

Return of Blind Eagle in a Phishing Operation against Colombian Industries

Scam Alert! 'Your HDFC account will be closed today': HDFC customers receive fraudulent messages from scammers

Settlement Reached in Preferred Home Care Data Breach Lawsuit

Suspected hacker attack on Rome municipality website

Tenable Research Reveals APAC at the Epicentre of Global Data Breach Incidents in 2022

The Dangerous Role Personal Email Plays In Account Takeovers

The role of human insight in AI-based cybersecurity

'This War Exists in Cyberspace': How the Russia-Ukraine War Led to the National Cyber Strategy

U.S. Cybersecurity Agency Raises Alarm Over Royal Ransomware's Deadly Capabilities

U.S. unveils new cybersecurity strategy with tighter regulations

Vulnerabilities of years past haunt organizations, aid attackers

Zero Transfer Scammer Steals $2M from Crypto User; Here’s How to Avoid It

What Is Phishing-Resistant MFA and How Can You Implement It?

What is spear phishing and how it’s used to dupe even professionals

White House cybersecurity strategy stresses software safety


1Password is looking to a password-free future. Here’s why

2023 Browser Security Report Uncovers Major Browsing Risks and Blind Spots

Albania Must up its Game to Meet Growing Cybersecurity Challenges

API Security Flaw Found in Allowed Full Account Takeover

Após ataque hacker, Prefeitura de São Sebastião do Caí consegue pagar funcionários

Attackers increasingly using to host malicious code

Best and worst data breach responses highlight the do's and don'ts of IR

BlackLotus UEFI bootkit disables Windows security mechanisms

British retail chain WH Smith says data stolen in cyberattack

Businessman convicted of Experian data breach skips sentencing, court issues warrant for his arrest

CISA releases free ‘Decider’ tool to help with MITRE ATT&CK mapping

Cisco fixed a critical command injection bug in IP Phone Series

Clientes ficam sem internet após operadoras do RJ sofrerem ataques hacker

Critical Flaw in Cisco IP Phone Series Exposes Users to Command Injection Attack

Cyber resilience in focus: EU act to set strict standards

Cyber security is an asset customers trust

Cyber Security Market Exhibits 13.4% CAGR to Hit USD 376.32 Billion by 2029

Don’t be fooled by a pretty icon, malicious apps hide in plain sight

Experts Identify Fully-Featured Info Stealer and Trojan in Python Package on PyPI

FACT SHEET: Biden-⁠Harris Administration Announces National Cybersecurity Strategy

Google Workspace admins can now use client-side encryption on Gmail and Calendar

Hackers Exploit Containerized Environments to Steals Proprietary Data and Software

Hackers invadem sistemas do GDF de olho em dados da Educação e dos bombeiros

HHS OCR creates new HIPAA enforcement arm and enhances focus on cybersecurity and privacy oversight

High street giant WH Smith has been hit by cyber attack as hackers access company data including info on past and current staff

ICO Calls for Review into Private Message Use by Ministers

Life with GDPR - Russian Cyber Attack Gangs Sanctioned

Major Phishing Campaign Targets Trezor Crypto Wallets

Matt Hancock leaked Whatsapps not ‘matter’ for data breach inquiry, says regulator

Medibank data breach: third-party IT provider’s stolen credentials used by hackers

Minneapolis Public Schools systems restored, no ransom paid

Moving target defense must keep cyber attackers guessing

Nearly 800 people affected by possible data breach during College of the Desert malware attack last summer

New Cryptojacking Campaign Leverages Misconfigured Redis Database Servers

ProtonVPN launches extensions for Chrome and Firefox browsers

Retail Giant WH Smith Cyberattack – Employee Data Stolen

Roma suspeita de novo ataque hacker contra site do governo

Russian Government Bans Foreign Messaging Apps

Summa Equity buys majority stake in cybersecurity company Logpoint

Sun Pharma reports ‘information security incident’

SysUpdate Malware Strikes Again with Linux Version and New Evasion Tactics

The Biden-Harris Administration’s National Cybersecurity Strategy

Threat actors target law firms with GootLoader and SocGholish malware

TMS Ep380: Rise of Jio, cyber security, consumer appliances, passive funds

Uncovering the most pressing cybersecurity concerns for SMBs

Unpacking Recent Government TikTok Bans

US government puts cybersecurity at forefront with newly announced National Strategy

Virtual Infosec, LogRhythm partnership good for businesses – Cyber security boss

WH Smith Discloses Cyber-Attack, Company Data Theft

WH Smith Targeted in Cyber Security Incident, Accessing Employee Data

What the ADPPA Could Mean for Mid-Market Businesses and Startups

White House Launches National Cybersecurity Strategy

White House National Cybersecurity Strategy: Software Firms Liable for Breaches

White House releases new U.S. national cybersecurity strategy

Why cybersecurity education is important in Ohio

Why healthcare providers are focusing on cyber resilience


5 open source Burp Suite penetration testing extensions you should check out

A modern-day look at AppSec testing tools

Are You Prioritizing Digital Identity Management?

Arm of global cyber security firm NCC Group valued at £240m as sell-off tipped

Attacker Breakout Time Drops to Just 84 Minutes

BlackLotus Becomes First UEFI Bootkit Malware to Bypass Secure Boot on Windows 11

Breaking: College investigating impacts of data breach at third-party ticket vendor

CIS Hardened Images List

CISA Shares Advice to Improve Networks' Monitoring and Hardening

Cisco patches critical Web UI RCE flaw in multiple IP phones

CISOs Are Stressed Out and It's Putting Companies at Risk

Covert cyberattacks on the rise as attackers shift tactics for maximum impact

Cyber Security Incidents Impact Data Breach Risk

Cyber Security Risks In Real Estate

Cybercriminals Targeting Law Firms with GootLoader and FakeUpdates Malware

Developers can make a great extension of your security team

Dish Network Confirms Ransomware Outage

Dormant accounts are a low-hanging fruit for attackers

DNS abuse: Advice for incident responders

GitHub’s secret scanning alerts now available for all public repos

Gmail and Google Calendar Now Support Client-Side Encryption (CSE) to Boost Data Privacy

Google Gmail client-side encryption is available globally

Google is expanding this 'next level' encryption to more Gmail users

Google Workspace Adds Client-Side Encryption to Gmail and Calendar

Hacker que roubou R$ 120 milhões em criptomoedas anuncia “aposentadoria”

Hospital board to proceed with approximate $2.5 million cyber security upgrade

How to Secure a VM in a Cloud Computing Environment

How to Prevent Callback Phishing Attacks on Your Organization

ICSS Wins Best Cyber Security Company Award

Investidores perdem mais de R$ 50 milhões em ataque hacker a carteiras cripto

Iron Tiger hackers create Linux version of their custom malware

LastPass Devs Were Phished for Credentials

LastPass: hacker invadiu PC de funcionário e roubou cofre

Looking Back at the Mega Breaches Trends of 2022

Microsoft Exchange Online outage blocks access to mailboxes worldwide

Microsoft fixes bug behind apps not installing during provisioning

Multi-Year Spearphishing Campaign Targets the Maritime Industry Likely for Financial Gain

NCSA, representatives of state agencies discuss draft national cyber security strategy

Parallax RAT Targeting Cryptocurrency Firms with Sophisticated Injection Techniques

Parallax RAT used in attacks aimed at cryptocurrency entities

Prevention, recovery and resilience: The blueprint for school cyber security

Provedores de internet do RJ sofrem ataques DDoS e clientes ficam sem conexão

Public SaaS Assets Are a Major Risk For Medium, Large Firms

Record Number of Mobile Phishing Attacks in 2022

Researchers Release MortalKombat Ransomware Decryptor

Russia bans private messaging apps owned by foreign entities

Satellite TV giant Dish admitted that the recent outage was caused by a ransomware attack

Top 10 Open Source Software Risks of 2023

Twitter is down with users seeing "Welcome to Twitter" screen

What is Cross-Site Scripting (XSS)? Types of XSS, Examples, and Patching Best Practices

White House Bans TikTok on Federal Devices

Why in 2023 Software Teams Should Care About Biden’s 2021 Cybersecurity Act


10 US states that suffered the most devastating data breaches in 2022

26.6 million login credentials obtained by cybercriminals since 2018

2023 SonicWall Cyber Threat Report Casts New Light on Shifting Front Lines, Threat Actor Behavior

Another Texas school district with a data breach?

Application Security vs. API Security: What is the difference?

APT-C-36 Strikes Again: Blind Eagle Hackers Target Key Industries in Colombia

Ataque hacker causa alarme falso na Rússia

Ataques por telefone e phishing MFA tiveram alta em 2022

Bitdefender Releases Free Decryptor for MortalKombat Ransomware Strain

BNP Paribas Personal Finance procura CISO

Can a Cybersecurity Awareness Course Keep You Safe Online?

ChatGPT fica fora do ar em todo o mundo, mas hack é descartado

Chatbot Wars and the Battle Between Good and Evil

CISA adds ZK Java Web Framework bug to Known Exploited Vulnerabilities Catalog

CISA Issues Warning on Active Exploitation of ZK Java Web Framework Vulnerability

CISA warns of hackers exploiting ZK Java Framework RCE flaw

Cisco adquire startup para reforçar segurança multicloud

Combatting Zero Trust fatigue: 5 ways federal agencies can shift from buzzword to action

Cybersecurity e Burnout: A importância de proteger a saúde mental dos profissionais

Dish Network confirms ransomware attack behind multi-day outage

Each Payment to Ransomware Attackers Subsidizes Nine Future Attacks

Expert strategies for defending against multilingual email-based attacks

Experts Spot Half a Million Novel Malware Variants in 2022

Fake ROBLOX and Nintendo game cracks drop ChromeLoader malware

February's M&A News Roundup

Golpes envolvendo criptoativos somaram US$ 20 bi em 2022

Google: Gmail client-side encryption now publicly available

Hackers Claim They Breached T-Mobile More Than 100 Times in 2022

It only takes one over-privileged identity to do major damage to a cloud

Known Vulnerabilities Pose Greatest Threat to Organizational Security

LastPass breach: Hacker accessed corporate vault by compromising senior developer’s home PC

LassPass breach: Hackers put malware on engineer's home computer to steal their password

LastPass Data Stolen in August 2022 Breach Used For December Attack

LastPass Reveals Second Attack Resulting in Breach of Encrypted Password Vaults

London Honeypots Attacked 2000 Times Per Minute

Microsoft Phone Link can now sync your iPhone with Windows 11

Mind these five mistakes when responding to infosec threats

New EX-22 Tool Empowers Hackers with Stealthy Ransomware Attacks on Enterprises

New MortalKombat ransomware decryptor recovers your files for free

Nine Danish hospital websites suffer cyberattack from ‘Anonymous Sudan’

Online ticket platform reports cyber incident

Phone Attacks and MFA Bypass Drive Phishing in 2022

Privileged access: Understanding security inside out

Proofpoint’s 2023 State of the Phish Report: Threat Actors Double Down on Emerging and Tried-and-Tested Tactics to Outwit Employees

Ransomware Attack Hits US Marshals Service

Resecurity identified the investment scam network ‘Digital Smoke’

SCARLETEEL hackers use advanced cloud skills to steal source code, data

Security teams have no control over risky SaaS-to-SaaS connections

Snatch ransom gang claims Ingenico scalp, says analyst

State-sponsored hackers are diversifying tactics, targeting small businesses

The Cybersecurity Hype Cycle of ChatGPT and Synthetic Media

The future of cyber security in financial services

The power of community participation with Faye Francy, Executive Director, Auto-ISAC

Top seven hacks and cyber security threats in APAC

US Gov. Agencies Have 30 Days to Remove TikTok, Canada Follows Suit

US Marshals Service Hit By Major Ransomware Attack

U.S. Marshals Service suffers a ransomware attack

What's the best way to ensure your privacy with a web browser?

Why Hire A Virtual CISO In 2023?

Windows 11 ‘Moment 2’ update released, here are the many new features


3 Things To Seek In A Managed Security Services Solution

13 Tech Experts Explain Essential Facts About Data Privacy And Data Protection

Absa warns customers of rise in phishing scams

Advanced Health Media Reports Leaked Social Security Numbers Following Recent Data Breach

Alvaria, Inc. Announces Data Breach Following Hive Ransomware Attack

As MedusaLocker ransomware targets RDP, HHS urges brute force defense

Attackers publish Beeline’s Jira database, exposing customers

Australia plans to reform cyber security rules, set up agency

Australia Releases Discussion Paper to Shape Cybersecurity Strategy

Brasil é o segundo país latino-americano que mais sofre ataques cibernéticos

Burton’s Online Store Has Been Shut Down For 2 Weeks Because of a Cyber Attack

ChatGPT is down worldwide - OpenAI working on issues

ChromeLoader Malware Poses as Steam, Nintendo Game Mods

ChromeLoader Malware Targeting Gamers via Fake Nintendo and Steam Game Hacks

CISA director urges tech industry to take responsibility for secure products

CISA Tells Agencies What to Prioritize to Meet Cybersecurity Log Mandate

CISOs repercutem pesquisa do Gartner em que metade dos líderes deixarão o cargo