top of page

DAILY NEWS: Fevereiro/Março (26/02 - 04/03) - 09 Semana de 2023

Dia a Dia da Segurança da Informação !!! Cyber Security and Information Security News --- Daily Updates !! Weekly Review

04/03


13% das empresas ainda correm risco de ataque de ransomware em massa


BidenCash leaks 2.1M stolen credit/debit cards


Blackburn with Darwen Council set for cyber attack data disaster


Brazilian construction giant Andrade Gutierrez suffers major data breach


Chick-fil-A announces app data breach, tells customers how to protect personal information


Chinese tech giant to invest over $300 million in Africa's data center and cyber security market


City of Modesto to notify people whose people information was accessed in last month’s ransomware attack


Cyber security expert's latest tips on how to avoid hard-to-spot scams


Cybersecurity Is Becoming A Priority For GCC Nations


Cybersecurity Threat: Oakland Falls Victim to Ransomware Attack by Play Ransomware Group


Equipe de metaverso de criptomoeda alerta para incidente de segurança


Hacker stole bank account, Social Security numbers, and health plan info of Colorado school district employees


HSE warns 52,000 people over data stolen in cyber attack but THOUSANDS still to be contacted


Israel and Cyber Security: 2023 Forecast


Medicare under attack: Healthcare data breaches increase fraud risks


New FiXS ATM Malware Targeting Mexican Banks


New TPM 2.0 flaws could let hackers steal cryptographic keys


PayPal Sued Over Data Breach that Impacted 35,000 users


Preventing data breaches


Protocolo Launch Zone pede que usuários revoguem contratos após ataque


Ransomware attacks more common across the country


Ransomware gang leaks data stolen from City of Oakland


Security and IT Teams No Longer Need To Pay For SaaS-Shadow IT Discovery


SIEM platform helps proactive cyber security strategy


Tennessee State, Southeastern Louisiana universities hit with cyberattacks


The Chautauqua Center notifies patients of breach; changes EMR provider


Top 10 High-in-Demand Cybersecurity Jobs in 2023


Top 10 Use Cases of ChatGPT in IT Departments


Viasat strengthens network security posture for enterprises with Trusted Cybersecurity Services


What is Data Engineering? Challenges Faced by Data Engineers


03/03


6 Top Targeted Industries for Cyber Attacks


8.7% of users encountered phishing attacks in Africa in 2022, global number of attacks exceeds 500mln


Aloha Nursing Rehab Centre Reports 2022 Data Breach Affecting More Than 20k Patients


Apple Fixes Exploitable Zero-Day Vulnerability


At Least 30% of "Cyber-Criminals" Are Women: Report


Attackers are developing and deploying exploits faster than ever


Authorization Oversight: The Data Security Pitfall Keeping You at Risk


Be careful if you open a QR with your mobile! They are stealing passwords with that simple gesture


Beware of fake CEOs: Report warns against rising phishing scams


BidenCash market leaks over 2 million stolen credit cards for free


Chick-fil-A: 71,000 customers had financial information stolen during cyberattack


Chinese Hackers Targeting European Entities with New MQsTTang Backdoor


Chip supplier reports $200M revenue hit after ransomware attack halted operations


CISA Warns Against Royal Ransomware in New Advisory


Cyber Attack Breaches Sun Pharma Systems; Firm Isolates Affected Assets


Cybercrime site shows off with a free leak of 2 million stolen card numbers


Death By Social Media: Are TikTok and WeChat Easy Marks for Attackers?


DeFi perdeu US$ 20 milhões em ataques hacker durante fevereiro


Deposit Theft And Phishing Emails Among The Casino Scams To Be Aware Of


Dish Network Finally Acknowledges Huge Hack After Days Of Not Answering Questions


Environmental Protection Agency (EPA) takes steps to address cybersecurity weaknesses at water utilities


Expert tips to avoid broadband scams


Experts Warn of "SMS Pumping" Fraud Epidemic


FBI and CISA warn of increasing Royal ransomware attack risks


Five tips for maximizing data security and ensuring HIPAA compliance


Frankenstein malware stitched together from code of others disguised as PyPI package


Gemini assures customers of secure accounts despite third-party breaches


Hackers Can Turn Bing's AI Chatbot Into a Convincing Scammer, Researchers Say


Hackers use phishing, malware to target job seekers amid layoffs


How to detect and prevent Royal Ransomware attack ?


Incentives and threats: How to avoid scammers ‘phishing’ for money, personal information


Incident of the Week: US Marshals Service suffers ransomware attack


Known Vulnerabilities Drove Most Cyberattacks in 2022


LockBit has published the data stolen in La Segunda: there are judicial files, expert reports and medical data


New Backdoor MQsTTang Attributed to Mustang Panda Group


New Flaws in TPM 2.0 Library Pose Threat to Billions of IoT and Enterprise Devices


New White House cyber strategy picks a fight with ransomware


Oakland officials say ransomware group may release personal data on Saturday


Organizations Struggle With CCPA, CPRA, GDPR Compliance


Over 50% of personal devices were exposed to a mobile phishing attack


PayPal Pixel Scam Email Explained


Play ransomware claims disruptive attack on City of Oakland


Prepare For The AI Phishing Onslaught


Preparing employees to win the battle against social engineering


Ransomware hackers stole city of Oakland files, plan to leak sensitive data


Return of Blind Eagle in a Phishing Operation against Colombian Industries


Scam Alert! 'Your HDFC account will be closed today': HDFC customers receive fraudulent messages from scammers


Settlement Reached in Preferred Home Care Data Breach Lawsuit


Suspected hacker attack on Rome municipality website


Tenable Research Reveals APAC at the Epicentre of Global Data Breach Incidents in 2022


The Dangerous Role Personal Email Plays In Account Takeovers


The role of human insight in AI-based cybersecurity


'This War Exists in Cyberspace': How the Russia-Ukraine War Led to the National Cyber Strategy


U.S. Cybersecurity Agency Raises Alarm Over Royal Ransomware's Deadly Capabilities


U.S. unveils new cybersecurity strategy with tighter regulations


Vulnerabilities of years past haunt organizations, aid attackers


Zero Transfer Scammer Steals $2M from Crypto User; Here’s How to Avoid It


What Is Phishing-Resistant MFA and How Can You Implement It?


What is spear phishing and how it’s used to dupe even professionals


White House cybersecurity strategy stresses software safety


02/03


1Password is looking to a password-free future. Here’s why


2023 Browser Security Report Uncovers Major Browsing Risks and Blind Spots


Albania Must up its Game to Meet Growing Cybersecurity Challenges


API Security Flaw Found in Booking.com Allowed Full Account Takeover


Após ataque hacker, Prefeitura de São Sebastião do Caí consegue pagar funcionários


Attackers increasingly using transfer.sh to host malicious code


Best and worst data breach responses highlight the do's and don'ts of IR


BlackLotus UEFI bootkit disables Windows security mechanisms


British retail chain WH Smith says data stolen in cyberattack


Businessman convicted of Experian data breach skips sentencing, court issues warrant for his arrest


CISA releases free ‘Decider’ tool to help with MITRE ATT&CK mapping


Cisco fixed a critical command injection bug in IP Phone Series


Clientes ficam sem internet após operadoras do RJ sofrerem ataques hacker


Critical Flaw in Cisco IP Phone Series Exposes Users to Command Injection Attack


Cyber resilience in focus: EU act to set strict standards


Cyber security is an asset customers trust


Cyber Security Market Exhibits 13.4% CAGR to Hit USD 376.32 Billion by 2029


Don’t be fooled by a pretty icon, malicious apps hide in plain sight


Experts Identify Fully-Featured Info Stealer and Trojan in Python Package on PyPI


FACT SHEET: Biden-⁠Harris Administration Announces National Cybersecurity Strategy


Google Workspace admins can now use client-side encryption on Gmail and Calendar


Hackers Exploit Containerized Environments to Steals Proprietary Data and Software


Hackers invadem sistemas do GDF de olho em dados da Educação e dos bombeiros


HHS OCR creates new HIPAA enforcement arm and enhances focus on cybersecurity and privacy oversight


High street giant WH Smith has been hit by cyber attack as hackers access company data including info on past and current staff


ICO Calls for Review into Private Message Use by Ministers


Life with GDPR - Russian Cyber Attack Gangs Sanctioned


Major Phishing Campaign Targets Trezor Crypto Wallets


Matt Hancock leaked Whatsapps not ‘matter’ for data breach inquiry, says regulator


Medibank data breach: third-party IT provider’s stolen credentials used by hackers


Minneapolis Public Schools systems restored, no ransom paid


Moving target defense must keep cyber attackers guessing


Nearly 800 people affected by possible data breach during College of the Desert malware attack last summer


New Cryptojacking Campaign Leverages Misconfigured Redis Database Servers


ProtonVPN launches extensions for Chrome and Firefox browsers


Retail Giant WH Smith Cyberattack – Employee Data Stolen


Roma suspeita de novo ataque hacker contra site do governo


Russian Government Bans Foreign Messaging Apps


Summa Equity buys majority stake in cybersecurity company Logpoint


Sun Pharma reports ‘information security incident’


SysUpdate Malware Strikes Again with Linux Version and New Evasion Tactics


The Biden-Harris Administration’s National Cybersecurity Strategy


Threat actors target law firms with GootLoader and SocGholish malware


TMS Ep380: Rise of Jio, cyber security, consumer appliances, passive funds


Uncovering the most pressing cybersecurity concerns for SMBs


Unpacking Recent Government TikTok Bans


US government puts cybersecurity at forefront with newly announced National Strategy


Virtual Infosec, LogRhythm partnership good for businesses – Cyber security boss


WH Smith Discloses Cyber-Attack, Company Data Theft


WH Smith Targeted in Cyber Security Incident, Accessing Employee Data


What the ADPPA Could Mean for Mid-Market Businesses and Startups


White House Launches National Cybersecurity Strategy


White House National Cybersecurity Strategy: Software Firms Liable for Breaches


White House releases new U.S. national cybersecurity strategy


Why cybersecurity education is important in Ohio


Why healthcare providers are focusing on cyber resilience


01/03


5 open source Burp Suite penetration testing extensions you should check out


A modern-day look at AppSec testing tools


Are You Prioritizing Digital Identity Management?


Arm of global cyber security firm NCC Group valued at £240m as sell-off tipped


Attacker Breakout Time Drops to Just 84 Minutes


BlackLotus Becomes First UEFI Bootkit Malware to Bypass Secure Boot on Windows 11


Breaking: College investigating impacts of data breach at third-party ticket vendor


CIS Hardened Images List


CISA Shares Advice to Improve Networks' Monitoring and Hardening


Cisco patches critical Web UI RCE flaw in multiple IP phones


CISOs Are Stressed Out and It's Putting Companies at Risk


Covert cyberattacks on the rise as attackers shift tactics for maximum impact


Cyber Security Incidents Impact Data Breach Risk


Cyber Security Risks In Real Estate


Cybercriminals Targeting Law Firms with GootLoader and FakeUpdates Malware


Developers can make a great extension of your security team


Dish Network Confirms Ransomware Outage


Dormant accounts are a low-hanging fruit for attackers


DNS abuse: Advice for incident responders


GitHub’s secret scanning alerts now available for all public repos


Gmail and Google Calendar Now Support Client-Side Encryption (CSE) to Boost Data Privacy


Google Gmail client-side encryption is available globally


Google is expanding this 'next level' encryption to more Gmail users


Google Workspace Adds Client-Side Encryption to Gmail and Calendar


Hacker que roubou R$ 120 milhões em criptomoedas anuncia “aposentadoria”


Hospital board to proceed with approximate $2.5 million cyber security upgrade


How to Secure a VM in a Cloud Computing Environment


How to Prevent Callback Phishing Attacks on Your Organization


ICSS Wins Best Cyber Security Company Award


Investidores perdem mais de R$ 50 milhões em ataque hacker a carteiras cripto


Iron Tiger hackers create Linux version of their custom malware


LastPass Devs Were Phished for Credentials


LastPass: hacker invadiu PC de funcionário e roubou cofre


Looking Back at the Mega Breaches Trends of 2022


Microsoft Exchange Online outage blocks access to mailboxes worldwide


Microsoft fixes bug behind apps not installing during provisioning


Multi-Year Spearphishing Campaign Targets the Maritime Industry Likely for Financial Gain


NCSA, representatives of state agencies discuss draft national cyber security strategy


Parallax RAT Targeting Cryptocurrency Firms with Sophisticated Injection Techniques


Parallax RAT used in attacks aimed at cryptocurrency entities


Prevention, recovery and resilience: The blueprint for school cyber security


Provedores de internet do RJ sofrem ataques DDoS e clientes ficam sem conexão


Public SaaS Assets Are a Major Risk For Medium, Large Firms


Record Number of Mobile Phishing Attacks in 2022


Researchers Release MortalKombat Ransomware Decryptor


Russia bans private messaging apps owned by foreign entities


Satellite TV giant Dish admitted that the recent outage was caused by a ransomware attack


Top 10 Open Source Software Risks of 2023


Twitter is down with users seeing "Welcome to Twitter" screen


What is Cross-Site Scripting (XSS)? Types of XSS, Examples, and Patching Best Practices


White House Bans TikTok on Federal Devices


Why in 2023 Software Teams Should Care About Biden’s 2021 Cybersecurity Act


28/02


10 US states that suffered the most devastating data breaches in 2022


26.6 million login credentials obtained by cybercriminals since 2018


2023 SonicWall Cyber Threat Report Casts New Light on Shifting Front Lines, Threat Actor Behavior


Another Texas school district with a data breach?


Application Security vs. API Security: What is the difference?


APT-C-36 Strikes Again: Blind Eagle Hackers Target Key Industries in Colombia


Ataque hacker causa alarme falso na Rússia


Ataques por telefone e phishing MFA tiveram alta em 2022


Bitdefender Releases Free Decryptor for MortalKombat Ransomware Strain


BNP Paribas Personal Finance procura CISO


Can a Cybersecurity Awareness Course Keep You Safe Online?


ChatGPT fica fora do ar em todo o mundo, mas hack é descartado


Chatbot Wars and the Battle Between Good and Evil


CISA adds ZK Java Web Framework bug to Known Exploited Vulnerabilities Catalog


CISA Issues Warning on Active Exploitation of ZK Java Web Framework Vulnerability


CISA warns of hackers exploiting ZK Java Framework RCE flaw


Cisco adquire startup para reforçar segurança multicloud


Combatting Zero Trust fatigue: 5 ways federal agencies can shift from buzzword to action


Cybersecurity e Burnout: A importância de proteger a saúde mental dos profissionais


Dish Network confirms ransomware attack behind multi-day outage


Each Payment to Ransomware Attackers Subsidizes Nine Future Attacks


Expert strategies for defending against multilingual email-based attacks


Experts Spot Half a Million Novel Malware Variants in 2022


Fake ROBLOX and Nintendo game cracks drop ChromeLoader malware


February's M&A News Roundup


Golpes envolvendo criptoativos somaram US$ 20 bi em 2022


Google: Gmail client-side encryption now publicly available


Hackers Claim They Breached T-Mobile More Than 100 Times in 2022


It only takes one over-privileged identity to do major damage to a cloud


Known Vulnerabilities Pose Greatest Threat to Organizational Security


LastPass breach: Hacker accessed corporate vault by compromising senior developer’s home PC


LassPass breach: Hackers put malware on engineer's home computer to steal their password


LastPass Data Stolen in August 2022 Breach Used For December Attack


LastPass Reveals Second Attack Resulting in Breach of Encrypted Password Vaults


London Honeypots Attacked 2000 Times Per Minute


Microsoft Phone Link can now sync your iPhone with Windows 11


Mind these five mistakes when responding to infosec threats


New EX-22 Tool Empowers Hackers with Stealthy Ransomware Attacks on Enterprises


New MortalKombat ransomware decryptor recovers your files for free


Nine Danish hospital websites suffer cyberattack from ‘Anonymous Sudan’


Online ticket platform reports cyber incident


Phone Attacks and MFA Bypass Drive Phishing in 2022


Privileged access: Understanding security inside out


Proofpoint’s 2023 State of the Phish Report: Threat Actors Double Down on Emerging and Tried-and-Tested Tactics to Outwit Employees


Ransomware Attack Hits US Marshals Service


Resecurity identified the investment scam network ‘Digital Smoke’


SCARLETEEL hackers use advanced cloud skills to steal source code, data


Security teams have no control over risky SaaS-to-SaaS connections


Snatch ransom gang claims Ingenico scalp, says analyst


State-sponsored hackers are diversifying tactics, targeting small businesses


The Cybersecurity Hype Cycle of ChatGPT and Synthetic Media


The future of cyber security in financial services


The power of community participation with Faye Francy, Executive Director, Auto-ISAC


Top seven hacks and cyber security threats in APAC


US Gov. Agencies Have 30 Days to Remove TikTok, Canada Follows Suit


US Marshals Service Hit By Major Ransomware Attack


U.S. Marshals Service suffers a ransomware attack


What's the best way to ensure your privacy with a web browser?


Why Hire A Virtual CISO In 2023?


Windows 11 ‘Moment 2’ update released, here are the many new features


27/02


3 Things To Seek In A Managed Security Services Solution


13 Tech Experts Explain Essential Facts About Data Privacy And Data Protection


Absa warns customers of rise in phishing scams


Advanced Health Media Reports Leaked Social Security Numbers Following Recent Data Breach


Alvaria, Inc. Announces Data Breach Following Hive Ransomware Attack


As MedusaLocker ransomware targets RDP, HHS urges brute force defense


Attackers publish Beeline’s Jira database, exposing customers


Australia plans to reform cyber security rules, set up agency


Australia Releases Discussion Paper to Shape Cybersecurity Strategy


Brasil é o segundo país latino-americano que mais sofre ataques cibernéticos


Burton’s Online Store Has Been Shut Down For 2 Weeks Because of a Cyber Attack


ChatGPT is down worldwide - OpenAI working on issues


ChromeLoader Malware Poses as Steam, Nintendo Game Mods


ChromeLoader Malware Targeting Gamers via Fake Nintendo and Steam Game Hacks


CISA director urges tech industry to take responsibility for secure products


CISA Tells Agencies What to Prioritize to Meet Cybersecurity Log Mandate


CISOs repercutem pesquisa do Gartner em que metade dos líderes deixarão o cargo