DAILY NEWS: Fevereiro/Março (26/02 - 04/03) - 09 Semana de 2023
Dia a Dia da Segurança da Informação !!! Cyber Security and Information Security News --- Daily Updates !! Weekly Review
04/03
13% das empresas ainda correm risco de ataque de ransomware em massa
BidenCash leaks 2.1M stolen credit/debit cards
Blackburn with Darwen Council set for cyber attack data disaster
Brazilian construction giant Andrade Gutierrez suffers major data breach
Chick-fil-A announces app data breach, tells customers how to protect personal information
Chinese tech giant to invest over $300 million in Africa's data center and cyber security market
Cyber security expert's latest tips on how to avoid hard-to-spot scams
Cybersecurity Is Becoming A Priority For GCC Nations
Cybersecurity Threat: Oakland Falls Victim to Ransomware Attack by Play Ransomware Group
Equipe de metaverso de criptomoeda alerta para incidente de segurança
HSE warns 52,000 people over data stolen in cyber attack but THOUSANDS still to be contacted
Israel and Cyber Security: 2023 Forecast
Medicare under attack: Healthcare data breaches increase fraud risks
New FiXS ATM Malware Targeting Mexican Banks
New TPM 2.0 flaws could let hackers steal cryptographic keys
PayPal Sued Over Data Breach that Impacted 35,000 users
Protocolo Launch Zone pede que usuários revoguem contratos após ataque
Ransomware attacks more common across the country
Ransomware gang leaks data stolen from City of Oakland
Security and IT Teams No Longer Need To Pay For SaaS-Shadow IT Discovery
SIEM platform helps proactive cyber security strategy
Tennessee State, Southeastern Louisiana universities hit with cyberattacks
The Chautauqua Center notifies patients of breach; changes EMR provider
Top 10 High-in-Demand Cybersecurity Jobs in 2023
Top 10 Use Cases of ChatGPT in IT Departments
Viasat strengthens network security posture for enterprises with Trusted Cybersecurity Services
What is Data Engineering? Challenges Faced by Data Engineers
03/03
6 Top Targeted Industries for Cyber Attacks
Aloha Nursing Rehab Centre Reports 2022 Data Breach Affecting More Than 20k Patients
Apple Fixes Exploitable Zero-Day Vulnerability
At Least 30% of "Cyber-Criminals" Are Women: Report
Attackers are developing and deploying exploits faster than ever
Authorization Oversight: The Data Security Pitfall Keeping You at Risk
Be careful if you open a QR with your mobile! They are stealing passwords with that simple gesture
Beware of fake CEOs: Report warns against rising phishing scams
BidenCash market leaks over 2 million stolen credit cards for free
Chick-fil-A: 71,000 customers had financial information stolen during cyberattack
Chinese Hackers Targeting European Entities with New MQsTTang Backdoor
Chip supplier reports $200M revenue hit after ransomware attack halted operations
CISA Warns Against Royal Ransomware in New Advisory
Cyber Attack Breaches Sun Pharma Systems; Firm Isolates Affected Assets
Cybercrime site shows off with a free leak of 2 million stolen card numbers
Death By Social Media: Are TikTok and WeChat Easy Marks for Attackers?
DeFi perdeu US$ 20 milhões em ataques hacker durante fevereiro
Deposit Theft And Phishing Emails Among The Casino Scams To Be Aware Of
Dish Network Finally Acknowledges Huge Hack After Days Of Not Answering Questions
Expert tips to avoid broadband scams
Experts Warn of "SMS Pumping" Fraud Epidemic
FBI and CISA warn of increasing Royal ransomware attack risks
Five tips for maximizing data security and ensuring HIPAA compliance
Frankenstein malware stitched together from code of others disguised as PyPI package
Gemini assures customers of secure accounts despite third-party breaches
Hackers Can Turn Bing's AI Chatbot Into a Convincing Scammer, Researchers Say
Hackers use phishing, malware to target job seekers amid layoffs
How to detect and prevent Royal Ransomware attack ?
Incentives and threats: How to avoid scammers ‘phishing’ for money, personal information
Incident of the Week: US Marshals Service suffers ransomware attack
Known Vulnerabilities Drove Most Cyberattacks in 2022
New Backdoor MQsTTang Attributed to Mustang Panda Group
New Flaws in TPM 2.0 Library Pose Threat to Billions of IoT and Enterprise Devices
New White House cyber strategy picks a fight with ransomware
Oakland officials say ransomware group may release personal data on Saturday
Organizations Struggle With CCPA, CPRA, GDPR Compliance
Over 50% of personal devices were exposed to a mobile phishing attack
PayPal Pixel Scam Email Explained
Play ransomware claims disruptive attack on City of Oakland
Prepare For The AI Phishing Onslaught
Preparing employees to win the battle against social engineering
Ransomware hackers stole city of Oakland files, plan to leak sensitive data
Return of Blind Eagle in a Phishing Operation against Colombian Industries
Settlement Reached in Preferred Home Care Data Breach Lawsuit
Suspected hacker attack on Rome municipality website
Tenable Research Reveals APAC at the Epicentre of Global Data Breach Incidents in 2022
The Dangerous Role Personal Email Plays In Account Takeovers
The role of human insight in AI-based cybersecurity
'This War Exists in Cyberspace': How the Russia-Ukraine War Led to the National Cyber Strategy
U.S. Cybersecurity Agency Raises Alarm Over Royal Ransomware's Deadly Capabilities
U.S. unveils new cybersecurity strategy with tighter regulations
Vulnerabilities of years past haunt organizations, aid attackers
Zero Transfer Scammer Steals $2M from Crypto User; Here’s How to Avoid It
What Is Phishing-Resistant MFA and How Can You Implement It?
What is spear phishing and how it’s used to dupe even professionals
White House cybersecurity strategy stresses software safety
02/03
1Password is looking to a password-free future. Here’s why
2023 Browser Security Report Uncovers Major Browsing Risks and Blind Spots
Albania Must up its Game to Meet Growing Cybersecurity Challenges
API Security Flaw Found in Booking.com Allowed Full Account Takeover
Após ataque hacker, Prefeitura de São Sebastião do Caí consegue pagar funcionários
Attackers increasingly using transfer.sh to host malicious code
Best and worst data breach responses highlight the do's and don'ts of IR
BlackLotus UEFI bootkit disables Windows security mechanisms
British retail chain WH Smith says data stolen in cyberattack
Businessman convicted of Experian data breach skips sentencing, court issues warrant for his arrest
CISA releases free ‘Decider’ tool to help with MITRE ATT&CK mapping
Cisco fixed a critical command injection bug in IP Phone Series
Clientes ficam sem internet após operadoras do RJ sofrerem ataques hacker
Critical Flaw in Cisco IP Phone Series Exposes Users to Command Injection Attack
Cyber resilience in focus: EU act to set strict standards
Cyber security is an asset customers trust
Cyber Security Market Exhibits 13.4% CAGR to Hit USD 376.32 Billion by 2029
Don’t be fooled by a pretty icon, malicious apps hide in plain sight
Experts Identify Fully-Featured Info Stealer and Trojan in Python Package on PyPI
FACT SHEET: Biden-Harris Administration Announces National Cybersecurity Strategy
Google Workspace admins can now use client-side encryption on Gmail and Calendar
Hackers Exploit Containerized Environments to Steals Proprietary Data and Software
Hackers invadem sistemas do GDF de olho em dados da Educação e dos bombeiros
HHS OCR creates new HIPAA enforcement arm and enhances focus on cybersecurity and privacy oversight
ICO Calls for Review into Private Message Use by Ministers
Life with GDPR - Russian Cyber Attack Gangs Sanctioned
Major Phishing Campaign Targets Trezor Crypto Wallets
Matt Hancock leaked Whatsapps not ‘matter’ for data breach inquiry, says regulator
Medibank data breach: third-party IT provider’s stolen credentials used by hackers
Minneapolis Public Schools systems restored, no ransom paid
Moving target defense must keep cyber attackers guessing
New Cryptojacking Campaign Leverages Misconfigured Redis Database Servers
ProtonVPN launches extensions for Chrome and Firefox browsers
Retail Giant WH Smith Cyberattack – Employee Data Stolen
Roma suspeita de novo ataque hacker contra site do governo
Russian Government Bans Foreign Messaging Apps
Summa Equity buys majority stake in cybersecurity company Logpoint
Sun Pharma reports ‘information security incident’
SysUpdate Malware Strikes Again with Linux Version and New Evasion Tactics
The Biden-Harris Administration’s National Cybersecurity Strategy
Threat actors target law firms with GootLoader and SocGholish malware
TMS Ep380: Rise of Jio, cyber security, consumer appliances, passive funds
Uncovering the most pressing cybersecurity concerns for SMBs
Unpacking Recent Government TikTok Bans
US government puts cybersecurity at forefront with newly announced National Strategy
Virtual Infosec, LogRhythm partnership good for businesses – Cyber security boss
WH Smith Discloses Cyber-Attack, Company Data Theft
WH Smith Targeted in Cyber Security Incident, Accessing Employee Data
What the ADPPA Could Mean for Mid-Market Businesses and Startups
White House Launches National Cybersecurity Strategy
White House National Cybersecurity Strategy: Software Firms Liable for Breaches
White House releases new U.S. national cybersecurity strategy
Why cybersecurity education is important in Ohio
Why healthcare providers are focusing on cyber resilience
01/03
5 open source Burp Suite penetration testing extensions you should check out
A modern-day look at AppSec testing tools
Are You Prioritizing Digital Identity Management?
Arm of global cyber security firm NCC Group valued at £240m as sell-off tipped
Attacker Breakout Time Drops to Just 84 Minutes
BlackLotus Becomes First UEFI Bootkit Malware to Bypass Secure Boot on Windows 11
Breaking: College investigating impacts of data breach at third-party ticket vendor
CISA Shares Advice to Improve Networks' Monitoring and Hardening
Cisco patches critical Web UI RCE flaw in multiple IP phones
CISOs Are Stressed Out and It's Putting Companies at Risk
Covert cyberattacks on the rise as attackers shift tactics for maximum impact
Cyber Security Incidents Impact Data Breach Risk
Cyber Security Risks In Real Estate
Cybercriminals Targeting Law Firms with GootLoader and FakeUpdates Malware
Developers can make a great extension of your security team
Dish Network Confirms Ransomware Outage
Dormant accounts are a low-hanging fruit for attackers
DNS abuse: Advice for incident responders
GitHub’s secret scanning alerts now available for all public repos
Gmail and Google Calendar Now Support Client-Side Encryption (CSE) to Boost Data Privacy
Google Gmail client-side encryption is available globally
Google is expanding this 'next level' encryption to more Gmail users
Google Workspace Adds Client-Side Encryption to Gmail and Calendar
Hacker que roubou R$ 120 milhões em criptomoedas anuncia “aposentadoria”
Hospital board to proceed with approximate $2.5 million cyber security upgrade
How to Secure a VM in a Cloud Computing Environment
How to Prevent Callback Phishing Attacks on Your Organization
ICSS Wins Best Cyber Security Company Award
Investidores perdem mais de R$ 50 milhões em ataque hacker a carteiras cripto
Iron Tiger hackers create Linux version of their custom malware
LastPass Devs Were Phished for Credentials
LastPass: hacker invadiu PC de funcionário e roubou cofre
Looking Back at the Mega Breaches Trends of 2022
Microsoft Exchange Online outage blocks access to mailboxes worldwide
Microsoft fixes bug behind apps not installing during provisioning
Multi-Year Spearphishing Campaign Targets the Maritime Industry Likely for Financial Gain
NCSA, representatives of state agencies discuss draft national cyber security strategy
Parallax RAT Targeting Cryptocurrency Firms with Sophisticated Injection Techniques
Parallax RAT used in attacks aimed at cryptocurrency entities
Prevention, recovery and resilience: The blueprint for school cyber security
Provedores de internet do RJ sofrem ataques DDoS e clientes ficam sem conexão
Public SaaS Assets Are a Major Risk For Medium, Large Firms
Record Number of Mobile Phishing Attacks in 2022
Researchers Release MortalKombat Ransomware Decryptor
Russia bans private messaging apps owned by foreign entities
Satellite TV giant Dish admitted that the recent outage was caused by a ransomware attack
Top 10 Open Source Software Risks of 2023
Twitter is down with users seeing "Welcome to Twitter" screen
What is Cross-Site Scripting (XSS)? Types of XSS, Examples, and Patching Best Practices
White House Bans TikTok on Federal Devices
Why in 2023 Software Teams Should Care About Biden’s 2021 Cybersecurity Act
28/02
10 US states that suffered the most devastating data breaches in 2022
26.6 million login credentials obtained by cybercriminals since 2018
2023 SonicWall Cyber Threat Report Casts New Light on Shifting Front Lines, Threat Actor Behavior
Another Texas school district with a data breach?
Application Security vs. API Security: What is the difference?
APT-C-36 Strikes Again: Blind Eagle Hackers Target Key Industries in Colombia
Ataque hacker causa alarme falso na Rússia
Ataques por telefone e phishing MFA tiveram alta em 2022
Bitdefender Releases Free Decryptor for MortalKombat Ransomware Strain
BNP Paribas Personal Finance procura CISO
Can a Cybersecurity Awareness Course Keep You Safe Online?
ChatGPT fica fora do ar em todo o mundo, mas hack é descartado
Chatbot Wars and the Battle Between Good and Evil
CISA adds ZK Java Web Framework bug to Known Exploited Vulnerabilities Catalog
CISA Issues Warning on Active Exploitation of ZK Java Web Framework Vulnerability
CISA warns of hackers exploiting ZK Java Framework RCE flaw
Cisco adquire startup para reforçar segurança multicloud
Combatting Zero Trust fatigue: 5 ways federal agencies can shift from buzzword to action
Cybersecurity e Burnout: A importância de proteger a saúde mental dos profissionais
Dish Network confirms ransomware attack behind multi-day outage
Each Payment to Ransomware Attackers Subsidizes Nine Future Attacks
Expert strategies for defending against multilingual email-based attacks
Experts Spot Half a Million Novel Malware Variants in 2022
Fake ROBLOX and Nintendo game cracks drop ChromeLoader malware
Golpes envolvendo criptoativos somaram US$ 20 bi em 2022
Google: Gmail client-side encryption now publicly available
Hackers Claim They Breached T-Mobile More Than 100 Times in 2022
It only takes one over-privileged identity to do major damage to a cloud
Known Vulnerabilities Pose Greatest Threat to Organizational Security
LastPass breach: Hacker accessed corporate vault by compromising senior developer’s home PC
LassPass breach: Hackers put malware on engineer's home computer to steal their password
LastPass Data Stolen in August 2022 Breach Used For December Attack
LastPass Reveals Second Attack Resulting in Breach of Encrypted Password Vaults
London Honeypots Attacked 2000 Times Per Minute
Microsoft Phone Link can now sync your iPhone with Windows 11
Mind these five mistakes when responding to infosec threats
New EX-22 Tool Empowers Hackers with Stealthy Ransomware Attacks on Enterprises
New MortalKombat ransomware decryptor recovers your files for free
Nine Danish hospital websites suffer cyberattack from ‘Anonymous Sudan’
Online ticket platform reports cyber incident
Phone Attacks and MFA Bypass Drive Phishing in 2022
Privileged access: Understanding security inside out
Ransomware Attack Hits US Marshals Service
Resecurity identified the investment scam network ‘Digital Smoke’
SCARLETEEL hackers use advanced cloud skills to steal source code, data
Security teams have no control over risky SaaS-to-SaaS connections
Snatch ransom gang claims Ingenico scalp, says analyst
State-sponsored hackers are diversifying tactics, targeting small businesses
The Cybersecurity Hype Cycle of ChatGPT and Synthetic Media
The future of cyber security in financial services
The power of community participation with Faye Francy, Executive Director, Auto-ISAC
Top seven hacks and cyber security threats in APAC
US Gov. Agencies Have 30 Days to Remove TikTok, Canada Follows Suit
US Marshals Service Hit By Major Ransomware Attack
U.S. Marshals Service suffers a ransomware attack
What's the best way to ensure your privacy with a web browser?
Why Hire A Virtual CISO In 2023?
Windows 11 ‘Moment 2’ update released, here are the many new features
27/02
3 Things To Seek In A Managed Security Services Solution
13 Tech Experts Explain Essential Facts About Data Privacy And Data Protection
Absa warns customers of rise in phishing scams
Advanced Health Media Reports Leaked Social Security Numbers Following Recent Data Breach
Alvaria, Inc. Announces Data Breach Following Hive Ransomware Attack
As MedusaLocker ransomware targets RDP, HHS urges brute force defense
Attackers publish Beeline’s Jira database, exposing customers
Australia plans to reform cyber security rules, set up agency
Australia Releases Discussion Paper to Shape Cybersecurity Strategy
Brasil é o segundo país latino-americano que mais sofre ataques cibernéticos
Burton’s Online Store Has Been Shut Down For 2 Weeks Because of a Cyber Attack
ChatGPT is down worldwide - OpenAI working on issues
ChromeLoader Malware Poses as Steam, Nintendo Game Mods
ChromeLoader Malware Targeting Gamers via Fake Nintendo and Steam Game Hacks
CISA director urges tech industry to take responsibility for secure products
CISA Tells Agencies What to Prioritize to Meet Cybersecurity Log Mandate
CISOs repercutem pesquisa do Gartner em que metade dos líderes deixarão o cargo