DAILY NEWS: Janeiro (15/01 - 21/01) - 03 Semana de 2023Dia a Dia da Segurança da Informação !!! Cyber Security and Information Security News - Daily Updates !! Weekly Review21/01Backdoor into FortiOS: Chinese Threat Actors Utilize 0-Day Beware: Hackers now use OneNote attachments to spread malware Blake Dowling: The dark web gets even darker ChatGPT: What cybersecurity dangers lurk behind this impressive new technology? EU regulator fines Meta again; this time for WhatsApp Expect more of these scams in South Africa – targetting individuals and businesses Four warnings issued to millions of Facebook owners – don’t ignore them Hackers penetrated L.A. Unified computer systems much earlier than previously disclosed International Cricket Council (ICC) hit by phishing scam, loses around USD 2.5 millionInternational Cricket Council (ICC) loses Rs 20 crore in a phishing attack carried out by a US-based party Mango Markets Hacker Charged With Manipulating Price Of SecurityMassive ad-fraud op dismantled after hitting millions of iOS devices Newark and Sherwood District Council deputy leader Keith Girling gives his opinion on cyber attacks PayPal Data Breach – Over 35000 Thousand Users’ Accounts Compromised PC invadido por hackers? Site ajuda você a 'trollar' seus amigos; conheça Phishing scam: Posters with fake QR code put up at HDB blocks in Bukit Batok Ransomware Revenue Drops as Victims Pay Less Often, Chainalysis Reports Riot é alvo de ataques hackers, mas tranquiliza jogadores Riot Games hacked, delays game patches after security breach Riot Games Target of Cyber Attack, League of Legends Updates Delayed Students affected by cybersecurity attack, Queensland University of Technology confirms Suspected Chinese hackers exploit vulnerability in Fortinet devices T-Mobile afirma que hacker acessou dados pessoais de 37 milhões de consumidores T-Mobile Gets Hacked Again: Is the Un-Carrier Un-Safe? T-Mobile Says Data of 37 Million Customers Exposed in Second Data Breach in 2 Years Top 5 AI-powered Cybersecurity threats in 2023 20/015 health systems that reported a cyberattack in the last 30 days 6 cybersecurity buzzwords to know in 2023 235 Million Twitter User Email Addresses Posted on Hacking Forum 2023 Predictions For The Edge, HCI, Security And Beyond API Attacker Steals Data on 37 Million T-Mobile Customers Are smart devices cyber secure? Bill advances to address cyber security in Iowa Bring the Browser in from the Cold: Old Threat Vectors Demand New Defenses C++ programming language and safety: Here's where it goes nextCharities told to boost cyber security against threat from spies and foreign states ChatGPT estava escrevendo textos para malwares e hackers Chinese Hackers Exploited Recent Fortinet Flaw as 0-Day to Drop MalwareCritical ManageEngine RCE bug now exploited to open reverse shells Croatia's KING ICT in cyber security deal with NATO Agency Cyber Attack Hits 1,000 Merchant Ships as Norway Firm Targeted Cyber security threats to Smart Bangladesh Database Malware Strikes Hundreds of Vulnerable WordPress Sites Enterprises remain vulnerable through compromised API secrets Exploits released for two Samsung Galaxy App Store vulnerabilities Falling Revenue for Ransomware Attacks Suggests Victims Are Refusing To Pay Gamaredon Group Launches Cyberattacks Against Ukraine Using Telegram Global cyberattacks increased 38% in 2022 Hacker group incorporates DNS hijacking into its malicious website campaign Hanes class action alleges data breach exposed sensitive customer data Home working’s link to cyber security and why SMEs need to take it seriously in 2023 Insurers in talks on adding state-backed cyber to UK reinsurance scheme International Cricket Council (ICC) loses around $2.5 million in phishing scam Keeper vs LastPass (2023): Which password manager is better for you? KR focuses on cyber security training LAUSD says Vice Society ransomware gang stole contractors’ SSNs Mailchimp suffers another data breach after social engineering attack on employees Mailchimp suffers second security breach in 6 months, impacting 133 customers Maple Ridge – Pitt Meadows School District suffers massive data breach Massachusetts Medical Device Company Reports Healthcare Data Breach, 29K Impacted Massive Credential Stuffing Campaign Hits 35,000 PayPal Users Micro-Star International (MSI) to release securer BIOS settings after critical flaw discovered Microsoft Innovations for 2023: What to Look Out for This Year Neopets faces class-action lawsuit over huge data breach New Boldmove Linux malware used to backdoor Fortinet devices Nightmare virus Hook uses fake banking app to access phone data and your money Nikesh Arora Emphasises The Need To Tighten Cyber Security In A Digital World OpenAI’s ChatGPT Can Create Polymorphic Malware Over 19,000 end-of-life Cisco routers exposed to RCE attacks PayPal sofre ataque hacker e quase 35 mil usuários são atingidos Phishers Use Blank Images to Disguise Malicious Attachments Phishing and ransomware amongst biggest threats to charity sector QUT confirms personal data of thousands of staff compromised in cyber attack Ransomware attack against Yum! Brands follows several incidents targeting restaurant industryRansomware Revenue Down As More Victims Refuse to Pay Roaming Mantis Spreading Mobile Malware That Hijacks Wi-Fi Routers' DNS Settings Samsung investigating claims of hack on South Korea systems, internal employee platform Security Breaches Are Inevitable, Not Illimitable Security teams focus on improving detection and response capabilities Strategies for Effective Incident Response with Remote Employees T-Mobile customers at heightened risk of phishing attacks in wake of data breach T-Mobile Hacked Again: 37 Million Accounts Compromised T-Mobile reports data breach affecting 37 million customers T-Mobile suffered another massive data breach that compromised 37 million accounts The Media Industry Is the Most Vulnerable to Cyber Attacks, Report Shows The threat of location spoofing and fraud Transportation Security Administration (TSA) investigating how some no-fly list data was exposed on internet US arrests Russian crypto exchange founder in USD 700 mn fraud Veeam survey finds ransomware blocks digital transformation Zero trust network access for Desktop as a Service Wave of Magniber Ransomware Attacks Hitting EU: What to Know What cybersecurity dangers lurk behind new AI technologies? What is Healthcare Cyber Security? WhatsApp Hit with €5.5m fine for GDPR Violations WhatsApp Hit with €5.5 Million Fine for Violating Data Protection Laws WhatsApp ou Instagram hackeado? Conheça 8 dicas para proteger suas redes sociais Why London's IT staff say $1M is needed to protect the city from cyber attacks "Workarounds" Helped Royal Mail Resume Shipping After Ransomware Attack 19/016 Types of Risk Assessment Methodologies + How to Choose 50% of orgs report experiencing data breaches due to exposed API secrets Android Users Beware: New Hook Malware with RAT Capabilities Emerges As a cybersecurity blade, ChatGPT can cut both ways Bitzlato Crypto Exchange Founder Arrested for Aiding Cybercriminals Bluebottle cyber crime group active in Africa CCPA, CPRA and the changing privacy landscape Class action lawsuit claims Twitter API defect allowed data breach Cloud-based cyber attacks increased by 48 percent in 2022 Comelec, Smartmatic not liable for 2022 data breach, NPC says Confidence In Cybersecurity Regulation For Critical Infrastructure Cost of data breaches ‘to surpass $5m per incident’ in 2023 Critical Microsoft Azure RCE flaw impacted multiple services Critical RCE vulnerabilities found in git (CVE-2022-41903, CVE-2022-23251) Crypto-Exchange Used to Launder Ransomware Transactions DismantledCyber-attacks have tripled in past year, says Ukraine’s cybersecurity agency Cyber insurance can offset the risks of potential breaches Cyber Risks in the Education Sector: Why Cybersecurity Needs to Be Top of the Class Cyber-security firm Sophos lays off 450 staff globally, including in India Cyber security myths are putting small businesses at risk – Here’s what you need to know Dallas Central Appraisal District Website is Up And Running Following November Ransomware Attack Davos 2023: Global bank chiefs get FBI cybersecurity update Decoding ApeCoin’s [APE] high MVRV ratio and recent data breach DCH Health System fires employee after medical records security breach DNV ransomware attack ‘concerning’: Cyber Threat Analyst EmojiDeploy: Smile! Your Azure web service just got RCE’dEndpoint security in healthcare Errando não se aprende: Mailchimp é hackeado pela terceira vez em nove meses EU cyber resilience regulation could translate into millions in fines FanDuel data breach: How much personal data was compromised on mobile sports betting platform? Four Ways Hackers are Outsmarting Retail Cybersecurity FTX: Over $400m Stolen from Bankrupt Exchange Hackers Leaked Data, Child Abuse Files, After Ransomware Attack on Bay Area Transit Police HC3 warns of Clop ransomware targeting medical images Healthcare Cyberattacks: 5 Factors For Staying Safe In 2023 How CISOs can manage the cybersecurity of high-level executives How K-12 IT leaders can protect schools from ransomware How to secure your customers’ personally identifiable information against compromise How Vendor Complexity Increases the Costs of Cybersecurity Hundreds of Malicious Packages Found in npm Registry Irish privacy regulator to take European Union body to court over unlawful interference It's time to take a quantum leap in IOT cyber security Key takeaways from the 2022 Gartner® Market Guide for Online Fraud DetectionKnowBe4 2022 Phishing Test Report Confirms Business-Related Emails Trend KR and SIRM launch cyber security e-learning training Mailchimp discloses a new security breach, the second one in 6 months Mailchimp Hit By Another Data Breach Following Employee Hack Mailchimp Suffers Another Security Breach Compromising Some Customers' Information Mailchimp suffers another social engineering attack Malicious PyPI Packages Drop Malware in New Supply Chain Attack Meta slapped with $5.9M fine for EU data breach New 'Blank Image' attack hides phishing scripts in SVG files New Microsoft Azure Vulnerability Uncovered — Experts Warn of RCE Attacks New Research Delves into the World of Malicious LNK Files and Hackers Behind Them Nigeria: Weak Responses to Cybersecurity, Obsolete Computing Resources, Others Will Heighten Cyber Threats in 2023 - Report NortonLifeLock Says Customer Accounts were Compromised in Credential-Stuffing Attack Not If, But When: Maintaining Resilience as Threat Actors Adapt Over a Third of Recent ICS Bugs Still Have No Vendor Patch PayPal accounts breached in large-scale credential stuffing attack Personal Data Protection Laws Update: Thailand’s New Notification regarding Criteria and Method for Reporting Personal Data Breaches Phishing Attack on Washington Therapist Exposes Patients’ PHI Ransomware attack hits nearly 300 fast food restaurants in UK, including KFC and Pizza Hut Ransomware attacks remain the most acute threat to organisations Ransomware gang steals data from KFC, Taco Bell, and Pizza Hut brand owner Ransomware Payments Fall by 40% in 2022 Ransomware profits drop 40% in 2022 as victims refuse to pay Research reveals ransomware as the biggest hindrance to Digital Transformation Ransomware Revenue Down As More Victims Refuse to Pay Roaming Mantis’ Android malware adds DNS changer to hack WiFi routers Royal Mail Starts Limited Delivery Abroad After Cyberattack Russia-linked drug marketplace Solaris hacked by its rival Security Analysis of ThreemaSecurityGen identifies the cybersecurity priorities for mobile operators in 2023 SentinelOne selected by CISA’s Joint Cyber Defense Collaborative to strengthen US, international cyber security capabilities Techniques that attackers use to trick victims into visiting malicious content The 2022 Threat Landscape Is Dominated By Ransomware, According To A Nozomi Networks Labs Report Threat actors lure phishing victims with phony salary bumps, bonuses Twitter’s data leak response is a lesson in how not to do cybersecurity United Arab Emirates (UAE) organisations lost over 5.1M AED in ransomware in 2022 US CISA adds Centos Web Panel RCE CVE-2022-44877 to its Known Exploited Vulnerabilities CatalogWhatsApp Data Leak Included Jamaica, Now Phone Numbers Up for Sale WhatsApp: Hackers selling database with 500 million phone numbers on the dark web - you could be affected WhizHack Technologies Launches India's 1st Center of Excellence Program in Cyber Security for Leading Academic Institutions Why is Cybersecurity crucial to the Fintech sector? World Economic Forum officials warn global instability could lead to catastrophic cyber event Yuga Labs warn users about Mailchimp data breach Yum Brands says nearly 300 restaurants in UK impacted due to cyber attack 18/0110 ways to reduce workplace cybersecurity risk 2023 Data Protection Report: 'Ransomware Is Winning' A ransomware negotiator shares 3 tips for victim organizations Abu-Ghazaleh Digital University concludes Advanced Cybersecurity program Almost Half of Critical Manufacturing at Risk of Breach Alstom sign MoU to advance knowledge of cyber-security in rail APIs in Vehicle Software Vulnerable to Attacks Avast Provides A Free Decryptor For BianLian Ransomware Avast releases free BianLian ransomware decryptor Been hit by BianLian ransomware? Here's your get-out-of-jail-free card Beware of The Most Common Types of Cyber Attacks, it can be fatal Binance is bad news—is anyone still surprised? ‘Bring your own vulnerable driver’ attack technique is becoming popular among threat actors Canada's largest alcohol retailer suffers a cyber attack, customer data stolen by hackers Canadian small businesses are losing thousands to cyberattacks CISA Warns of Flaws in Siemens, GE Digital, and Contec Industrial Control Systems CP Orders Investigation Of Cyber Attack Against Edo NUJ Chairman Critical Security Vulnerabilities Discovered in Netcomm and TP-Link Routers Cyber security recognised on World Economic Forum's Global Risk Report Cybersecurity in 2023: Russian escalation, Chinese espionage, Iranian “hacktivism” Datto’s Annual State Of Ransomware Report Reveals SMBs Are Taking Cyber Security More Seriously Now Davos panellists call for cooperation among countries to stave off cyber threats Department of Financial Services organises symposium on cyber security Digital ministry to probe China Airlines data leak DNV says up to 1,000 ships affected by ransomware attack European Businesses Admit Major Privacy Skills Gap Experts found SSRF flaws in four different Microsoft Azure services FinServ Firms See 81% Surge in Attacks Since Russia-Ukraine War Fox News host credits Bitcoin pump to ransomware hackers FTX lost $415 million worth of crypto in hacker heists, the collapsed exchange's new bosses say Geopolitical Instability Means a Cyber "Catastrophe" is Imminent Git Users Urged to Update Software to Prevent Remote Code Execution Attacks Global instability increases cyber risk, says World Economic Forum Google ads increasingly pointing to malware Guide: How MSSPs and vCISOs can extend their services into compliance readiness without increasing cost Hacker coloca 3 pacotes maliciosos no PyPI Here’s how business leaders can prepare for systemic cybersecurity events How data protection is evolving in a digital world How Hackers Outwit All Efforts to Stop Them: "It's a Cyber Pandemic." How Healthcare Cybersecurity Benchmarking Can Help Sector Enhance Security Efforts How to build a cyber-resilience culture in the enterprise How to Erase Data Securely From Hard Drives and SSDs, Including NVMe How to prioritize resilience in the face of cyber-attacks How Royal Mail’s hacker became the world’s most prolific ransomware group Iranian Government Entities Under Attack by New Wave of BackdoorDiplomacy Attacks Lloyds Bank issues urgent warning as customers lose £642 in growing scam Mailchimp says it was hacked — again Maritime giant DNV says 1,000 ships affected by ransomware attack Nissan Data Breach Caused By Vendor-Exposed Database Nissan Supplier Leaked Data on Thousands of CustomersNo reason yet to consider cyber attack as cause of New Year flight glitch — CICC Phishing Campaign Targets Microsoft 365 Accounts with Fake DHL Emails Polícia Científica analisa ataque hacker ao sistema do Tribunal de Justiça do Pará; entenda Polson schools address cyber security Potential threats and sinister implications of ChatGPT Prioritize the Prevention Part of Security Programs in 2023 PwC Cybersecurity & Privacy Day 2023: Join the Event and Apply to Pitch today! (Sponsored) Ransomware decryption: This tool could help some BianLian ransomware victims get files back Recent trends in insider risk Spyware company Intellexa fined €50,000 for holding up Greek inquiry The FBI's Source Of Trust Just Got Hacked This info-stealing malware is hiding in downloads for popular apps — how to stay safe Two specialty medical care providers in the US disclose ransomware attacks affecting nearly 600,000 Ukraine says Russia is coordinating missile strikes, cyberattacks and information operations Vulnerable NetComm routers and a public PoC exploit (CVE-2022-4873, CVE-2022-4874) What Is DLL Hijacking and How Can You Prevent It? What Is Real Estate Wire Fraud And How Can Home Buyers Protect Themselves? Why do hackers love to target backups?- Mr Curtis Preston, Chief Technical Evangelist, Druva 17/013 steps to keep your WordPress website secure and performant 4 places to Supercharge Your SOC with Automation 7 Ways to Avoid Scammers on Social Media 59.4 million compromised payment card records posted for sale on dark web in 2022: report Artificial Intelligence can revolutionise enterprise security – Here’s how!