Dia a Dia da Segurança da Informação !!! Cyber Security and Information Security News - Daily Updates !! Weekly Review

21/01

Backdoor into FortiOS: Chinese Threat Actors Utilize 0-Day

Beware: Hackers now use OneNote attachments to spread malware

Blake Dowling: The dark web gets even darker

ChatGPT: What cybersecurity dangers lurk behind this impressive new technology?

EU regulator fines Meta again; this time for WhatsApp

Expect more of these scams in South Africa – targetting individuals and businesses

Four warnings issued to millions of Facebook owners – don’t ignore them

Hackers penetrated L.A. Unified computer systems much earlier than previously disclosed

International Cricket Council (ICC) hit by phishing scam, loses around USD 2.5 million

International Cricket Council (ICC) loses Rs 20 crore in a phishing attack carried out by a US-based party

Mango Markets Hacker Charged With Manipulating Price Of Security

Massive ad-fraud op dismantled after hitting millions of iOS devices

Newark and Sherwood District Council deputy leader Keith Girling gives his opinion on cyber attacks

PayPal Data Breach – Over 35000 Thousand Users’ Accounts Compromised

PC invadido por hackers? Site ajuda você a 'trollar' seus amigos; conheça

Phishing scam: Posters with fake QR code put up at HDB blocks in Bukit Batok

Ransomware Revenue Drops as Victims Pay Less Often, Chainalysis Reports

Riot é alvo de ataques hackers, mas tranquiliza jogadores

Riot Games hacked, delays game patches after security breach

Riot Games Target of Cyber Attack, League of Legends Updates Delayed

Students affected by cybersecurity attack, Queensland University of Technology confirms

Suspected Chinese hackers exploit vulnerability in Fortinet devices

T-Mobile afirma que hacker acessou dados pessoais de 37 milhões de consumidores

T-Mobile Gets Hacked Again: Is the Un-Carrier Un-Safe?

T-Mobile Says Data of 37 Million Customers Exposed in Second Data Breach in 2 Years

Top 5 AI-powered Cybersecurity threats in 2023

20/01

5 health systems that reported a cyberattack in the last 30 days

6 cybersecurity buzzwords to know in 2023

235 Million Twitter User Email Addresses Posted on Hacking Forum

2023 Predictions For The Edge, HCI, Security And Beyond

API Attacker Steals Data on 37 Million T-Mobile Customers

Are smart devices cyber secure?

Bill advances to address cyber security in Iowa

Bring the Browser in from the Cold: Old Threat Vectors Demand New Defenses

C++ programming language and safety: Here's where it goes next

Charities told to boost cyber security against threat from spies and foreign states

ChatGPT estava escrevendo textos para malwares e hackers

Chinese Hackers Exploited Recent Fortinet Flaw as 0-Day to Drop Malware

Critical ManageEngine RCE bug now exploited to open reverse shells

Croatia's KING ICT in cyber security deal with NATO Agency

Cyber Attack Hits 1,000 Merchant Ships as Norway Firm Targeted

Cyber security threats to Smart Bangladesh

Database Malware Strikes Hundreds of Vulnerable WordPress Sites

Enterprises remain vulnerable through compromised API secrets

Exploits released for two Samsung Galaxy App Store vulnerabilities

Falling Revenue for Ransomware Attacks Suggests Victims Are Refusing To Pay

Gamaredon Group Launches Cyberattacks Against Ukraine Using Telegram

Global cyberattacks increased 38% in 2022

Hacker group incorporates DNS hijacking into its malicious website campaign

Hanes class action alleges data breach exposed sensitive customer data

Home working’s link to cyber security and why SMEs need to take it seriously in 2023

Insurers in talks on adding state-backed cyber to UK reinsurance scheme

International Cricket Council (ICC) loses around $2.5 million in phishing scam

Keeper vs LastPass (2023): Which password manager is better for you?

KR focuses on cyber security training

LAUSD says Vice Society ransomware gang stole contractors’ SSNs

Mailchimp suffers another data breach after social engineering attack on employees

Mailchimp suffers second security breach in 6 months, impacting 133 customers

Maple Ridge – Pitt Meadows School District suffers massive data breach

Massachusetts Medical Device Company Reports Healthcare Data Breach, 29K Impacted

Massive Credential Stuffing Campaign Hits 35,000 PayPal Users

Micro-Star International (MSI) to release securer BIOS settings after critical flaw discovered

Microsoft Innovations for 2023: What to Look Out for This Year

Neopets faces class-action lawsuit over huge data breach

New Boldmove Linux malware used to backdoor Fortinet devices

Nightmare virus Hook uses fake banking app to access phone data and your money

Nikesh Arora Emphasises The Need To Tighten Cyber Security In A Digital World

OpenAI’s ChatGPT Can Create Polymorphic Malware

Over 19,000 end-of-life Cisco routers exposed to RCE attacks

PayPal sofre ataque hacker e quase 35 mil usuários são atingidos

Phishers Use Blank Images to Disguise Malicious Attachments

Phishing and ransomware amongst biggest threats to charity sector

QUT confirms personal data of thousands of staff compromised in cyber attack

Ransomware attack against Yum! Brands follows several incidents targeting restaurant industry

Ransomware Revenue Down As More Victims Refuse to Pay

Roaming Mantis Spreading Mobile Malware That Hijacks Wi-Fi Routers' DNS Settings

Samsung investigating claims of hack on South Korea systems, internal employee platform

Security Breaches Are Inevitable, Not Illimitable

Security teams focus on improving detection and response capabilities

Strategies for Effective Incident Response with Remote Employees

T-Mobile customers at heightened risk of phishing attacks in wake of data breach

T-Mobile Hacked Again: 37 Million Accounts Compromised

T-Mobile reports data breach affecting 37 million customers

T-Mobile suffered another massive data breach that compromised 37 million accounts

The Media Industry Is the Most Vulnerable to Cyber Attacks, Report Shows

The threat of location spoofing and fraud

Transportation Security Administration (TSA) investigating how some no-fly list data was exposed on internet

US arrests Russian crypto exchange founder in USD 700 mn fraud

Veeam survey finds ransomware blocks digital transformation

Zero trust network access for Desktop as a Service

Wave of Magniber Ransomware Attacks Hitting EU: What to Know

What cybersecurity dangers lurk behind new AI technologies?

What is Healthcare Cyber Security?

WhatsApp Hit with €5.5m fine for GDPR Violations

WhatsApp Hit with €5.5 Million Fine for Violating Data Protection Laws

WhatsApp ou Instagram hackeado? Conheça 8 dicas para proteger suas redes sociais

Why London's IT staff say $1M is needed to protect the city from cyber attacks

"Workarounds" Helped Royal Mail Resume Shipping After Ransomware Attack

19/01

6 Types of Risk Assessment Methodologies + How to Choose

50% of orgs report experiencing data breaches due to exposed API secrets 

Android Users Beware: New Hook Malware with RAT Capabilities Emerges

As a cybersecurity blade, ChatGPT can cut both ways

Bitzlato Crypto Exchange Founder Arrested for Aiding Cybercriminals

Bluebottle cyber crime group active in Africa

CCPA, CPRA and the changing privacy landscape

Class action lawsuit claims Twitter API defect allowed data breach

Cloud-based cyber attacks increased by 48 percent in 2022

Comelec, Smartmatic not liable for 2022 data breach, NPC says

Confidence In Cybersecurity Regulation For Critical Infrastructure

Cost of data breaches ‘to surpass $5m per incident’ in 2023

Critical Microsoft Azure RCE flaw impacted multiple services

Critical RCE vulnerabilities found in git (CVE-2022-41903, CVE-2022-23251)

Crypto-Exchange Used to Launder Ransomware Transactions Dismantled

Cyber-attacks have tripled in past year, says Ukraine’s cybersecurity agency

Cyber insurance can offset the risks of potential breaches

Cyber Risks in the Education Sector: Why Cybersecurity Needs to Be Top of the Class

Cyber-security firm Sophos lays off 450 staff globally, including in India

Cyber security myths are putting small businesses at risk – Here’s what you need to know

Dallas Central Appraisal District Website is Up And Running Following November Ransomware Attack

Davos 2023: Global bank chiefs get FBI cybersecurity update

Decoding ApeCoin’s [APE] high MVRV ratio and recent data breach

DCH Health System fires employee after medical records security breach

DNV ransomware attack ‘concerning’: Cyber Threat Analyst

EmojiDeploy: Smile! Your Azure web service just got RCE’d

Endpoint security in healthcare

Errando não se aprende: Mailchimp é hackeado pela terceira vez em nove meses

EU cyber resilience regulation could translate into millions in fines

FanDuel data breach: How much personal data was compromised on mobile sports betting platform?

Four Ways Hackers are Outsmarting Retail Cybersecurity

FTX: Over $400m Stolen from Bankrupt Exchange

Hackers Leaked Data, Child Abuse Files, After Ransomware Attack on Bay Area Transit Police

HC3 warns of Clop ransomware targeting medical images

Healthcare Cyberattacks: 5 Factors For Staying Safe In 2023

How CISOs can manage the cybersecurity of high-level executives

How K-12 IT leaders can protect schools from ransomware

How to secure your customers’ personally identifiable information against compromise

How Vendor Complexity Increases the Costs of Cybersecurity

Hundreds of Malicious Packages Found in npm Registry

Irish privacy regulator to take European Union body to court over unlawful interference

It's time to take a quantum leap in IOT cyber security

Key takeaways from the 2022 Gartner® Market Guide for Online Fraud Detection

KnowBe4 2022 Phishing Test Report Confirms Business-Related Emails Trend

KR and SIRM launch cyber security e-learning training

Mailchimp discloses a new security breach, the second one in 6 months

Mailchimp Hit By Another Data Breach Following Employee Hack

Mailchimp Suffers Another Security Breach Compromising Some Customers' Information

Mailchimp suffers another social engineering attack

Malicious PyPI Packages Drop Malware in New Supply Chain Attack

Meta slapped with $5.9M fine for EU data breach

New 'Blank Image' attack hides phishing scripts in SVG files

New Microsoft Azure Vulnerability Uncovered — Experts Warn of RCE Attacks

New Research Delves into the World of Malicious LNK Files and Hackers Behind Them

Nigeria: Weak Responses to Cybersecurity, Obsolete Computing Resources, Others Will Heighten Cyber Threats in 2023 - Report

NortonLifeLock Says Customer Accounts were Compromised in Credential-Stuffing Attack

Not If, But When: Maintaining Resilience as Threat Actors Adapt

Over a Third of Recent ICS Bugs Still Have No Vendor Patch

PayPal accounts breached in large-scale credential stuffing attack

Personal Data Protection Laws Update: Thailand’s New Notification regarding Criteria and Method for Reporting Personal Data Breaches

Phishing Attack on Washington Therapist Exposes Patients’ PHI

Ransomware attack hits nearly 300 fast food restaurants in UK, including KFC and Pizza Hut

Ransomware attacks remain the most acute threat to organisations

Ransomware gang steals data from KFC, Taco Bell, and Pizza Hut brand owner

Ransomware Payments Fall by 40% in 2022

Ransomware profits drop 40% in 2022 as victims refuse to pay

Research reveals ransomware as the biggest hindrance to Digital Transformation

Ransomware Revenue Down As More Victims Refuse to Pay

Roaming Mantis’ Android malware adds DNS changer to hack WiFi routers

Royal Mail Starts Limited Delivery Abroad After Cyberattack

Russia-linked drug marketplace Solaris hacked by its rival

Security Analysis of Threema

SecurityGen identifies the cybersecurity priorities for mobile operators in 2023

SentinelOne selected by CISA’s Joint Cyber Defense Collaborative to strengthen US, international cyber security capabilities

Techniques that attackers use to trick victims into visiting malicious content

The 2022 Threat Landscape Is Dominated By Ransomware, According To A Nozomi Networks Labs Report

Threat actors lure phishing victims with phony salary bumps, bonuses

Twitter’s data leak response is a lesson in how not to do cybersecurity

United Arab Emirates (UAE) organisations lost over 5.1M AED in ransomware in 2022

US CISA adds Centos Web Panel RCE CVE-2022-44877 to its Known Exploited Vulnerabilities Catalog

WhatsApp Data Leak Included Jamaica, Now Phone Numbers Up for Sale

WhatsApp: Hackers selling database with 500 million phone numbers on the dark web - you could be affected

WhizHack Technologies Launches India's 1st Center of Excellence Program in Cyber Security for Leading Academic Institutions

Why is Cybersecurity crucial to the Fintech sector?

World Economic Forum officials warn global instability could lead to catastrophic cyber event

Yuga Labs warn users about Mailchimp data breach

Yum Brands says nearly 300 restaurants in UK impacted due to cyber attack

18/01

10 ways to reduce workplace cybersecurity risk

2023 Data Protection Report: 'Ransomware Is Winning'

A ransomware negotiator shares 3 tips for victim organizations

Abu-Ghazaleh Digital University concludes Advanced Cybersecurity program

Almost Half of Critical Manufacturing at Risk of Breach

Alstom sign MoU to advance knowledge of cyber-security in rail

APIs in Vehicle Software Vulnerable to Attacks

Avast Provides A Free Decryptor For BianLian Ransomware

Avast releases free BianLian ransomware decryptor

Been hit by BianLian ransomware? Here's your get-out-of-jail-free card

Beware of The Most Common Types of Cyber Attacks, it can be fatal

Binance is bad news—is anyone still surprised?

‘Bring your own vulnerable driver’ attack technique is becoming popular among threat actors

Canada's largest alcohol retailer suffers a cyber attack, customer data stolen by hackers

Canadian small businesses are losing thousands to cyberattacks

CISA Warns of Flaws in Siemens, GE Digital, and Contec Industrial Control Systems

CP Orders Investigation Of Cyber Attack Against Edo NUJ Chairman

Critical Security Vulnerabilities Discovered in Netcomm and TP-Link Routers

Cyber security recognised on World Economic Forum's Global Risk Report

Cybersecurity in 2023: Russian escalation, Chinese espionage, Iranian “hacktivism”

Datto’s Annual State Of Ransomware Report Reveals SMBs Are Taking Cyber Security More Seriously Now

Davos panellists call for cooperation among countries to stave off cyber threats

Department of Financial Services organises symposium on cyber security

Digital ministry to probe China Airlines data leak

DNV says up to 1,000 ships affected by ransomware attack

European Businesses Admit Major Privacy Skills Gap

Experts found SSRF flaws in four different Microsoft Azure services

FinServ Firms See 81% Surge in Attacks Since Russia-Ukraine War

Fox News host credits Bitcoin pump to ransomware hackers

FTX lost $415 million worth of crypto in hacker heists, the collapsed exchange's new bosses say

Geopolitical Instability Means a Cyber "Catastrophe" is Imminent

Git Users Urged to Update Software to Prevent Remote Code Execution Attacks

Global instability increases cyber risk, says World Economic Forum

Google ads increasingly pointing to malware

Guide: How MSSPs and vCISOs can extend their services into compliance readiness without increasing cost

Hacker coloca 3 pacotes maliciosos no PyPI

Here’s how business leaders can prepare for systemic cybersecurity events

How data protection is evolving in a digital world

How Hackers Outwit All Efforts to Stop Them: "It's a Cyber Pandemic."

How Healthcare Cybersecurity Benchmarking Can Help Sector Enhance Security Efforts

How to build a cyber-resilience culture in the enterprise

How to Erase Data Securely From Hard Drives and SSDs, Including NVMe

How to prioritize resilience in the face of cyber-attacks

How Royal Mail’s hacker became the world’s most prolific ransomware group

Iranian Government Entities Under Attack by New Wave of BackdoorDiplomacy Attacks

Lloyds Bank issues urgent warning as customers lose £642 in growing scam

Mailchimp says it was hacked — again

Maritime giant DNV says 1,000 ships affected by ransomware attack

Nissan Data Breach Caused By Vendor-Exposed Database

Nissan Supplier Leaked Data on Thousands of Customers

No reason yet to consider cyber attack as cause of New Year flight glitch — CICC

Phishing Campaign Targets Microsoft 365 Accounts with Fake DHL Emails

Polícia Científica analisa ataque hacker ao sistema do Tribunal de Justiça do Pará; entenda

Polson schools address cyber security

Potential threats and sinister implications of ChatGPT

Prioritize the Prevention Part of Security Programs in 2023

PwC Cybersecurity & Privacy Day 2023: Join the Event and Apply to Pitch today! (Sponsored)

Ransomware decryption: This tool could help some BianLian ransomware victims get files back

Recent trends in insider risk

Spyware company Intellexa fined €50,000 for holding up Greek inquiry

The FBI's Source Of Trust Just Got Hacked

This info-stealing malware is hiding in downloads for popular apps — how to stay safe

Two specialty medical care providers in the US disclose ransomware attacks affecting nearly 600,000

Ukraine says Russia is coordinating missile strikes, cyberattacks and information operations

Vulnerable NetComm routers and a public PoC exploit (CVE-2022-4873, CVE-2022-4874)

What Is DLL Hijacking and How Can You Prevent It?

What Is Real Estate Wire Fraud And How Can Home Buyers Protect Themselves?

Why do hackers love to target backups?- Mr Curtis Preston, Chief Technical Evangelist, Druva

17/01

3 steps to keep your WordPress website secure and performant

4 places to Supercharge Your SOC with Automation

7 Ways to Avoid Scammers on Social Media

59.4 million compromised payment card records posted for sale on dark web in 2022: report

Artificial Intelligence can revolutionise enterprise security – Here’s how!