DAILY NEWS: Janeiro (15/01 - 21/01) - 03 Semana de 2023
Dia a Dia da Segurança da Informação !!! Cyber Security and Information Security News - Daily Updates !! Weekly Review

21/01
Backdoor into FortiOS: Chinese Threat Actors Utilize 0-Day
Beware: Hackers now use OneNote attachments to spread malware
Blake Dowling: The dark web gets even darker
ChatGPT: What cybersecurity dangers lurk behind this impressive new technology?
EU regulator fines Meta again; this time for WhatsApp
Expect more of these scams in South Africa – targetting individuals and businesses
Four warnings issued to millions of Facebook owners – don’t ignore them
Hackers penetrated L.A. Unified computer systems much earlier than previously disclosed
International Cricket Council (ICC) hit by phishing scam, loses around USD 2.5 million
Mango Markets Hacker Charged With Manipulating Price Of Security
Massive ad-fraud op dismantled after hitting millions of iOS devices
Newark and Sherwood District Council deputy leader Keith Girling gives his opinion on cyber attacks
PayPal Data Breach – Over 35000 Thousand Users’ Accounts Compromised
PC invadido por hackers? Site ajuda você a 'trollar' seus amigos; conheça
Phishing scam: Posters with fake QR code put up at HDB blocks in Bukit Batok
Ransomware Revenue Drops as Victims Pay Less Often, Chainalysis Reports
Riot é alvo de ataques hackers, mas tranquiliza jogadores
Riot Games hacked, delays game patches after security breach
Riot Games Target of Cyber Attack, League of Legends Updates Delayed
Students affected by cybersecurity attack, Queensland University of Technology confirms
Suspected Chinese hackers exploit vulnerability in Fortinet devices
T-Mobile afirma que hacker acessou dados pessoais de 37 milhões de consumidores
T-Mobile Gets Hacked Again: Is the Un-Carrier Un-Safe?
T-Mobile Says Data of 37 Million Customers Exposed in Second Data Breach in 2 Years
Top 5 AI-powered Cybersecurity threats in 2023
20/01
5 health systems that reported a cyberattack in the last 30 days
6 cybersecurity buzzwords to know in 2023
235 Million Twitter User Email Addresses Posted on Hacking Forum
2023 Predictions For The Edge, HCI, Security And Beyond
API Attacker Steals Data on 37 Million T-Mobile Customers
Are smart devices cyber secure?
Bill advances to address cyber security in Iowa
Bring the Browser in from the Cold: Old Threat Vectors Demand New Defenses
C++ programming language and safety: Here's where it goes next
Charities told to boost cyber security against threat from spies and foreign states
ChatGPT estava escrevendo textos para malwares e hackers
Chinese Hackers Exploited Recent Fortinet Flaw as 0-Day to Drop Malware
Critical ManageEngine RCE bug now exploited to open reverse shells
Croatia's KING ICT in cyber security deal with NATO Agency
Cyber Attack Hits 1,000 Merchant Ships as Norway Firm Targeted
Cyber security threats to Smart Bangladesh
Database Malware Strikes Hundreds of Vulnerable WordPress Sites
Enterprises remain vulnerable through compromised API secrets
Exploits released for two Samsung Galaxy App Store vulnerabilities
Falling Revenue for Ransomware Attacks Suggests Victims Are Refusing To Pay
Gamaredon Group Launches Cyberattacks Against Ukraine Using Telegram
Global cyberattacks increased 38% in 2022
Hacker group incorporates DNS hijacking into its malicious website campaign
Hanes class action alleges data breach exposed sensitive customer data
Home working’s link to cyber security and why SMEs need to take it seriously in 2023
Insurers in talks on adding state-backed cyber to UK reinsurance scheme
International Cricket Council (ICC) loses around $2.5 million in phishing scam
Keeper vs LastPass (2023): Which password manager is better for you?
KR focuses on cyber security training
LAUSD says Vice Society ransomware gang stole contractors’ SSNs
Mailchimp suffers another data breach after social engineering attack on employees
Mailchimp suffers second security breach in 6 months, impacting 133 customers
Maple Ridge – Pitt Meadows School District suffers massive data breach
Massachusetts Medical Device Company Reports Healthcare Data Breach, 29K Impacted
Massive Credential Stuffing Campaign Hits 35,000 PayPal Users
Micro-Star International (MSI) to release securer BIOS settings after critical flaw discovered
Microsoft Innovations for 2023: What to Look Out for This Year
Neopets faces class-action lawsuit over huge data breach
New Boldmove Linux malware used to backdoor Fortinet devices
Nightmare virus Hook uses fake banking app to access phone data and your money
Nikesh Arora Emphasises The Need To Tighten Cyber Security In A Digital World
OpenAI’s ChatGPT Can Create Polymorphic Malware
Over 19,000 end-of-life Cisco routers exposed to RCE attacks
PayPal sofre ataque hacker e quase 35 mil usuários são atingidos
Phishers Use Blank Images to Disguise Malicious Attachments
Phishing and ransomware amongst biggest threats to charity sector
QUT confirms personal data of thousands of staff compromised in cyber attack
Ransomware attack against Yum! Brands follows several incidents targeting restaurant industry
Ransomware Revenue Down As More Victims Refuse to Pay
Roaming Mantis Spreading Mobile Malware That Hijacks Wi-Fi Routers' DNS Settings
Samsung investigating claims of hack on South Korea systems, internal employee platform
Security Breaches Are Inevitable, Not Illimitable
Security teams focus on improving detection and response capabilities
Strategies for Effective Incident Response with Remote Employees
T-Mobile customers at heightened risk of phishing attacks in wake of data breach
T-Mobile Hacked Again: 37 Million Accounts Compromised
T-Mobile reports data breach affecting 37 million customers
T-Mobile suffered another massive data breach that compromised 37 million accounts
The Media Industry Is the Most Vulnerable to Cyber Attacks, Report Shows
The threat of location spoofing and fraud
US arrests Russian crypto exchange founder in USD 700 mn fraud
Veeam survey finds ransomware blocks digital transformation
Zero trust network access for Desktop as a Service
Wave of Magniber Ransomware Attacks Hitting EU: What to Know
What cybersecurity dangers lurk behind new AI technologies?
What is Healthcare Cyber Security?
WhatsApp Hit with €5.5m fine for GDPR Violations
WhatsApp Hit with €5.5 Million Fine for Violating Data Protection Laws
WhatsApp ou Instagram hackeado? Conheça 8 dicas para proteger suas redes sociais
Why London's IT staff say $1M is needed to protect the city from cyber attacks
"Workarounds" Helped Royal Mail Resume Shipping After Ransomware Attack
19/01
6 Types of Risk Assessment Methodologies + How to Choose
50% of orgs report experiencing data breaches due to exposed API secrets
Android Users Beware: New Hook Malware with RAT Capabilities Emerges
As a cybersecurity blade, ChatGPT can cut both ways
Bitzlato Crypto Exchange Founder Arrested for Aiding Cybercriminals
Bluebottle cyber crime group active in Africa
CCPA, CPRA and the changing privacy landscape
Class action lawsuit claims Twitter API defect allowed data breach
Cloud-based cyber attacks increased by 48 percent in 2022
Comelec, Smartmatic not liable for 2022 data breach, NPC says
Confidence In Cybersecurity Regulation For Critical Infrastructure
Cost of data breaches ‘to surpass $5m per incident’ in 2023
Critical Microsoft Azure RCE flaw impacted multiple services
Critical RCE vulnerabilities found in git (CVE-2022-41903, CVE-2022-23251)
Crypto-Exchange Used to Launder Ransomware Transactions Dismantled
Cyber-attacks have tripled in past year, says Ukraine’s cybersecurity agency
Cyber insurance can offset the risks of potential breaches
Cyber Risks in the Education Sector: Why Cybersecurity Needs to Be Top of the Class
Cyber-security firm Sophos lays off 450 staff globally, including in India
Cyber security myths are putting small businesses at risk – Here’s what you need to know
Dallas Central Appraisal District Website is Up And Running Following November Ransomware Attack
Davos 2023: Global bank chiefs get FBI cybersecurity update
Decoding ApeCoin’s [APE] high MVRV ratio and recent data breach
DCH Health System fires employee after medical records security breach
DNV ransomware attack ‘concerning’: Cyber Threat Analyst
EmojiDeploy: Smile! Your Azure web service just got RCE’d
Endpoint security in healthcare
Errando não se aprende: Mailchimp é hackeado pela terceira vez em nove meses
EU cyber resilience regulation could translate into millions in fines
FanDuel data breach: How much personal data was compromised on mobile sports betting platform?
Four Ways Hackers are Outsmarting Retail Cybersecurity
FTX: Over $400m Stolen from Bankrupt Exchange
Hackers Leaked Data, Child Abuse Files, After Ransomware Attack on Bay Area Transit Police
HC3 warns of Clop ransomware targeting medical images
Healthcare Cyberattacks: 5 Factors For Staying Safe In 2023
How CISOs can manage the cybersecurity of high-level executives
How K-12 IT leaders can protect schools from ransomware
How to secure your customers’ personally identifiable information against compromise
How Vendor Complexity Increases the Costs of Cybersecurity
Hundreds of Malicious Packages Found in npm Registry
Irish privacy regulator to take European Union body to court over unlawful interference
It's time to take a quantum leap in IOT cyber security
Key takeaways from the 2022 Gartner® Market Guide for Online Fraud Detection
KnowBe4 2022 Phishing Test Report Confirms Business-Related Emails Trend
KR and SIRM launch cyber security e-learning training
Mailchimp discloses a new security breach, the second one in 6 months
Mailchimp Hit By Another Data Breach Following Employee Hack
Mailchimp Suffers Another Security Breach Compromising Some Customers' Information
Mailchimp suffers another social engineering attack
Malicious PyPI Packages Drop Malware in New Supply Chain Attack
Meta slapped with $5.9M fine for EU data breach
New 'Blank Image' attack hides phishing scripts in SVG files
New Microsoft Azure Vulnerability Uncovered — Experts Warn of RCE Attacks
New Research Delves into the World of Malicious LNK Files and Hackers Behind Them
NortonLifeLock Says Customer Accounts were Compromised in Credential-Stuffing Attack
Not If, But When: Maintaining Resilience as Threat Actors Adapt
Over a Third of Recent ICS Bugs Still Have No Vendor Patch
PayPal accounts breached in large-scale credential stuffing attack
Phishing Attack on Washington Therapist Exposes Patients’ PHI
Ransomware attack hits nearly 300 fast food restaurants in UK, including KFC and Pizza Hut
Ransomware attacks remain the most acute threat to organisations
Ransomware gang steals data from KFC, Taco Bell, and Pizza Hut brand owner
Ransomware Payments Fall by 40% in 2022
Ransomware profits drop 40% in 2022 as victims refuse to pay
Research reveals ransomware as the biggest hindrance to Digital Transformation
Ransomware Revenue Down As More Victims Refuse to Pay
Roaming Mantis’ Android malware adds DNS changer to hack WiFi routers
Royal Mail Starts Limited Delivery Abroad After Cyberattack
Russia-linked drug marketplace Solaris hacked by its rival
SecurityGen identifies the cybersecurity priorities for mobile operators in 2023
Techniques that attackers use to trick victims into visiting malicious content
The 2022 Threat Landscape Is Dominated By Ransomware, According To A Nozomi Networks Labs Report
Threat actors lure phishing victims with phony salary bumps, bonuses
Twitter’s data leak response is a lesson in how not to do cybersecurity
United Arab Emirates (UAE) organisations lost over 5.1M AED in ransomware in 2022
US CISA adds Centos Web Panel RCE CVE-2022-44877 to its Known Exploited Vulnerabilities Catalog
WhatsApp Data Leak Included Jamaica, Now Phone Numbers Up for Sale
Why is Cybersecurity crucial to the Fintech sector?
World Economic Forum officials warn global instability could lead to catastrophic cyber event
Yuga Labs warn users about Mailchimp data breach
Yum Brands says nearly 300 restaurants in UK impacted due to cyber attack
18/01
10 ways to reduce workplace cybersecurity risk
2023 Data Protection Report: 'Ransomware Is Winning'
A ransomware negotiator shares 3 tips for victim organizations
Abu-Ghazaleh Digital University concludes Advanced Cybersecurity program
Almost Half of Critical Manufacturing at Risk of Breach
Alstom sign MoU to advance knowledge of cyber-security in rail
APIs in Vehicle Software Vulnerable to Attacks
Avast Provides A Free Decryptor For BianLian Ransomware
Avast releases free BianLian ransomware decryptor
Been hit by BianLian ransomware? Here's your get-out-of-jail-free card
Beware of The Most Common Types of Cyber Attacks, it can be fatal
Binance is bad news—is anyone still surprised?
‘Bring your own vulnerable driver’ attack technique is becoming popular among threat actors
Canada's largest alcohol retailer suffers a cyber attack, customer data stolen by hackers
Canadian small businesses are losing thousands to cyberattacks
CISA Warns of Flaws in Siemens, GE Digital, and Contec Industrial Control Systems
CP Orders Investigation Of Cyber Attack Against Edo NUJ Chairman
Critical Security Vulnerabilities Discovered in Netcomm and TP-Link Routers
Cyber security recognised on World Economic Forum's Global Risk Report
Cybersecurity in 2023: Russian escalation, Chinese espionage, Iranian “hacktivism”
Datto’s Annual State Of Ransomware Report Reveals SMBs Are Taking Cyber Security More Seriously Now
Davos panellists call for cooperation among countries to stave off cyber threats
Department of Financial Services organises symposium on cyber security
Digital ministry to probe China Airlines data leak
DNV says up to 1,000 ships affected by ransomware attack
European Businesses Admit Major Privacy Skills Gap
Experts found SSRF flaws in four different Microsoft Azure services
FinServ Firms See 81% Surge in Attacks Since Russia-Ukraine War
Fox News host credits Bitcoin pump to ransomware hackers
FTX lost $415 million worth of crypto in hacker heists, the collapsed exchange's new bosses say
Geopolitical Instability Means a Cyber "Catastrophe" is Imminent
Git Users Urged to Update Software to Prevent Remote Code Execution Attacks
Global instability increases cyber risk, says World Economic Forum
Google ads increasingly pointing to malware
Hacker coloca 3 pacotes maliciosos no PyPI
Here’s how business leaders can prepare for systemic cybersecurity events
How data protection is evolving in a digital world
How Hackers Outwit All Efforts to Stop Them: "It's a Cyber Pandemic."
How Healthcare Cybersecurity Benchmarking Can Help Sector Enhance Security Efforts
How to build a cyber-resilience culture in the enterprise
How to Erase Data Securely From Hard Drives and SSDs, Including NVMe
How to prioritize resilience in the face of cyber-attacks
How Royal Mail’s hacker became the world’s most prolific ransomware group
Iranian Government Entities Under Attack by New Wave of BackdoorDiplomacy Attacks
Lloyds Bank issues urgent warning as customers lose £642 in growing scam
Mailchimp says it was hacked — again
Maritime giant DNV says 1,000 ships affected by ransomware attack
Nissan Data Breach Caused By Vendor-Exposed Database
Nissan Supplier Leaked Data on Thousands of Customers
No reason yet to consider cyber attack as cause of New Year flight glitch — CICC
Phishing Campaign Targets Microsoft 365 Accounts with Fake DHL Emails
Polícia Científica analisa ataque hacker ao sistema do Tribunal de Justiça do Pará; entenda
Polson schools address cyber security
Potential threats and sinister implications of ChatGPT
Prioritize the Prevention Part of Security Programs in 2023
PwC Cybersecurity & Privacy Day 2023: Join the Event and Apply to Pitch today! (Sponsored)
Ransomware decryption: This tool could help some BianLian ransomware victims get files back
Spyware company Intellexa fined €50,000 for holding up Greek inquiry
The FBI's Source Of Trust Just Got Hacked
This info-stealing malware is hiding in downloads for popular apps — how to stay safe
Two specialty medical care providers in the US disclose ransomware attacks affecting nearly 600,000
Ukraine says Russia is coordinating missile strikes, cyberattacks and information operations
Vulnerable NetComm routers and a public PoC exploit (CVE-2022-4873, CVE-2022-4874)
What Is DLL Hijacking and How Can You Prevent It?
What Is Real Estate Wire Fraud And How Can Home Buyers Protect Themselves?
Why do hackers love to target backups?- Mr Curtis Preston, Chief Technical Evangelist, Druva
17/01
3 steps to keep your WordPress website secure and performant
4 places to Supercharge Your SOC with Automation
7 Ways to Avoid Scammers on Social Media
59.4 million compromised payment card records posted for sale on dark web in 2022: report
Artificial Intelligence can revolutionise enterprise security – Here’s how!