DAILY NEWS: Julho (23/07 - 29/07) - 30 Semana de 2023
Cyber Security and Information Security News --- Daily Updates !! Week Resume
29/07
Anonymous Sudan: Dissecting The Recent Cyber Attacks On Kenya Infrastructure
‘Anonymous Sudan:’ Inside billion-shilling cybercrime underworld
CoinsPaid Resume Operations Post Hacker Attack, Funds Secure
Education Sector Sees Highest Rate Of Ransomware Attacks Among All Industries: Report
Hackers Deploy "SUBMARINE" Backdoor in Barracuda Email Security Gateway Attacks
Hackers threaten to auction off DNA patient records from Oklahoma hospital
IBM: Data breach cost all-time high, but AI lessens impact
Ivanti Warns of Another Endpoint Manager Mobile Vulnerability Under Active Attack
New Android Malware CherryBlos Utilizing OCR to Steal Sensitive Data
New phishing campaign targets Twitter Blue users amid X rebrand confusion
The Rise of ChatGPT Scams: How AI Language Models are Exploited for Fraud
What happens to your personal info after a data breach
What is the Akira ransomware, and why has the government issued a warning against it?
28/07
40% of Ubuntu Cloud Workloads Vulnerable to Exploits
A Data Exfiltration Attack Scenario: The Porsche Experience
Accelya Confirms Confidential Data Leaked Following MOVEit Data Breach at Alight Solutions
Activists target Ont. hog farm with ransomware
AI Technology Triggers Concerns Over Social Engineering Threats
Andrews McMeel Universal Notifies Employees and Contractors of 2022 Data Breach
Android Foils AirTag Stalkers and Thieves — While Apple Does Nothing
Android's new 'unknown tracker alerts' can help warn users of rogue Apple AirTags
Another AI Pitfall: Digital Mirroring Opens New Cyberattack Vector
Apache OpenMeetings Network Security Vulnerabilities
Aurora National Life Assurance Company Notifies Over 48k Consumers of Third-Party Data Breach
Australia and US Issue Warning About Web App Threats
Average cost of a data breach at an all time high - IBM
Bi-Bett Corporation Announces Data Breach Following Compromised Employee Email Account
Blocking access to ChatGPT is a short term solution to mitigate risk
BlueBravo Deploys GraphicalProton Backdoor Against European Diplomatic Entities
British Ministry of Defence accidentally emails Mali instead of Pentagon
CherryBlos Malware Uses OCR to Pluck Android Users' Cryptocurrency
Chinese companies evade sanctions, fuel Moscow’s war on Ukraine, says report
CISA: New Submarine malware found on hacked Barracuda ESG appliances
CISA warns of breach risks from IDOR web app vulnerabilities
CISOs consider zero trust a hot security ticket
Cohesity reveals companies’ cyber resilience deficiencies
Cost of a data breach for ASEAN businesses hits record high
CRC Insurance Services, LLC Announces Data Breach Following Email Phishing Attack
Crypto payments platform CoinsPaid loses $37M, points finger at Lazarus Group
Cyber attack on Ortivus' UK network impacts multiple NHS ambulance trusts' operations
Cyber security firm detects NATO data breach in Bengaluru
Cybersecurity Agencies Warn Against IDOR Bugs Exploited for Data Breaches
Data Leak Exposes 572 GB of Student, Faculty Info from Accreditation Org
ESL Federal Credit Union warns members of phishing text scam in Rochester
Fairfax Oral & Maxillofacial Surgery Announces Data Breach Affecting Over 208k Patients
Family Vision of Anderson Data Breach Leaks Social Security Numbers of Up to 62,631 Patients
FBI boss: Congress must renew Section 702 spy powers – that's how we get nearly all our cyber intel
FTC warns against online tracking technology for healthcare providers
Google To Offer All 1.8 Billion Gmail Users Enhanced Security Option
Hackers Abusing Windows Search Feature to Install Remote Access Trojans
Hawai'i Community College pays ransomware gang to prevent data leak
Hayward city service coming back online following ransomware attack
How Indian organisations are keeping pace with cyber security
IcedID Malware Adapts and Expands Threat with Updated BackConnect Module
Kenya ICT minister admits cyber-attack on eCitizen portal, insists data secure
Major Security Flaw Discovered in Metabase BI Software – Urgent Update Required
Medicaid administrator breach exposes 8M+ people
MOVEit Campaign Claims Millions More Victims
National Bank of Kuwait (NBK) warns against phishing e-mails and provides protection tips
National Cyber Strategy Implementation Plan: What you need to know
North Korean Hackers Bag Another $100m in Crypto Heists
PokerStars owner Flutter confirms data breach
Scottish university UWS targeted by cyber attackers
Senator Wyden: Microsoft is Responsible for China-Linked Group’s Hack
SSNDOB Marketplace Admin Pleads Guilty
STARK#MULE Targets Koreans with U.S. Military-themed Document Lures
Staying Above the Cybersecurity Poverty Line
The Education Sector Reports the Highest Rate of Ransomware Attacks, Sophos Survey Finds
The Rise of Online Scams and Phishing Attacks
Understanding the OWASP Top 10 for LLMs
University of Guelph students notified of benefits data breach 4 months later
US Senator demands feds investigate Microsoft over China email and SolarWinds hack
ZTNA can be more than a VPN replacement for application access
Want to stay ahead of cybercrime? Think like a hacker
Who is really behind the Anonymous hacker group?
27/07
A Cybersecurity Wake-Up Call: It's Time to Take a Fresh Stance
A step-by-step guide for patching software vulnerabilities
AXIS A1001 Network Door Controller Flaw Exposes Secure Facilities
BSides Leeds 2023 – Lorna Armitage – ChatGPT And The Benefits For Cyber Security
CardioComm Takes Systems Offline Following Cyberattack
China’s Wuhan Earthquake Center Suffers Cyber-Attack
CISOs gear up to combat the rising threat of B2B fraud
Contextual cybersecurity platform Cyclops secures $6.4m seed
Cryptojacking soars as cyberattacks increase, diversify
Cyber-security demands growing, especially within medical sector
Cybersecurity firm Trustmi bolsters payment security with $17m funding
Deloitte denies Cl0p data breach claims in wake of MOVEit attack
European Threat Intelligence Firm QuoIntelligence Raises $5.5 Million in Seed Funding
GameOver(lay): Two Severe Linux Vulnerabilities Impact 40% of Ubuntu Users
Group-IB Co-Founder Sentenced to 14 Years in Russian Prison for Alleged High Treason
Group-IB Founder Ilya Sachkov Jailed for 14 Years in Russia
Hacker russo diz ter invadido satélites do INPE
Hackers strike largest US hardware store, steal credit card data
Hackers Target Apache Tomcat Servers for Mirai Botnet and Crypto Mining
Head of US Cybersecurity Agency Sees Progress on Election Security, With More Work Needed for 2024
Key factors for effective security automation
Kyndryl Eyes $47 Billion Managed Cybersecurity Services Market
Mandatory PGR Data Protection & Cyber Security Online Training
ModSecurity WAF Flaw Let Hackers Trigger DoS Attack
Multiple Security Issues Identified in Peloton Fitness Equipment
New Malvertising Campaign Distributing Trojanized IT Tools via Google and Bing Search Ads
Parliamentary Panel recommends DGCA-like authority for cybersecurity
Ransomware strikes healthcare clinic, over 60K patients affected
Russia jails Group-IB cofounder for treason
SEC adopts cyber-security rules without director expertise element
SEC introduce a four-day deadline to report hacks
Securities and Exchange Commission (SEC) Wants Cyber-Incident Disclosure Within Four Days
Setting up a cybersecurity squad from scratch
Shadow IT Guidance - National Cyber Security Center
Swiss visa appointments cancelled in UK due to 'IT incident'
The Good, the Bad and the Ugly of Generative AI
The Rising Threat of Generative AI in Social Engineering Cyber Attacks — What You Need to Know
The Transportation Security Administration (TSA) Updates Pipeline Cybersecurity Requirements
Two New Vulnerabilities Could Affect 40% of Ubuntu Cloud Workloads
UAC: Live response collection script for incident response
US cyber breach reporting rules to have global impact
US Senator Wyden Accuses Microsoft of ‘Cybersecurity Negligence’
What to Know About the SEC’s New Rules on Cybersecurity Disclosures
Why are computer security guidelines so confusing?
26/07
84% of financial institutions were exposed to a fourth-party breach
90% of SOC analysts believe current threat detection tools are effective
Almost 40% of Ubuntu users vulnerable to new privilege elevation flaws
ALPHV ransomware adds data leak API in new extortion strategy
Ambulance patient records system hauled offline for cyber-attack probe
Attackers are Hiding Malware Behind Barbie-Themed Scams
British ambulances unable to access patient records system following cyberattack
Companies encounter months-long delays in filling critical security positions
Critical MikroTik RouterOS Vulnerability Exposes Over Half a Million Devices to Hacking
Cyber attack affects two south England ambulance services
Cyber attack on IT supplier hits two major ambulance trusts
Dark Web Markets Offer New FraudGPT AI Tool
Decoy Dog: New Breed of Malware Posing Serious Threats to Enterprise Networks
Education Sector Has Highest Share of Ransomware Victims
Enterprises should layer-up security to avoid legal repercussions
Fenix Cybercrime Group Poses as Tax Authorities to Target Latin American Users
Following WormGPT, FraudGPT Emerges for AI-Driven Cyber Crime
Group-IB Founder Sentenced in Russia to 14 Years for Treason
Grupo de hackers brasileiros voltado ao roubo de criptomoedas e contas bancárias é descoberto
Hacker é preso na PB por integrar quadrilha acusada de desviar R$ 500 mil
How to Avoid Being the Victim of Malvertising
How to avoid LinkedIn phishing attacks in the enterprise
Industry Coalition Calls For Enhanced Network Resilience
macOS RedLine Stealer malware found on fake blockchain games
Meta GDPR data fines: the EU suffers, but Ireland keeps the money
MikroTik vulnerability could be used to hijack 900,000 routers (CVE-2023-30799)
NATO investigates alleged data theft by SiegedSec hackers
New AI Tool 'FraudGPT' Emerges, Tailored for Sophisticated Attacks
New Nitrogen malware pushed via Google Ads for ransomware attacks
No, criminals are not in love with VPNs, expert insists
Over 900,000 MikroTik Routers Exposed to Critical Bug
Overcoming the cybersecurity talent shortage with upskilling initiatives
Police Thwart Cyber Attack on Yorkshire Coast Firm
Protecting Your Phone from the Looming Threat of Juice Jacking
Ransomware Attacks Skyrocket in Q2 2023
Ransomware gang increases attacks on insecure MSSQL servers
Repeatable VEC Attacks Target Critical Infrastructure
Researchers say more than 900,000 MikroTik routers vulnerable to hackers
Russia jails Group-IB co-founder for 14 years in treason case
SEC adopts new cybersecurity incident disclosure rules for companies
Securities and Exchange Commission (SEC) now requires companies to disclose cyberattacks in 4 days
SiegedSec Allegedly Breached NATO’s COI Portal Affecting 31 Nations Leaked Sensitive Data
South Staffs Water data breach victims may be in line for compensation
South Western Ambulance Service supplier targeted in cyber attack
Teenager arrested in exam board cyber attack investigation
VMware Patches Vulnerability Exposing Admin Credentials
Zero trust rated as highly effective by businesses worldwide
You’ve been the victim of a data breach. What should business leaders do next?
25/07
$87B Italian Asset Manager Azimut Hit With Ransomware Attack
4 ways to avoid clicking malicious links that everyone online should know
Account takeover fraud: 5 steps for protecting your customers
AI: Cyber-friend or Cyber-foe?
Apple extends spyware patch to all devices
Apple fixes exploited zero-day in all of its OSes (CVE-2023-38606)
Apple Rolls Out Urgent Patches for Zero-Day Flaws Impacting iPhones, iPads and Macs
Atlassian Releases Patches for Critical Flaws in Confluence and Bamboo
Aussie Government Exposed Personal Info Via Security Report
“Biggest Dutch user” arrested in continuing hacker website probe
Butler County Community College (BC3) Impacted By Data Breach At Student Clearinghouse
Casbaneiro Banking Malware Goes Under the Radar with UAC Bypass Technique
Companies are rushing into generative AI without a cohesive, secure strategy
Converging networking and security with SASE
Critical Flaws Found in Microsoft Message Queuing Service
Cyber-security and human psychology
Dallas City Manager: Employee Data Was Accessed in Hack
Data Breach Costs Hit Record High but Fall For Some
Decoy Dog Malware Upgraded to Include New Features
DHL UK investigates data breach linked to MOVEit software
Engaging A Paradigm Shift in Cybersecurity: CISO Is Leading The Battle Against Ransomware ($CISO)
From Power Grids to Airports: TETRA Radio Hacking Risks Global Infrastructure
Gaming DAO warns users of fake airdrops amid social media hacks
Geopolitics and defending against cyber-threats
Global police and airport radio system open for spying
Hacker Claims to Have Stolen Sensitive Medical Records from Egypt's Ministry of Health
Hacker ético identifica software exposto em sistema corporativo
Half of top malicious email subjects are HR related – report
How MDR Helps Solve the Cybersecurity Talent Gap
HWL Ebsworth data breach update
Indiana-based 1st Source Bank suffers a MOVEit Transfer hack, loses 450k customers' data
Inspiring secure coding: Strategies to encourage developers’ continuous improvement
Ivanti Patches Zero-Day Bug Used in Norway Attacks
Ivanti Releases Urgent Patch for EPMM Zero-Day Vulnerability Under Active Exploitation
Ivanti zero-day exploited to target Norwegian government (CVE-2023-35078)
Jovem mentalmente incapaz é preso por hackear Uber e vazar 'GTA 6'
Kaspersky Warns of HR Credential Scams on the Rise
Kenya Bureau of Standards (KEBS) Suffers A Massive Data Breach
KnowBe4 Phishing Test Results Reveal Half of Top Malicious Email Subjects Are HR Related
Luca Stealer Spreads Via a Phishing Microsoft Crypto Wallet Site
macOS Under Attack: Examining the Growing Threat and User Perspectives
Microsoft shares temp fix for Outlook Desktop slow saving bug
Mississippi's George County suffers a major ransomware attack, takes critical systems offline
Mistério de meio milhão: Descubra o hacker da FTX e fique rico!
More US States are ramping up data privacy laws in 2023
Mysterious Decoy Dog malware toolkit still lurks in DNS shadows
Navigating the digital maze: Unraveling cybersecurity risks in social media platforms
NoName, the Russian hacker group behind the cyberattacks on Election Day
North Korean Cyber Group Suspected in JumpCloud Breach
North Korean Nation-State Actors Exposed in JumpCloud Hack After OPSEC Blunder
Norway says Ivanti zero-day was used to hack govt IT systems
Online banking fraud: UK’s poor password practises are putting users at risk
Over 400,000 corporate credentials stolen by info-stealing malware
PMEs pagam resgate em torno de R$ 100 mil para recuperar dados após ataque hacker
Pro-XRP attorney’s Twitter hacked to promote fake giveaways
Protect Your Data Like Your Reputation Depends On It (Because it Does)
RaaS proliferation: 14 new ransomware groups target organizations worldwide
Realst info-stealing malware targets macOS cryptocurrency users
Researchers find deliberate backdoor in police radio encryption algorithm
Seven Common Lateral Movement Techniques
SlowMist Executive Discovers Crypto Phishing Involving 2FA on Apple Devices
TETRA:BURST — 5 New Vulnerabilities Exposed in Widely Used Radio Communication System
Thales acquires Imperva for $3.6 billion
The Dramatic Cyberattack That Put Latin America on Alert
UK Government Report Finds Cybersecurity Skills Gap Stagnant
US Neutralizes Russian Snake Malware Program
VMware fixes bug exposing CF API admin credentials in audit logs
Zenbleed: New Flaw in AMD Zen 2 Processors Puts Encryption Keys and Passwords at Risk
Wesco Settles Coverage Dispute Over $36 Million IRA Financial Cyber Attack
What do SMEs need to do for a cyber secure future?
What is Akira? All About New Ransomware and Preventive Guidelines
24/07
1st Source says 450,000 records affected in client data breach
5 Hidden Dangers of Browser Extensions
5 top tips for sourcing port cyberattack insurance cover
Amplifying Cyber-security in the BFSI Industry through AI & ML
Another Cl0p data breach victim goes public, millions affected
Anti-ransomware, blockchain-based capabilities
Apple fixes new zero-day used in attacks against iPhones, Macs
As Ransomware Monetization Hits Record Low, Groups Innovate
Ataque hacker compromete serviços online da prefeitura de Jacarezinho
Athene Annuity and Life Company Files Notice of MOVEit Data Breach at Pension Benefit Information
Average cost of a data breach reaches $4.45 million in 2023
Average cost of data breach reaches $4.5M – you’re the one who pays
Azerbaijan Cyber Security Centre plans to train thousand specialists in next three year
Banking Sector Targeted in Open-Source Software Supply Chain Attacks
Biden-Harris Administration Secures AI Commitments For Safety
Booz Allen Pays $377m to Settle Government Fraud Case
Bridging the cybersecurity skills gap through cyber range training
Citi cyber chief says AI providing new weapons in hacking wars
Citi Trends class action claims data breach compromised employee data
Clop Could Make $100m from MOVEit Campaign
Coalition Claims Renewable Energy Push Poses Cyber Security Risk to Australian Grid
Code Kept Secret for Years Reveals Its Flaw—a Backdoor
Consumers demand more from businesses when it comes to security
Corretora de criptomoedas é condenada a indenizar investidora após ataque hacker
Critical Zero-Days in Atera Windows Installers Expose Users to Privilege Escalation Attacks
Cyber Attacks and Typhoon Mawar prompt Guam Cyber Conference
Cyber-Attack Strikes Norwegian Government Ministries
Cyber security industry bids adieu to veteran hacker Kevin Mitnick
Cybersecurity Bills for the Food and Agriculture Industry and Rural Water Systems
Cybersecurity Concerns Driving Global Telecom & IT Spending Growth
Data stolen in MOVEit breach leaked by notorious ransomware gang
Department for Work and Pensions (DWP) issues warning over fake £750 'Living Payment' text
Dubai launches second iteration of cybersecurity strategy
Em Jacarezinho: Hacker invade e danifica prefeitura
Email users warned about new DHL email phishing scam
Estée Lauder Confirms Data Breach
EU governments reject requiring manufacturers to report vulnerabilities to central cyber agency
Financial burden of cybercrime remains high even as awareness grows
Flipper Zero gets an app store
Flipper Zero now has its own app store for iOS, Android users
Franklin Mint Federal Credit Union Confirms MOVEit Data Breach Affected Over 140k Customers
Global Cyber-Security leader opens new Cork base with plans to hire from UCC and MTU
Google Messages Getting Cross-Platform End-to-End Encryption with MLS Protocol
Government has 'Akira' ransomware warning for users
Governo da Noruega sofre ataque hacker
Gozi and IcedID Trojans Spread via Malvertising
GuidePoint Study Shows 38% Spike in Public Ransomware Victims
Hacker invade banco de dados e sistemas da Prefeitura de Jacarezinho
Hackers Exploit Artificial Intelligence for Malicious Purposes, Says Canadian Cybersecurity Official
Has the MOVEit hack paid off for Cl0p?
HIPAA Email Security: Protecting Sensitive Patient Information with Confidence
Home affairs cyber survey exposed personal data of participating firms
How is the Dark Web Reacting to the AI Revolution?
How to Protect Patients and Their Privacy in Your SaaS Apps
How to protect yourself from a Bluetooth cyber attack
IBM Report: Average Cost of a Data Breach Rises to $4.45 Million
Imagine360 data breach: medical information, Social Security numbers compromised
Insider Indicted for Attempting to Sabotage California Water Plant
Investigations are causing data breach costs to skyrocket, IBM finds
IoT Connected Devices Pose Significant Risk to Organizations
Is Your Peloton Attracting Security Threats?
Italian asset manager Azimut targeted by BlackCat hackers
Ivanti patches MobileIron zero-day bug exploited in attacks
JumpCloud hack linked to North Korea after OPSEC mistake
Kaspersky: Fraudsters exploit ‘Barbienheimer’ hype to scam people
Kenya Bureau of Standards Hit by Ransomware Attack
Lazarus hackers hijack Microsoft IIS servers to spread malware
‘Like Swiss Cheese’: North Macedonia’s Institutions Face Uphill Battle Plugging Online Defences
Louisiana Office of Motor Vehicles (OMV) Offering Free LifeLock Credit Monitoring After Cyber Attack
Maritime cyber incident database unveiled
Michigan Avenue Immediate Care data breach class action settlement
Microsoft denies Chinese hackers could have cracked its cloud services too
Microsoft shares fix for some Outlook hyperlinks not opening
Ministries hit by cyber attack
More plastic surgery patients have their nude photos and information leaked
New $200 Million FCC Proposal Could Help Schools Combat Cyber Attack Onslaught
New OpenSSH Vulnerability Exposes Linux Systems to Remote Command Injection
North Korean Hacker Group Breached US IT Firm JumpCloud
Norway government ministries hit by cyber attack
Norway government ministries hit by cyber attack, authorities say
Norway Probes Major Cyberattack on 12 Government Ministries
Norwegian government IT systems hacked using zero-day flaw
Novel Open Source Supply Chain Attacks Target Banking Sector
Over 15000+ Citrix Servers Vulnerable to Code Injection Attacks
Peachtree Orthopaedic Clinic data breach impacted close to 35,000 patients
Predictive Risk Profiling: A Game-Changer in Safeguarding Your Supply Chain from Cyber Threats
Protect your printer from data breaches and cyber-attacks
Ransomware Prompted Emergency Declaration for Mississippi County
Rising Cyber Threats Need Robust Defence Mechanism: Sanjay Katkar, Quick Heal Technologies
Roblox data breach exposes developer data
Shaping the future of digital identity
Singapore recorded as a prime target for cybercriminals
Stolen Session Cookies: The Next Big Cyber Threat
Strengthening the weakest links in the digital supply chain
Student lands cyber security role with NHS
Suspeita de ataque hacker paralisa sistemas do TJDFT e derruba site da corte
Tampa General Hospital Data Breach Impacts 1.2 Million Patients
Technology Trending: Cybersecurity labelling, EV charging vulnerabilities, vortex rings
The Benefits of Implementing Cloud-Based Email Security in Your Organization
The New Summer Vacation Necessity: Cyber Hygiene
The old “trust but verify” adage should be the motto for every CISO
The Role of AI and ML in Strengthening Cybersecurity in the BFSI Sector
Thousands of Citrix Servers Exposed to Zero-Day Bug
Three Reasons Why CISOs Need to Know How Their Company Is Managing Their Domains
Top 4 Industries That Need Better Cybersecurity
Two new vulnerabilities found in popular baseboard software
US companies commit to safe, transparent AI development
Vast majority of organizations are no longer vulnerable to MOVEit
VirusTotal apologizes for exposing Premium clients
VirusTotal issues apology for recent sensitive data leak
Zurich lists five controls to thwart two thirds of SME cyberattacks
What’s new in the 2023 Cost of a Data Breach report
White House Cybersecurity Strategy Calls for More Skilled Tech Pros
Why API attacks are increasing and how to avoid them
Why cyber security should be part of your ESG strategy
Will cyber insurance help protect your business?
Yamaha confirms cyberattack after multiple ransomware gangs claim attacks
23/07
AI scam calls imitating familiar voices are a growing problem
‘Barbenheimer’ scam: Fraud pages offer bogus ‘Barbie,’ ‘Oppenheimer’ products
Beware of a sophisticated phishing attack targeting Microsoft 365 users
CISA warns govt agencies to patch Adobe ColdFusion servers
Crypto Payment Processor Alphapo Hot Wallet Hacked For $23M
Cryptocurrency Theft - How Far Are We From a Long-lasting Solution?
Digitised medical records a magnet for hackers
Emails with link to pay fines a phishing scam, warn Dubai Police
Facebook Recovery Code Scam Emails on the rise again
From Detection to Prevention: AI’s Impact on Cybersecurity
Hackers and Propagandists Harnessing Artificial Intelligence for Malicious Purposes
Hackers Are Using Special AI To Produce Malicious Software And Deceptive Phishing Emails
Logistics: Ransomware Targets Ports
Safeguarding Your Business from Email Compromise: A North American Perspective
Spotting the Signs of Whaling Attacks: Stay One Step Ahead of Cybercriminals
The Emergence of WormGPT: Unleashing the Dark Side of AI Generative Text Services
The Privacy Paradox: Striking a Balance Between Data Security and Surveillance