DAILY NEWS: Março (05/03 - 11/03) - 10 Semana de 2023
Dia a Dia da Segurança da Informação !!! Cyber Security and Information Security News --- Daily Updates !! Weekly Review

11/03
9 Tips to Protect Your Mobile Data Security from Hackers
Another ransomware attack results in a HIPAA breach: Florida Medical Center
BATLOADER Malware Uses Google Ads to Deliver Vidar Stealer and Ursnif Payloads
Billions of Gmail and Outlook users warned to search inbox for dangerous ‘money grabbing message’
Brazil seizing Flipper Zero shipments to prevent use in crime
ChatGPT could help scammers write perfect phishing emails — here's your guide to spotting them
CISA warns of actively exploited Plex bug after LastPass breach
GCHQ told Gloucester council to 'keep schtum' over cyber attack until probe ends, civic chief says
Hackers demand €4.2 million from Barcelona’s Hospital Clinic not to release stolen data
Hackers Exploit Ethereum (ETH) Rival, Normal Activity Paused To Prevent Theft of More Tokens
Highly sensitive files from Berkeley County Schools dumped by ransomware gang
Land registry website still down
“Massive” cyber attack crashes African Union’s system
Microsoft to protect users better from phishing attacks that exploit OneNote
North Korean hackers target security researchers with convincing fake profiles
Russian Cybercrime Gang Busted by FBI, EU, and Ukrainian Police
Six in ten financial institutions at risk of data breach due to poor data management
South African Revenue Service (SARS) warns of new scam targeting taxpayers
The World Can Expect to See More Cyber Warfare
Union 'increasingly alarmed' about Indigo cyberattack, demands further disclosure
ZOLL Medical notifying 1,004,443 patients of data breach — HIPAA
Why should cybersecurity become top priority for SMEs
10/03
31% of organizations had users fall for phishing attack
ACER Hacked: Hacker Steals Documents From Company & Threatens To Sell To Highest Bidder
Acronis customer compromised by ‘bored’ hacker. Here’s what we know
Alleged seller of NetWire RAT arrested in Croatia
AT&T informs 9M customers about data breach
Blackbaud to pay $3M for misleading ransomware attack disclosure
BlackMamba PoC Malware Uses AI to Avoid Detection
Calls for stronger cybersecurity policies for TikTok on government devices
China-linked Hackers Targeting Unpatched SonicWall SMA Devices with Malware
CISA: Do these three things to toughen up your network against hackers
CISA warns of critical VMware RCE flaw exploited in attacks
Codman Square Health Center Reports Data Breach with Federal Government Following Ransomware Attack
Community Health Systems to Notify Up to 1 Million Individuals About GoAnywhere Data Breach
Criptomoeda desliga rede inteira e fica fora do ar após sofrer ataque hacker
Cybersecurity Automation: Leveling the Playing Field
Cybersecurity Firm Acronis Data Breach: Hackers Leak 21GB of Data
Dark Pink APT Group Strikes Government Entities in South Asian Countries
Draft law would give Cambodian government access to private companies’ data
Dutch-based Naq bags €1.4M to simplify cyber security across the European compliance market
Elderly care facility Attent Zorg en Behandeling suffers a ransomware attack
FBI buys stolen health data that included members of U.S. Congress
FBI Warns of Crypto-Stealing Play-to-Earn Games
Free cyber security seminar for Chicago business owners happening Friday
GISEC Global 2023 draws prominent international cybersecurity leaders to address US$2trn market
Global Cops Take Down NetWire RAT
Hadoken Security Group Upgrades Xenomorph Mobile Malware
HDFC Bank Denies Users Confidential Data Leaked, Now Customers Complain Of Phishing Activities
High Street Retailer WH Smith Suffers a Cyber Attack Leaking Employee Data
How to Create a Cybersecurity Plan for Your Small Business
IceFire Ransomware Targets Linux Enterprise Networks
Impact of health data breach hitting Congress 'could be extraordinary'
Internet crime in 2022: Over $3 billion lost to investment scammers
Liverpool hospital trust data breach investigated
Mandiant Reports Cyber Security Forecast 2023
March 2023 Patch Tuesday forecast: It’s not about luck
Maternal & Family Health Services Sued Over Ransomware Attack and Data Breach
Mental health provider Cerebral alerts 3.1M people of data breach
Microsoft to boost protection against malicious OneNote documents
New GoBruteforcer malware targets phpMyAdmin, MySQL, FTP, Postgres
New Version of Prometei Botnet Infects Over 10,000 Systems Worldwide
North Korean UNC2970 Hackers Expands Operations with New Malware Families
OpenSea User Identities May Have Been Exposed in New Vulnerability
Over 1.8 Crore Indian Citizens’ Personal Records Exposed in 10 Data Broker Breaches in Past 20 Years
PeopleGrove Reports Exposure of Users' Sensitive Data After Security Lapse
Perennial Survey Shows Cyber Security as the Key ESG Focus
Ransomware Attack on Barcelona Hospital Threatened Urgent Care Cases, Locked Up Patient Records
Ransomware attacks in the UAE down by more than 70% on greater international co-operation
Regulations for SBOMs are Useless if You Cannot Take Action
Se sua empresa foi vítima de hackers, não adianta culpar os funcionários
Security researchers targeted with new malware via job offers on LinkedIn
SHEIN shopping app goes rogue, grabs price and URL data from your clipboard
Singapore, Romania reaffirm ties, discuss cooperation in areas like trade, cyber security
Synthetic identity fraud calls for a new approach to identity verification
Telangana education council to introduce cyber security course for UGs
The cybersecurity landscape in the era of economic instability
Time crunch is on to meet 2-year EU IoT cybersecurity deadline
UK's New Privacy Bill Could Mean More Work for Firms
U.S. House Health Insurer Suffers Data Breach: Members and Staff Affected
Veeam Backup & Replication admins, get patching! (CVE-2023-27532)
Xenomorph Android malware now steals data from 400 banks
Wait Time Bypass for fun and Profit
White House Budget Plan Seeks to Boost Cybersecurity Spending
Young government workers show poor password management habits
09/03
19 Cybersecurity Trends Every CISO Must Prepare for in 2023
45% of IT decision-makers aren't concerned about phishing
8220 Gang Behind ScrubCrypt Attack Targeting Oracle Weblogic Server
8220 Gang used new ScrubCrypt crypter in recent cryptojacking attacks
Acer Suffers Massive Data Breach, 160GB Of Data Put Up For Sale
Akamai mitigates record-breaking 900Gbps DDoS attack in Asia
Architects allege elections ‘stolen through cyber attack’
AT&T alerts 9 million customers of data breach after vendor hack
Ataque hacker: 80% das empresas brasileiras foram vítimas em 2022
Canadian engineering giant with military ties hit by ransomware
CloudBees flaws in Jenkins server can lead to code execution
DC healthcare exchange breach leaked sensitive data of Congress members, staff
Dish Networks Reports Stolen Personal Information Amidst Recovery From Cyber Attack
Does Your Help Desk Know Who's Calling?
Fake ChatGPT Chrome extension targeted Facebook Ad accounts
Fifth of Government Workers Don't Care if Employer is Hacked
Fortinet plugs critical RCE hole in FortiOS, FortiProxy (CVE-2023-25610)
Google One expands security features to all plans with dark web report, VPN access
Hackers Exploiting Remote Desktop Software Flaws to Deploy PlugX Malware
Hackers leak DC Health Link data with Congress Members’ details
Hawaii Skilled Nursing Facility (SNF) reports data breach of 20,000 records
House Members at Risk After Insurer Data Breach
IceFire Ransomware Exploits IBM Aspera Faspex to Attack Linux-Powered Enterprise Networks
IceFire ransomware now encrypts both Linux and Windows systems
Inadequate patches and advisories increase cyber risk
Iranian Hackers Target Women Involved in Human Rights and Middle East Politics
Massive GitHub analysis reveals 10 million secrets hidden in 1 billion commits
Microsoft: Business email compromise attacks can take just hours
Navigating data classification in the era of extensive cloud adoption
New Critical Flaw in FortiOS and FortiProxy Could Give Hackers Remote Access
New ScrubCrypt Crypter Used in Cryptojacking Attacks Targeting Oracle WebLogic
No victims of crime or financial fraud due to Optus cyber attack, CEO says
NSW Health affected in payroll software data breach, bank details compromised
Oakland officials, experts worry ransomware group may leak more 'sensitive' stolen data, sources say
Personal details of US politicians compromised in breach, FBI
Protecting collocated servers from DDoS attacks using GRE tunnels
QR Codes: A Growing Vulnerability to Cybercrimes
Remcos Trojan Returns to Most Wanted Malware List After Ukraine Attacks
Sneaky malware BlackLotus can bypass important Windows boot functions
SonicWall devices infected by malware that survives firmware upgrades
Tehran Targets Female Activists in Espionage Campaign
Understanding the Shared Responsibility Model, Critical Step to Ensure Cloud Security
What is a data breach and how can you protect against it?
What CISOs need to understand about document signing
What to do if your personal information is compromised from a data breach
08/03
3 Reasons Women Should Reskill to Work in Cybersecurity
160 GB de dados da Acer estão nas mãos de hackers
AI is taking phishing attacks to a whole new level of sophistication
Attackers exploit APIs faster than ever before
Bitwarden flaw can let hackers steal passwords using iframes
BlackLotus UEFI bootkit Can Bypass Secure Boot on Windows
China-linked APT Sharp Panda targets government entities in Southeast Asia
CISA adds three new bugs to Known Exploited Vulnerabilities Catalog
CISA's KEV Catalog Updated with 3 New Flaws Threatening IT Management Systems
City of Waynesboro targeted in cyber attack
Co-Working for the Ransomware Age: How Hive Thrived
Cyber-Threat Detections Surge 55% in 2022
Data Breach Hits ‘Hundreds' of Lawmakers and Staff on Capitol Hill
Dole doesn’t expect to recover full costs of ransomware attack
DuckDuckGo launches AI-powered search query answering tool
European Police, FBI Bust Up International Ransomware Crime Ring
Eurovision 2023: Hotel phishing scam targets song contest fans
FBI investigates data breach impacting U.S. House members and staff
Fortinet warns of new critical unauthenticated RCE vulnerability
Google One brings VPN feature to more plans, adds dark web monitoring for personal info
Government Claims New UK GDPR Will Save Firms Billions
Hacker devolve criptomoedas e recebe meio milhão como recompensa
Hacker do Tender.fi devolve fundos roubados e recebe recompensa de R$ 500 mil
Hacker é suspeito de revender aulas preparatórias para curso de medicina
Hacker Leaks 73M Records from Indian HDFC Bank Subsidiary
Hackers causaram prejuízos a cerca de 25% das empresas brasileiras em 2022, diz pesquisa
Hammers may be in data breach trouble again
How STEM education can solve talent shortages, improve cybersecurity
How to Migrate OST to Microsoft 365
How to Prevent Ransomware Attacks: 5 Best Practices
Invasão hacker: Acer sofre vazamento de dados que expõe milhares de documentos internos
IWD2023 Interview: The Growing Opportunities for Women and Girls in Cybersecurity
Jenkins Security Alert: New Security Flaws Could Allow Code Execution Attacks
Lazarus Group Exploits Zero-Day Vulnerability to Hack South Korean Financial Entity
Lazarus Group Targets South Korean Finance Firm Via Zero-Day Flaw
Lehigh Valley Health Network: Patient photos, info from ransomware attack released online
Lockbit Ransomware Dominant Even as Overall Attack Rates Fall
North Korea-linked Lazarus APT used a 0-day in a recent attack
Northern Essex CC Reopens After Cyber Attack
Officials Targeted with Romance Scams and Android Trojans
Pen Testers using Vulnerability Scanners – Closing the Gap
Phishing Attack Uses UAC Bypass to Drop Remcos RAT Malware
Plagued by slow internet? Try these 11 ways to speed up your connection
Ransomware gang posts video of data stolen from Minneapolis schools
Sharp Panda Using New Soul Framework Version to Target Southeast Asian Governments
Staying ahead of ransomware and bad actors
Surgeries Canceled After Barcelona Hospital Hit With Ransomware
SYS01 Stealer Targets Critical Infrastructure With Google Ads
The Impact of Conversational AI on the GRC Workforce: Training our Next Generation Workers
Three crucial moments when founding a cybersecurity startup
US RESTRICT Act Gains Supports, Empowers Biden to Ban Foreign Tech
Veeam fixes bug that lets hackers breach backup infrastructure
VMware NSX Manager bugs actively exploited in the wild since December
07/03
1st Franklin Financial Corporation Notifies Customers of Recent Data Breach
A Quick Take on Phishing Scams
A two-year-old Windows flaw is being exploited in new phishing campaign
Acer confirms breach after 160GB of data for sale on hacking forum
Android March 2023 update fixes two critical code execution flaws
Appointments Cancelled After Ransomware Attack On Barcelona Hospital
Brazilian Conglomerate Suffers 3TB Data Breach: Report
Chick-fil-A confirms data breach: Here’s how you can protect your information
China-aligned APT is exploring new technology stacks for malicious tools
Chinese Sharp Panda Group Unleashes SoulSearcher Malware
Council of Granada database was sold by hacker. Should anyone be concerned?
Data Of 6 Lakh HDFC Customers Leaked On Dark Web? Here’s What Bank Says on Data Breach
DeFi lender Tender.fi suffers exploit, white hat hacker suspected
Enterprise Cybersecurity Solutions: 5 Steps to Take Today
European police, FBI bust international cybercrime gang
Financial services is the most impersonated industry in phishing attacks
Four Californian Medical Groups Sued over Data Breach Affecting 3.3 Million Patients
Fraud warning to Santander, Natwest, Barclays and other banking customers
Gardaí and Fastway among those reprimanded for data breaches in 2022
Grupo hacker vaza dados de cartões de créditos de quase 20 mil brasileiros
Grupo hacker responsável por mais de 600 ataques a instituições em todo o mundo identificado
Hacker Cracks Toyota Customer Search Tool
Hacker suspeito de piratear cursos de medicina é alvo de ação policial
Hatch Bank becomes second data breach victim after GoAnywhere hack
Hawaii Skilled Nursing Facility Notifies 20K of Healthcare Data Breach
HDFC Bank denies data leak claim
Hospital Clínic de Barcelona severely impacted by ransomware attack
How does your industry compare when it comes to the financial loss exposure of cyber threats?
India's HDB Financial Services flags data breach at service provider
Insurance holding company Group 1001 says operations restored after ransomware attack
IWD2023: DigitALL, Innovation and Technology for Gender Equality
Just 10% of Firms Can Resolve Cloud Threats in an Hour
LastPass Hack: Engineer's Failure to Update Plex Software Led to Massive Data Breach
Leading U.S Satellite TV Provider Dish Network Yet to Recover From a Ransomware Attack
Lehigh Valley Health Network (LVHN): Ransomware hackers posted photos of cancer patients on dark web
Medusa claims Minneapolis Public Schools as victim
Nine in 10 enterprises fell victim to successful phishing in 2022
Northern Essex Community College remains shuttered after cyberattack
Para comemorar um ano de crime, hackers vazam 2 milhões de cartões
Perfil antigo no Facebook da Educação de Corumbá é invadido por hacker
Preventing corporate data breaches starts with remembering that leaks have real victims
Ransomware Attack Against Barcelona Hospital Disrupts Operations
Ransomware strain Deadbolt received over $2.3 million in 2022: Blog
Ransomware's Favorite Target: Critical Infrastructure and Its Industrial Control Systems
Russian Disinformation Campaign Records High-Profile Individuals on Camera
Russia's Cyber Tactics in Ukraine Shift to Focus on Espionage
Serious DJI Drones Flaws Could Crash Drones Mid-flight
Sharp Panda Target Southeast Asia in Espionage Campaign Expansion
Shein's Android App Caught Transmitting Clipboard Data to Remote Servers
SYS01stealer: New Threat Using Facebook Ads to Target Critical Infrastructure Firms
The Race Against Quantum: It’s Not Too Late to be the Tortoise that Beat the Hare
Transparent Tribe Hackers Distribute CapraRAT via Trojanized Messaging Apps
Two-Thirds of European Firms Have Started Zero Trust
Volume of ransomware & extortion attacks to continue in 2023: CyberCube
Vulnerability in DJI drones may reveal pilot’s location
Wallet tied to Uranium Finance hacker reawakens after 647 days, shifting $3.3M
Why Cybersecurity Needs to be Prioritised as Small Businesses Face the Cost-of-Living Crisis
Why Healthcare Can't Afford to Ignore Digital Identity
06/03
6 cybersecurity and privacy Firefox add-ons you need to know about
Acer’s allegedly sensitive data for sale on a hacker forum
Adaptable ‘Swiss Army Knife’ Malware a Growing Threat
Alleged security breach leaves millions of dollars missing from Flutterwave accounts
Almost Half of Industrial Sector Computers Affected By Malware in 2022
Australian National Maritime Museum suffers internal cyber attack
Authorities Investigate Data Released in Oakland Cyber Attack
Barcelona’s Hospital Clinic hit by ransomware cyberattack ‘from outside Spain’
Business-grade routers compromised in low-key attack campaign
Chick-fil-A data breach confirmed: What customers should do now
Cloud exploitation grew by 95% in 2022
Core DoppelPaymer ransomware gang members targeted in Europol operation
Core Members of DoppelPaymer Ransomware Gang Targeted in Germany and Ukraine
City of Oakland Faces Major Data Leak
Cyber Attack At Ross Memorial Hospital Impacting Some Staff Pay
Cyber attack surface widened by new ways of working, says Coalition
Data breach exposed millions of Verizon customers' account info
DBatLoader and Remcos RAT Sweep Eastern Europe
Dental Health Management Solutions Notified Patients About Historic Data Breach
DoppelPaymer Ransomware Gang Members Busted in Germany, Ukraine
Envision Credit Union data breach class action settlement
EPA Calls For Cybersecurity Improvements in Public Water Systems
Experts Discover Flaw in U.S. Govt's Chosen Quantum-Resistant Encryption Algorithm
Experts Reveal Google Cloud Platform's Blind Spot for Data Exfiltration Attacks
Faced with likelihood of ransomware attacks, businesses still choosing to pay up
From Disinformation to Deep Fakes: How Threat Actors Manipulate Reality
FTC orders BetterHelp to end use of health information for advertising
FTC Proposes $7.8m Fine for BetterHelp
German and Ukrainian police raid alleged cybercrime gang with help from FBI
Germany and Ukraine hit two high-value ransomware targets
Hackers Behind Oakland Ransomware Attack Dump Data on City Employees
Hackers causaram prejuízos a cerca de 25% das empresas brasileiras em 2022, diz pesquisa
Hackers causaram prejuízos a cerca de 25% das empresas brasileiras em 2022, diz pesquisa
Hackers vazam 2 milhões de cartões em comemoração de aniversário
How to achieve and shore up cyber resilience in a recession
How To: Fight the Use of Deepfakes in ID Theft
IWD2023: Learning Lessons to Boost Female Representation in Cybersecurity
Kuwait ministry hit by ransomware attack
Law enforcement teams score major win against DoppelPaymer ransomware gang
Municipal CISOs grapple with challenges as cyber threats soar
New HiatusRAT Malware Targets Business-Grade Routers to Covertly Spy on Victims
New malware infects business routers for data theft, surveillance
Old Windows ‘Mock Folders’ UAC bypass used to drop malware
Paying For Ransomware Only Drives Up Ransom Costs
PoC exploit for recently patched Microsoft Word RCE is public (CVE-2023-21716)
Popular fintech apps expose valuable, exploitable secrets
Popular SaaS Products Abused To Run Phishing Campaigns Targeting BFSI Customers
Proof-of-Concept released for critical Microsoft Word RCE bug
Rancho Mesquite Casinos Faces Class Action Suit Over ‘Massive’ Data Breach
Ransomware attacks decreased 38% in January - report
Ransomware group threatens to release Oakland's confidential data
Royal Ransomware Made Upto $11 Million USD Using Custom-Made Encryption Malware
Sandbox blockchain game breached to send emails linking to malware
School cybersecurity in 2023: What’s your incident response plan?
Six in Ten Financial Institutions at Risk of Data Breach Due to Poor Data Management
Suprbay.org, The Pirate Bay Web Forum Down amid Cyberattack
Suspected Cyber Attack Closes Northern Essex CC
The Food Industry’s ‘Unique Vulnerabilities’ to Cyberattacks
Threat Intelligence: Do We Need A 'Rosetta Stone' of Cyber Attribution?
Top members of DoppelPaymer Ransomware gang arrested
UK Government Plans Skills Boost for Public Sector Fraud Fight
US public transport service struck by ransomware attack
Virginia hospital notifies patients of data breach
XIoT risk and the vulnerability landscape
Zionsville-based Group 1001 reports ransomware attack
What You Really Need to Know About Ransomware in 2023
05/03
5 Multi-Factor Authentication Vulnerabilities and How to Resolve Them
Benefits of cybersecurity investments may be hard to see, but they are crucial
Comprehending the top future cyber risks for businesses
CS launches CoE for imparting training in Cyber Security
Customers of these banks are most likely to fall victim to fraud, according to new study
Cyberattacks put spotlight on weak Canadian laws, says cybersecurity expert
Federal Trade Commission (FTC) to ban BetterHelp from sharing mental health data with advertisers
Hackers são capazes de transformar o chatGPT do Bing em um golpista, aponta pesquisa
Hogwarts Legacy: Versão crackeada do game traz mensagem polêmica e surpreende jogadores
Honda Motorcycle and Scooter India’s Twitter account hacked!
How to avoid billion-dollar fines due to unsecured messaging apps
Internet scam affected 7% of Nigerian users – Firm
Maritime Cybersecurity: A Potential Threat to India’s National Security
Phishing, tech support and lottery scams
Play Ransomware gang has begun to leak data stolen from City of Oakland
South Korea cracks down on voice phishing linked with digital currencies
These ‘Fun’ and ‘Harmless’ Social Media Quizzes Can Make You Easy Prey to Hackers