DAILY NEWS: Março (05/03 - 11/03) - 10 Semana de 2023

Dia a Dia da Segurança da Informação !!! Cyber Security and Information Security News --- Daily Updates !! Weekly Review

11/03

9 Tips to Protect Your Mobile Data Security from Hackers

Another ransomware attack results in a HIPAA breach: Florida Medical Center

BATLOADER Malware Uses Google Ads to Deliver Vidar Stealer and Ursnif Payloads

Billions of Gmail and Outlook users warned to search inbox for dangerous ‘money grabbing message’

Bone & Joint Clinic reports “network disruption” caused HIPAA breach of employee and patient information

Brazil seizing Flipper Zero shipments to prevent use in crime

ChatGPT could help scammers write perfect phishing emails — here's your guide to spotting them

CISA warns of actively exploited Plex bug after LastPass breach

GCHQ told Gloucester council to 'keep schtum' over cyber attack until probe ends, civic chief says

Hackers demand €4.2 million from Barcelona’s Hospital Clinic not to release stolen data

Hackers Exploit Ethereum (ETH) Rival, Normal Activity Paused To Prevent Theft of More Tokens

Highly sensitive files from Berkeley County Schools dumped by ransomware gang

Land registry website still down

“Massive” cyber attack crashes African Union’s system

Microsoft to protect users better from phishing attacks that exploit OneNote

North Korean hackers target security researchers with convincing fake profiles

Russian Cybercrime Gang Busted by FBI, EU, and Ukrainian Police

Six in ten financial institutions at risk of data breach due to poor data management

South African Revenue Service (SARS) warns of new scam targeting taxpayers

The World Can Expect to See More Cyber Warfare

Union 'increasingly alarmed' about Indigo cyberattack, demands further disclosure

ZOLL Medical notifying 1,004,443 patients of data breach — HIPAA

Why should cybersecurity become top priority for SMEs

10/03

31% of organizations had users fall for phishing attack

ACER Hacked: Hacker Steals Documents From Company & Threatens To Sell To Highest Bidder

Acronis customer compromised by ‘bored’ hacker. Here’s what we know

Alleged seller of NetWire RAT arrested in Croatia

AT&T informs 9M customers about data breach

Billions of Gmail users told to search for three names in their inbox – ignoring warning signs could leave you ruined

Blackbaud to pay $3M for misleading ransomware attack disclosure

BlackMamba PoC Malware Uses AI to Avoid Detection

Calls for stronger cybersecurity policies for TikTok on government devices

Central Ohio Transit Authority (COTA) data breach investigation is complete. Was sensitive information compromised?

China-linked Hackers Targeting Unpatched SonicWall SMA Devices with Malware

CHSPSC, Inc. Files Notice of Data Breach Following Cybersecurity Event at Cybersecurity Company Fortra

CISA: Do these three things to toughen up your network against hackers

CISA warns of critical VMware RCE flaw exploited in attacks

Codman Square Health Center Reports Data Breach with Federal Government Following Ransomware Attack

Community Health Systems to Notify Up to 1 Million Individuals About GoAnywhere Data Breach

Criptomoeda desliga rede inteira e fica fora do ar após sofrer ataque hacker

Cybersecurity Automation: Leveling the Playing Field

Cybersecurity Firm Acronis Data Breach: Hackers Leak 21GB of Data

Dark Pink APT Group Strikes Government Entities in South Asian Countries

Draft law would give Cambodian government access to private companies’ data

Dutch-based Naq bags €1.4M to simplify cyber security across the European compliance market

Elderly care facility Attent Zorg en Behandeling suffers a ransomware attack

FBI buys stolen health data that included members of U.S. Congress

FBI Warns of Crypto-Stealing Play-to-Earn Games

Free cyber security seminar for Chicago business owners happening Friday

GISEC Global 2023 draws prominent international cybersecurity leaders to address US$2trn market

Global Cops Take Down NetWire RAT

Hadoken Security Group Upgrades Xenomorph Mobile Malware

HDFC Bank Denies Users Confidential Data Leaked, Now Customers Complain Of Phishing Activities

High Street Retailer WH Smith Suffers a Cyber Attack Leaking Employee Data

How important is cyber security in today’s digital world for every age group? Learn from Gopal Vithalani and Cyber Security Training Centre

How to Create a Cybersecurity Plan for Your Small Business

IceFire Ransomware Targets Linux Enterprise Networks

Impact of health data breach hitting Congress 'could be extraordinary'

Internet crime in 2022: Over $3 billion lost to investment scammers

Iranian state-sponsored threat group uses stolen images and fake profile to impersonate US Think Tank in spear phishing campaign

Liverpool hospital trust data breach investigated

Mandiant Reports Cyber Security Forecast 2023

March 2023 Patch Tuesday forecast: It’s not about luck

Maternal & Family Health Services Sued Over Ransomware Attack and Data Breach

Mental health provider Cerebral alerts 3.1M people of data breach

Microsoft to boost protection against malicious OneNote documents

Middle East And Africa Cyber Security Market Report (2022-2028): Growing Exposure to Digital Communication Networks and IT Sectors Bolsters Growth - ResearchAndMarkets.com

New GoBruteforcer malware targets phpMyAdmin, MySQL, FTP, Postgres

New Version of Prometei Botnet Infects Over 10,000 Systems Worldwide

North Korean UNC2970 Hackers Expands Operations with New Malware Families

OpenSea User Identities May Have Been Exposed in New Vulnerability

Over 1.8 Crore Indian Citizens’ Personal Records Exposed in 10 Data Broker Breaches in Past 20 Years

PeopleGrove Reports Exposure of Users' Sensitive Data After Security Lapse

Perennial Survey Shows Cyber Security as the Key ESG Focus

Ransomware Attack on Barcelona Hospital Threatened Urgent Care Cases, Locked Up Patient Records

Ransomware attacks in the UAE down by more than 70% on greater international co-operation

Regulations for SBOMs are Useless if You Cannot Take Action

Se sua empresa foi vítima de hackers, não adianta culpar os funcionários

Securities and Exchange Commission (SEC) charges Blackbaud for failing to disclose ‘full impact’ of ransomware attack

Security researchers targeted with new malware via job offers on LinkedIn

SHEIN shopping app goes rogue, grabs price and URL data from your clipboard

Singapore, Romania reaffirm ties, discuss cooperation in areas like trade, cyber security

Skoda Auto India Data Leak: Over 20 plus databases with customer info and leads from Skodalive.co.in leaked on a hacker forum

Synthetic identity fraud calls for a new approach to identity verification

Telangana education council to introduce cyber security course for UGs

The cybersecurity landscape in the era of economic instability

Time crunch is on to meet 2-year EU IoT cybersecurity deadline

UK's New Privacy Bill Could Mean More Work for Firms

U.S. House Health Insurer Suffers Data Breach: Members and Staff Affected

Veeam Backup & Replication admins, get patching! (CVE-2023-27532)

Xenomorph Android malware now steals data from 400 banks

Wait Time Bypass for fun and Profit

White House Budget Plan Seeks to Boost Cybersecurity Spending

Young government workers show poor password management habits

09/03

19 Cybersecurity Trends Every CISO Must Prepare for in 2023

45% of IT decision-makers aren't concerned about phishing

8220 Gang Behind ScrubCrypt Attack Targeting Oracle Weblogic Server

8220 Gang used new ScrubCrypt crypter in recent cryptojacking attacks

Acer Suffers Massive Data Breach, 160GB Of Data Put Up For Sale

Akamai mitigates record-breaking 900Gbps DDoS attack in Asia

Architects allege elections ‘stolen through cyber attack’

AT&T alerts 9 million customers of data breach after vendor hack

Ataque hacker: 80% das empresas brasileiras foram vítimas em 2022

Canadian engineering giant with military ties hit by ransomware

CloudBees flaws in Jenkins server can lead to code execution

DC healthcare exchange breach leaked sensitive data of Congress members, staff

Dish Networks Reports Stolen Personal Information Amidst Recovery From Cyber Attack

Does Your Help Desk Know Who's Calling?

Fake ChatGPT Chrome extension targeted Facebook Ad accounts

Fifth of Government Workers Don't Care if Employer is Hacked

Fortinet plugs critical RCE hole in FortiOS, FortiProxy (CVE-2023-25610)

Google One expands security features to all plans with dark web report, VPN access

Hackers Exploiting Remote Desktop Software Flaws to Deploy PlugX Malware

Hackers leak DC Health Link data with Congress Members’ details

Hawaii Skilled Nursing Facility (SNF) reports data breach of 20,000 records

House Members at Risk After Insurer Data Breach

IceFire Ransomware Exploits IBM Aspera Faspex to Attack Linux-Powered Enterprise Networks

IceFire ransomware now encrypts both Linux and Windows systems

Inadequate patches and advisories increase cyber risk

Iranian Hackers Target Women Involved in Human Rights and Middle East Politics

Massive GitHub analysis reveals 10 million secrets hidden in 1 billion commits

Microsoft: Business email compromise attacks can take just hours

Navigating data classification in the era of extensive cloud adoption

New Critical Flaw in FortiOS and FortiProxy Could Give Hackers Remote Access

New ScrubCrypt Crypter Used in Cryptojacking Attacks Targeting Oracle WebLogic

No victims of crime or financial fraud due to Optus cyber attack, CEO says

NSW Health affected in payroll software data breach, bank details compromised

Oakland officials, experts worry ransomware group may leak more 'sensitive' stolen data, sources say

Personal details of US politicians compromised in breach, FBI

Protecting collocated servers from DDoS attacks using GRE tunnels

QR Codes: A Growing Vulnerability to Cybercrimes

Remcos Trojan Returns to Most Wanted Malware List After Ukraine Attacks

Sneaky malware BlackLotus can bypass important Windows boot functions

SonicWall devices infected by malware that survives firmware upgrades

Tehran Targets Female Activists in Espionage Campaign

Understanding the Shared Responsibility Model, Critical Step to Ensure Cloud Security

University at Buffalo (UB) reports that Box Office data breach could have been more widespread than initially thought

What is a data breach and how can you protect against it?

What CISOs need to understand about document signing

What to do if your personal information is compromised from a data breach

08/03

3 Reasons Women Should Reskill to Work in Cybersecurity

160 GB de dados da Acer estão nas mãos de hackers

AI is taking phishing attacks to a whole new level of sophistication

Attackers exploit APIs faster than ever before

Bitwarden flaw can let hackers steal passwords using iframes

BlackLotus UEFI bootkit Can Bypass Secure Boot on Windows

China-linked APT Sharp Panda targets government entities in Southeast Asia

CISA adds three new bugs to Known Exploited Vulnerabilities Catalog

CISA's KEV Catalog Updated with 3 New Flaws Threatening IT Management Systems

City of Waynesboro targeted in cyber attack

Co-Working for the Ransomware Age: How Hive Thrived

Cyber-Threat Detections Surge 55% in 2022

Data Breach Hits ‘Hundreds' of Lawmakers and Staff on Capitol Hill

Dole doesn’t expect to recover full costs of ransomware attack

DuckDuckGo launches AI-powered search query answering tool

European Police, FBI Bust Up International Ransomware Crime Ring

Eurovision 2023: Hotel phishing scam targets song contest fans

FBI investigates data breach impacting U.S. House members and staff

Fortinet warns of new critical unauthenticated RCE vulnerability

Google One brings VPN feature to more plans, adds dark web monitoring for personal info

Government Claims New UK GDPR Will Save Firms Billions

Hacker devolve criptomoedas e recebe meio milhão como recompensa

Hacker do Tender.fi devolve fundos roubados e recebe recompensa de R$ 500 mil

Hacker é suspeito de revender aulas preparatórias para curso de medicina

Hacker Leaks 73M Records from Indian HDFC Bank Subsidiary

Hackers causaram prejuízos a cerca de 25% das empresas brasileiras em 2022, diz pesquisa

Hammers may be in data breach trouble again

How STEM education can solve talent shortages, improve cybersecurity

How to Migrate OST to Microsoft 365

How to Prevent Ransomware Attacks: 5 Best Practices

Invasão hacker: Acer sofre vazamento de dados que expõe milhares de documentos internos

IWD2023 Interview: The Growing Opportunities for Women and Girls in Cybersecurity

IWD2023: Retaining and Advancing Women in the Cyber Security Industry: Moving from Theory to Impact by Measuring Inclusion

Jenkins Security Alert: New Security Flaws Could Allow Code Execution Attacks

Lazarus Group Exploits Zero-Day Vulnerability to Hack South Korean Financial Entity

Lazarus Group Targets South Korean Finance Firm Via Zero-Day Flaw

Lehigh Valley Health Network: Patient photos, info from ransomware attack released online

Lockbit Ransomware Dominant Even as Overall Attack Rates Fall

North Korea-linked Lazarus APT used a 0-day in a recent attack

Northern Essex CC Reopens After Cyber Attack

Officials Targeted with Romance Scams and Android Trojans

PCDF (Polícia Civil do Distrito Federal) prende hacker especializado em pirataria de material acadêmico

Pen Testers using Vulnerability Scanners – Closing the Gap

Phishing Attack Uses UAC Bypass to Drop Remcos RAT Malware

Phishing cases soar

Plagued by slow internet? Try these 11 ways to speed up your connection

Preso em Goiânia suspeito de participar de fraudes de R$ 50 milhões no Auxílio Emergencial é hacker e criou programa para aplicar golpes

Ransomware gang posts video of data stolen from Minneapolis schools

Sharp Panda Using New Soul Framework Version to Target Southeast Asian Governments

Staying ahead of ransomware and bad actors

Surgeries Canceled After Barcelona Hospital Hit With Ransomware

SYS01 Stealer Targets Critical Infrastructure With Google Ads

The Impact of Conversational AI on the GRC Workforce: Training our Next Generation Workers

Three crucial moments when founding a cybersecurity startup

US RESTRICT Act Gains Supports, Empowers Biden to Ban Foreign Tech

Veeam fixes bug that lets hackers breach backup infrastructure

VMware NSX Manager bugs actively exploited in the wild since December

07/03

1st Franklin Financial Corporation Notifies Customers of Recent Data Breach

A Quick Take on Phishing Scams

A two-year-old Windows flaw is being exploited in new phishing campaign

Acer confirms breach after 160GB of data for sale on hacking forum

Android March 2023 update fixes two critical code execution flaws

Appointments Cancelled After Ransomware Attack On Barcelona Hospital

Brazilian Conglomerate Suffers 3TB Data Breach: Report

Chick-fil-A confirms data breach: Here’s how you can protect your information

China-aligned APT is exploring new technology stacks for malicious tools

Chinese Sharp Panda Group Unleashes SoulSearcher Malware

Council of Granada database was sold by hacker. Should anyone be concerned?

Data Of 6 Lakh HDFC Customers Leaked On Dark Web? Here’s What Bank Says on Data Breach

DeFi lender Tender.fi suffers exploit, white hat hacker suspected

Denver Public Schools says hackers stole the personal information of staff members from internal servers

Enterprise Cybersecurity Solutions: 5 Steps to Take Today

European police, FBI bust international cybercrime gang

Financial services is the most impersonated industry in phishing attacks

Four Californian Medical Groups Sued over Data Breach Affecting 3.3 Million Patients

Fraud warning to Santander, Natwest, Barclays and other banking customers

Gardaí and Fastway among those reprimanded for data breaches in 2022

Grupo hacker vaza dados de cartões de créditos de quase 20 mil brasileiros

Grupo hacker responsável por mais de 600 ataques a instituições em todo o mundo identificado

Hacker Cracks Toyota Customer Search Tool

Hacker suspeito de piratear cursos de medicina é alvo de ação policial

Hatch Bank becomes second data breach victim after GoAnywhere hack

Hawaii Skilled Nursing Facility Notifies 20K of Healthcare Data Breach

HDFC Bank denies data leak claim

High Court to decide if Facebook is liable for the possible breach of 300,000 Australians' personal data

Hospital Clínic de Barcelona severely impacted by ransomware attack

How does your industry compare when it comes to the financial loss exposure of cyber threats?

India's HDB Financial Services flags data breach at service provider

Insurance holding company Group 1001 says operations restored after ransomware attack

IWD2023: DigitALL, Innovation and Technology for Gender Equality

Just 10% of Firms Can Resolve Cloud Threats in an Hour

LastPass Hack: Engineer's Failure to Update Plex Software Led to Massive Data Breach

Leading U.S Satellite TV Provider Dish Network Yet to Recover From a Ransomware Attack

Lehigh Valley Health Network (LVHN): Ransomware hackers posted photos of cancer patients on dark web

Medusa claims Minneapolis Public Schools as victim

Nine in 10 enterprises fell victim to successful phishing in 2022

Northern Essex Community College remains shuttered after cyberattack

Para comemorar um ano de crime, hackers vazam 2 milhões de cartões

Perfil antigo no Facebook da Educação de Corumbá é invadido por hacker

Preventing corporate data breaches starts with remembering that leaks have real victims

Ransomware Attack Against Barcelona Hospital Disrupts Operations

Ransomware strain Deadbolt received over $2.3 million in 2022: Blog

Ransomware's Favorite Target: Critical Infrastructure and Its Industrial Control Systems

Russian Disinformation Campaign Records High-Profile Individuals on Camera

Russia's Cyber Tactics in Ukraine Shift to Focus on Espionage

Serious DJI Drones Flaws Could Crash Drones Mid-flight

“Sharp Panda”: Check Point Research puts a spotlight on Chinese origined espionage attacks against southeast asian government entities

Sharp Panda Target Southeast Asia in Espionage Campaign Expansion

Shein's Android App Caught Transmitting Clipboard Data to Remote Servers

SYS01stealer: New Threat Using Facebook Ads to Target Critical Infrastructure Firms

The Race Against Quantum: It’s Not Too Late to be the Tortoise that Beat the Hare

Transparent Tribe Hackers Distribute CapraRAT via Trojanized Messaging Apps

Two-Thirds of European Firms Have Started Zero Trust

Volume of ransomware & extortion attacks to continue in 2023: CyberCube

Vulnerability in DJI drones may reveal pilot’s location

Wallet tied to Uranium Finance hacker reawakens after 647 days, shifting $3.3M

Why Cybersecurity Needs to be Prioritised as Small Businesses Face the Cost-of-Living Crisis

Why Healthcare Can't Afford to Ignore Digital Identity

06/03

6 cybersecurity and privacy Firefox add-ons you need to know about

Acer’s allegedly sensitive data for sale on a hacker forum

Adaptable ‘Swiss Army Knife’ Malware a Growing Threat

Alleged security breach leaves millions of dollars missing from Flutterwave accounts

Almost Half of Industrial Sector Computers Affected By Malware in 2022

Australian National Maritime Museum suffers internal cyber attack

Authorities Investigate Data Released in Oakland Cyber Attack

Barcelona’s Hospital Clinic hit by ransomware cyberattack ‘from outside Spain’

Business-grade routers compromised in low-key attack campaign

Chick-fil-A data breach confirmed: What customers should do now

Cloud exploitation grew by 95% in 2022

Core DoppelPaymer ransomware gang members targeted in Europol operation

Core Members of DoppelPaymer Ransomware Gang Targeted in Germany and Ukraine

City of Oakland Faces Major Data Leak

Cyber Attack At Ross Memorial Hospital Impacting Some Staff Pay

Cyber attack surface widened by new ways of working, says Coalition

Data breach exposed millions of Verizon customers' account info

DBatLoader and Remcos RAT Sweep Eastern Europe

Dental Health Management Solutions Notified Patients About Historic Data Breach

DoppelPaymer Ransomware Gang Members Busted in Germany, Ukraine

Envision Credit Union data breach class action settlement

EPA Calls For Cybersecurity Improvements in Public Water Systems

Experts Discover Flaw in U.S. Govt's Chosen Quantum-Resistant Encryption Algorithm

Experts Reveal Google Cloud Platform's Blind Spot for Data Exfiltration Attacks

Faced with likelihood of ransomware attacks, businesses still choosing to pay up

From Disinformation to Deep Fakes: How Threat Actors Manipulate Reality

FTC orders BetterHelp to end use of health information for advertising

FTC Proposes $7.8m Fine for BetterHelp

German and Ukrainian police raid alleged cybercrime gang with help from FBI

Germany and Ukraine hit two high-value ransomware targets

Hackers Behind Oakland Ransomware Attack Dump Data on City Employees

Hackers causaram prejuízos a cerca de 25% das empresas brasileiras em 2022, diz pesquisa

Hackers causaram prejuízos a cerca de 25% das empresas brasileiras em 2022, diz pesquisa

Hackers vazam 2 milhões de cartões em comemoração de aniversário

HDFC Bank Denies Data Breach as 7.5GB of Customer Information Allegedly Leaked for Free on Hacker Forum

How to achieve and shore up cyber resilience in a recession

How To: Fight the Use of Deepfakes in ID Theft

IWD2023: Learning Lessons to Boost Female Representation in Cybersecurity

Kuwait ministry hit by ransomware attack

Law enforcement teams score major win against DoppelPaymer ransomware gang

Municipal CISOs grapple with challenges as cyber threats soar

Negligent California Healthcare Groups to Blame for Data Breach Affecting 3.3M Patients, Class Action Says

New HiatusRAT Malware Targets Business-Grade Routers to Covertly Spy on Victims

New malware infects business routers for data theft, surveillance

Old Windows ‘Mock Folders’ UAC bypass used to drop malware

Paying For Ransomware Only Drives Up Ransom Costs

PoC exploit for recently patched Microsoft Word RCE is public (CVE-2023-21716)

Popular fintech apps expose valuable, exploitable secrets

Popular SaaS Products Abused To Run Phishing Campaigns Targeting BFSI Customers

Proof-of-Concept released for critical Microsoft Word RCE bug

Rancho Mesquite Casinos Faces Class Action Suit Over ‘Massive’ Data Breach

Ransomware attacks decreased 38% in January - report

Ransomware group threatens to release Oakland's confidential data

Royal Ransomware Made Upto $11 Million USD Using Custom-Made Encryption Malware

Sandbox blockchain game breached to send emails linking to malware

School cybersecurity in 2023: What’s your incident response plan?

Six in Ten Financial Institutions at Risk of Data Breach Due to Poor Data Management

Suprbay.org, The Pirate Bay Web Forum Down amid Cyberattack

Suspected Cyber Attack Closes Northern Essex CC

The Food Industry’s ‘Unique Vulnerabilities’ to Cyberattacks

Threat Intelligence: Do We Need A 'Rosetta Stone' of Cyber Attribution?

Top members of DoppelPaymer Ransomware gang arrested

UK Government Plans Skills Boost for Public Sector Fraud Fight

US public transport service struck by ransomware attack

Virginia hospital notifies patients of data breach

XIoT risk and the vulnerability landscape

Zionsville-based Group 1001 reports ransomware attack

What You Really Need to Know About Ransomware in 2023

05/03

5 Multi-Factor Authentication Vulnerabilities and How to Resolve Them

Benefits of cybersecurity investments may be hard to see, but they are crucial

Comprehending the top future cyber risks for businesses

CS launches CoE for imparting training in Cyber Security

Customers of these banks are most likely to fall victim to fraud, according to new study

Cyberattacks put spotlight on weak Canadian laws, says cybersecurity expert

Cyber Warfare: Is banning Chinese firms enough for India’s cyber security or Modi Government need to do more

Federal Trade Commission (FTC) to ban BetterHelp from sharing mental health data with advertisers

Hackers são capazes de transformar o chatGPT do Bing em um golpista, aponta pesquisa

Hogwarts Legacy: Versão crackeada do game traz mensagem polêmica e surpreende jogadores

Honda Motorcycle and Scooter India’s Twitter account hacked!

How to avoid billion-dollar fines due to unsecured messaging apps

Indigo says hacked employee data may appear on ‘dark web’ this week, won’t pay ransom – National IG News

Internet scam affected 7% of Nigerian users – Firm

Maritime Cybersecurity: A Potential Threat to India’s National Security

Phishing, tech support and lottery scams

Play Ransomware gang has begun to leak data stolen from City of Oakland

South Korea cracks down on voice phishing linked with digital currencies

These ‘Fun’ and ‘Harmless’ Social Media Quizzes Can Make You Easy Prey to Hackers

DAILY NEWS: Fevereiro/Março (26/02 - 04/03) - 09 Semana de 2023