DAILY NEWS: Outubro (09/10 - 15/10) - 41 Semana de 2022
Cyber Security and Information Security News - Daily Updates !! Weekly Review
15/10
5 online threats to avoid in 2023
Almost 900 servers hacked using Zimbra zero-day flaw
Beware: Here comes the latest email phishing scam
Cyber crime costs rise 2000pc to £90m in Norfolk - Here is how to keep safe
Cybercriminals exploit cost of living crisis to target millennials
Dutch Police Tricked DeadBolt Ransomware to Obtain Free Decryption Keys
East Renfrewshire Leisure chiefs issue apology after email blunder leads to data breach
Fake ‘Nami’ Cardano Wallet Phishing for New Bait on App Store
Fortinet urges admins to patch bug with public exploit immediately
Indian Energy Company Tata Power's IT Infrastructure Hit By Cyber Attack
Personal Details Exposed In MyDeal Data Breach
Phishing now uses fake login windows that are virtually undetectable
Rising Bot Attacks – Why is Your Organization Struggling to Deal with Them?
Woolworths subsidiary MyDeal leaks 2.2 million customers' details
14/10
4 things CISOs need to know about software supply chain security
5 skills to jumpstart your career in cyber security
Alternative payment methods are creating new fraud risks
Annual costs of Hackney ransomware attack exceed £12m
Australian health insurance provider Medibank Private suffers a cyber attack
'Baby Al Capone' Agrees to Pay $22M in AT&T SIM-Swap Case
BBRG TR, LLC Reports Data Breach Compromising Consumers’ Social Security Numbers
Black Basta Uses Qakbot, Brute Ratel in Ransomware Attacks
Brasil é o mais atacado por ransomware na América Latina
Call for mediation meeting over NHS Highland data breach claims
Can Machine Learning Help Prevent Business Email Compromise?
Center One shares Cybersecurity tips with kids
Charities at risk of ‘underestimating’ online fraud as one in eight experienced cybercrime last year
City of Ottawa issues warning about parking ticket phishing scam
CommonSpirit Health says system hit by ransomware attack
Cyber attack increase threatens sea traffic, ports and offshore rigs
Cyber security – prevention is better than cure
Data leak exposes Mexico military corruption, including collusion with drug cartels
DJI drone tracking data exposed in the US
Document analysis company Elevate faces cyber attack impacting Snap
Educational institutions must reverse their backward approach to cyber defense
Education Sector Experienced 44% Increase in Cyber-Attacks Over Last Year
Experts released PoC exploit code for critical bug CVE-2022-40684 in Fortinet products
Fake Cardano Wallet Phishing for New Bait on App Store
Five scams you need to know about before Black Friday starts on November 25
Growing ransomware threats require maximum data protection
How To Build a Career as a Freelance Cybersecurity Analyst — From Scratch
How web data is leading US cybersecurity to unreached possibilities
INTERPOL arrests ‘Black Axe’ cybercrime syndicate members
Japanese authorities warn of N.Korean hacker attacks on cryptoassets
KPMG signs MoU with the UAE Cyber Security Council to spread nation-wide cyber awareness
Layering cyber security architecture is crucial
Linux, Windows and macOS Hit By New “Alchimist” Attack Framework
LockBit 3.0 used in ransomware attack on Advanced that knocked out NHS 111 services
Magniber Ransomware Adopts JavaScript to Attack Individual Users
Mango DAO Offers Hacker $47M to Settle Without Pressing Charges
Microsoft Office 365 email encryption could expose message content
Mirai Botnet Hits Wynncraft Minecraft Server with 2.5 Tbps DDoS Attack
MyDeal faces cyber attack, exposing data of 2.2 mn users
New PHP Version of Ducktail Malware Hijacking Facebook Business Accounts
Novo golpe mistura phishing e ligações para contaminar celulares Android
Optus customers affected by data breach do not need new passports, chief executive says
Optus says breach victims don’t need to replace passports
PoC Exploit Released for Critical Fortinet Auth Bypass Bug Under Active Attacks
Report Shows How China Has Been Using Cyberattacks Over the Past Decade
Shein owner fined $1.9M for failing to notify 39M users of data breach
Singtel's Optus says no passport replacement needed for those affected by cyber attack
Smart buildings may be your cybersecurity downfall
SOC 2 for ON2IT’s Zero Trust as a Service service
Spending on cyber security to hit $188bn next year
The basics you need to know about Cybersecurity
The dangers of orphaned data and what companies can do about it
The UAE Cybersecurity Council and Cisco collaborate to reinforce cybersecurity national efforts
Tucson data breach puts 123,500 individuals’ information at risk
Zero Trust Network Access the next step in an evolving security landscape
Why call police after a cyber attack? Because they’re waiting for you
Woolworths says MyDeal data breach impacted 2.2 million customers
13/10
3 Cheap Cybersecurity Stocks Protect your Portfolio
3 cybersecurity tips for controlling & monitoring cloud access
60% of SMBs experienced a cyberattack in the last year
2022 pode ser o ano dos hackers cripto: roubos passam de US$ 3 bi e se aproximam de recorde
A cyber attack breached some Latter-day Saint member data. Here’s what we know
After a hacker issues millions of tokens, the price of XEN drops by 33%
Android security warning: These crooks phone you and trick you into downloading malware
Antes da Record, Globo sofreu tentativa de ataque hacker no 1º turno das eleições
Best Practices To Help Strengthen Your Company's Security Culture
Brasil sofre mais de 33 milhões de tentativas de ataque Ransomware
Budworm Espionage Group Returns, Targets US State Legislature
Budworm Hackers Resurface with New Espionage Attacks Aimed at U.S. Organization
Canada Targeted in 141 Ransomware Attacks in 2021 per Palo Alto Networks Unit 42
Caso Record: emissora recupera arquivos, mas ataque hacker continua
Chinese APT WIP19 Targets IT Service Providers and Telcos
Client data exfiltrated in Advanced NHS cyber attack
Cloudflare mitigated record DDoS attack against Minecraft server
CommonSpirit Health confirms it was hit by ransomware attack
Consumers want more transparency on how companies manage their data
Cost-effective steps healthcare CISOs can take to mitigate damaging attacks
Could the Cyber Threat to EV Charging Points Slow Adoption?
Cryptocurrency hacks already at US$718mln in October
Cyber attack hits hospital system including CHI St. Vincent
Cyberattackers Spoof Google Translate in Unique Phishing Tactic
Des Moines hospital blames cyber-attack for 3-year-old getting “MEGADOSE” medicines
Does the OWASP Top 10 Still Matter?
DTX2022: Cyber Needs to Redress the Defensive-Offensive Balance Following Russia-Ukraine
Education sector needs to wise up to more cyberattacks
Exploit available for critical Fortinet auth bypass bug, patch now
Georgia State Bar says SSNs of members, employees leaked in April ransomware attack
Hacker tem identidade revelada um dia após roubar meio bilhão de reais em criptomoedas
Hackers intensificam ataques a sites petistas e pedem voto para Bolsonaro
Hackers now use thermal attacks to steal passwords in seconds
Health insurer Medibank Private hit by cyber attack
Here’s 5 of the world’s riskiest connected devices
In One Month, more than 4.7 Million Cyber Attacks were recorded in BiH
IP Cameras, VoIP and Video Conferencing Revealed as Riskiest IoT Devices
Insurer Medibank hit by targeted cyberattack
Key Ways to Manage the Legal Risks of a Healthcare Data Breach
Magniber ransomware now infects Windows users via JavaScript files
Malicious WhatsApp Mod Spotted Infecting Android Devices
Malware Analysis Market Forecasted to Cross Valuation of USD 24,150.55 Billion by 2026
Medibank Becomes Latest Target of Cyber Attack in Australia
Medibank investigating cyber attack
Mental health trusts still unable to access patient records months after attack
Modified WhatsApp App Caught Infecting Android Devices with Malware
New Alchimist attack framework targets Windows, macOS, Linux
New Chinese Cyberespionage Group WIP19 Targets Telcos, IT Service Providers
New Chinese Malware Attack Framework Targets Windows, macOS, and Linux Systems
New Mexico Licensing Department subject of cyber attack
New RSA Conference CEO talks about delivering value
New Timing Attack Against NPM Registry API Could Expose Private Packages
Npm timing attack, legit software spreading malware, Mango Markets hacked for $100 million
Nubeva Announces First Sale of its Ransomware Reversal Solution to Higher Education Market
Only a quarter of small businesses consider cyber security their top priority
Optus breach has the potential to forge a new approach to cyber security
Optus data breach response 'cracking' as cyber support charity fields 15,000 queries and counting
Outubro já é pior mês de ataques hackers a projetos cripto da história
Pennsylvania Dermatology Practice Suffers Healthcare Data Breach, 33K Impacted
Personal email addresses of prospective students exposed in UL data breach
QR codes could unlock phone to hackers, security expert warns
Rede Record suffers cyber attack and criminals ask for US$5 million in ransom
Researchers Uncover Custom Backdoors and Spying Tools Used by Polonium Hackers
Russian DDoS attack project pays contributors for more firepower
Safe Security and Intuitive.Cloud join forces to provide visibility into enterprise-wide cyber risk
September’s ‘Most Wanted’ malware
Shein data breach results in $1.9m fine for parent company
Supply chain hacks are on the rise. But most companies aren't prepared
The Scoular Company Confirms Recent Data Breach
Toyota reveals cyber attack leaked 300,000 customers info
TV Record vítima de ransomware por BlackCat; resgate em BTC ou XMR
UK Government Urges Action to Enhance Supply Chain Security
US election workers slammed with phishing, malware-stuffed emails
Veículos de mídia estão mais vulneráveis a ataques de hackers?
VMware Research Uncovers Evolving Nature of Emotet Malware
What the Uber Breach Verdict Means for CISOs in the US
What you should look for in an MDR relationship
Will triple extortion ransomware truly take off?
Windows Exchange servers hit by LockBit ransomware
12/10
64,000 Additional Patients Impacted by Omnicell Data Breach - What is Your Data Breach Action Plan?
All Windows Get Automatic Account Lockout to Prevent Brute Force Attacks
Are your cybersecurity investments making you less resilient?
Claroty Found Hardcoded Cryptographic Keys in Siemens PLCs Using RCE
Credit card details of more than a million people dumped on dark web for hackers to access
Cross-Functional Collaboration is Becoming Essential for Security Professionals
Cyberattacks, power outages: Why more electric vehicles on Australian roads could bring risks
Cybersecurity Threats to Health Services: Why We Should Be Concerned
Cybersecurity training appeals to mature students
Digital commerce, crypto users’ now rich targets for cybercriminals – Report
EU Commission proposes Cyber Resilience Act to bolster the EU’s cyber security rules
Everything You Should Know About Earning A Master’s In Cybersecurity
For most companies ransomware is the scariest of all cyberattacks
Fortinet warns that critical authentication bypass flaw has been exploited
Google Forms abused in new COVID-19 phishing wave in the U.S.
Hackers Using Vishing to Trick Victims into Installing Android Banking Malware
Hospitals Continue to Suffer Impacts of CommonSpirit IT Security Incident
How to improve employees’ cybersecurity behavior
How to Manage Your Cyber Risks
Hybrid work requires cybersecurity communication & transformation
Insider Threats and Security at the Edge
IT director discusses East Baton Rouge Parish’s cyber security
JPMorgan faces cyber attack from Hacker group Killnet
KillNet’s Malicious Call to Action Takes Airport Websites Offline
LifeBridge Health to pay $9.5 million as retribution for 2018 data breach
Mango Markets Loses $100M in DeFi Exploit, Attacker Proposing Treasury Liquidation Vote
Mars Area School District investigates network data breach
Microsoft Patch Tuesday Fixes New Windows Zero-Day; No Patch for Exchange Server Bugs
Most common types of data breaches and how they affect businesses during the festive season
New npm timing attack could lead to supply chain attacks
North Korea Uses Crypto Hack Funds to Develop Nuclear Weapons
Phishing attacks in SEA soar by a million compared to 2021
Polonium Uses Seven Backdoor Variants to Spy on Israeli Organizations
Record hackeada: o que se sabe até agora sobre ataque e sequestro de dados
Singtel's Australian IT Firm Dialog Suffers Data Breach
Skin cancer patient fears near naked photos on dark web after cyberattack on Pinnacle Health
SMBs embrace new tech but fail to invest in security - study
SME growth hampered by lack of cyber security
The metaverse is coming, and the security threats have already arrived
The Undeclared War: How Accurate Are the Threats?
This new Windows features makes password-hacking attacks much harder
US ports and terminals targets of increased cyber security attacks
U.S. to issue new cybersecurity requirements for critical aviation systems
Web companies most likely to lose your data – report
What's on your network? These are the devices most at risk of getting hacked
White House Reports on Federal Cybersecurity Progress
11/10
2K confirms some personal data obtained in recent data breach
A New Wave of PayPal Invoice Scams Using Crypto Disguise
Abuse of Legitimate Tools Threatens Healthcare Cybersecurity
Aus watchdogs launch probe into data breach
Auth bypass bug in FortiOS, FortiProxy is exploited in the wild (CVE-2022-40684)
BazarCall Callback Phishing Attacks Constantly Evolving Its Social Engineering Tactics
Blackbyte Ransomware Abuses Legit Driver to Disable Security Products, Says NCC – CSIRT
Blockchain ligada à Binance anuncia atualização emergencial após hack de US$ 100 mi
Businesses are at risk of losing consumers post a cyber-attack: ISACA
Caffeine, a new Phishing-as-a-Service toolkit available in the underground
Calls for Better Microsoft Teams Backup as Confidential Info Sent on the Platform
Can IAM help save on cyber insurance?
Critical VM2 flaw lets attackers run code outside the sandbox
Cybercriminals are having it easy with phishing-as-a-service
Dark Web Marketplace ‘BidenCash’ Hands Out 1.2 Million Stolen Credit Cards as a Promotion
DeepFakes Are The Cybercriminal Economy’s Latest Business Line
DeFi Protocol Temple DAO Struck by $2.3M Exploit
Every Third Industrial Computer was Under Attack in South Africa, Kenya and Nigeria in H1 2022
Experts analyzed the evolution of the Emotet supply chain
FACT SHEET: Biden-Harris Administration Delivers on Strengthening America’s Cybersecurity
Fortinet Warns of Active Exploitation of Newly Discovered Critical Auth Bypass Bug
Google is trying to solve the software supply chain security problem
Google's hackers: Inside the cybersecurity red team that keeps Google safe
Hackers derrubam sites de aeroportos dos EUA
"Hackers" estariam exigindo R$ 25 mi para não publicar dados da Record
Hacking group POLONIUM uses ‘Creepy’ malware against Israel
High-Value Targets: String of Aussie Telco Breaches Continues
How Chief Information Security Officers Who Work Extra Hours Could Put Employers At Risk
How government organizations can stay steps ahead of attackers
How Leidos Tackled Cybersecurity Skills Shortage Through Education
How to use imagination to prevent data breaches
ISC2Congress: Cybersecurity Pros Must Prepare for Emerging Deepfake Threats
It’s time to talk about securing your innovation supply chain
Lloyd’s Finds No Evidence of Data Compromise From Cyber Attack
Main TransitFinance Hacker Promises to Refund Another 6,500 BNB
Meta identifies over 400 malicious apps targeting FB users’ data
Microsoft Exchange servers hacked to deploy LockBit ransomware
More Details of macOS Archive Utility Flaw Emerge
New Android malware family uncovered
ONLINE THREATS: The human factor in most cyber breaches
Phishing attacks on the rise in Malaysia, SE Asia
Pro-Russian Group KillNet Claims Responsibility for 14 US Airport DDoS Attacks
Protecting sensitive data in the 'golden age' of cybercrime
Quarter of Healthcare Ransomware Victims Forced to Halt Operations
Record: hackers cobram resgate milionário e prometem mais ataques
Remote workforces at SMBs are being left unprotected
Researchers Detail Critical RCE Flaw Reported in Popular vm2 JavaScript Sandbox
Researchers Warn of New Phishing-as-a-Service Being Used by Cyber Criminals
Russia labels Meta an 'extremist' org, sends legal threats to users
SBT e TV Cultura negam ter sido alvos de ataque hacker que atingiu Record
Singtel's 'old data' first posted on dark web in Feb 2021: researcher
The Latest Funding News and What it Means for Cyber Security in 2023
The ongoing battle to secure schools from cyberattack
This dangerous new hacker tool makes phishing worryingly easy
Toyota discloses accidental leak of some customers’ personal information
Toyota Discloses Data Breach Impacting Source Code, Customer Email Addresses
Toyota Reveals Data Leak of 300,000 Customers
UK arrests 17-year-old hacker, likely to be behind Uber and GTA 6 hack
Weeks on, more Optus customers find out personal information compromised in data leak
What to do if you’ve become a victim of a data breach
Who Is Recruiting Your Workers? It Could Be A Hacker Group
Windows 10 KB5018410 and KB5018419 updates released
Windows 11 22H2 blocked due to Windows Hello issues on some systems
Windows 11 KB5018427 update released with 30 bug fixes, improvements
10/10
1 In 4 Globally Have Suffered Data Breach (PWC)
6 months of phishing attacks in 2022 exceed SEA’s total number last year
10 Biggest Data Breaches of All Time - And How to Prevent Them
91% of Cyber Pros Experience Mental Health Challenges at Work
Após Record ser atacada, SBT e TV Cultura negam invasão hacker
Australian fruit company Costa Group experiences ‘malicious’ cyberattack
Binance sofre ataque hacker e perde R$ 570 milhões; entenda
Blackbyte Ransomware Bypass EDR Security Using Drive Vulnerability
BNB Smart Chain attacked by hacker, loses over $100 million
Board members should make CISOs their strategic partners
Caffeine service lets anyone launch Microsoft 365 phishing attacks
Cancer Testing, Diagnostics Lab Suffers Phishing Attack, 244K Impacted
Centenary concerned cyber attack compromised ‘main software system’
CISOs, corporate boards in wide disagreement on cyber resilience
Criminal multitool LilithBot arrives on malware-as-a-service scene
Critical vm2 sandbox escape flaw uncovered, patch ASAP! (CVE-2022-36067)
Data Poisoning: Is There a Solution?
Data Protection Commissioner (DPC) examines data breach at dairy processor Tirlán
Emirates Nuclear Energy Corporation, UAE Cyber Security Council to jointly boost cyber ‘resilience’
Facebook data breach 2022: Over 1M users affected
Facebook Login Details at Risk as Meta Identifies Over 400 Malicious Apps
Feds warn healthcare organizations of ongoing abuse of legitimate security tools
Fortinet says critical auth bypass bug is exploited in attacks
German cyber security chief to be fired after alleged Russia ties, sources say
Google Chrome Ranked As The Least Safe Browser: Here’s What You Need To Know
Hacker pinheirense é preso pelo DEIC de São Paulo em João Pinheiro
Hackers can guess your password using thermal imagery
Hackers behind IcedID malware attacks diversify delivery tactics
Hackers que invadiram sistema da Record pedem resgate milionário; saiba o valor
Hackers sequestraram e-mails da Record; clima é de terror
Here's another excellent reason not to browse adult websites at work
How AI and machine learning are changing the phishing game
How do you protect your online systems? Cultivate an insider threat
How to protect your agency from an island-hopping cyberattack
How to Set Up Segmentation for Better OT Security
Increasing network visibility is critical to improving security posture
Information Expected to Emerge Slowly in Hospital Chain Cyberattack
Intel Confirms Leak of Alder Lake BIOS Source Code
Iran State-Run TV’s Live Transmission Hacked by Edalate Ali Hackers
Lack of transparency, systemic risks weaken national cybersecurity preparedness
Microsoft Teams: A channel for sensitive business information sharing that needs better backup
Most common types of data breaches and how they affect businesses during the festive season
Nearly half of UK adults don’t know their browsing history is visible to third parties
New Report Uncovers Emotet's Delivery and Evasion Techniques Used in Recent Attacks
Northern Data Systems, Inc. Files Notice of Data Breach Affecting Consumers’ Social Security Numbers
Only 10% of Companies Avoided Ransomware in 2022
Optus to share breached data with banks
Patient information uploaded to internet after Pinnacle Health cyber-attack
Phishing attacks are getting more and more sophisticated
Pro-Russian hacker group Killnet targeting the websites of US state governments
Purpose-based access control: Putting data access requests into context
Ransomware as a Service: What Is It and How Does It Work in 2022?
Reports suggest Social Club may have been compromised in a recent hack
Researchers Detail Malicious Tools Used by Cyber Espionage Group Earth Aughisky
Russian Cyber Attack Hits Websites of Multiple U.S. Airports
Russian hackers suspected over cyber attack on US airports
Second Singtel subsidiary breach in a month sees customer and client data leaked
Self Assessment customers could be a target for fraudsters, HMRC warns
Sites de aeroportos dos EUA saem do ar após ataque de hackers russos
Some U.S. travel websites knocked offline after Russian hacker group calls for attack
South Carolina's massive data breach 10 years later: Questions linger as investigation remains open
State Bar of Georgia Confirms Data Breach Following Ransomware Attack
The key pillar of cyber resilience: backing up effectively
This 'thermal attack' can read your password from the heat your fingertips leave behind
Toyota discloses data leak after access key exposed on GitHub
Transit Finance Hacker Returns $2.74M to Victims, Sends $686K to Tornado Cash
Uma das principais corretoras de CRIPTOMOEDAS do mundo tem ataque hacker SURPREENDENTE
Uninstall these malicious mobile apps now, Facebook warns
Ukraine Enhances Cooperation With EU Cybersecurity Agencies
Unpatched Zimbra RCE bug exploited by attackers (CVE-2022-41352)
US airports' sites taken down in DDoS attacks by pro-Russian hackers
Vulnerability exploitation is top initial access vector for ransomware
What is phishing-resistant multifactor authentication? It’s complicated
Why bother with ransomware? The rise of ‘low effort’ extortion attacks
Will Security Teams Lose Relevance in the Age of Decentralized IT?
Zoom Phishing Scam Steals Microsoft Exchange Credentials
09/10
33 top Linkedin Cyber security certifications to kickstart your global career and earn in US dollars
Após ataque hacker, Record exibe reprise do Vai dar Namoro
Authorities make first arrests connected to major Optus data breach
CommonSpirit hospital chains hit by ransomware, patients are facing problems
Cyber Security: NITDA warns on Identity theft
Darkweb market BidenCash gives away 1.2 million credit cards for free
Don't Put Your Online Security at Risk: Get a Password Manager Now
Enec signs preliminary agreement with UAE Cyber Security Council
ENEC, UAE Cyber Security Council sign MoU to enhance cyber-resilience in energy industry
Especialista explica como aconteceu ataque hacker sofrido pela Record
Everest gang demands $200K for data stolen from South Africa state-owned electricity company ESKOM
Ex-goleiro Casillas publica que é gay no Twitter e depois alega ataque hacker
Fake adult sites push data wipers disguised as ransomware
GTA 6 hacker was allegedly offered 2.2 bitcoin for leak
Iker Casillas sofre ataque hacker em seu perfil no Twitter, com publicação sobre ser gay
Leading fruit, veg grower Costa Group leaks data after phishing attack
Lloyd’s of London investigates alleged cyber attack
National Cyber Security Agency honours organisations, employees for excellence
NCC Warns About Blackbyte Ransomware Security Threat
"O envio de fotos íntimas é sempre inseguro". Hacker fala dos perigos do uso da internet
Residents invited to attend cyber security event
Solana Phantom security update NFTs push password-stealing malware
TV estatal iraniana é alvo de ataque hacker durante noticiário noturno
When are we gonna stop calling it ransomware? It's just data kidnapping now