DAILY NEWS: Outubro (09/10 - 15/10) - 41 Semana de 2022

Cyber Security and Information Security News - Daily Updates !! Weekly Review

15/10


5 online threats to avoid in 2023


Almost 900 servers hacked using Zimbra zero-day flaw


Beware: Here comes the latest email phishing scam


Cyber crime costs rise 2000pc to £90m in Norfolk - Here is how to keep safe


Cybercriminals exploit cost of living crisis to target millennials


Dutch Police Tricked DeadBolt Ransomware to Obtain Free Decryption Keys


East Renfrewshire Leisure chiefs issue apology after email blunder leads to data breach


Fake ‘Nami’ Cardano Wallet Phishing for New Bait on App Store


Fortinet urges admins to patch bug with public exploit immediately


Indian Energy Company Tata Power's IT Infrastructure Hit By Cyber Attack


Personal Details Exposed In MyDeal Data Breach


Phishing now uses fake login windows that are virtually undetectable


Rising Bot Attacks – Why is Your Organization Struggling to Deal with Them?


Woolworths subsidiary MyDeal leaks 2.2 million customers' details


14/10


4 things CISOs need to know about software supply chain security


5 skills to jumpstart your career in cyber security


Alternative payment methods are creating new fraud risks


Annual costs of Hackney ransomware attack exceed £12m


Another 0-Day Bug Was Found in Microsoft Exchange, and LockBit Ransomware Operators Are Exploiting It


Australian health insurance provider Medibank Private suffers a cyber attack


'Baby Al Capone' Agrees to Pay $22M in AT&T SIM-Swap Case


BBRG TR, LLC Reports Data Breach Compromising Consumers’ Social Security Numbers


Black Basta Uses Qakbot, Brute Ratel in Ransomware Attacks


Brasil é o mais atacado por ransomware na América Latina


Call for mediation meeting over NHS Highland data breach claims


Can Machine Learning Help Prevent Business Email Compromise?


Center One shares Cybersecurity tips with kids


Charities at risk of ‘underestimating’ online fraud as one in eight experienced cybercrime last year


City of Ottawa issues warning about parking ticket phishing scam


CommonSpirit Health says system hit by ransomware attack


CPX Holding and TIP Testing and Qualification Center join forces to offer comprehensive cyber security capabilities


Cyber attack increase threatens sea traffic, ports and offshore rigs


Cyber security – prevention is better than cure


Data leak exposes Mexico military corruption, including collusion with drug cartels


DJI drone tracking data exposed in the US


Document analysis company Elevate faces cyber attack impacting Snap


Educational institutions must reverse their backward approach to cyber defense


Education Sector Experienced 44% Increase in Cyber-Attacks Over Last Year


Experts released PoC exploit code for critical bug CVE-2022-40684 in Fortinet products


Fake Cardano Wallet Phishing for New Bait on App Store


Five scams you need to know about before Black Friday starts on November 25


Growing ransomware threats require maximum data protection


How To Build a Career as a Freelance Cybersecurity Analyst — From Scratch


How web data is leading US cybersecurity to unreached possibilities


INTERPOL arrests ‘Black Axe’ cybercrime syndicate members


Japanese authorities warn of N.Korean hacker attacks on cryptoassets


KPMG signs MoU with the UAE Cyber Security Council to spread nation-wide cyber awareness


Layering cyber security architecture is crucial


Linux, Windows and macOS Hit By New “Alchimist” Attack Framework


LockBit 3.0 used in ransomware attack on Advanced that knocked out NHS 111 services


Magniber Ransomware Adopts JavaScript to Attack Individual Users


Malwarebytes MDR enables organizations to prioritize critical alerts and detect advanced malware attacks


Mango DAO Offers Hacker $47M to Settle Without Pressing Charges


Microsoft Office 365 email encryption could expose message content


Mirai Botnet Hits Wynncraft Minecraft Server with 2.5 Tbps DDoS Attack


MyDeal faces cyber attack, exposing data of 2.2 mn users


New PHP Version of Ducktail Malware Hijacking Facebook Business Accounts


Novo golpe mistura phishing e ligações para contaminar celulares Android


Optus customers affected by data breach do not need new passports, chief executive says


Optus says breach victims don’t need to replace passports


PoC Exploit Released for Critical Fortinet Auth Bypass Bug Under Active Attacks


Report Shows How China Has Been Using Cyberattacks Over the Past Decade


Shein owner fined $1.9M for failing to notify 39M users of data breach


Singtel's Optus says no passport replacement needed for those affected by cyber attack


Smart buildings may be your cybersecurity downfall


SOC 2 for ON2IT’s Zero Trust as a Service service


Spending on cyber security to hit $188bn next year


The basics you need to know about Cybersecurity


The dangers of orphaned data and what companies can do about it


The UAE Cybersecurity Council and Cisco collaborate to reinforce cybersecurity national efforts


Tucson data breach puts 123,500 individuals’ information at risk


Zero Trust Network Access the next step in an evolving security landscape


Why call police after a cyber attack? Because they’re waiting for you


Woolworths says MyDeal data breach impacted 2.2 million customers


13/10


3 Cheap Cybersecurity Stocks Protect your Portfolio


3 cybersecurity tips for controlling & monitoring cloud access


60% of SMBs experienced a cyberattack in the last year


2022 pode ser o ano dos hackers cripto: roubos passam de US$ 3 bi e se aproximam de recorde


A cyber attack breached some Latter-day Saint member data. Here’s what we know


A look into ransomware attacks that affected companies worth more than 4 trillion USD: Who are the targets?


After a hacker issues millions of tokens, the price of XEN drops by 33%


Android security warning: These crooks phone you and trick you into downloading malware


Antes da Record, Globo sofreu tentativa de ataque hacker no 1º turno das eleições


Best Practices To Help Strengthen Your Company's Security Culture


Brasil sofre mais de 33 milhões de tentativas de ataque Ransomware


Budworm Espionage Group Returns, Targets US State Legislature


Budworm Hackers Resurface with New Espionage Attacks Aimed at U.S. Organization


Canada Targeted in 141 Ransomware Attacks in 2021 per Palo Alto Networks Unit 42


Caso Record: emissora recupera arquivos, mas ataque hacker continua


Chinese APT WIP19 Targets IT Service Providers and Telcos


Client data exfiltrated in Advanced NHS cyber attack


Cloudflare mitigated record DDoS attack against Minecraft server


CommonSpirit Health confirms it was hit by ransomware attack


Consumers want more transparency on how companies manage their data


Cost-effective steps healthcare CISOs can take to mitigate damaging attacks


Could the Cyber Threat to EV Charging Points Slow Adoption?


Cryptocurrency hacks already at US$718mln in October


Cyber attack hits hospital system including CHI St. Vincent


Cyberattackers Spoof Google Translate in Unique Phishing Tactic


Des Moines hospital blames cyber-attack for 3-year-old getting “MEGADOSE” medicines


Does the OWASP Top 10 Still Matter?


DTX2022: Cyber Needs to Redress the Defensive-Offensive Balance Following Russia-Ukraine


Education sector needs to wise up to more cyberattacks


Exploit available for critical Fortinet auth bypass bug, patch now


Georgia State Bar says SSNs of members, employees leaked in April ransomware attack


Hacker tem identidade revelada um dia após roubar meio bilhão de reais em criptomoedas


Hackers intensificam ataques a sites petistas e pedem voto para Bolsonaro


Hackers now use thermal attacks to steal passwords in seconds


Health insurer Medibank Private hit by cyber attack


Here’s 5 of the world’s riskiest connected devices


In One Month, more than 4.7 Million Cyber Attacks were recorded in BiH


IP Cameras, VoIP and Video Conferencing Revealed as Riskiest IoT Devices


Insurer Medibank hit by targeted cyberattack


Key Ways to Manage the Legal Risks of a Healthcare Data Breach


Latest GuidePoint Research and Intelligence Team (GRIT) Ransomware Trends Report Underscores High Threat Group Turnover and Consistent Targeting of Manufacturing and Technology Industries


Magniber ransomware now infects Windows users via JavaScript files


Malicious WhatsApp Mod Spotted Infecting Android Devices


Malware Analysis Market Forecasted to Cross Valuation of USD 24,150.55 Billion by 2026


Medibank Becomes Latest Target of Cyber Attack in Australia


Medibank investigating cyber attack


Mental health trusts still unable to access patient records months after attack


Modified WhatsApp App Caught Infecting Android Devices with Malware


New Alchimist attack framework targets Windows, macOS, Linux


New Axio Research Illustrates Organizations Lack Basic Cybersecurity Practices, Significantly Increasing Ransomware Exposure


New Chinese Cyberespionage Group WIP19 Targets Telcos, IT Service Providers


New Chinese Malware Attack Framework Targets Windows, macOS, and Linux Systems


New Mexico Licensing Department subject of cyber attack


New RSA Conference CEO talks about delivering value


New Timing Attack Against NPM Registry API Could Expose Private Packages


Npm timing attack, legit software spreading malware, Mango Markets hacked for $100 million


Nubeva Announces First Sale of its Ransomware Reversal Solution to Higher Education Market


O fornecedor do NHS Advanced não diz se os dados do paciente foram roubados durante o ataque de ransomware


Only a quarter of small businesses consider cyber security their top priority


Optus breach has the potential to forge a new approach to cyber security


Optus data breach response 'cracking' as cyber support charity fields 15,000 queries and counting


Outubro já é pior mês de ataques hackers a projetos cripto da história


Pennsylvania Dermatology Practice Suffers Healthcare Data Breach, 33K Impacted


Personal email addresses of prospective students exposed in UL data breach


QR codes could unlock phone to hackers, security expert warns


Rede Record suffers cyber attack and criminals ask for US$5 million in ransom


Researchers Uncover Custom Backdoors and Spying Tools Used by Polonium Hackers


Russian DDoS attack project pays contributors for more firepower


Safe Security and Intuitive.Cloud join forces to provide visibility into enterprise-wide cyber risk


September’s ‘Most Wanted’ malware


Shein data breach results in $1.9m fine for parent company


Since the Optus data breach, Australia is desperate for cybersecurity professionals. You could become one without a university degree


Supply chain hacks are on the rise. But most companies aren't prepared


swIDch wins 'Transaction Security Solution of the Year' at the CyberSecurity Breakthrough Awards for the third year


The Scoular Company Confirms Recent Data Breach


Toyota reveals cyber attack leaked 300,000 customers info


TV Record vítima de ransomware por BlackCat; resgate em BTC ou XMR


UK Government Urges Action to Enhance Supply Chain Security


US election workers slammed with phishing, malware-stuffed emails


Veículos de mídia estão mais vulneráveis a ataques de hackers?


VMware Research Uncovers Evolving Nature of Emotet Malware


What the Uber Breach Verdict Means for CISOs in the US


What you should look for in an MDR relationship


Will triple extortion ransomware truly take off?


Windows Exchange servers hit by LockBit ransomware


12/10


64,000 Additional Patients Impacted by Omnicell Data Breach - What is Your Data Breach Action Plan?


All Windows Get Automatic Account Lockout to Prevent Brute Force Attacks


Are your cybersecurity investments making you less resilient?


Claroty Found Hardcoded Cryptographic Keys in Siemens PLCs Using RCE


Credit card details of more than a million people dumped on dark web for hackers to access


Cross-Functional Collaboration is Becoming Essential for Security Professionals


Cyberattacks, power outages: Why more electric vehicles on Australian roads could bring risks


Cybersecurity Threats to Health Services: Why We Should Be Concerned


Cybersecurity training appeals to mature students


Digital commerce, crypto users’ now rich targets for cybercriminals – Report


EU Commission proposes Cyber Resilience Act to bolster the EU’s cyber security rules


Everything You Should Know About Earning A Master’s In Cybersecurity


For most companies ransomware is the scariest of all cyberattacks


Fortinet warns that critical authentication bypass flaw has been exploited


Google Forms abused in new COVID-19 phishing wave in the U.S.


Hackers Using Vishing to Trick Victims into Installing Android Banking Malware


Hospitals Continue to Suffer Impacts of CommonSpirit IT Security Incident


How to improve employees’ cybersecurity behavior


How to Manage Your Cyber Risks


Hybrid work requires cybersecurity communication & transformation


Insider Threats and Security at the Edge


IT director discusses East Baton Rouge Parish’s cyber security


JPMorgan faces cyber attack from Hacker group Killnet


KillNet’s Malicious Call to Action Takes Airport Websites Offline


LifeBridge Health to pay $9.5 million as retribution for 2018 data breach


Mango Markets Loses $100M in DeFi Exploit, Attacker Proposing Treasury Liquidation Vote


Mars Area School District investigates network data breach


Microsoft Patch Tuesday Fixes New Windows Zero-Day; No Patch for Exchange Server Bugs


Most common types of data breaches and how they affect businesses during the festive season


New npm timing attack could lead to supply chain attacks


North Korea Uses Crypto Hack Funds to Develop Nuclear Weapons


Phishing attacks in SEA soar by a million compared to 2021


Polonium Uses Seven Backdoor Variants to Spy on Israeli Organizations


Record hackeada: o que se sabe até agora sobre ataque e sequestro de dados


Singtel's Australian IT Firm Dialog Suffers Data Breach


Skin cancer patient fears near naked photos on dark web after cyberattack on Pinnacle Health


SMBs embrace new tech but fail to invest in security - study


SME growth hampered by lack of cyber security


The metaverse is coming, and the security threats have already arrived


The Philippines: Serious security breach as hacker takes over National Disaster Risk Reduction and Management Council (NDRRMC) Facebook page


The Undeclared War: How Accurate Are the Threats?


This new Windows features makes password-hacking attacks much harder


US ports and terminals targets of increased cyber security attacks


U.S. to issue new cybersecurity requirements for critical aviation systems


Web companies most likely to lose your data – report


What's on your network? These are the devices most at risk of getting hacked


White House Reports on Federal Cybersecurity Progress


11/10


2FA is over. Long live 3FA!


2K confirms some personal data obtained in recent data breach


A New Wave of PayPal Invoice Scams Using Crypto Disguise


Abuse of Legitimate Tools Threatens Healthcare Cybersecurity


An introduction to Kali Linux


Após ataque hacker, Binance fará manutenção na rede durante feriado no Brasil; votação para melhorias da blockchain acontecem na sequência


Aus watchdogs launch probe into data breach


Auth bypass bug in FortiOS, FortiProxy is exploited in the wild (CVE-2022-40684)


BazarCall Callback Phishing Attacks Constantly Evolving Its Social Engineering Tactics


Blackbyte Ransomware Abuses Legit Driver to Disable Security Products, Says NCC – CSIRT


Blockchain ligada à Binance anuncia atualização emergencial após hack de US$ 100 mi


Businesses are at risk of losing consumers post a cyber-attack: ISACA


Caffeine, a new Phishing-as-a-Service toolkit available in the underground


Calls for Better Microsoft Teams Backup as Confidential Info Sent on the Platform


Can IAM help save on cyber insurance?


Consumers Association of Singapore (CASE) alerts consumers to phishing emails impersonating its officers requesting for personal and bank details


Critical VM2 flaw lets attackers run code outside the sandbox


Cybercriminals are having it easy with phishing-as-a-service


Dark Web Marketplace ‘BidenCash’ Hands Out 1.2 Million Stolen Credit Cards as a Promotion


DeepFakes Are The Cybercriminal Economy’s Latest Business Line


DeFi Protocol Temple DAO Struck by $2.3M Exploit


EDR is not a silver bullet


Every Third Industrial Computer was Under Attack in South Africa, Kenya and Nigeria in H1 2022


Ex-hacker que invadiu a NASA ‘decifra’ ataque à Record TV e alerta emissora: “Segurança é importante”


Experts analyzed the evolution of the Emotet supply chain


FACT SHEET: Biden-⁠Harris Administration Delivers on Strengthening America’s Cybersecurity


Fortinet Warns of Active Exploitation of Newly Discovered Critical Auth Bypass Bug


Google is trying to solve the software supply chain security problem


Google's hackers: Inside the cybersecurity red team that keeps Google safe


Hackers derrubam sites de aeroportos dos EUA


"Hackers" estariam exigindo R$ 25 mi para não publicar dados da Record


Hacking group POLONIUM uses ‘Creepy’ malware against Israel


High-Value Targets: String of Aussie Telco Breaches Continues


How Chief Information Security Officers Who Work Extra Hours Could Put Employers At Risk


How government organizations can stay steps ahead of attackers


How Leidos Tackled Cybersecurity Skills Shortage Through Education


How to use imagination to prevent data breaches


ISC2Congress: Cybersecurity Pros Must Prepare for Emerging Deepfake Threats


It’s time to talk about securing your innovation supply chain


Lloyd’s Finds No Evidence of Data Compromise From Cyber Attack


Main TransitFinance Hacker Promises to Refund Another 6,500 BNB


Meta identifies over 400 malicious apps targeting FB users’ data


Microsoft Exchange servers hacked to deploy LockBit ransomware


More Details of macOS Archive Utility Flaw Emerge


New Android malware family uncovered


ONLINE THREATS: The human factor in most cyber breaches


Phishing attacks on the rise in Malaysia, SE Asia


Pro-Russian Group KillNet Claims Responsibility for 14 US Airport DDoS Attacks


Protecting sensitive data in the 'golden age' of cybercrime


Quarter of Healthcare Ransomware Victims Forced to Halt Operations


Record: hackers cobram resgate milionário e prometem mais ataques


Remote workforces at SMBs are being left unprotected


Researchers Detail Critical RCE Flaw Reported in Popular vm2 JavaScript Sandbox


Researchers Warn of New Phishing-as-a-Service Being Used by Cyber Criminals


Russia labels Meta an 'extremist' org, sends legal threats to users


SBT e TV Cultura negam ter sido alvos de ataque hacker que atingiu Record


Singtel's 'old data' first posted on dark web in Feb 2021: researcher


The Latest Funding News and What it Means for Cyber Security in 2023


The ongoing battle to secure schools from cyberattack


This dangerous new hacker tool makes phishing worryingly easy


Toyota discloses accidental leak of some customers’ personal information


Toyota Discloses Data Breach Impacting Source Code, Customer Email Addresses


Toyota Reveals Data Leak of 300,000 Customers


UK arrests 17-year-old hacker, likely to be behind Uber and GTA 6 hack


Weeks on, more Optus customers find out personal information compromised in data leak


What to do if you’ve become a victim of a data breach


Who Is Recruiting Your Workers? It Could Be A Hacker Group


Windows 10 KB5018410 and KB5018419 updates released


Windows 11 22H2 blocked due to Windows Hello issues on some systems


Windows 11 KB5018427 update released with 30 bug fixes, improvements


10/10


1 In 4 Globally Have Suffered Data Breach (PWC)


6 months of phishing attacks in 2022 exceed SEA’s total number last year


10 Biggest Data Breaches of All Time - And How to Prevent Them


91% of Cyber Pros Experience Mental Health Challenges at Work


Após Record ser atacada, SBT e TV Cultura negam invasão hacker


Australian fruit company Costa Group experiences ‘malicious’ cyberattack


Binance sofre ataque hacker e perde R$ 570 milhões; entenda


Blackbyte Ransomware Bypass EDR Security Using Drive Vulnerability


BNB Smart Chain attacked by hacker, loses over $100 million


Board members should make CISOs their strategic partners


Caffeine service lets anyone launch Microsoft 365 phishing attacks


Cancer Testing, Diagnostics Lab Suffers Phishing Attack, 244K Impacted


Centenary concerned cyber attack compromised ‘main software system’


CISOs, corporate boards in wide disagreement on cyber resilience


Criminal multitool LilithBot arrives on malware-as-a-service scene


Critical vm2 sandbox escape flaw uncovered, patch ASAP! (CVE-2022-36067)


Cybersecurity needs a statewide approach, state chief information officers, Deloitte say in new report


Data Poisoning: Is There a Solution?


Data Protection Commissioner (DPC) examines data breach at dairy processor Tirlán


Emirates Nuclear Energy Corporation, UAE Cyber Security Council to jointly boost cyber ‘resilience’


Facebook data breach 2022: Over 1M users affected


Facebook Login Details at Risk as Meta Identifies Over 400 Malicious Apps


Feds warn healthcare organizations of ongoing abuse of legitimate security tools


Fortinet says critical auth bypass bug is exploited in attacks


German cyber security chief to be fired after alleged Russia ties, sources say


Google Chrome Ranked As The Least Safe Browser: Here’s What You Need To Know


Hacker pinheirense é preso pelo DEIC de São Paulo em João Pinheiro


Hackers can guess your password using thermal imagery


Hackers behind IcedID malware attacks diversify delivery tactics


Hackers que invadiram sistema da Record pedem resgate milionário; saiba o valor


Hackers sequestraram e-mails da Record; clima é de terror


Here's another excellent reason not to browse adult websites at work


How AI and machine learning are changing the phishing game


How do you protect your online systems? Cultivate an insider threat


How to protect your agency from an island-hopping cyberattack


How to Set Up Segmentation for Better OT Security


Increasing network visibility is critical to improving security posture


Information Expected to Emerge Slowly in Hospital Chain Cyberattack


Intel Confirms Leak of Alder Lake BIOS Source Code


Iran State-Run TV’s Live Transmission Hacked by Edalate Ali Hackers


Lack of transparency, systemic risks weaken national cybersecurity preparedness


Microsoft Teams: A channel for sensitive business information sharing that needs better backup


Most common types of data breaches and how they affect businesses during the festive season


National Cyber Security Centre (NCSC): Businesses are too often 'seduced' by the attractive lure of phishing tests


Nearly half of UK adults don’t know their browsing history is visible to third parties


New Report Uncovers Emotet's Delivery and Evasion Techniques Used in Recent Attacks


Northern Data Systems, Inc. Files Notice of Data Breach Affecting Consumers’ Social Security Numbers


Only 10% of Companies Avoided Ransomware in 2022


Optus to share breached data with banks


Patient information uploaded to internet after Pinnacle Health cyber-attack


Phishing attacks are getting more and more sophisticated


Pro-Russian hacker group Killnet targeting the websites of US state governments


Purpose-based access control: Putting data access requests into context


Ransomware as a Service: What Is It and How Does It Work in 2022?


Reports suggest Social Club may have been compromised in a recent hack


Researchers Detail Malicious Tools Used by Cyber Espionage Group Earth Aughisky


Russian Cyber Attack Hits Websites of Multiple U.S. Airports


Russian hackers suspected over cyber attack on US airports


Second Singtel subsidiary breach in a month sees customer and client data leaked


Self Assessment customers could be a target for fraudsters, HMRC warns


Sites de aeroportos dos EUA saem do ar após ataque de hackers russos


Some U.S. travel websites knocked offline after Russian hacker group calls for attack


South Carolina's massive data breach 10 years later: Questions linger as investigation remains open


State Bar of Georgia Confirms Data Breach Following Ransomware Attack


The key pillar of cyber resilience: backing up effectively


This 'thermal attack' can read your password from the heat your fingertips leave behind


Toyota discloses data leak after access key exposed on GitHub


Transit Finance Hacker Returns $2.74M to Victims, Sends $686K to Tornado Cash


Uma das principais corretoras de CRIPTOMOEDAS do mundo tem ataque hacker SURPREENDENTE


Uninstall these malicious mobile apps now, Facebook warns


Ukraine Enhances Cooperation With EU Cybersecurity Agencies