DAILY NEWS: Outubro (23/10 - 29/10) - 43 Semana de 2022
Cyber Security and Information Security News - Daily Updates !! Weekly Review

29/10
6 Common Types of Crypto Attacks and How to Stay Safe
6 Easy Ways to Secure Your Android Device Data
A massive cyberattack hit Slovak and Polish Parliaments
Bank Customers Beware, You Could Be Targeted By Drinik Virus | Details Inside
Bed Bath & Beyond reviewing possible data breach
‘Buying bad’: the black market where access to hacked Australian data can cost just $500
Cybercrime: SMEs are not below the radar
Cybercrime is emerging a big threat as technology grows
Fired Sky employee tried blackmailing broadcaster for £40,000 worth of Bitcoin
FriesDAO Loses $2.3 Million As Spate Of Exploits Continue
Google still promoting crypto phishing sites, warns Binance boss
Grupo hacker invade site da Prefeitura de Brumadinho e publica conteúdos
Hacker vaza telefone de Rodolffo, Neymar e apoiadores de Bolsonaro
Hackers colocam foto de bandeira do MST em ataque ao site da UFPR
Liz Truss phone hack claim prompts calls for investigation
New York Post Swiftly Recovered From An ‘Insider’ Attack
Site da UFPR é alvo de ataque hacker
The ransomware attack is growing increasingly these past few years
Tips for helping the elderly spot and avoid phishing emails
Twilio discloses another security incident that took place in June
Twilio Reveals Another Breach from the Same Hackers Behind the August Hack
Twitter Users Receive ‘Removal Notice’ From Verified Accounts, Phishing Scam Suspected
What Are Privacy Coins, And Why Are They Controversial?
What New Zealand businesses need to know when taking out cyber insurance
Why are there so many data breaches? A growing industry of criminals is brokering in stolen data
Why one state will issue a million of FREE driver's licences after Optus cybersecurity data breach
Why protecting customer data matters
28/10
After a cyber breach, companies risk losing employees’ trust
Amazon Prime Data Breach Causes Blushes All Round
Android malware droppers with 130K installs found on Google Play
API Attacks Have Emerged as the #1 Threat Vector in 2022
Arvig service shutdown on Tuesday was due to a cyber attack
Aurubis AG: Update on cyber attack at Aurubis
Australian Clinical Labs accused of 'sitting on' hack that saw patient data posted to the dark web
Bed Bath & Beyond reviewing possible data breach
Bored Ape NFT and Other Crypto Worth $1 Million Stolen by Notorious Hacker
CISA Unveils Cybersecurity Goals For Critical Infrastructure Sectors
Cloud and Hybrid Working Security Concerns Surge
Contrary to Popular Belief, Linux Sytems Are Now Receiving Their Fair Share of Cyberattacks
Court detains Finnish man in absentia as suspect in psychotherapy centre data hacks
Cranefly Hackers Use Stealthy Techniques to Deliver and Control Malware
Cyber attack on Pennsylvania hospital compromised the data of 235,000 patients
Cyberattacks 2022: Key Observations And Takeaways
Cyberattacks Are Bypassing Multi-Factor Authentication
Delivering visibility requires a new approach for SecOps
Enterprise ransomware preparedness improving but still lacking
Europol Warns Police to Prepare for Metaverse Threats
Exploit released for critical VMware RCE vulnerability, patch now
Four Cybersecurity Trends Every CISO Needs To Address
GitHub fixes critical vulnerability that exposed repositories to attackers
Google fixes seventh Chrome zero-day exploited in attacks this year
Google Issues Urgent Chrome Update to Patch Actively Exploited Zero-Day Vulnerability
Hacker steals US$1mn worth of crypto and NFTs 24 hours
Hackers and Bad Actors Are Weaponising Your Typos
Hackers use Microsoft IIS web server logs to control malware
High-Severity Flaws in Juniper Junos OS Affect Enterprise Networking Devices
How Small Businesses Can Shield Themselves Against Cyberattack
How XDR reduces the total cost of security operations
Indianapolis Low-Income Housing Agency Hit by Ransomware
Information security vs cyber security vs network security: What are the differences?
Keystone Health faces lawsuit for data breach that affected 235,237 patients
Largest EU copper producer Aurubis suffers cyberattack, IT outage
Majority of small businesses not prepared for cyberattacks
Michigan Medicine Notifies 33K Patients of Phishing Attack
Microsoft: Raspberry Robin USB worm hits nearly 1,000 organizations in the past month
Microsoft Authenticator gains feature to thwart spam attacks on MFA
Mining companies vulnerable to cyberattacks
More than half of UAE businesses targeted by ransomware in the past year: report
My Home Hospital patients caught up in Medibank hack
North Korea-backed Kimsuky gang hacking Android phones to gather intelligence
Optus reportedly sending cyber attack letters to dead people
Over 100 million accounts were breached in Q3 2022
Pathology lab, ACL, criticised for five-month delay in reporting patient data hack
Police called after SA Liberal Party caught up in alleged data breach
Qbot malware rears its ugly head again
Ransomware actors stole the personal data of 4m Australians from Medibank's servers
Ransomware attacks are hitting heavy industry where it hurts - the wallet
Raspberry Robin Operators Selling Cybercriminals Access to Thousands of Endpoints
Researchers Uncover Stealthy Techniques Used by Cranefly Espionage Hackers
Rogue employee hacks New York Post website with extremist, hate-filled headlines
Santander: Radical Action Needed to Tackle APP Fraud
Scammers Target Logistics Following High Number of DHL-related Phishing Scams
South Australian Liberal Party calls police due to major data breach
Student arrested for running one of Germany’s largest dark web markets
Telefónica has confirmed a cyber attack
The 7 Best Ways to Avoid Phishing Scams
The role of bots in API attacks
These Dropper Apps On Play Store Targeting Over 200 Banking and Cryptocurrency Wallets
Twilio Reveals Further Security Breach
Ukrainian Hacker Charged for Operating “Raccoon Stealer” Malware-as-a-Service
With record-high data breaches, now is the time for cybersecurity storage adoption
ZTNA or VPN – Which is Better for you?
27/10
Acadia Training launches Cyber Security Technician Bootcamp
Apple iOS and macOS Flaw Could've Let Apps Eavesdrop on Your Conversations with Siri
Australian firms hit by industrial ransomware in 3Q, sec firm Dragos claims
Australian Health Insurer Medibank Suffers Breach Exposing 3.9 Million Customers' Data
BlackCat ransomware gang claims attack on Ecuador’s army
Bristol City Council apologises for data breach in response to Clean Air Zone applications
British Hacker Charged for Operating "The Real Deal" Dark Web Marketplace
Chrome Extensions Harboring Dormant Colors Malware Infect Over a Million PCs
Cloud security made simple in new guidebook for lean teams
Cyber security: recession proof?
CyberMonth: Six Cybersecurity Trends to Stay Ahead Of
Cybersecurity’s importance and impact reaches all levels of the tech workforce
Data breach possibly exposes health info for 34K Michigan Medicine patients
DHL takes top spot in brand phishing attempts
Fodcha DDoS botnet reaches 1Tbps in power, injects ransoms in packets
Ghostwriter: Open-source project management platform for pentesters
GitHub Bug Exposed Repositories to Hijacking
Hive Ransomware hackers leak stolen data from Tata Power
How can adaptive zero trust improve the cyber security of your organisation
IBM Cost of a Data Breach 2022 – Highlights for Cloud Security Professionals
Implementing Connected Place Cybersecurity Principles
Industrial Ransomware Attacks: New Groups Emerge, Manufacturing Pays Highest Ransom
It's data breach season, and it’s not looking good for Australia
LinkedIn Unveils New Security Features to Tackle Fraud
Medibank Backtracks: All Customer Data Was Exposed to Hackers
Mitigating the risks of artificial intelligence compromise
Next Windows 10/11 Patch Tuesday fixes Microsoft's botched vulnerable driver blocklist
New Cryptojacking Campaign Targeting Vulnerable Docker and Kubernetes Instances
New York Post hacked with offensive headlines targeting politicians
Pathology company Australian Clinical Labs reveals it was hit by cyber attack in February
Phishing scammer Monkey Drainer has pilfered as much as $1M in ETH
Phishing volumes increase over 30 percent with well-known brands as favorite targets
Remote workers leaving legal sector “wide open” to cyber-attack boom
These cybersecurity vulnerabilities are most popular with hackers right now - have you patched them?
Why dark data is a growing danger for corporations
Winkeo-C FIDO2, hands on: A reliable and affordable USB-C security key
White House Launches Chemical Sector Security Sprint
Why you should care about cyber security
Your CCTV devices can be hacked and weaponized
26/10
A quick guide for small cybersecurity teams looking to invest in cyber insurance
Carousell Singapore Data Breach
Cuba ransomware cartel spoofs Ukraine armed forces
Cyber attack insurance is approved to protect French firms
Data Breach Victims Sue Rhode Island Transit Agency, Insurer
Fill the cybersecurity talent gap with inquisitive job candidates
Genshin Impact dev suffers massive data breach
Hackers Actively Exploiting Cisco AnyConnect and GIGABYTE Drivers Vulnerabilities
Has Your Software Supply Chain Already Been Compromised?
Hive Group Admits to Leaking Data in Tata Power Ransomware Attack
How cybersecurity VCs find visionary companies in emerging sectors
ICO Warns of "Immature" Biometric Tech
Kimsuky Hackers Spotted Using 3 New Android Malware to Target South Koreans
LinkedIn's new security features combat fake profiles, threat actors
London's New Cyber Resilience Centre Set to Fight Cybercrime in the Capital
Medibank confirms hacker had access to data of all 3.9 million customers
Microsoft fixes Windows vulnerable driver blocklist sync issue
Microsoft: Server Manager disk resets can lead to data loss
Monkey Drainer Steals $1M Worth of Crypto in Elaborate Phishing Attack
New Cryptojacking Campaign Kiss-a-dog Targeting Docker and Kubernetes
New Year, new cyber security career
Protecting organizations by understanding end-of-life software risks
Ransomware Gangs Ramp Up Industrial Attacks in US
Ransomware Impacts Mental Health More Than You May Think
Ransomware Threat Shifts from US to EMEA and APAC
See Tickets Discloses Major Card Data Breach
The FTC is doing more to protect data, but to some it’s still not enough
Two flaws in Cisco AnyConnect Secure Mobility client for Windows actively exploited
UOW graduate voices concerns regarding Medibank data breach
Vice Society Hackers Are Behind Several Ransomware Attacks Against Education Sector
Vigilance is key in wake of major data breach
VMware fixes critical RCE in VMware Cloud Foundation
VMware Releases Patch for Critical RCE Flaw in Cloud Foundation Platform
What consumers expect from organizations that handle their personal data
Why Gig Economy Shouldn’t Take Sensitive Data for a Ride
25/10
22-Year-Old Vulnerability Reported in Widely Used SQLite Database Library
APAC faces 2.1M shortage in cybersecurity professionals
Apple Fixes Actively Exploited iOS and iPadOS Zero-Day Vulnerability
Apple fixes exploited iOS, iPadOS zero-day (CVE-2022-42827)
Apple Releases Patch for New Actively Exploited iOS and iPadOS Zero-Day Vulnerability
“Ataque hacker ao TCE veio da Alemanha”, diz Alexandre Postal
Australia seeks stiffer penalty for data breaches amidst spate of security incidents
Brasileirinhas acha hacker adolescente e processa pais
Cybercriminals Used Two PoS Malware to Steal Details of Over 167,000 Credit Cards
Cybersecurity teams are reaching their breaking point. We should all be worried
Data Breaches Rise By 70% Globally in Q3 2022
Don’t wait for medical device cybersecurity legislation: Act now to save patients’ lives
Ed Sheeran tem computador invadido por hackers e músicas vendidas em bitcoins
FBI prende hacker que recebia criptomoedas por aluguel de vírus
Government seal of approval for Northumbria cyber security degree
Hive claims ransomware attack on Tata Power, begins leaking data
Hive Ransomware Hackers Begin Leaking Data Stolen from Tata Power Energy Company
How the Software Supply Chain Security is Threatened by Hackers
How to set up two-factor authentication for your Facebook account
IMARC: ‘Lives at stake – cyber security a global threat for mining giants’
Iranian Atomic Energy Agency Admits Email Hack
Key observations on DDoS attacks in H1 2022
Medibank data breach: More customers affected, attacker got in via stolen credentials
New cyber security centre opens to protect Civil Service computer systems
Paying off hackers is common, says top Australian govt cybersecurity firm
Plataforma DeFi da Polygon encerra serviço de empréstimo após ataque hacker
Plataforma DeFi da Polygon perde R$ 1,3 milhão em ataque hacker
POS Malware Used to Steal Details of Over 167,000 Credit Cards
Researchers Detail Windows Event Log Vulnerabilities: LogCrusher and OverLog
Researchers Detail Windows Event Log Vulnerabilities: LogCrusher and OverLog
Site de rádio baiana relata ataque hacker com críticas ao Supremo Tribunal Federal
The long-term psychological effects of ransomware attacks
The Top Cybersecurity Trends to Be Aware of in 2023
To retain cybersecurity professionals, keep remote work as an option
Ukraine Warns of Cuba Ransomware Campaign
US Charges Two Chinese Agents in Huawei Obstruction Case
U.S. Official Sees More Aggressive Cybersecurity Threats From Russia, China etc.
What closed-source software developers can learn from their open-source counterparts
With cyber security, there is no such thing as adequate cover
24/10
A year of SANS security summits
Apple fixes new zero-day used in attacks against iPhones, iPads
Asset risk management: Getting the basics right
Australian Government to Increase Data Breach Penalties
Australia increases penalties for data breaches after Optus, Medibank hacks
Business travellers not taking steps to reduce exposure to cyber security threats
CA, Huawei Root For Training Bootcamps To Fill Cyber Security Skills Gap
Câmara de São Carlos sofre ataque hacker e fica sem acesso à rede interna e internet
cert-manager: Automatically provision and manage TLS certificates in Kubernetes
Challenges of SEC cyber-security disclosure rules proposal
Chrome extensions with 1 million installs hijack targets’ browsers
CISA Warns Against Ransomware Group Daixin Team Targeting Health Organizations
CISA Warns of Daixin Team Hackers Targeting Health Organizations With Ransomware
Clicker Malware Garners Estimated 20 Million Downloads
Consumer behaviors are the root of open source risk
Criminals are starting to exploit the metaverse, says Interpol. So police are heading there too
Cuba ransomware affiliate targets Ukrainian govt agencies
Cyber attackers hack into Iran's atomic energy agency as protests over Amini's death continue
Cyber Security & Cloud Expo Global announces new speakers
Cyber security event targeted by hackers
Cyber security hacks from the experts
DHL Replaces LinkedIn As Most Imitated Brand in Phishing Attempts
Download eBook: Top virtual CISOs share 7 tips for vCISO service providers
Ensuring maximised cyber security
European Police Warn of Metaverse Cyber-Threats
FBI warning: This ransomware group is targeting poorly protected VPN servers
FTX Chief Announces Huge Compensation to Phishing Attack Victims But With A Warning
Google Chrome to drop support for Windows 7 / 8.1 in Feb 2023
Here’s what regulators will want boards to know about cybersecurity
How to set up SSH key authentication in Linux for more secure logins
Investigation reveals Simplify data breach exposed employees personal information
Iran’s atomic energy agency confirms hack after stolen data leaked online
Is cyber-security important to Pakistan?
Majority of mid-to-large firms suffer ransomware attack
Microsoft fixes printing issue blocking Windows 11 22H2 upgrades
Multiple RCE Vulnerabilities Discovered in Veeam Backup & Replication App
Norton warns shoppers to be vigilant as online scams rise
Outsourcer Interserve fined £4.4m for failing to stop cyber-attack
Pendragon car dealer refuses $60 million LockBit ransomware demand
SideWinder APT Using New WarHawk Backdoor to Target Entities in Pakistan
Social engineering attacks anybody could fall victim to
The case for an Australian Cyber Security Act
The looming threat of cyber security debt in the public sector
The Human Factor of Cybersecurity: What's Putting You At Risk
Toyota: Data breach involving source code hosted on GitHub
UK Construction Biz Fined £4.4m for Serious Security Failings
UK Cyber Security Council Creates Chartered Qualification for Industry Pros
We're still terrible at passwords
Why Must Firms Prioritise Reactive and Preventative Cybersecurity?
Why Ransomware in Education on the Rise and What That Means for 2023
23/10
Atomic Energy Organization of Iran (AEOI) Dismisses Media Hype on Cyberattack
Australia set to increase penalties for data breaches following major cyberattacks
Beware of this Veridian Credit Union phishing scam text
Car retail giant hit by major cyber attack
Councils hit by 10,000 data breaches in past five years
Even the world’s greatest cybersecurity is no match for human error
FTX Users Lose Millions to API Exploit
Hackers stole sensitive data from Iran’s atomic energy agency
More Work Needed to Secure Data in the Cloud, Survey Finds
‘NOBODY IS IMMUNE:’ Businesses face growing risks, costs from cyber threats
Notorious UK hacker jailed for selling unreleased artist songs
This dreaded malware pretends to be Windows Update to hide
This type of fraud has spiked in South Africa – and people are losing thousands of rands
Thousands of GitHub repositories deliver fake PoC exploits with malware
Top 5 Common Online Dating Scams
Typosquat campaign mimics 27 brands to push Windows, Android malware
WhatsApp clone apps are a hacker’s dream
White hat hacker returns $300,000 gained from OlympusDAO
Wholesale giant METRO confirmed to have suffered a cyberattack
Why Photo Editing Apps Are a Security and Privacy Risk
Winnipeg Not-For-Profit Hacked
With All Eyes on Russia, China Continues to Strike
With this deception they take everything from you