DAILY NEWS: Outubro (01/10 - 07/10) - 40 Semana de 2023

Cyber Security and Information Security News --- Daily Updates !! Week Resume

07/10

Congress probe sought on PhilHealth data breach

Data breach at MGM Resorts expected to cost casino giant $100 million

Facebook’s Official Page Hacked; Demand Release of Pakistani PM Imran Khan

FBI sounds the alarm 'phantom hacker' campaigns sweeping the US... Here is how YOU can protect yourself

Fortifying Finances: Balancing Cybersecurity And Budgetary Realities

Hacker claims to have stolen genetic data from millions of 23andMe users and is trying to sell the information online

Hackers access voter information in DC Board of Elections data breach

How to protect you & your business from social media scammers

‘Human error’: Review finds Wellington City Council crash data breach was preventable

India amongst top three most targeted APAC countries as AI use, ransomware increases: Report

National Privacy Commission (NPC) probes PhilHealth's possible violations after ransomware attack

People illegally streaming movies, sport and TV in UK face having bank account emptied

06/10

37% intimidated, 39% frustrated with online security

49 states secure $49.5 million settlement with Blackbaud over 2020 data breach

65% of Cybersecurity Teams Understaffed

A cyber attack has left Telemadrid without a live broadcast: it has had to resort to canned programs

AI can play pivotal role in enhancing cyber security by augmenting human capabilities and automating routine tasks: IBM

AI Poses Challenges, Opportunities for IT Security Leaders

Apple Issues Emergency Patches for More Zero-Day Bugs

Are executives adequately guarding their gadgets?

AWS to Mandate Multi-Factor Authentication from 2024

Best-practice cyber-security for accounting firms in Australia

Beware of bogus QR code images online and in public places

Canadian organizations unprepared for AI-driven cyber threats

CDW data to be leaked next week after negotiations with LockBit break down

CEOs lack confidence in their firm’s ability to avert cyber attacks: Report

Cheapfakes and vishing: How targeted scams are evolving

Chinese Hackers Target Semiconductor Firms in East Asia with Cobalt Strike

Christchurch Job Seekers' personal email addresses exposed in data breach

CISA and NSA Publish Top 10 Misconfigurations

Customized test benchmarks and openness crucial as generative AI models evolve

Cybersecurity Threats in a Hyperconnected World — Phishing (Deceptive Manipulation)

D.C. Board of Elections confirms voter data stolen in site hack

Digital Piracy Returns to Sea: Protecting Autonomous Ships from Online Attacks

'Embarrassing': Home Affairs Department website crippled by cyber attack, barring online access to visa applications

Enterprises see AI as a worthwhile investment

Federal Trade Commission (FTC) warns of ‘staggering’ losses to social media scams since 2021

Fiserv attack exposes 837K Flagstar Bank clients

Florida court pauses many proceedings following cyberattack

Generative AI: Cybersecurity’s Ally or Adversary?

Genetics firm 23andMe says user data stolen in credential stuffing attack

GitHub's Secret Scanning Feature Now Covers AWS, Microsoft, Google, and Slack

Hacker Claims to Have Data of 7 Million 23andMe Users from DNA Service

How CISOs can use security data lakes to drive accountability

How To Fix The Common Mistakes Organizations Make With Data Security

How to stop ransomware thieves WORMing their way into your data

INC Ransomware claims to have hit Federal Labor Relations Authority

India emerges as top-3 target for nation-state driven cyber-attacks

Johnson Controls data breach possibly compromised US Department of Homeland Security's classified data

KillNet launches DDoS attack against UK royal family

Lyca Mobile blames cyber attack for network outage and service disruptions

Lyca Mobile says customer data was stolen during cyberattack

Medusa Hackers Release Stolen PhilHealth Data

MGM cyberattack cost over $100M in losses

MGM Resorts confirms hackers stole customers’ personal data during cyberattack

MGM Resorts cyberattack sparked customer data breach, cost the company $100 million

MGM Resorts ransomware attack led to $100 million loss, data theft

Mississippi Coast orthopedic practice faces lawsuits over ‘massive’ patient data breach

Navigating The New Normal: Cybersecurity, Fraud Mitigation, Risk Strategies In A Mobile World

North Korea's Lazarus Group Launders $900 Million in Cryptocurrency

Número de mulheres “hackers” para teste de urnas no TSE aumenta 157%

October 2023 Patch Tuesday forecast: Operating system updates and zero-days aplenty

Persistent threat actor reappears after FBI takedown of QakBot

Personal info of 55m breached

Poor cybersecurity habits are common among younger employees

Popular DNA testing service 23andMe investigates data leak claims

Prospect Medical Holdings says August ransomware attack impacted over 190k patients

Qakbot Gang Still Active Despite FBI Takedown

Ransomware gang QakBot resurfaces after feds’ botnet takedown

Russia's KillNet group claims major DDoS attack on the Royal Family's website

Security researcher discovers exposed CRM database of Really Simple Systems

Shin Bet probes hack of Israeli President Herzog's Telegram account

SiegedSec hacker group claims second major cyber attack on NATO in four months

Sony confirms data breach affecting nearly 7,000 employees

Sony Contacts Nearly 6,800 Employees Following Security Breach

Strong Password Best Practices and MFA

Supermicro's BMC Firmware Found Vulnerable to Multiple Critical Vulnerabilities

The Edge Of Browser Security: Why Proxies Aren't Enough

THORSwap paused following FTX hacker's transactions claims

Through the lens of fashion: India’s Digital Personal Data Protection Act 2023

Ukraine cyber-conflict: Hacking gangs vow to de-escalate

Unseen Costs of Ignoring Cyber Security for Small Business

US freight transporter Estes Express Lines says cyber attack caused significant service disruptions

Zero-day bugs: what they are and how to defend against them

Zero-Day WhatsApp Hacking Vulnerabilities Worth Millions

Why AI in cybersecurity needs to be part of business strategy to boost resilience

Why MFA Is Not the Panacea the Industry Is Touting it to Be

Yusen Logistics confirms cybersecurity incident leading to delivery delays

05/10

Amazon to make MFA mandatory for 'root' AWS accounts by mid-2024

Analysis and Config Extraction of Lu0Bot, a Node.js Malware with Considerable Capabilities

Apple patches another iOS zero-day under attack (CVE-2023-42824)

Apple Rolls Out Security Patches for Actively Exploited iOS Zero-Day Flaw

Atlassian Confluence Hit by New Actively Exploited Zero-Day – Patch Now

China-linked cyberspies backdoor semiconductor firms with Cobalt Strike

China Poised to Disrupt US Critical Infrastructure with Cyber-Attacks, Microsoft Warns

CISA and NSA Tackle IAM Security Challenges in New Report

CISA Warns of Active Exploitation of JetBrains and Windows Vulnerabilities

Cisco fixes serious flaws in emergency responder and other products

Cisco Releases Urgent Patch to Fix Critical Flaw in Emergency Responder Systems

Coming from inside the building: dark web recruitment of malicious insiders

Critical Atlassian Confluence zero-day exploited by attackers (CVE-2023-22515)

Critical Glibc Bug Puts Linux Distributions at Risk

Eyes everywhere: How to safely navigate the IoT video revolution

GoldDigger Android Trojan Drains Victim Bank Accounts

GoldDigger Android Trojan Targets Banking Apps in Asia Pacific Countries

Google, Yahoo announce new email authentication requirements for 2024

Guyana Governmental Entity Hit by DinodasRAT in Cyber Espionage Attack

Hackers do Bem abre seleção para professores de cibersegurança

High-business-impact outages are incredibly expensive

How to remove tracking info from links in MacOS Safari and reclaim your privacy

Jornalista do Estadão é alvo de ataque hacker; governo diz que vai acionar PF

LLMs lower the barrier for entry into cybercrime

Lyca Mobile investigates customer data leak after cyberattack

Microsoft releases new, faster Teams app for Windows and Mac PCs

New cryptographic protocol aims to bolster open-source software security

NSA and CISA reveal top 10 cybersecurity misconfigurations

Organizations grapple with detection and response despite rising security budgets

Patch now: This serious Linux vulnerability affects nearly all distributions

Qakbot malware’s creators ride again, despite FBI takedown

QakBot Threat Actors Still in Action, Using Ransom Knight and Remcos RAT in Latest Attacks

Record Numbers of Ransomware Victims Named on Leak Sites

Scammers Impersonate Companies to Steal Cryptocurrency from Job Seekers

Soft skills continue to challenge the cybersecurity sector

Sony confirmou que ataque hacker invadiu dados de quase 7 mil funcionários e ex-funcionários

The root cause of open-source risk

US Government Proposes SBOM Rules for Contractors

Why open-source software supply chain attacks have tripled in a year

04/10

Amazon: AWS root accounts must have MFA enabled

Are your emails safe? After PhilHealth cyber attack, here’s how to spot data breach

Arm and Qualcomm Chips Hit by Multiple Zero-Day Attacks

Beware of SMS text scam impersonating couriers

Businesses, individuals urged to adopt cyber risk mitigation strategies

Check Point discovers new phishing scam on Dropbox

Conta de administrador da Shiba Inu no Telegram sofre ataque hacker; SHIB recua

Cybersecurity Awareness Month 2023: Back to basics – and beyond

Cybersecurity preparedness pays big dividends for businesses

Cybertech Europe 2023 video walkthrough

Everything Nonprofits Need to Know About Mobile Device Management

Factors leading to organizations losing control over IT and security environments

Google unveils stricter anti-spam rules for bulk email senders

Gulf Cooperation Council (GCC) data in demand on the cybercriminal services market

“Hackers do bem vão atestar invulnerabilidade das urnas”, diz Moraes

How Healthcare Organizations Can Defend Against Ransomware

Linux Vulnerability Exposes Millions of Systems to Attack

Looney Tunables: New Linux Flaw Enables Privilege Escalation on Major Distributions

Macau Radio Taxi targeted by hackers in cyber attack

Making privacy sustainable: Incorporating privacy into the ESG agenda

Michigan hospital system says it’s suffered ransomware attack

Microsoft Warns of Cyber Attacks Attempting to Breach Cloud via SQL Server Instance

Modern-day threats in the crypto gold rush

PlayStation maker victimized in MOVEit Transfer breach

Police Issue “Quishing” Email Warning

Privacy commission probes possible negligence in PhilHealth cyberattack

Ransomware: All the ways you can protect storage and backup

Ransomware gang posts 30GB of data it claims belongs to a Victorian real estate group

Russia mistakenly doxxes its own secret bases and spies

Tackling cyber risks head-on using security questionnaires

The most common cyber scams Australians are falling victim to - and how to protect yourself: 'Everyone is at risk'

TSE abre código-fonte da urna eletrônica para 'hackers do bem'

UK SMEs' cybersecurity concerns surge amidst virus attacks

Understanding the layers of LLM security for business integration

Zombie Zoom Meeting Links Expose Thousands of Organizations

What is a Data Breach?

03/10

81% of security leaders say that API security is a higher priority

Agenda ransomware threatens to resurface

AI: Threat or opportunity for cybersecurity?

Android October security update fixes zero-days exploited in attacks

Anonymous-affiliate Discord leak spells bad news for Russia

API Security Trends 2023 – Have Organizations Improved their Security Posture?

Após invasão hacker, Conquista Repórter está de volta!

Arm Issues Patch for Mali GPU Kernel Driver Vulnerability Amidst Ongoing Exploitation

Arm patches bugs in Mali GPUs that affect Android phones and Chromebooks

Barriers preventing organizations from DevOps automation

Battling Phishing and Business Email Compromise Attacks

Canadian organizations are unprepared for AI-driven cyber threats, new CIRA report finds

Chalk: Open-source software security and infrastructure visibility tool

CISO’s compass: Mastering tech, inspiring teams, and confronting risk

CyberEPQ Course Triples Student Intake for the Coming Year

Cybersecurity Awareness Month – Essential Cyber Hygiene

Cybersecurity experts raise concerns over EU Cyber Resilience Act’s vulnerability disclosure requirements

Cybersecurity professional job-satisfaction realities for National Cybersecurity Awareness Month

Data Breaches in Nepal: Understanding the Risks and Solutions

EU Cyber Resilience Act Could be Exploited for Surveillance, Experts Warn

EvilProxy uses indeed.com open redirect for Microsoft 365 phishing

Evolving conversations: Cybersecurity as a business risk

Fifth of Brits Suspect They've Been Monitored by Employers

Fort Myers health care billing company faces data breach; notifies patients

FortiGuard Uncovers Deceptive Install Scripts in npm Packages

GenAI in software surges despite risks

Germany-Based Motel One Group Confirms Data Breach

Greater Dallas Healthcare Enterprises Announces Data Breach Affecting Patients' Health and Medical Information

Hackers estão vendendo com desconto tokens vinculados aos hacks da CoinEx e da Stake

Half of Cybersecurity Professionals Report Increase in Cyber-Attacks

How to password-protect your Private Browsing in MacOS Sonoma and Safari

Indiana Attorney General Sues CarePointe Over 2021 Ransomware Attack

Is Generative AI Redefining Phishing Tactics in Cybersecurity?

Lyca Mobile UK Confirm Cyber Attack Responsible for Disruption

McLaren Health Care confirms ransomware attack, investigates hackers' threats to release data online

Metro Transit steadily recovering from cyber attack

Microsoft Edge, Teams get fixes for zero-days in open-source libraries

Motel One Group’s Swift Response Thwarts Ransomware Attack

New 'Looney Tunables' Linux bug gives root on major distros

NSA Establishes AI Security Center

Over 3 Dozen Data-Stealing Malicious npm Packages Found Targeting Developers

PhilHealth admits data of some members compromised in data breach

Photos: Cybertech Europe 2023

Predator Spyware Linked to Madagascar's Government Ahead of Presidential Election

Protecting your IT infrastructure with Security Configuration Assessment (SCA)

Qualcomm Releases Patch for 3 new Zero-Days Under Active Exploitation

Qualcomm says hackers exploit 3 zero-days in its GPU, DSP drivers

Ransomware Crisis, Recession Fears Leave CISOs in Tough Spot

Ransomware gang posts 30GB of data it claims belongs to Victorian real estate group

Researcher Reveals New Techniques to Bypass Cloudflare's Firewall and DDoS Protection

San Francisco’s transport agency exposes drivers’ plate numbers and addresses

ShellTorch flaws expose AI servers to code execution attacks

Software firms under cyber attack

The value of threat intelligence — and challenges CISOs face in using it effectively

Two hacker groups are back in the news, LockBit 3.0 Black and BlackCat/AlphV

UK businesses face tightening cybersecurity budgets as incidents spike

Upstream Supply Chain Attacks Triple in a Year

Zero-day in Arm GPU drivers exploited in targeted attacks (CVE-2023-4211)

Warning: PyTorch Models Vulnerable to Remote Code Execution via ShellTorch

What Is Endpoint Detection and Response (EDR)?

02/10

9 essential ransomware guides and checklists available for free

100K exposed systems endanger power, traffic, water utilities

AI-Generated Phishing Emails Almost Impossible to Detect, Report Finds

APIs: Unveiling the Silent Killer of Cyber Security Risk Across Industries

Arm warns of Mali GPU flaws likely exploited in targeted attacks

Ataque hacker bloqueia sistemas da Agência Nacional de Águas (ANA)

BunnyLoader Malware Targets Browsers and Cryptocurrency

BunnyLoader: New Malware-as-a-Service Threat Emerges in the Cybercrime Underground

Cigna Agrees $172m Payment to Settle Fraud Allegations

Cisco warns of attempted exploitation of zero-day in VPN software

Cl0p study hints at gang‘s masking tactics

Critical vulnerability in WS_FTP Server exploited by attackers (CVE-2023-40044)

Critical zero-days in Exim revealed, only 3 have been fixed

Crypto Industry Lost $685 Million in Q3 2023, 30% by Lazarus Group

Cybersecurity Awareness Month Celebrates 20 Years

Data Theft Overtakes Ransomware as Top Concern for IT Decision Makers

Exploit available for critical WS_FTP bug exploited in attacks

FBI Warns of Dual Ransomware Attacks and Data Destruction Trends

FBI warns of surge in 'phantom hacker' scams impacting elderly

Global events fuel DDoS attack campaigns

Hackers attack US healthcare giant, more than 190K people affected

Hackers steal user database from European telecommunications standards body

Hackers suspeitos de invadir sistema de hospital em Taguatinga (DF) são presos

LastPass employees and customers targeted in “pervasive” phishing campaign

Lazarus impersonated Meta recruiter to breach Spanish aerospace firm

LUCR-3: Scattered Spider Getting SaaS-y in the Cloud

Most dual ransomware attacks occur within 48 hours

Motel One discloses data breach following ransomware attack

Nearly 100,000 Industrial Control Systems Exposed to the Internet

New BunnyLoader threat emerges as a feature-rich malware-as-a-service

OpenRefine's Zip Slip Vulnerability Could Let Attackers Execute Malicious Code

Over half of phishing emails now use obfuscation tactics to avoid detection

Protecting against FraudGPT, ChatGPT’s evil twin

Royal Family Website Downed by DDoS Attack

Royal family website hit by cyber attack

Royal Family’s Website Targeted by Denial-of-Service Attack

Seaports in India were left vulnerable to takeover by hackers

Securing GitHub Actions for a safer DevOps pipeline

Silent Skimmer: A Year-Long Web Skimming Campaign Targeting Online Payment Businesses

Sistemas da UFMS retornam aos poucos após ataque hacker; PF vai investigar o caso

The top 9 cyber security incidents in September 2023

US, UK, and Democratic Nations Unite to Combat Cyber-Threats to Civil Society

Virginia school district open despite LockBit ransomware attack

Zanubis Android Banking Trojan Poses as Peruvian Government App to Target Users

01/10

Amazon sends Mastercard, Google Play gift card order emails by mistake

Ataque de hackers pró-Rússia derruba site da família real britânica

Ataque de hackers russos derruba site da família real britânica

Choosing the Right Cybersecurity Awareness Training Solution: Your Ultimate Checklist

Cyber plan to protect business

Cybersecurity Awareness Month

Ensuring Robust Cyber Security for Cloud Services and Network Protection: Policy, Standards, and Control Imperatives

Germany is failing to protect power groups from cyber attacks, warns Eon boss

Hacker da FTX movimenta mais de US$ 17 milhões em ETH nas últimas 24 horas

How to Move from Cybersecurity Silos to Holistic Protection

Meet LostTrust ransomware — A likely rebrand of the MetaEncryptor gang

New Marvin attack revives 25-year-old decryption flaw in RSA

NIST Cybersecurity Framework 2.0: What’s Coming? This Is What You Need To Know About It!

NSA launches AI security center amid growing cyber threats

Royal Family's official website targeted in cyber attack

Russian hackers claim responsibility for cyber attack on official Royal Family website

Unveiling Aretes Crimeware Report Insights Into Cybersecurity Threats

Why every company should include threat intelligence in their cybersecurity strategy

DAILY NEWS: Setembro (24/09 - 30/09) - 39 Semana de 2023