DAILY NEWS: Setembro (03/09 - 09/09) - 36 Semana de 2023
Cyber Security and Information Security News --- Daily Updates !! Week Resume
09/09
10 Free Tools to Start Your Cybersecurity Journey
Australian Cybercrime Statistics Shed Light On The Current Cyber Threat Landscape In 2023
Canada, U.S. ‘have to look after each other’ on cybersecurity: Cyber Centre head
ChatGPT proxy scam warning as fraudsters steal personal details to blackmail victims
China’s Dangerous Game: Weaponizing the Metaverse
Cybercriminals Weaponizing Legitimate Advanced Installer Tool in Crypto-Mining Attacks
Department for Work & Pensions (DWP) issues scam warning ahead of £300 cost of living payment
Don’t click, think twice: How to spot a fake website
Fake OTP Sender: Understanding the Risks and How to Stay Protected
Gaming and Cybersecurity: Protecting Your Virtual Assets
Microsoft Teams phishing attack pushes DarkGate malware
Millions Infected by Spyware Hidden in Fake Telegram Apps on Google Play
North Korean Hackers Steal $41 Million Crypto from Online Casino
Russian Ransomware Gang Alphv Targets Pathology Company, Law Firms In Latest String Of Attacks
Save 90% on this stacked cybersecurity and IT skills bundle
Thousands of Microsoft 365 accounts under threat from W3LL phishing kit
08/09
60% of organizations faced at least one API related breach
75% of education sector attacks linked to compromised accounts
Apple Patches Two Zero-Days Exploited in Pegasus Attacks
Apple patches two zero-days under attack (CVE-2023-41064, CVE-2023-41061)
Apple Rushes to Patch Zero-Day Flaws Exploited for Pegasus Spyware on iPhones
Best practices for implementing a proper backup strategy
China Unleashes AI-Powered Image Generation For Influence Operations
CISA Adds Critical RocketMQ Bug to Must-Patch List
CISA Warning: Nation-State Hackers Exploit Fortinet and Zoho Vulnerabilities
Cisco security appliance 0-day is under attack by ransomware crooks
Cisco warns of VPN zero-day exploited by ransomware gangs
Cyber-criminals Exploit GPUs in Graphic Design Software
Dymocks Booksellers suffers data breach impacting 836k customers
Eleven Russian Trickbot gangsters sanctioned by US and UK
Emsisoft to Users: Update Software, Reboot Systems After Certificate Error
FBI vincula hack ao cassino cripto Stake ao Grupo Lazarus da Coreia do Norte
Fortifying the Foundation: Empowering a Zero-Trust Security Paradigm
Google Kills 3rd-Party Cookies — but Monopolizes AdTech
Google TAG Exposes North Korean Campaign Targeting Researchers
Hackers norte-coreanos roubaram R$ 205 milhões de cassino cripto promovido por Drake, diz FBI
Incident of the Week: Ransomware gang steals 1.3TB of data from Sabre
Lazarus steals $41M from virtual betting site
Maidstone: Secondary school hit by cyber attack
Massive DDoS attack on U.S. financial company thwarted by cyber firm
Multiple nation-state hackers targeted aerospace company, CISA says
Multiple Security Vulnerability Notifications on Apple Products
New quantum random number generator could revolutionize encryption
North Korean Hackers Exploit Zero-Day Bug to Target Cybersecurity Researchers
North Korean hackers target security researchers with zero-day exploit
Notepad++ 8.5.7 released with fixes for four security vulnerabilities
Orca’s new LLM tool to help detect Log4j-like exploits
Protecting Your Microsoft IIS Servers Against Malware Attacks
Ragnar Locker claims attack on Israel's Mayanei Hayeshua hospital
Regulator to Investigate Fertility App Security Concerns
Russian Man Handed Nine-Year Sentence for Hacking Scheme
September 2023 Patch Tuesday forecast: Important Federal government news
The CSO guide to top security conferences
The International Criminal Court will now prosecute cyberwar crimes
U.K. and U.S. Sanction 11 Russia-based Trickbot Cybercrime Gang Members
Unimplemented controls could derail your ESG compliance efforts
Unpatched Cisco ASA flaw exploited by attackers (CVE-2023-20269)
X “unfit” for banking because of complicity in Saudi spying, lawyers argue
Zero-day in Cisco ASA and FTD is actively exploited in ransomware attacks
Zero-days fixed by Apple were used to deliver NSO Group’s Pegasus spyware
Zero-Trust: 5 Steps to Transition From Hype to Reality
What Types of Data Breaches do you Need to Know About in 2023?
07/09
3 ways to strike the right balance with generative AI
4 Key Trends from the Cloudflare 2023 Phishing Threats Report
8 Actions You Should Take if You Think Your Mac Is Hacked
$24 Million Worth of Crypto Wiped out Overnight in Massive Phishing Attack
26% of hospitality industry cyberattacks included credential access
48% of CISOs claim AI security is their biggest concern
A data breach exposed private health information of more than 200,000 Medicaid clients in Indiana
AI threats: should we fight fire with fire?
Alert: Apache SuperSet Vulnerabilities Expose Servers to Remote Code Execution Attacks
Alleged LockBit attack shuts down city networks in Seville
Allwell Behavioral Health Settles Data Breach Class Action for $650,000
Amid G20 Summit, Indonesian Hacker Groups Target Indian Organisations And Digital Infrastructure
Anger after Northumberland school shares sensitive information about pupils in data breach
API Vulnerabilities: 74% of Organizations Report Multiple Breaches
Apple discloses 2 new zero-days exploited to attack iPhones, Macs
Apple zero-click iMessage exploit used to infect iPhones with spyware
Attention CISOs: Closing Your Identity Protection Gaps is Urgent
Auto industry evolution: how new vehicles are open to hackers, ransomware attacks
Baseline standards for BYOD access requirements
CentroMed Facing 2 Class Action Lawsuits Over 350,000-Record Data Breach
Chae$4 Malware Released, Targets Banking & Logistic Orgs
Chinese Hacker Steals Microsoft Signing Key, Spies on US Government
Cisco BroadWorks impacted by critical authentication bypass flaw
Closing the Gap: Cyber Security and Disaster Recovery
Cyber security is a necessity. So is dissent and freedom of speech
Cybersecurity among leading concerns of UK defence companies
Cybersecurity Builds Trust in Critical Infrastructure
Cybersecurity pros battle discontent amid skills shortage
Cyperport data put up for sale following cyber attack
Defence Housing Australia investigates third-party data breach
Domain Generation Algorithm (DGA) Behavior Shifts Raise Cybersecurity Concerns
Emerging cyber threats in 2023 from AI to quantum to data poisoning
Finish government to bolster spending on cyber-AI defences
Five Lessons On Safeguarding Point-Of-Sale Systems
Forever 21 Discloses Data Breach Impacting Over Half a Million
Fortinet report highlights decline in ransomware detection
GCash deactivates 4 million suspicious accounts
Google Cloud partners with CERT-In to train govt officials in cybersecurity
Google: State hackers attack security researchers with new zero-day
Goulburn council Facebook page back online after cyber attack
GPU-thirsty hackers target architects, designers with cryptomining malware
Hackers claim to publish prominent Israeli hospital’s patient data
Hackers Exploit Multiple Bugs in Hotel Booking Platform
Hackers Using ChatGPT to Generate Malware & Social Engineering Threats
How Chinese hackers got their hands on Microsoft’s token signing key
How cybercriminals use look-alike domains to impersonate brands
Hundreds of Scam Pages Uncovered in Major Investment Fraud Campaign
Hyundai to launch in-car payments in US
IBM: Janssen health database breached in cyber incident
IBM Notifies Janssen CarePath Customers of Data Breach
IBM Reports Patient Data Breach at Johnson & Johnson Subsidiary
Information Commissioner reprimands city council over cyber attack
Johnson & Johnson discloses IBM data breach impacting patients
Kazakhstan Ranks 78th in National Cyber Security Index
Lego-style cyber attacks test already strained defences
LibreOffice: Stability, security, and continued development
Mac Users Beware: Malvertising Campaign Spreads Atomic Stealer macOS Malware
MacOS malware has a new trick up its sleeve
Maharashtra: State to invest INR 837 crore project for cyber security
Mainframe remains a positive force among IT leaders
Microsoft: compromised account led to Chinese hack of US officials
Microsoft finds Storm-0558 exploited crash dump to steal signing key
Microsoft: How Chinese Hackers Stole Signing Key to Breach Outlook Accounts
Microsoft: North Korean hackers target Russian govt, defense orgs
Ministry of Defence documents leaked in cyber attack
Minneapolis Public Schools notifies over 100,000 individuals of data breach after cyberattack
Mirai Botnet Variant 'Pandora' Hijacks Android TVs for Cyberattacks
Moody’s warns of the impact of a cyber attack on Caja Popular Mexicana
New report analyses ransomware activity for past 6 months
Office of the Australian Information Commissioner (OAIC) wields data breach powers
Outlook Breach: Microsoft Reveals How a Crash Dump Led to a Major Security Breach
Over 300K Customers Impacted In See Tickets Data Breach
Patch ‘Em or Weep: Study Reveals Most Vulnerable IoT, Connected Assets
Pennsylvania removes email database of public employees
ProtonMail Code Vulnerabilities Leaked Emails
Public Wi-Fi don’t, what you should not do when using public Wi-Fi
Ransomware Hackers Publish Patient Info from Mayanei Hayeshua Hospital
Regulators: More than 255,000 CT insurance customers affected by data breach
Safe from account takeover attacks
Securing ERP Systems: Strategies & Threats in Modern Business Operations
Shifting left and right, innovating product security
Six effective antidotes to modern cyber adversaries
Smart devices spy for companies like Meta and TikTok, rights group warns
Smart: Fraudsters are using OTT messaging platforms to send text scams
Stake hacker bridges $1.5m in stolen MATIC
The Rising Tide of Data Breach Claims in the UK
The State of the Virtual CISO Report: MSP/MSSP Security Strategies for 2024
Think Tank Urges Labour to Promote “Securonomics” Agenda
Threads and the risks associated with social media
Top 20 Most Exploited Vulnerabilities: Microsoft Products Draw Hackers
UK and US sanction 11 Russians connected to notorious Trickbot group
UK and US Sanction 11 Russians Tied to Trickbot/Conti Ransomware
UK Government Backs Down on Anti-Encryption Stance
UK tech tsar warns of AI cyberthreats posed to NHS
University of Michigan issues urgent password reset following cyberattack
US and UK sanction 11 TrickBot and Conti cybercrime gang members
Victorian businesses hit by notorious gang
Xiaomi phones caught using malware-like tactics
Zero-Day Flaw Exposes Atlas VPN User IPs
Why fostering digital trust in financial services institutions is a mandate
Windows cryptomining attacks target graphic designer's high-powered GPUs
06/09
3 Lessons Learned from Attacks on Okta Super Admins
9 Alarming Vulnerabilities Uncovered in SEL's Power Management Products
Alert: Phishing Campaigns Deliver New SideTwist Backdoor and Agent Tesla Variant
ASUS routers are affected by three critical remote code execution flaws
AtlasVPN Zero-day Vulnerability Leaks the users IP Address
Attributes and Types of Security Testing
Avoidable digital certificate issues fuel data breaches
CIS Benchmarks Communities: Where configurations meet consensus
Como proteger seus dados financeiros de fraudes e ataques cibernéticos
Compliance budgets under strain as inflation and workload grow
Creating a more cyber secure supply chain requires group effort
Crypto Casino Stake.com Back Online After $40m Heist
Cut through cybersecurity vendor hype with these 6 tips
CXOs and directors are growing wary of generative AI: Report
Cyber-Criminals Only Have to Be Right Once? Not Quite
Cyber Security Program Planned at LBI Library
Cyber Security Today, Sept. 6, 2023 – Advice on cyber insurance
Cyber talent gap solutions you need to know
Cybercriminals target MS SQL servers to deliver ransomware
Cybersecurity: Oil and gas “waking up” to scale of threats posed to offshore infrastructure
Dastardly From BurpSuite: Lightweight Web App Security Scanner
Dealer cyber security tops agenda at MT Retailing EXPO 2023
Emerging threat: AI-powered social engineering
Everything You Need to Know About the SEC’s New Cybersecurity Rules
Experts Uncover Underground Phishing “Empire” W3LL
Five Ways MITRE ATT&CK Framework Can Improve Your Cybersecurity Posture
Freecycle data breach impacts 7 million members
From unsuspecting click to data compromise
Hackers stole Microsoft signing key from Windows crash dump
Hackers Weaponizing MinIO Storage System Flaws to Execute Remote Code
High-Severity Vulnerability Discovered in Popular CMS
Highgate Wood School closed following cyber attack
How SMEs can use Wazuh to improve cybersecurity
How to Bridge the Gap Between Cybersecurity and Physical Security
Identity needs a seat at the cybersecurity table
Irish cybersecurity firm Integrity360 to create 200 jobs across its locations
LADbible Group leaks internal data
Large companies unprepared for cyberattacks, boards say
LastPass under fire again as users report stolen crypto keys and losses
Machine learning operations can revolutionize cybersecurity
Madhabi Puri Buch Advocates Robust Cybersecurity Measures To Safeguard Broker Stability
Maharashtra to implement cyber security project at Rs 837 crore
Meatbag mishaps more menacing than malware? CISOs think so
Minneapolis school district says data breach affected more than 100,000 people
Mirai variant infects low-cost Android TV boxes for DDoS attacks
MITRE and CISA release Caldera for OT attack emulation
MITRE Caldera for OT now available as extension to open-source platform
Nagpur Police Use SRK's 'Jawan' To Promote Safe Cyber Security Practices
Nagpur Police’s cyber security advisory post features SRK’s avatars from Jawan
New Agent Tesla Variant Uses Excel Exploit to Infect Windows PCs
New BLISTER Malware Update Fuelling Stealthy Network Infiltration
Nominations for Top Cybersecurity Leader 2024 are now open
Obsessed with privacy? Keep Tails on a USB drive and secure most any computer
Old vulnerabilities are still a big problem
Por que os hackers atacam tanto o setor da saúde?
Port-IT adds new features to maritime cyber system
Proofpoint unveils new features to break cyberattack chain
Roadshow to bring cyber security to Orkney businesses
Russia-Backed APT28 Tried to Attack Ukrainian Critical Power Facility
S.Korean gov't to invest $827 mn in cyber security sector by 2027
Samsung Issued Patches for Multiple Critical Security Flaws
See Tickets exposes payment card information of 300K+ people
September Android updates fix zero-day exploited in attacks
Setor da Educação regista a taxa mais elevada de ataques de ransomware
State to draw up cyber security plan, allocates ₹837 crore
Swedish cybersecurity not good enough say experts
Three CISOs Share How to Run an Effective SOC
Toyota says filled disk storage halted Japan-based factories
UK Boards Are Growing Less Concerned About Cyber-Risk
Ukraine's CERT Thwarts APT28's Cyberattack on Critical Energy Infrastructure
Zero-Day Alert: Latest Android Patch Update Includes Fix for Newly Actively Exploited Flaw
W3LL phishing kit hijacks thousands of Microsoft 365 accounts, bypasses MFA
W3LL Store: How a Secret Phishing Syndicate Targets 8,000+ Microsoft 365 Accounts
What CISOs Need to Know About Residential Proxy Networks
Why privacy is important for Bitcoin users and the challenges it faces
Windows’s File History Service Flaw Let Attackers Escalate Privileges
05/09
6 free resources for getting started in cybersecurity
2023 Cost of a Data Breach: Key Takeaways
200,000 Indiana Medicaid members possibly exposed in CareSource data breach
AI Helps Combat the ‘Democratization’ of Cybercrime and Ransomware
Airlines Battle Surge in Loyalty Program Fraud
ALPHV/BlackCat group claims major ransomware attack on Georgia's Forsyth County
Atlas VPN zero-day allows sites to discover users’ IP address
Atlas VPN zero-day vulnerability leaks users' real IP address
Australian authorities tire of excuses, delays on data breach disclosure
Beware! LinkedIn Scam Preying on Job Seekers
Chipmaker NXP confirms data breach involving customers’ information
Coffee Meets Bagel says recent outage caused by destructive cyberattack
Connected cars and cybercrime: A primer
Crypto Faces Growing Threat of Sophisticated AI-Powered Scams
Crypto is in ‘arms race’ against AI-powered scams: Quantstamp co-founder
Cyber attack hits Wokingham's Maiden Erlegh School
Cyber attack on golfing giant Callaway leaves 1m victims in the rough
Developers have security, other generative AI concerns but use it anyway
DogeRAT Malware Threatens Android Users in India with Data Breach, Device Hijacking
Electoral Commission failed basic security test before hack
Evolving threat landscape highlights importance of cyber insurance
Freecycle Breach May Have Hit Millions of Users
Freecycle Data Breach Impacts 7 Million Users
From Data Breaches To BEC: The Connection Between Information Leakage And Fraud
Golf clubs manufacturer Topgolf Callaway says data breach impacted more than 1.1 million customers
Group-IB detects $64.5M phishing scam in APAC
Half of Financial Services Marketers’ CMS’ Breached in Last 3 Years
Half of Senior Financial Services Marketers Reveal Their CMS Has Been Breached in the Last 3 Years
Hawai’i State Department of Health resolves website defacement
Key Cybersecurity Tools That Can Mitigate the Cost of a Breach
Kids’ dental care provider suffers data breach
LinkedIn ransomware attack: Data held hostage, criminals demand payment to unlock accounts
LockBit Leaks MoD Contractor Data In “Sophisticated Cyber-Attack”
LockBit leaks sensitive data from maximum security fence manufacturer
Mend.io SAML Vulnerability Exposed
Meta Takes Down Thousands of Accounts Involved in Disinformation Ops from China and Russia
More Schools Hit By Cyber-Attacks Before Term Begins
Most education organisations suffered a cyber attack in past year
Nearly 83% of Indian organisations face cyberattacks last year: Report
Netskope divulga relatório de ameaças com foco em Telecom
New BLISTER Malware Update Fuelling Stealthy Network Infiltration
New Python Variant of Chaes Malware Targets Banking and Logistics Industries
New research reveals most-attacked, most-vulnerable assets
Northern Ireland’s Chief Constable Resigns After Data Breach
Novos detalhes do chefe “Infected Hacker” de Eternights
Online Gaming Platform Stake.com Loses $40M in Hack
Over 102 mn cyberattacks targeted Indian users in Q2: Report
Pennsylvania School District says ransomware attack disrupted computer systems
Public sector cyber threats: How audit teams combat rising risks
Reaper: Open-source reconnaissance and attack proxy workflow automation
Researchers Warn of Cyber Weapons Used by Lazarus Group's Andariel Cluster
Russian ransomware gang AlphV targets pathology company, law firms in latest string of attacks
Spear phishing and voice call scams: CSSF raises alarm
The misconceptions preventing wider adoption of digital signatures
The rise of blue check scammers targeting X complainers
TissuPath hack: patient data possibly exposed in cyber-attack on Melbourne pathology clinic
Two out of three companies lose data due to failed backups
UK election body failed cybersecurity test before hack
UK Electoral Commission Fails Cybersecurity Test Amid Data Breach
UK National Cyber Security Centre Gets a New CTO
Understanding AI Security Made Simple – Your Questions Answered
University of Minnesota faces lawsuit over data breach that compromised 7m SSNs
Using Behavioral AI to Actively Monitor Threat Landscapes
Xiaomi: usuários relatam ter encontrado malware no navegador do smartphone
What is cyber insurance and can it protect scam victims?
Why end-to-end encryption matters
World’s Largest Cryptocurrency Casino Stake Hacked for $41 Million
04/09
5 ways in which FHE can solve blockchain’s privacy problems
10 countries with the highest number of online scammers in the world
AI-Based Pattern Analysis Traps Attackers Trying To Abuse Accounts
Apple Opens Application for Security Research Device Program
Attackers accessed UK military data through high-security fencing firm's Windows 7 rig
Ayush Jharkhand portal breached, 3.2L patients' records exposed: Security researchers
Beware of MalDoc in PDF: A New Polyglot Attack Allowing Attackers to Evade Antivirus
Beware of New Fileless Malware that Propagates Through Spam Mail
BitBrowser Hacker Moves 236 ETH Of Stolen Funds With Crypto Mixer eXch
Calloway data breach sees over a million golf fans afffected
Cert.lv: activist groups supported by Russia perform cyber attacks on Latvian state institutions
Chinese APT Slid Fake Signal and Telegram Apps onto Official App Stores
Chinese-Speaking Cybercriminals Launch Large-Scale iMessage Smishing Campaign in U.S.
Cibercriminosos vietnamitas usam contas comerciais do Facebook para distribuir malware
Consumers Consider Passwordless Logins Key to Overcoming All-in-One App Security Concerns
Cyber Security Workshop was conducted at Mumbai
Cybercrime will cost Germany $224 billion in 2023
Cybersecurity for Startups: Best Tips and Strategies
Everything You Wanted to Know About AI Security but Were Afraid to Ask
Famoso cassino de criptomoedas sofre hack e perde R$ 200 milhões
Four Convicted in $18m Investment Fraud Scheme
Freecycle confirms massive data breach impacting 7 million users
German financial agency site disrupted by DDoS attack since Friday
Global roaming fraud losses to surpass $8 billion by 2028
Golden Cross supera ataque hacker com backup de 70 terabytes de dados diários
Hackers Attacking MSSQL Servers To Deploy Ransomware
Hackers exploit MinIO storage system to breach corporate networks
Hackers Exploit MinIO Storage System Vulnerabilities to Compromise Servers
Half of Switzerland's large companies have been the victim of a cyber attack
Insurer fined $3M for exposing data of 650k clients for two years
Israeli company to implement cybersecurity system at Kentucky airport
Medical Data Breach: Ayush Jharkhand Hacked
New Attack Technique “MalDoc in PDF” Alarms Experts
Okta: Hackers target IT help desks to gain Super Admin, disable MFA
Popular cripto cassino sofre aparente hack de R$ 200 milhões
Publicly available Evil_MinIO exploit used in attacks on MinIO Storage Systems
Python Package Index Targeted Again By VMConnect
Ransomware attacks go beyond just data
Sensitive Data about UK Military Sites Potentially Leaked by LockBit
“Smishing Triad” Targeted USPS and US Citizens for Data Theft
Sophisticated Earth Estries Group Hack Government Agencies and Tech Companies
Spam is up, QR codes emerge as a significant threat vector
Stake: Cassino promovido por Drake pode ter perdido R$ 200 milhões em criptomoedas com ataque hacker
Suffolk High School Forced Offline After Cyber-Attack
Sydney University Suffers Supply Chain Breach
The biggest cyber security incidents in August 2023
University of Sydney suffered a security breach caused by a third-party service provider
Vietnamese Cybercriminals Targeting Facebook Business Accounts with Malvertising
X (Twitter) to Collect Biometric Data from Premium Users to Combat Impersonation
Wanted: skilled workers to combat the rise in cyber crime
Why Instagram Threads is a hotbed of risks for businesses
03/09
5 critical cybersecurity tips to keep everyone safe
Action Fraud warn over McAfee scam emails doing the rounds
BitBroweser hacker transfers 236.27 ETH to eXch mixer
Children's snack recalled after its website caught serving porn
Dis-Chem facing R10 million fine after client data breach
Golpes de pix: como prevenir vazamento de dados na sua empresa
Kazakhstan blocks US government website for phishing
Kudos to North Mississippi Health Services for fast detection and disruption of attack
Local Data Breaches on the Rise
LockBit ransomware gang hit the Commission des services electriques de Montréal (CSEM)
PoC Exploit Released for Critical VMware Aria's SSH Auth Bypass Vulnerability
Poor cyber security puts banks in Bangladesh at peril
PSNI data breach: Two men released after Terrorism Act arrests
Ransomware and Data Breaches: Impacts Continue to Grow Louder
Ransomware attacks, cyber hygiene tips
Smishing Attack: How Criminals Use Text Messages To Steal From You
The Top 5 NFT Scams to Look out for in 2023