top of page

DAILY NEWS: Setembro (11/09 - 17/09) - 37 Semana de 2022

Cyber Security and Information Security News - Daily Updates !! Weekly Review

17/09


3 held for aiding hacker gain unauthorised access to payment gateways of companies


330,000 Singapore Starbucks customers' data leaked, info sold online for $3,500


A new phishing attack on Steam puts gamers at risk


Bank scams: Five expert tips to protect yourself from phishing scams


CISA Expands Vulnerabilities Catalog With Old, Exploited Flaws


Continuous Data Protection (CDP): A priority in the evolution of ransomware recovery


Couple deletes Holiday Inn data for fun after ransomware attack fails


Emotet botnet now pushes Quantum and BlackCat ransomware


Financial Costs of a Ransomware Attack and Breaking the Attack Chain :- Collateral damage and data loss


Go North East bus drivers' pay hit after cyber attack on Go Ahead


Hackers Had Access to LastPass's Development Systems for Four Days


IHG hack: 'Vindictive' couple deleted hotel chain data for fun


Interns aid in developing cyber security policies


LastPass was hacked, but it says no user data was compromised


New Spear Phish Methodology Relies on PuTTY SSH Client to Infect Systems


New York ambulance service discloses data breach after ransomware attack


Serious data breach at Uber spotlights hacker social deception


Uber suffers massive breach from phishing attack


Why to Consider a Career in Cyber Security and the Training You Can Get for This


16/09


Allies Warn of Iranian Ransom Attacks Using Log4Shell


Are Phishing Scams Likely to Go Away Anytime Soon?


Bell Canada subsidiary hit by Hive ransomware attack


Bitdefender releases free decryptor for LockerGoga ransomware


Canadian police investigating ransomware attack on Bell subsidiary after employee data stolen


Crypto Scams Soar as Domains Surge 335%


Cyber attack prevents revelations of alleged sexual abuse cover-ups at the French Football Federation (FFF)


Cyber security for fintech enterprises


Cybersecurity Vulnerabilities: The Race to Patch


EU and US authorities move to strengthen cyber-security protections


Factbox-What to do if you were a corporate hack victim


Fake cryptocurrency giveaway sites have tripled this year


Farm protection from cyberattacks almost non-existent


Global Healthcare Cyber Security Market to Reach USD 36.6 Billion by 2028 | Set to get a CAGR of 16.2%, Forecast 2022- 2028


Hackers Targeting WebLogic Servers and Docker APIs for Mining Cryptocurrencies


How serious are organizations about their data sovereignty strategies?


How to improve public sector’s security strategy?


Insiders for hire? - Managing internal threats to cyber security through increased visibility


IoT: Europe readies cybersecurity rules for smart devices - with big fines attached


Japan sees 87% increase in ransomware attacks in 1st half of 2022


Laval city shuts down online services after ‘targeted’ cyber attack IG News


Montenegro Govt Remains Offline Amid Continued Cyber Safety Fears


Most organizations consolidate to improve risk posture


NCSC warns about Queen-related phishing scams


North Korean Hackers Spreading Trojanized Versions of PuTTY Client Application


Ransomware is a business resilience issue, not an IT problem – be data ready to reduce risk and recover


Self-Storage Operator U-Haul Notifies Customers of Data Breach


Site do Vitória é alvo de ataque hacker


Starbucks Singapore says customer data illegally accessed in data leak


Suffolk County struggles to recover from BlackCat ransomware attack


Turbo boost your career in cyber security


Uber cai quase 4% em NY após ataque hacker ao sistema de segurança da companhia


UBER HACKEADO: sistemas da empresa são invadidos em ataque hacker


Uber hacked in cybersecurity incident


Uber hacked, internal systems breached and vulnerability reports stolen


Uber Hacker May Have Compromised Secret Bug Reports


Uber investigating cybersecurity incident after hacker breaches its internal network


Uber Says It's Investigating a Potential Breach of Its Computer Systems


Uber sofre invasão, e funcionários acharam que aviso do hacker era piada


Veja como um hacker invadiu ontem sistemas de TI da Uber


What does a doomsday level cyber attack look like?


15/09


5 Ways to Mitigate Your New Insider Threats in the Great Resignation


6 key challenges technologists are facing today


77% of Global Retail Organisations Hit by Ransomware in 2021


Australia: Watchdog calls for mandatory data breach notification laws in Victoria


Backlogs larger than 100K+ vulnerabilities but too time-consuming to address


Brussels plans to introduce cybersecurity requirements for connected devices


Conti Ransomware Gang Hit with Data Leak


Cyber Attack by Russian Hackers Disrupted 20 Japanese Government Websites


Cyber security incidents more common in APAC - report


Cybercrime Fears for Children as Cost-of-Living Bites


Cybercrime Forum Admins Steal from Site Users


Hackers have found a new technique to trap you even better


Hacker que invadiu sistema de câmeras de zoológico dava close nos seios de mulheres


How SOCs distribute cybersecurity alerts to avoid burnout


How to use the handy SSH management tool in Chrome OS


Information Security vs Cyber Security: The Difference


ISACA: Ensuring Digital Trust Key to Digital Transformation Success


Japan saw 87% increase in ransomware attacks in first half of 2022


KPMG's Africa Cyber Security Outlook 2022 Survey:Addressing Cybersecurity – Africa's economic


Linux variant of the SideWalk backdoor discovered


Moved lately? U-Haul breach leaks 2.2M driver’s license numbers


Notepad++ Plugins Allow Attackers to Infiltrate Systems, Achieve Persistence


Piracy to Ads to Ransomware: Investigation Finds $121 Million in Dangerous Malicious Ads on Piracy Sites Designed to Trick Users into Infecting Their Devices


Q-Day doesn’t equal doomsday: Enacting an enterprise quantum security strategy


Researchers Warn of Self-Spreading Malware Targeting Gamers via YouTube


Russian Gamaredon Hackers Target Ukrainian Government Using Info-Stealing Malware


SMBs are hardest-hit by ransomware


State of the Union: New EU cybersecurity rules ensure more secure hardware and software products


Texas-based OakBend Medical Centre suffers a ransomware attack, loses over 1m records to hackers


The Artificial Intelligence and Cybersecurity Nexus: Taking Stock of the European Union’s Approach


The Problem of Badly Configured Web Application Firewalls


Uber investiga ataque hacker em seu servidor


U.S. Charges 3 Iranian Hackers and Sanctions Several Others Over Ransomware Attacks


US government software suppliers must attest their solutions are secure


User Alert as Phishing Campaigns Exploit Queen's Passing


Webworm Attackers Deploy Modified RATs in Espionage Attacks


Webworm Hackers Using Modified RATs in Latest Cyber Espionage Attacks


Why Artificial Intelligence is Must for Cybersecurity


YouTube Users Targeted By RedLine Self-Spreading Stealer


14/09


4 ways organizations fail to address cybersecurity risk


49ers Data-Breach Lawsuits Expose Risks of Monetizing Information


Albania suffers second cyber attack in two months, blames Iranian agencies


Após ataque hacker, Golden Cross normaliza operações gradualmente


Attackers mount Magento supply chain attack by compromising FishPig extensions


Bandai Namco confirms to have suffered a ransomware attack


Chinese hackers create Linux version of the SideWalk Windows malware


CISA orders agencies to patch Windows, iOS bugs used in attacks


Data is Being Exfiltrated by Employees


DDoS Attacks on UK Firms Surge During Ukraine War


Death of Queen Elizabeth II exploited to steal Microsoft credentials


FBI: Hackers steal millions from healthcare payment processors


FormBook Knocks Off Emotet As Most Used Malware in August


Four-Fifths of Firms Hit by Critical Cloud Security Incident


Gay hookup site typosquatted to push dodgy Chrome extensions, scams


Hacker invade sistema do Zoológico e apaga 400 mil arquivos


‘Hacktivist’ polarizes Indonesian netizens after data breach spree


How to Do Malware Analysis?


Lorenz Ransomware Exploit Mitel VoIP Systems to Breach Business Networks


Malaysia saw 282% y-o-y jump in ransomware attacks in 1H22 — Trend Micro


Microsoft Fixes Two Zero-Days This Patch Tuesday


Microsoft Teams stores auth tokens as cleartext in Windows, Linux, Macs


National Cyber Security Centre (NCSC) warns public of potential Queen-related phishing attacks


New Lenovo BIOS updates fix security bugs in hundreds of models


North Korean cyberespionage actor Lazarus targets energy providers with new malware


Over 280,000 WordPress Sites Attacked Using WPGateway Plugin Zero-Day Vulnerability


Phishing page embeds keylogger to steal passwords as you type


Ransomware gang threatens 1m-plus medical record leak


Researchers Detail OriginLogger RAT — Successor to Agent Tesla Malware


Retail industry suffers as ransomware attacks rise by 75%


SMBs hardest hit by ransomware


SparklingGoblin APT Hackers Using New Linux Variant of SideWalk Backdoor


The Future of Hybrid Work and Cybersecurity Risks


The Global State of Cybersecurity Is Not Good


Thwarting attackers in their favorite new playground: Social media


Vulnerabilities Found in Airplane WiFi Devices, Passengers' Data Expo


13/09


5 Kali Linux books you should read this year


Albania says it has repelled renewed Iranian cyber attack that rattled border system


Apple fixes actively exploited zero-day in macOS, iOS (CVE-2022-32917)


Apple Releases iOS and macOS Updates to Patch Actively Exploited Zero-Day Flaw


Asian Governments and Organizations Targeted in Latest Cyber Espionage Attacks


Beef up your Cyber Protection with Multi Factor Authentication


Can FIDO Passkeys and Accountability Coexist?


China says NSA used multiple cybersecurity tools in attacks against Chinese university


Chinese-linked cyber crims nab $529 million from Indian nationals


Cisco: Yes, Yanluowang leaked our data. No, it's not serious


Critical input needed: US critical infrastructure asked to engage on proposed cyber reporting rules


CrowdStrike threat report: Intrusions up, breakout time down


Cyber espionage campaign targets Asian countries since 2021


Cyberspies drop new infostealer malware on govt networks in Asia


FS-ISAC 2022: Cloud Security for Financial Services


Hackers breach software vendor for Magento supply-chain attacks


Hackers Steal Steam Credentials With 'Browser-in-the-Browser' Technique


How GRC protects the value of organizations — A simple guide to data quality and integrity


How prepared are organizations to tackle ransomware attacks?


How to get inside the mind of hackers


Implent Cloud Security Tools Now, Not Later


iOS 15.7: Apple patches new iPhone security flaw, so it's time to update


Iran-linked TA453 used new Multi-Persona Impersonation technique in recent attacks


Iranian Hackers Launch Renewed Attack on Albania


Iranian Hackers Target High-Value Targets in Nuclear Security and Genomic Research


It’s like a veritable fire sale on Indonesians’ personal data


JumpCloud Adds Decentralized Password Manager to Portfolio


LAUSD Ransomware Attack: Action Too Little, Too Late?


Microsoft September 2022 Patch Tuesday fixes zero-day used in attacks, 63 flaws


Modernizing data security with a zero trust approach to data access


Montenegro and its allies are working to recover from the massive cyber attack


New PsExec spinoff lets hackers bypass network security defense


One month after Black Hat exposure HP enterprise kit still unpatched


Orca Security Reports Widespread Cloud Security Issues


Organizations should fear misconfigurations more than vulnerabilities


Police arrest man for laundering tens of millions in stolen crypto


Pro-Palestinian group GhostSec hacked Berghof PLCs in Israel


“Proactive cyber defense” to be introduced to critical infrastructure


Ransomware Gang Hacks VoIP for Initial Access


Reimagining the approach to incident response


Researchers Warn of 674% Surge in Deadbolt Ransomware


Retbleed Security Fix Makes Linux go 70% Slower


Rule Over Your Dependencies and Scan at Your Own Open Source Risk


ShadowPad-Associated Hackers Targeted Asian Governments


Singapore corporations making progress in preventing cyberattacks


Tax fraud ring leader jailed for selling children’s stolen identities


The scary future of the internet: How the tech of tomorrow will pose even bigger cybersecurity threats


Trend Micro addresses actively exploited Apex One zero-day


Trend Micro warns of actively exploited Apex One RCE vulnerability


U-Haul reports data breach, customers’ info exposed


U.S. Chamber Opposes FTC Rulemaking on Data Privacy


What is SOC2 Compliance?


Windows 10 KB5017308 and KB5017315 updates released


12/09


6 trends driving hardware cybersecurity innovation


After Possible Cyberattack, Suffolk Deploys Manual Record-Keeping


Aneurin Bevan Health board warns no quick fix to cyber attack


Apple fixes eighth zero-day used to hack iPhones and Macs this year


Bad bots are coming at APIs! How to beat the API bot attacks?


Be careful, these exchange sites are the target of a vast phishing campaign!


Building a successful cybersecurity business, one client at a time


Can you afford to cut back on web application security?


Central New York (CNY) medical billing company faces lawsuit after ransomware attack


Chaos continues as district tries to recover from systems hack


China Accuses NSA's TAO Unit of Hacking its Military Research University


Cisco confirms Yanluowang ransomware leaked stolen company data


Cops Raid Suspected Fraudster Penthouses


Cyber Attack on IHG Impacted Hotel Booking System and Mobile Apps; Exposes Unknown Quantity of Data, Causes Extended System Outage


‘Cyber insecurity’ in healthcare is leading to increased patient mortality rates


Digital attacks from the IT army: more than 2400 paralyzed online resources in 2 weeks


Exhausted IT Security Teams Battle Rise of Deepfakes, API Attacks


Extortion Group 'Vice Society' Targeting Public Schools


Finlandia: National Bureau of Investigation (NBI) suspects 3 of gross negligence in therapy firm's data breach


Former members of Conti ransomware group repurposing tools to attack Ukraine, Google says


Google Play Store Introduces Data Breach Alerts For Compromised Accounts


Hackers Compromise Employee Data at PVC-Maker Eurocell


Hackers steal Steam accounts in new Browser-in-the-Browser attacks


Hacktivist Group GhostSec Compromises 55 Berghof PLCs Across Israel


High Severity Vulnerabilities Found in HP Enterprise Devices


Homeworkers putting home and business cyber-safety at risk


ICO Slams Government Departments Over FOI Failings


Identity protection is key to metaverse innovation


Infoblox’s Cyber Threat Intelligence Report highlights smishing and vulnerabilities in WordPress websites


Investigators Seize $30m in Stolen Crypto from North Korea


Iranian Ministry of Intelligence sanctioned after Albania cyber attack


Lawsuit Filed Against 49ers After Ransomware Attack


Lorenz ransomware breaches corporate network via phone systems


Malware vs spyware vs ransomware - what’s the difference?


Many health care organizations lack resources to fend off cyberattacks


Mediant Communications data breach class action settlement


Montenegro defends massive cyber attack by Russia


MSPs and cybersecurity: The time for turning a blind eye is over


Multiple ransomware campaigns linked to Iranian threat actor DEV-0270


Napa Valley College ransomware attack caused possible data breach


North Korean Lazarus Group Hacked Energy Providers Worldwide


Numerous HP business laptops and desktops vulnerable to publicly disclosed security bugs


One Medical, Inc. Reports Data Breach that Leaked Social Security Numbers and Health Information


OpenAPIs and Third-Party Risks


Oxeye Discovers Several High Severity IDOR Vulnerabilities in Harbor


Pharming: another reason to think before you click


Philippine Airlines Suffers Cyberattack With Frequent Flyer Program


Prior to Black Friday, delivery phishing schemes had already increased


Ransomware Actors Embrace Intermittent Encryption


Ransomware attacks on retail increase, average retail payment grows to more than $200K


Ransomware makes use of intermittent encryption to bypass detection algorithms


Ransomware Trends in 2022H1: State-Sponsored Ransomware, New Popular Targets and Evolving Extortion Techniques


Report: Benchmarking security gaps and privileged access


Samsung hit with class action lawsuit following data breach


San Francisco 49ers data breach affects 20K fans


Scammers defraud hundreds of victims from prison


Security Awareness Training Must Evolve to Align With Growing E-Commerce Security Threats


SERV Behavioral Health System reports data breach


Signs That May Indicate Your Phone Is Hacked


South Africa’s thriving banking sector is vulnerable to cybercrime


Supply chain leaving Aussie orgs at risk of ransomware


Texas hospital facing communication issues, system rebuild amid ransomware attack


The days of the online password are numbered


Thousands of QNAP NAS devices hit by DeadBolt ransomware (CVE-2022-27593)


Threats to air force assets too real to ignore


U-Haul discloses data breach exposing customer driver licenses


Ukraine’s IT Army paralyzed 2,400 Russian resources in 2 weeks


VPN vs. Zero Trust Network Access: What’s the difference?


Western Balkans Urged to Prepare for Uptick in Cyber-Attacks


Why Are Cybersecurity Training Programs Essential For Businesses?


Will hospitals ever be free from cyber threats?


Yanluowang Ransomware Hackers Steal 55GB of Data From Cisco Network


11/09


Albania: Durres Port Still Without TIMS System Due to Cyber Attack


Argument for Multi-Factor Authentication


Business Email Compromise: Important things you should know & how to avert BEC scams


Fake Minecraft updates pose threat to users


Fake SingPost website turns out to be phishing scam, requires users to make payment


Firmware bugs in many HP computer models left unfixed for over a year


Five energy scams to look out for as criminals exploit cost of living crisis


How scammers harvest user information


In response to a recent data breach, Samsung is facing a class action lawsuit


Increased Mortality Rates Linked to Cyber-Attacks Against Healthcare Organizations


Iran-linked APT42 is behind over 30 espionage attacks


Iranian APT42 Launched Over 30 Espionage Attacks Against Activists and Dissidents


Ireland's position in the world does not protect it from attacks by other countries


Numerous people have infected PCs as a result of fake Minecraft updates


Over Three-Quarters of Retailers Hit by Ransomware in 2021


Philippine Airlines' Mabuhay Miles suffers data breach