DAILY NEWS: Setembro (11/09 - 17/09) - 37 Semana de 2022
Cyber Security and Information Security News - Daily Updates !! Weekly Review

17/09
3 held for aiding hacker gain unauthorised access to payment gateways of companies
330,000 Singapore Starbucks customers' data leaked, info sold online for $3,500
A new phishing attack on Steam puts gamers at risk
Bank scams: Five expert tips to protect yourself from phishing scams
CISA Expands Vulnerabilities Catalog With Old, Exploited Flaws
Continuous Data Protection (CDP): A priority in the evolution of ransomware recovery
Couple deletes Holiday Inn data for fun after ransomware attack fails
Emotet botnet now pushes Quantum and BlackCat ransomware
Go North East bus drivers' pay hit after cyber attack on Go Ahead
Hackers Had Access to LastPass's Development Systems for Four Days
IHG hack: 'Vindictive' couple deleted hotel chain data for fun
Interns aid in developing cyber security policies
LastPass was hacked, but it says no user data was compromised
New Spear Phish Methodology Relies on PuTTY SSH Client to Infect Systems
New York ambulance service discloses data breach after ransomware attack
Serious data breach at Uber spotlights hacker social deception
Uber suffers massive breach from phishing attack
Why to Consider a Career in Cyber Security and the Training You Can Get for This
16/09
Allies Warn of Iranian Ransom Attacks Using Log4Shell
Are Phishing Scams Likely to Go Away Anytime Soon?
Bell Canada subsidiary hit by Hive ransomware attack
Bitdefender releases free decryptor for LockerGoga ransomware
Canadian police investigating ransomware attack on Bell subsidiary after employee data stolen
Crypto Scams Soar as Domains Surge 335%
Cyber security for fintech enterprises
Cybersecurity Vulnerabilities: The Race to Patch
EU and US authorities move to strengthen cyber-security protections
Factbox-What to do if you were a corporate hack victim
Fake cryptocurrency giveaway sites have tripled this year
Farm protection from cyberattacks almost non-existent
Hackers Targeting WebLogic Servers and Docker APIs for Mining Cryptocurrencies
How serious are organizations about their data sovereignty strategies?
How to improve public sector’s security strategy?
Insiders for hire? - Managing internal threats to cyber security through increased visibility
IoT: Europe readies cybersecurity rules for smart devices - with big fines attached
Japan sees 87% increase in ransomware attacks in 1st half of 2022
Laval city shuts down online services after ‘targeted’ cyber attack IG News
Montenegro Govt Remains Offline Amid Continued Cyber Safety Fears
Most organizations consolidate to improve risk posture
NCSC warns about Queen-related phishing scams
North Korean Hackers Spreading Trojanized Versions of PuTTY Client Application
Self-Storage Operator U-Haul Notifies Customers of Data Breach
Site do Vitória é alvo de ataque hacker
Starbucks Singapore says customer data illegally accessed in data leak
Suffolk County struggles to recover from BlackCat ransomware attack
Turbo boost your career in cyber security
Uber cai quase 4% em NY após ataque hacker ao sistema de segurança da companhia
UBER HACKEADO: sistemas da empresa são invadidos em ataque hacker
Uber hacked in cybersecurity incident
Uber hacked, internal systems breached and vulnerability reports stolen
Uber Hacker May Have Compromised Secret Bug Reports
Uber investigating cybersecurity incident after hacker breaches its internal network
Uber Says It's Investigating a Potential Breach of Its Computer Systems
Uber sofre invasão, e funcionários acharam que aviso do hacker era piada
Veja como um hacker invadiu ontem sistemas de TI da Uber
What does a doomsday level cyber attack look like?
15/09
5 Ways to Mitigate Your New Insider Threats in the Great Resignation
6 key challenges technologists are facing today
77% of Global Retail Organisations Hit by Ransomware in 2021
Australia: Watchdog calls for mandatory data breach notification laws in Victoria
Backlogs larger than 100K+ vulnerabilities but too time-consuming to address
Brussels plans to introduce cybersecurity requirements for connected devices
Conti Ransomware Gang Hit with Data Leak
Cyber Attack by Russian Hackers Disrupted 20 Japanese Government Websites
Cyber security incidents more common in APAC - report
Cybercrime Fears for Children as Cost-of-Living Bites
Cybercrime Forum Admins Steal from Site Users
Hackers have found a new technique to trap you even better
Hacker que invadiu sistema de câmeras de zoológico dava close nos seios de mulheres
How SOCs distribute cybersecurity alerts to avoid burnout
How to use the handy SSH management tool in Chrome OS
Information Security vs Cyber Security: The Difference
ISACA: Ensuring Digital Trust Key to Digital Transformation Success
Japan saw 87% increase in ransomware attacks in first half of 2022
KPMG's Africa Cyber Security Outlook 2022 Survey:Addressing Cybersecurity – Africa's economic
Linux variant of the SideWalk backdoor discovered
Moved lately? U-Haul breach leaks 2.2M driver’s license numbers
Notepad++ Plugins Allow Attackers to Infiltrate Systems, Achieve Persistence
Q-Day doesn’t equal doomsday: Enacting an enterprise quantum security strategy
Researchers Warn of Self-Spreading Malware Targeting Gamers via YouTube
Russian Gamaredon Hackers Target Ukrainian Government Using Info-Stealing Malware
SMBs are hardest-hit by ransomware
State of the Union: New EU cybersecurity rules ensure more secure hardware and software products
Texas-based OakBend Medical Centre suffers a ransomware attack, loses over 1m records to hackers
The Artificial Intelligence and Cybersecurity Nexus: Taking Stock of the European Union’s Approach
The Problem of Badly Configured Web Application Firewalls
Uber investiga ataque hacker em seu servidor
U.S. Charges 3 Iranian Hackers and Sanctions Several Others Over Ransomware Attacks
US government software suppliers must attest their solutions are secure
User Alert as Phishing Campaigns Exploit Queen's Passing
Webworm Attackers Deploy Modified RATs in Espionage Attacks
Webworm Hackers Using Modified RATs in Latest Cyber Espionage Attacks
Why Artificial Intelligence is Must for Cybersecurity
YouTube Users Targeted By RedLine Self-Spreading Stealer
14/09
4 ways organizations fail to address cybersecurity risk
49ers Data-Breach Lawsuits Expose Risks of Monetizing Information
Albania suffers second cyber attack in two months, blames Iranian agencies
Após ataque hacker, Golden Cross normaliza operações gradualmente
Attackers mount Magento supply chain attack by compromising FishPig extensions
Bandai Namco confirms to have suffered a ransomware attack
Chinese hackers create Linux version of the SideWalk Windows malware
CISA orders agencies to patch Windows, iOS bugs used in attacks
Data is Being Exfiltrated by Employees
DDoS Attacks on UK Firms Surge During Ukraine War
Death of Queen Elizabeth II exploited to steal Microsoft credentials
FBI: Hackers steal millions from healthcare payment processors
FormBook Knocks Off Emotet As Most Used Malware in August
Four-Fifths of Firms Hit by Critical Cloud Security Incident
Gay hookup site typosquatted to push dodgy Chrome extensions, scams
Hacker invade sistema do Zoológico e apaga 400 mil arquivos
‘Hacktivist’ polarizes Indonesian netizens after data breach spree
Lorenz Ransomware Exploit Mitel VoIP Systems to Breach Business Networks
Malaysia saw 282% y-o-y jump in ransomware attacks in 1H22 — Trend Micro
Microsoft Fixes Two Zero-Days This Patch Tuesday
Microsoft Teams stores auth tokens as cleartext in Windows, Linux, Macs
National Cyber Security Centre (NCSC) warns public of potential Queen-related phishing attacks
New Lenovo BIOS updates fix security bugs in hundreds of models
North Korean cyberespionage actor Lazarus targets energy providers with new malware
Over 280,000 WordPress Sites Attacked Using WPGateway Plugin Zero-Day Vulnerability
Phishing page embeds keylogger to steal passwords as you type
Ransomware gang threatens 1m-plus medical record leak
Researchers Detail OriginLogger RAT — Successor to Agent Tesla Malware
Retail industry suffers as ransomware attacks rise by 75%
SMBs hardest hit by ransomware
SparklingGoblin APT Hackers Using New Linux Variant of SideWalk Backdoor
The Future of Hybrid Work and Cybersecurity Risks
The Global State of Cybersecurity Is Not Good
Thwarting attackers in their favorite new playground: Social media
Vulnerabilities Found in Airplane WiFi Devices, Passengers' Data Expo
13/09
5 Kali Linux books you should read this year
Albania says it has repelled renewed Iranian cyber attack that rattled border system
Apple fixes actively exploited zero-day in macOS, iOS (CVE-2022-32917)
Apple Releases iOS and macOS Updates to Patch Actively Exploited Zero-Day Flaw
Asian Governments and Organizations Targeted in Latest Cyber Espionage Attacks
Beef up your Cyber Protection with Multi Factor Authentication
Can FIDO Passkeys and Accountability Coexist?
China says NSA used multiple cybersecurity tools in attacks against Chinese university
Chinese-linked cyber crims nab $529 million from Indian nationals
Cisco: Yes, Yanluowang leaked our data. No, it's not serious
Critical input needed: US critical infrastructure asked to engage on proposed cyber reporting rules
CrowdStrike threat report: Intrusions up, breakout time down
Cyber espionage campaign targets Asian countries since 2021
Cyberspies drop new infostealer malware on govt networks in Asia
FS-ISAC 2022: Cloud Security for Financial Services
Hackers breach software vendor for Magento supply-chain attacks
Hackers Steal Steam Credentials With 'Browser-in-the-Browser' Technique
How GRC protects the value of organizations — A simple guide to data quality and integrity
How prepared are organizations to tackle ransomware attacks?
How to get inside the mind of hackers
Implent Cloud Security Tools Now, Not Later
iOS 15.7: Apple patches new iPhone security flaw, so it's time to update
Iran-linked TA453 used new Multi-Persona Impersonation technique in recent attacks
Iranian Hackers Launch Renewed Attack on Albania
Iranian Hackers Target High-Value Targets in Nuclear Security and Genomic Research
It’s like a veritable fire sale on Indonesians’ personal data
JumpCloud Adds Decentralized Password Manager to Portfolio
LAUSD Ransomware Attack: Action Too Little, Too Late?
Microsoft September 2022 Patch Tuesday fixes zero-day used in attacks, 63 flaws
Modernizing data security with a zero trust approach to data access
Montenegro and its allies are working to recover from the massive cyber attack
New PsExec spinoff lets hackers bypass network security defense
One month after Black Hat exposure HP enterprise kit still unpatched
Orca Security Reports Widespread Cloud Security Issues
Organizations should fear misconfigurations more than vulnerabilities
Police arrest man for laundering tens of millions in stolen crypto
Pro-Palestinian group GhostSec hacked Berghof PLCs in Israel
“Proactive cyber defense” to be introduced to critical infrastructure
Ransomware Gang Hacks VoIP for Initial Access
Reimagining the approach to incident response
Researchers Warn of 674% Surge in Deadbolt Ransomware
Retbleed Security Fix Makes Linux go 70% Slower
Rule Over Your Dependencies and Scan at Your Own Open Source Risk
ShadowPad-Associated Hackers Targeted Asian Governments
Singapore corporations making progress in preventing cyberattacks
Tax fraud ring leader jailed for selling children’s stolen identities
Trend Micro addresses actively exploited Apex One zero-day
Trend Micro warns of actively exploited Apex One RCE vulnerability
U-Haul reports data breach, customers’ info exposed
U.S. Chamber Opposes FTC Rulemaking on Data Privacy
Windows 10 KB5017308 and KB5017315 updates released
12/09
6 trends driving hardware cybersecurity innovation
After Possible Cyberattack, Suffolk Deploys Manual Record-Keeping
Aneurin Bevan Health board warns no quick fix to cyber attack
Apple fixes eighth zero-day used to hack iPhones and Macs this year
Bad bots are coming at APIs! How to beat the API bot attacks?
Be careful, these exchange sites are the target of a vast phishing campaign!
Building a successful cybersecurity business, one client at a time
Can you afford to cut back on web application security?
Central New York (CNY) medical billing company faces lawsuit after ransomware attack
Chaos continues as district tries to recover from systems hack
China Accuses NSA's TAO Unit of Hacking its Military Research University
Cisco confirms Yanluowang ransomware leaked stolen company data
Cops Raid Suspected Fraudster Penthouses
‘Cyber insecurity’ in healthcare is leading to increased patient mortality rates
Digital attacks from the IT army: more than 2400 paralyzed online resources in 2 weeks
Exhausted IT Security Teams Battle Rise of Deepfakes, API Attacks
Extortion Group 'Vice Society' Targeting Public Schools
Former members of Conti ransomware group repurposing tools to attack Ukraine, Google says
Google Play Store Introduces Data Breach Alerts For Compromised Accounts
Hackers Compromise Employee Data at PVC-Maker Eurocell
Hackers steal Steam accounts in new Browser-in-the-Browser attacks
Hacktivist Group GhostSec Compromises 55 Berghof PLCs Across Israel
High Severity Vulnerabilities Found in HP Enterprise Devices
Homeworkers putting home and business cyber-safety at risk
ICO Slams Government Departments Over FOI Failings
Identity protection is key to metaverse innovation
Investigators Seize $30m in Stolen Crypto from North Korea
Iranian Ministry of Intelligence sanctioned after Albania cyber attack
Lawsuit Filed Against 49ers After Ransomware Attack
Lorenz ransomware breaches corporate network via phone systems
Malware vs spyware vs ransomware - what’s the difference?
Many health care organizations lack resources to fend off cyberattacks
Mediant Communications data breach class action settlement
Montenegro defends massive cyber attack by Russia
MSPs and cybersecurity: The time for turning a blind eye is over
Multiple ransomware campaigns linked to Iranian threat actor DEV-0270
Napa Valley College ransomware attack caused possible data breach
North Korean Lazarus Group Hacked Energy Providers Worldwide
Numerous HP business laptops and desktops vulnerable to publicly disclosed security bugs
One Medical, Inc. Reports Data Breach that Leaked Social Security Numbers and Health Information
OpenAPIs and Third-Party Risks
Oxeye Discovers Several High Severity IDOR Vulnerabilities in Harbor
Pharming: another reason to think before you click
Philippine Airlines Suffers Cyberattack With Frequent Flyer Program
Prior to Black Friday, delivery phishing schemes had already increased
Ransomware Actors Embrace Intermittent Encryption
Ransomware attacks on retail increase, average retail payment grows to more than $200K
Ransomware makes use of intermittent encryption to bypass detection algorithms
Report: Benchmarking security gaps and privileged access
Samsung hit with class action lawsuit following data breach
San Francisco 49ers data breach affects 20K fans
Scammers defraud hundreds of victims from prison
Security Awareness Training Must Evolve to Align With Growing E-Commerce Security Threats
SERV Behavioral Health System reports data breach
Signs That May Indicate Your Phone Is Hacked
South Africa’s thriving banking sector is vulnerable to cybercrime
Supply chain leaving Aussie orgs at risk of ransomware
Texas hospital facing communication issues, system rebuild amid ransomware attack
The days of the online password are numbered
Thousands of QNAP NAS devices hit by DeadBolt ransomware (CVE-2022-27593)
Threats to air force assets too real to ignore
U-Haul discloses data breach exposing customer driver licenses
Ukraine’s IT Army paralyzed 2,400 Russian resources in 2 weeks
VPN vs. Zero Trust Network Access: What’s the difference?
Western Balkans Urged to Prepare for Uptick in Cyber-Attacks
Why Are Cybersecurity Training Programs Essential For Businesses?
Will hospitals ever be free from cyber threats?
Yanluowang Ransomware Hackers Steal 55GB of Data From Cisco Network
11/09
Albania: Durres Port Still Without TIMS System Due to Cyber Attack
Argument for Multi-Factor Authentication
Business Email Compromise: Important things you should know & how to avert BEC scams
Fake Minecraft updates pose threat to users
Fake SingPost website turns out to be phishing scam, requires users to make payment
Firmware bugs in many HP computer models left unfixed for over a year
Five energy scams to look out for as criminals exploit cost of living crisis
How scammers harvest user information
In response to a recent data breach, Samsung is facing a class action lawsuit
Increased Mortality Rates Linked to Cyber-Attacks Against Healthcare Organizations
Iran-linked APT42 is behind over 30 espionage attacks
Iranian APT42 Launched Over 30 Espionage Attacks Against Activists and Dissidents
Ireland's position in the world does not protect it from attacks by other countries
Numerous people have infected PCs as a result of fake Minecraft updates
Over Three-Quarters of Retailers Hit by Ransomware in 2021
Philippine Airlines' Mabuhay Miles suffers data breach