DAILY NEWS: Setembro (11/09 - 17/09) - 37 Semana de 2022

Cyber Security and Information Security News - Daily Updates !! Weekly Review

17/09

3 held for aiding hacker gain unauthorised access to payment gateways of companies

330,000 Singapore Starbucks customers' data leaked, info sold online for $3,500

A new phishing attack on Steam puts gamers at risk

Bank scams: Five expert tips to protect yourself from phishing scams

CISA Expands Vulnerabilities Catalog With Old, Exploited Flaws

Continuous Data Protection (CDP): A priority in the evolution of ransomware recovery

Couple deletes Holiday Inn data for fun after ransomware attack fails

Emotet botnet now pushes Quantum and BlackCat ransomware

Financial Costs of a Ransomware Attack and Breaking the Attack Chain :- Collateral damage and data loss

Go North East bus drivers' pay hit after cyber attack on Go Ahead

Hackers Had Access to LastPass's Development Systems for Four Days

IHG hack: 'Vindictive' couple deleted hotel chain data for fun

Interns aid in developing cyber security policies

LastPass was hacked, but it says no user data was compromised

New Spear Phish Methodology Relies on PuTTY SSH Client to Infect Systems

New York ambulance service discloses data breach after ransomware attack

Serious data breach at Uber spotlights hacker social deception

Uber suffers massive breach from phishing attack

Why to Consider a Career in Cyber Security and the Training You Can Get for This

16/09

Allies Warn of Iranian Ransom Attacks Using Log4Shell

Are Phishing Scams Likely to Go Away Anytime Soon?

Bell Canada subsidiary hit by Hive ransomware attack

Bitdefender releases free decryptor for LockerGoga ransomware

Canadian police investigating ransomware attack on Bell subsidiary after employee data stolen

Crypto Scams Soar as Domains Surge 335%

Cyber attack prevents revelations of alleged sexual abuse cover-ups at the French Football Federation (FFF)

Cyber security for fintech enterprises

Cybersecurity Vulnerabilities: The Race to Patch

EU and US authorities move to strengthen cyber-security protections

Factbox-What to do if you were a corporate hack victim

Fake cryptocurrency giveaway sites have tripled this year

Farm protection from cyberattacks almost non-existent

Global Healthcare Cyber Security Market to Reach USD 36.6 Billion by 2028 | Set to get a CAGR of 16.2%, Forecast 2022- 2028

Hackers Targeting WebLogic Servers and Docker APIs for Mining Cryptocurrencies

How serious are organizations about their data sovereignty strategies?

How to improve public sector’s security strategy?

Insiders for hire? - Managing internal threats to cyber security through increased visibility

IoT: Europe readies cybersecurity rules for smart devices - with big fines attached

Japan sees 87% increase in ransomware attacks in 1st half of 2022

Laval city shuts down online services after ‘targeted’ cyber attack IG News

Montenegro Govt Remains Offline Amid Continued Cyber Safety Fears

Most organizations consolidate to improve risk posture

NCSC warns about Queen-related phishing scams

North Korean Hackers Spreading Trojanized Versions of PuTTY Client Application

Ransomware is a business resilience issue, not an IT problem – be data ready to reduce risk and recover

Self-Storage Operator U-Haul Notifies Customers of Data Breach

Site do Vitória é alvo de ataque hacker

Starbucks Singapore says customer data illegally accessed in data leak

Suffolk County struggles to recover from BlackCat ransomware attack

Turbo boost your career in cyber security

Uber cai quase 4% em NY após ataque hacker ao sistema de segurança da companhia

UBER HACKEADO: sistemas da empresa são invadidos em ataque hacker

Uber hacked in cybersecurity incident

Uber hacked, internal systems breached and vulnerability reports stolen

Uber Hacker May Have Compromised Secret Bug Reports

Uber investigating cybersecurity incident after hacker breaches its internal network

Uber Says It's Investigating a Potential Breach of Its Computer Systems

Uber sofre invasão, e funcionários acharam que aviso do hacker era piada

Veja como um hacker invadiu ontem sistemas de TI da Uber

What does a doomsday level cyber attack look like?

15/09

5 Ways to Mitigate Your New Insider Threats in the Great Resignation

6 key challenges technologists are facing today

77% of Global Retail Organisations Hit by Ransomware in 2021

Australia: Watchdog calls for mandatory data breach notification laws in Victoria

Backlogs larger than 100K+ vulnerabilities but too time-consuming to address

Brussels plans to introduce cybersecurity requirements for connected devices

Conti Ransomware Gang Hit with Data Leak

Cyber Attack by Russian Hackers Disrupted 20 Japanese Government Websites

Cyber security incidents more common in APAC - report

Cybercrime Fears for Children as Cost-of-Living Bites

Cybercrime Forum Admins Steal from Site Users

Hackers have found a new technique to trap you even better

Hacker que invadiu sistema de câmeras de zoológico dava close nos seios de mulheres

How SOCs distribute cybersecurity alerts to avoid burnout

How to use the handy SSH management tool in Chrome OS

Information Security vs Cyber Security: The Difference

ISACA: Ensuring Digital Trust Key to Digital Transformation Success

Japan saw 87% increase in ransomware attacks in first half of 2022

KPMG's Africa Cyber Security Outlook 2022 Survey:Addressing Cybersecurity – Africa's economic

Linux variant of the SideWalk backdoor discovered

Moved lately? U-Haul breach leaks 2.2M driver’s license numbers

Notepad++ Plugins Allow Attackers to Infiltrate Systems, Achieve Persistence

Piracy to Ads to Ransomware: Investigation Finds $121 Million in Dangerous Malicious Ads on Piracy Sites Designed to Trick Users into Infecting Their Devices

Q-Day doesn’t equal doomsday: Enacting an enterprise quantum security strategy

Researchers Warn of Self-Spreading Malware Targeting Gamers via YouTube

Russian Gamaredon Hackers Target Ukrainian Government Using Info-Stealing Malware

SMBs are hardest-hit by ransomware

State of the Union: New EU cybersecurity rules ensure more secure hardware and software products

Texas-based OakBend Medical Centre suffers a ransomware attack, loses over 1m records to hackers

The Artificial Intelligence and Cybersecurity Nexus: Taking Stock of the European Union’s Approach

The Problem of Badly Configured Web Application Firewalls

Uber investiga ataque hacker em seu servidor

U.S. Charges 3 Iranian Hackers and Sanctions Several Others Over Ransomware Attacks

US government software suppliers must attest their solutions are secure

User Alert as Phishing Campaigns Exploit Queen's Passing

Webworm Attackers Deploy Modified RATs in Espionage Attacks

Webworm Hackers Using Modified RATs in Latest Cyber Espionage Attacks

Why Artificial Intelligence is Must for Cybersecurity

YouTube Users Targeted By RedLine Self-Spreading Stealer

14/09

4 ways organizations fail to address cybersecurity risk

49ers Data-Breach Lawsuits Expose Risks of Monetizing Information

Albania suffers second cyber attack in two months, blames Iranian agencies

Após ataque hacker, Golden Cross normaliza operações gradualmente

Attackers mount Magento supply chain attack by compromising FishPig extensions

Bandai Namco confirms to have suffered a ransomware attack

Chinese hackers create Linux version of the SideWalk Windows malware

CISA orders agencies to patch Windows, iOS bugs used in attacks

Data is Being Exfiltrated by Employees

DDoS Attacks on UK Firms Surge During Ukraine War

Death of Queen Elizabeth II exploited to steal Microsoft credentials

FBI: Hackers steal millions from healthcare payment processors

FormBook Knocks Off Emotet As Most Used Malware in August

Four-Fifths of Firms Hit by Critical Cloud Security Incident

Gay hookup site typosquatted to push dodgy Chrome extensions, scams

Hacker invade sistema do Zoológico e apaga 400 mil arquivos

‘Hacktivist’ polarizes Indonesian netizens after data breach spree

How to Do Malware Analysis?

Lorenz Ransomware Exploit Mitel VoIP Systems to Breach Business Networks

Malaysia saw 282% y-o-y jump in ransomware attacks in 1H22 — Trend Micro

Microsoft Fixes Two Zero-Days This Patch Tuesday

Microsoft Teams stores auth tokens as cleartext in Windows, Linux, Macs

National Cyber Security Centre (NCSC) warns public of potential Queen-related phishing attacks

New Lenovo BIOS updates fix security bugs in hundreds of models

North Korean cyberespionage actor Lazarus targets energy providers with new malware

Over 280,000 WordPress Sites Attacked Using WPGateway Plugin Zero-Day Vulnerability

Phishing page embeds keylogger to steal passwords as you type

Ransomware gang threatens 1m-plus medical record leak

Researchers Detail OriginLogger RAT — Successor to Agent Tesla Malware

Retail industry suffers as ransomware attacks rise by 75%

SMBs hardest hit by ransomware

SparklingGoblin APT Hackers Using New Linux Variant of SideWalk Backdoor

The Future of Hybrid Work and Cybersecurity Risks

The Global State of Cybersecurity Is Not Good

Thwarting attackers in their favorite new playground: Social media

Vulnerabilities Found in Airplane WiFi Devices, Passengers' Data Expo

13/09

5 Kali Linux books you should read this year

Albania says it has repelled renewed Iranian cyber attack that rattled border system

Apple fixes actively exploited zero-day in macOS, iOS (CVE-2022-32917)

Apple Releases iOS and macOS Updates to Patch Actively Exploited Zero-Day Flaw

Asian Governments and Organizations Targeted in Latest Cyber Espionage Attacks

Beef up your Cyber Protection with Multi Factor Authentication

Can FIDO Passkeys and Accountability Coexist?

China says NSA used multiple cybersecurity tools in attacks against Chinese university

Chinese-linked cyber crims nab $529 million from Indian nationals

Cisco: Yes, Yanluowang leaked our data. No, it's not serious

Critical input needed: US critical infrastructure asked to engage on proposed cyber reporting rules

CrowdStrike threat report: Intrusions up, breakout time down

Cyber espionage campaign targets Asian countries since 2021

Cyberspies drop new infostealer malware on govt networks in Asia

FS-ISAC 2022: Cloud Security for Financial Services

Hackers breach software vendor for Magento supply-chain attacks

Hackers Steal Steam Credentials With 'Browser-in-the-Browser' Technique

How GRC protects the value of organizations — A simple guide to data quality and integrity

How prepared are organizations to tackle ransomware attacks?

How to get inside the mind of hackers

Implent Cloud Security Tools Now, Not Later

iOS 15.7: Apple patches new iPhone security flaw, so it's time to update

Iran-linked TA453 used new Multi-Persona Impersonation technique in recent attacks

Iranian Hackers Launch Renewed Attack on Albania

Iranian Hackers Target High-Value Targets in Nuclear Security and Genomic Research

It’s like a veritable fire sale on Indonesians’ personal data

JumpCloud Adds Decentralized Password Manager to Portfolio

LAUSD Ransomware Attack: Action Too Little, Too Late?

Microsoft September 2022 Patch Tuesday fixes zero-day used in attacks, 63 flaws

Modernizing data security with a zero trust approach to data access

Montenegro and its allies are working to recover from the massive cyber attack

New PsExec spinoff lets hackers bypass network security defense

One month after Black Hat exposure HP enterprise kit still unpatched

Orca Security Reports Widespread Cloud Security Issues

Organizations should fear misconfigurations more than vulnerabilities

Police arrest man for laundering tens of millions in stolen crypto

Pro-Palestinian group GhostSec hacked Berghof PLCs in Israel

“Proactive cyber defense” to be introduced to critical infrastructure

Ransomware Gang Hacks VoIP for Initial Access

Reimagining the approach to incident response

Researchers Warn of 674% Surge in Deadbolt Ransomware

Retbleed Security Fix Makes Linux go 70% Slower

Rule Over Your Dependencies and Scan at Your Own Open Source Risk

ShadowPad-Associated Hackers Targeted Asian Governments

Singapore corporations making progress in preventing cyberattacks

Tax fraud ring leader jailed for selling children’s stolen identities

The scary future of the internet: How the tech of tomorrow will pose even bigger cybersecurity threats

Trend Micro addresses actively exploited Apex One zero-day

Trend Micro warns of actively exploited Apex One RCE vulnerability

U-Haul reports data breach, customers’ info exposed

U.S. Chamber Opposes FTC Rulemaking on Data Privacy

What is SOC2 Compliance?

Windows 10 KB5017308 and KB5017315 updates released

12/09

6 trends driving hardware cybersecurity innovation

After Possible Cyberattack, Suffolk Deploys Manual Record-Keeping

Aneurin Bevan Health board warns no quick fix to cyber attack

Apple fixes eighth zero-day used to hack iPhones and Macs this year

Bad bots are coming at APIs! How to beat the API bot attacks?

Be careful, these exchange sites are the target of a vast phishing campaign!

Building a successful cybersecurity business, one client at a time

Can you afford to cut back on web application security?

Central New York (CNY) medical billing company faces lawsuit after ransomware attack

Chaos continues as district tries to recover from systems hack

China Accuses NSA's TAO Unit of Hacking its Military Research University

Cisco confirms Yanluowang ransomware leaked stolen company data

Cops Raid Suspected Fraudster Penthouses

Cyber Attack on IHG Impacted Hotel Booking System and Mobile Apps; Exposes Unknown Quantity of Data, Causes Extended System Outage

‘Cyber insecurity’ in healthcare is leading to increased patient mortality rates

Digital attacks from the IT army: more than 2400 paralyzed online resources in 2 weeks

Exhausted IT Security Teams Battle Rise of Deepfakes, API Attacks

Extortion Group 'Vice Society' Targeting Public Schools

Finlandia: National Bureau of Investigation (NBI) suspects 3 of gross negligence in therapy firm's data breach

Former members of Conti ransomware group repurposing tools to attack Ukraine, Google says

Google Play Store Introduces Data Breach Alerts For Compromised Accounts

Hackers Compromise Employee Data at PVC-Maker Eurocell

Hackers steal Steam accounts in new Browser-in-the-Browser attacks

Hacktivist Group GhostSec Compromises 55 Berghof PLCs Across Israel

High Severity Vulnerabilities Found in HP Enterprise Devices

Homeworkers putting home and business cyber-safety at risk

ICO Slams Government Departments Over FOI Failings

Identity protection is key to metaverse innovation

Infoblox’s Cyber Threat Intelligence Report highlights smishing and vulnerabilities in WordPress websites

Investigators Seize $30m in Stolen Crypto from North Korea

Iranian Ministry of Intelligence sanctioned after Albania cyber attack

Lawsuit Filed Against 49ers After Ransomware Attack

Lorenz ransomware breaches corporate network via phone systems

Malware vs spyware vs ransomware - what’s the difference?

Many health care organizations lack resources to fend off cyberattacks

Mediant Communications data breach class action settlement

Montenegro defends massive cyber attack by Russia

MSPs and cybersecurity: The time for turning a blind eye is over

Multiple ransomware campaigns linked to Iranian threat actor DEV-0270

Napa Valley College ransomware attack caused possible data breach

North Korean Lazarus Group Hacked Energy Providers Worldwide

Numerous HP business laptops and desktops vulnerable to publicly disclosed security bugs

One Medical, Inc. Reports Data Breach that Leaked Social Security Numbers and Health Information

OpenAPIs and Third-Party Risks

Oxeye Discovers Several High Severity IDOR Vulnerabilities in Harbor

Pharming: another reason to think before you click

Philippine Airlines Suffers Cyberattack With Frequent Flyer Program

Prior to Black Friday, delivery phishing schemes had already increased

Ransomware Actors Embrace Intermittent Encryption

Ransomware attacks on retail increase, average retail payment grows to more than $200K

Ransomware makes use of intermittent encryption to bypass detection algorithms

Ransomware Trends in 2022H1: State-Sponsored Ransomware, New Popular Targets and Evolving Extortion Techniques

Report: Benchmarking security gaps and privileged access

Samsung hit with class action lawsuit following data breach

San Francisco 49ers data breach affects 20K fans

Scammers defraud hundreds of victims from prison

Security Awareness Training Must Evolve to Align With Growing E-Commerce Security Threats

SERV Behavioral Health System reports data breach

Signs That May Indicate Your Phone Is Hacked

South Africa’s thriving banking sector is vulnerable to cybercrime

Supply chain leaving Aussie orgs at risk of ransomware

Texas hospital facing communication issues, system rebuild amid ransomware attack

The days of the online password are numbered

Thousands of QNAP NAS devices hit by DeadBolt ransomware (CVE-2022-27593)

Threats to air force assets too real to ignore

U-Haul discloses data breach exposing customer driver licenses

Ukraine’s IT Army paralyzed 2,400 Russian resources in 2 weeks

VPN vs. Zero Trust Network Access: What’s the difference?

Western Balkans Urged to Prepare for Uptick in Cyber-Attacks

Why Are Cybersecurity Training Programs Essential For Businesses?

Will hospitals ever be free from cyber threats?

Yanluowang Ransomware Hackers Steal 55GB of Data From Cisco Network

11/09

Albania: Durres Port Still Without TIMS System Due to Cyber Attack

Argument for Multi-Factor Authentication

Business Email Compromise: Important things you should know & how to avert BEC scams

Fake Minecraft updates pose threat to users

Fake SingPost website turns out to be phishing scam, requires users to make payment

Firmware bugs in many HP computer models left unfixed for over a year

Five energy scams to look out for as criminals exploit cost of living crisis

How scammers harvest user information

In response to a recent data breach, Samsung is facing a class action lawsuit

Increased Mortality Rates Linked to Cyber-Attacks Against Healthcare Organizations

Iran-linked APT42 is behind over 30 espionage attacks

Iranian APT42 Launched Over 30 Espionage Attacks Against Activists and Dissidents

Ireland's position in the world does not protect it from attacks by other countries

Numerous people have infected PCs as a result of fake Minecraft updates

Over Three-Quarters of Retailers Hit by Ransomware in 2021

Philippine Airlines' Mabuhay Miles suffers data breach

Poll: Do you take precautions against cyber attacks?

Ransomware attacks targeting US school districts, hospitals

Ransomware Groups are Adopting ‘Intermittent Encryption’ for Better Results

The ransomware problem won't get better until we change one thing

UP Police talks about cyber security with 'Brahmastra' twist. Seen it yet?

Vulnerability in WordPress BackupBuddy Plugin Exploited By Hackers

NEWS: Setembro (04/09 - 10/09) - 36 Semana de 2022