DAILY NEWS: Setembro (25/09 - 01/10) - 39 Semana de 2022

Cyber Security and Information Security News - Daily Updates !! Weekly Review

01/10


3 types of potential business liability associated with data breaches


A Security Expert Tells Us How To Protect Your Personal Data From Hackers


Chinese Hackers Hiding Malware in Windows Logo


CISA Warns of Hackers Exploiting Critical Atlassian Bitbucket Server Vulnerability


Eight Shangri-La hotels in Asia hit by data breach, potentially exposing guest information


Electricity Company of Ghana (ECG) systems hacked with ransomware


Guacamaya hacktivists stole sensitive data from Mexico and Latin American countries


Hackers targeted 8 Shangri-La hotels between May and July, guests' data potentially leaked


Hotel Booking App Ordered to Compensate 300 Customers for Data Breach


How to mitigate the risk of the Optus data breach


Lazarus hackers abuse Dell driver bug using new FudModule rootkit


Microsoft to let Office 365 users report Teams phishing messages


"Phishing" scam warning


Protecting online data has never been more vital


'Shangri-La hack may affect over 290,000 HK guests'


State-Sponsored Hackers Likely Exploited MS Exchange 0-Days Against ~10 Organizations


The true costs of a breach — and does your business really have to pay the ransom?


What businesses need to know about investigating, remediating and reporting a data breach


What Is SIM Jacking and What Can You Do to Protect Yourself?


30/09


7 Ways to Prevent a Smartphone Data Breach


90% of companies affected by ransomware in 2022


2,857 Geisinger patients affected by 3rd-party data breach


Attackers use novel technique, malware to compromise hypervisors and virtual machines


BlackCat said they breached US Department of Defense contractor and went offline


Business Email Compromise (BEC) – One of the most common yet Dangerous Attacks


Capital One to pay $190m to settle a class-action lawsuit on 2019 data breach


CISA: Hackers exploit critical Bitbucket Server flaw in attacks


City council's planning system back up and running nine months after hack


Country Doctor Community Clinic Files Official Notice of a Data Breach with the Federal Government


Cyber attack: Gloucester City Council planning site mostly restored


Cyber Attacks Against Middle East Governments Hide Malware in Windows logo


Cybercriminals See Allure in BEC Attacks Over Ransomware


Data breach at border agency contractor involved up to 1.38 million licence plates


Data breach fears make older borrowers reluctant to share home loan data online


Fake US govt job offers push Cobalt Strike in phishing attacks


Financial phishing still on the rise


Germany arrests hacker for stealing €4 million via phishing attacks


Hacker groups assist Iranian protestors


Hackers Backdoor Pirated Windows OS With Cryptominer and Xtreme RAT


Hackers Hide Malware in Windows Logo, Target Middle East Governments


Hacking Attack Narrowly Misses Davenport, Iowa, School District


Hotel booking app ordered to compensate 300 customers for data breach


How a Data Breach Could Sink an SME


How Public Agencies Can Reduce Risk of Data Breaches


HSE cyber attack cost taxpayers at least €101m, with a further €657m to be spent safeguarding against repeat attacks


If you get an email warning your info is on the Dark Web, here’s what to do


Internal Revenue Service (IRS) reports significant increase in texting scams; warns taxpayers to remain vigilant


Lazarus-Associated Hackers Weaponize Open-Source Tools Against Several Countries


LeakBase Announces Swachhata Platform Breached, 16 Million User PII Records Exposed


LA School District Ransomware Attackers Now Threaten to Leak Stolen Data


Magellan Health settles for $1.43M after data breach, delayed notification


MI5 website briefly knocked offline by possible cyber attack


Microsoft Confirms 2 New Exchange Zero-Day Flaws Being Used in the Wild


Microsoft Confirms Two 0-Days Being Exploited Against Exchange Servers


Microsoft Exchange Server Vulnerabilities CVE-2022-41040 and CVE-2022-41082


Mysterious Optus hacker suddenly DISAPPEARS from the site where they posted their chilling threats after issuing a grovelling apology to the telco


Neurology Center of Nevada Reports Recent Data Breach Affecting 11k+ Patients


New Malware Campaign Targeting Job Seekers with Cobalt Strike Beacons


New Malware Families Found Targeting VMware ESXi Hypervisors


North Korean Hackers Weaponizing Open-Source Software in Latest Cyber Attacks


Northern California Fertility Medical Center Announces Data Breach Leaking Patients’ Protected Health Information


Optus breach victims will get "supercharged" fraud protection


Optus to pay for new passports


Organizations Battle Ransomware Targeting Supply Chains


Over 145,000 customers' data was exposed in agency data breach incident – report


Physician’s Business Office Files Notice of Data Breach Affecting Over 196k Patients


Quantifying the risk of cybersecurity


Ransomware, identity theft and virtual attacks fast becoming growing threats in Asia


SaaS Data targetted by half of Ransomware Attacks in last 12 months


Seattle Children's notifies 6,750 patients of third-party data breach


Solana PayPal Invoice Scam


South Korea: ATM Withdrawals Capped to Thwart Phishing Scams


Texas healthcare provider FMC Services suffers a ransomware attack


The Coeur Group notifies patients of data breach


The Psychological Effects of Getting Your Data Leaked That No One Talks About


Toolkit, formerly employed for cybersecurity is now made accessible to hacker communities


Top issues driving cybersecurity: Growing number of cybercriminals, variety of attacks


Vice Society raises ransomware pressure on Los Angeles school district


Warning over new ‘Erbium’ malware that steals credit card details and personal data


What Proof of Stake Means for the Future of Blockchain Security


29/09


5 Things You Need To Know About Data Privacy


65% of companies are considering adopting VPN alternatives


75% of AU companies had cloud security incident in past year


Anxious wait: Optus victims unsure of data hack fallout


Assistant Treasurer Stephen Jones says Optus hacker 'appears' to be individual criminal amid massive data breach


Australia flags tough new data protection laws this year


Australian Electoral Commissioner (AEC) says no need to update enrolment information after Optus data breach


Backup as last line of defense against HK ransomware threats


Black Friday shoppers warned to be vigilant as online scams are on the rise


Brazilian Prilex Hackers Resurfaced With Sophisticated Point-of-Sale Malware


Business Email Compromise (BEC) attacks: Most victims aren't using multi-factor authentication – apply it now and stay safe


Canberrans most at risk to receive new, free driver licence


Chaos IoT malware taps Go language to harvest Windows, Linux for DDoS attacks


Crypto-Thieves Cost Victims 53 Times What They Make


Cybersecurity expertise needs to be incorporated into Bangladeshi company boards


Data of 72% of local, state govt bodies encrypted after ransomware attacks: report


Data security trends: 7 statistics you need to know


DJVU: The Ransomware That Seems Strangely Familiar…


Effects of Optus breach will linger: Jones


Fancy Bear Hackers Distributing Graphite Malware using PowerPoint Files


Fears of long impact from Optus breach


Financial Phishing Cyberattacks Significantly Increase in Kenya and Nigeria in Q2 of 2022


Fired admin cripples former employer's network using old credentials


Former Virgin Mobile, Gomo customers could also be victims of Optus data hack


Government, Union-Themed Lures Used to Deliver Cobalt Strike Payloads


GTA 6 Hacker Allegedly Sold GTA 5 Source Code Before Arrest


Hackers Aid Protests Against Iranian Government with Proxies, Leaks and Hacks


Hackers turn to Signal, Telegram and Dark Web to assist Iranian protestors


Hacking group hides backdoor malware inside Windows logo image


Half of adults in England and Wales receive ‘phishing’ messages, ONS data reveals


Holiday Inn owner says booking systems fully restored after cyber attack


Hong Kong, Aoyuan Healthy Life Group hit by PT_Moisha ransomware group


How is SOVA virus infecting your phone? State Bank of India (SBI), Punjab National Bank (PNB) customers beware


Ignorance isn’t bliss: How tech users lack fundamental cybersecurity knowledge


Internal Revenue Service (IRS) Warns of "Industrial Scale" Smishing Surge


It takes the average hacker less than 10 hours to find vulnerabilities


Lazarus Hacker Group Targets MacOS Users Through Crypto Jobs


Magellan Health settles data breach lawsuit for $1.43M


Malware builder uses fresh tactics to hit victims with Agent Tesla RAT


Matrix: Install security update to fix end-to-end encryption flaws


Microsoft: Lazarus hackers are weaponizing open-source software


Mid Sussex councillor calls for Housing Ombudsman to investigate Clarion Housing Association after cyber attack


Mobile, Cloud and Email Are Top Threat Vectors For 2023


Moody's says hospitals, utilities face high hacking risks


Multifactor authentication isn't perfect, passwordless is better


Nearly 75% of local and state government organizations attacked by ransomware had their data encrypted, Sophos survey finds


New Chaos malware spreads over multiple architectures


New malware backdoors VMware ESXi servers to hijack virtual machines


New Microsoft Exchange zero-days actively exploited in attacks


New Royal Ransomware emerges in multi-million dollar attacks


Nigeria and Kenya Records High Rate of Financial Phishing Cyberattacks in Q2 of 2022 According to Kaspersky Report


Office exploits continue to spread more than any other category of malware


Optus tells former Virgin Mobile and Gomo customers they could also be part of data breach


Personal App Use on the Rise – And So Are Cloud Security Risks


Police say hacker concealed ID in Australian privacy breach


Ransomware attack on Suffolk County heightens importance of cybersecurity for local municipalities


Researchers Discover Chaos, a Golang Multipurpose Botnet


Researchers Uncover Covert Attack Campaign Targeting Military Contractors


Russian hackers' lack of success against Ukraine shows that strong cyber defences work, says cybersecurity chief


SaaS data was the target of half of recent ransomware attacks


Singapore firms see 54 cybersecurity incidents daily, struggle to keep up


Sussex MPs warn about energy bills phishing scam


Swachh City Platform Suffers Data Breach Leaking 16 Million User Records


The Increasing Concern of Public-Sector Cybersecurity in State and Local Government


The rise of the dark web corporation


Training can help swing odds against ransomware in favor of financial industry


Trend Micro blocked and detected over 55mln threats in Saudi Arabia


UK is a top three ransomware target


Upgraded Prilex Point-of-Sale malware bypasses credit card security


US Defense Contractor Victimized by Ransomware Attack


What Is Vishing? And How to Protect Against It


What Telcos Should Learn from the Optus Breach


White House Releases Software Supply Chain Security Guidance


28/09


3 types of attack paths in Microsoft Active Directory environments


A personal perspective on investing in cybersecurity


American Airlines Data Breach Linked to a Phishing Campaign Exposed Sensitive Customer and Employee Personal Information


API Security Incidents Rise, Despite Confidence in Protection


APT28 relies on PowerPoint Mouseover to deliver Graphite malware


Auth0 warns that some source code repos may have been stolen


Bl00dy ransomware gang started using leaked LockBit 3.0 builder in attacks


Businesses find remote work security risks less daunting than before


Cost of a Data Breach: Infrastructure


Critical WhatsApp Bugs Could Have Let Attackers Hack Devices Remotely


Cryptominers hijack $53 worth of system resources to earn $1


Cyber Criminals Using Quantum Builder Sold on Dark Web to Deliver Agent Tesla Malware


Cyber-Threats Top Business Leaders' Biggest Concerns


Ethernet VLAN Stacking flaws let hackers launch DoS, MiTM attacks


Facebook Shuts Down Covert Political 'Influence Operations' from Russia and China


Google to test disabling Chrome Manifest V2 extensions in June 2023


GTA 6 teen hacker pleads not guilty in court


Hacker breaches Fast Company systems to send offensive Apple News notifications


Hacker shares how they allegedly breached Fast Company’s site


Hackers are making DDoS attacks sneakier and harder to protect against


Hackers Use Telegram and Signal to Assist Protestors in Iran


Hackers Using PowerPoint Mouseover Trick to Infect System with Malware


How to lock active incognito tabs on Android Chrome for more privacy


How To Protect Your Reputation After A Hack Or Data Breach


ICO Reprimands UK Organizations for GDPR Failings


Initial Access Brokers and Blocking the Continued March of Ransomware


Intruder alert! How one hacker infiltrated Uber


IRS warns Americans of massive rise in SMS phishing attacks


Is Microsoft really going to cut off security updates for your 'unsupported' Windows 11 PC?


Leaked LockBit 3.0 builder used by ‘Bl00dy’ ransomware gang in attacks


MEV bot earns $1M but loses everything to a hacker an hour later


Meta Takes Down Russian "Smash-and-Grab" Disinformation Campaign


Multi-platform Chaos malware threatens to live up to its name


New Chaos malware infects Windows, Linux devices for DDoS attacks


NUVOLA: the new Cloud Security tool


Optus confirms 14,900 active Medicare details exposed in data breach


Paying the ransom is still the most common response to a ransomware attack


Researchers Warn of New Go-based Malware Targeting Windows and Linux Systems


Russia demands answers after Apple kicks VK apps from App Store


Stealthy hackers target military and weapons contractors in recent attack


The holy trifecta for developing a secure API


The Optus hacker is being treated as the real deal by the government. Its apology can’t be trusted


There's been a big rise in hackers targeting Google Chrome - doing this one thing can help protect you


These advanced phishing tactics should put all businesses on high alert


Threat actors use Quantum Builder to deliver Agent Tesla malware


What to do if you’re impacted by a data breach


WatchGuard Report: Malware Decreases but Encrypted Malware Up in Q2 2022


Wolfi Linux provides the control needed to fix modern supply chain threats


27/09


46 percent of ransomware attacks happen in the US but who are the targets?


Alleged Optus Hacker Apologizes, Deletes Customers' Exposed Data


Australian police probe purported hacker's ransom demand


CISOs Have Lost Confidence in Ability to Quash Ransomware


Defense Giant Elbit Confirms Data Breach After Ransomware Gang Claims Hack


Evolving ransomware requires a modern approach to data management and protection


Experts Uncover 85 Apps with 13 Million Downloads Involved in Ad Fraud Scheme


Extortion Economics: Ransomware’s New Business Model


Federal government under pressure to reveal Optus data breach plan as FBI called in to help


Fintech Company Suffers Data Breach


Fraudsters adapt phishing scams to exploit cost-of-living crisis


Fulcrum Utility Services hit by cyber attack but no data breached


Global Firms Deal with 51 Security Incidents Each Day


Hacker Behind Optus Breach Releases 10,200 Customer Records in Extortion Scheme


Hackers are testing a destructive new way to make ransomware attacks more effective


Lazarus Group Targets MacOS Users Seeking Crypto Jobs


Lazarus hackers drop macOS malware via Crypto.com job offers


Legacy tech is undermining responses to ransomware in UK


Machines make up 43% of digital identities on enterprise networks


Malicious Oauth app enables attackers to send spam through corporate cloud tenants


Meaningful Learnings from the Uber Breach


Meta dismantles massive Russian network spoofing Western news sites


Microsoft Sway Pages Weaponized to Perform Phishing and Malware Delivery


MS SQL servers are getting hacked to deliver ransomware to orgs


New NullMixer Malware Campaign Stealing Users' Payment Data and Credentials


North Korea's Lazarus Hackers Targeting macOS Users Interested in Crypto Jobs


Observing the Changing Nature of Security within Organizations


Open source projects under attack, with enterprises as the ultimate targets


Optus data breach: an update for APRA regulated entities


Optus hacker apologizes and allegedly deletes all stolen data


Optus under further fire for cyber breach, purported hacker claims data deleted


Oxford Health: Cyber attack continues to hit NHS trust's services


Phishing Attacks Are At Their Highest As Figures Quadruple From 2020, Claims New Study


Ransomware Attacks Fall as Groups Restructure


Ransomware report finds reduction in percentage of organizations with disaster recovery plans in place


Retail and Wholesale Saw Over 400% Increase in Phishing Attacks


RiskLens Fast Facts on Cyber Risk for Local Governments – Suffolk County, NY, Ransomware Attack


Suffolk County Data Breach Puts Contracts On Back Burner


The Dire Warnings in the Lapsus$ Hacker Joyride


The Grand Tour’s Jeremy Clarkson Targeted By Russia-Based Hacker Group


The Guide To Dealing With A Ransomware Crisis For Businesses


TikTok Facing £27m UK Regulatory Fine


Ukraine Busts Pro-Russia Hackers Who Stole 30M Accounts of EU Citizens


Ukraine Says Russia Planning Massive Cyberattacks on its Critical Infrastructures


US branch of Israeli defense contractor Elbit hit by data breach


Why Continuous Security Testing is a Must for Organizations Today


Why zero trust should be the foundation of your cybersecurity ecosystem


26/09


3 ways to gauge your company’s preparedness to recover from data loss


5 Network Security Threats And How To Protect Yourself


6 Healthcare Cybersecurity, Operational Strategies For Successful CISOs


75% of fraudulent online banking payments originate from trusted devices


A third of Irish firms surveyed have paid cyber ransoms, paying out an average of €22,773 each


A world without cybersecurity


Adware on Google Play and Apple Store installed 13 million times


American Airlines phishing attack involved unauthorized access to Microsoft 365


Apex Capital Corp. Reports Data Breach That Compromised Individuals’ Social Security Numbers


Australia flags privacy overhaul after huge cyber attack on Optus


Australia mulls tougher cybersecurity laws after data breach


BlackCat Ransomware Attackers Spotted Fine-Tuning Their Malware Arsenal


Calgary Parking investigation reveals more than 145,000 customers exposed during data breach


Caught up in the Optus data breach? Here's what to do immediately


Chinese Espionage Hackers Target Tibetans Using New LOWZERO Backdoor


CI Fuzz CLI: Open-source tool simplifies fuzz testing for C++


Criminals are using QR codes to scam people in restaurants!


Diodes Incorporated Confirms Recent Data Breach Affecting SSNs and Health Information


‘Don’t pay cyber ransoms’ – Garda warning as it’s revealed a third of SMEs have paid criminal groups this year


Fraud crimes up by 25% in two years, figures suggest


GTA 6 hacker update: Now charged with violation of bail and computer misuse


Hackers leak French hospital patient data in ransom fight


Hackers Use NullMixer and SEO to Spread Malware More Efficiently


Hackers use PowerPoint files for 'mouseover' malware delivery


HC3 Details APT41 Cyberattack Tactics, Risks to Healthcare Cybersecurity


How confident are IT pros in their tech career?


How the CIO’s relationship to IT security is changing


How To Defend Against Ransomware Attacks: Where Security Automation Fits In


Keep Universities Secure in Today’s Cyber Threat Environment


Major Berry Producer, Reiter Affiliated Companies, LLC, Confirms Leaked SSNs in the Wake of Recent Data Breach


Microsoft SQL Server targeted by ransomware


Nearly 150K customer records accessed during 2021 data breach: Calgary Parking Authority


New Erbium password-stealing malware spreads as game cracks, cheats


North Macedonia Ministry Denies Covering up Ransomware Attack


Notice of Phishing Incident from CSI Laboratories


Online fraudsters adapt tactics to exploit UK cost of living crisis


Optus Faces $1Million Ransom Due to Cloud Misconfiguration


Optus has not covered itself in glory in handling of breach


Phishing attacks skyrocketing, over 1 million observed


Ransomware Affiliates Adopt Data Destruction


Ransomware attacks continue increasing: 20% of all reported attacks occurred in the last 12 months – new survey


RCE in Sophos Firewall is being exploited in the wild (CVE-2022-3236)


ReasonLabs Unveils Multimillion Dollar Global Credit Card Scam


Researchers Identify 3 Hacktivist Groups Supporting Russian Interests


Richemont’s Watchfinder Reports Customer Data Breach


Russian hackers leak personal data of Ukraine intelligence agents


Security Priorities Are Shifting as 90% Of Organizations Fail To Address Cybersecurity Risks


Simple Yet Vital Ways to Safeguard Yourself Against Online Threats


SQL Server admins warned about Fargo ransomware


Suffolk Civil Service Exams Canceled For Saturday After Cyberattack


T-Mobile has agreed to pay $350 million to settle complaints from last year’s data breach


The biggest cyber attacks of 2022


TikTok may be fined £27m for failing to protect children


Tomorrow’s connected car technologies: risk or reward?


Uber Hack Not Just A Reputational Damage But Reveals Basic Security Flaws


UK Teen Arrested on Computer Misuse Charges


US Duo Plead Guilty to $30m Forex Fraud Scheme


Vanity Addresses in the Spotlight Again as Hacker Gets Away With $950,000


Vice Society claims ransomware attack that hit six UK schools in Scholars’ Education Trust


What Are Disassociation Attacks?


What does the Optus data breach mean for you and how can you protect yourself? A step-by-step guide


25/09


3-2-1-1-0 rule to stay ahead of ransomware


Attackers impersonate CircleCI platform to compromise GitHub accounts


Australia: Cyber-attack on wireless firm exposes data belonging to 40% of this country's population


“BlackCat” attempts to up the pressure on Suffolk County; starts to leak data?


Covid antigen test results of 1.7m Indian and foreign nationals leaked online


Federal government to unveil new security measures following massive Optus data breach


GTA 6 and Uber hacker reportedly caught by London police: Know details


How Malware Hides in Images and What You Can Do About It


Metador: A New Hacking Group Hiding in Telecoms and ISPs For Months


New hacking group ‘Metador’ lurking in ISP networks for months


Noberus ransomware gets info-stealing upgrades, targets Veeam backup software


Optus data breach: Cybersecurity reforms expected to enable companies to rapidly inform financial institutions


Optus faces a customer exodus, calls for compensation amid anger over leaked data


Personal details of stars including Sir David Attenborough & Sarah Ferguson leaked after Russian cons hack organic shop


Ransomware data theft tool may show a shift in extortion tactics


UK Police nab alleged 'GTA VI' footage leaker


Warning over scam Ofgem emails claiming to offer energy bill rebate



DAILY NEWS: Setembro (18/09 - 24/09) - 38 Semana de 2022

Who am I...

Apenas um amante da tecnologia e da Segurança da Informação. Hacker ? Até que prove ao contrário não.. Profissional ? Sim.. Mais de 20 anos no mercado de Segurança da Informação sempre atuando em grandes Empresas.

 

Levantando a bandeira de que hacker é um profissional e especialista naquilo que ele faz. Hacker é um especialista, um pesquisador, um profissional como outro qualquer.

Skatista, músico e fotógrafo de instagram nas horas vagas....

Procurar por Tags