DAILY NEWS: Setembro (25/09 - 01/10) - 39 Semana de 2022
Cyber Security and Information Security News - Daily Updates !! Weekly Review

01/10
3 types of potential business liability associated with data breaches
A Security Expert Tells Us How To Protect Your Personal Data From Hackers
Chinese Hackers Hiding Malware in Windows Logo
CISA Warns of Hackers Exploiting Critical Atlassian Bitbucket Server Vulnerability
Eight Shangri-La hotels in Asia hit by data breach, potentially exposing guest information
Electricity Company of Ghana (ECG) systems hacked with ransomware
Guacamaya hacktivists stole sensitive data from Mexico and Latin American countries
Hackers targeted 8 Shangri-La hotels between May and July, guests' data potentially leaked
Hotel Booking App Ordered to Compensate 300 Customers for Data Breach
How to mitigate the risk of the Optus data breach
Lazarus hackers abuse Dell driver bug using new FudModule rootkit
Microsoft to let Office 365 users report Teams phishing messages
Protecting online data has never been more vital
'Shangri-La hack may affect over 290,000 HK guests'
State-Sponsored Hackers Likely Exploited MS Exchange 0-Days Against ~10 Organizations
The true costs of a breach — and does your business really have to pay the ransom?
What businesses need to know about investigating, remediating and reporting a data breach
What Is SIM Jacking and What Can You Do to Protect Yourself?
30/09
7 Ways to Prevent a Smartphone Data Breach
90% of companies affected by ransomware in 2022
2,857 Geisinger patients affected by 3rd-party data breach
Attackers use novel technique, malware to compromise hypervisors and virtual machines
BlackCat said they breached US Department of Defense contractor and went offline
Business Email Compromise (BEC) – One of the most common yet Dangerous Attacks
Capital One to pay $190m to settle a class-action lawsuit on 2019 data breach
CISA: Hackers exploit critical Bitbucket Server flaw in attacks
City council's planning system back up and running nine months after hack
Country Doctor Community Clinic Files Official Notice of a Data Breach with the Federal Government
Cyber attack: Gloucester City Council planning site mostly restored
Cyber Attacks Against Middle East Governments Hide Malware in Windows logo
Cybercriminals See Allure in BEC Attacks Over Ransomware
Data breach at border agency contractor involved up to 1.38 million licence plates
Data breach fears make older borrowers reluctant to share home loan data online
Fake US govt job offers push Cobalt Strike in phishing attacks
Financial phishing still on the rise
Germany arrests hacker for stealing €4 million via phishing attacks
Hacker groups assist Iranian protestors
Hackers Backdoor Pirated Windows OS With Cryptominer and Xtreme RAT
Hackers Hide Malware in Windows Logo, Target Middle East Governments
Hacking Attack Narrowly Misses Davenport, Iowa, School District
Hotel booking app ordered to compensate 300 customers for data breach
How a Data Breach Could Sink an SME
How Public Agencies Can Reduce Risk of Data Breaches
If you get an email warning your info is on the Dark Web, here’s what to do
Lazarus-Associated Hackers Weaponize Open-Source Tools Against Several Countries
LeakBase Announces Swachhata Platform Breached, 16 Million User PII Records Exposed
LA School District Ransomware Attackers Now Threaten to Leak Stolen Data
Magellan Health settles for $1.43M after data breach, delayed notification
MI5 website briefly knocked offline by possible cyber attack
Microsoft Confirms 2 New Exchange Zero-Day Flaws Being Used in the Wild
Microsoft Confirms Two 0-Days Being Exploited Against Exchange Servers
Microsoft Exchange Server Vulnerabilities CVE-2022-41040 and CVE-2022-41082
Neurology Center of Nevada Reports Recent Data Breach Affecting 11k+ Patients
New Malware Campaign Targeting Job Seekers with Cobalt Strike Beacons
New Malware Families Found Targeting VMware ESXi Hypervisors
North Korean Hackers Weaponizing Open-Source Software in Latest Cyber Attacks
Optus breach victims will get "supercharged" fraud protection
Optus to pay for new passports
Organizations Battle Ransomware Targeting Supply Chains
Over 145,000 customers' data was exposed in agency data breach incident – report
Physician’s Business Office Files Notice of Data Breach Affecting Over 196k Patients
Quantifying the risk of cybersecurity
Ransomware, identity theft and virtual attacks fast becoming growing threats in Asia
SaaS Data targetted by half of Ransomware Attacks in last 12 months
Seattle Children's notifies 6,750 patients of third-party data breach
South Korea: ATM Withdrawals Capped to Thwart Phishing Scams
Texas healthcare provider FMC Services suffers a ransomware attack
The Coeur Group notifies patients of data breach
The Psychological Effects of Getting Your Data Leaked That No One Talks About
Toolkit, formerly employed for cybersecurity is now made accessible to hacker communities
Top issues driving cybersecurity: Growing number of cybercriminals, variety of attacks
Vice Society raises ransomware pressure on Los Angeles school district
Warning over new ‘Erbium’ malware that steals credit card details and personal data
What Proof of Stake Means for the Future of Blockchain Security
29/09
5 Things You Need To Know About Data Privacy
65% of companies are considering adopting VPN alternatives
75% of AU companies had cloud security incident in past year
Anxious wait: Optus victims unsure of data hack fallout
Australia flags tough new data protection laws this year
Backup as last line of defense against HK ransomware threats
Black Friday shoppers warned to be vigilant as online scams are on the rise
Brazilian Prilex Hackers Resurfaced With Sophisticated Point-of-Sale Malware
Canberrans most at risk to receive new, free driver licence
Chaos IoT malware taps Go language to harvest Windows, Linux for DDoS attacks
Crypto-Thieves Cost Victims 53 Times What They Make
Cybersecurity expertise needs to be incorporated into Bangladeshi company boards
Data of 72% of local, state govt bodies encrypted after ransomware attacks: report
Data security trends: 7 statistics you need to know
DJVU: The Ransomware That Seems Strangely Familiar…
Effects of Optus breach will linger: Jones
Fancy Bear Hackers Distributing Graphite Malware using PowerPoint Files
Fears of long impact from Optus breach
Financial Phishing Cyberattacks Significantly Increase in Kenya and Nigeria in Q2 of 2022
Fired admin cripples former employer's network using old credentials
Former Virgin Mobile, Gomo customers could also be victims of Optus data hack
Government, Union-Themed Lures Used to Deliver Cobalt Strike Payloads
GTA 6 Hacker Allegedly Sold GTA 5 Source Code Before Arrest
Hackers Aid Protests Against Iranian Government with Proxies, Leaks and Hacks
Hackers turn to Signal, Telegram and Dark Web to assist Iranian protestors
Hacking group hides backdoor malware inside Windows logo image
Half of adults in England and Wales receive ‘phishing’ messages, ONS data reveals
Holiday Inn owner says booking systems fully restored after cyber attack
Hong Kong, Aoyuan Healthy Life Group hit by PT_Moisha ransomware group
Ignorance isn’t bliss: How tech users lack fundamental cybersecurity knowledge
Internal Revenue Service (IRS) Warns of "Industrial Scale" Smishing Surge
It takes the average hacker less than 10 hours to find vulnerabilities
Lazarus Hacker Group Targets MacOS Users Through Crypto Jobs
Magellan Health settles data breach lawsuit for $1.43M
Malware builder uses fresh tactics to hit victims with Agent Tesla RAT
Matrix: Install security update to fix end-to-end encryption flaws
Microsoft: Lazarus hackers are weaponizing open-source software
Mobile, Cloud and Email Are Top Threat Vectors For 2023
Moody's says hospitals, utilities face high hacking risks
Multifactor authentication isn't perfect, passwordless is better
New Chaos malware spreads over multiple architectures
New malware backdoors VMware ESXi servers to hijack virtual machines
New Microsoft Exchange zero-days actively exploited in attacks
New Royal Ransomware emerges in multi-million dollar attacks
Office exploits continue to spread more than any other category of malware
Optus tells former Virgin Mobile and Gomo customers they could also be part of data breach
Personal App Use on the Rise – And So Are Cloud Security Risks
Police say hacker concealed ID in Australian privacy breach
Ransomware attack on Suffolk County heightens importance of cybersecurity for local municipalities
Researchers Discover Chaos, a Golang Multipurpose Botnet
Researchers Uncover Covert Attack Campaign Targeting Military Contractors
SaaS data was the target of half of recent ransomware attacks
Singapore firms see 54 cybersecurity incidents daily, struggle to keep up
Sussex MPs warn about energy bills phishing scam
Swachh City Platform Suffers Data Breach Leaking 16 Million User Records
The Increasing Concern of Public-Sector Cybersecurity in State and Local Government
The rise of the dark web corporation
Training can help swing odds against ransomware in favor of financial industry
Trend Micro blocked and detected over 55mln threats in Saudi Arabia
UK is a top three ransomware target
Upgraded Prilex Point-of-Sale malware bypasses credit card security
US Defense Contractor Victimized by Ransomware Attack
What Is Vishing? And How to Protect Against It
What Telcos Should Learn from the Optus Breach
White House Releases Software Supply Chain Security Guidance
28/09
3 types of attack paths in Microsoft Active Directory environments
A personal perspective on investing in cybersecurity
API Security Incidents Rise, Despite Confidence in Protection
APT28 relies on PowerPoint Mouseover to deliver Graphite malware
Auth0 warns that some source code repos may have been stolen
Bl00dy ransomware gang started using leaked LockBit 3.0 builder in attacks
Businesses find remote work security risks less daunting than before
Cost of a Data Breach: Infrastructure
Critical WhatsApp Bugs Could Have Let Attackers Hack Devices Remotely
Cryptominers hijack $53 worth of system resources to earn $1
Cyber Criminals Using Quantum Builder Sold on Dark Web to Deliver Agent Tesla Malware
Cyber-Threats Top Business Leaders' Biggest Concerns
Ethernet VLAN Stacking flaws let hackers launch DoS, MiTM attacks
Facebook Shuts Down Covert Political 'Influence Operations' from Russia and China
Google to test disabling Chrome Manifest V2 extensions in June 2023
GTA 6 teen hacker pleads not guilty in court
Hacker breaches Fast Company systems to send offensive Apple News notifications
Hacker shares how they allegedly breached Fast Company’s site
Hackers are making DDoS attacks sneakier and harder to protect against
Hackers Use Telegram and Signal to Assist Protestors in Iran
Hackers Using PowerPoint Mouseover Trick to Infect System with Malware
How to lock active incognito tabs on Android Chrome for more privacy
How To Protect Your Reputation After A Hack Or Data Breach
ICO Reprimands UK Organizations for GDPR Failings
Initial Access Brokers and Blocking the Continued March of Ransomware
Intruder alert! How one hacker infiltrated Uber
IRS warns Americans of massive rise in SMS phishing attacks
Is Microsoft really going to cut off security updates for your 'unsupported' Windows 11 PC?
Leaked LockBit 3.0 builder used by ‘Bl00dy’ ransomware gang in attacks
MEV bot earns $1M but loses everything to a hacker an hour later
Meta Takes Down Russian "Smash-and-Grab" Disinformation Campaign
Multi-platform Chaos malware threatens to live up to its name
New Chaos malware infects Windows, Linux devices for DDoS attacks
NUVOLA: the new Cloud Security tool
Optus confirms 14,900 active Medicare details exposed in data breach
Paying the ransom is still the most common response to a ransomware attack
Researchers Warn of New Go-based Malware Targeting Windows and Linux Systems
Russia demands answers after Apple kicks VK apps from App Store
Stealthy hackers target military and weapons contractors in recent attack
The holy trifecta for developing a secure API
The Optus hacker is being treated as the real deal by the government. Its apology can’t be trusted
These advanced phishing tactics should put all businesses on high alert
Threat actors use Quantum Builder to deliver Agent Tesla malware
What to do if you’re impacted by a data breach
WatchGuard Report: Malware Decreases but Encrypted Malware Up in Q2 2022
Wolfi Linux provides the control needed to fix modern supply chain threats
27/09
46 percent of ransomware attacks happen in the US but who are the targets?
Alleged Optus Hacker Apologizes, Deletes Customers' Exposed Data
Australian police probe purported hacker's ransom demand
CISOs Have Lost Confidence in Ability to Quash Ransomware
Defense Giant Elbit Confirms Data Breach After Ransomware Gang Claims Hack
Evolving ransomware requires a modern approach to data management and protection
Experts Uncover 85 Apps with 13 Million Downloads Involved in Ad Fraud Scheme
Extortion Economics: Ransomware’s New Business Model
Federal government under pressure to reveal Optus data breach plan as FBI called in to help
Fintech Company Suffers Data Breach
Fraudsters adapt phishing scams to exploit cost-of-living crisis
Fulcrum Utility Services hit by cyber attack but no data breached
Global Firms Deal with 51 Security Incidents Each Day
Hacker Behind Optus Breach Releases 10,200 Customer Records in Extortion Scheme
Hackers are testing a destructive new way to make ransomware attacks more effective
Lazarus Group Targets MacOS Users Seeking Crypto Jobs
Lazarus hackers drop macOS malware via Crypto.com job offers
Legacy tech is undermining responses to ransomware in UK
Machines make up 43% of digital identities on enterprise networks
Malicious Oauth app enables attackers to send spam through corporate cloud tenants
Meaningful Learnings from the Uber Breach
Meta dismantles massive Russian network spoofing Western news sites
Microsoft Sway Pages Weaponized to Perform Phishing and Malware Delivery
MS SQL servers are getting hacked to deliver ransomware to orgs
New NullMixer Malware Campaign Stealing Users' Payment Data and Credentials
North Korea's Lazarus Hackers Targeting macOS Users Interested in Crypto Jobs
Observing the Changing Nature of Security within Organizations
Open source projects under attack, with enterprises as the ultimate targets
Optus data breach: an update for APRA regulated entities
Optus hacker apologizes and allegedly deletes all stolen data
Optus under further fire for cyber breach, purported hacker claims data deleted
Oxford Health: Cyber attack continues to hit NHS trust's services
Phishing Attacks Are At Their Highest As Figures Quadruple From 2020, Claims New Study
Ransomware Attacks Fall as Groups Restructure
Retail and Wholesale Saw Over 400% Increase in Phishing Attacks
RiskLens Fast Facts on Cyber Risk for Local Governments – Suffolk County, NY, Ransomware Attack
Suffolk County Data Breach Puts Contracts On Back Burner
The Dire Warnings in the Lapsus$ Hacker Joyride
The Grand Tour’s Jeremy Clarkson Targeted By Russia-Based Hacker Group
The Guide To Dealing With A Ransomware Crisis For Businesses
TikTok Facing £27m UK Regulatory Fine
Ukraine Busts Pro-Russia Hackers Who Stole 30M Accounts of EU Citizens
Ukraine Says Russia Planning Massive Cyberattacks on its Critical Infrastructures
US branch of Israeli defense contractor Elbit hit by data breach
Why Continuous Security Testing is a Must for Organizations Today
Why zero trust should be the foundation of your cybersecurity ecosystem
26/09
3 ways to gauge your company’s preparedness to recover from data loss
5 Network Security Threats And How To Protect Yourself
6 Healthcare Cybersecurity, Operational Strategies For Successful CISOs
75% of fraudulent online banking payments originate from trusted devices
A third of Irish firms surveyed have paid cyber ransoms, paying out an average of €22,773 each
Adware on Google Play and Apple Store installed 13 million times
American Airlines phishing attack involved unauthorized access to Microsoft 365
Apex Capital Corp. Reports Data Breach That Compromised Individuals’ Social Security Numbers
Australia flags privacy overhaul after huge cyber attack on Optus
Australia mulls tougher cybersecurity laws after data breach
BlackCat Ransomware Attackers Spotted Fine-Tuning Their Malware Arsenal
Calgary Parking investigation reveals more than 145,000 customers exposed during data breach
Caught up in the Optus data breach? Here's what to do immediately
Chinese Espionage Hackers Target Tibetans Using New LOWZERO Backdoor
CI Fuzz CLI: Open-source tool simplifies fuzz testing for C++
Criminals are using QR codes to scam people in restaurants!
Diodes Incorporated Confirms Recent Data Breach Affecting SSNs and Health Information
Fraud crimes up by 25% in two years, figures suggest
GTA 6 hacker update: Now charged with violation of bail and computer misuse
Hackers leak French hospital patient data in ransom fight
Hackers Use NullMixer and SEO to Spread Malware More Efficiently
Hackers use PowerPoint files for 'mouseover' malware delivery
HC3 Details APT41 Cyberattack Tactics, Risks to Healthcare Cybersecurity
How confident are IT pros in their tech career?
How the CIO’s relationship to IT security is changing
How To Defend Against Ransomware Attacks: Where Security Automation Fits In
Keep Universities Secure in Today’s Cyber Threat Environment
Microsoft SQL Server targeted by ransomware
Nearly 150K customer records accessed during 2021 data breach: Calgary Parking Authority
New Erbium password-stealing malware spreads as game cracks, cheats
North Macedonia Ministry Denies Covering up Ransomware Attack
Notice of Phishing Incident from CSI Laboratories
Online fraudsters adapt tactics to exploit UK cost of living crisis
Optus Faces $1Million Ransom Due to Cloud Misconfiguration
Optus has not covered itself in glory in handling of breach
Phishing attacks skyrocketing, over 1 million observed
Ransomware Affiliates Adopt Data Destruction
RCE in Sophos Firewall is being exploited in the wild (CVE-2022-3236)
ReasonLabs Unveils Multimillion Dollar Global Credit Card Scam
Researchers Identify 3 Hacktivist Groups Supporting Russian Interests
Richemont’s Watchfinder Reports Customer Data Breach
Russian hackers leak personal data of Ukraine intelligence agents
Security Priorities Are Shifting as 90% Of Organizations Fail To Address Cybersecurity Risks
Simple Yet Vital Ways to Safeguard Yourself Against Online Threats
SQL Server admins warned about Fargo ransomware
Suffolk Civil Service Exams Canceled For Saturday After Cyberattack
T-Mobile has agreed to pay $350 million to settle complaints from last year’s data breach
The biggest cyber attacks of 2022
TikTok may be fined £27m for failing to protect children
Tomorrow’s connected car technologies: risk or reward?
Uber Hack Not Just A Reputational Damage But Reveals Basic Security Flaws
UK Teen Arrested on Computer Misuse Charges
US Duo Plead Guilty to $30m Forex Fraud Scheme
Vanity Addresses in the Spotlight Again as Hacker Gets Away With $950,000
Vice Society claims ransomware attack that hit six UK schools in Scholars’ Education Trust
What Are Disassociation Attacks?
What does the Optus data breach mean for you and how can you protect yourself? A step-by-step guide
25/09
3-2-1-1-0 rule to stay ahead of ransomware
Attackers impersonate CircleCI platform to compromise GitHub accounts
Australia: Cyber-attack on wireless firm exposes data belonging to 40% of this country's population
“BlackCat” attempts to up the pressure on Suffolk County; starts to leak data?
Covid antigen test results of 1.7m Indian and foreign nationals leaked online
Federal government to unveil new security measures following massive Optus data breach
GTA 6 and Uber hacker reportedly caught by London police: Know details
How Malware Hides in Images and What You Can Do About It
Metador: A New Hacking Group Hiding in Telecoms and ISPs For Months
New hacking group ‘Metador’ lurking in ISP networks for months
Noberus ransomware gets info-stealing upgrades, targets Veeam backup software
Optus faces a customer exodus, calls for compensation amid anger over leaked data
Ransomware data theft tool may show a shift in extortion tactics
UK Police nab alleged 'GTA VI' footage leaker
Warning over scam Ofgem emails claiming to offer energy bill rebate