NEWS: Abril (01/05 - 07/05) - 18 Semana de 2022

Cyber Security and Information Security News - Daily Updates !!

07/05

Canada on high alert for ransomware attacks amid Russia’s invasion of Ukraine

Cryptocurrency related crimes decreased in 2020: Report

False-flag cyberattacks a red line for nation-states, says Mandiant boss

FBI: Business Email Compromise Scams Cost $43 billion

Hackers target NIMHANS, but data remains safe

One year on from the HSE cyber attack, could it happen again?

Protect yourself by using a strong and secure passwords

Ransomware: Fake Windows 10 Updates Might Get You In Trouble

Residents still feeling consequences of council cyber attack more than four months on

US offers $15 million reward for info on Conti ransomware gang

What Data Do VPNs Need to Send to the Indian Government?

06/05

5 hacks to keep your phone safe against viruses, malware, ransomware

69% of Philippines organizations experienced ransomware attacks in 2021

85% of Australian Organisations Suffered a Ransomware Incident in the Past Five Years; 72% Tried to Keep it Quiet: ExtraHop report

A Loan App, Morphed Obscene Images & Sextortion: A New Phishing Crime That Could Strip You of Money

A Year After Colonial Pipeline, Threat of Ransomware Attacks Looms

Action Fraud warn people about fake McAfee scam emails

AGCO Announces Ransomware Attack

As Ransomware Threats Mount, Focus Should be on Data-Centric Security

Attempted cyber-attack delays healthcare reimbursements in France

China-backed Winnti APT siphons reams of U.S. trade secrets in sprawling cyber-espionage attack

Customer Passwords are a Target for Cybercriminals: How to Address the Threat

Cyberespionage: New Mustang Panda campaign targets Europe

Data breach Discovered at IKEA Canada impacts 95,000 Customers

DDoS Attacks by Hacktivists Disrupted Russian Alcohol Supply Chain

Experts Uncover New Espionage Attacks by Chinese 'Mustang Panda' Hackers

From 'rug pulls' to counterfeits, here are the biggest scams in the NFT space

Hackers Using PrivateLoader PPI Service to Distribute New NetDooka Malware

How AI Can Save The Day

IKEA Canada hit by internal data breach

India Orders VPN Companies to Log & Hand Over User Data

Landmark amendments to international cyber crime treaty set to be signed next week

Log4j, ProxyLogon Top 2021 Exploitable Vulnerabilities List

New Third-Party Risk Management (TPRM) study shows that organizations are not equipped to handle increasing third-party security incidents

NIST updates guidance for cybersecurity supply chain risk management

Norton finds deepfakes and crypto scams rising in Australia

Nothing personal: Training employees to identify a spear phishing attack

'Once they have access to your screen, they have complete control'. Watch out for these screen-sharing scams

Online frauds: Do not scan QR code to ‘receive’ the money

Password management needs a rethink

Potential Russian cyberattacks demonstrate the need for heightened security

QNAP fixes critical QVR remote command execution vulnerability

Researchers Warn of 'Raspberry Robin' Malware Spreading via External Drives

Responding To a Healthcare Ransomware Attack: A Step-By-Step Guide

Security researchers: Here's how the Lazarus hackers start their attacks

Social engineering, exfiltration and espionage activities by Chinese hackers unveiled

Travellers warned of British Airways scam emails that could infect computers

Ukrainians DDoS Russian Vodka Supply Chains

US agricultural machinery maker AGCO hit by ransomware attack

USB-based Wormable Malware Targets Windows Installer

Voyager, Amazon, Costco, Walmart, and Louis Vuitton — Top Phishing Scams of the Week

What A Cybersecurity Shift-Left Means For SaaS Companies And Their Customers

What Are Dark Web Search Engines and How to Find Them?

What are the most expensive cyber attacks of all time?

What SMBs are getting wrong about cyber security

When it comes to security, is IoT the new OT?

Which Country Has the Most Cybercrime Per Capita? It's Not the US

Why it's so hard to protect the Texas power grid

Wind turbine maker Nordex delays Q1 financial report after cyber attack

05/05 - WORLD PASSWORD DAY !!

7 threat detection challenges CISOs face and what they can do about it

$43 billion stolen through Business Email Compromise since 2016, reports FBI

71% of Nigerian Organisations Suffered Ransomware Attacks in 2021

Australia: New South Wales transport authority suffers second network attack

Benefit Recovery Specialists Data Breach Class Action Settlement

Beware Facebook users, don't fall for this devious phishing scam

China-linked APT Caught Pilfering Treasure Trove of IP

Chinese APT group Mustang Panda targets European and Russian organizations

Chinese hackers have been running riot on unsecured Windows devices

CIA Wants Russians to Share Secret Info with the Agency via its Darknet Site

CISA urges F5 users to address ‘critical’ vulnerability in BIG-IP software

Cloudflare Successfully Thwarted One of The Largest DDoS Attacks

Coles issues urgent warning about an email scam encouraging shoppers to fill out a survey for an 'exclusive reward'

Critical F5 BIG-IP flaw allows device takeover, patch ASAP! (CVE-2022-1388)

Cybersecurity Without Automation Is A Losing Game

Decade-old bugs discovered in Avast, AVG antivirus software

Education Sector Continues to Get Hit with Ransomware Attacks

Exploring Challenges, Benefits of Cyber Insurance in Healthcare

F5 Warns of Critical Bug Allowing Remote Code Execution in BIG-IP Systems

FBI: Email fraud keeps getting worse. Here's how to protect yourself

FBI: Thailand and Hong Kong Banks Used Most in BEC

FBI warns workers to beware of BEC scams that have stolen $43 billion in five years

Federal Court finds RI Advice failed to manage cybersecurity risks in landmark decision

Four Data Privacy Missteps to Avoid in 2022 and Beyond

Google, Apple, Microsoft Commit to Eliminating Passwords

Google, Apple, Microsoft make a new commitment for a "passwordless future"

Google fixes actively exploited Android kernel vulnerability

Google to Add Passwordless Authentication Support to Android and Chrome

Heroku admits that customer credentials were stolen in cyberattack

Heroku Forces User Password Resets Following GitHub OAuth Token Theft

How Ransomware Complacency Could Cost Your Company

Illuminate Data Breach Impacts More School Districts

In the Event of a Cyberattack, Secure Your Data First

India to Collect User Data from VPNs, Data Centers, and Cloud Service Providers

Internal data breach discovered at Ikea Canada impacts 95,000 Canadians

It's World Password Day! Here's the one simple tip you need to keep your accounts secure online

Ledger Breach Leaves Shopify Facing Another Crypto-Focused Class Action

Leveraging ‘zero trust’ and ‘remote access’ strategies to mitigate ransomware risks

Microsoft, Apple, and Google to support FIDO passwordless logins

National Cyber Security Centre (NCSC) calls on tech firms to tackle rogue apps, but has the ‘horse already bolted’?

National Institute of Standards and Technology (NIST) Releases Updated Cybersecurity Guidance for Managing Supply Chain Risks

NIST Updates Cybersecurity Guidance for Supply Chain Risk Management

New fraud emails plague verified accounts on Twitter, user accounts may be in danger

New NetDooka malware spreads via poisoned search results

NHS Inboxes Hijacked to Send 1000+ Malicious Emails

Passwords aren't going away any time soon

Please stop giving bad password advice

Ransomware attack: “BlackByte” hacks Swiss logistics group

Ransomware Payments: Just 46% of Victims Now Pay a Ransom

Ransomware researchers are being targeted by the criminals they track

Serious Snipe-IT bug exploitable to send password reset email traps

Tackling the threats posed by shadow IT

Telenor warns customers in Norway of new scam

Terrifying ransomware threat ‘a cat-and-mouse game’

The 10 largest data breaches ever reported in healthcare

The Importance of Defining Secure Code

This Study Shows How Woefully Underprepared Small Businesses Are for Ransomware Attacks

Thousands of Borrowers' Data Exposed from ENCollect Debt Collection Service

Top 10 Cybersecurity Challenges in the Healthcare Industry

Top Ransomware Attack Targets: Telecom Leapfrogs Healthcare

Trinidad & Tobago under attack

UNC3524: The nearly invisible cyberespionage threat sitting on network appliances

Upstart NFT Drops Scam Alert: Bored Ape Yacht Club & Moonbirds

US data compromises affected over 20 million people in Q1 2022

VHD Ransomware Linked to North Korea’s Lazarus Group

Wandering the dark web: What hackers can do with your data

WannaCry showed the world how not to write ransomware

White House: Quantum computers could crack encryption, so here's what we need to do

Why You Should Care About World Password Day

Will FIDO Replace OTP Multi-Factor Authentication?

04/05

3 Orgs Fall Victim to Separate Phishing, Email Security Incidents

A checklist to help healthcare organizations respond to a serious cyberattack

Anonymous Leak 82GB of Police Emails Against Australia’s Offshore Detention

Ape-themed airdrop phishing scams are on the rise, experts warn

Attackers Use Event Logs to Hide Fileless Malware

Australian state transport agency hit by cyber attack

Business Email Compromise (BEC) Attacks Explained: Are You at Risk?

Chinese Hackers Caught Stealing Intellectual Property from Multinational Companies

Chinese hackers perform 'rarely seen' Windows mechanism abuse in three-year campaign

Coca-Cola at center of new Stormous hacking claims

Critical RCE Bug Reported in dotCMS Content Management Software

Cybersecurity continues to be a top priority in Canada

Ethiopia ‘foils’ cyber-attack on Nile dam, financial institutions

FBI says business email compromise is a $43 billion scam

Good end user passwords begin with a well-enforced password policy

Google Assistant can now automatically change your stolen passwords

Graham and Brown targeted in 'brutal' cyber attack

Hackers stole data undetected from US, European orgs since 2019

Healthcare and Education Sectors Most Susceptible to Cyber Incidents

Heroku to begin user password reset almost a month after GitHub OAuth token theft

HHS Information Security Program 'Not Effective'

How to enhance your cyber defense program with CIS SecureSuite

Hundreds of students affected by data breach at University of Essex

India faced over 18 million cyber threats in Q1 2022: Norton

Insurance Companies Start Refusing to Ransom Coverage As Average Amounts Demanded Cross $800,000

Kubernetes taps Sigstore to thwart open-source software supply chain attacks

Less than one-third of APAC organisations publicly reveal ransomware attacks

Mozilla privacy survey finds mental health and prayer apps fail privacy test pretty spectacularly

National Cyber Security Centre (NCSC) Updates Code of Practice for Smart Building Security

New Ransomware Variant Linked to North Korean Cyber Army

NIMHANS files complaint over a month after ransomware attack

Overcoming the data breach requires security practices with purpose

Phishers taking advantage of Gmail’s SMTP relay service to impersonate brands

Pro-Ukraine hackers use Docker images to DDoS Russian sites

Protect Users and Networks from Malware Hidden in Images and Attached Files

Quantum computing and risk to data security for enterprises

Rhode Island Public Transit Authority (RIPTA) releases note from hackers in ransomware attack

Russian cyber attack targeting Bulgarian post

Salusive Health Shuts Doors, Provides Data Breach Notification

Securities and Exchange Commission (SEC) Doubles Cyber and Crypto Assets Team

Securities and Exchange Commission (SEC) nearly doubles size of crypto and cyber enforcement unit

Security and compliance rank as the top challenges for deploying cloud-native apps

Self-promotion in cybersecurity: Why you should do it, and how

South Africa ranked 6th country most affected by cybercrime, research finds

State Bar of Georgia reels from cyber-attack

Stealthy APT group plunders very specific corporate email accounts

Texas power grid under constant Russian cyber threats while also facing peak demand as temps rise

The 6 steps to a successful cyber defense

The Rise Of Web3: What Cybersecurity Concerns Should We Look Out For?

This sneaky hacking group hid inside networks for 18 months without being detected

This unpatched DNS bug could put 'well-known' IoT devices at risk

Transport for NSW struck by cyber attack

Twitter Blue Badge Phishing Scams Are Targeting Verified Accounts

Ukraine cyberthreat activity ramps up against critical infrastructure, governments

Unpatched DNS Bug Puts Millions of Routers, IoT Devices at Risk

Vulnerabilities Allow Hijacking of Most Ransomware to Prevent File Encryption

What is Cyber Insurance and Does Your Small Business Need It?

World Password Day 2022 – Password Tips and Best Practices

03/05

A DNS flaw impacts a library used by millions of IoT devices

A Romanian, involved in the Russian cyber attacks of the last days on some Romanian sites has been arrested by UK police

Alleged docket dumping probed (South African Police Service)

Aruba and Avaya network switches are vulnerable to RCE attacks

Car Rental Giant Sixt Hit by Cyber-Attack

China-linked Moshen Dragon abuses security software to sideload malware

CMS-based sites under attack: The latest threats and trends

Critical TLStorm 2.0 Bugs Affect Widely-Used Aruba and Avaya Network Switches

Dell Service Automates Recovery in Event of Cyberattack

Discover your public cloud exposure with Recon.Cloud

Excellus Health Plan Settles Data Breach Suit With Policyholders

Experts Analyze Conti and Hive Ransomware Gangs' Chats With Their Victims

Five Security Lessons From the Lapsus$ Attacks

Former eBay Exec Pleads Guilty to Cyber Stalking

Google: Chinese state hackers keep targeting Russian govt agencies

Hackers used the Log4j flaw to gain access before moving across a company's network, say security researchers

Here's how hackers used the Log4j flaw to gain access before moving across a company's network

How to implement a best-in-class SASE architecture

Internal chats of ransomware cybercriminals reveal ways to avoid becoming a victim

Learn ethical hacking from a certified instructor with this affordable training

Mental Health and Prayer Apps Fail the Privacy Test

Microsoft PowerShell lets you track Windows Registry changes

Motorola Creates Hub for Sharing Cyberthreat Intelligence

Nobody Knows Where the Red Line Is for Cyberwarfare

North Carolina Becomes First State to Prohibit Public Entities from Paying Ransoms

NortonLifeLock Willfully Infringed Malware Patents

Open-source security: It's too easy to upload 'devastating' malicious packages, warns Google

Package Analysis dynamic analyzes packages in open-source repositories

Password tips to keep your accounts safe

Phishers exploit Google’s SMTP Relay service to deliver spoofed emails

Ponzi Scheme Suspect Deported to China After $36m Bust

Ransomware Attack Closes Michigan College

REvil ransomware returns: New malware sample confirms gang is back

RSAC Innovation Sandbox Contest finalists announced

Security is a pain for American Dental Association: Ransomware infection feared

Spanish Govt. Hacked by NSO Pegasus Spyware (or was it?)

State Bar of Georgia investigating cyberattack

Think Like an Attacker: How to Add Security Into API and App Development

TLStorm 2.0: Critical bugs in widely-used Aruba, Avaya network switches

UNC3524 APT uses IP cameras to deploy backdoors and target Exchange

Unpatched DNS bug affects millions of routers and IoT devices

U.S. DoD tricked into paying $23.5 million to phishing actor

What Developers Need to Know About the Strategy of Security

02/05

55% of people rely on their memory to manage passwords

Ataque hacker atinge empresa que trabalhava para o BC

Australia Post scam joins AusPost SMS, how to tell

Bad Actors Are Maximizing Remote Everything

Bored Ape Yacht Club (BAYC) Experiences Phishing Attack: Hackers Targeted Their Instagram Account

Californian Phished $23.5m from Department of Defense (DoD)

Car rental giant Sixt facing disruptions due to a cyberattack

Chinese "Override Panda" Hackers Resurface With New Espionage Attacks

Cyberattacks could affect planting season

Cybersecurity a crucial component of blockchain ecosystem: CEO of QuillAudits

Cyberspies use IP cameras to deploy backdoors, steal Exchange emails

Don’t panic! (Almost) everything you need to know about cyber risks, resilience and responsibilities

Google SMTP relay service abused for sending phishing emails

Hacker ético lança plataforma de cursos com foco em tecnologia

Hacker invade site do governo de Goiás e ironiza: 'Abraço para a TI'

How Log4j Reshaped Cloud Security Thinking

How ransomware shut down an English council

How to avoid security blind spots when logging and monitoring

India mandates data breach notification within six hours

Indian education sector biggest target of cyber threats, remote learning among key triggers: Report

Kellogg Community College in Kalamazoo Victim of Ransomware Attack; Classes Cancelled

Making Zero Trust security a frictionless experience for the users

Mozilla finds mental health apps fail 'spectacularly' at user security, data policies

New 'Bumblebee' Malware Loader Used by Several Cybercrime Groups

New OWASP Top 10: Beware of Poor Security Practices

Otherside Phishing Scams Successfully Steal Blue-Chip NFTs

Ransomware Study 2022: attacks are up, ransom payments are increasing

Romania under cyberattack coming from Russia's Killnet

Russian Hackers Targeting Diplomatic Entities in Europe, Americas, and Asia

Site do Governo de Goiás é hackeado. “Abraço pro TI”, escreveu hacker

Solve the Machine Identity Crisis

Spain’s Prime Minister mobile phone infected by Pegasus spyware

The Art Of Phishing: Bait The Hook, Sit And Wait

U.S. Department of Defense (DoD) tricked into paying $23.5 million to phishing actor

What You Don’t Know About Cyber Insurance Can Cost You

01/05

Austin Peay students feel effects of ransomware attack during final exams

Bangladesh CIRT warns of possible cyber-attack during Eid

Carteira de criptomoedas tem backdoor de famoso grupo hacker, cuidado

Creating protection from cyber attacks in a virtual world

Cyberwar Is a Two-Way Street for Russia

DeFi Exploits Continue to Plague Industry as Saddle Finance Hack Sees $10M Stolen

Hacking Russia was off-limits, but the Ukraine war made it a free-for-all

Hampshire police warn of Gmail phishing scam about vouchers

Here's a New Tool That Scans Open-Source Repositories for Malicious Packages

How Hackers Get Your Passwords & How to Defend Yourself

Indian education sector biggest target of cyber threats

Intel Report States FBI Conducted Nearly 2 Million Searches of Us Data Related to Cyberattacks in 2021

Na guerra, se proteger de ataque hacker também é uma forma de salvar vidas

NB65 Hackers Reportedly Stole Credit Card Data of QIWI Clients

Open source 'Package Analysis' tool finds malicious npm, PyPI packages

Phishing Sites Steal $6 Million From Bored Ape NFT Fans

Random Text Messages May Be Phishing Scams or Worse

Ransomware attack shuts down Kellogg Community College

REvil ransomware returns: New malware sample confirms gang is back

Russian hackers compromise embassy emails to target governments

Trinidad and Tobago: Held to ransom by cyber attacks

Trinidad and Tobago: Ministry of National Security warns of increase malicious cyber-activity

Vladimir Putin's army of saboteurs to 'sow chaos and panic' in UK, expert warns

Why Email Security Is an Asset for Every Business

NEWS: Abril (24/04 - 30/04) - 17 Semana de 2022