NEWS: Abril (01/05 - 07/05) - 18 Semana de 2022
Cyber Security and Information Security News - Daily Updates !!

07/05
Canada on high alert for ransomware attacks amid Russia’s invasion of Ukraine
Cryptocurrency related crimes decreased in 2020: Report
False-flag cyberattacks a red line for nation-states, says Mandiant boss
FBI: Business Email Compromise Scams Cost $43 billion
Hackers target NIMHANS, but data remains safe
One year on from the HSE cyber attack, could it happen again?
Protect yourself by using a strong and secure passwords
Ransomware: Fake Windows 10 Updates Might Get You In Trouble
Residents still feeling consequences of council cyber attack more than four months on
US offers $15 million reward for info on Conti ransomware gang
What Data Do VPNs Need to Send to the Indian Government?
06/05
5 hacks to keep your phone safe against viruses, malware, ransomware
69% of Philippines organizations experienced ransomware attacks in 2021
A Loan App, Morphed Obscene Images & Sextortion: A New Phishing Crime That Could Strip You of Money
A Year After Colonial Pipeline, Threat of Ransomware Attacks Looms
Action Fraud warn people about fake McAfee scam emails
AGCO Announces Ransomware Attack
As Ransomware Threats Mount, Focus Should be on Data-Centric Security
Attempted cyber-attack delays healthcare reimbursements in France
China-backed Winnti APT siphons reams of U.S. trade secrets in sprawling cyber-espionage attack
Customer Passwords are a Target for Cybercriminals: How to Address the Threat
Cyberespionage: New Mustang Panda campaign targets Europe
Data breach Discovered at IKEA Canada impacts 95,000 Customers
DDoS Attacks by Hacktivists Disrupted Russian Alcohol Supply Chain
Experts Uncover New Espionage Attacks by Chinese 'Mustang Panda' Hackers
From 'rug pulls' to counterfeits, here are the biggest scams in the NFT space
Hackers Using PrivateLoader PPI Service to Distribute New NetDooka Malware
IKEA Canada hit by internal data breach
India Orders VPN Companies to Log & Hand Over User Data
Landmark amendments to international cyber crime treaty set to be signed next week
Log4j, ProxyLogon Top 2021 Exploitable Vulnerabilities List
NIST updates guidance for cybersecurity supply chain risk management
Norton finds deepfakes and crypto scams rising in Australia
Nothing personal: Training employees to identify a spear phishing attack
Online frauds: Do not scan QR code to ‘receive’ the money
Password management needs a rethink
Potential Russian cyberattacks demonstrate the need for heightened security
QNAP fixes critical QVR remote command execution vulnerability
Researchers Warn of 'Raspberry Robin' Malware Spreading via External Drives
Responding To a Healthcare Ransomware Attack: A Step-By-Step Guide
Security researchers: Here's how the Lazarus hackers start their attacks
Social engineering, exfiltration and espionage activities by Chinese hackers unveiled
Travellers warned of British Airways scam emails that could infect computers
Ukrainians DDoS Russian Vodka Supply Chains
US agricultural machinery maker AGCO hit by ransomware attack
USB-based Wormable Malware Targets Windows Installer
Voyager, Amazon, Costco, Walmart, and Louis Vuitton — Top Phishing Scams of the Week
What A Cybersecurity Shift-Left Means For SaaS Companies And Their Customers
What Are Dark Web Search Engines and How to Find Them?
What are the most expensive cyber attacks of all time?
What SMBs are getting wrong about cyber security
When it comes to security, is IoT the new OT?
Which Country Has the Most Cybercrime Per Capita? It's Not the US
Why it's so hard to protect the Texas power grid
Wind turbine maker Nordex delays Q1 financial report after cyber attack
05/05 - WORLD PASSWORD DAY !!
7 threat detection challenges CISOs face and what they can do about it
$43 billion stolen through Business Email Compromise since 2016, reports FBI
71% of Nigerian Organisations Suffered Ransomware Attacks in 2021
Australia: New South Wales transport authority suffers second network attack
Benefit Recovery Specialists Data Breach Class Action Settlement
Beware Facebook users, don't fall for this devious phishing scam
China-linked APT Caught Pilfering Treasure Trove of IP
Chinese APT group Mustang Panda targets European and Russian organizations
Chinese hackers have been running riot on unsecured Windows devices
CIA Wants Russians to Share Secret Info with the Agency via its Darknet Site
CISA urges F5 users to address ‘critical’ vulnerability in BIG-IP software
Cloudflare Successfully Thwarted One of The Largest DDoS Attacks
Critical F5 BIG-IP flaw allows device takeover, patch ASAP! (CVE-2022-1388)
Cybersecurity Without Automation Is A Losing Game
Decade-old bugs discovered in Avast, AVG antivirus software
Education Sector Continues to Get Hit with Ransomware Attacks
Exploring Challenges, Benefits of Cyber Insurance in Healthcare
F5 Warns of Critical Bug Allowing Remote Code Execution in BIG-IP Systems
FBI: Email fraud keeps getting worse. Here's how to protect yourself
FBI: Thailand and Hong Kong Banks Used Most in BEC
FBI warns workers to beware of BEC scams that have stolen $43 billion in five years
Federal Court finds RI Advice failed to manage cybersecurity risks in landmark decision
Four Data Privacy Missteps to Avoid in 2022 and Beyond
Google, Apple, Microsoft Commit to Eliminating Passwords
Google, Apple, Microsoft make a new commitment for a "passwordless future"
Google fixes actively exploited Android kernel vulnerability
Google to Add Passwordless Authentication Support to Android and Chrome
Heroku admits that customer credentials were stolen in cyberattack
Heroku Forces User Password Resets Following GitHub OAuth Token Theft
How Ransomware Complacency Could Cost Your Company
Illuminate Data Breach Impacts More School Districts
In the Event of a Cyberattack, Secure Your Data First
India to Collect User Data from VPNs, Data Centers, and Cloud Service Providers
Internal data breach discovered at Ikea Canada impacts 95,000 Canadians
It's World Password Day! Here's the one simple tip you need to keep your accounts secure online
Ledger Breach Leaves Shopify Facing Another Crypto-Focused Class Action
Leveraging ‘zero trust’ and ‘remote access’ strategies to mitigate ransomware risks
Microsoft, Apple, and Google to support FIDO passwordless logins
NIST Updates Cybersecurity Guidance for Supply Chain Risk Management
New fraud emails plague verified accounts on Twitter, user accounts may be in danger
New NetDooka malware spreads via poisoned search results
NHS Inboxes Hijacked to Send 1000+ Malicious Emails
Passwords aren't going away any time soon
Please stop giving bad password advice
Ransomware attack: “BlackByte” hacks Swiss logistics group
Ransomware Payments: Just 46% of Victims Now Pay a Ransom
Ransomware researchers are being targeted by the criminals they track
Serious Snipe-IT bug exploitable to send password reset email traps
Tackling the threats posed by shadow IT
Telenor warns customers in Norway of new scam
Terrifying ransomware threat ‘a cat-and-mouse game’
The 10 largest data breaches ever reported in healthcare
The Importance of Defining Secure Code
This Study Shows How Woefully Underprepared Small Businesses Are for Ransomware Attacks
Thousands of Borrowers' Data Exposed from ENCollect Debt Collection Service
Top 10 Cybersecurity Challenges in the Healthcare Industry
Top Ransomware Attack Targets: Telecom Leapfrogs Healthcare
Trinidad & Tobago under attack
UNC3524: The nearly invisible cyberespionage threat sitting on network appliances
Upstart NFT Drops Scam Alert: Bored Ape Yacht Club & Moonbirds
US data compromises affected over 20 million people in Q1 2022
VHD Ransomware Linked to North Korea’s Lazarus Group
Wandering the dark web: What hackers can do with your data
WannaCry showed the world how not to write ransomware
White House: Quantum computers could crack encryption, so here's what we need to do
Why You Should Care About World Password Day
Will FIDO Replace OTP Multi-Factor Authentication?
04/05
3 Orgs Fall Victim to Separate Phishing, Email Security Incidents
A checklist to help healthcare organizations respond to a serious cyberattack
Anonymous Leak 82GB of Police Emails Against Australia’s Offshore Detention
Ape-themed airdrop phishing scams are on the rise, experts warn
Attackers Use Event Logs to Hide Fileless Malware
Australian state transport agency hit by cyber attack
Business Email Compromise (BEC) Attacks Explained: Are You at Risk?
Chinese Hackers Caught Stealing Intellectual Property from Multinational Companies
Chinese hackers perform 'rarely seen' Windows mechanism abuse in three-year campaign
Coca-Cola at center of new Stormous hacking claims
Critical RCE Bug Reported in dotCMS Content Management Software
Cybersecurity continues to be a top priority in Canada
Ethiopia ‘foils’ cyber-attack on Nile dam, financial institutions
FBI says business email compromise is a $43 billion scam
Good end user passwords begin with a well-enforced password policy
Google Assistant can now automatically change your stolen passwords
Graham and Brown targeted in 'brutal' cyber attack
Hackers stole data undetected from US, European orgs since 2019
Healthcare and Education Sectors Most Susceptible to Cyber Incidents
Heroku to begin user password reset almost a month after GitHub OAuth token theft
HHS Information Security Program 'Not Effective'
How to enhance your cyber defense program with CIS SecureSuite
Hundreds of students affected by data breach at University of Essex
India faced over 18 million cyber threats in Q1 2022: Norton
Insurance Companies Start Refusing to Ransom Coverage As Average Amounts Demanded Cross $800,000
Kubernetes taps Sigstore to thwart open-source software supply chain attacks
Less than one-third of APAC organisations publicly reveal ransomware attacks
Mozilla privacy survey finds mental health and prayer apps fail privacy test pretty spectacularly
National Cyber Security Centre (NCSC) Updates Code of Practice for Smart Building Security
New Ransomware Variant Linked to North Korean Cyber Army
NIMHANS files complaint over a month after ransomware attack
Overcoming the data breach requires security practices with purpose
Phishers taking advantage of Gmail’s SMTP relay service to impersonate brands
Pro-Ukraine hackers use Docker images to DDoS Russian sites
Protect Users and Networks from Malware Hidden in Images and Attached Files
Quantum computing and risk to data security for enterprises
Rhode Island Public Transit Authority (RIPTA) releases note from hackers in ransomware attack
Russian cyber attack targeting Bulgarian post
Salusive Health Shuts Doors, Provides Data Breach Notification
Securities and Exchange Commission (SEC) Doubles Cyber and Crypto Assets Team
Securities and Exchange Commission (SEC) nearly doubles size of crypto and cyber enforcement unit
Security and compliance rank as the top challenges for deploying cloud-native apps
Self-promotion in cybersecurity: Why you should do it, and how
South Africa ranked 6th country most affected by cybercrime, research finds
State Bar of Georgia reels from cyber-attack
Stealthy APT group plunders very specific corporate email accounts
Texas power grid under constant Russian cyber threats while also facing peak demand as temps rise
The 6 steps to a successful cyber defense
The Rise Of Web3: What Cybersecurity Concerns Should We Look Out For?
This sneaky hacking group hid inside networks for 18 months without being detected
This unpatched DNS bug could put 'well-known' IoT devices at risk
Transport for NSW struck by cyber attack
Twitter Blue Badge Phishing Scams Are Targeting Verified Accounts
Ukraine cyberthreat activity ramps up against critical infrastructure, governments
Unpatched DNS Bug Puts Millions of Routers, IoT Devices at Risk
Vulnerabilities Allow Hijacking of Most Ransomware to Prevent File Encryption
What is Cyber Insurance and Does Your Small Business Need It?
World Password Day 2022 – Password Tips and Best Practices
03/05
A DNS flaw impacts a library used by millions of IoT devices
Alleged docket dumping probed (South African Police Service)
Aruba and Avaya network switches are vulnerable to RCE attacks
Car Rental Giant Sixt Hit by Cyber-Attack
China-linked Moshen Dragon abuses security software to sideload malware
CMS-based sites under attack: The latest threats and trends
Critical TLStorm 2.0 Bugs Affect Widely-Used Aruba and Avaya Network Switches
Dell Service Automates Recovery in Event of Cyberattack
Discover your public cloud exposure with Recon.Cloud
Excellus Health Plan Settles Data Breach Suit With Policyholders
Experts Analyze Conti and Hive Ransomware Gangs' Chats With Their Victims
Five Security Lessons From the Lapsus$ Attacks
Former eBay Exec Pleads Guilty to Cyber Stalking
Google: Chinese state hackers keep targeting Russian govt agencies
Here's how hackers used the Log4j flaw to gain access before moving across a company's network
How to implement a best-in-class SASE architecture
Internal chats of ransomware cybercriminals reveal ways to avoid becoming a victim
Learn ethical hacking from a certified instructor with this affordable training
Mental Health and Prayer Apps Fail the Privacy Test
Microsoft PowerShell lets you track Windows Registry changes
Motorola Creates Hub for Sharing Cyberthreat Intelligence
Nobody Knows Where the Red Line Is for Cyberwarfare
North Carolina Becomes First State to Prohibit Public Entities from Paying Ransoms
NortonLifeLock Willfully Infringed Malware Patents
Open-source security: It's too easy to upload 'devastating' malicious packages, warns Google
Package Analysis dynamic analyzes packages in open-source repositories
Password tips to keep your accounts safe
Phishers exploit Google’s SMTP Relay service to deliver spoofed emails
Ponzi Scheme Suspect Deported to China After $36m Bust
Ransomware Attack Closes Michigan College
REvil ransomware returns: New malware sample confirms gang is back
RSAC Innovation Sandbox Contest finalists announced
Security is a pain for American Dental Association: Ransomware infection feared
Spanish Govt. Hacked by NSO Pegasus Spyware (or was it?)
State Bar of Georgia investigating cyberattack
Think Like an Attacker: How to Add Security Into API and App Development
TLStorm 2.0: Critical bugs in widely-used Aruba, Avaya network switches
UNC3524 APT uses IP cameras to deploy backdoors and target Exchange
Unpatched DNS bug affects millions of routers and IoT devices
U.S. DoD tricked into paying $23.5 million to phishing actor
What Developers Need to Know About the Strategy of Security
02/05
55% of people rely on their memory to manage passwords
Ataque hacker atinge empresa que trabalhava para o BC
Australia Post scam joins AusPost SMS, how to tell
Bad Actors Are Maximizing Remote Everything
Bored Ape Yacht Club (BAYC) Experiences Phishing Attack: Hackers Targeted Their Instagram Account
Californian Phished $23.5m from Department of Defense (DoD)
Car rental giant Sixt facing disruptions due to a cyberattack
Chinese "Override Panda" Hackers Resurface With New Espionage Attacks
Cyberattacks could affect planting season
Cybersecurity a crucial component of blockchain ecosystem: CEO of QuillAudits
Cyberspies use IP cameras to deploy backdoors, steal Exchange emails
Don’t panic! (Almost) everything you need to know about cyber risks, resilience and responsibilities
Google SMTP relay service abused for sending phishing emails
Hacker ético lança plataforma de cursos com foco em tecnologia
Hacker invade site do governo de Goiás e ironiza: 'Abraço para a TI'
How Log4j Reshaped Cloud Security Thinking
How ransomware shut down an English council
How to avoid security blind spots when logging and monitoring
India mandates data breach notification within six hours
Indian education sector biggest target of cyber threats, remote learning among key triggers: Report
Kellogg Community College in Kalamazoo Victim of Ransomware Attack; Classes Cancelled
Making Zero Trust security a frictionless experience for the users
Mozilla finds mental health apps fail 'spectacularly' at user security, data policies
New 'Bumblebee' Malware Loader Used by Several Cybercrime Groups
New OWASP Top 10: Beware of Poor Security Practices
Otherside Phishing Scams Successfully Steal Blue-Chip NFTs
Ransomware Study 2022: attacks are up, ransom payments are increasing
Romania under cyberattack coming from Russia's Killnet
Russian Hackers Targeting Diplomatic Entities in Europe, Americas, and Asia
Site do Governo de Goiás é hackeado. “Abraço pro TI”, escreveu hacker
Solve the Machine Identity Crisis
Spain’s Prime Minister mobile phone infected by Pegasus spyware
The Art Of Phishing: Bait The Hook, Sit And Wait
U.S. Department of Defense (DoD) tricked into paying $23.5 million to phishing actor
What You Don’t Know About Cyber Insurance Can Cost You
01/05
Austin Peay students feel effects of ransomware attack during final exams
Bangladesh CIRT warns of possible cyber-attack during Eid
Carteira de criptomoedas tem backdoor de famoso grupo hacker, cuidado
Creating protection from cyber attacks in a virtual world
Cyberwar Is a Two-Way Street for Russia
DeFi Exploits Continue to Plague Industry as Saddle Finance Hack Sees $10M Stolen
Hacking Russia was off-limits, but the Ukraine war made it a free-for-all
Hampshire police warn of Gmail phishing scam about vouchers
Here's a New Tool That Scans Open-Source Repositories for Malicious Packages
How Hackers Get Your Passwords & How to Defend Yourself
Indian education sector biggest target of cyber threats
Na guerra, se proteger de ataque hacker também é uma forma de salvar vidas
NB65 Hackers Reportedly Stole Credit Card Data of QIWI Clients
Open source 'Package Analysis' tool finds malicious npm, PyPI packages
Phishing Sites Steal $6 Million From Bored Ape NFT Fans
Random Text Messages May Be Phishing Scams or Worse
Ransomware attack shuts down Kellogg Community College
REvil ransomware returns: New malware sample confirms gang is back
Russian hackers compromise embassy emails to target governments
Trinidad and Tobago: Held to ransom by cyber attacks
Trinidad and Tobago: Ministry of National Security warns of increase malicious cyber-activity
Vladimir Putin's army of saboteurs to 'sow chaos and panic' in UK, expert warns
Why Email Security Is an Asset for Every Business