NEWS: Abril (04/04 - 10/04) - 14 Semana de 2021

10/04

Addressing common concerns about password managers - KTAR News

After Data Breach Exposes 530 Million, Facebook Says It Will Not Notify Users - Wabe

Android malware found embedded in APKPure store application - Bleeping Computer

Credit Suisse sues to find who sent damaging email in CEO’s name - Free Malaysia Today

Facebook allowed advertisement of a fake ‘Clubhouse for PC' program that was injecting malware - Digital Information World

Google sees new trick in renewed North Korea cyber attacks - Fox News

Hacker Sells 4.8 Million Records Allegedly of ‘Paxful.com’ User and Employee Data - TechNadu

Hackers take over popular restaurant's Instagram; has major impact on business - Action News Now

‘HelloMobile’ App Exposed User Data to Anyone Who Entered Their Number - TechNadu

Here are three simple approaches to keep your WhatsApp chat secure - Tech Story

HSBC scam warning as Britons attacked by vicious ‘alert’ text message - be vigilant - Express

India Seeks US Help To Tackle Growing Chinese Cyber Threats — Reports - The Eurasian Times

Joker malware infects over 500,000 Huawei Android devices - Bleeping Computer

LinkedIn Faces Massive Data Breach; 500 Million Users’ Data Up for Sale - The Policy Times

Massachusetts car inspections may not be available until April 17 following cyber attack - Mass Live

Possible data breach involving 62,000 e-mails sent to Certis - The Straits Times

Ransomware attacks: Ansal fears data loss - The Hindu

Region of Durham falls victim to cyber attack - The Star

Scraped personal data of 1.3 million Clubhouse users has reportedly leaked online - Insider

UK Law Enforcement Prepares for a Rise in Cryptocurrency Scams - Coin Idol

University of Colorado (CU) Community Advised To ‘Not Respond’ To Hackers In Massive Data Breach - Denver CBS Local

WhatsApp... and the latest scams worrying people in Oxfordshire - Oxford Mail

Why You Should Never Use Google Chrome On Your iPhone, iPad Or Mac - National CyberSecurity News

09/04

Alert — There's A New Malware Out There Snatching Users' Passwords - The Hacker News

Attackers deliver legal threats, IcedID malware via contact forms - Bleeping Computer

Critical Zoom vulnerability triggers remote code execution without user input - ZDNet

Facebook Removes 16k Groups for Trading Fake Reviews - InfoSecurity

Hackers Hacked as Underground Carding Site is Breached - InfoSecurity

Hackers Tampered With APKPure Store to Distribute Malware Apps - The Hacker News

Having a cybersecurity training program in place isn’t enough to ensure cyber safety - Help Net Security

How global markets are adopting real-time payments - Help Net Security

Learning from Recent Insider Data Breaches - InfoSecurity

LifeLabs Launches Vulnerability Disclosure Program - InfoSecurity

Most organizations have already migrated to a cloud VPN - Help Net Security

Nation-state cyber attacks targeting businesses are on the rise - ZDNet

NCSC: Large Number of Brits Are Using Easily Guessable Passwords - InfoSecurity

Remote work: One of the legacies of the pandemic - Help Net Security

These are the terrible passwords that people are still using. Here's how to do better - ZDNet

UK Firms Suffer Record Number of Cyber-Attacks in Q1 - InfoSecurity

US arrests suspect who wanted to blow up AWS data center - The Record

US Jails Cyber-stalker Who Targeted Attack Survivor - InfoSecurity

Zerodium triples WordPress remote code execution exploit payout - Bleeping Computer

Zerodium will pay $300K for WordPress RCE exploits - Security Affairs

Washington State educational organizations targeted in cryptojacking spree - ZDNet

World's largest pathologists association discloses credit card incident - Bleeping Computer

08/04

68% of construction executives have no cybersecurity measures in place - Help Net Security

A rush to remote working leaving businesses vulnerable to cybercriminals - Help Net Security

Belden says health benefits data stolen in 2020 cyberattack - Bleeping Computer

Businesses shifting to remote work need to focus on securing endpoint devices - Help Net Security

Cisco fixed multiple flaws in SD-WAN vManage Software, including a critical RCE - Security Affairs

Cloud-native watering hole attack: Simple and potentially devastating - Help Net Security

Cybercriminals are using Telegram bots, Google Forms to gather stolen user data - Help Net Security

Facebook tackles deepfake spread and troll farms in latest moderation push - ZDNet

Financial organizations struggling to secure data in the cloud - Help Net Security

Fraudulent purchase attempts value increased 69% in 2020 - Help Net Security

Hackers Exploit Unpatched VPNs to Install Ransomware on Industrial Targets - The Hacker News

Italian man arrested after allegedly paying hitman in cryptocurrency - ZDNet

Man arrested after hired a hitman on the dark web - Security Affairs

Microsoft Office 365 phishing evades detection with HTML Lego pieces - Bleeping Computer

Microsoft releases a cyberattack simulator - Shall we play a game? - Bleeping Computer

New Android Malware Spreading via WhatsApp Auto-Replies - TechNadu

NIST and HIPAA: Is There a Password Connection? - The Hacker News

North Korean hackers use new Vyveva malware to attack freighters - Bleeping Computer

Previously Unknown Lazarus Backdoor ‘Vyveva’ Spotted in the Wild - TechNadu

Pwn2Own 2021 Day 2 – experts earned $200K for a zero-interaction Zoom exploit - Security Affairs

Ransomware crooks are targeting vulnerable VPN devices in their attacks - ZDNet

Researchers uncover a new Iranian malware used in recent cyberattacks - The Hacker News

Scraped data of 500 million LinkedIn users being sold online, 2 million records leaked as proof - Security Affairs

Swarmshop – What goes around comes around: hackers leak other hackers’ data online - Security Affairs

Tech support scammers lure victims with fake antivirus billing emails - Bleeping Computer

User database was also hacked in the recent hack of PHP ‘s Git Server - Security Affairs

Vazamento expõe 1,7 TB de dados dos clientes da fintech brasileira iugu - Canal Tech

Vulnerable Fortigate VPN Servers Now Targeted by the ‘Cring’ Ransomware - TechNadu

Vyveva: Lazarus hacking group’s latest weapon strikes South African freight - ZDNet

Why do phishing attacks work? Blame the humans, not the technology - ZDNet

Windows 10 hacked again at Pwn2Own, Chrome and Zoom also fall - Bleeping Computer

07/04

11 Useful Security Tips for Securing Your AWS Environment - The Hacker News

Android malware infects wannabe Netflix thieves via WhatsApp - Bleeping Computer

Android to Support Rust Programming Language to Prevent Memory Flaws - The Hacker News

Apple looking to close the gap between web and app privacy - ZDNet

Critical Auth Bypass Bug Found in VMware Data Center Security Product - The Hacker News

Data of 553m Facebook users dumped online: how to see if you are impacted - ZDNet

Facebook attributes 533 million users' data leak to "scraping" not hacking - Bleeping Computer

Gigaset Android phones infected by malware via hacked update server - Bleeping Computer

Google Forms and Telegram abused to collect phished credentials - Bleeping Computer

IT security budgets to increase over the next 12 months - Help Net Security

Man jailed for trying to buy chemical weapon online able to kill ‘hundreds’ of people - ZDNet

Massive increase in endpoint attacks, rising rate of encrypted malware and new exploits targeting IoT - Help Net Security

Microsoft's Windows 10, Exchange, and Teams hacked at Pwn2Own - Bleeping Computer

New Cring ransomware deployed targeting unpatched Fortinet VPN devices - Security Affairs

New wormable Android malware poses as Netflix to hijack WhatsApp sessions - ZDNet

Not all eSignature solutions are necessarily right for business - Help Net Security

People are the weakest link in data breaches, but can they be held accountable? - Help Net Security

PHP Site's User Database Was Hacked In Recent Source Code Backdoor Attack - The Hacker News

Pwn2Own 2021 Day 1 – participants earned more than $500k - Security Affairs

SAP applications are getting compromised by skilled attackers - Help Net Security

Vulnerabilities in ICS-specific backup solution open industrial facilities to attack - Help Net Security

WhatsApp-based wormable Android malware spotted on the Google Play Store - The Hacker News

06/04

58% of IT and security pros concerned about security in the cloud - Help Net Security

99% of security pros concerned about their IoT and IIoT security - Help Net Security

Data scraped from 500 million LinkedIn users found for sale online - Tech Republic

European Commission, other EU orgs recently hit by cyber-attack - Bleeping Computer

FBI, CISA warn Fortinet FortiOS vulnerabilities are being actively exploited - ZDNet

Hacker sells $38M worth of gift cards from thousands of shops - Bleeping Computer

Have I Been Pwned adds search for leaked Facebook phone numbers - Bleeping Computer

Industries critical to COVID-19 response suffer surge in cloud cyberattacks - ZDNet

Meet Janeleiro: a new banking Trojan striking company, government targets - ZDNet

MindAPI makes API security research and testing easier - Help Net Security

Okta releases new starter plan for developers with free support for up to 15k monthly users - ZDNet

PWN2OWN 2021 - Schedule and Live Results - Zero Day Initiative

Ransomware hits TU Dublin and National College of Ireland - Bleeping Computer

SAP issues advisory on the exploit of old vulnerabilities to target enterprise applications - ZDNet

Zero Trust creator talks about implementation, misconceptions, strategy - Help Net Security

Windows XP makes ransomware gangs work harder for their money - Bleeping Computer

05/04

8 Instagram scams and how to avoid them - ITP Net

Accellion Vulnerabilities, Cyberattacks and Victims: Customer List and Status Updates - MSSP Alerts

Adult content from hundreds of OnlyFans creators leaked online - Bleeping Computer

As online fraud rises, 72% of retail brands expect to grow fraud teams - Help Net Security

Billions of records of an online trading broker leaked - Digital Journal

Black Kingdom Ransomware Jumps on the Exchange Express - Security Boulevard

Booking.com fined €475,000 over delay in reporting a breach - Teiss Cyber Brief

Canadian hardware store chain gets slammed by ransomware attack - Insurance Business Canada

Cyber Insurance Firm Suffers Sophisticated Ransomware Cyber Attack; Data Obtained May Help Hackers Better Target Firm’s Customers - CPO Magazine

Cybersecurity State Power Struggles - InfoSecurity

Data of Half a Billion Facebook Users Leaked - InfoSecurity

Employment Network ‘e2i’ Leaked Personal Data of 30,000 People - TechNadu

Encryption is either secure or it’s not – there is no middle ground - Help Net Security

Everything You Need to Know About the Facebook Data Breach - How To Geek

Facebook leak exposes personal info on 533m users - Boing Boing

Firmware attacks, a grey area in cybersecurity of organizations - Security Affairs

Hackers exploiting critical vulnerabilities in Fortinet VPN – FBI-CISA - HackRead

How to Check If You Were Exposed in the Facebook Data Leak - TechNadu

HowTo: Implement Zero-Trust into IoT Security - InfoSecurity

It's When Not If with Ransomware: How Agencies Can Prepare - NextGOV

Key Cypriot Infrastructure Under Attack by Turkish Hackers - TechNadu

Most applications today are deployed with vulnerabilities, and many are never patched - TechRepublic

Network Monitoring: The Forgotten Cybersecurity Tool - Security Boulevard

Number of eSIMs installed in connected devices to reach 3.4B in 2025 - Help Net Security

Personal data of 30,000 users of NTUC's e2i training and job matching services may have been breached - The Straits Times

Ransomware: A company paid millions to get their data back, but forgot to do one thing. So the hackers came back again - ZDNet

Russia Announces the Extension of Twitter’s Purposeful Throttling - TechNadu

Securing Dev Environments is Security Leaders’ Top Concern - Security Boulevard

Stanford, UC warn of major data breach - Security Infowatch

The impact of the CCPA on companies’ privacy practices - Help Net Security

Ubiquiti's Breach Notification: The 'No Evidence' Hedge - Bank Info Security

Universities Affected by IT Security Company Data Breach - Inside Higher ED

We must crush digital misinformation before it destroys society - Help Net Security

04/04

4 million Israelis caught up in Facebook users' data breach - YNet News

Cyber attack on Scottish Environment Protection Agency costs taxpayer £800,000 - The Sunday Post

Cyber threats frustrate banks’ digital efforts - Gulf Business

Data breach impacts patient information at one of the largest US fertility networks - Gruntstuff

Facebook data of 500M+ users from 106 countries leaked online - HackRead

Facebook data on 533 million users posted online - ZDNet

How Do Data Breaches Happen? - TechStory

How to check if your info was exposed in the Facebook data leak - Bleeping Computer

Large school district in Florida deals with ransomware attack - Northwest Arkansas Democrat Gazette

Malware attack on Applus blocked vehicle inspections in some US states - Security Affairs

NOLS warns of scam - Peninsula Daily News

Police probe data breach at furniture retailer Vhive - The Straits Times

Sierra Wireless resumes production after ransomware attack - Bleeping Computer

Technology could make fighting COVID less restrictive but privacy will take a hit - ZDNet

Travel sector hit hardest by recent phishing attacks, reveals new report - The Moodie Davitt Report

University students, staff should be aware of IRS impersonation email scam - Salina Post

NEWS: Março-Abril (28/03 - 03/04) - 13 Semana de 2021