NEWS: Abril (10/04 - 16/04) - 15 Semana de 2022

Cyber Security and Information Security News - Daily Updates !!

16/04

'Basic' spreadsheet error leads to more pain in Teaching Council privacy breach

California's privacy law was supposed to be a model. Then lobbyists got to work

Council tax rebate scam warning as fraudsters target £150 scheme

Estonia could become greater target for Russian cyber attacks

FBI Warns that Hackers Attack Users of Digital Payment Apps to Make Instant Money Transfers

Georgian National Bank warns consumers about phishing cases

GitHub: Hackers Stole OAuth Access Tokens to Target Dozens of Firms

Here's why your digital footprints are more than a privacy risk

Instagram warning: Don’t be fooled by Russian scam that’s trying to steal your account

Instagram's Free iPhone Promo is a Scam; Here's the Signs to Look Out For

Intelligence Bureau (IB), Central cyber security agencies to probe ransomware attack on Oil India

Latest Update for Google Chrome Fixes Actively Exploited 0-day Flaw

Lazarus Group Behind $540 Million Axie Infinity Crypto Hack and Attacks on Chemical Sector

Local municipality fights 'cyber security incident' after flood of spam emails

McDonald’s is Informing its Costa Rica Customers About a Data Breach

Mute Button of the Video Conferencing Apps May Not Be Working Like You Think It Does

New Industrial Spy stolen data market promoted through cracks, adware

Over 8 Million Customers Affected by Cash App Investing Security Breach

Police in Wales warn people to have their eyes open for this Easter scam

Summit County warns of phishing email masquerading as official government news

The US Just Tied This Massive Crypto Theft To North Korean Hackers

The workforce can be cyber heroes if given the chance

Web3 technology users face new and recycled security risks, study shows

What Are the Relative Benefits of Cybersecurity Automation?

Why Do Ransomware Attackers Use Bitcoin?

Why it is important to have a backup plan for cybersecurity breaches

15/04

4 reasons why you need cyber liability insurance in New Mexico

10 things CISOs need to know about zero trust

Advance your penetration testing skills by mastering Kali Linux (Help Net Security)

Analysis of the SunnyDay ransomware

Anonymous Targets Vladimir Putin, Claim To Have Hacked Into Kremlin’s Spy Satellite

Attack on Panasonic Canada Shows Conti is Still Dangerous

Attackers unleash LockBit ransomware on US government computers

Auth bypass flaw in Cisco Wireless LAN Controller Software allows device takeover

Banco Pan sofre ataque hacker e anuncia vazamento de dados

Banco PAN sofre ataque hacker e dados de milhares de clientes são copiados; confira como se proteger

Cisco vulnerability lets hackers craft their own login credentials

Clientes do Banco Pan tiveram seus dados vazados em ataque hacker

Confessions of a CTO

Critical Microsoft RPC runtime bug: No PoC exploit yet, but patch ASAP! (CVE-2022-26809)

Cryptocurrency DeFi platforms are now more targeted than ever

Cybercriminals do their homework for latest banking scam

Dark data is a pain point for many security leaders

Data Breach Alert: TransNational Bankcard, LLC

Do you know how much a data breach can cost you?

Em 18 meses, hackers violaram sistemas de tribunais no Brasil a cada 41 dias

Extortionist hacker group makes 2 attacks on Russian companies

Fake emails targeting Instagram accounts

FBI culpa hacker da Coreia do Norte por roubo R$ 3 bi em Axie Infinity

Genetec warns public sector to reduce cyber vulnerability of physical security systems

Getting to Zero-Trust Solution Design

Google fixed third zero-day in Chrome since the start of 2022

Gov’t Advisory Warns of Pipedream Malware Aimed at ICS

Growing Number of Contra Costa Community College District Email Accounts Compromised By Phishing Attack

Haskers Gang Gives Away ZingoStealer Malware to Other Cybercriminals for Free

Hetzner lost customer data and gave 20€ as compensation

Home Office’s visa service apologises for email address data breach

How Cryptocurrency Gave Birth to the Ransomware Epidemic

How to Design an Effective Cybersecurity Awareness Training Program for SMB Employees

Intelligence Bureau, Central cyber security agencies to probe ransomware attack on Oil India

IoT Device Discovery & Security: How Important Is It?

JekyllBot:5 Flaws Let Attackers Take Control of Aethon TUG Hospital Robots

Karakurt revealed as data extortion arm of Conti cybercrime syndicate

Learn How To Safe Your Data By Hackers

'Mute' button in conferencing apps may not actually mute your mic

North Korean hackers behind $600 million crypto heist – FBI; spying on South Korean chemical sector firms – Symantec

North Korean hackers target gamers in $615m crypto heist - US

North Korea Is Targeting Entire Crypto Space, Top VC Warns

North Korea's Lazarus cyber-gang caught 'spying' on chemical sector companies

PH execs assume they'll never be attacked by ransomware

Q1 Reported Data Compromises Up 14% Over 2021

Quick tips on how to make your home office secure

Ransomcloud: Ransomware's Latest Manifestation Targets the Cloud

Royal Spanish Football Federation loses confidential information to hackers

Scottish Power scam alert as cash prize fraud sent in texts

Security flaw in Rarible NFT platform allowed attackers to steal crypto assets

Spring4Shell Vulnerability Exploited To Spread Mirai Botnet Malware, According to Security Researchers

SuperCare Health Class Action Alleges Negligence Led to Breach of Medical Records

T-Mobile customers warned of unblockable SMS phishing attacks

The Irish Data Protection Commission Widens the Definition of “Personal Data Breach,” as Well as the Approach to Timely Notification

Understanding SASE and Zero-Trust to Strengthen Security

Unmanaged and unsecured digital identities are driving rise in cybersecurity debt

Urgent Team Holdings Reports Breach of the PHI of 166,600 Individuals

What is rogue software?

Ways to Develop a Cybersecurity Training Program for Employees

14/04

A robust security strategy starts with the hardware

APT group has developed custom-made tools for targeting ICS/SCADA devices

Attackers are exploiting VMware RCE to deliver malware (CVE-2022-22954)

Ballooning growth of digital identities exposing organizations to greater cybersecurity risk

Consumers feel data leakage is inevitable so many have stopped caring

Credit card industry standard revised to repel card-skimmer attacks

Data Breach Disclosures Surge 14% in Q1 2022

Don't Want Your Phone Carrier Selling Your Personal Data? You Can Tell It to Stop

Elementor Fixes Critical Bug in Popular WordPress Plugin

Extended cyber detection and response facing implementation challenges in APAC

FBI warns hackers have developed tools designed to 'gain full system access' to the sensitive computer systems used to operate energy facilities

Flaw in Rarible NFT market allowed theft of crypto assets

From criminal enterprise to big business: The evolution of ransomware reaches new, dangerous levels of sophistication

Hackers target Ukrainian govt with IcedID malware, Zimbra exploits

How to Stop Octo Malware From Remotely Accessing Your Android

Illinois' Lincoln College on brink of closure months after ransomware attack

Leaked documents show notorious ransomware group has an HR department, performance reviews and an ‘employee of the month’

Malware is Getting Better at Evading Security Software

Meet ZingoStealer: the Haskers Gang's new, free malware

Microsoft and Partners Disrupt Prolific ZLoader Botnet

Microsoft Disrupts ZLoader Cybercrime Botnet in Global Operation

More than 40% of SMBs surveyed have been hit with a cybersecurity breach

New EnemyBot DDoS Botnet Borrows Exploit Code from Mirai and Gafgyt

OldGremlin ransomware gang targets Russia with new malware

Over 8 Million Cash App Users Potentially Exposed in a Data Breach After a Former Employee Downloaded Customer Information

Ransomware: the number one cyber threat for enterprises and SMEs

Ransomware activity falls 25% in Q1 2022

Rarible NFT Marketplace Flaw Could've Let Attackers Hijack Crypto Wallets

Research reveals that IAM is too often permissive and misconfigured

Secrets To Recovering Your Cloud Environment Rapidly From Ransomware

Software Supply Chain Attacks: Clear and Present Danger

The perils of SaaS misconfigurations

The two words you should never forget when you’re securing a cloud

US warning: Hackers have built tools to attack these key industrial control systems

What is DNS filtering?

Wind turbine firm Nordex hit by Conti ransomware attack

13/04

5 Techniques to Fight Ransomware That MSSPs Can’t Ignore

70 GB of Globant Data Leaked, Hackers Claim it’s Customer Source Code

A New Form of Malware Imitates the Phone Call Interface of Banks to Trick Users into Handing Over User Data

African banks heavily targeted in RemcosRAT malware campaigns

Anonymous-affiliated hacking group which claimed it hacked Moscow’s space agency last month used Russia’s own ransomware against it

April Records First Patch Tuesday of 2022 with 100+ CVEs

Barracuda Networks changes hands with purchase by global investment firm KKR

Bet9ja’s hit by CYBER CRIMINALS, company assures customers data, funds are intact

Bosley Data Breach $500K Class Action Settlement

Capitalizing on a Crisis: What Global Events Mean for Cybersecurity

CISA adds 8 known security vulnerabilities as priorities to patch

Clueless hackers spent months inside a network and nobody noticed. Then a ransomware gang took over

Creating Security Operations That Stay Ahead of Risks

Critical flaw in Elementor WordPress plugin may affect 500k sites

Critical RCE Vulnerability in Elementor WordPress Plugin

Critical vulnerabilities uncovered in hospital robots

Crypto Dev Gets Five Years for Helping North Korea Evade Sanctions

Cybersecurity is getting harder: More threats, more complexity, fewer people

CyberCatch survey reveals 75% of SMBs say they would be able to survive only 3 to 7 days from ransomware attack

Data Breach Alert: Florida International University

Data Breach Alert: WellStar Health System

Data breach at MetroHealth affected some patient records

Data Breaches Up in First Quarter of 2022

Department of Homeland Security (DHS) investigators say they foiled cyberattack on undersea internet cable in Hawaii

Developer trends, zero-day risks, 5G speeds, and more: Tech research roundup

Enemybot: a new Mirai, Gafgyt hybrid botnet joins the scene

Entertainment & Media – The Next Big Cyber Attack Target?

Ermeneglido Zenga Files Notice of Recent Data Breach

FBI, Europol Seize RaidForums Hacker Forum and Arrest Admin

FBI, top officials, explain how to shield yourself from costly cyber attacks

Financial firms increasingly targeted by cybercriminals

Growing Attacks Underscore the Importance of API Security

Hacking, misinformation, abuse – Facebook on the frontlines of Ukraine info war

Home Office’s visa service apologises for email address data breach

Hospital robots face attack by hackers after critical security flaws found, experts warn

How to Optimize Data Security at Hotels

Identity Theft Resource Center Report: Data Breaches Increase; Victim Rates Drop in Q1 2022

Independent security audits are essential for cloud service providers. Here’s why

Instagram beyond pics: Sexual harassers, crypto crooks, ID thieves

Joint Alert Warns Advanced Hackers Have Developed Tool Targeting Industrial Control Systems

Keeping a lid on cyber insurance costs

Lack of data readiness threatens digital transformation in healthcare

Low awareness biggest cybersecurity challenge for 93% Indian cos: Report

Malware Developers Are Targeting These 10 2021 Security Bugs

March 2022 data breach roundup

Microsoft Exposes Evasive Chinese Tarrask Malware Attacking Windows Computers

Nearly half of small businesses say they’ve experienced a cyber breach

New EnemyBot DDoS botnet recruits routers and IoTs into its army

New Fodcha DDoS botnet targets over 100 victims every day

Oil India Limited (OIL) gets Rs 57 crore ransom demand from cyber attacker

Over 100 patches issued by Microsoft for April; two zero-days, one exploited

Patients increasingly suing hospitals over data breaches

PHI Potentially Accessed in Ballad Health Email Data Breach

Possible data breach at CitySprint driver portal

Ransomware attack affects OIL server, services affected severely

Ransomware Breach Victim Numbers Fall by 25% in Q1 2022

Russian Hackers Tried Attacking Ukraine's Power Grid with Industroyer2 Malware