NEWS: Abril (10/04 - 16/04) - 15 Semana de 2022
Cyber Security and Information Security News - Daily Updates !!

16/04
'Basic' spreadsheet error leads to more pain in Teaching Council privacy breach
California's privacy law was supposed to be a model. Then lobbyists got to work
Council tax rebate scam warning as fraudsters target £150 scheme
Estonia could become greater target for Russian cyber attacks
FBI Warns that Hackers Attack Users of Digital Payment Apps to Make Instant Money Transfers
Georgian National Bank warns consumers about phishing cases
GitHub: Hackers Stole OAuth Access Tokens to Target Dozens of Firms
Here's why your digital footprints are more than a privacy risk
Instagram warning: Don’t be fooled by Russian scam that’s trying to steal your account
Instagram's Free iPhone Promo is a Scam; Here's the Signs to Look Out For
Intelligence Bureau (IB), Central cyber security agencies to probe ransomware attack on Oil India
Latest Update for Google Chrome Fixes Actively Exploited 0-day Flaw
Lazarus Group Behind $540 Million Axie Infinity Crypto Hack and Attacks on Chemical Sector
Local municipality fights 'cyber security incident' after flood of spam emails
McDonald’s is Informing its Costa Rica Customers About a Data Breach
Mute Button of the Video Conferencing Apps May Not Be Working Like You Think It Does
New Industrial Spy stolen data market promoted through cracks, adware
Over 8 Million Customers Affected by Cash App Investing Security Breach
Police in Wales warn people to have their eyes open for this Easter scam
Summit County warns of phishing email masquerading as official government news
The US Just Tied This Massive Crypto Theft To North Korean Hackers
The workforce can be cyber heroes if given the chance
Web3 technology users face new and recycled security risks, study shows
What Are the Relative Benefits of Cybersecurity Automation?
Why Do Ransomware Attackers Use Bitcoin?
Why it is important to have a backup plan for cybersecurity breaches
15/04
4 reasons why you need cyber liability insurance in New Mexico
10 things CISOs need to know about zero trust
Advance your penetration testing skills by mastering Kali Linux (Help Net Security)
Analysis of the SunnyDay ransomware
Anonymous Targets Vladimir Putin, Claim To Have Hacked Into Kremlin’s Spy Satellite
Attack on Panasonic Canada Shows Conti is Still Dangerous
Attackers unleash LockBit ransomware on US government computers
Auth bypass flaw in Cisco Wireless LAN Controller Software allows device takeover
Banco Pan sofre ataque hacker e anuncia vazamento de dados
Banco PAN sofre ataque hacker e dados de milhares de clientes são copiados; confira como se proteger
Cisco vulnerability lets hackers craft their own login credentials
Clientes do Banco Pan tiveram seus dados vazados em ataque hacker
Critical Microsoft RPC runtime bug: No PoC exploit yet, but patch ASAP! (CVE-2022-26809)
Cryptocurrency DeFi platforms are now more targeted than ever
Cybercriminals do their homework for latest banking scam
Dark data is a pain point for many security leaders
Data Breach Alert: TransNational Bankcard, LLC
Do you know how much a data breach can cost you?
Em 18 meses, hackers violaram sistemas de tribunais no Brasil a cada 41 dias
Extortionist hacker group makes 2 attacks on Russian companies
Fake emails targeting Instagram accounts
FBI culpa hacker da Coreia do Norte por roubo R$ 3 bi em Axie Infinity
Genetec warns public sector to reduce cyber vulnerability of physical security systems
Getting to Zero-Trust Solution Design
Google fixed third zero-day in Chrome since the start of 2022
Gov’t Advisory Warns of Pipedream Malware Aimed at ICS
Haskers Gang Gives Away ZingoStealer Malware to Other Cybercriminals for Free
Hetzner lost customer data and gave 20€ as compensation
Home Office’s visa service apologises for email address data breach
How Cryptocurrency Gave Birth to the Ransomware Epidemic
How to Design an Effective Cybersecurity Awareness Training Program for SMB Employees
Intelligence Bureau, Central cyber security agencies to probe ransomware attack on Oil India
IoT Device Discovery & Security: How Important Is It?
JekyllBot:5 Flaws Let Attackers Take Control of Aethon TUG Hospital Robots
Karakurt revealed as data extortion arm of Conti cybercrime syndicate
Learn How To Safe Your Data By Hackers
'Mute' button in conferencing apps may not actually mute your mic
North Korean hackers target gamers in $615m crypto heist - US
North Korea Is Targeting Entire Crypto Space, Top VC Warns
North Korea's Lazarus cyber-gang caught 'spying' on chemical sector companies
PH execs assume they'll never be attacked by ransomware
Q1 Reported Data Compromises Up 14% Over 2021
Quick tips on how to make your home office secure
Ransomcloud: Ransomware's Latest Manifestation Targets the Cloud
Royal Spanish Football Federation loses confidential information to hackers
Scottish Power scam alert as cash prize fraud sent in texts
Security flaw in Rarible NFT platform allowed attackers to steal crypto assets
SuperCare Health Class Action Alleges Negligence Led to Breach of Medical Records
T-Mobile customers warned of unblockable SMS phishing attacks
Understanding SASE and Zero-Trust to Strengthen Security
Unmanaged and unsecured digital identities are driving rise in cybersecurity debt
Urgent Team Holdings Reports Breach of the PHI of 166,600 Individuals
Ways to Develop a Cybersecurity Training Program for Employees
14/04
A robust security strategy starts with the hardware
APT group has developed custom-made tools for targeting ICS/SCADA devices
Attackers are exploiting VMware RCE to deliver malware (CVE-2022-22954)
Ballooning growth of digital identities exposing organizations to greater cybersecurity risk
Consumers feel data leakage is inevitable so many have stopped caring
Credit card industry standard revised to repel card-skimmer attacks
Data Breach Disclosures Surge 14% in Q1 2022
Don't Want Your Phone Carrier Selling Your Personal Data? You Can Tell It to Stop
Elementor Fixes Critical Bug in Popular WordPress Plugin
Extended cyber detection and response facing implementation challenges in APAC
Flaw in Rarible NFT market allowed theft of crypto assets
Hackers target Ukrainian govt with IcedID malware, Zimbra exploits
How to Stop Octo Malware From Remotely Accessing Your Android
Illinois' Lincoln College on brink of closure months after ransomware attack
Malware is Getting Better at Evading Security Software
Meet ZingoStealer: the Haskers Gang's new, free malware
Microsoft and Partners Disrupt Prolific ZLoader Botnet
Microsoft Disrupts ZLoader Cybercrime Botnet in Global Operation
More than 40% of SMBs surveyed have been hit with a cybersecurity breach
New EnemyBot DDoS Botnet Borrows Exploit Code from Mirai and Gafgyt
OldGremlin ransomware gang targets Russia with new malware
Ransomware: the number one cyber threat for enterprises and SMEs
Ransomware activity falls 25% in Q1 2022
Rarible NFT Marketplace Flaw Could've Let Attackers Hijack Crypto Wallets
Research reveals that IAM is too often permissive and misconfigured
Secrets To Recovering Your Cloud Environment Rapidly From Ransomware
Software Supply Chain Attacks: Clear and Present Danger
The perils of SaaS misconfigurations
The two words you should never forget when you’re securing a cloud
US warning: Hackers have built tools to attack these key industrial control systems
Wind turbine firm Nordex hit by Conti ransomware attack
13/04
5 Techniques to Fight Ransomware That MSSPs Can’t Ignore
70 GB of Globant Data Leaked, Hackers Claim it’s Customer Source Code
African banks heavily targeted in RemcosRAT malware campaigns
April Records First Patch Tuesday of 2022 with 100+ CVEs
Barracuda Networks changes hands with purchase by global investment firm KKR
Bet9ja’s hit by CYBER CRIMINALS, company assures customers data, funds are intact
Bosley Data Breach $500K Class Action Settlement
Capitalizing on a Crisis: What Global Events Mean for Cybersecurity
CISA adds 8 known security vulnerabilities as priorities to patch
Clueless hackers spent months inside a network and nobody noticed. Then a ransomware gang took over
Creating Security Operations That Stay Ahead of Risks
Critical flaw in Elementor WordPress plugin may affect 500k sites
Critical RCE Vulnerability in Elementor WordPress Plugin
Critical vulnerabilities uncovered in hospital robots
Crypto Dev Gets Five Years for Helping North Korea Evade Sanctions
Cybersecurity is getting harder: More threats, more complexity, fewer people
Data Breach Alert: Florida International University
Data Breach Alert: WellStar Health System
Data breach at MetroHealth affected some patient records
Data Breaches Up in First Quarter of 2022
Developer trends, zero-day risks, 5G speeds, and more: Tech research roundup
Enemybot: a new Mirai, Gafgyt hybrid botnet joins the scene
Entertainment & Media – The Next Big Cyber Attack Target?
Ermeneglido Zenga Files Notice of Recent Data Breach
FBI, Europol Seize RaidForums Hacker Forum and Arrest Admin
FBI, top officials, explain how to shield yourself from costly cyber attacks
Financial firms increasingly targeted by cybercriminals
Growing Attacks Underscore the Importance of API Security
Hacking, misinformation, abuse – Facebook on the frontlines of Ukraine info war
Home Office’s visa service apologises for email address data breach
Hospital robots face attack by hackers after critical security flaws found, experts warn
How to Optimize Data Security at Hotels
Identity Theft Resource Center Report: Data Breaches Increase; Victim Rates Drop in Q1 2022
Independent security audits are essential for cloud service providers. Here’s why
Instagram beyond pics: Sexual harassers, crypto crooks, ID thieves
Joint Alert Warns Advanced Hackers Have Developed Tool Targeting Industrial Control Systems
Keeping a lid on cyber insurance costs
Lack of data readiness threatens digital transformation in healthcare
Low awareness biggest cybersecurity challenge for 93% Indian cos: Report
Malware Developers Are Targeting These 10 2021 Security Bugs
March 2022 data breach roundup
Microsoft Exposes Evasive Chinese Tarrask Malware Attacking Windows Computers
Nearly half of small businesses say they’ve experienced a cyber breach
New EnemyBot DDoS botnet recruits routers and IoTs into its army
New Fodcha DDoS botnet targets over 100 victims every day
Oil India Limited (OIL) gets Rs 57 crore ransom demand from cyber attacker
Over 100 patches issued by Microsoft for April; two zero-days, one exploited
Patients increasingly suing hospitals over data breaches
PHI Potentially Accessed in Ballad Health Email Data Breach
Possible data breach at CitySprint driver portal
Ransomware attack affects OIL server, services affected severely
Ransomware Breach Victim Numbers Fall by 25% in Q1 2022
Russian Hackers Tried Attacking Ukraine's Power Grid with Industroyer2 Malware
Solving challenges and minimizing risks of remote work
T-Mobile tried to buy stolen customer data back, but failed
The growing threat of phishing attacks on the mortgage industry
The intersection of cloud and ransomware calls for public sector to remain more diligent
The state of open source security in 2022
Ukraine Thwart Russian Industroyer 2 Malware Attack on Energy Provider
Ukrainian Energy Supplier Targeted by New Industroyer Malware
U.S. Warns of APT Hackers Targeting ICS/SCADA Systems with Specialized Malware
US warns of govt hackers targeting industrial control systems
Western Hackers Used Russia's Own Ransomware Against It In Cyberattack on Roscosmos: Report
Why quickly patching your iPhones and Macs is more important than ever
12/04
99% of cloud identities are overly permissive, opening door to attackers
500,000 Impacted by Email Breach at Illinois Healthcare Firm
Anonymous Hits 3 Russian Entities, Leaks 400 GB Worth of Emails
Backup gap means organisations continue to lose data
Bangladesh: Youth hacks 2,500 Facebook accounts
Best antivirus software (2022)
Consumers Increasingly Numb to Data Breach Risks
Conti ransomware attack on UK’s largest Ford dealer TrustFord
Critical HP Teradici PCoIP flaws impact 15 million endpoints
Critical LFI Vulnerability Reported in Hashnode Blogging Platform
Cyber Crimes In India Witness 572% Increase In Last 3 Years! 14 Lakh Cases In 2021 Recorded By Govt
Cyber defense: Prioritized by real-world threat data
Data Breaches and Cyber Attacks Quarterly Review: Q1 2022
Data democratization leaves enterprises at risk
DuckDuckGo brings is privacy-focused browser to Macs
Ethical Hacker Steals $600,000 Worth of Crypto
E.U. Officials Reportedly Targeted with Israeli Pegasus Spyware
Europol Announces Operation to Hit Russian Sanctions-Evaders
FBI Seizes RaidForums and Arrests Alleged Founder Diogo Santos Coelho
Finding Attack Paths in Cloud Environments
Fox configuration error leads to 13 million users’ data becoming public
Globant confirms major data breach after Lapsus$ leaks source code online
Google want to crack down on pet scams: Here's what to watch out for
How to Manage Patching in Infrastructure to Protect Against Cyber-Attacks?
How to perform cybersecurity market analysis
HubSpot data breach: Hackers compromised employee account, exfiltrated data
Increase in Class Action Lawsuits Following Healthcare Data Incidents
LockBit ransomware gang lurked in a U.S. gov network for months
March 2022’s Most Wanted Malware: Easter Phishing Scams Help Emotet Assert its Dominance
Microsoft's April 2022 Patch Tuesday tackles two zero-day vulnerabilities
NGINX Shares Mitigations for Zero-Day Bug Affecting LDAP Implementation
NSO’s Pegasus Attacks the iPhones of Key EU Officials: Source
Only half of organizations reviewed security policies due to the pandemic: Study
Organizations are better prepared to fight ransomware, but gaps remain
Personal data breach at defunct cryptocurrency trading site AlphaEx
Potential threats to uninterruptible power supply (UPS) devices
Qbot Botnet Deploys Malware Payloads Through Malicious Windows Installers
RaidForums Hacker Marketplace Shut Down in Cross-Border Law Enforcement Operation
RaidForums hacking forum seized by police, owner arrested
Retaliation not on the cards, say analysts, after western cyberattack on Roscosmos
Sandworm hackers fail to take down Ukrainian energy provider
Sandworm hackers tried (and failed) to disrupt Ukraine’s power grid
SiEM: A Complementary Approach to Addressing DDoS
Terrible cloud security is leaving the door open for hackers. Here's what you're doing wrong
The benefits of cyber risk quantification in the modern cybersecurity landscape
The high price of free Wi-Fi: Here's why you never connect to an insecure network
These hackers pretend to poach, recruit rival bank staff in new cyberattacks
This Windows malware aims to steal your social media passwords
Three Best Practices to Prevent Identity Fraud
Time for Florida’s local governments to prepare for cyber attacks | Opinion
Ukrainian power grid 'lucky' to withstand Russian cyber-attack
Ukraine stopped Russian hackers who were trying to attack its power grid
US Government Has Three Weeks to Patch Cyclops Blink Bug
Why managing and securing digital identities is a must
11/04
6 Ways Hackers Are Complicating the War in Ukraine
Accounts deceivable: Email scam costliest type of cybercrime
At small and rural hospitals, ransomware attacks are causing unprecedented crises
Bet you didn’t think that remote workers are vulnerability points, here are 3 ways how
Cybersecurity must be at the forefront of a blockchain project
Cybersecurity: Travel sector in the crosshairs of hackers
Data Privacy: Don’t let the pandemic loosen your guard
Eavesdropping scam: A new scam call tactic
EU Officials Targeted with Pegasus Spyware
Federal Complaints Citing Ransomware Continue to Climb
FIN7 Pen Tester Gets Five Years Behind Bars
Fraudsters Steal £58m in 2021 Via Remote Access Tools
How can UK small businesses protect against cyber threats?
How to achieve better cybersecurity assurances and improve cyber hygiene
How to improve enterprise password security?
Human activated risk still a pain point for organizations
Increased Enterprise Use of iOS, Mac Means More Malware
It’s not a case of if, but when – firms face growing cyber attack threat
More organizations are paying the ransom. Why?
Only 61% Indian firms believe their board truly understands cybersecurity: Survey
Raspberry Pi Ditches Default Logins to Boost Security
Researchers warn of FFDroider and Lightning info-stealers targeting users in the wild
Scammed by a monkey: Inside the dazzling world of NFT heists
Spring4Shell flaw is now being used to spread this botnet malware
Strong multi-factor authentication key to protecting critical infrastructure providers
SummaCare data breach affects 1,100 members
SuperCare Data Breach Involves More Than 300,000 Individuals
This Cybersecurity Report Analysed 35 Billion Transactions and Here Are Its Key Findings
XSS vulnerability patched in Directus data engine platform
Windows Autopatch: Managed enterprise patching for Windows and Office
10/04
7 Cybersecurity Mistakes Your Employees Likely Made Today
Australian Communications and Media Authority (ACMA) moves to shut down SIM-swap scams
Avoid Scams In Mobile Payment Apps — Here’s How
Cyber attacks on Ukraine: Microsoft takes over seven domains
Don't fall for this information-gathering Easter chocolate scam
Facebook owner Meta takes action against cyber threats in some countries
Fake apps are spreading a new Android trojan called Octo Banking
FBI Disrupts Cyclops Blink Botnet Used by Russian Intelligence Directorate
How to protect your email following Ballad Health data breach
Infamous Conti Ransomware Gang Strikes Snap-On Tools
New Android banking malware takes control remotely
Real-time is where the cyber security risk is
Soon, Passwords Might Be Optional. How Will You Protect Yourself In The Future?
Taking cover from cyberattacks
The mysterious Chinese cyber attack against Ukraine on the eve of the invasion
Threatening Redirect Web Service Instills Malicious Campaigns In Over 16,500 Websites
Why hackers are increasingly targeting small businesses - and what they can do about it
YouTube viewers lost $1.6 million in cryptocurrencies in three days on fake streams
Zero trust model: How MSMEs can secure their digital assets